(lively music) >> Good afternoon and welcome back to beautiful Las Vegas, Nevada, where we're here live from the show floor, all four days of AWS re:Invent. I'm Savannah Peterson, joined with my co-host Dave Vellante. Dave, how you doing? >> Good. Beautiful and chilly Las Vegas. Can't wait to get back to New England where it's warm. >> Balmy, New England this time of year in December. Wow, Dave, that's a bold statement. I am super excited about the conversation that we're going to be having next. And, you know, I'm not even going to tee it up. I just want to bring Dilip on. Dilip, thank you so much for being here. How you doing? >> Savannah, Dave, thank you so much. >> Hey, Dilip. >> Excited to be here. >> It's joy to have you. So, you have been working at Amazon for about 20 years. >> Almost. Almost. >> Yes. >> Feels like 20, 19 1/2. >> Which is very exciting. You've had a lot of roles. I'm going to touch on some of them, but you just came over to AWS from the physical retail side. Talk to me about that. >> Yup, so I've been to Amazon for 19 1/2 years. Done pricing, supply chain. I was Jeff Bezos technical advisor for a couple years. >> Casual name drop. >> Casual name drop. >> Savannah: But a couple people here for that name before. >> Humble brag, hashtag. And then I, for the last several years, I was leading our physical retail initiatives. We just walk out Amazon One, bringing convenience to physical spaces. And then in August, with like as those things were getting a lot of traction and we were selling to third parties, we felt that it would be better suited in AWS. And, but along with that, there was also another trend that's been brewing, which is, you know, companies have loved building on AWS. They love the infrastructure services, but increasingly, they're also asking us to build applications that are higher up in the stack. Solving key, turnkey business problems. Just walk out Amazon One or examples of that, Amazon Connect. We just recently announced supply chain, so now there's a bevy interesting services all coming together, higher up in the stack for customers. So it's an exciting time. >> It was interesting that you're able to, you know, transfer from that retail. I mean, normally, in historically, if you're within an industry, retail, manufacturing, automotive whatever. You were kind as locked in a little bit. >> Dilip: Siloed a little bit. Yeah, yeah, yeah. >> Because they had their own, your own value chain. And I guess, data has changed that maybe, that you can traverse now. >> Yeah, if you think about the things that we did, even when we were in retail, the tenants was less about the industries and more about how can we bring convenience to physical spaces? The fact that you don't like to wait in line is no more like likely, you know, five years from now than it is today. So, it's a very durable tenant, but it's equally applicable whether you're in a grocery store, a convenience store, a stadium, an airport. So it actually transcends any, and like supply chain, think of supply chain. Supply chain isn't, you know, targeted to any one particular industry. It has broad applicability. So these things are very, you know, horizontally applicable. >> Anything that makes my life easier, I'm down. >> Savannah: We're all here for the easy button. We've been talking about it a bit this week. I'm in. And the retail store, I mean, I'm in San Francisco. I've had the experience of going through. Very interesting and seamless journey, honestly. It's very exciting. So tell us a little bit more about the applications group at AWS. >> Yup. So as I said, you know, we are, the applications group is a combination of several services. You know, we have communication developer services, which is the ability to add simple email service or video and embed video, voice chat using a chime SDK. In a higher up in the stack, we are taking care of things that IT administrators have to deal with where you can provision an entire desktop with the workspaces or provide a femoral access to it. And then as you go up even higher up in the stack, you have productivity applications like AWS Wicker, which we just did GA, you know, last week in AWS Clean Rooms which we announced as a service in preview. And then you have, you know, Connect, which is our cloud contact center, AWS supply chain. Just walk out Amazon One, it just feels like we're getting started. >> Just a couple things going on. >> So, clean rooms. Part of the governance play, part of data sharing. Can you explain, you know, we were talking offline, but I remember back in the disk drive days. We were in a clean room, they'd show you the clean room, you couldn't go near it unless you had a hazmat suit on. So now you're applying that to data. Explain that concept. >> Yeah, so the companies across, you know, financial services or healthcare, advertising, they all want to be able to combine and pull together data`sets with their partners in order to get these collaborative insights. The problem is either the data's fragmented, it's siloed or you have, you know, data governance issues that's preventing them from sharing. And the key requirement is that they want to be able to share this data without exposing any of the underlying data. Clean rooms are always emerged as a solution to that, but the problem with that is that they're hard to maintain. They're expensive. You have to write complex privacy queries. And if you make a mistake, you risk exposing the same data that you've been, you know, studiously trying to protect. >> Trying to protect. >> You know, take advertising as an industry, as an example. You know, advertisers care about, is my ad effective? But it turns out that if you're an advertiser and let's say you're a Nike or some other advertiser and your pop, you know, you place an ad on the website. Well, you want to stop showing the ad to people who have already purchased the product. However, people who purchased the product,- >> Savannah: It happens all the time. >> that purchasing data is not accessible to them easily. But if you could combine those insights, you know, the publishers benefit, advertisers benefits. So AWS Clean Rooms is that service that allows you very easily to be able to collaborate with a group of folks and then be able to gain these collaborative insights. >> And the consumers benefit. I mean, how many times you bought, you search it. >> It happens all the time. >> They know. And like, I just bought that guys, you know? >> Yeah, no, exactly. >> Four weeks. >> And I'm like, you don't need to serve me that, you know? And we understand the marketing backend. And it's just a waste of money and energy and resources. I mean, we're talking about sustainability as well. I don't think supply chain has ever had a hotter moment than it's had the last two and a half years. Tell me more about the announcement. >> Yup, so super excited about this. As you know, as you said, supply chains have always been very critical and very core for companies. The pandemic exacerbated it. So, ours way of sort of thinking about supply chains is to say that, you know, companies have taken, over the years many, like dozens, like millions and millions of dollars of investment in building their own supply chains. But the problem with supply chains is that the reason that they're not as functional as they could be is because of the lack of visibility. Because they're strung together very many disparate systems, that lack of visibility affects agility. And so, our approach in it was to say that, well, if we could have folks use their existing supply chain what can we do to improve the investment on the ROI of what they're getting? By creating a layer on top of it, that provides them that insights, connects all of these disparate data and then provides them insights to say, well, you know, here's where you overstock, here's where you under stock. You know, this is the, you know, the carbon emission impact of being able to transfer something. So like rather without requiring people to re-platform, what's the way that we can add value in it? And then also build upon Amazon's, you know, years of supply chain experience, to be able to build these predictive analytics for customers. >> So, that's a good, I like that you started with the why. >> Yes. >> Right now, what is it? It's an abstraction layer and then you're connecting into different data points. >> Yes, that's correct. >> Injecting ML. >> Feel like you can pick in, like if you think about supply chain, you can have warehouse management systems, order management systems. It could be in disparate things. We use ML to be able to bring all of this disparate data in and create our unified data lake. Once you have that unified data lake, you can then run an insights layer on top of it to be able to say, so that as the data changes, supply chain is not a static thing. Data's constantly changing. As the data's changing, the data lake now reflects the most up-to-date information. You can have alerts and insights set up on it to say that, what are the kinds of things that you're interested in? And then more importantly, supply chain and agility is about communication. In order to be able to make certain things happen, you need to be able to communicate, you need to make sure that everyone's on the same page. And we allow for a lot of the communication and collaboration tools to be built within this platform so that you're not necessarily leaving to go and toggle from one place to the other to solve your problems. >> And in the pie chart of how people spend their time, they're spending a lot less time communicating and being proactive. >> That's correct. >> And getting ahead of the curve. They're spending more time trying to figure out actually what's going on. >> Yes. >> And that's the problem that you're going to solve. >> Well, and it ensures that the customer at the other end of that supply chain experience is going to have their expectations managed in terms of when their good might get there or whatever's going to happen. >> Exactly. >> I feel like that expectation management has been such a big part of it. Okay, I just have to ask because I'm very curious. What was it like advising Jeff? >> Quite possibly the best job that I've ever had. You know, he's a fascinating individual. >> Did he pay you to say that? >> Nope. But I would've, like, I would've done it for like, it's remarkable seeing how he thinks and his approach to problem solving. It is, you know, you could be really tactical and go very deep. You could be extremely strategic. And to be able to sort of move effortlessly between those two is a unique skill. I learned a lot. >> Yeah, absolutely. So what made you want to evolve your career at Amazon after that? 'Cause I see on your LinkedIn, you say, it was the best job you ever had. With curiosity? >> Yeah, so one of the things, so the role is designed for you to be able to transition to something new. >> Savannah: Oh, cool. >> So after I finished that role, we were just getting into our foray with physical stores. And the idea between physical stores is that, you and I as consumers, we all have a lot of choices for physical stores. You know, there's a lot of options, there's a lot of formats. And so the last thing we wanted to do is come up with another me too offering. So, our approach was that what can we do to improve convenience in physical stores? That's what resulted in just walk out to Amazon Go. That's what resulted in Amazon One, which is another in a fast, convenient, contactless way to pay using the power of your palm. And now, what started in Amazon retail is now expanded to several third parties in, you know, stadiums, convention centers, airports. >> Airport, I just had, was in the Houston airport and got to do a humanless checkout. >> Dilip: Exactly. >> And actually in Honolulu a couple weeks ago as well too. Yeah, so we're going to see more and more of this. >> Yes. >> So what Amazon, I think has over a million employees. A lot of those are warehouse employees. But what advice would you give to somebody who's somewhere inside of Amazon, maybe they're on AWS, maybe they're Amazon. What advice would you give somebody inside that's maybe, you know, hey, I've been at this job for five, six years, three, four years, whatever it is. I want to do something else. And there's so much opportunity inside Amazon, right? What would you advise them? >> My single advice, which is actually transferable and I use it for myself is choose something that makes you a little uncomfortable. >> Dave: Get out of your comfort zone. >> It's like, you got to do that. It's like, it's not the easiest thing to hear, but it's also the most satisfying. Because almost every single time that I've done it for myself, it's resulted in like, you don't really know what the answer is. You don't really know exactly where you're going to end up, but the process and the journey through it, if you experience a little bit of discomfort constantly, it makes you non complacent. It makes you sort of not take the job, sort of in a stride. You have to be on it to do it. So that's the advice that I would give anyone. >> Yeah, that's good. So something that's maybe adjacent and maybe not completely foreign to you, but also something that, you know, you got to go dig a little bit and learn. >> You're planning a career change over here, Dave? >> No, I know a lot of people in Amazon are like, hey, I'm trying to figure out what I want to do next. I mean, I love it here. I live by the LPS, you know, but, and there's so much to choose from. >> It is, you know, when I joined in 2003, there were so many things that we were sort of doing today. None of those existed. It's a fascinating company. And the evolution, you could be in 20 different places and the breadth of the kinds of things that, you know, the Amazon experience provides is timeless. It's fascinating. >> And, you know, you look at a company like Amazon, and, you know, it's so amazing. You look at this ecosystem. I've been around- >> Even a show floor. >> I've been around a lot of time. And the show floor says it all. But I've seen a lot of, you know, waves. And each subsequent wave, you know, we always talk about how many companies were in the Fortune 1000 and aren't anymore. And, but the leaders, you know, survive and they thrive. And I think it's fascinating to try to better understand the culture that enables that. You know, you look at a company like Microsoft that was irrelevant and then came back. You know, even IBM was on death store for a while and they come back and so they. And so, but Amazon just feels, you know, at the moment you feel like, "Oh wow, nothing can stop this machine." 'Cause everybody's trying to disrupt Amazon and then, you know, only the paranoid survive, all that stuff. But it's not like, past is not prologue, all right? So that's why I asked these questions. And you just said that a lot of the services today that although the ideas didn't even exist, I mean, walkout. I mean, that's just amazing. >> I think one of the things that Amazon does really well culturally is that they create the single threaded leadership. They give people focus. If you have to get something done, you have to give people focus. You can't distract them with like seven different things and then say that, oh, by the way, your eighth job is to innovate. It just doesn't work that way. It's like it's hard. Like it can be- >> And where were the energy come from that? >> Exactly. And so giving people that single threaded focus is super important. >> Frank Slootman, the CEO of Snowflake, has a great quote. He wrote on his book. He said, "If you got 14 priorities, you got none." And he asks,- >> Well said. >> he challenges people. If you had to give up everything and do only one thing for the next 365 days, what would that be? It's a really hard question to answer. >> I feel like as we're around New Year's resolution times. I mean when we thinking about that, maybe we can all share our one thing. So, Dilip, you've been with the the applications team for five months. What's coming up next? >> Well, as I said, you know, it feels like it's still day one for applications. If you think about the things, the news that we introduced and the several services that we introduced, it has applicability across a variety of horizontal industries. But then we're also feeling that there's considerable vertical applications that can be built for specific things. Like, it could be in advertising, it could be in financial services, it could be in manufacturing. The opportunities are endless. I think the notion of people wanting applications higher up in the stack and a little more turnkey solutions is also, it's not new for us, but it's also new and creative too. You know, AWS has traditionally been doing. >> So again, this relates to what we were sort of talking about before. And maybe, this came from Jazzy or maybe it came from Bezos. But you hear a lot, it's okay to be misunderstood or if we were misunderstood for a long time. So when people hear up the stack, they think, when you think about apps, you know, in the last 10 years it was taking on-prem and bringing it into the cloud. Okay, you saw that with CREM, email, CRM, service management, you know, data warehouses, et cetera. Amazon is thinking about this in a different way. It's like you're looking at the world saying, okay, how can we improve whatever? Workflows, people's lives, doing something that's not been done before? And that seems to be the kind of applications that you guys are thinking about building. >> Yeah. >> And that's unique. It's not just, okay, we're going to take something on-prem put it in the cloud. Been there, done that. That S-curve is sort of flattening now. But there's a new S-curve which is completely new workflows and innovations and processes that we really haven't thought about yet. Or you're thinking about, I presume. >> Yeah. Having said that, I'd also like to sort of remind folks that when you consider the, you know, the entire spend, the portion of workloads that are running in the cloud is a teeny tiny fraction. It's like less than 5%, like 4% or something like that. So it's a very, there's still plenty of things that can sort of move to the cloud. But you're right that there is another trend of where in the stack and the types of applications that you can provide as well. >> Yeah, new innovation that haven't well thought of yet. >> So, Dilip, we have a new tradition here on theCUBE at re:Invent. Where we're looking for your 30 minute Instagram reel, your hot take, biggest key theme, either for you, your team, or just general vibe from the show. >> General vibe from the show. Well, 19 1/2 years at Amazon, this is actually my first re:Invent, believe it or not. This is my, as a AWS employee now, as re:Invent with like launching services. So that's the first. I've been to re:Invent before, but as an attendee rather than as a person who's, you know, a contributing number of the workforce. >> Working actually? >> If you will. >> Actually doing your job. >> And so I'm just amazed at the energy and the breadth. And the, you know, from the partners to the customers to the diversity of people who are coming here from everywhere. I had meetings from people in New Zealand. Like, you know, the UK, like customers are coming at us from like very many different places. And it's fascinating for me to see. It's new for me as well given, you know, some of my past experience. But this is a, it's been a blast. >> People are pumped. >> People are pumped. >> They can't believe the booth traffic. Not only that quality. >> Right. All of our guests have talked about that. >> Like, yeah, you know, we're going to throw half of these leads away, but they're saying no, I'm having like really substantive conversations with business people. This is, I think, my 10th re:Invent. And the first one was mostly developers. And I'm like, what are you talking about? And, you know, so. Now it's a lot more business people, a lot of developers too. >> Yeah. >> It's just. >> The community really makes it. Dilip, thank you so much for joining us today on theCube. >> Thank you for having me. >> You're fantastic. I could ask you a million questions. Be sure and tell Jeff that we said hi. >> Will do. >> Savannah: Next time you guys are hanging out. And thank all of you. >> You want to go into space? >> Yeah. Yes, yes, absolutely. I'm perhaps the most space obsessed on the show. And with that, we will continue our out of this world coverage shortly from fabulous Las Vegas where we are at AWS re:Invent. It is day four with Dave Vellante. I'm Savannah Peterson and you're watching theCUBE, the leader in high tech coverage. (lively music)

(upbeat music) >> Hello, welcome back to theCUBE's AWS RE:Invent 2022 Coverage. I'm John Furrier, host of theCUBE. Got a great lineup here, Itamar Ankorion SVP Technology Alliance at Qlik and Peter McDonald, vice President, cloud partnerships and business development Snowflake. We're going to talk about bringing SAP data to life, for joint Snowflake, Qlik and AWS Solution. Gentlemen, thanks for coming on theCUBE Really appreciate it. >> Thank you. >> Thank you, great meeting you John. >> Just to get started, introduce yourselves to the audience, then going to jump into what you guys are doing together, unique relationship here, really compelling solution in cloud. Big story about applications and scale this year. Let's introduce yourselves. Peter, we'll start with you. >> Great. I'm Peter MacDonald. I am vice president of Cloud Partners and business development here at Snowflake. On the Cloud Partner side, that means I manage AWS relationship along with Microsoft and Google Cloud. What we do together in terms of complimentary products, GTM, co-selling, things like that. Importantly, working with other third parties like Qlik for joint solutions. On business development, it's negotiating custom commercial partnerships, large companies like Salesforce and Dell, smaller companies at most for our venture portfolio. >> Thanks Peter and hi John. It's great to be back here. So I'm Itamar Ankorion and I'm the senior vice president responsible for technology alliances here at Qlik. With that, own strategic alliances, including our key partners in the cloud, including Snowflake and AWS. I've been in the data and analytics enterprise software market for 20 plus years, and my main focus is product management, marketing, alliances, and business development. I joined Qlik about three and a half years ago through the acquisition of Attunity, which is now the foundation for Qlik data integration. So again, we focus in my team on creating joint solution alignment with our key partners to provide more value to our customers. >> Great to have both you guys, senior executives in the industry on theCUBE here, talking about data, obviously bringing SAP data to life is the theme of this segment, but this reinvent, it's all about the data, big data end-to-end story, a lot about data being intrinsic as the CEO says on stage around in the organizations in all aspects. Take a minute to explain what you guys are doing as from a company standpoint. Snowflake and Qlik and the solutions, why here at AWS? Peter, we'll start with you at Snowflake, what you guys do as a company, your mission, your focus. >> That was great, John. Yeah, so here at Snowflake, we focus on the data platform and until recently, data platforms required expensive on-prem hardware appliances. And despite all that expense, customers had capacity constraints, inexpensive maintenance, and had limited functionality that all impeded these organizations from reaching their goals. Snowflake is a cloud native SaaS platform, and we've become so successful because we've addressed these pain points and have other new special features. For example, securely sharing data across both the organization and the value chain without copying the data, support for new data types such as JSON and structured data, and also advance in database data governance. Snowflake integrates with complimentary AWS services and other partner products. So we can enable holistic solutions that include, for example, here, both Qlik and AWS SageMaker, and comprehend and bring those to joint customers. Our customers want to convert data into insights along with advanced analytics platforms in AI. That is how they make holistic data-driven solutions that will give them competitive advantage. With Snowflake, our approach is to focus on customer solutions that leverage data from existing systems such as SAP, wherever they are in the cloud or on-premise. And to do this, we leverage partners like Qlik native US to help customers transform their businesses. We provide customers with a premier data analytics platform as a result. Itamar, why don't you talk about Qlik a little bit and then we can dive into the specific SAP solution here and some trends >> Sounds great, Peter. So Qlik provides modern data integration and analytics software used by over 38,000 customers worldwide. Our focus is to help our customers turn data into value and help them close the gap between data all the way through insight and action. We offer click data integration and click data analytics. Click data integration helps to automate the data pipelines to deliver data to where they want to use them in real-time and make the data ready for analytics and then Qlik data analytics is a robust platform for analytics and business intelligence has been a leader in the Gartner Magic Quadrant for over 11 years now in the market. And both of these come together into what we call Qlik Cloud, which is our SaaS based platform. So providing a more seamless way to consume all these services and accelerate time to value with customer solutions. In terms of partnerships, both Snowflake and AWS are very strategic to us here at Qlik, so we have very comprehensive investment to ensure strong joint value proposition to we can bring to our mutual customers, everything from aligning our roadmaps through optimizing and validating integrations, collaborating on best practices, packaging joint solutions like the one we'll talk about today. And with that investment, we are an elite level, top level partner with Snowflake. We fly that our technology is Snowflake-ready across the entire product set and we have hundreds of joint customers together and with AWS we've also partnered for a long time. We're here to reinvent. We've been here with the first reinvent since the inaugural one, so it kind of gives you an idea for how long we've been working with AWS. We provide very comprehensive integration with AWS data analytics services, and we have several competencies ranging from data analytics to migration and modernization. So that's our focus and again, we're excited about working with Snowflake and AWS to bring solutions together to market. >> Well, I'm looking forward to unpacking the solutions specifically, and congratulations on the continued success of both your companies. We've been following them obviously for a very long time and seeing the platform evolve beyond just SaaS and a lot more going on in cloud these days, kind of next generation emerging. You know, we're seeing a lot of macro trends that are going to be powering some of the things we're going to get into real quickly. But before we get into the solution, what are some of those power dynamics in the industry that you're seeing in trends specifically that are impacting your customers that are taking us down this road of getting more out of the data and specifically the SAP, but in general trends and dynamics. What are you hearing from your customers? Why do they care? Why are they going down this road? Peter, we'll start with you. >> Yeah, I'll go ahead and start. Thanks. Yeah, I'd say we continue to see customers being, being very eager to transform their businesses and they know they need to leverage technology and data to do so. They're also increasingly depending upon the cloud to bring that agility, that elasticity, new functionality necessary to react in real-time to every evolving customer needs. You look at what's happened over the last three years, and boy, the macro environment customers, it's all changing so fast. With our partnerships with AWS and Qlik, we've been able to bring to market innovative solutions like the one we're announcing today that spans all three companies. It provides a holistic solution and an integrated solution for our customer. >> Itamar let's get into it, you've been with theCUBE, you've seen the journey, you have your own journey, many, many years, you've seen the waves. What's going on now? I mean, what's the big wave? What's the dynamic powering this trend? >> Yeah, in a nutshell I'll call it, it's all about time. You know, it's time to value and it's about real-time data. I'll kind of talk about that a bit. So, I mean, you hear a lot about the data being the new oil, but it's definitely, we see more and more customers seeing data as their critical enabler for innovation and digital transformation. They look for ways to monetize data. They look as the data as the way in which they can innovate and bring different value to the customers. So we see customers want to use more data so to get more value from data. We definitely see them wanting to do it faster, right, than before. And we definitely see them looking for agility and automation as ways to accelerate time to value, and also reduce overall costs. I did mention real-time data, so we definitely see more and more customers, they want to be able to act and make decisions based on fresh data. So yesterday's data is just not good enough. >> John: Yeah. >> It's got to be down to the hour, down to the minutes and sometimes even lower than that. And then I think we're also seeing customers look to their core business systems where they have a lot of value, like the SAP, like mainframe and thinking, okay, our core data is there, how can we get more value from this data? So that's key things we see all the time with customers. >> Yeah, we did a big editorial segment this year on, we called data as code. Data as code is kind of a riff on infrastructure as code and you start to see data becoming proliferating into all aspects, fresh data. It's not just where you store it, it's how you share it, it's how you turn it into an application intrinsically involved in all aspects. This is the big theme this year and that's driving all the conversations here at RE:Invent. And I'm guaranteeing you, it's going to happen for another five and 10 years. It's not stopping. So I got to get into the solution, you guys mentioned SAP and you've announced the solution by Qlik, Snowflake and AWS for your customers using SAP. Can you share more about this solution? What's unique about it? Why is it important and why now? Peter, Itamar, we'll start with you first. >> Let me jump in, this is really, I'll jump because I'm excited. We're very excited about this solution and it's also a solution by the way and again, we've seen proven customer success with it. So to your point, it's ready to scale, it's starting, I think we're going to see a lot of companies doing this over the next few years. But before we jump to the solution, let me maybe take a few minutes just to clarify the need, why we're seeing, why we're seeing customers jump to do this. So customers that use SAP, they use it to manage the core of their business. So think order processing, management, finance, inventory, supply chain, and so much more. So if you're running SAP in your company, that data creates a great opportunity for you to drive innovation and modernization. So what we see customers want to do, they want to do more with their data and more means they want to take SAP with non-SAP data and use it together to drive new insights. They want to use real-time data to drive real-time analytics, which they couldn't do to date. They want to bring together descriptive with predictive analytics. So adding machine learning in AI to drive more value from the data. And naturally they want to do it faster. So find ways to iterate faster on their solutions, have freedom with the data and agility. And I think this is really where cloud data platforms like Snowflake and AWS, you know, bring that value to be able to drive that. Now to do that you need to unlock the SAP data, which is a lot of also where Qlik comes in because typical challenges these customers run into is the complexity, inherent in SAP data. Tens of thousands of tables, proprietary formats, complex data models, licensing restrictions, and more than, you have performance issues, they usually run into how do we handle the throughput, the volumes while maintaining lower latency and impact. Where do we find knowledge to really understand how to get all this done? So these are the things we've looked at when we came together to create a solution and make it unique. So when you think about its uniqueness, because we put together a lot, and I'll go through three, four key things that come together to make this unique. First is about data delivery. How do you have the SAP data delivery? So how do you get it from ECC, from HANA from S/4HANA, how do you deliver the data and the metadata and how that integration well into Snowflake. And what we've done is we've focused a lot on optimizing that process and the continuous ingestion, so the real-time ingestion of the data in a way that works really well with the Snowflake system, data cloud. Second thing is we looked at SAP data transformation, so once the data arrives at Snowflake, how do we turn it into being analytics ready? So that's where data transformation and data worth automation come in. And these are all elements of this solution. So creating derivative datasets, creating data marts, and all of that is done by again, creating an optimized integration that pushes down SQL based transformations, so they can be processed inside Snowflake, leveraging its powerful engine. And then the third element is bringing together data visualization analytics that can also take all the data now that in organizing inside Snowflake, bring other data in, bring machine learning from SageMaker, and then you go to create a seamless integration to bring analytic applications to life. So these are all things we put together in the solution. And maybe the last point is we actually took the next step with this and we created something we refer to as solution accelerators, which we're really, really keen about. Think about this as prepackaged templates for common business analytic needs like order to cash, finance, inventory. And we can either dig into that a little more later, but this gets the next level of value to the customers all built into this joint solution. >> Yeah, I want to get to the accelerators, but real quick, Peter, your reaction to the solution, what's unique about it? And obviously Snowflake, we've been seeing the progression data applications, more developers developing on top of Snowflake, data as code kind of implies developer ecosystem. This is kind of interesting. I mean, you got partnering with Qlik and AWS, it's kind of a developer-like thinking real solution. What's unique about this SAP solution that's, that's different than what customers can get anywhere else or not? >> Yeah, well listen, I think first of all, you have to start with the idea of the solution. This are three companies coming together to build a holistic solution that is all about, you know, creating a great opportunity to turn SAP data into value this is Itamar was talking about, that's really what we're talking about here and there's a lot of technology underneath it. I'll talk more about the Snowflake technology, what's involved here, and then cover some of the AWS pieces as well. But you know, we're focusing on getting that value out and accelerating time to value for our joint customers. As Itamar was saying, you know, there's a lot of complexity with the SAP data and a lot of value there. How can we manage that in a prepackaged way, bringing together best of breed solutions with proven capabilities and bringing this to market quickly for our joint customers. You know, Snowflake and AWS have been strong partners for a number of years now, and that's not only on how Snowflake runs on top of AWS, but also how we integrate with their complementary analytics and then all products. And so, you know, we want to be able to leverage those in addition to what Qlik is bringing in terms of the data transformations, bringing data out of SAP in the visualization as well. All very critical. And then we want to bring in the predictive analytics, AWS brings and what Sage brings. We'll talk about that a little bit later on. Some of the technologies that we're leveraging are some of our latest cutting edge technologies that really make things easier for both our partners and our customers. For example, Qlik leverages Snowflakes recently released Snowpark for Python functionality to push down those data transformations from clicking the Snowflake that Itamar's mentioning. And while we also leverage Snowpark for integrations with Amazon SageMaker, but there's a lot of great new technology that just makes this easy and compelling for customers. >> I think that's the big word, easy button here for what may look like a complex kind of integration, kind of turnkey, really, really compelling example of the modern era we're living in, as we always say in theCUBE. You mentioned accelerators, SAP accelerators. Can you give an example of how that works with the technology from the third party providers to deliver this business value Itamar, 'cause that was an interesting comment. What's the example? Give an example of this acceleration. >> Yes, certainly. I think this is something that really makes this truly, truly unique in the industry and again, a great opportunity for customers. So we kind talked earlier about there's a lot of things that need to be done with SP data to turn it to value. And these accelerator, as the name suggests, are designed to do just that, to kind of jumpstart the process and reduce the time and the risk involved in such project. So again, these are pre-packaged templates. We basically took a lot of knowledge, and a lot of configurations, best practices about to get things done and we put 'em together. So think about all the steps, it includes things like data extraction, so already knowing which tables, all the relevant tables that you need to get data from in the contexts of the solution you're looking for, say like order to cash, we'll get back to that one. How do you continuously deliver that data into Snowflake in an in efficient manner, handling things like data type mappings, metadata naming conventions and transformations. The data models you build all the way to data mart definitions and all the transformations that the data needs to go through moving through steps until it's fully analytics ready. And then on top of that, even adding a library of comprehensive analytic dashboards and integrations through machine learning and AI and put all of that in a way that's in pre-integrated and tested to work with Snowflake and AWS. So this is where again, you get this entire recipe that's ready. So take for example, I think I mentioned order to cash. So again, all these things I just talked about, I mean, for those who are not familiar, I mean order to cash is a critical business process for every organization. So especially if you're in retail, manufacturing, enterprise, it's a big... This is where, you know, starting with booking a sales order, following by fulfilling the order, billing the customer, then managing the accounts receivable when the customer actually pays, right? So this all process, you got sales order fulfillment and the billing impacts customer satisfaction, you got receivable payments, you know, the impact's working capital, cash liquidity. So again, as a result this order to cash process is a lifeblood for many businesses and it's critical to optimize and understand. So the solution accelerator we created specifically for order to cash takes care of understanding all these aspects and the data that needs to come with it. So everything we outline before to make the data available in Snowflake in a way that's really useful for downstream analytics, along with dashboards that are already common for that, for that use case. So again, this enables customers to gain real-time visibility into their sales orders, fulfillment, accounts receivable performance. That's what the Excel's are all about. And very similarly, we have another one for example, for finance analytics, right? So this will optimize financial data reporting, helps customers get insights into P&L, financial risk of stability or inventory analytics that helps with, you know, improve planning and inventory management, utilization, increased efficiencies, you know, so in supply chain. So again, these accelerators really help customers get a jumpstart and move faster with their solutions. >> Peter, this is the easy button we just talked about, getting things going, you know, get the ball rolling, get some acceleration. Big part of this are the three companies coming together doing this. >> Yeah, and to build on what Itamar just said that the SAP data obviously has tremendous value. Those sales orders, distribution data, financial data, bringing that into Snowflake makes it easily accessible, but also it enables it to be combined with other data too, is one of the things that Snowflake does so well. So you can get a full view of the end-to-end process and the business overall. You know, for example, I'll just take one, you know, one example that, that may not come to mind right away, but you know, looking at the impact of weather conditions on supply chain logistics is relevant and material and have interest to our customers. How do you bring those different data sets together in an easy way, bringing the data out of SAP, bringing maybe other data out of other systems through Qlik or through Snowflake, directly bringing data in from our data marketplace and bring that all together to make it work. You know, fundamentally organizational silos and the data fragmentation exist otherwise make it really difficult to drive modern analytics projects. And that in turn limits the value that our customers are getting from SAP data and these other data sets. We want to enable that and unleash. >> Yeah, time for value. This is great stuff. Itamar final question, you know, what are customers using this? What do you have? I'm sure you have customers examples already using the solution. Can you share kind of what these examples look like in the use cases and the value? >> Oh yeah, absolutely. Thank you. Happy to. We have customers across different, different sectors. You see manufacturing, retail, energy, oil and gas, CPG. So again, customers in those segments, typically sectors typically have SAP. So we have customers in all of them. A great example is like Siemens Energy. Siemens Energy is a global provider of gas par services. You know, over what, 28 billion, 30 billion in revenue. 90,000 employees. They operate globally in over 90 countries. So they've used SAP HANA as a core system, so it's running on premises, multiple locations around the world. And what they were looking for is a way to bring all these data together so they can innovate with it. And the thing is, Peter mentioned earlier, not just the SAP data, but also bring other data from other systems to bring it together for more value. That includes finance data, these logistics data, these customer CRM data. So they bring data from over 20 different SAP systems. Okay, with Qlik data integration, feeding that into Snowflake in under 20 minutes, 24/7, 365, you know, days a year. Okay, they get data from over 20,000 tables, you know, over million, hundreds of millions of records daily going in. So it is a great example of the type of scale, scalability, agility and speed that they can get to drive these kind of innovation. So that's a great example with Siemens. You know, another one comes to mind is a global manufacturer. Very similar scenario, but you know, they're using it for real-time executive reporting. So it's more like feasibility to the production data as well as for financial analytics. So think, think, think about everything from audit to texts to innovate financial intelligence because all the data's coming from SAP. >> It's a great time to be in the data business again. It keeps getting better and better. There's more data coming. It's not stopping, you know, it's growing so fast, it keeps coming. Every year, it's the same story, Peter. It's like, doesn't stop coming. As we wrap up here, let's just get customers some information on how to get started. I mean, obviously you're starting to see the accelerators, it's a great program there. What a great partnership between the two companies and AWS. How can customers get started to learn about the solution and take advantage of it, getting more out of their SAP data, Peter? >> Yeah, I think the first place to go to is talk to Snowflake, talk to AWS, talk to our account executives that are assigned to your account. Reach out to them and they will be able to educate you on the solution. We have packages up very nicely and can be deployed very, very quickly. >> Well gentlemen, thank you so much for coming on. Appreciate the conversation. Great overview of the partnership between, you know, Snowflake and Qlik and AWS on a joint solution. You know, getting more out of the SAP data. It's really kind of a key, key solution, bringing SAP data to life. Thanks for coming on theCUBE. Appreciate it. >> Thank you. >> Thank you John. >> Okay, this is theCUBE coverage here at RE:Invent 2022. I'm John Furrier, your host of theCUBE. Thanks for watching. (upbeat music)

>>Hey everyone, and welcome back to The Cube's live coverage of AWS Reinvented 2022 Live from the Venetian Expo in Las Vegas. We're happy to be back. This is first full day of coverage over here last night. We've got three full days of coverage in addition to last night, and there's about 50,000 people here. This event is ready, people are ready to be back, which is so exciting. Lisa Martin here with Paul Gill and Paul, it's great to be back in person. Great to be hosting with you >>And likewise with you, Lisa. I think the first time we hosted again, >>It is our first time exactly. >>And we come here to the biggest event that the cube ever does during the year. >>It's the Super Bowl of the >>Cube. It's it's elbow to elbow out there. It's, it's, it's full tackle football, totally on the, on the floor of reinvent. And very exciting. This, you know, I've been to a lot of conferences going back 40 years, long as I can remember. Been going to tech conferences. This one, the, the intensity, the excitement around this is really unusual. People are jazzed, they're excited to be here, and that's great to see, particularly coming back from two years of isolation. >>Absolutely. The energy is so palpable. Even yesterday, evening, afternoon when I was walking in, you just feel it with all the people here. You know, we talk to so many different companies on the Q Paul. Every company these days has to be a data company. The most important thing about data is making sure that it's backed up and it's protected, that it's secure, that it can be recovered if anything happens. So we're gonna be having a great conversation next about data resiliency with one of our alumni. >>And that would be Rick Scott, Rick, excuse me, Rick Scott, >>Rick Clark. Rick Clark, say Rick Scott, cloud sales Veritas. Rick, welcome back >>To the program. Thank you. Thank you so much. It's a pleasure being here, you know, thank you so much. You're definitely very excited to myself and 40,000 of my closest cousins and friends all in one place. Yep. Or I could possibly go wrong, right? So >>Yeah, absolutely nothing. So, Rick, so Veritas has made some exciting announcements. Talk to us about some of the new things that you've >>Unveiled. Yeah, we've been, we've been incredibly busy and, you know, the journey that we've been on, one of the big announcement that we made about three or four weeks ago is the introduction, really, of a brand new cloud native data management platform that we call Veritas Alta. And this is a journey that we've been on for the better part of seven years. We actually started it with our, our flex appliances. We continued, that was a containerization of our traditional net backup business in, into a highly secured appliance that was loved by our customers. And we continued that theme and that investment into what we call a scale out and scale up form factor appliance as well, what we called flex scale. And then we continued on that investment theme, basically spending over a billion dollars over that seven year journey in our cloud native. And we call that basically the Veritas altar platform with our cloud native platform. And I think if you really look at what that is, it truly is a data management platform. And I emphasize the term cloud native. And so our traditional technologies around data protection, obviously application resiliency and digital compliance or data compliance and governance. We are the only, the first and only company in the world to provide really a cloud optimized, cloud native platform, really, that addresses that. So it's been fun, it's been a fun journey. >>Talk a little bit about the customer experience. I see over 85% of the Fortune 100 trust Veritas with their data management. That's >>A big number. Yeah. Yeah. It's, it is incredible actually. And it really comes back to the Veritas older platform. We sort of built that with, with four tenants in mind, all driving back to this very similar to AWS's customer obsession. Everything we do each and every day of our waiting moments is a Veritas employee is really surrounds the customer. So it starts with the customer experience on how do they find us to, how do they procure our solutions through things like AWS marketplace and how do they deploy it? And the second thing is around really cost optimization, as we know, you know, to, to say that companies are going through a digital transformation and moving workloads to the cloud. I mean, I've got customers that literally were 20% in cloud a year ago and 80% a year later, we've never seen that kind of velocity. >>And so we've doubled down on this notion of cost optimization. You can only do that with these huge investments that I talked about. And so we're a very profitable company. We've been around, got a great heritage of over 30 years, and we've really taken those investments in r and d to provide that sort of cloud native technology to ultimately make it elastic. And so everything from will spin up and spin down services to optimize the cloud bill for our customers, but we'll also provide the greatest workload support. You know, obviously on-prem workloads are very different from cloud workloads and it's almost like turning the clock back 20 years to see all of those new systems. There's no standard API like s and MP on the network. And so we have to talk to every single PAs service, every single DB PAs, and we capture that information and protect it. So it's really has been a phenomenal journey. It's been great. >>You said this, that that al represents a shift from clouds from flex scale to cloud native. What is the difference there? >>The, the main difference really is we took, you know, obviously our traditional product that you've known for many media years, net backup. It's got, you know, tens of millions of lines of code in that. And we knew if we lifted and shifted it up into the cloud, into an I AEs infrastructure, it's just not, it obviously would perform extremely well, but it wasn't cost optimized for our customer. It was too expensive to to run. And so what we did is we rewrote with microservices and containerization, Kubernetes huge parts of that particular product to really optimize it for the cloud. And not only have we done it for that technology, what we now call alter data protection, but we've done it across our entire port portfolio. That was really the main change that we made as part of this particular transition. And >>What have you done to prepare customers for that shift? Is this gonna be a, a drop in simple upgrade for them? >>Absolutely. Yeah. In fact, one of the things that we introduced is we, we invest still very heavily with regards to our OnPrem solutions. We're certainly not abandoning, we're still innovating. There's a lot of data still OnPrem that needs to move to the cloud. And so we have a unique advantage of all of the different workload supports that we provide OnPrem. We continue that expansion into the cloud. So we, we create it as part of the Veritas AL Vision, a technology, we call it AL view. So it's a single painter glass across both OnPrem and cloud for our customers. And so now they can actually see all of their data protection, all our application availability, single collect, all through that single unified interface, which is really game changing in the industry for us. >>It's game changing for customers too, because customers have what generally six to seven different backup technologies in their environment that they're having to individually manage and provision. So the, the workforce productivity improvements I can imagine are, are huge with Veritas. >>Yeah. You you nailed it, right? You must have seen my script, but Absolutely. I mean, I look at the analogy of, you think about the airlines, what's one of the first things airlines do with efficiency? South Southwest Airlines was the best example, a standardized on the 7 37, right? And so all of their pilots, all of their mechanics, all know how to operate the 7 37. So we are doing the same thing with enterprise data protection. So whether you're OnPrem at the edge or in the cloud or even multi-cloud, we can provide that single painter glass. We've done it for our customers for 30 plus years. We'll continue to do it for another 30 something years. And so it's really the first time with Veritas altar that, that we're, we're coming out with something that we've invested for so long and put, put such a huge investment on that can create those changes and that compelling solution for our customers. So as you can see, we're pretty pumped and excited about it. >>Yes, I can >>Use the term data management to describe Alta, and I want to ask about that term because I hear it a lot these days. Data management used to be database, now data management is being applied to all kinds of different functions across the spectrum. How do you define data management in Veritas >>Perspective? Yeah, there's a, we, we see it as really three main pillars across the environment. So one is protection, and we'll talk a little bit about this notion of ransomware is probably the number one use case. So the ability to take the most complex and the biggest, most vast applications. SAP is an example with hundreds of different moving parts to it and being able to protect that. The second is application resiliency. If, if you look at the cloud, there's this notion of, of responsibility, shared responsibility in the cloud. You've heard it, right? Yep. Every single one of the cloud service providers, certainly AWS has up on their website, this is what we protect, here's the demarcation line, the line in the sand, and you, the customer are responsible for that other level. And so we've had a technology, you previously knew it as InfoScale, we now call it alter application resiliency. >>And it can provide availability zone to availability zone, real time replication, high availability of your mission critical applications, right? So not only do we do the traditional backups, but we can also provide application resiliency for mission critical. And then the third thing really from a data management standpoint is all around governance and compliance. You know, ac a lot of our customers need to keep data for five, 10 years or forever. They're audited. There's regulations and different geographies around the world. And, and those regulations require them to be able to really take control of their cloud, take control of their data. And so we have a whole portfolio of solutions under that data compliance, data government. So back to your, your question Paul, it's really the integration and the intersection of those three main pillars. We're not a one trick pony. We've been at this for a long time, and they're not just new products that we invented a couple of months ago and brought to market. They're tried and tested with eight 80,000 customers and the most complex early solutions on the planet that we've been supporting. >>I gotta ask you, you know, we talked about those three pillars and you talked about the shared responsibility model. And think of that where you mentioned aws, Salesforce, Microsoft 365, Google workspace, whatnot. Are you finding that most customers aren't aware of that and haven't been protecting those workloads and then come to you and saying, Hey guys, guess what, this is what this is what they're responsible for. The data is >>You Yeah, I, it's, it's our probably biggest challenge is, is one of awareness, you know, with the cloud, I mean, how many times have you spoken to someone? You just put it in the cloud. Your applications, like the cloud providers like aws, they'll protect everything. Nothing will ever go down. And it's kind like if you, unless your house was ever broken into, you're probably not gonna install that burglar alarm or that fire alarm, right? Hopefully that won't be an event that you guys have to suffer through. So yeah, it's definitely, it wasn't till the last year or so the cloud service providers really published jointly as to where is their responsibility, right? So a great example is an attack vector for a lot of corporations is their SAS applications. So, you know, whether it it's your traditional SA applications that is available that's available on the web to their customers as a sas. >>And so it's certainly available to the bad actors. They're gonna, where there's, there's gonna be a point they're gonna try to get in. And so no matter what your resiliency plan is, at the end of the day, you really need to protect it. And protection isn't just, for example, with M 365 having a snapshot or a recycle bin, that's just not good enough. And so we actually have some pretty compelling technology, what we call ALTA SAS protection, which covers the, pretty much the, the gamut of the major SAS technologies to protect those and make it available for our customers. So yeah, certainly it's a big part of it is awareness. Yeah. >>Well, I understand that the shared responsibility model, I, I realize there's a lot of confusion about that still, but in the SaaS world that's somewhat different. The responsibility of the SaaS provider for protecting data is somewhat different. How, how should, what should customers know about that? >>I think, you know, the, the related to that, if, if you look at OnPrem, you know, approximately 35 to 40% of OnPrem enterprise data is protected. It's kind of in a long traditional problem. Everyone's aware of it. You know, I remember going to a presentation from IBM 20 something years ago, and someone held their push hand up in the room about the dis drives and says, you need to back it up. And the IBM sales guy said, no, IBM dis drives never crash. Right? And so fast forward to here we are today, things have changed. So we're going through almost a similar sort of changes and culture in the cloud. 8% of the data in the cloud is protected today, 8%. That's incredible. Meaning >>That there is independent backup devoted >>To that data in some cases, not at all. And something many cases, the customer just assumes that it's in the cloud, therefore it's always available. I never have to worry about protecting it, right? And so that's a big problem that we're obviously trying to, trying to solve. And we do that all under the umbrella of ransomware. That's a huge theme, huge investment that, that Veritas does with regards to providing that resiliency for our >>Customers. Ransomware is scary. It is becoming so prolific. The bad actors have access to technologies. Obviously companies are fighting them, but now ransomware has evolved into, no longer are we gonna get hit, it's when, yeah, it's how often it's what's the damage going to be. So the ability to help customers recover from ransomware, that resiliency is table stakes for businesses in any industry these days. Does that, that one of the primary pain points that your customers are coming to you with? >>It's the number one pain point. Yeah, it's, it's incredible. I mean, there's not a single briefing that our teams are doing customer meetings where that term ransomware doesn't come up as, as their number one use case. Just to give you something, a couple of statistics. There's a ransomware attack attack that happens 11 times a second right around the globe. And this isn't just, you know, minor stuff, right? I've got friends that are, you know, executives of large company that have been hit that have that some, you know, multimillion dollar ransom attack. So our, our play on this is, when you think about it, is data protection is the last line of defense. Yes. And so if they break through, it's not a case, Lisa, as you mentioned, if it's a case of when Yeah. And so it's gonna happen. So one of the most important things is knowing how do you know you have a gold copy, a clean copy, and you can recover at speed in some cases. >>We're talking about tens of thousands of systems to do that at speed. That's in our dna. We've been doing it for many, many years. And we spoke through a lot of the cyber insurance companies on this particular topic as well. And what really came back from that is that they're actually now demanding things like immutable storage, malware detection, air gaping, right? Anomaly detection is sort of core technologies tick the box that they literally won't ensure you unless you have those core components. And so what we've done is we've doubled down on that investment. We use AI in ML technologies, particularly around the anomaly detection. One of the, the, the unique and ne differentiators that Verto provides is a ransomware resiliency scorecard. Imagine the ability to save uran a corporation. We can come in and run our analytics on your environment and kind of give you a grade, right? Wouldn't you prefer that than waiting for the event to take place to see where your vulnerability really is? And so these are some of the advantages that we can actually provide for our customers, really, really >>To help. Just a final quick question. There is a, a common perception, I believe that ransomware is an on premise problem. In fact, it is also a cloud problem. Is that not right? >>Oh, absolutely. I I think that probably the biggest attack vector is in the cloud. If it's, if it's OnPrem, you've certainly got a certain line of defense that's trying to break through. But, you know, you're in the open world there. Obviously with SAS applications in the cloud, it's not a case of if, but when, and it's, and it's gonna continue to get, you know, more and more prevalent within corporations. There's always gonna be those attack factors that they find the, the flash wounds that they can attack to break through. What we are concentrating on is that resiliency, that ability for customers to recover at speed. We've done that with our traditional appliances from our heritage OnPrem. We continue to do that with regard to resiliency at speed with our customers in the cloud, with partners like aws >>For sure. Almost done. Give me your 30 seconds on AWS and Veritas. >>We've had a partnership for the better part of 10 years. It's incredible when you think about aws, where they released the elastic compute back in 2006, right? We've been delivering data protection, a data management solutions for, for the better part of 30 years, right? So, so we're, we're Junos in our space. We're the leader in, in data protection and enterprise data protection. We were on-prem. We, we continue to be in the cloud as AWS was with the cloud service provided. So the synergies are incredible. About 80 to 85% of our, our joint customers are the same. We take core unique superpowers of aws, like AWS outposts and AWS Glacier Instant retrieval, for example, those core technologies and incorporate them into our products as we go to Mark. And so we released a core technology a few months ago, we call it ultra recovery vault. And it's an air gap, a mutable storage, worm storage, right Once, right? You can't change it even when the bad actors try to get in. They're independent from the customer's tenant and aws. So we manage it as a managed backup service for our customers. Got it. And so our customers are using that to really help them with their ransomware. So it's been a tremendous partnership with AWS >>Standing 10 years of accounting. Last question for you, Rick. You got a billboard on the 1 0 1 in Santa Clara, right? By the fancy Verto >>1 0 1? >>Yeah. Right. Well, there's no traffic. What does that billboard say? What's that bumper sticker about? Vertus, >>I think, I think the billboard would say, welcome to the new Veritas. This is not your grandfather's old mobile. We've done a phenomenal job in, in the last, particularly the last three or four years, to really reinvent ourselves in the cloud and the investments that we made are really paying off for our customers today. So I'm excited to be part of this journey and excited to talk to you guys today. >>Love it. Not your grandfather's Veritas. Rick, thank you so much for joining Paula, me on the forgot talking about what you guys are doing, how you're helping customers, really established that cyber of resiliency, which is absolutely critical these days. We appreciate your >>Time. My pleasure. Thank you so much. >>All right, for our guest and Paul Gilland, I'm Lisa Martin, you're watching the Queue, which as you know is the leader in live enterprise and emerging check coverage.

>>Hey everyone. Welcome back to the Cube's live coverage of AWS Reinvent 2022. This is day one, I should say evening one of three and a half days of wall to wall coverage on the cube. Lisa Martin here with Dave Ante. Dave, we love talking about data, but the most important thing about data is if there's a breach, which are happening more and more frequently, that you can get it back. So data backup, data protection, data resiliency, hugely >>Important. Well, it used to be you got snake bit and then you closed the barn door after the horse ran away. Now I think people are a lot more aware that they gotta protect their data and be proactive about it. It can't just be an afterthought. >>It can't be an afterthought. We've got the CTO of own backup here. We're gonna be talking about that Adrian Consul. Adrian, welcome to the Cube. >>Thanks for having me. >>Talk a little bit about own backup. The what is unique about it? >>So we are the leading SaaS data protection vendor. We've built a business based on the fact that SAS has become a center of gravity for a lot of companies. Now, a lot of people have moved with digital transformation and more recently with the covid effects to digitize their business. Our platform is powered by aws. We've got 5,000 plus customers that trust what we do and to look after their data. We help them with resiliency, compliance, security, and we do it for people who are using Salesforce, ServiceNow, and Microsoft Dynamics 365 people >>Are gonna say, wait a minute, my data in the cloud isn't already backed up. Why do I Right. That's what they're gonna say. So how do you >>Respond? Yes. Lots of people say that. That is exactly right. So what people are beginning to realize much more is that there's actually a shared responsibility model between your SaaS provider and yourselves. And you know, the SaaS providers do a phenomenal job of giving you disaster recovery, a database copy, networking infrastructure, a bunch of security controls at that level. But they're pretty frank about the data you put in there is your data, right? And just that it's up to you to put the data in there. It's also up to you to keep it in there. And that's not so easy when you've got lots of integrations. You've got users running around in the applications, et cetera. So yeah, the heart of it is, it's your data, you put it in there, you better be looking after it too. >>That's so important for customers to understand what is Salesforce's responsibility? What's my responsibility to the really nail that? What are some of the main challenges as we see the cybersecurity landscape has changed so much in the last couple of years? Ransomware is now a, when it's gonna happen to us. How often, what's gonna be the significance? What are some of the main challenges that you're talking with customers about these days? >>So really on the data side, it definitely hinges around ransomware. But I would also say when you think about what digital transformation has done for customers, moved you to a world where you've gotta be on 24 7, right? You can't afford to have systems down, whether that's your public website or even things your salespeople are using. And so on the, on the data side, we talk a lot with our customers about really recovery. Not so much about backup. Backup is in our name, but our product is called Recover. And there's a reason for that. We're trying to focus on how can we help customers quickly get back to a good state when they've had an incident. So that's kind of the data side of it. On the security side of it, it's really about how do they manage all the controls that SaaS providers now give them. >>Make sure the right people in their organization can see the right data and the data. They should not be able to see the data they shouldn't be able to see. And that's just getting increasingly complex, really anchored around the fact that the volume of the data is growing, the complexity of that data is growing and really the sensitivity of that data is growing, right? When you think about all the data privacy rules, 10 years ago we didn't care about keeping a whole bunch of data around. Now you've kind of gotta get rid of it. So you've actually gotta manage it through its lifecycle. >>So the shared responsibility model has applied to data protection is, is kind of an interesting topic cuz you always think about it for security and I know security and data protection are these adjacencies, but it's a complicated situation cuz you've got shared responsibility models now across multiple clouds. It's gotta be way more complicated across SaaS because you've got different policies, you've got a lot more SaaS than you have. There's three clouds, four, if you put in Alibaba, you know, and yeah, I know this hosting and Oracle and IBM, et cetera, but hyperscalers and so, but there's dozens if not hundreds of SaaS products at a company. So are you able to create a consistent experience and, and for your customers across all those, now of course, I know you're not doing hundreds and thousands of SaaS products, but you got, you know, pretty big ones here. ServiceNow, Salesforce, right? 365. Let's start >>There. So, so consistency we are hoping will come honestly where the industry is right now. It's getting, getting each one in a state where you are comfortable with it, >>Right? Get it protected. >>Yeah. Take a sales force. A typical sales force environment right now has a survey we did recently, about 2000 fields that have sensitive data in it in some way, shape or form. You've couple that with about 80, 85% of the users can see some fields that are sensitive. How you manage that matrix is, is just really hard. And that's part of what our secure product brings to the table, helps you understand who can see what and why they can see it. >>So where are your customer conversations these days? Are you talking to CIOs and CISOs? Is this, is this at that level >>It for some of our customers? Yes, it absolutely gets there. The, the real core of our discussion is the guy who owns and runs the sales technology, for example, right? Or the ServiceNow technology or typically a center of excellence. Those have been, those have been a key way for us to help an organization understand what the risks are, what's necessary, what they're having to do given that they don't have a backup now and have those, those shared responsibility model conversations. That's kind of where >>It starts. Are you finding that most customers are not backing up Salesforce, for example, or ServiceNow? Or are they switching from a competitor over to own back? >>Sad to say that it's mostly not. Yeah, it's, it's predominantly, I thought my cloud provider had me covered for that. >>So the market is huge. Yes. Massive opportunity. Yeah. >>Yeah. If you think of the number of Salesforce instances, not ignoring ServiceNow and Dynamics for a moment, Salesforce talks about, I don't know, 150,000 customers somewhere in that mark and we have 500 of them. >>So how do you get the first penguin off the iceberg? What's the sort of customer conversation like just in terms of, you know, educating them and sending them and, and kind of pushing 'em over the edge so that they actually do start protecting their data? >>Yeah, so, so sadly it sometimes starts with, I had a data loss, I spent weeks working at it, I got 75% of my data back, but not all of it. And that's a real customer quote. And in other cases it's, sorry. In other cases it's how do we, you know, how are you thinking about your sales source environment, particularly customers that have a lot of them, how sensitive is the data? How critical is the data in there? What are you doing to protect it? Today we have some people doing, doing weekly exports, which Salesforce provides. It's a manual step. The first penguin off the iceberg, as you say, it's kind of to say, Hey, well why didn't you automate that? Right? Don't have to rely on somebody on a Tuesday pulling the data down. So that's, those are places where it starts. >>Yeah. So, you know, Lisa, I was saying earlier that, you know, it closed the barn door, right? And that's, that's essentially what Adrian's saying is you've, you've got, you basically gotta look for that customer that's been snake bitten. Yeah. But generally speaking, I feel like there's more awareness. I was gonna ask you, you know, in this economic climate is, is data protection recession proof? And I think it's, it's not right. People sort of, but at the same time, if you're not proactive about it, you really could hurt your business. Absolutely. So what, what are your thoughts on customers getting more efficient with regard to their, their data estate, their data protection? Can you turn it into a positive? >>I think, I think it absolutely is a positive. Obviously we're in an environment where CIOs are having to look at every penny they're spending. But if you think about what you're using the data for, you're making business decisions based on this data every day. Your, your entire organization is making business decisions. So if you've got missing data or inaccurate data, you're making suboptimal decisions, right? So that comes back to data protection, comes back to brand reputation. Yes. And it comes back to how quickly can you get the data back into the shape you need it to be. And that again, is why we focus on the recovery side of the equation, not just the backup side. Right. Sorry. I would also say that in these recession bit times you've got fewer people doing as much work as you had before that raises the chance of errors. And we see across our customer base 50% of the data corruption or or data loss occurrences happen cause a human did something by mistake. Yeah, sure. And if you up the, the stress of those humans, you're gonna get more errors. >>Should you, when you're talking with IT professionals or maybe sales leaders, should it be thinking differently about spend for data protection versus general spend? Given that the whole point is to be able to recover data when something happens? >>I think you have to think about it from a kind of a risk and a business continuity perspective, right? Data protection tangibly reduces your business risk, right? It gets you back up faster. It, it helps you stay running. It helps ensure that the right people have access to the right data and from a secure standpoint and, and all of those just lower your risk. And if you're having discussions as CIOs should be with their business counterparts around business continuity, with the criticality of the data that's in Salesforce and these other SaaS applications today, I think it's pretty obvious that, that you should have a strong data protection strategy around >>It. Absolutely. >>Your business is at >>Risk, right? And nobody wants to be the next headline. No. My last question for you, Adrian, is if there was a billboard near your headquarters, what's that? What would it say? What's that tagline about own backup that really nails it home? >>I think it's, nobody operating in the cloud should ever lose data and that's what we're here to do. >>Excellent. Adrian, it's been a pleasure having you on the program. Thank you for talking with David, me, great talking to you about and back up what you guys are doing and really how organizations need to be very aware of that shared responsibility model. It sounds like you guys are well on your way to helping them understand that. We appreciate your time. >>Thank you both. Thank you. Best of luck. >>Appreciate it. Thank our pleasure. For our guest and Dave Ante, I'm Lisa Martin. You're watching The Cube, the leader in emerging and enterprise tech coverage.

>>Hey everyone, and welcome back to Las Vegas. Viva Las Vegas, baby. This is the Cube live at AWS Reinvent 2022 with tens of thousands of people. Lisa Martin here with Dave Valante. Dave, we've had some great conversations. This is day one of four days of wall to wall coverage on the cube. We've been talking data. Every company is a data company. Data protection, data resiliency, absolutely table stakes for organizations to, >>And I think ecosystem is the other big theme. And that really came to life last year. You know, we came out of the pandemic and it was like, wow, we are entering a new era. People no longer was the ecosystem worried about it, AWS competing with them. They were more worried about innovating and building on top of AWS and building their own value. And that's really, I think, the theme of the 2020s within the ecosystem. >>And we're gonna be talking about building on top of aws. Two guests join us, two alumni join us. Stephen Manley is here, the CTO of Druva. Welcome back. Jason crat as well is here. CIO and CTO of Summit Carbon Solutions. Guys, great to have you back on the program. >>Thank you. >>Let's start with you giving the audience an understanding of the company. What do you guys do? What do you deliver value for customers? All that good >>Stuff. Yeah, no, for sure. So Summit Carbon is the world's largest carbon capture and sequestration company capturing close to 15 million tons of carbon every year. So it doesn't go into the atmosphere. >>Wow, fantastic. Steven, the, the risk landscape today is crazy, right? There's, there's been massive changes. We've talked about this many times. What are some of the things, you know, ransomware is a, is, I know as you say, this is a, it's not a, if it's gonna happen, it's when it's how frequent, it's what's gonna be the damage. What are some of the challenges and concerns that you're hearing from customers out there today? >>Yeah, you know, it really comes down to three things. And, and everybody is, is terrified of ransomware and justifiably so. So, so the first thing that comes up is, how do I keep up? Because I have so much data in so many places, and the threats are evolving so quickly. I don't have enough money, I don't have enough people, I don't have enough skilled resources to be able to keep up. The second thing, and this ties in with what Dave said, is, is ecosystem. You know, it used to be that your, your backup was siloed, right? They'd sit in the basement and, and you wouldn't see, see them. But now they're saying, I've gotta work with my security team. So rather than hoping the security team stays away from me, how do I integrate with them? How do I tie together? And then the third one, which is on everybody's mind, is when that attack happens, and like you said, it's win and, and the bell rings and they come to me and they say, all right, it's time for you to recover. It's time for, for all this investment we've put in. Am I gonna be ready? Am I going to be able to execute? Because a ransom or recovery is so different than any other recovery they've ever done. So it's those three things that really are top of mind for >>How, so what is the, what are the key differences, if you could summarize? I mean, I >>Know it's so, so the first one is you can't trust the environment you're restoring into. Even with a disaster, it would finish and you'd say, okay, I'm gonna get my data center set up again and I'm gonna get things working. You know, when I try to recover, I don't know if everything's clean yet. I'm trying to recover while I'm still going through incident response. So that's one big difference. A second big difference is I'm not sure if the thing I'm recovering is good, I've gotta scan it. I've gotta make sure what's inside it is, is, is alright. And then the third thing is what we're seeing is the targets are usually not necessarily the crown jewels because those tend to be more protected. And so they're running into this, I need to recover a massive amount of what we might call tier two, tier three apps that I wasn't ready for because I've always been prepared for that tier one disaster. And so, so those three things they go, it's stuff I'm not prepared or covering. It's a flow. I'm not used to having to check things and I'm not sure where I'm gonna recover too when the, when the time comes. >>Yeah, just go ahead. Yeah, that's right. I mean, I think for me, the biggest concern is the blind spots of where did I actually back it up or not. You know, what did I get it? Cuz you, we always protect our e r p, we always protect these sort of classes of tiers of systems, but then it's like, oh, that user's email box didn't get it. Oh, that, you know, that one drive didn't get it. You know, or, or, or whatever it is. You know, the infrastructure behind it all. I forgot to back that up. That to me the blind spots are the scariest part of a ransomware attack. >>And, and if you think about it, some of the most high profile attacks, you know, on the, on the colonial pipeline, they didn't go after the core assets. They went after billing. That's right. But billing brought everything down so they're smart enough to say, right, I'm not gonna take the, the castle head on. Is there is they're that. Exactly. >>And so how do you, I get, I mean you can air gap and do things like that in terms of protecting the, the, the data, the corrupt data. How do you protect the corrupt environment? Like that's, that's a really challenging issue. Is >>It? I don't know. I mean, I'll, I'll you can go second here. I think that what's interesting to me about is that's what cloud's for. You can build as many environments as you want. You only pay for what you use, right? And so you have an opportunity to just reconstruct it. That's why things, everything is code matters. That's why having a cloud partner like Druva matters. So you can just go restore wherever you need to in a totally clean environment. >>So the answer is you gotta do it in the cloud. Yeah. What if it's on prem? >>So if it's on prem, what we see people do is, and, and, and this is where testing and, and where cloud can still be an asset, is you can look and say a lot of those assets I'm running in the data center, I could still recover in the cloud. And so you can go through DR testing and you can start to define what's in your on-prem so that you could make it, you know, so you can make it cloud recoverable. Now, a lot of the people that do that then say, well actually why am I even running this on prem anymore in the first place? I should just move this to the cloud now. But, but, but there are people in that interim step. But, but, but it's really important because you, you're gonna need a clean environment to play in. And it's so hard to have a clean environment set up in a data center cuz it basically means I'm not touching this, I'm just paying for something to sit idle. Whereas cloud, I can spin that up, right? Get a, a cloud foundation suite and, and just again, infrastructures code, spin things up, test it, spin it down. It doesn't cost me money on a daily basis. >>Jason, talk a little bit about how you are using Druva. Why Druva and give us a kind of a landscape of your IT environment with Druva. >>Yeah. You know, so when we first started, you know, we did have a competitor solution and, and, and it was only backing up, you know, we were a startup. It was only backing up our email. And so as you pointed out, the ecosystem really matters because we grew out of email pretty quick as a startup. And we had to have real use cases to protect and the legacy product just wouldn't support us. And so our whole direction, or my direction to my team is back it up wherever it is, you know, go get it. And so we needed somebody in the field, literally in the middle of Nebraska or Iowa to have their laptop backed up. We needed our infrastructure, our data center backed up and we needed our, our SaaS solutions backed up. We needed it all. And so we needed a partner like Druva to help us go get it wherever it's at. >>Talk about the value in, with Druva being cloud native. >>Yeah. To us it's a big deal, right? There's all sorts of products you could go by to go just do endpoint laptop protection or just do SAS backups. For us, the value is in learning one tool and mastering it and then taking it to wherever the data is. To me, we see a lot of value for that because we can have one team focus on one product, get good at it, and drive the value. >>That consolidation theme is big right now, you know, the economic headwinds and so forth. What was the catalyst for you? Was it, is that something you started, you know, years ago? Just it's good practice to do that? What's, >>Well, no, I mean luckily I'm in a very good position as a startup to do define it, you know, but I've been in those legacy organizations where we've got a lot of tech debt and then how do you consolidate your portfolio so that you can gain more value, right? Cause you only get one budget a year, right? And so I'm lucky in, in the learnings I've had in other enterprises to deal with this head on right now as we grow, don't add tech debt, put it in right. Today. >>Talk to us a little bit about the SaaS applications that you're backing up. You know, we, we talk a lot with customers, the shared, the shared responsibility model that a lot of customers aren't aware of. Where are you using that competing solution to protect SaaS applications before driven and talk about Yeah. The, the value in that going, the data protection is our responsibility and not the SA vendor. >>No, absolutely. I mean, and it is funny to go to, you know, it's like Office 365 applications and go to our, our CFO and a leadership and be like, no, we really gotta back it up to a third party. And they're like, but why? >>It's >>In the cloud, right? And so there's a lot of instruction I have to provide to my peers and, and, and my users to help them understand why these things matter. And, and, and it works out really well because we can show value really quick when anything happens. And now we get, I mean, even in SharePoint, people will come to us to restore things when they're fully empowered to do it. But my team's faster. And so we can just get it done for them. And so it's an extra from me, it's an extra SLA or never service level I can provide to my internal customers that, that gives them more faith and trust in my organization. >>How, how are the SEC op teams and the data protection teams, the backup teams, how are they coming together? Is is, is data protection backup just morphing into security? Is it more of an adjacency? What's that dynamic like? >>So I'd say right now, and, and I'll be curious to hear Jason's organization, but certainly what we see broadly is, you know, the, the teams are starting to work together, but I wouldn't say they're merging, right? Because, you know, you think of it in a couple of ways. The first is you've got a production environment and that needs to be secured. And then you've got a protection environment. And that protection environment also has to be secured. So the first conversation for a lot of backup teams is, alright, I need to actually work with the security team to make sure that, that my, my my backup environment, it's air gapped, it's encrypted, it's secured. Then I think the, the then I think you start to see people come together, especially as they go through, say, tabletop exercises for ransomware recovery, where it's, alright, where, where can the backup team add value here? >>Because certainly recovery, that's the basics. But as there log information you can provide, are there detection pieces that you can offer? So, so I think, you know, you start to see a partnership, but, but the reality is, you know, the, the two are still separate, right? Because, you know, my job as a a protection resiliency company is I wanna make sure that when you need your data, it's gonna be there for you. And I certainly want to, to to follow best secure practices and I wanna offer value to the security team, but there's a whole lot of the security ecosystem that I want to plug into. I'm not trying to replace them again. I want to be part of that broader ecosystem. >>So how, how do you guys approach it? Yeah, >>That's interesting. Yeah. So in my organization, we, we are one team and, and not to be too cheesy or you know, whatever, but as Amazon would say, security is job one. And so we treat it as if this is it. And so we never push something into production until we are ready. And ready to us means it's got a security package on it, it's backed up, the users have tested it, we are ready to go. It's not that we're ready just be to provide the service or the thing. It's that we are actually ready to productionize this. And so it's ready for production data and that slows us down in some cases. But that's where DevOps and this idea of just merging everything together into a central, how do we get this done together, has worked out really well for us. So, >>So it's really the DevOps team's responsibility. It's not a separate data protection function. >>Nope. Nope. We have specialists of course, right? Yeah, yeah. Because you need the extra level, the CISSPs and those people Yeah, yeah. To really know what they're doing, but they're just part of the team. Yeah. >>Talk about some of the business outcomes that you're achieving with Druva so far. >>Yeah. The business outcomes for me are, you know, I meet my SLAs that's promising. I can communicate that I feel more secure in the cloud and, and all of my workloads because I can restore it. And, and that to me helps everybody in my organization sleep well, sleep better. We are, we transport a lot of the carbon in a pipeline like Colonial. And so to us, we are, we are potential victims of, of a pipe, a non pipeline group, right? Attacking us, but it's carbon, you know, we're trying to get it outta atmosphere. And so by protecting it, no matter where it is, as long as we've got internet access, we can back it up. That provides tons of value to my team because we have hundreds of people in the field working for us every day who collect data and generate it. >>What would you say to a customer who's maybe on the fence looking at different technologies, why dva? >>You know, I think, you know, do the research in my mind, it'll win if you just do the research, right? I mean, there might be vendors that'll buy you nice dinners or whatever, and those are, those are nice things, but the, the reality is you have to protect your data no matter where it is. If it's in a SaaS application, if it's in a cloud provider, if it's infrastructure, wherever it is, you need it. And if you just go look at the facts, there it is, right? And so I, I'd say be objective. Look at the facts, it'll prove itself. >>Look at the data. There you go. Steven Druva recently announced a data resiliency guarantee with a big whopping financial sum. Talk to us a little bit about that, the value in it for your customers and for prospects, >>Right? So, so basically there's, there's really two parts to this guarantee. The first is, you know, across five different SLAs, and I'll talk about those, you know, if we violate those, the customers can get a payout of up to 10 million, right? So again, putting, putting our money where our mouth is in a pretty large amount. But, but for me, the exciting part, and this is, this is where Jason went, is it's about the SLAs, right? You know, one of Drew's goals is to say, look, we do the job for you, we do the service for you so you can offer that service to your company. And so the SLAs aren't just about ransomware, some of them certainly are, you know, that, that you're going to be able to recover your data in the event of a ransomware attack, that your data won't get exfiltrated as part of a ransomware attack. >>But also things like backup success rates, because as much as recovery matters a lot more than backup, you do need a backup if you're gonna be able to get that recovery done. There's also an SLA to say that, you know, if 10 years down the road you need to recover your data, it's still recoverable, right? So, so that kind of durability piece. And then of course the availability of the service because what's the point of a service if it's not there for you when you need it? And so, so having that breadth of coverage, I think really reflects who Druva is, which is we're doing this job for you, right? We want to make this this service available so you can focus on offering other value inside your business. And >>The insurance underwriters, if they threw holy water on >>That, they, they, they were okay with it. The legal people blessed it, you know, it, you know, the CEO signed off on it, the board of directors. So, you know, it, and it, it's all there in print, it's all there on the web. If you wanna look, you know, make sure, one of the things we wanted to be very clear on is that this isn't just a marketing gimmick that we're, we're putting, that we're putting substance behind it because a lot of these were already in our contracts anyway, because as a SAS vendor, you're signing up for service level agreements anyway. >>Yeah. But most of the service level agreements and SaaS vendors are crap. They're like, you know, hey, you know, if something bad happens, you know, we'll, we'll give you a credit, >>Right? >>For, you know, for when you were down. I mean, it's not, you never get into business impact. I mean, even aws, sorry, I mean, it's true. We're a customer. I read define print, I know what I'm signing up for. But, so that's, >>We read it a lot and we will not, we don't really care about the credits at all. We care about is it their force? Is it a partner? We trust, we fight that every day in our SLAs with our vendors >>In the end, right? I mean this, we are the last line of defense. We are the thing that keeps the business up and running. So if your business, you know, can't get to his data and can't operate, me coming to you and saying, Dave, I've got some credits for you after you, you know, after you declare bankruptcy, it'll be great. Yeah, that's not a win. >>It's no value, >>Not helpful. The goal's gotta be, your business is up and running cuz that's when we're both successful. So, so, so, you know, we view this as we're in it together, right? We wanna make sure your business succeeds. Again, it's not about slight of hand, it's not about, you know, just, just putting fine print in the contract. It's about standing up and delivering. Because if you can't do that, why are we here? Right? The number one thing we hear from our customers is Dr. Just works. And that's the thing I think I'm most proud of is Druva just works. >>So, speaking of Juva, just working, if there's a billboard in Santa Clara near the new offices about Druva, what's, what's the bumper sticker? What's the tagline? >>I, I, I think, I think that's it. I think Druva just works. Keeps your data safe. Simple as that. Safe and secure. Druva works to keep your data safe and secure. >>Saved me. >>Yeah. >>Truva just works. Guys, thanks so much for joining. David, me on the program. Great to have you back on the cube. Thank you. Talking about how you're working together, what Druva is doing to really putting, its its best foot forward. We appreciate your insights and your time. Thank >>You. Thanks guys. It's great to see you guys. Likewise >>The show for our guests and Dave Ante. I'm Lisa Martin, you're watching the Cube, the leader in enterprise and emerging tech coverage.

(upbeat music) >> Hello, welcome back to theCUBE's AWS RE:Invent 2022 Coverage. I'm John Furrier, host of theCUBE. Got a great lineup here, Itamar Ankorion SVP Technology Alliance at Qlik and Peter McDonald, vice President, cloud partnerships and business development Snowflake. We're going to talk about bringing SAP data to life, for joint Snowflake, Qlik and AWS Solution. Gentlemen, thanks for coming on theCUBE Really appreciate it. >> Thank you. >> Thank you, great meeting you John. >> Just to get started, introduce yourselves to the audience, then going to jump into what you guys are doing together, unique relationship here, really compelling solution in cloud. Big story about applications and scale this year. Let's introduce yourselves. Peter, we'll start with you. >> Great. I'm Peter MacDonald. I am vice president of Cloud Partners and business development here at Snowflake. On the Cloud Partner side, that means I manage AWS relationship along with Microsoft and Google Cloud. What we do together in terms of complimentary products, GTM, co-selling, things like that. Importantly, working with other third parties like Qlik for joint solutions. On business development, it's negotiating custom commercial partnerships, large companies like Salesforce and Dell, smaller companies at most for our venture portfolio. >> Thanks Peter and hi John. It's great to be back here. So I'm Itamar Ankorion and I'm the senior vice president responsible for technology alliances here at Qlik. With that, own strategic alliances, including our key partners in the cloud, including Snowflake and AWS. I've been in the data and analytics enterprise software market for 20 plus years, and my main focus is product management, marketing, alliances, and business development. I joined Qlik about three and a half years ago through the acquisition of Attunity, which is now the foundation for Qlik data integration. So again, we focus in my team on creating joint solution alignment with our key partners to provide more value to our customers. >> Great to have both you guys, senior executives in the industry on theCUBE here, talking about data, obviously bringing SAP data to life is the theme of this segment, but this reinvent, it's all about the data, big data end-to-end story, a lot about data being intrinsic as the CEO says on stage around in the organizations in all aspects. Take a minute to explain what you guys are doing as from a company standpoint. Snowflake and Qlik and the solutions, why here at AWS? Peter, we'll start with you at Snowflake, what you guys do as a company, your mission, your focus. >> That was great, John. Yeah, so here at Snowflake, we focus on the data platform and until recently, data platforms required expensive on-prem hardware appliances. And despite all that expense, customers had capacity constraints, inexpensive maintenance, and had limited functionality that all impeded these organizations from reaching their goals. Snowflake is a cloud native SaaS platform, and we've become so successful because we've addressed these pain points and have other new special features. For example, securely sharing data across both the organization and the value chain without copying the data, support for new data types such as JSON and structured data, and also advance in database data governance. Snowflake integrates with complimentary AWS services and other partner products. So we can enable holistic solutions that include, for example, here, both Qlik and AWS SageMaker, and comprehend and bring those to joint customers. Our customers want to convert data into insights along with advanced analytics platforms in AI. That is how they make holistic data-driven solutions that will give them competitive advantage. With Snowflake, our approach is to focus on customer solutions that leverage data from existing systems such as SAP, wherever they are in the cloud or on-premise. And to do this, we leverage partners like Qlik native US to help customers transform their businesses. We provide customers with a premier data analytics platform as a result. Itamar, why don't you talk about Qlik a little bit and then we can dive into the specific SAP solution here and some trends >> Sounds great, Peter. So Qlik provides modern data integration and analytics software used by over 38,000 customers worldwide. Our focus is to help our customers turn data into value and help them close the gap between data all the way through insight and action. We offer click data integration and click data analytics. Click data integration helps to automate the data pipelines to deliver data to where they want to use them in real-time and make the data ready for analytics and then Qlik data analytics is a robust platform for analytics and business intelligence has been a leader in the Gartner Magic Quadrant for over 11 years now in the market. And both of these come together into what we call Qlik Cloud, which is our SaaS based platform. So providing a more seamless way to consume all these services and accelerate time to value with customer solutions. In terms of partnerships, both Snowflake and AWS are very strategic to us here at Qlik, so we have very comprehensive investment to ensure strong joint value proposition to we can bring to our mutual customers, everything from aligning our roadmaps through optimizing and validating integrations, collaborating on best practices, packaging joint solutions like the one we'll talk about today. And with that investment, we are an elite level, top level partner with Snowflake. We fly that our technology is Snowflake-ready across the entire product set and we have hundreds of joint customers together and with AWS we've also partnered for a long time. We're here to reinvent. We've been here with the first reinvent since the inaugural one, so it kind of gives you an idea for how long we've been working with AWS. We provide very comprehensive integration with AWS data analytics services, and we have several competencies ranging from data analytics to migration and modernization. So that's our focus and again, we're excited about working with Snowflake and AWS to bring solutions together to market. >> Well, I'm looking forward to unpacking the solutions specifically, and congratulations on the continued success of both your companies. We've been following them obviously for a very long time and seeing the platform evolve beyond just SaaS and a lot more going on in cloud these days, kind of next generation emerging. You know, we're seeing a lot of macro trends that are going to be powering some of the things we're going to get into real quickly. But before we get into the solution, what are some of those power dynamics in the industry that you're seeing in trends specifically that are impacting your customers that are taking us down this road of getting more out of the data and specifically the SAP, but in general trends and dynamics. What are you hearing from your customers? Why do they care? Why are they going down this road? Peter, we'll start with you. >> Yeah, I'll go ahead and start. Thanks. Yeah, I'd say we continue to see customers being, being very eager to transform their businesses and they know they need to leverage technology and data to do so. They're also increasingly depending upon the cloud to bring that agility, that elasticity, new functionality necessary to react in real-time to every evolving customer needs. You look at what's happened over the last three years, and boy, the macro environment customers, it's all changing so fast. With our partnerships with AWS and Qlik, we've been able to bring to market innovative solutions like the one we're announcing today that spans all three companies. It provides a holistic solution and an integrated solution for our customer. >> Itamar let's get into it, you've been with theCUBE, you've seen the journey, you have your own journey, many, many years, you've seen the waves. What's going on now? I mean, what's the big wave? What's the dynamic powering this trend? >> Yeah, in a nutshell I'll call it, it's all about time. You know, it's time to value and it's about real-time data. I'll kind of talk about that a bit. So, I mean, you hear a lot about the data being the new oil, but it's definitely, we see more and more customers seeing data as their critical enabler for innovation and digital transformation. They look for ways to monetize data. They look as the data as the way in which they can innovate and bring different value to the customers. So we see customers want to use more data so to get more value from data. We definitely see them wanting to do it faster, right, than before. And we definitely see them looking for agility and automation as ways to accelerate time to value, and also reduce overall costs. I did mention real-time data, so we definitely see more and more customers, they want to be able to act and make decisions based on fresh data. So yesterday's data is just not good enough. >> John: Yeah. >> It's got to be down to the hour, down to the minutes and sometimes even lower than that. And then I think we're also seeing customers look to their core business systems where they have a lot of value, like the SAP, like mainframe and thinking, okay, our core data is there, how can we get more value from this data? So that's key things we see all the time with customers. >> Yeah, we did a big editorial segment this year on, we called data as code. Data as code is kind of a riff on infrastructure as code and you start to see data becoming proliferating into all aspects, fresh data. It's not just where you store it, it's how you share it, it's how you turn it into an application intrinsically involved in all aspects. This is the big theme this year and that's driving all the conversations here at RE:Invent. And I'm guaranteeing you, it's going to happen for another five and 10 years. It's not stopping. So I got to get into the solution, you guys mentioned SAP and you've announced the solution by Qlik, Snowflake and AWS for your customers using SAP. Can you share more about this solution? What's unique about it? Why is it important and why now? Peter, Itamar, we'll start with you first. >> Let me jump in, this is really, I'll jump because I'm excited. We're very excited about this solution and it's also a solution by the way and again, we've seen proven customer success with it. So to your point, it's ready to scale, it's starting, I think we're going to see a lot of companies doing this over the next few years. But before we jump to the solution, let me maybe take a few minutes just to clarify the need, why we're seeing, why we're seeing customers jump to do this. So customers that use SAP, they use it to manage the core of their business. So think order processing, management, finance, inventory, supply chain, and so much more. So if you're running SAP in your company, that data creates a great opportunity for you to drive innovation and modernization. So what we see customers want to do, they want to do more with their data and more means they want to take SAP with non-SAP data and use it together to drive new insights. They want to use real-time data to drive real-time analytics, which they couldn't do to date. They want to bring together descriptive with predictive analytics. So adding machine learning in AI to drive more value from the data. And naturally they want to do it faster. So find ways to iterate faster on their solutions, have freedom with the data and agility. And I think this is really where cloud data platforms like Snowflake and AWS, you know, bring that value to be able to drive that. Now to do that you need to unlock the SAP data, which is a lot of also where Qlik comes in because typical challenges these customers run into is the complexity, inherent in SAP data. Tens of thousands of tables, proprietary formats, complex data models, licensing restrictions, and more than, you have performance issues, they usually run into how do we handle the throughput, the volumes while maintaining lower latency and impact. Where do we find knowledge to really understand how to get all this done? So these are the things we've looked at when we came together to create a solution and make it unique. So when you think about its uniqueness, because we put together a lot, and I'll go through three, four key things that come together to make this unique. First is about data delivery. How do you have the SAP data delivery? So how do you get it from ECC, from HANA from S/4HANA, how do you deliver the data and the metadata and how that integration well into Snowflake. And what we've done is we've focused a lot on optimizing that process and the continuous ingestion, so the real-time ingestion of the data in a way that works really well with the Snowflake system, data cloud. Second thing is we looked at SAP data transformation, so once the data arrives at Snowflake, how do we turn it into being analytics ready? So that's where data transformation and data worth automation come in. And these are all elements of this solution. So creating derivative datasets, creating data marts, and all of that is done by again, creating an optimized integration that pushes down SQL based transformations, so they can be processed inside Snowflake, leveraging its powerful engine. And then the third element is bringing together data visualization analytics that can also take all the data now that in organizing inside Snowflake, bring other data in, bring machine learning from SageMaker, and then you go to create a seamless integration to bring analytic applications to life. So these are all things we put together in the solution. And maybe the last point is we actually took the next step with this and we created something we refer to as solution accelerators, which we're really, really keen about. Think about this as prepackaged templates for common business analytic needs like order to cash, finance, inventory. And we can either dig into that a little more later, but this gets the next level of value to the customers all built into this joint solution. >> Yeah, I want to get to the accelerators, but real quick, Peter, your reaction to the solution, what's unique about it? And obviously Snowflake, we've been seeing the progression data applications, more developers developing on top of Snowflake, data as code kind of implies developer ecosystem. This is kind of interesting. I mean, you got partnering with Qlik and AWS, it's kind of a developer-like thinking real solution. What's unique about this SAP solution that's, that's different than what customers can get anywhere else or not? >> Yeah, well listen, I think first of all, you have to start with the idea of the solution. This are three companies coming together to build a holistic solution that is all about, you know, creating a great opportunity to turn SAP data into value this is Itamar was talking about, that's really what we're talking about here and there's a lot of technology underneath it. I'll talk more about the Snowflake technology, what's involved here, and then cover some of the AWS pieces as well. But you know, we're focusing on getting that value out and accelerating time to value for our joint customers. As Itamar was saying, you know, there's a lot of complexity with the SAP data and a lot of value there. How can we manage that in a prepackaged way, bringing together best of breed solutions with proven capabilities and bringing this to market quickly for our joint customers. You know, Snowflake and AWS have been strong partners for a number of years now, and that's not only on how Snowflake runs on top of AWS, but also how we integrate with their complementary analytics and then all products. And so, you know, we want to be able to leverage those in addition to what Qlik is bringing in terms of the data transformations, bringing data out of SAP in the visualization as well. All very critical. And then we want to bring in the predictive analytics, AWS brings and what Sage brings. We'll talk about that a little bit later on. Some of the technologies that we're leveraging are some of our latest cutting edge technologies that really make things easier for both our partners and our customers. For example, Qlik leverages Snowflakes recently released Snowpark for Python functionality to push down those data transformations from clicking the Snowflake that Itamar's mentioning. And while we also leverage Snowpark for integrations with Amazon SageMaker, but there's a lot of great new technology that just makes this easy and compelling for customers. >> I think that's the big word, easy button here for what may look like a complex kind of integration, kind of turnkey, really, really compelling example of the modern era we're living in, as we always say in theCUBE. You mentioned accelerators, SAP accelerators. Can you give an example of how that works with the technology from the third party providers to deliver this business value Itamar, 'cause that was an interesting comment. What's the example? Give an example of this acceleration. >> Yes, certainly. I think this is something that really makes this truly, truly unique in the industry and again, a great opportunity for customers. So we kind talked earlier about there's a lot of things that need to be done with SP data to turn it to value. And these accelerator, as the name suggests, are designed to do just that, to kind of jumpstart the process and reduce the time and the risk involved in such project. So again, these are pre-packaged templates. We basically took a lot of knowledge, and a lot of configurations, best practices about to get things done and we put 'em together. So think about all the steps, it includes things like data extraction, so already knowing which tables, all the relevant tables that you need to get data from in the contexts of the solution you're looking for, say like order to cash, we'll get back to that one. How do you continuously deliver that data into Snowflake in an in efficient manner, handling things like data type mappings, metadata naming conventions and transformations. The data models you build all the way to data mart definitions and all the transformations that the data needs to go through moving through steps until it's fully analytics ready. And then on top of that, even adding a library of comprehensive analytic dashboards and integrations through machine learning and AI and put all of that in a way that's in pre-integrated and tested to work with Snowflake and AWS. So this is where again, you get this entire recipe that's ready. So take for example, I think I mentioned order to cash. So again, all these things I just talked about, I mean, for those who are not familiar, I mean order to cash is a critical business process for every organization. So especially if you're in retail, manufacturing, enterprise, it's a big... This is where, you know, starting with booking a sales order, following by fulfilling the order, billing the customer, then managing the accounts receivable when the customer actually pays, right? So this all process, you got sales order fulfillment and the billing impacts customer satisfaction, you got receivable payments, you know, the impact's working capital, cash liquidity. So again, as a result this order to cash process is a lifeblood for many businesses and it's critical to optimize and understand. So the solution accelerator we created specifically for order to cash takes care of understanding all these aspects and the data that needs to come with it. So everything we outline before to make the data available in Snowflake in a way that's really useful for downstream analytics, along with dashboards that are already common for that, for that use case. So again, this enables customers to gain real-time visibility into their sales orders, fulfillment, accounts receivable performance. That's what the Excel's are all about. And very similarly, we have another one for example, for finance analytics, right? So this will optimize financial data reporting, helps customers get insights into P&L, financial risk of stability or inventory analytics that helps with, you know, improve planning and inventory management, utilization, increased efficiencies, you know, so in supply chain. So again, these accelerators really help customers get a jumpstart and move faster with their solutions. >> Peter, this is the easy button we just talked about, getting things going, you know, get the ball rolling, get some acceleration. Big part of this are the three companies coming together doing this. >> Yeah, and to build on what Itamar just said that the SAP data obviously has tremendous value. Those sales orders, distribution data, financial data, bringing that into Snowflake makes it easily accessible, but also it enables it to be combined with other data too, is one of the things that Snowflake does so well. So you can get a full view of the end-to-end process and the business overall. You know, for example, I'll just take one, you know, one example that, that may not come to mind right away, but you know, looking at the impact of weather conditions on supply chain logistics is relevant and material and have interest to our customers. How do you bring those different data sets together in an easy way, bringing the data out of SAP, bringing maybe other data out of other systems through Qlik or through Snowflake, directly bringing data in from our data marketplace and bring that all together to make it work. You know, fundamentally organizational silos and the data fragmentation exist otherwise make it really difficult to drive modern analytics projects. And that in turn limits the value that our customers are getting from SAP data and these other data sets. We want to enable that and unleash. >> Yeah, time for value. This is great stuff. Itamar final question, you know, what are customers using this? What do you have? I'm sure you have customers examples already using the solution. Can you share kind of what these examples look like in the use cases and the value? >> Oh yeah, absolutely. Thank you. Happy to. We have customers across different, different sectors. You see manufacturing, retail, energy, oil and gas, CPG. So again, customers in those segments, typically sectors typically have SAP. So we have customers in all of them. A great example is like Siemens Energy. Siemens Energy is a global provider of gas par services. You know, over what, 28 billion, 30 billion in revenue. 90,000 employees. They operate globally in over 90 countries. So they've used SAP HANA as a core system, so it's running on premises, multiple locations around the world. And what they were looking for is a way to bring all these data together so they can innovate with it. And the thing is, Peter mentioned earlier, not just the SAP data, but also bring other data from other systems to bring it together for more value. That includes finance data, these logistics data, these customer CRM data. So they bring data from over 20 different SAP systems. Okay, with Qlik data integration, feeding that into Snowflake in under 20 minutes, 24/7, 365, you know, days a year. Okay, they get data from over 20,000 tables, you know, over million, hundreds of millions of records daily going in. So it is a great example of the type of scale, scalability, agility and speed that they can get to drive these kind of innovation. So that's a great example with Siemens. You know, another one comes to mind is a global manufacturer. Very similar scenario, but you know, they're using it for real-time executive reporting. So it's more like feasibility to the production data as well as for financial analytics. So think, think, think about everything from audit to texts to innovate financial intelligence because all the data's coming from SAP. >> It's a great time to be in the data business again. It keeps getting better and better. There's more data coming. It's not stopping, you know, it's growing so fast, it keeps coming. Every year, it's the same story, Peter. It's like, doesn't stop coming. As we wrap up here, let's just get customers some information on how to get started. I mean, obviously you're starting to see the accelerators, it's a great program there. What a great partnership between the two companies and AWS. How can customers get started to learn about the solution and take advantage of it, getting more out of their SAP data, Peter? >> Yeah, I think the first place to go to is talk to Snowflake, talk to AWS, talk to our account executives that are assigned to your account. Reach out to them and they will be able to educate you on the solution. We have packages up very nicely and can be deployed very, very quickly. >> Well gentlemen, thank you so much for coming on. Appreciate the conversation. Great overview of the partnership between, you know, Snowflake and Qlik and AWS on a joint solution. You know, getting more out of the SAP data. It's really kind of a key, key solution, bringing SAP data to life. Thanks for coming on theCUBE. Appreciate it. >> Thank you. >> Thank you John. >> Okay, this is theCUBE coverage here at RE:Invent 2022. I'm John Furrier, your host of theCUBE. Thanks for watching. (upbeat music)

>>Hey everyone, welcome to this cube conversation. I'm your host Lisa Martin, and I have the pleasure of welcoming back our most prolific guest on the cube in its history, the CMO of Fin Ad, Eric Herzog. Eric, it's great to see you. Welcome back, >>Lisa. It's great to be here. Love being on the cube. I think this might be number 55 or 56. Been doing 'em a long time with the Cube. You guys are great. >>You, you have, and we always recognize you lately with the Hawaiian shirts. It's your brand that's, that's the Eric Hizo brand. We love it. But I like the pin, the infin nut pin on brand. Thank you. >>Yeah. Oh, gotta be on brand. >>Exactly. So talk about the current IT landscape. So much change we've seen in the last couple of years. Specifically, what are some of the big challenges that you are talking with enterprise customers and cloud service providers? About what, what are some of those major things on their minds? >>So there's a couple things. First of all is obviously with the Rocky economy and even before covid, just for storage in particular, CIOs hate storage. I've been doing this now since 1986. I have never, ever, ever met a CIO at any company I've bid with. And I've been with four of the biggest storage companies on this planet. Never met a cio. Used to be a storage guy. So they know they need it, but boy, they really don't like it. So the storage admins have to manage more and more storage. Exabytes, exabytes, it just ballooning for what a storage admin has to do. Then you then have the covid and is it recession? No. Is it a growth? And then clearly what's happened in the last year with what's going on in Europe and the, is it a recession, the inflation. So they're always looking to, how do we cut money on storage yet still get what we need for our applications, workloads, and use cases. So that's definitely the biggest, the first topic. >>So never met a CIO that was a storage admin or as a fan, but as you point out, they need it. And we've seen needs changing in customer landscapes, especially as the threat landscape has changed so dramatically the last couple of years. Ransomware, you've said it before, I say it too. It's no longer if it's when it's how often. It's the frequency. We've gotta be able to recover. Backups are being targeted. Talk to me about some of, in that landscape, some of the evolutions of customer challenges and maybe those CIOs going, We've gotta make sure that our, our storage data is protected. >>So it's starting to change. However, historically with the cio and then when they started hiring CISOs or security directors, whatever they had, depending on the company size, it was very much about protecting the edge. Okay, if you will, the moat and the wall of the castle. Then it was the network in between. So keep the streets inside the castle clean. Then it was tracking down the bad guy. So if they did get over, the issue is, if I remember correctly, the sheriff of Nottingham never really caught Robinhood. So the problem is the dwell time where the ransomware malware's hidden on storage could be as much as 200 days. So I think they're starting to realize at the security level now, forget, forget the guys on the storage side, the security guys, the cso, the CIO, are starting to realize that if you're gonna have a comprehensive cybersecurity strategy, must include storage. And that is new >>That, well, that's promising then. That's new. I mean obviously promising given the, the challenges and the circumstances. So then from a storage perspective, customers that are in this multi-cloud hybrid cloud environment, you talked about the the edge cloud on-prem. What are some of the key things from a storage perspective that customers have to achieve these days to be secure as data volumes continue to grow and spread? >>So what we've done is implement on both primary storage and secondary storage and technology called infin safe. So Infin Safe has the four legs of the storage cyber security stool. So first of all is creating an air gap. In this case, a logical air gap can be local or remote. We create an immutable snapshot, which means it can't be changed, it can't be altered, so you can't change it. We have a fenced forensic environment to check out the storage because you don't wanna recover. Again, malware and rans square can is hidden. So you could be making amenable snapshots of actually malware, ransomware, and never know you're doing it right. So you have to check it out. Then you need to do a rapid recovery. The most important thing if you have an attack is how fast can you be up and going with recovery? So we have actually instituted now a number of cyber storage security guarantees. >>We will guarantee the SLAs on a, the snapshot is absolutely immutable. So they know that what they're getting is what they were supposed to be getting. And then also we are guaranteeing recovery times on primary storage. We're guaranteeing recovery of under one minute. We'll make the snapshot available under one minute and on secondary storage under 20 minutes. So those are things you gotta look for from a security perspective. And then the other thing you gotta practice, in my world, ransomware, malware, cyber tech is basically a disaster. So yes, you got the hurricane, yes, you got the flood, yes, you got the earthquake. Yes, you got the fire in the building. Yes you got whatever it may be. But if you don't practice malware, ransomware, recoveries and protection, then it might as well be a hurricane or earthquake. It will take your data, >>It will take your data on the numbers of customers that pay ransom is pretty high, isn't it? And and not necessarily able to recover their data. So it's a huge risk. >>So if you think about it, the government documented that last year, roughly $6 trillion was spent either protecting against ransomware and malware or paying ransomware attacks. And there's been several famous ones. There was one in Korea, 72 million ransom. It was one of the Korea's largest companies. So, and those are only the ones that make the news. Most of 'em don't make the news. Right. >>So talk to me then, speaking and making the news. Nobody wants to do that. We, we know every industry is vulnerable to this. Some of the ones that might be more vulnerable, healthcare, government, public sector education. I think the Los Angeles Unified School district was just hit as well in September. They >>Were >>What, talk to me about how infin out is helping customers really dial down the risk when the threat actors are becoming more and more sophisticated? >>Well, there's a couple things. First of all, our infin safe software comes free on our main product. So we have a product called infin Guard for Secondary Storage and it comes for free on that. And then our primary storage product's called the Infin Box. It also comes for free. So they don't have to use it, but we embed it. And then we have reference architectures that we give them our ses, our solutions architects and our technical advisors all up to speed on why they should do it, how they should do it. We have a number of customers doing it. You know, we're heavily concentrated the global Fortune 2000, for example, we publicly announced that 26% of the Fortune 50 use our technology, even though we're a small company. So we go to extra lengths to a B, educated on our own front, our own teams, and then B, make sure they portray that to the end users and our channel partners. But the end users don't pay a dime for the software that does what I just described, it's free, it's included when you get you're Infin box or you're ingar, it's included at no charge. >>That's pretty differentiating from a competitive standpoint. I might, I would guess >>It is. And also the guarantee. So for example, on primary storage, okay, whether you'd put your Oracle or put your SAP or I Mongo or your sequel or your highly transactional workloads, right? Your business finance workload, all your business critical stuff. We are the first and only storage company that offers a primary guarantee on cyber storage resilience. And we offer two of them on primary storage. No other vendor offers a guarantee, which we do on primary storage. Whether you the first and right now as of here we are sitting in the middle of October. We are still the only vendor that offers anything on primary storage from a guaranteed SLA on primary storage for cyber storage resilience. >>Let's talk about those guarantees. Walk me through what you just announced. There's been a a very, a lot of productivity at Infin DAT in 2022. A lot of things that you've announced but on crack some of the things you're announcing. Sure. Talk to me specifically about those guarantees and what's in it for me as a customer. It sounds pretty obvious, but I'd love to hear it from you. >>Okay, so we've done really three different types of guarantees. The first one is we have a hundred percent availability guarantee on our primary storage. And we've actually had that for the last, since 2019. So it's a hundred percent availability. We're guaranteed no downtime, a hundred percent availability, which for our customer base being heavily concentrated, the global Fortune 2000 large government enterprises, big universities and even smaller companies, we do a lot of business with CSPs and MSPs. In fact, at the Flash Memory Summit are Infin Box ssa All Flash was named the best product for hyperscaler deployment. Hyperscaler basically means cloud servers provider. So they need a hundred percent availability. So we have a guarantee on that. Second guarantee we have is a performance guarantee. We'll do an analysis, we look at all their workloads and then we will guarantee in writing what the performance should be based on which, which of our products they want to buy are Infin Box or Infin Box ssa, which is all flash. >>Then we have the third one is all about cyber resilience. So we have two on our Infin box, our Infin box SSA for primary storage, which is a one the immutability of the snapshot and immediately means you can't erase the data. Right? Camp tamper with it. Second one is on the recovery time, which is under a minute. We just announced in the middle of October that we are doing a similar cyber storage resilience guarantee on our ARD secondary product, which is designed for backup recovery, et cetera. We will also offer the immutably snapshot guarantee and also one on the recoverability of that data in under 20 minutes. In fact, we just did a demo at our live launch earlier this week and we demoed 20 petabytes of Veeam backup data recovered in 12 minutes. 12 >>Minutes 2012. >>20 petabytes In >>12 bytes in 12 minutes. Yes. That's massive. That's massively differentiating. But that's essential for customers cuz you know, in terms of backups and protecting the data, it's all about recovery >>A and once they've had the attack, it's how fast you get back online, right? That that's what happens if they've, if they can't stop the attack, can't stop the threat and it happens. They need to get that back as fast as they can. So we have the speed of recovery on primary stores, the first in the industry and we have speed on the backup software and we'll do the same thing for a backup data set recovery as well. Talk >>To me about the, the what's in it for me, For the cloud service providers, they're obviously the ones that you work with are competing with the hyperscalers. How does the guarantees and the differentiators that Fin out is bringing to market? How do you help those cloud SPS dial up their competitiveness against the big cheeses? >>Well, what we do is we provide that underlying infrastructure. We, first of all, we only sell things that are petabyte in scale. That's like always sell. So for example, on our in fitter guard product, the raw capacity is over four petabytes. And the effective capacity, cuz you do data reduction is over 85 petabytes on our newest announced product, on our primary storage product, we now can do up to 17 petabytes of effective capacity in a single rack. So the value to the service rider is they can save on what slots? Power and floor. A greener data center. Yeah, right. Which by the way is not just about environmentals, but guess what? It also translate into operational expense. >>Exactly. CapEx office, >>With a lot of these very large systems that we offer, you can consolidate multiple products from our competitors. So for example, with one of the competitors, we had a deal that we did last quarter 18 competitive arrays into one of ours. So talk about saving, not just on all of the operational expense, including operational manpower, but actually dramatically on the CapEx. In fact, one of our Fortune 500 customers in the telco space over the last five years have told us on CapEx alone, we've saved them $104 million on CapEx by consolidating smaller technology into our larger systems. And one of the key things we do is everything is automated. So we call it autonomous automation use AI based technology. So once you install it, we've got several public references who said, I haven't touched this thing in three or four years. It automatically configures itself. It automatically adjusts to changes in performance and new apps. When I put in point a new app at it automatically. So in the old days the storage admin would optimize performance for a new application. We don't do that, we automatically do it and autonomously the admin doesn't even click a button. We just sense there's new applications and we automate ourselves and configure ourselves without the admin having to do anything. So that's about saving operational expense as well as operational manpower. >>Absolutely. I was, one of the things that was ringing in my ear was workforce productivity and obviously those storage admins being able to to focus on more strategic projects. Can't believe the CIOs aren't coming around yet. But you said there's, there's a change, there's a wave coming. But if we think about the the, the what's in it for me as a customer, the positive business outcomes that I'm hearing, lower tco, your greener it, which is key. So many customers that we talk to are so focused on sustainability and becoming greener, especially with an on-prem footprint, workforce productivity. Talk about some of the other key business outcomes that you're helping customers achieve and how it helps them to be more competitive. >>Sure. So we've got a, a couple different things. First of all, storage can't go down. When the storage goes down, everyone gets blamed. Mission. When an app goes down, no one really thinks about it. It's always the storage guy's fault. So you want to be a hundred percent available. And that's today's businesses, and I'd actually argue it's been this way for 20 years are 24 by seven by 365. So that's one thing that we deliver. Second thing is performance. So we have public references talk about their SAP workload that used to take two hours, now takes 20 minutes, okay? We have another customer that was doing SAP queries. They improved their performance three times, Not 3%, not 3%, three times. So 300% better performance just by using our storages. They didn't touch the sap, they didn't touch the servers. All they do is to put our storage in there. >>So performance relates basically to applications, workloads and use cases and productivity beyond it. So think the productivity of supply chain guys, logistics guys, the shipping guys, the finance guys, right? All these applications that run today's enterprises. So we can automate all that. And then clearly the cyber threat. Yeah, that is a huge issue. And every CIO is concerned about the cyber threat. And in fact, it was interesting, Fortune magazine did a survey of CEOs, and this was last May, the number one concern, 66% in that may survey was cyber security number one concern. So this is not just a CIO thing, this is a CEO thing and a board level >>Thing. I was gonna say it's at at the board level that the cyber security threats are so real, they're so common. No one wants to be the next headline, like the colonial pipeline, right? Or the school districts or whatnot. And everybody is at risk. So then what you're enabling with what you've just announced, the all the guarantees on the SLAs, the massively fast recovery times, which is critical in cyber recovery. Obviously resilience is is key there. Modern data protection it sounds like to me. How do you define that and and what are customers looking for with respect to modern cyber resilience versus data protection? >>Yeah, so we've got normal data protection because we work with all the backup vendors. Our in ARD is what's known as a purpose built backup appliance. So that allows you to back at a much faster rate. And we work all the big back backup vendors, IBM spectrum Protect, we work with veritas vem com vault, oracle arm, anybody who does backup. So that's more about the regular side, the traditional backup. But the other part of modern data protection is infusing that with the cyber resilience. Cuz cyber resilience is a new thing. Yes, from a storage guy perspective, it hasn't been around a long time. Many of our competitors have almost nothing. One or two of our competitors have a pretty robust, but they don't guarantee it the way we guarantee it. So they're pretty good at it. But the fact that we're willing to put our money where our mouth is, we think says we price stand above and then most of the other guys in the storage industry are just starting to get on the bandwagon of having cyber resilience. >>So that changes what you do from data protection, what would call modern data protection is a combination of traditional backup recovery, et cetera. Now with this influence and this infusion of cybersecurity cyber resilience into a storage environment. And then of course we've also happened to add it on primary storage as well. So whether it's primary storage or backup and archive storage, we make sure you have that right cyber resilience to make it, if you will, modern data protection and diff different from what it, you know, the old backup of your grandfather, father, son backup in tape or however you used to do it. We're well beyond that now we adding this cyber resilience aspect. Well, >>From a cyber resilience perspective, ransomware, malware, cyber attacks are, that's a disaster, right? But traditional disaster recovery tools aren't really built to be able to pull back that data as quickly as it sounds like in Trinidad is able to facilitate. >>Yeah. So one of the things we do is in our reference architectures and written documentation as well as when we do the training, we'd sell the customers you need to practice, if you practice when there's a fire, a flood, a hurricane, an earthquake or whatever is the natural disaster you're practicing that you need to practice malware and ran somewhere. And because our recovery is so rapid and the case of our ingar, our fenced environment to do the testing is actually embedded in it. Several of our competitors, if you want the fenced environment, you have to buy a second product with us. It's all embedded in the one item. So A, that makes it more effective from a CapEx and opex perspective, but it also makes it easier. So we recommend that they do the practice recoveries monthly. Now whether they do it or not separate issue, but at least that's what we're recommending and say, you should be doing this on a monthly basis just like you would practice a disaster, like a hurricane or fire or a flood or an earthquake. Need to be practicing. And I think people are starting to hear it, but they don't still think more about, you know, the flood. Yeah. Or about >>The H, the hurricane. >>Yeah. That's what they think about. They not yet thinking about cybersecurity as really a disaster model. And it is. >>Absolutely. It is. Is is the theme of cyber resilience, as you said, this is a new concept, A lot of folks are talking about it, applying it differently. Is that gonna help dial up those folks just really being much more prepared for that type of cyber disaster? >>Well, we've made it so it's automated. Once you set up the immutable snapshots, it just does its thing. You don't set it and forget it. We create the logical air back. Once you do it, same thing. Set it and forget it. The fence forensic environment, easy to deploy. You do have to just configure it once and then obviously the recovery is almost instantaneous. It's under a minute guaranteed on primary storage and under 20 minutes, like I told you when we did our launch this week, we did 20 petabytes of Veeam backup data in 12 minutes. So that's pretty incredible. That's a lot of data to have recovered in 12 minutes. So the more automated we make it, which is what our real forte is, is this autonomous automation and automating as much as possible and make it easy to configure when you do have to configure. That's what differentiates what we do from our perspective. But overall in the storage industry, it's the recognition finally by the CISOs and the CIOs that, wait a second, maybe storage might be an essential part of my corporate cybersecurity strategy. Yes. Which it has not been historically, >>But you're seeing that change. Yes. >>We're starting to see that change. >>Excellent. So talk to me a little bit before we wrap here about the go to market one. Can folks get their hands on the updates to in kindergar and Finn and Safe and Penta box? >>So all these are available right now. They're available now either through our teams or through our, our channel partners globally. We do about 80% of our business globally through the channel. So whether you talk to us or talk to our channel partners, we're there to help. And again, we put our money where your mouth is with those guarantees, make sure we stand behind our products. >>That's awesome. Eric, thank you so much for joining me on the program. Congratulations on the launch. The the year of productivity just continues for infinit out is basically what I'm hearing. But you're really going in the extra mile for customers to help them ensure that the inevitable cyber attacks, that they, that they're complete storage environment on prem will be protected and more importantly, recoverable Very quickly. We appreciate your insights and your input. >>Great. Absolutely love being on the cube. Thank you very much for having us. Of >>Course. It's great to have you back. We appreciate it. For Eric Herzog, I'm Lisa Martin. You're watching this cube conversation live from Palo Alto.

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

(upbeat music) >> Hello and welcome to theCUBE's presentation of the AWS Startup Showcase. This is season two, episode four of the ongoing series covering the exciting hot startups from the AWS ecosystem. Here we're talking about cybersecurity in this episode. I'm your host, John Furrier here we're excited to have CUBE alumni who's back Snehal Antani who's the CEO and co-founder of Horizon3.ai talking about exploitable weaknesses and vulnerabilities with autonomous pen testing. Snehal, it's great to see you. Thanks for coming back. >> Likewise, John. I think it's been about five years since you and I were on the stage together. And I've missed it, but I'm glad to see you again. >> Well, before we get into the showcase about your new startup, that's extremely successful, amazing margins, great product. You have a unique journey. We talked about this prior to you doing the journey, but you have a great story. You left the startup world to go into the startup, like world of self defense, public defense, NSA. What group did you go to in the public sector became a private partner. >> My background, I'm a software engineer by education and trade. I started my career at IBM. I was a CIO at GE Capital, and I think we met once when I was there and I became the CTO of Splunk. And we spent a lot of time together when I was at Splunk. And at the end of 2017, I decided to take a break from industry and really kind of solve problems that I cared deeply about and solve problems that mattered. So I left industry and joined the US Special Operations Community and spent about four years in US Special Operations, where I grew more personally and professionally than in anything I'd ever done in my career. And exited that time, met my co-founder in special ops. And then as he retired from the air force, we started Horizon3. >> So there's really, I want to bring that up one, 'cause it's fascinating that not a lot of people in Silicon Valley and tech would do that. So thanks for the service. And I know everyone who's out there in the public sector knows that this is a really important time for the tactical edge in our military, a lot of things going on around the world. So thanks for the service and a great journey. But there's a storyline with the company you're running now that you started. I know you get the jacket on there. I noticed get a little military vibe to it. Cybersecurity, I mean, every company's on their own now. They have to build their own militia. There is no government supporting companies anymore. There's no militia. No one's on the shores of our country defending the citizens and the companies, they got to offend for themselves. So every company has to have their own military. >> In many ways, you don't see anti-aircraft rocket launchers on top of the JP Morgan building in New York City because they rely on the government for air defense. But in cyber it's very different. Every company is on their own to defend for themselves. And what's interesting is this blend. If you look at the Ukraine, Russia war, as an example, a thousand companies have decided to withdraw from the Russian economy and those thousand companies we should expect to be in the ire of the Russian government and their proxies at some point. And so it's not just those companies, but their suppliers, their distributors. And it's no longer about cyber attack for extortion through ransomware, but rather cyber attack for punishment and retaliation for leaving. Those companies are on their own to defend themselves. There's no government that is dedicated to supporting them. So yeah, the reality is that cybersecurity, it's the burden of the organization. And also your attack surface has expanded to not just be your footprint, but if an adversary wants to punish you for leaving their economy, they can get, if you're in agriculture, they could disrupt your ability to farm or they could get all your fruit to spoil at the border 'cause they disrupted your distributors and so on. So I think the entire world is going to change over the next 18 to 24 months. And I think this idea of cybersecurity is going to become truly a national problem and a problem that breaks down any corporate barriers that we see in previously. >> What are some of the things that inspired you to start this company? And I loved your approach of thinking about the customer, your customer, as defending themselves in context to threats, really leaning into it, being ready and able to defend. Horizon3 has a lot of that kind of military thinking for the good of the company. What's the motivation? Why this company? Why now? What's the value proposition? >> So there's two parts to why the company and why now. The first part was what my observation, when I left industry realm or my military background is watching "Jack Ryan" and "Tropic Thunder" and I didn't come from the military world. And so when I entered the special operations community, step one was to keep my mouth shut, learn, listen, and really observe and understand what made that community so impressive. And obviously the people and it's not about them being fast runners or great shooters or awesome swimmers, but rather there are learn-it-alls that can solve any problem as a team under pressure, which is the exact culture you want to have in any startup, early stage companies are learn-it-alls that can solve any problem under pressure as a team. So I had this immediate advantage when we started Horizon3, where a third of Horizon3 employees came from that special operations community. So one is this awesome talent. But the second part that, I remember this quote from a special operations commander that said we use live rounds in training because if we used fake rounds or rubber bullets, everyone would act like metal of honor winners. And the whole idea there is you train like you fight, you build that muscle memory for crisis and response and so on upfront. So when you're in the thick of it, you already know how to react. And this aligns to a pain I had in industry. I had no idea I was secure until the bad guy showed up. I had no idea if I was fixing the right vulnerabilities, logging the right data in Splunk, or if my CrowdStrike EDR platform was configured correctly, I had to wait for the bad guys to show up. I didn't know if my people knew how to respond to an incident. So what I wanted to do was proactively verify my security posture, proactively harden my systems. I needed to do that by continuously pen testing myself or continuously testing my security posture. And there just wasn't any way to do that where an IT admin or a network engineer could in three clicks have the power of a 20 year pen testing expert. And that was really what we set out to do, not build a autonomous pen testing platform for security people, build it so that anybody can quickly test their security posture and then use the output to fix problems that truly matter. >> So the value preposition, if I get this right is, there's a lot of companies out there doing pen tests. And I know I hate pen tests. They're like, cause you do DevOps, it changes you got to do another pen test. So it makes sense to do autonomous pen testing. So congratulations on seeing that that's obvious to that, but a lot of other have consulting tied to it. Which seems like you need to train someone and you guys taking a different approach. >> Yeah, we actually, as a company have zero consulting, zero professional services. And the whole idea is that build a true software as a service offering where an intern, in fact, we've got a video of a nine year old that in three clicks can run pen tests against themselves. And because of that, you can wire pen tests into your DevOps tool chain. You can run multiple pen tests today. In fact, I've got customers running 40, 50 pen tests a month against their organization. And that what that does is completely lowers the barrier of entry for being able to verify your posture. If you have consulting on average, when I was a CIO, it was at least a three month lead time to schedule consultants to show up and then they'd show up, they'd embarrass the security team, they'd make everyone look bad, 'cause they're going to get in, leave behind a report. And that report was almost identical to what they found last year because the older that report, the one the date itself gets stale, the context changes and so on. And then eventually you just don't even bother fixing it. Or if you fix a problem, you don't have the skills to verify that has been fixed. So I think that consulting led model was acceptable when you viewed security as a compliance checkbox, where once a year was sufficient to meet your like PCI requirements. But if you're really operating with a wartime mindset and you actually need to harden and secure your environment, you've got to be running pen test regularly against your organization from different perspectives, inside, outside, from the cloud, from work, from home environments and everything in between. >> So for the CISOs out there, for the CSOs and the CXOs, what's the pitch to them because I see your jacket that says Horizon3 AI, trust but verify. But this trust is, but is canceled out, just as verify. What's the product that you guys are offering the service. Describe what it is and why they should look at it. >> Yeah, sure. So one, when I back when I was the CIO, don't tell me we're secure in PowerPoint. Show me we're secure right now. Show me we're secure again tomorrow. And then show me we're secure again next week because my environment is constantly changing and the adversary always has a vote and they're always evolving. And this whole idea of show me we're secure. Don't trust that your security tools are working, verify that they can detect and respond and stifle an attack and then verify tomorrow, verify next week. That's the big mind shift. Now what we do is-- >> John: How do they respond to that by the way? Like they don't believe you at first or what's the story. >> I think, there's actually a very bifurcated response. There are still a decent chunk of CIOs and CSOs that have a security is a compliance checkbox mindset. So my attitude with them is I'm not going to convince you. You believe it's a checkbox. I'll just wait for you to get breached and sell to your replacement, 'cause you'll get fired. And in the meantime, I spend all my energy with those that actually care about proactively securing and hardening their environments. >> That's true. People do get fired. Can you give an example of what you're saying about this environment being ready, proving that you're secure today, tomorrow and a few weeks out. Give me an example. >> Of, yeah, I'll give you actually a customer example. There was a healthcare organization and they had about 5,000 hosts in their environment and they did everything right. They had Fortinet as their EDR platform. They had user behavior analytics in place that they had purchased and tuned. And when they ran a pen test self-service, our product node zero immediately started to discover every host on the network. It then fingerprinted all those hosts and found it was able to get code execution on three machines. So it got code execution, dumped credentials, laterally maneuvered, and became a domain administrator, which in IT, if an attacker becomes a domain admin, they've got keys to the kingdom. So at first the question was, how did the node zero pen test become domain admin? How'd they get code execution, Fortinet should have detected and stopped it. Well, it turned out Fortinet was misconfigured on three boxes out of 5,000. And these guys had no idea and it's just automation that went wrong and so on. And now they would've only known they had misconfigured their EDR platform on three hosts if the attacker had showed up. The second question though was, why didn't they catch the lateral movement? Which all their marketing brochures say they're supposed to catch. And it turned out that that customer purchased the wrong Fortinet modules. One again, they had no idea. They thought they were doing the right thing. So don't trust just installing your tools is good enough. You've got to exercise and verify them. We've got tons of stories from patches that didn't actually apply to being able to find the AWS admin credentials on a local file system. And then using that to log in and take over the cloud. In fact, I gave this talk at Black Hat on war stories from running 10,000 pen tests. And that's just the reality is, you don't know that these tools and processes are working for you until the bad guys have shown. >> The velocities there. You can accelerate through logs, you know from the days you've been there. This is now the threat. Being, I won't say lazy, but just not careful or just not thinking. >> Well, I'll do an example. We have a lot of customers that are Horizon3 customers and Splunk customers. And what you'll see their behavior is, is they'll have Horizon3 up on one screen. And every single attacker command executed with its timestamp is up on that screen. And then look at Splunk and say, hey, we were able to dump vCenter credentials from VMware products at this time on this host, what did Splunk see or what didn't they see? Why were no logs generated? And it turns out that they had some logging blind spots. So what they'll actually do is run us to almost like stimulate the defensive tools and then see what did the tools catch? What did they miss? What are those blind spots and how do they fix it. >> So your price called node zero. You mentioned that. Is that specifically a suite, a tool, a platform. How do people consume and engage with you guys? >> So the way that we work, the whole product is designed to be self-service. So once again, while we have a sales team, the whole intent is you don't need to have to talk to a sales rep to start using the product, you can log in right now, go to Horizon3.ai, you can run a trial log in with your Google ID, your LinkedIn ID, start running pen test against your home or against your network against this organization right now, without talking to anybody. The whole idea is self-service, run a pen test in three clicks and give you the power of that 20 year pen testing expert. And then what'll happen is node zero will execute and then it'll provide to you a full report of here are all of the different paths or attack paths or sequences where we are able to become an admin in your environment. And then for every attack path, here is the path or the kill chain, the proof of exploitation for every step along the way. Here's exactly what you've got to do to fix it. And then once you've fixed it, here's how you verify that you've truly fixed the problem. And this whole aha moment is run us to find problems. You fix them, rerun us to verify that the problem has been fixed. >> Talk about the company, how many people do you have and get some stats? >> Yeah, so we started writing code in January of 2020, right before the pandemic hit. And then about 10 months later at the end of 2020, we launched the first version of the product. We've been in the market for now about two and a half years total from start of the company till present. We've got 130 employees. We've got more customers than we do employees, which is really cool. And instead our customers shift from running one pen test a year to 40, 50 pen test. >> John: And it's full SaaS. >> The whole product is full SaaS. So no consulting, no pro serve. You run as often as you-- >> Who's downloading, who's buying the product. >> What's amazing is, we have customers in almost every section or sector now. So we're not overly rotated towards like healthcare or financial services. We've got state and local education or K through 12 education, state and local government, a number of healthcare companies, financial services, manufacturing. We've got organizations that large enterprises. >> John: Security's diverse. >> It's very diverse. >> I mean, ransomware must be a big driver. I mean, is that something that you're seeing a lot. >> It is. And the thing about ransomware is, if you peel back the outcome of ransomware, which is extortion, at the end of the day, what ransomware organizations or criminals or APTs will do is they'll find out who all your employees are online. They will then figure out if you've got 7,000 employees, all it takes is one of them to have a bad password. And then attackers are going to credential spray to find that one person with a bad password or whose Netflix password that's on the dark web is also their same password to log in here, 'cause most people reuse. And then from there they're going to most likely in your organization, the domain user, when you log in, like you probably have local admin on your laptop. If you're a windows machine and I've got local admin on your laptop, I'm going to be able to dump credentials, get the admin credentials and then start to laterally maneuver. Attackers don't have to hack in using zero days like you see in the movies, often they're logging in with valid user IDs and passwords that they've found and collected from somewhere else. And then they make that, they maneuver by making a low plus a low equal a high. And the other thing in financial services, we spend all of our time fixing critical vulnerabilities, attackers know that. So they've adapted to finding ways to chain together, low priority vulnerabilities and misconfigurations and dangerous defaults to become admin. So while we've over rotated towards just fixing the highs and the criticals attackers have adapted. And once again they have a vote, they're always evolving their tactics. >> And how do you prevent that from happening? >> So we actually apply those same tactics. Rarely do we actually need a CVE to compromise your environment. We will harvest credentials, just like an attacker. We will find misconfigurations and dangerous defaults, just like an attacker. We will combine those together. We'll make use of exploitable vulnerabilities as appropriate and use that to compromise your environment. So the tactics that, in many ways we've built a digital weapon and the tactics we apply are the exact same tactics that are applied by the adversary. >> So you guys basically simulate hacking. >> We actually do the hacking. Simulate means there's a fakeness to it. >> So you guys do hack. >> We actually compromise. >> Like sneakers the movie, those sneakers movie for the old folks like me. >> And in fact that was my inspiration. I've had this idea for over a decade now, which is I want to be able to look at anything that laptop, this Wi-Fi network, gear in hospital or a truck driving by and know, I can figure out how to gain initial access, rip that environment apart and be able to opponent. >> Okay, Chuck, he's not allowed in the studio anymore. (laughs) No, seriously. Some people are exposed. I mean, some companies don't have anything. But there's always passwords or so most people have that argument. Well, there's nothing to protect here. Not a lot of sensitive data. How do you respond to that? Do you see that being kind of putting the head in the sand or? >> Yeah, it's actually, it's less, there's not sensitive data, but more we've installed or applied multifactor authentication, attackers can't get in now. Well MFA only applies or does not apply to lower level protocols. So I can find a user ID password, log in through SMB, which isn't protected by multifactor authentication and still upon your environment. So unfortunately I think as a security industry, we've become very good at giving a false sense of security to organizations. >> John: Compliance drives that behavior. >> Compliance drives that. And what we need. Back to don't tell me we're secure, show me, we've got to, I think, change that to a trust but verify, but get rid of the trust piece of it, just to verify. >> Okay, we got a lot of CISOs and CSOs watching this showcase, looking at the hot startups, what's the message to the executives there. Do they want to become more leaning in more hawkish if you will, to use the military term on security? I mean, I heard one CISO say, security first then compliance 'cause compliance can make you complacent and then you're unsecure at that point. >> I actually say that. I agree. One definitely security is different and more important than being compliant. I think there's another emerging concept, which is I'd rather be defensible than secure. What I mean by that is security is a point in time state. I am secure right now. I may not be secure tomorrow 'cause something's changed. But if I'm defensible, then what I have is that muscle memory to detect, respondent and stifle an attack. And that's what's more important. Can I detect you? How long did it take me to detect you? Can I stifle you from achieving your objective? How long did it take me to stifle you? What did you use to get in to gain access? How long did that sit in my environment? How long did it take me to fix it? So on and so forth. But I think it's being defensible and being able to rapidly adapt to changing tactics by the adversary is more important. >> This is the evolution of how the red line never moved. You got the adversaries in our networks and our banks. Now they hang out and they wait. So everyone thinks they're secure. But when they start getting hacked, they're not really in a position to defend, the alarms go off. Where's the playbook. Team springs into action. I mean, you kind of get the visual there, but this is really the issue being defensible means having your own essentially military for your company. >> Being defensible, I think has two pieces. One is you've got to have this culture and process in place of training like you fight because you want to build that incident response muscle memory ahead of time. You don't want to have to learn how to respond to an incident in the middle of the incident. So that is that proactively verifying your posture and continuous pen testing is critical there. The second part is the actual fundamentals in place so you can detect and stifle as appropriate. And also being able to do that. When you are continuously verifying your posture, you need to verify your entire posture, not just your test systems, which is what most people do. But you have to be able to safely pen test your production systems, your cloud environments, your perimeter. You've got to assume that the bad guys are going to get in, once they're in, what can they do? So don't just say that my perimeter's secure and I'm good to go. It's the soft squishy center that attackers are going to get into. And from there, can you detect them and can you stop them? >> Snehal, take me through the use. You got to be sold on this, I love this topic. Alright, pen test. Is it, what am I buying? Just pen test as a service. You mentioned dark web. Are you actually buying credentials online on behalf of the customer? What is the product? What am I buying if I'm the CISO from Horizon3? What's the service? What's the product, be specific. >> So very specifically and one just principles. The first principle is when I was a buyer, I hated being nickled and dimed buyer vendors, which was, I had to buy 15 different modules in order to achieve an objective. Just give me one line item, make it super easy to buy and don't nickel and dime me. Because I've spent time as a buyer that very much has permeated throughout the company. So there is a single skew from Horizon3. It is an annual subscription based on how big your environment is. And it is inclusive of on-prem internal pen tests, external pen tests, cloud attacks, work from home attacks, our ability to harvest credentials from the dark web and from open source sources. Being able to crack those credentials, compromise. All of that is included as a singles skew. All you get as a CISO is a singles skew, annual subscription, and you can run as many pen tests as you want. Some customers still stick to, maybe one pen test a quarter, but most customers shift when they realize there's no limit, we don't nickel and dime. They can run 10, 20, 30, 40 a month. >> Well, it's not nickel and dime in the sense that, it's more like dollars and hundreds because they know what to expect if it's classic cloud consumption. They kind of know what their environment, can people try it. Let's just say I have a huge environment, I have a cloud, I have an on-premise private cloud. Can I dabble and set parameters around pricing? >> Yes you can. So one is you can dabble and set perimeter around scope, which is like manufacturing does this, do not touch the production line that's on at the moment. We've got a hospital that says every time they run a pen test, any machine that's actually connected to a patient must be excluded. So you can actually set the parameters for what's in scope and what's out of scope up front, most again we're designed to be safe to run against production so you can set the parameters for scope. You can set the parameters for cost if you want. But our recommendation is I'd rather figure out what you can afford and let you test everything in your environment than try to squeeze every penny from you by only making you buy what can afford as a smaller-- >> So the variable ratio, if you will is, how much they spend is the size of their environment and usage. >> Just size of the environment. >> So it could be a big ticket item for a CISO then. >> It could, if you're really large, but for the most part-- >> What's large? >> I mean, if you were Walmart, well, let me back up. What I heard is global 10 companies spend anywhere from 50 to a hundred million dollars a year on security testing. So they're already spending a ton of money, but they're spending it on consultants that show up maybe a couple of times a year. They don't have, humans can't scale to test a million hosts in your environment. And so you're already spending that money, spend a fraction of that and use us and run as much as you want. And that's really what it comes down to. >> John: All right. So what's the response from customers? >> What's really interesting is there are three use cases. The first is that SOC manager that is using us to verify that their security tools are actually working. So their Splunk environment is logging the right data. It's integrating properly with CrowdStrike, it's integrating properly with their active directory services and their password policies. So the SOC manager is using us to verify the effectiveness of their security controls. The second use case is the IT director that is using us to proactively harden their systems. Did they install VMware correctly? Did they install their Cisco gear correctly? Are they patching right? And then the third are for the companies that are lucky to have their own internal pen test and red teams where they use us like a force multiplier. So if you've got 10 people on your red team and you still have a million IPs or hosts in your environment, you still don't have enough people for that coverage. So they'll use us to do recon at scale and attack at scale and let the humans focus on the really juicy hard stuff that humans are successful at. >> Love the product. Again, I'm trying to think about how I engage on the test. Is there pilots? Is there a demo version? >> There's a free trials. So we do 30 day free trials. The output can actually be used to meet your SOC 2 requirements. So in many ways you can just use us to get a free SOC 2 pen test report right now, if you want. Go to the website, log in for a free trial, you can log into your Google ID or your LinkedIn ID, run a pen test against your organization and use that to answer your PCI segmentation test requirements, your SOC 2 requirements, but you will be hooked. You will want to run us more often. And you'll get a Horizon3 tattoo. >> The first hits free as they say in the drug business. >> Yeah. >> I mean, so you're seeing that kind of response then, trial converts. >> It's exactly. In fact, we have a very well defined aha moment, which is you run us to find, you fix, you run us to verify, we have 100% technical win rate when our customers hit a find, fix, verify cycle, then it's about budget and urgency. But 100% technical win rate because of that aha moment, 'cause people realize, holy crap, I don't have to wait six months to verify that my problems have actually been fixed. I can just come in, click, verify, rerun the entire pen test or rerun a very specific part of it on what I just patched my environment. >> Congratulations, great stuff. You're here part of the AWS Startup Showcase. So I have to ask, what's the relationship with AWS, you're on their cloud. What kind of actions going on there? Is there secret sauce on there? What's going on? >> So one is we are AWS customers ourselves, our brains command and control infrastructure. All of our analytics are all running on AWS. It's amazing, when we run a pen test, we are able to use AWS and we'll spin up a virtual private cloud just for that pen test. It's completely ephemeral, it's all Lambda functions and graph analytics and other techniques. When the pen test ends, you can delete, there's a single use Docker container that gets deleted from your environment so you have nothing on-prem to deal with and the entire virtual private cloud tears itself down. So at any given moment, if we're running 50 pen tests or a hundred pen tests, self-service, there's a hundred virtual private clouds being managed in AWS that are spinning up, running and tearing down. It's an absolutely amazing underlying platform for us to make use of. Two is that many customers that have hybrid environments. So they've got a cloud infrastructure, an Office 365 infrastructure and an on-prem infrastructure. We are a single attack platform that can test all of that together. No one else can do it. And so the AWS customers that are especially AWS hybrid customers are the ones that we do really well targeting. >> Got it. And that's awesome. And that's the benefit of cloud? >> Absolutely. And the AWS marketplace. What's absolutely amazing is the competitive advantage being part of the marketplace has for us, because the simple thing is my customers, if they already have dedicated cloud spend, they can use their approved cloud spend to pay for Horizon3 through the marketplace. So you don't have to, if you already have that budget dedicated, you can use that through the marketplace. The other is you've already got the vendor processes in place, you can purchase through your existing AWS account. So what I love about the AWS company is one, the infrastructure we use for our own pen test, two, the marketplace, and then three, the customers that span that hybrid cloud environment. That's right in our strike zone. >> Awesome. Well, congratulations. And thanks for being part of the showcase and I'm sure your product is going to do very, very well. It's very built for what people want. Self-service get in, get the value quickly. >> No agents to install, no consultants to hire. safe to run against production. It's what I wanted. >> Great to see you and congratulations and what a great story. And we're going to keep following you. Thanks for coming on. >> Snehal: Phenomenal. Thank you, John. >> This is the AWS Startup Showcase. I'm John John Furrier, your host. This is season two, episode four on cybersecurity. Thanks for watching. (upbeat music)

>>Welcome back everyone to the cubes coverage of VM wear Explorer, 2022 formerly VM world. The Cube's 12th year covering the annual conference. I'm Jennifer Daveon. We got Jason Bloomberg here. Who's a Silicon angle contributor guest author, president of inte analyst firm. Great to see you, Jason. Thanks for coming on the queue. >>Yeah, it's great to be here. Thanks a lot. >>And thanks for contributing to Silicon angle. We really appreciate your articles and, and so does the audience, so thanks for that. >>Very good. We're happy >>To help. All right. So I gotta ask you, okay. We've been here on the desk. We haven't had a chance to really scour the landscape here at Moscone. What's going, what's your take on what's going on with VMware Explorer, not world. Yeah. Gotta see the name change. You got the overhang of the, the cloud Broadcom, which from us, it seems like it's energized people like, like shocked to the system something's gonna happen. What's your take. >>Yeah, something's definitely going to happen. Well, I've been struggling with VMware's messaging, you know, how they're messaging to the market. They seem to be downplaying cloud native computing in favor of multi-cloud, which is really quite different from the Tansu centric messaging from a year or two ago. So Tansu is still obviously part of the story, but it's really, they're relegating the cloud native story to an architectural pattern, which it is, but I believe it's much more than that. It's really more of a paradigm shift in how organizations implement it. Broadly speaking, where virtualization is part of the cloud native story, but VMware is making cloud native part of the virtualization story. Do so >>Do you think that's the, the mischaracterization of cloud native or a bad strategy or both? >>Well, I think they're missing an opportunity, right? I think they're missing an opportunity to be a cloud native leader. They're well positioned to do that with Tansu and where the technology was going and the technology is still there. Right? It's not that that >>They're just downplaying it. >>They're just downplaying it. Right. So >>As, as they were security too, they didn't really pump up security at >>All. Yeah. And you know, vSphere is still gonna be based on Kubernetes. So it's, they're going to be cloud native in terms of Kubernetes support across their product line. Anyway. So, but they're, they're really focusing on multi-cloud and betting the farm on multi-cloud and that ties to the change of the name of the conference. Although it's hard to see really how they're connecting the dots. Right. >>It's a bridge you can't cross, you can't see that bridge crossing what you're saying. Yeah. I mean, I thought that was a clever way of saying, oh, we're exploring new frontiers, which is kinda like, we don't really know what it is >>Yet. Yeah. Yeah. I think the, the term Explorer was probably concocted by a committee where, you know, they eliminated all the more interesting names and that was the one that was left. But, you know, Raghu explained that that Explorer is supposed to expand the audience for the conference beyond the VMware customer to this broader multi-cloud audience. But it's hard to say whether you >>Think it worked. Was there people that you recognize here or identified as a new audience? >>I don't think so. Not, not at this show, but over time, they're hoping to have this broader audience now where it's a multi-cloud audience where it's more than just VMware. It's more than just individual clouds, you know, we'll see if that works. >>You heard the cl the cloud chaos. Right. Do you, do you think they're, multi-cloud cross cloud services is a solution looking for a problem or is the problem real? Is there a market there? >>Oh, oh, the cloud chaos. That's a real problem. Right? Multi-cloud is, is a reality. Many organizations are leveraging different clouds for different reasons. And as a result, you have management security, other issues, which lead to this chaos challenge. So the, the problem is real aria. If they can get it up and running and, you know, straightened out, it's gonna be a great solution, but there are other products on the market that are more mature and more well integrated than aria. So they're going to, you know, have to compete, but VMware is very good at that. So, you know, I don't, I don't count the outing. Who >>Do you see as the competition lay out the horses on the track from your perspective? >>Well, you know, there's, there's a lot of different companies. I, I don't wanna mention any particular ones cuz, cuz I don't want to, you know, favor certain ones over others cuz then I get into trouble. But there's a, a lot of companies that >>Okay, I will. So you got a red hat with, you got obvious ones, Cisco, Cisco, I guess is Ashi Corp plays a role? Well, >>Cisco's been talking about this, >>Anybody we missed. >>Well, there's a number of smaller players, including some of the exhibitors at the, at the show that are putting together this, you know, I guess cloud native control plane that covers more than just a single cloud or cover on premises of virtualization as well as multiple clouds. And that's sort of the big challenge, right? This control plane. How do we come up with a way of managing all of this, heterogeneous it in a unified way that meets the business need and allows the technology organization, both it and the application development folks to move quickly and to do what they need to do to meet business needs. Right? So difficult for large organizations to get out of their own way and achieve that, you know, level of speed and scalability that, that, that technology promises. But they're organizationally challenged to, >>To accomplish. I think I've always looked at multi-cloud as a reality. I do see that as a situational analysis on the landscape. Yeah, I got Azure because I got Microsoft in my enterprise and they converted everything to the cloud. And so I didn't really change that. I got Amazon cause that's from almost my action is, and I gotta use Google cloud for some AI stuff. Right. All good. Right. I mean that's not really spanning anything. There's no ring. It's not really, it's like point solutions within the ecosystem, but it's interesting to see how people are globbing onto multi-cloud because to me it feels like a broken strategy trying to get straightened out. Right. Like, you know, multi-cloud groping from multi-cloud it feels that way. And, and that makes a lot of sense cuz if you're not on the right side of this historic shift right now, you're gonna be dead. >>So which side of the street do you wanna be on? I think it's becoming clear. I think the good news is this year. It's like, if you're on this side of the street, you're gonna be, be alive. Yeah. And this side of the street, not so much. So, you know, that's cloud native obviously hybrid steady state mul how multi-cloud shakes out. I don't think the market's ready personally in terms of true multi-cloud I think it's, it's an opportunity to have the conversation. That's why we're having the super cloud narrative. Cause it's a lit more attention getting, but it focuses on, it has to do something specific. Right? It can't be vaporware. The market won't tolerate vaporware and the new cloud architecture, at least that's my opinion. What's your reaction? Yeah. >>Well the, well you're quite right that a lot of the multiple cloud scenarios involve, you know, picking and choosing the various capabilities each of the cloud provider pro offers. Right? So you want TensorFlow, you have a little bit of Google and you want Amazon for something, but then Amazon's too expensive for something else. So you go with a Azure for that or you have Microsoft 365 as well as Amazon. Right? So you're, that's sort of a multi-cloud right there. But I think the more strategic question is organizations who are combining clouds for more architectural reasons. So for example, you know, back backup or failover or data sovereignty issues, right, where you, you can go into a single cloud and say, well, I want, you know, different data and different regions, but they may a, a particular cloud might not have all the answers for you. So you may say, okay, well I want, I may one of the big clouds or there's specialty cloud providers that focus on data sovereignty solutions for particular markets. And, and that might be part of the mix, right? Isn't necessarily all the big clouds. >>I think that's an interesting observation. Cause when you look at, you know, hybrid, right. When you really dig into a lot of the hybrid was Dr. Right? Yeah. Well, we got, we're gonna use the cloud for backup. And that, and that, what you're saying is multi-cloud could be sort of a similar dynamic, >>The low-head fruit, >>Which is fine, which is not that interesting. >>It's the low hanging fruit though. It's the easy, it's that risk free? I won't say risk free, but it's the easiest way not to get killed, >>But there's a translate into just sort of more interesting and lucrative and monetizable opportunities. You know, it's kind of a big leap to go from Dr. To actually building new applications that cross clouds and delivering new monetization value on top of data and you know, this nerve. >>Yeah. Whether that would be the best way to build such applications, the jury's still out. Why would you actually want to do well? >>I was gonna ask you, is there an advantage? We talked to Mariana, Tess, who's, you know, she's CTO of into it now of course, into it's a, you know, different kind of application, but she's like, yeah, we kinda looked hard at that multiple cloud thing. We found it too complex. And so we just picked one cloud, you know, in, for kind of the same thing. So, you know, is there an advantage now, the one advantage John, you pointed this out is if I run on Microsoft, I'll make more money. If I run on Amazon and you know, they'll, they'll help me sell. So, so that's a business justification, but is there a technical reason to do it? You know, global presence, there >>Could be technical reason not to do it either too. So >>There's more because of complexity. >>You mean? Well, and or technical debt on some services might not be there at this point. I mean the puzzle pieces gotta be there, assume that all clouds have have the pieces. Right. Then it's a matter of composability. I think E AJ who came on AJ Patel who runs modern applications development would agree with your assessment of cloud native being probably the driving front car on this messaging, because that's the issue like once you have the, everything there, then you're composing, it's the orchestra model, Dave. It's like, okay, we got everything here. How do I stitch it together? Not so much coding, writing code, cuz you got everything in building blocks and patterns and, and recipes. >>Yeah. And that's really what VMware has in mind when they talk about multi-cloud right? From VMware's perspective, you can put their virtual machine technology in any cloud. So if you, if you do that and you put it in multiple clouds, then you have, you know, this common, familiar environment, right. It's VMware everywhere. Doesn't really matter which cloud it's in because you get all the goodness that VMware has and you have the expertise on staff. And so now you have, you know, the workload portability across clouds, which can give you added benefits. But one of the straw men of this argument is that price arbitrage, right. I'm gonna, you know, put workloads in Amazon if it's cheaper. But if then if Amazon, you know, Azure has a different pricing structure for something I'm doing, then maybe I'll, I'll move a workload over there to get better pricing. That's difficult to implement in practice. Right. That's so that's that while people like to talk about that, yeah. I'm gonna optimize my cost by moving workloads across clouds, the practicalities at this point, make it difficult. Yeah. But with, if you have VMware, any your clouds, it may be more straightforward, but you still might not do it in order to save money on a particular cloud bill. >>It still, people don't want data. They really, really don't want to move >>Data. This audience does not want do it. I mean, if you look at the evolution, this customer base, even their, their affinity towards cloud native that's years in the making just to good put it perspective. Yeah. So I like how VMware's reality is on crawl, walk, run their clients, no matter what they want 'em to do, you can't make 'em run. And when they're still in diapers right. Or instill in the crib. Right. So you gotta get the customers in a mode of saying, I can see how VMware could operate that. I know and know how to run in an environment because the people who come through this show, they're like teams, it's like an offsite meeting, meets a conference and it's institutionalized for 15 plus years of main enterprise workload management. So I like, that's just not going away. So okay. Given that, how do you connect to the next thing? >>Well, I think the, the missing piece of the puzzle is, is the edge, right? Because it's not just about connecting one hyperscaler to another hyperscaler or even to on-premises or a private cloud, it's also the edge, the edge computing and the edge computing data center requirements. Right. Because you have, you could have an edge data center in a, a phone tower or a point of presence, a telco point of presence, which are those nondescript buildings, every town has. Right? Yeah, yeah. Yeah. And you know, we have that >>Little colo that no one knows about, >>Right, exactly. That, you know, used to be your DSL end point. And now it's just a mini data center for the cloud, or it could be the, you know, the factory computer room or computer room in a retailer. You know, every retailer has that computer room in the modern retails target home Depot. They will have thousands of these little mini cloud data centers they're handling their, their point of sale systems, their, you know, local wifi and all these other local systems. That's, that's where the interesting part of this cloud story is going because that is inherently heterogeneous inherently mixed in terms of the hardware requirements, the software requirements and how you're going to build applications to support that, including AI based applications, which are sort of the, one of the areas of major innovation today is how are we going to do AI on the edge and why would we do it? And there's huge, huge opportunity to >>Well, real time referencing at the edge. Exactly. Absolutely. With all the data. My, my question is, is, is, is the cloud gonna be part of that? Or is the edge gonna actually bring new architectures and new economics that completely disrupt the, the economics that we've known in the cloud and in the data center? >>Well, this for hardware matters. If form factor matters, you can put a data center, the size of four, you know, four U boxes and then you're done >>Nice. I, >>I think it's a semantic question. It's something for the marketers to come up with the right jargon for is yeah. Is the edge part of the cloud, is the cloud part of the edge? Are we gonna come up with a new term, super cloud HyperCloud? >>Yeah. >>Wonder woman cloud, who knows? Yeah. But what, what >>Covers everything, but what might not be semantic is the, I, I come back to the Silicon that inside the, you know, apple max, the M one M two M two ultras, the, what Tesla's doing with NPUs, what you're seeing, you know, in, in, in arm based innovations could completely change the economics of computing, the security model. >>As we say, with the AJ >>Power consumption, >>Cloud's the hardware middleware. And then you got the application is the business everything's completely technology. The business is the app. I >>Mean we're 15 years into the cloud. You know, it's like every 15 years something gets blown up. >>We have two minutes left Jason. So I want to get into what you're working on for when your firm, you had a great, great traction, great practice over there. But before that, what's the, what's your scorecard on the event? How would you, what, what would be your constructive analysis? Positive, good, bad, ugly for VMwares team around this event. What'd they get right? What'd they need to work on >>Well as a smaller event, right? So about one third, the size of previous worlds. I mean, it's, it's, it's been a reasonably well run event for a smaller event. I, you know, in terms of the logistics and everything everything's handled well, I think their market messaging, they need to sort of revisit, but in terms of the ecosystem, you know, I think the ecosystem is, is, is, is doing well. You know, met with a number of the exhibitors over the last few days. And I think there's a lot of, a lot of positive things going on there. >>They see a wave coming and that's cloud native in your mind. >>Well, some of them are talking about cloud native. Some of them aren't, it's a variety of different >>Potentially you're talking where they are in this dag are on the hardware. Okay, cool. What's going on with your research? Tell us what you're focused on right now. What are you digging into? What's going on? Well, >>Cloud native, obviously a big part of what we do, but cybersecurity as well, mainframe modernization, believe it or not. It's a hot topic. DevOps continues to be a hot topic. So a variety of different things. And I'll be writing an article for Silicon angle on this conference. So highlights from the show. Great. Focusing on not just the VMware story, but some of the hot spots among the exhibitors. >>And what's your take on the whole crypto defi world. That's emerging. >>It's all a scam hundred >>Percent. All right. We're now back to enterprise. >>Wait a minute. Hold on. >>We're out of time. >>Gotta go. >>We'll make that a virtual, there are >>A lot of scams. >>I'll admit that you gotta, it's a lot of cool stuff. You gotta get through the underbelly that grows the old bolt. >>You hear kit earlier. He's like, yeah. Well, forget about crypto. Let's talk blockchain, but I'm like, no, let's talk crypto. >>Yeah. All good stuff, Jason. Thanks for coming on the cube. Thanks for spending time. I know you've been busy in meetings and thanks for coming back. Yeah. Happy to help. All right. We're wrapping up day two. I'm Jeff David ante cube coverage. Two sets three days live coverage, 12th year covering VMware's user conference called explore now was formerly VM world onto the next level. That's what it's all about. Just the cube signing off for day two. Thanks for watching.

>>The cube presents HPE discover 2022 brought to you by HPE. >>Hey everyone. Welcome to Las Vegas. It's the cube live on the show floor at HPE discover 2022, the first in person discover in three years, there are about 8,000 people here. The keynote was standing room only Lisa Martin here. I got a powerhouse group joining me for this keynote analysis. Dave ante joins us, Keith Townsend, John farrier, guys. Lot of news. It's all about HPE GreenLake. What were some of the things Dave, that stuck out to you? >>Well, I'll tell you right now, I gotta just quote, Antonio OIR said, Neri said four years ago, I declared that the enterprise of the future would be edge centric, cloud enabled and data driven. As a result, we launched HPE GreenLake. It kind of declared victory. Now I would say that what they're talking about and what they announced, I would consider table stakes. You know, I wish it started in 2014. I wish Antonio took over in 2015 instead of 2018, but I have to give credit, he's brought a focus and uh, and a, he think he's amped it up, John. I mean, if he's really prioritizing, uh, the, as a service they're going on in all in they're burning the boats, uh, and it's good. They got a lot of work to do. They >>Got a lot of work to do three years ago, John Antonio stood on this very stage saying we, and by 2022, we're gonna be delivering our entire portfolio as a service here we are with GreenLake. What I wanna get your thoughts on Keith's as well. >>Yeah. Well, first of all, I think that the crowded house was, uh, and a sign of people wanna come back together. So it's, to me, that was the first good news I saw, which was the HP community, their customer base. They're all here. They're glad to be back and forth. So it shows that they, their customer base it's resonating their value proposition of annual recurring revenue as a service plus the contract values with GreenLake are up. So this resonance with the customers, Dave, on the new operating model, that's a great check the box there. Um, I would say that I don't think HP's, as far along as Antonio had hopes, he'd be the pandemic was a setback. Um, but GreenLake is a real shining star. It's, uh, it's producing some green if you will money for them in terms of contracts, but they still got a lot more work to do because they're in a really interesting zone, Dave, because edge the cloud, although relevant and accurate where the, the shift is going, are they really there with, with the goods? And to me, I'm looking forward to seeing this discover if they have it or not. Certainly the messaging's good, but we're gonna UN UN unpeel that onion back and look at it. But >>Keith they're on the curve, right? At least they're on the cloud curve. >>They're absolutely on the curve. They have APIs, they have consistent developer experience. They announced the developer portal. They're developer centric. You can now consume your three par storage array services via a Terraform, uh, provider. They speak the language of cloud practitioners. You might struggle a little bit if I'm a small startup, you know, why would I look towards HPE? They kind of answered that a little bit. They had evil genius as a customer on stage, not a huge organization. A lot of the pushback they've been given is that if I may startup, I can simply go to a AWS portal, launch, a free trial service and run it. HPE kind of buried the lead. They now have, at least they announced preannounced the capability to, to trial GreenLake. So they're moving in the right direction. But you know, it's, it's it's table states. Well, >>Here's the thing. Here's the dynamic day that's going on. This is something that we've got got we're first of we've been covering HPE HP for now 11 years with the cube and look at Amazon's success and look at where Amazon's struggling. If you can say that they're having crossed overs to the enterprise, uh, cuz the enterprises are now just getting up to speed. You're seeing the rise of lack of talent. It certainly changing, uh, cyber security. You can't find talent. Kubernetes, good luck with that. Try to find someone. So you're seeing the enterprise aren't really geared up or staffed up for doing what I call, you know, high end cloud. So the rise of managed services is, is what we're seeing out there right now. You want Kubernetes clusters is a great set of managed services. You want other services? So that's the tell sign that the enterprises H HP's customers are now walking before they can run. They're crawling, they're now they're walking. So it's they have time to get in the Amazon lane in my opinion. Well, you >>Think about the hallmarks of cloud, obviously there's as a service, there's consumption based pricing. There's a developer, you know, friendliness, uh, there's ecosystem, which is really, really important. I think today, a lot of the ecosystem is partners, resellers and managed service providers. And to your point, Keith table stakes are things like single sign on being able to have, you know, a console being able to do it from a, from a URL to your point about startups is really interesting because that's one of the other hallmarks of cloud is you attract startups. And Lisa, we were at the snowflake summit and I asked the same question, can snowflake attract startups with their own super cloud. And what you saw was ecosystem partners developing in the snowflake cloud and monetizing. And that's something that we're waiting to see here. And I, I think they know >>You're suggesting way you suggesting that HP's gonna attract startups. >>Well, >>I, I think that's a sign if they can do that. That's a sign. And, and right now, I mean, you heard the example that Keith Keith gave. Uh, but, but not, not many. >>Yeah. I'm hoping that H I don't think HP is gonna ever attract startups, but I think the opportunity GreenLake affords the ecosystem is build clouds or purpose driven clouds around GreenLake. Mm-hmm <affirmative> whether it's the agreement with Equinix or all the cos and semi clouds, I think GreenLake gets most small CSPs, a leg up or 80% of the way there, where they can add that 20% of the IP and build services around GreenLake. And then that can attract the, the startup >>Or entrepreneurs. So the, the big question is, okay, where are these developers gonna come from? They could come from incumbents inside of companies. You know, the, the, the DevOps crowd from the enterprise, the really ops dev crowd. Right? I mean, yeah, don't you see that as a sort of a form of innovation startup, even though it's not a true startup. >>Yeah. Even though it's not, >>So Todd's making faces over there, we <laugh> >>Look, it, look it, they have >>Listen, if they don't, if they can't >>Do that, no, this is their focus is not startups. I agree with Keith on this one, they have to take care of business, home Depot. They have big customers and they have a lot of SMBs as well. They've got a great channel. H HP's got amazing infrastructure and, and client action going on. They gotta get the operating model, right job one as a service ARR, and then contract value and, and nail that with GreenLake. >>Who's their ideal customer profile. >>Their ideal is their install base. Look what Microsoft did with 365, they were going down. Their stock price was 26. At one point go to the, they went to the cloud 365, moved everything to the cloud and look at the success they're having. HP has the same kind of installed base. They gotta bring them along. They gotta get the operating model, right. And the developers that they're targeting are the ones inside the company and, or manage services that they're gonna go to the ecosystem for. That's where the cloud native comes in. That's where thing kind of comes together. So to me, I'm bullish on the operating model, but I'm skeptical that HP can get that cloud native developer. I haven't seen it yet. I'm looking for it. We're gonna look for it here. >>A key to that is going to be consistently. I, the, one of the things I'm looking for on the tech side, I, I hate to compare what HPE is doing to what VMware did with vCloud error years ago, but vCloud error on the outside looked >>Wonderful. Yes, >>It did. Once you tried to use it, it was just flaky underneath. And that's the part I'm looking to see customers pounding on it and saying, you know what API call after API I call, can I, uh, provision 10,000 pods a day? Does it scale down? Does it scale? And is it consistent? Is it >>Fragile Al roo she's co seasoned veteran? Uh, she was at V VMware cloud. She saw that movie. She gets a Mulligan, Dave. So I think her leadership is impressive. And I think she could bring a lot to the table to your point about don't make that same mistake and they gotta get this architecture, right. If they get the operating model right with GreenLake, they can double down on that and enable the developers that are driving the digital transformation. That to me is the, the key positions that they have to nail. And they do that. The rest is just fringe work. In my opinion, >>The reason why Alma was brought in, sorry, Lisa, it was, and then you gotta chime in here was to really build out that platform so that internal people at HPE can actually build value on top of it and the ecosystem that's her priority. >>We're gonna hear a lot from the ecosystem in the next couple of days, but I wanna get your perspective on, you've been following HPE a long time, all three of you. What are some of the things that you're hearing right now that are differentiators? We were just at Dell technologies. We talking about apex. We saw the big announcement they had with snowflake. We were at snowflake two weeks ago. I wanna get all three of your opinions on what are you seeing? Where is HP leading? >>I mean, HPE and Dell will, both with Dell, with apex are go, they're both gonna differentiate with their strengths. And, you know, for Dell, that's their breadth and their, their portfolio. And for, for HPE, that's their sort of open posture. I mean, John, you, you know this well, uh, that's their, their ecosystem, which I know has to evolve. And to me, their focus, you know, Antonio laid out some of the key differentiators. I, I, I think some of them were kind of, you know, pushing the envelope a little bit. Uh, but, but I think they're focus on as a service burning the, the, the boats telling wall street, this is our business. I think that's their differentiator. Is that they're, they're all in. >>Yeah. I, I think they, they try to highlight it by re announcing their private cloud service. I don't even know why they needed to announce that they have a private cloud. GreenLake is a cloud it's is a private cloud >>With block storage, hit disaster recovery. It's like good >>With like everything you get. But I think the, the key is, is that all of that is available today and you can get it in all kinds of frame of, of formats and, and frames specifically, if I'm a customer and I wanna get outta the data center and you, you know, Dave, we go back and forth about this all the time, and I wanna repatriate some workloads to Kubernetes on prem. I don't need to spend up another data center. I can go to Equinix, get GreenLake min IO, object storage on the back end, HPE lighthouse, all those services that I need for Kubernetes and repatriate my workloads without buying a new data center. And I get it as a service. I can get that Dave from HPE GreenLake, Dell apex is on the way. The >>Other thing they're differentiating with Aruba, that's something that Dell doesn't have. Yeah. And, and that is their edge play, I think is stronger than >>Of the others. Mean the, to me, the differentiator for HP is their, their history. Their channel's amazing. They got great Salesforce and they have serious customers and they have serious customers that have serious problems, uh, cyber security, uh, infrastructure, the security paradigm's changed. Uh, the deployment is changed how they deploy applications in their customer base. So they gotta step up to that challenge. And I think their differentiator is gonna be their size, their field and their ability to bring that operating model. And the hybrid model is a steady state. That's clear multi-cloud is just hybrids stitched together, but hybrid cloud, which is basically on premises and cloud to edge operating model is the number one thing that they need to nail. And if they nail that right, they will have a poll position that they could accelerate on. And again, I'm really gonna be watching how well they could enable cloud native developers, okay. To build modern agile applications while solving those serious problems with those serious customers. So again, I think hybrids spun in their direction. I'm not gonna say they got lucky, cuz they've always been on the hybrid bandwagon since we've been covering them. But I thought they'd be for a long day, but they're lucky to have hybrid. That's good for them. And I think do what Microsoft did convert their customers over and they do that, right? >>I think the key to that is gonna be ecosystem. Again, the developers need to see, especially the data piece, they talk about the cloud operating model. I think they're really moving that direction. The data piece to me is the weakest. Like they'll, they'll make claims that we can do anything that the cloud can do. You can't run snowflake, can't run data bricks, can't run Mongo Atlas. So they gotta figure out that data layer and that's optionality of, of data stores. And they don't have that today. >>Yeah. They, they, they have an announcement coming and I can't pre-announce it, but they're, they've, I've deemed them against it. They have the vision, Emeral data services, their data fabric multi-protocol access is a great start. They need the data network behind it. They need the ability to build a super cloud, a across multiple cloud providers, bringing some Google infos love inside of, uh, right next to your data. They have the hardware, they have the infrastructure, but they don't have the services. >>That's a key thing. I think one, you just brought up great point, Keith, and that is, is that at the end of the day, Dave, we're in a market now where agility and speed can be accomplished by startups or any company and HP's customers. Okay. Can move fast too. Okay. And so whoever can extend that value. If HPE can enable value creation for their customers, that's gonna be truly their, their task at hand, they got the channel, they got some leverage, but at the end of the day, the customers have alternatives now and they can move faster to get the value that they need to solve their serious problems. Uh, like cyber, like scalable infrastructure, like infrastructures code, like data ops, like AI ops, it's all here. And it's all coming really fast. Can GreenLake carry the day. And >>By the way, everything we just said about GreenLake in terms of table stakes and everything else, it applies for Dell. >>Yeah, absolutely. >>No question. It does guys. We have, and jam packed three days. We're gonna be talking with the ecosystem. We're gonna be talking with HPE leaders with customers. You're gonna hear all of these, uh, all this information unpacked over the next three days. We will be right back with our first guest for Dave ante, Keith Townson and John furrier. I'm Lisa Martin. Our first guest joins us momentarily.

(upbeat music) >> We're back at the ARIA in Las Vegas you're watching theCUBE's coverage of Veeamon 2022 live in person, but there's a big hybrid event going on. Close to 40,000 people watching online. This is the CEO segment. The newly minted CEO Anand Eswaran is here. And it's great to see you. Thanks for coming on. First time on theCUBE. >> Yeah, first time on theCUBE, excited to be here. Newly minted, those words, I haven't heard those for a long time. But thank you for the warm introduction, Dave. >> So why Veeam? What did you see that attracted you to Veeam? You have a great career, awesome resume. Why Veeam? >> A lot of different things. You know, it started with when I spent a good bit of time... I spent months with, you know, Insight, with Bill Largent who is now the chair of the board. And for me a few things, one, it started with the company culture. I absolutely loved... I spent time with our engineering team that it's an innovation-focused culture. It's an engineering-focused culture, which is so critical to any software company. And so that was the first place. And I spent a good bit of time with customers, reading, research, you know, brilliant products, always innovating. You know, even though it's a category you would think is fairly mature. I mean, when Veeam for example, did instant recovery. I mean, that was extreme innovation. And so that was the first thing which was appealing. The second thing was, you know, yes, we've reached a billion, but it still has that, you know, feel of a start up. It still has that feel of a... Jeff Bezos says this best, "A day one culture." Which is super critical, you know, we scale but you don't want to lose your soul and what made you special in the first place. And then you come down to the rest of the stuff, it's an execution machine. You know, it's an absolutely interesting category, especially in the day and the world we live in right now. You know, the proliferation of bad actors, security, backup, recovery, you know, everything you... Ransomware is starting to become you know, a meaningful threat to every company. So many different things coming together. This category is an interesting place. But that's not all, I feel that we are going to see this category evolve and shape very differently. You're going to see adjacencies coming and you're going to see in a couple of years or three years you're not going to just look at this and say, "Hey, it's backup and recovery." And so it's an opportunity to shape what is going to be a very important inflection point in this whole space. So a whole bunch of things. Excited about it. >> So flip question, why Anand? What did Insight see and the board see? What do you see as your key skills that they wanted here? Go after that opportunity- >> You should also get insight on this man. And you should ask them this question. I know Peter and Sokolov (laughs) >> So, you know, I don't know... I'll tell you where I think there's relevant experience is if I look at the future of Veeam. I think the first thing is we've got to think through what the next evolution of Veeam is. You know, there's a ton of work to do even in the path we are on, on data protection. And the team is absolutely brilliant at that. But how do you start to think ahead? How do you think about data management? How do you think about, you know, where are the adjacencies and how does it... How do you shape and reshape the category? You know, and I have some experiences in that. As I look at growth, Veeam has done a phenomenal job you know, 35,000 partners, an execution machine. I mean, just last year we grew ARR, you know, 27% we are sustaining that growth. But as I look ahead, you know there's huge opportunities to further accelerate our share in the enterprise to actually go work with creating multiple layers of partnerships beyond the very successful partnerships we already have. You know, how do you start to get GSIs in the mix? How do you start to get MSPs in the mix? How do you start to actually get to being a core part of the portfolio and platform of our primary storage partners, HPE, Pure Storage and so on. So reinvigorating and creating a multidimensional partnership strategy is key as well. And then just my experience in, you know I ran the enterprise for Microsoft and so those sort of experiences sort of are very relevant to our next step of the journey as well. And finally, you know I think the one thing which matters most for me and yeah, you realize... Again, I think we've forgotten what it means to have a microphone on. But culture, you know, I spent a lot of time in every company I've worked in, in contributing to the culture of what shapes and you know how do you create a purpose-led company and how do you get on that path? Which is a very, very important conversation inside Veeam. you know, and we already do that... You know, there's a huge focus on purpose. There's a huge focus on diversity. There's a huge focus on inclusion, but you know, the cultural aspect of Veeam attracted me to it. And I think my work and my passion for it attracted me to Veeam as well. So just a few of those things. >> Yeah, you speak from the heart, you can sense that. Dave and I were talking with Zias about platform versus product. Now you've got some experience with platforms, obviously, Microsoft, you know the amazing platform. RingCentral Zias brought up. And then I brought up HP, which actually never could figure out its software platform. So you've seen some successes. You've seen some, you know, couldn't ever get there. Do you see Veeam as a platform company? >> You know, the way I look at it is this. I mean, I may actually not answer your question directly but I'll answer the question. >> Dave: Okay. >> Which is, if you look at the biggest successes in the industry, call it Microsoft, Adobe now- >> Dave: Sure. >> Salesforce, eventually the path from a high growth startup to scale is platform and partners. That is the key. >> Dave: Ecosystem- >> So yeah. Platform and the ecosystem. So it all comes together. And so, yes, I mean, I think we already do that. I mean, we have a singular platform today for the multiple workloads we protect from, you know physical to cloud, to Kubernetes to the hybrid architectures the ability to actually, you know restore your data into any cloud, you know, back up from AWS restore into Azure or a physical data center. So we already have a robust platform in place but the scale or the growth from where we are a billion to the next set of milestones 2, 3, 5, 10 is going to be an absolute maturity and amp of platform partnerships ecosystem. >> That's a high wire act. When you talk about platform and scaling, you know, think about moving forward, when you have pressure to grow, often the easiest thing to grow is to acquire and add adjacencies that might not be as core to your core value proposition as they could be. How do you navigate that as you move forward in a world where... Look, Veeam was founded in an age when it was all about meantime between failure, recovery point, recovery time objectives. Now the big concern is malicious actors. So Veeam has been able to navigate that transition very well so far, but how do you do that? How do you balance that moving forward? This idea of platform is a desirous state to be in but you don't want to be a fake platform where you just glue a bunch of things on. >> It all comes down to thinking through where we see the world going from this point in time. How do you see technology evolving? How do you see the outside's, you know influences evolving. And when I say influences, it's, you know, just a euphemism for all the bad actors we expect to see getting even more active. So, you know, the way I think about it is either platform or acquisitions are not things you do piecemeal or point in time. It all needs to accrue to a larger strategy of how you create the ability for all of your customers to own protect, secure, you know their data and eventually create intelligence from it so that they can actually be proactive about it. So that, you know, if that's the thing, you know, our ambition is starting to become how do we sort of secure the world's data and help companies create intelligence from it so they can be proactive about it? You know, everything else sort of accrues from there the platform we evolve from the platform we already have, you know, stems from it. The acquisitions we may do, will do evolves from it. It all are... You know, its pieces coming together to the overall puzzle framework we've already created. >> Yeah. I have so many questions for you. And I want to get into a little bit of your philosophy, but before we do it, I want touch on the TAM a little bit more. You mentioned in the analyst discussion this morning that the market's fragmented. A lot of people think, "Oh, backup, storage, we'll just put it together. You know, Dell now or EMC brought it all together." But they're just dramatically different markets. You're seeing some of your competitors. One in particular is now kind of pivoting to security. It's an adjacency, but it's, yeah, I'm not sure you want to walk into that mess but it's clearly part of a data protection strategy. And you said you want your... My words, legacy to be a significant increase in market share, dominant position in the market. Even if it's number two, whatever, number one's nice, great. But much larger share than what is your 10, 12% today. How do you think about the TAM? It's so undercounted, I think. You know, we used to look at purpose built backup appliances, "Oh, it's a couple billion dollar market and it's a ceiling there." It reminds me of service management with ServiceNow. It's virtually unlimited TAM because it's data. How do you look at the TAM? >> How much time do you have? >> I know, I got so many questions- >> But I'll tell you this, right? You got to piece this question very carefully because I'll look at it in a variety of different ways. Number one, if you do nothing, if you just do nothing. I mean, today, as I shared in IDCs latest report last week we were joined number one, you know, for the first time we actually got- >> Dave: Yeah. Congratulations. That's a big milestone. >> That's huge, that's exciting. >> Dave: And that's revenue by the way. That's not licenses- >> Yeah. That's in share. But the thing is this, right? If, if you look at share, we are at 12%, you know as is the... You know, so 12% is not representative of how I think about number one. When you look at a market with a clear winner you expect to see 40 to 60% market share. So doing nothing is an opportunity to actually continue the path we are on which is taking share from every one of the top five significantly and growing as fast as we are. I mean, we are going to be on a path to, you know doubling our market share in the next two to three years. So there's share to gain doing nothing. And this is... You know what? This is the first and the most simplest aspect of TAM. Now layer in other aspects of TAM but just still stay in data protection. You know, talk about every single SaaS workload coming on. I mean, I shared 270 million Teams' users right now monthly actives. The TAM, if you were able to secure every one of those Teams' users and protect the data, I mean that's close to 6 or $7 billion. It's not factored in into any of the TAM numbers you see right now. Gartner talked about 13. You know, others talked about TAM being 40. I mean, but SaaS workloads, you know each of them are not factored in as much as it could be right now. So, you know, we are bringing in Salesforce, Microsoft 365. We secure 11 million paid users with Microsoft 365 backup. And so add all of them on, execute. We see a path to taking share and getting from here 12 to 25 to 40 and being an outsize number one. And then you'd come down to what you said, which is how do you think about adjacencies? Now, at Veeam, yeah, messaging is important, but unlike some of the competitors, we don't use words frivolously. If we say something, data protection, modern data protection, ransomware attacks, we mean it. And there's product truth behind it. We do not use frivolous security words to create a message and get attention and have no product truth behind it. That's where we are. We expect to see adjacencies come up. We expect Veeam to beyond execution and bringing in more SaaS workloads to look at the next layer of data management. We expect us to create partnerships which allow us to go do that meaningfully. And as time goes, you should expect us to be the prime influencer in reshaping this category with other adjacencies coming in. But we talk about it and there's product truth behind it. >> I wanted to get into your philosophy of management a little bit. I went to your LinkedIn recently and I loved the little graphic that you had. But I know a lot of people put up a picture of a pretty lake or mountains. I got theCUBE up there. You had a number of items. I wonder if I could read. You had a rocket ship, which was very cool. You had teamwork, you had innovation. I wrote down ABC, always be closing, Alec Baldwin. But everybody sells, I think is what it was and then keep it simple. >> Anand: Yep. >> I really like that. I mean, people going to... If they're going to evaluate Veeam they're going to go to your LinkedIn page. So tell us where that came from what your philosophy is as a manager. >> Yeah, no. So there's a few things and this is the philosophies which I put on is a meld of what I believe in and what Veeam believes in and has believed in for a long time which is life starts with a customer. For us, everything starts with a customer. You know, even the product creation philosophy 15 years back was, "Hey let's not just create some check marks and create a feature because someone, you know thought it's an important check mark to have." What is the value it creates for the customer? And is it different enough, unique enough, where, you know, it actually creates a moment where the customer sees the value impact their core business. That's where it all starts for us at Veeam. And then everything we do relates back to, "Is this moving the ball enough for our customers and for our partners and for our developers and users?" Everything comes back to there. Are we easy enough to do business with? You know, are we keeping it simple? Simple to use. A product should be really simple. It should be brain dead simple, you know are our processes such that, you know it's easy for us to connect with our partners, connect with our customers, connect with our users, you know it all comes back to keeping it really simple. And then, you know, I come down to a set of personal philosophies, which matters as well, which is, you know, how do we make sure that, you know, we used to say everyone is in sales, but we got to evolve it. Everyone is in customer success because we all know that it's not just the first sale which matters which was true 15 years back, what matters today is, yeah, the sale matters, everybody is there to sell. But what matters even more is the whole company rallies behind the customer's success at every step along the way. Because when you do that, you don't need to sell. You know, you get in through BBR and then we have a world of workloads to actually create value for the customer with, from, you know Microsoft 365 backup or, you know soon to come Salesforce backup cost. And we see that on net retention or, you know... And it's manifested in numbers, right? It's manifested in growth. It's manifested in net retention and it's manifested in NPS. I mean, Dave, I'm hugely excited about that, man. NPS of 80 where we are. I mean, you guys have been around for quite a bit. I mean, that's huge numbers. I mean, that's- >> Apple's- >> Apple was 76 or 77. And so eventually that is what matters more for me because it's... Share is important. And I'm excited about, you know, IDC saying, "You're joint number one." Hugely important, but that is a consequence. Growth is important. 25% ARR growth in Q1, super important but that is a consequence. What really matters is value for your customers. And the number one metric I look at is NPS, you know and NPS at 80, all the other things start to happen pair it with the engineering culture the innovation culture we have, long roadmap ahead. >> Veeam has made some... What appear to be, from the outside anyway, pretty successful acquisitions. Kasten is an obvious one. I remember it wasn't the first time I met Ratmir. It was maybe the third or fourth time we were at like a late night, Peter Bell party this Highland Capital at VMware. And we were walking down Howard Street. I see Ratmir and some of his colleagues, we start chatting. We, you know, got into a good conversation. I'm like, "What about an IPO?" He goes, "We're not doing an IPO. We don't need to do an IPO." And then several years later on theCUBE, he's like, "No, I'd be open to an IPO." And then of course the big acquisition happened. So you've got an opportunity here M and A obviously is a possibility. But what about the IPO in your future? Presumably, that's something Insight wants to do. What can you tell us about that? >> No, it's a great question. I was waiting when you were going to ask me that question. But this is what I would say which is, by the way, Veeam, at today's numbers, I mean, we shared numbers at the end of last year. 1.1 billion in ARR, 1.2 in revenues, 99.99% organic, right? You know, Kasten was the only acquisition we shared how Kasten is a blip at this point in time. And so the philosophy has always been organic. And as I look ahead, this is how I think about it. I think the pace of market change is going to be extreme. And so we will be a lot more open-minded, thinking about acquisitions for complimentary technologies which allow us to expand TAM and think about adjacencies, more to come there. IPO, see the good thing is this, a lot of companies want to enter the public markets to raise money, create liquidity. That's not the primary lens for us. And so the good news is that, you know we are incredibly profitable. We shared, you know, 30% EBITDA, you know, for 2021. So money is not the issue, but we do think that we entering the public markets is a good thing for a variety of other reasons, because when you are public and it comes with the, you know, transparency, which we believe we're already transparent. But it puts the focus on you. And that creates even better growth impetus. Especially as you go work with large enterprise customers they are a lot more amenable and you know and so we feel that it's a strategy of growth not a strategy of liquidity for us, but stay tuned. You know, I fully expect for something like that to happen sometime towards the middle of next year, to the end of next year. >> Yeah, we had a similar conversation with Frank Slootman they obviously were able to raise money. But wow, what a change since the snowflake IPO in terms of just the brand value. And again, so many questions. I thought your keynote was great, by the way. >> Anand: Thank you. I love the focus on, you know, ransomware, of course. I thought the bot jokes were great. Keep 'em coming. I mean, I really did enjoy- >> (laughs) Absolutely. >> It lightens things up. So thanks so much for coming on theCUBE, really appreciate your time. >> Absolutely appreciate it, Dave and Dave. By the way, I mean, it's funny, I mean about, you know, Dave and Dave, Dave and David reminded me of Thompson and Thompson, guess which comic book they're from? >> Thompson and Thompson- >> Thompson and Thompson. I don't know. >> Don't know. >> Tin Tin. >> Oh (laughs). >> (laughs) So you got to go read up. You guys don't look anything like that, but Dave and Dave, was an absolute pleasure. My first theCUBE and look forward to many more to come. >> Love to have you back- >> Absolutely. >> All right. Thank you for watching. >> Thank you. >> Keep it right there. TheCUBE's coverage of Veeamon 2022, 2 days of wall to wall coverage here at the ARIA in Las Vegas, we'll be right back. (upbeat music)

(calm music) >> Okay, welcome back everyone to theCUBE's live coverage here on the floor at Moscone south in San Francisco California for AWS summit, 2022. This is part of their summit conferences, not re:Invent it's kind of like becoming like regional satellite, mini re:Invents, but it's all part of education developers. Of course theCUBE's here. We're going to be at the AWS summit in New York city, only two this year. And this summer check us out. Of course, re:MARS is another event we're going to be going to so check us out there as well. And of course re:Invent at the end of the year and re:Inforce the security conference in Boston. So, Sarbjeet Johal, our next guest here. CUBE alumni, CUBE influencer, influencer in the cloud industry. Sarbjeet great to see you. Thanks for coming on. Oh, by the way, we'll be at Boston re:Inforce, re:Invent in December, re:MARS which is the robotics AI show, and of course the summit here in San Francisco and New York city, the hot areas. >> That's cool. >> Great to see you. >> Good to see you too. >> Okay. I got a lot of data to report. You've been on the floor talking to people. What are you finding out? What's the report? >> The report is actually, I spoke to three people from AWS earlier. As said one higher up guy from the doctor, Casey Tan. He works on French SaaS chips and he gave me a low down on how that thing works. And there's a systolic arrays TPUs, and like a lot of insider stuff >> Like deep Silicon chip stuff. >> Yes. And that they're doing some great stuff there. And of course that works for us at scale and for cloud guys it's all about scale. If you're saving pennies at that scale, you're saving millions and maybe hundreds of millions at some point. Right? So that was one. And I also spoke to the analytics guys and they gave me some low-down on the Glue announcements. How the big data processing is happening at AWS and how they are now giving you the ability where your infrastructure hugs your demand. So you're not wasting any sources. So that was a number one complaint with the Glue from AWS. So that was one. And then I did the DeepRacing race and my timings were like number 78. So. >> You got some work to do. You download your machine learning module. >> No, I will do that and then play with it. Yes. I will train one. >> You like a simulation too? >> Yeah. Yeah. I will do that simulation, yes. >> What else? Anything jump off the page for you. What's the highlight if you could point at something? Did anything pop up at you in this event with AWS? Was there any aha moment or something that just jumps off the page? >> I think it was mainly sort of incremental to be honest with you. And the one thing-- >> Nothing earth shattering >> Nothing earth shattering and that at the summit it's like that, you know, like it but they are doing new announcements of like almost every day with new services. So I would go home and read on that but there are some patterns that we are seeing emerging and there are some folks very active on Twitter. Mark in recent just did very controversial kind of tweet couple of days back. That was, that was hard. >> Was he shit posting again? >> Shit posting. Yeah. He was shit posting actually, according to actually I saw Corey as well on the floor, Corey and Rodrigo. And, and-- >> Did you see Corey's interview with me? We were talking about shit posting 'cause he wrote in this newsletter. Mark and recently Elon Musk, they're all kind of like they're really kind of active on Twitter with a lot of highly intelligent snarkiness. >> They're super intelligent and they know the patterns, they know the economics and technology. Super smart guys and yeah. Who is in control, there was a move from the middle seat and social media kind of side of things where people are controlling the narratives and who controls the narrative. Is it billionaires? Is it government? We see that. >> Well I mean, it's interesting seeing the power. I mean, I call it the revenge of the nerds. You got the billionaires who are looking at the political screw-ups that Facebook and others have done. And by not being clear and it's hard, it's a hard problem to solve. I don't really want to be in their seat. Even Andy Jassy is the CEO of AWS. What is he? I mean, he's dealing with problems that for some people would be their worst part of like they could ever dream of scenario. He's dealing with that at breakfast. And then throughout his day, he's got all kinds of Amazon's so big and Apple and you got Google and you got the fan companies. So, you know, at some point tech is now so part of society, it's not just the nerds from California. It's tech is in everything now. So it's a societal impact. And so there's consequences for stuff. And so you're starting to see this force for good that's come from the sustainability angle. You're going to start to see force for good with technology as it relates to people's lives. And we had Mapbox on the CUBE and they provide all this navigation and Gareth the guy who runs that division, he talks about dark kitchens, dark stores. So just they're re-engineering the supply chain of delivery. So we all been to restaurants and seen people there from picking up food delivery. Why are they going to the retail? So dark kitchens are just basically depots for supplying the 10 menus that everyone orders from. That's a change of a structural change in the industry. So that's jumped out at me, Matt Wood spoke to me about serverless impact to the analytics team. And again, structural changes, technical and culture. Right? So, so you're starting to see to me more and more of the two themes of some technology change, architectural change, system change and culture thinking. And you know, we had a 20 year old guest on here who was first worked at Amazon web services when he was 16. >> Wow. >> Graduated high school early and went into Amazon. He's like, I love tools. So people love tools. Hardware is coming back. Right? So I mean Sarbjeet this is crazy. >> It's crazy. >> What's going on. >> It's crazy actually. Remember the nine year old kid at re:Invent 2019. Karthick was the name if I remember, but I spoke to him and he was crazy. He was AWS certified and kids are playing with this technology in their high schools. >> It's awesome. >> And even in their elementary schools now. >> They can get their hands on it quicker. They don't need to go in full class for a year. They can self-teach, they can do side projects they can launch a side hustle, they can stand up a headless retail outlet, who knows what they can do if you got the Lego blocks. This is what I love about the cloud, you can really show something fast and then abandon it. >> Actually, I think it is all enabled through cloud. Like the accessibility of technology has gone like exponentially, like wildfire. Like once you have access to the cloud just all you need is connection to the internet. After that you have the VMs. and you have the serverless, there's zero cost to you. And things are thrown at you. Somebody who was saying that earlier here like we have said that many times it's like that's how the drug dealer, you know, sell the drug. Like sniff it, it's free, >> First is free. >> So they're doing it. Yes. >> We say that about theCUBE. >> And from the, I see cloud from two different angles, like we all do. And like, I try to sort of force myself to look at it from the both angles. There's the supplier side and the buyer side or the consumer side on the other side. Right? So from the supplier side, it's a race for talent to build it, number one, then number two is race for talent to train them. So we saw the numbers and millions being shown today at the keynote again. And Google is showing those numbers as well. Like how many millions they are training like 25 to 30 million people within next two, three years. It's crazy numbers. >> Sarbjeet I got to say so if I have to look at what jumped off the page for me on this event, was couple things and this is kind of weird nuanced stuff but I'll just try to explain it as best I can. Number one, we're going to see more managed services like DevOps managed services. As DevOps teams grow, talent is a problem. And Kubernetes obviously is growing and got to get that right. It's not easy to be a Kubernetes, you know slinging clusters around with Kubernetes. It's hard. I think that's got to get easier. So I think the path to easy is going to be some sort of abstraction service layer. And I think the smart people are going to have this layer will manage it and then provide that as a service, number one. Number two is this notion of a systems design thinking around elements, whether it's storage or maps for like Mapbox and around these elements they have to have a systematic effect of other things. You can't just, if it changes, it's going to have consequences that's what systems do. So, tooling being built around these elements and they have to have hardened APIs that is clear. People who are trying to be "cloud native" need to get this right. And you have to have the tooling in and around the the element and then have APIs to connect and then glue up. So it's interesting. Clearly those things are happening and multiple conversations, people were teasing that out. And then obviously the super cloud was coming in. >> Is there. >> Mapbox is basically a super cloud. They're like what snowflake is for data analytics. They are for-- >> MongoDB is another one. >> MongoDB's got Atlas. I mean, MongoDB was criticized for years. Doesn't scale. Remember the old lamp stack days, they were preferred. They're document, they nailed it with document. The document aspects of data, but they were always getting criticized. They can't scale. And they just keep scaling. But now with Atlas, they're on AWS. It's just, auto scale. So that's killer for MongoDB. So I think their stock price is undervalued my opinion but you know, I don't give legal advice. >> I think that the whole notion of-- >> Or financial advice. >> The multicloud, right? So for a multicloud to kill that complexity of multicloud, we have to go to the what Dave Vellante and you guys say super cloud, right? Another level of abstraction on top of infrastructure provider by AWS, Google cloud, Azure. So that's where we're going. >> Well, Dave and I debate this right, he bundles multi-cloud in there and most people think that's what he's saying but I'm saying multi-cloud is a reality. I mean, multi-cloud means you're going to have multiple clouds. They're just not you're not sharing workloads across those clouds. It's like not the same workload. That's not going to yet happen. I run Azure because I have 365, that's it. I run Amazon for everything else. That's kind of the use case. But to me, super cloud is building on top of AWS or Azure where you leverage their CapEx and create differentiated value. It's your own cloud without all the CapEx but it's got to be like super integrated and the benefit's got to be so good that it seems like pennies to your point earlier. >> Yeah. >> And the economics to the applications in it are just so obvious and they got to be they got to be so big for the application developer. So that's to me is super cloud. And then of course having the connected tissue to manage the transit around multiple clouds. >> Yeah. I think they have it too. I totally agree with you. But another thing is from having the developer background I think the backward compatibility is a huge issue in cloud. >> Yeah. I agree. >> It's a lot of technical debt being built and I hear that, I'm hearing that more and more. I think that we have to solve as industry as like these three main players have to solve that problem. So that's one big thing, actually. I'm very like after, you know, like to talk about it and all that stuff. So yeah. It's another thing is another pattern actually to all the cloud naysayers out there, right? Is that those are the people who come from the hardware background. So I've seen another pattern out there. So I'm trying to synthesize, who are these people who bash cloud all the time? I'm pro-cloud of course everybody knows that. >> We know you're pro, we're all pro cloud. We're totally biased. We love cloud >> Actually. No, I've seen both sides. I've seen both sides. I've worked at EMC, VMware, I worked at Oracle cloud as well. And then, and before that I have written a lot of software. A software developer is pro-cloud. A typical hardware ops guy or girl, they are pro on-prem or pro hybrid and all that. Like they try to keep it there. >> I think first of all, I have opinion on this. I think, I think you're right. But how hardware is coming back, if you look at how cloud is enabling hardware, it's retro, it's designed for the cloud. So hardware's going to offload, either accelerate stuff and offload stuff from the software guide. So look at DeepRacer it's hardware. Now it's a car. You've got the silicon and the chips. So the chips you're talking about. Those aren't chips for service and the data center. They're just chips to make the software in the cloud run better. >> Sarbjeet: Well scale. >> So scaling. And so I think we're going to see a Renaissance in hardware. It's going to look different. It's going to act different. So we're watching this. I mean, you brought up the idea of having a CUBE hardware box. >> Yeah. It's a great idea. >> It's a good idea. DM me and tell me it's a bad idea or good idea. I'll blame Sarbjeet for that. But what else have you learned? >> What else have learnt actually it's basically boils down to economics at the end of the day. It's about moving fast. It's about having developer productivity, again going back the cloud naysayers. It's like, why did you build a bike? Remember Steve Job used to say that, "computer is the bicycle for the human minds." >> Yes. >> Right. So cloud is the bicycle for the enterprises. They makes them move faster. 'So I think that's-- >> All right. We're closing down. We're going to hold on until they pull the plug on theCUBE literally. Sarbjeet great to see you on there. Check 'em out on Twitter. Great event. Good to see you, great report. Thank for sharing. Sarbjeet Johal here on theCUBE, taking over our community site I hear, right? Now you going to work-- >> I'm there. I'm always there. >> Great to have you on. I'm going to work on some new things with theCUBE. Really appreciate working with us. Thanks a lot. >> I really appreciate you guys giving me this platform. It's an amazing platform. Thank you very much. >> That's all right. We'll be back. That's it for our coverage of AWS summit 2020 here live on the floor. Events are back. Hybrid's back. We get theCUBE studios in Palo Alto in Boston. Re:invent at the end of the year but we're going to the summit in New York city. In the summer, we got re:Inforce in Boston the security conference. Re:MARS which is the robotics IML conference. And of course the big summit New York and San Francisco we're there of course. Share thecube.net for all the action. I'm John for your host with Sarbjeet here. Closing out the show. Thanks for watching. (Calm music)

(upbeat music) >> Dave Vellante: Okay. We're back with Mark Hill. who's the Director of IT Operations at Digital River. Mark. Welcome to the cube. Good to see you. Thanks for having me. I really appreciate it. >> Hey, tell us a little bit more about Digital River, people know you as a, a payment platform, you've got marketing expertise. How do you differentiate from other e-commerce platforms? >> Well, I don't think people realize it, but Digital River was founded about 27 years ago. Primarily as a one-stop shop for e-commerce right? And so we offered site development, hosting, order management, fraud, expert controls, tax, um, physical and digital fulfillment, as well as multilingual customer service, advanced reporting and email marketing campaigns, right? So it was really just kind of a broad base for e-commerce. People could just go there. Didn't have to worry about anything. What we found over time as e-commerce has matured, we've really pivoted to a more focused API offering, specializing in just our global seller services. And to us that means payment, fraud, tax, and compliance management. So our, our global footprint allows companies to outsource that risk management and expand their markets internationally, um very quickly. And with low cost of entry. >> Yeah. It's an awesome business. And, you know, to your point, you were founded way before there was such a thing as the modern cloud, and yet you're a cloud native business. >> Yeah. >> Which I think talks to the fact that, that incumbents can evolve. They can reinvent themselves from a technology perspective. I wonder if you could first paint a picture of, of how you use the cloud, you use AWS, you know, I'm sure you got S3 in there. Maybe we could talk about that a little bit. >> Yeah, exactly. So when I think of a cloud native business, you kind of go back to the history. Well, 27 years ago, there wasn't a cloud, right? There wasn't any public infrastructure. It was, we basically stood our own data center up in a warehouse. And so over our history, we've managed our own infrastructure and collocated data centers over time through acquisitions and just how things worked. You know those over 10 data centers globally. for us it was expensive, well from a software hardware perspective, as well as, you know, getting the operational teams and expertise up to up to speed too. So, and it was really difficult to maintain and ultimately not core to our business, right? Nowhere in our mission statement, does it say that we're our goal is to manage data centers? So, so about five years ago, we started the journey from our hosted into AWS. It was a hundred percent lift it and shift plan, and we were able to bleed that migration a little over two years, right. Amazon really just fit for us. It was a natural, a natural place for us to land and they made it really easy here for us to not to say it wasn't difficult, but, but once in the public cloud, we really adopted a cloud first vision. Meaning that we'll not only consume their infrastructure as the service, but we'll also purposely evaluate and migrate to software as a service. So I come from a database background. So an example would be migrating from self deployed and managed relational databases over to AWS RDS, relational database service. You know, you're able to utilize the backups, the standby and the patching tools. Automagically, you know, with a click of the button. And that's pretty cool. And so we moved away from the time consuming operational tasks and, and really put our resources into revenue and generate new products, you know, like pivoting to an API offering. I always like to say that we stopped being busy and started being productive. >> Ha ha. I love that. >> That's really what the cloud has done for us. >> Is that you mean by cloud native? I mean, being able to take advantage of those primitives and native API. So what does that mean for your business? >> Yeah, exactly. I think, well, the first step for us was just to consume the infrastructure right, in that, but now we're looking at targeted services that they have in there too. So, you know, we have our, our, our data stream of services. So log analytics, for example, we used to put it locally on the machine. Now we're just dumping into an S3 bucket and we're using Kinesis to consume that data, put it in Eastic and go from there. And none of the services are managed by Digital River. We're just utilizing the capabilities that AWS has there too. So. >> And as an e-commerce player, retail company, we were ever concerned about moving to AWS as a possible competitor, or did you look at other clouds? What can you tell us about that? >> Yeah. And, and so I think e-commerce has really matured, right? And so we, we got squeezed out by the Amazons of the world. It's just not something that we were doing, but we had really a good area of expertise with our global seller services. But so we evaluated Microsoft. We evaluated AWS as well as Google. And, you know, back when we did that, Microsoft was Windows-based. Google was just coming into the picture, really didn't fit for what we were doing, but Amazon was just a natural fit. So we made a business decision, right? It was financially really the best decision for us. And so we didn't really put our feelings into it, right? We just had to move forward and it's better than where we're at. And we've been delighted actually. >> Yeah. It makes sense. Best cloud, best, best tech. >> Yeah. >> Yeah. I want to talk about ChaosSearch. A lot of people describe it as a data lake for log analytics. Do you agree with that? You know, what does that, what does that even mean? >> Well, from, from our perspective, because they're self-managed solutions were costly and difficult to maintain, you know, we had older versions of self deployed using Splunk, other things like that, too. So over time, we made a conscious decision to limit our data retention in generally seven days. But in a lot of cases, it was zero. We just couldn't consume that, that log data because of the cost, intimidating in itself, because of this limit, you know, we've lost important data points use for incident triage, problem management, problem management, trending, and other things too. So ChaosSearch has offered us a manageable and cost-effective opportunity to store months, or even years of data that we can use for operations, as well as trending automation. And really the big thing that we're pushing into is an event driven architecture so that we can proactively manage our services. >> Yeah. You mentioned Elastic, I know I've talked to people who use the ELK Stack. They say you there's these exponential growth in the amount of data. So you have to cut it off at whatever. I think you said seven days or, or less you're saying, you're not finding that with, with ChaosSearch? >> Yeah. Yeah, exactly. And that was one of the huge benefits here too. So, you know, we were losing out if there was a lower priority incident, for example, and people didn't get to it until eight, nine days later. Well, all the breadcrumbs are gone. So it was really just kind of a best guess or the incident really wasn't resolved. We didn't find a root cause. >> Yeah. Like my video camera down there. My, you know, my other house, somebody breaks in and I don't find out for, for two weeks and then the video's gone. That kind of same thing. >> Yep So, so, so how do you, can you give us some more detail on how you use your data lake and ChaosSearch specifically? >> Yeah, yeah. Yep. And, and so there's, there's many different areas, but what we found is we were able to easily consolidate data from multiple regions, into a single pane of glass to our customers. So internally and externally, you know, it relieves us of that operational support for the data extract transformation load process, right? It offered us also a seamless transition for the users, who were familiar with ElasticSearch, right? It wasn't, it wasn't difficult to move over. And so all these are a lot of selling points, benefits. And, and so now that we have all this data that we're able to, to capture and utilize, it gives us an opportunity to use machine learning, predictive analysis. And like I said, you know, driving to an event driven architecture. >> Okay. >> So that's, that's really what it's offered. And it's, it's been a huge benefit. >> So you're saying that you can speak the language of Elastic. You don't have to move the data out of an S3 bucket and you can scale more easily. Is that right? >> Yeah, yeah, absolutely. And, so for us, just because we're running in multiple regions to drive more high availability, having that data available from multiple regions in a single pane of glass or a single way to utilize it, is a huge benefit as well. Just, you know, not to mention actually having the data. >> What was the initial catalyst to sort of rethink what you were doing with log analytics? Was it cost? Was it flexibility? Scale? >> There was, I think all of those went into it. One of the main drivers. So, so last year we had a huge project, so we have our ELK Stack and it's probably from a decade ago, right? And, you know, a version point oh two or something, you know, anyways, it's a very old, and we went through a whole project to get that upgraded and migrated over. And it was just, we found it impossible internally to do, right? And so this was a method for us to get out of that business, to get rid of the security risks, the support risk, and have a way for people to easily migrate over. And it was just a nightmare here, consolidating the data across regions. And so that was, that was a huge thing, but yeah, it was also been the cost, right? It was, we were finding it cheaper to use ChaosSearch and have more data available versus what we're doing currently in AWS. >> Got it. I wonder if you could, you could share maybe any stories that you have or examples that, that underscore the impact that this approach to analytics is having on your business, maybe your team's everyday activities, any, any metrics you can provide or even just anecdotal information. >> Yeah. Yeah. And, and I think, you know, one coming from an Oracle background here, so Digital River historically has been an Oracle shop, right? And we've been developing a reporting and analytics environment on Oracle and that's complicated and expensive, right? We had to use advance features in Oracle, like partitioning materialized views, and bring in other supporting software like Informatica, Hyperion, Sbase, right? And all of these required our large team with a wide set of expertise into these separate focus areas, right? And the amount of data that we were pushing at the ChaosSearch would simply have overwhelmed this legacy method for data analysis than a relational database, right? In that dimension, the human toll of, of the stress of supporting that Oracle environment, meant that a 24 by seven by 365 environment, you know, which requires little or no downtime. So, just that alone, it's a huge thing. So it's allowed us to break away from Oracle, it's allowed us to use new technologies that make sense to solve business solutions. >> I, you know, ChaosSearch is really interesting company to me. I'm sure like me, you see a lot of startups, I'm sure they're knocking on your door every day. And I always like to say, okay, where are they going after? Are they going after a big market? How are they getting product market fit? And it seems like ChaosSearch has really looked at, hard at log analytics and kind of maybe disrupting the ELK Stack. But I see, you know, other potential use cases, you know, beyond analyzing logs. I wonder if you agree, are there other use cases that you see in your future? >> Yeah, exactly. So I think there's, one area would be Splunk, for example, we have that here too. So we use Splunk versus, you know, flat file analysis or other ways to, to capture that data just because from a PCI perspective, it needs to be secured for our compliance and certification, right? So ChaosSearch allows us to do that. There's different types of authentication. Um, really a hodgepodge of authentication that we used in our old environment, but ChaosSearch has a more easily usable one, One that we could set up, one that can really segregate the data and allow us to satisfy our PCR requirements too. So, but Splunk, but I think really deprecating all of our ElasticSearch environments are homegrown ones, but then also taking a hard look at what we're doing with relational databases, right? 27 years ago, there was only relational databases; Oracle and Sequel Server. So we we've been logging into those types of databases and that's not, cost-effective, it's not supportable. And so really getting away from that and putting the data where it belongs and that was easily accessible in a secure environment and allowing us to, to push our business forward. >> Yep. When you say, where the data belongs, right? It sounds like you're putting it in the bit bucket, S3, leaving it there, because it's the the most cost-effective way to do it and then sort of adding value on top of it. That's, what's interesting about ChaosSearch to me. >> Yeah, exactly. Yup. Yup. Versus the high priced storage, you know, that you have to use for a relational database, you know, and not to mention that the standbys, the backups. So, you know, you're duplicating, triplicating all this data too in an expensive manner, so yeah. Yeah. >> Yeah. Copy. Create. Moving data around and it gets expensive. It's funny when you say about databases, it's true. But database used to be such a boring market. Now it's exploded. Then you had the whole no Sequel movement and Sequel, Sequel became the killer app. You know, it's like full circle, right? >> Yeah, exactly. >> Well, anyway, good stuff, Mark, really, really appreciate you coming on the Cube and, and sharing your perspectives. We'd love to have you back in the future. >> Oh yeah, no problem. Thanks for having me. I really appreciate it. (upbeat music) >> Okay. So that's a wrap. You know, we're seeing a new era in data and analytics. For example, we're moving from a world where data lives in a cloud object store and needs to be extracted, moved into a new data store, transformed, cleansed, structured into a schema, and then analyzed. This cumbersome and expensive process is being revolutionized by companies like ChaosSearch that leave the data in place and then interact with it in a multi-lingual fashion with tooling, that's familiar to analytic pros. You know, I see a lot of potential for this technology beyond just login analytics use cases, but that's a good place to start. You know, really, if I project out into the future, we see a trend of the global data mesh, really taking hold where a data warehouse or data hub or a data lake or an S3 bucket is just a discoverable node on that mesh. And that's governed by an automated computational processes. And I do see ChaosSearch as an enabler of this vision, you know, but for now, if you're struggling to scale with existing tools or you're forced to limit your attention because data is exploding at too rapid a pace, you might want to check these guys out. You can schedule a demo just by clicking the button on the site to do that. Or stop by the ChaosSearch booth at AWS Reinvent. The Cube is going to also be there. We'll have two sets, a hundred guests. I'm Dave Volante. You're watching the Cube, your leader in high-tech coverage.

(gentle music) >> Okay, we're back with Mark Hill who's the director of IT operations at Digital River. Mark, Welcome to "The Cube." Good to see you. >> Thanks for having me. I really appreciate it. >> Hey, tell us a little bit more about Digital River, people know you as a payment platform. >> You've got marketing expertise. >> Yeah. >> How do you differentiate from other e-commerce platforms? >> Well, I don't think people realize it, but Digital River was founded about 27 years ago primarily as a one-stop shop for e-commerce, right? And so we offered site development, hosting, order management, fraud, expert controls, tax, physical and digital fulfillment as well as multilingual customer service, advanced reporting and email marketing campaigns, right? So it was really just kind of a broad base for e-commerce. People could just go there. Didn't have to worry about anything. What we found over time as e-commerce has matured, we've really pivoted to a more focused API offering specializing in just a global seller services. And to us that means payment, fraud, tax and compliance management. So our global footprint allows companies to outsource that risk management and expand their markets internationally very quickly and with the low cost of entry. >> Yeah, it's an awesome business. And, you know, to your point, you were founded way before there was such a thing as the modern cloud, and yet you're a cloud native business. >> Yeah. >> Which I think talks to the fact that incumbents can evolve, they can reinvent themselves from a technology perspective. I wonder if you could first paint a picture of how you use the cloud, you use AWS, you know, I'm sure you got S3 in there. Maybe we could talk about that a little bit. >> Yeah, exactly. So when I think of a cloud native business, you kind of go back to the history. Well, 27 years ago, there wasn't a cloud, right? There wasn't any public infrastructure. We basically started our own data center up in a warehouse. And so over our history, we've managed our own infrastructure and co-located data centers over time through acquisitions and just how things works, you know, those are over 10 data centers globally for us. For us it was expensive, well from a software, hardware perspective, as well as, you know, getting the operational teams and expertise up to speed too. And it was really difficult to maintain and ultimately not core to our business, right? Nowhere in our mission statement does it say that our goal is to manage data centers. (laughing) So, about five years ago we started the journey from our host into AWS. It was a hundred percent lift and shift plan and we were able to complete that migration a little over two years, right? Amazon really just fit for us, it was a natural, a natural place for us to land in and they made it really easy here for us to, not to say it wasn't difficult, but once in the public cloud, we really adopted a cloud first vision, meaning that we'll not only consume their infrastructure as the service, but we'll also purposely evaluate and migrate to software as a service. So, I come from a database background. So an example would be migrating from self deployed and manage relational databases over to AWS RDS, relational database service. You know, you're able to utilize the backups, the standby and the patching tools auto magically, you know, with a click of a button. And that's pretty cool. And so we moved away from the time consuming operational task and really put our resources into revenue and generating the products, you know, like pivoting to an API offering. I always like to say that we stopped being busy and started being productive. (laughing) >> I love that. >> And that's really what the cloud has done for us. >> Is that what you mean by cloud native? I mean, being able to take advantage of those primitives and native API. So what does that mean for your business? >> Yeah, exactly. I think, well, the first step for us was just to consume the infrastructure, right? But now we're looking at targeted services that they have in there too. So, you know, we have our data stream of services. So log analytics, for example, we used to put it locally on the machine. Now we're just dumping into an S3 bucket the way you're using Kinesis to consume that data and put it in elastic and go from there. And none of the services are managed by Digital River. We're just realizing the capabilities that AWS has there too. >> And as an e-commerce player, retail company, were you ever concerned about moving to AWS as a possible competitor, or did you look at other clouds? What can you tell us about that? >> Yeah, and so, I think e-commerce is really mature, right? And so we got squeezed out by the Amazons of the world. It's just not something that we were doing, but we had really a good area of expertise with our global seller services. So we evaluated Microsoft, we evaluated AWS as well as Google and, you know, back when we did that, Microsoft was Windows-based. Google was just coming into the picture, really didn't fit for what we're doing, but Amazon was just a natural fit. So, we made a business decision, right? It was financially really the best decision for us. And so we didn't really put our feelings into it, right? We just had to move forward and it's better than where we're at and we've been delighted actually. >> Yeah, makes sense, best cloud, the best tech. >> Yeah. >> You know, I want to talk about Chaos Search. A lot of people describe it as a data lake for log analytics. Do you agree with that? You know, what does that even mean? >> Yeah, well, from our perspective because the self-managed solutions are costly and difficult to maintain. You know, we had older versions of self deployed using Splunk, other things like that too. So over time, we made a conscious decision to limit our data retention in generally seven days. But in a lot of cases, it was zero. We just couldn't consume that log data because of the cost, intimidating in itself, because of this limit, you know, we've lost important data points, use for incident triage problem management, trending and other things too. So, Chaos Search has offered us a manageable and cost-effective opportunity to store months or even years of data that we can use for operations as well as trending automation. And really the big thing that we're pushing into is in the event of an architecture so that we can proactively manage our services. >> Yeah, you mentioned elastic. So I know I've talked to people who use the Elk Stack. They say, yes, this is exponential growth in the amount of data. So you have to cut it off at whatever. I think you said seven days, >> Yeah. >> Or less, you're saying you're not finding that with Chaos Search? >> Yeah, yeah, exactly. And that was one of the huge benefits here too. So, you know, we we're losing out if there was, you know, a lower priority incident for example and people didn't get to it until eight, nine days later. Well, all the bread crumbs are gone. So it was really just kind of a best guess or the incident really wasn't resolved. We didn't find a root cause. >> Yeah, like my video camera's down you know, by your other house, is that when somebody breaks in, I don't find out for two weeks and then the video's gone, kind of like same thing. >> Yeah. >> So, how do you, can you give us some more detail on how you use your data lake and Chaos Search specifically? >> Yeah, yeah. Yep and so there's many different areas, but what we found is we were able to easily consolidate data from multiple regions into a single pane of glass to our customers. So internal and externally, you know, it really does serve that operational support for the data extract transformation load process, right? It offered us also a seamless transition for the users who were familiar with elastic search, right? It wasn't difficult to move over. And so all these are a lot of selling points benefits. And so now that we have all this data that we're able to capture and utilize, it gives us an opportunity to use machine learning, predictive analysis. And like I said, you know, driving to an event driven architecture. >> Okay. >> So that's really what is offered and it's been a huge benefit. >> So you're saying you can speak the language of elastic. You don't have to move the data out of an S3 bucket and you can scale more easily. Is that right? >> Yeah, yeah, absolutely. And it is so for us just because running in multiple regions to drive more high availability, having that data available from multiple regions in a single pane of glass or a single way to utilize it is a huge benefit as well, just to, you know, not to mention actually having the data. >> What was the initial catalyst to sort of rethink what you were doing with log analytics? Was it cost, was it flexibility scale? >> There was, I think all of those went into it. One of the main drivers, so last year we had a huge project, so we have our Elk Stack and it's probably from a decade ago, right? And, you know, a version point or two or something, you know, anyways, it's very old and we went through a whole project to get that upgraded and migrated over. And it was just, we found it impossible internally to do, right? And so this was a method for us to get out of that business, to get rid of the security risks and support risk and have a way for people to easily migrate over. And it was just a nightmare here consolidating the data across regions. And so that was a huge thing. But yeah, it has also been the cost, right? We're finding that cheaper to use Chaos Search and have more data available versus what we were doing currently in AWS. >> Got it, I wonder if you could share maybe any stories that you have or examples that underscore the impact that this approach to analytics, >> Yeah >> Is having on your business, maybe your team's everyday activities, any metrics you can provide, >> Yeah. >> Or even just anecdotal information? >> Yeah, yeah. And and I think, you know, one, coming from an Oracle background here, so Digital River historically has been an Oracle shop, right? And we've been developing a reporting and analytics environment on Oracle and that's complicated and expensive, right? We had to use advanced features in Oracle like partitioning materialized views and bringing other supporting software like Informatic, Hyperion, Essbase, right? And all of these require a large team with a wide set of expertise into the separate focus areas, right? And the amount of data that we were pushing at the KF search would simply have overwhelmed this legacy method for data analysis than a relational database, right? In that dimension, the human toll of the stress of supporting that Oracle environment than a 24 by seven by 365 environment, you know, which requires literal or no downtime. So just that alone, it was a huge thing. So, it's allowed us to break away from Oracle, it's allowed us to use new technologies that make sense to solve business solutions. >> You know, Chaos Search is just a really interesting company to me, I'm sure like me, you see a lot of startups. I'm sure they're knocking on your door every day. And I always like to say, "Okay, where are they going after? "Are they going after a big market? "How are they getting product market fit?" And it seems like Chaos Search has really looked that hard at log analytics and sort of maybe disrupting the Elk Stack. But I see, you know, other potential use cases, you know, beyond analyzing logs. I wonder if you agree, are there other use cases that you see in your future? >> Yeah, exactly. So, I think there's one area would be Splunk for example. We have that here too. So we use Splunk versus, you know, flat file analysis or other ways to capture that data just because from a PCI perspective, it needs to be secured for our compliance and certification, right? So Chaos Search allows us to do that. There's different types of authentication, really a hodgepodge of authentication that we used in our old environment, but Chaos Search has a more easily usable one, one that we could set up, one that can really segregate the data and allows to satisfy our PCR requirements too. But Splunk, I think really, deprecating all of our elastic search environments are homegrown ones, but then also taking a hard look at what we're doing with relational databases, right? 27 years ago, there was only relational databases, Oracle and SQL server. So we've been logging into those types of databases and that's not cost-effective, it's not supportable. And so really getting away from that and putting the data where it belongs and that is easily accessible in a secure environment and allowing us to push our business forward. >> And when you say where the data belongs, it sounds like you're putting it in the bit bucket S3, leaving it there, >> Yeah. >> And this is the most cost-effective way to do it and then sort of adding value on top of it. That's what's interesting about Chaos Search to me. >> Yeah, exactly, yup, yup versus the high price storage, you know, that you have to use for a relational database, you know, and not to mention the standbys, the backups. So, you know, you're duplicating, triplicating all this data in here too in expensive manner. So yeah. >> Yeah, copy creating, moving data around and it gets expensive. It's funny when you say about databases, it's true. But database used to be such a boring market now it's exploded. Then you had the whole no SQL movement and SQL became the killer app, you know, it's like full circle. (laughing) >> Yeah, yeah, exactly. >> Well, anyway, good stuff Mark, really, I really appreciate you coming on "The Cube" and sharing your perspectives. We'd love to have you back in the future. >> Oh yeah, yeah, no problem. Thanks for having me. I really appreciate it. >> Yeah, our pleasure. Okay, in a moment, I'll have some closing thoughts on getting more value out of your growing data lakes. You're watching "The Cube," you're leader in high-tech coverage. (gentle music)