hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>> Announcer: From around the globe, it's theCUBE with digital coverage of IBM Think 2021 brought to you by IBM. >> Hey, welcome to the Cube's coverage of IBM Think 2021. I'm Lisa Martin. Joining me next is Dave Marmer, the vice president offering management for the cognos analytics, planning analytics and regtech portfolios at IBM. Dave, welcome to the program. >> Thank you, Lisa. Thanks for having us today. >> So lots of change in the last year, that's an Epic understatement, right? But I'm curious some of the things that you've seen from a customer's perspective, how are they utilizing planning and reporting technology and analytics to adapt to such a disruptive market? >> Quick question, the pandemic was truly a test for these organizations in terms of their resiliency and agility. But fortunately our clients were able to leverage our planning and reporting technology to do several things. They were able to re-plan their financials to integrate and reset operational areas and planning. They were able to create multiple scenarios as disruptions continue to occur and they were able to maintain confidence in insights for collaborative decision-making at truly an enterprise scale. They were easily able to increase the frequency of their planning process, moving from quarterly to monthly to even daily for their operational areas such as supply and sales. And this was really far reaching for customers like ranging from people like Perona who focuses on private employment to Vasan who is one of the largest bakeries in Europe and ancestry.com, which are the world's largest online family history resource. They're all were able to successfully navigate the radical changes in demand and in workflow and in cashflow. >> That's impressive considering things were in such a mess and still are in somewhat state of flux which is obviously different globally. You talked about the collaboration. That's one of the things that we saw so much change going on in the last year, but this dependence on technology to facilitate collaboration. Talk to me a little bit about how you've helped. Maybe those same customers that you mentioned be able to collaborate collectively across the organizations. >> So the concept that we follow which is sort of this extending planning and analysis model is this concept of decisions, financial decisions, or finance decisions being moved outside of the operational areas, the office of finance, into the areas of supply chain, into sales, into workforce management. These all had to come together far more agilely and far more connected than they ever were before. Decisions that one organization was going to make was going to impact others. And they need to bring in additional exogenous data to kind of augment the decisions they were already doing. So it came very collaborative and high participation for the people closest to the decisions. >> Excellent. So when you look at some of the things that have in the last year, what are some of your observations, that kind of things that surprised you in terms of how companies have evolved their planning and forecasting strategy in such a dynamic market? >> Well, the biggest surprise, and I guess it shouldn't be a surprise, but historical trends that they had been counting on for their planning activity, taking last year's activities and actuals and using those to plan out what would happen. Those were sort of out the window and data sources and drivers, new drivers to their business had to be considered. They hadn't had to deal with this in the past. Like our clients were kind of pleasantly surprised that they're moved to extended planning and analysis. When planning is adopted outside of the office of finance stood up to the global disruption. You know, for example, ancestry had already adopted a enterprise planning platform as a reaction to phenomenal growth they experienced years back as they were first launching their DNA product. This put them in really good shape for what happened more really recently. This allowed them to run multiple scenarios to the impact of their supply chain all the way through the labs and back to the clients. And so when the pandemic hit, the facilities were impacted but they will have to make those adjustments at quarterly and keep up a high level of customer service. >> So these seems like ancestry was already in a really good position to be able to navigate some of the massive disruption that happened so quickly. How have you helped other customers that maybe weren't as far along to do that as well and to be able to forecast and plan in a dynamic time? >> So a customer like the sun, I mentioned, they were like, one of Europe's largest bakeries, right? They live in a world of just hours, right? You're creating product that has a shelf life, a realistic shelf life. And they have much demand changes for their facilities, but also to the stores and their frozen food products that they provide in addition to how they provide them the daily fresh stuff that they do. They're very known for their rye bread, their sourdough those type of things. But they had to make a lot of changes based on what they were seeing and take into consideration, even margin. So they've been evolving and taking more advantage of AI in augmenting their human intelligence in this way. They've been able to use very sophisticated algorithms with planning analytics to allow them to plan for things like energy consumption where they calculate the expected outside temperatures and the need for the facilities, because where they are based in the Nordics, they face freezing temperatures where, you know, the facility subs health have, because there's a lot of fluctuation in seasonality to that. And so they need to adjust for that. They also really use this to take a look at the product life cycles that they had been using to get a better longterm estimate of what people would be buying instead of using human intuition, because as they said, you can get sort of into this methodical radar listening model of looking at what had occurred in the past. And they were able to start to see things months earlier that they would have normally not been able to see if they'd not augmented their human intelligence with artificial intelligence. And I think the third thing they started to use was customer purchasing behavior where they actually were just starting to see actual patterns of things that were changing. And the expected propensity was changing for repeat purchases and cross sell purchases. And they're able to make adjustments on their offerings as a result. >> If we talk about AI to augment human intelligence to empower decision making, that's a great example of that that you talked about. What's the adoption been like that around different industries and different countries in the last year? >> So we see this universally happening that there's an adoption occurring. Certain industries are definitely moving faster. It's happening in the sales and operations planning area more so than the traditional places like the financial and planning and analysis areas. So once you get into the areas like supply chain and demand planning, you know, we generally see retail and distribution, you know, companies, a high adoption of this because of the sensitivity of making sure the right product is there at the right time. We see this near a customer service. And we definitely see this as I mentioned in workforce analytics. This pandemic brought large disruption to people who had to exit the normal facilities and work in different alternative locations. And then this idea of how do we bring them back in a very managed way is a universal problem that everyone is facing and they're all starting to adopt that. So we're seeing adoptions on many of these things across all the different industries, but I'd say the ones I mentioned were certainly highly sensitive to the immediate problems that we all personally experienced. >> Right. In your opinion based on just what you've observed, what do you think the true value of integrated planning field Bay by AI? What's the true business value there? >> It's a great question. I think in business terms, the predictive capabilities like the algorithmic forecasting is really helping companies more accurately forecast their demand. And while prescriptive capabilities like decision optimization, help them determine the best way to meet that demand, typically decision optimization excels at developing scenarios and considering constraints such as time prices, cost and capacities. And those are pulled in to help augment the decisions. Whereas predictive capability really helps the forecast demand as an example, you know, man changes by season by day by hour, the prescriptive capabilities, like this is an optimization, help determine the best plan for meeting the demand. But if you think about the energy example I gave before, you have to consider things like, is it hydro? Is it coal? Is it nuclear? One of those types of things that are involved because each method has a different cost and a different capacity. So they kind of work together in that way. >> When you're having customer conversations. I'm curious what the perspective is of customers understanding the obvious business value of integrating AI with integrated planning. Is that something that they get right away? What kinds of questions do they have for you? >> Again, I think they understand the concept or scenario planning and the fact of building different scenario modeling. I think what they're getting accustomed to is the superpower that we get to augment these humans with an intent to work against their intuition. We've seen this time and time again where project planning for, you know, one of our customers who manages on behalf of the government certain projects that they would look at it and say, if it wasn't for AI, we wouldn't have detected these issues and some of the project scope, because we look at managing them in a certain way based on historical patterns. So you almost have to unlearn their historical patterns that's had to accept what the data is telling you and you're really matching properlistic and deterministic information together to get a more accurate and an informed decision to help you move and progress further. >> So for businesses, I'm curious to get your advice here. For companies that are in this state of flux as we all are and varying degrees of that across the globe, what advice do you have for those companies that are looking into utilizing planning and reporting technology to really fine tune their business performance but they don't really know where to start? >> Yeah, so from a very high level, the advice I would say is first you've got to examine your current planning process and really identify what's working well and what business questions need to be answered. Then you have to understand that planning is primarily driver-based. And because it's driver-based, you really have to understand and take a look at your current financial reports to see what's really making up the bulk of your business, what's really driving revenue, what's really driving expenses and really focusing on the drivers that have material impact. Probably you've that 80, 20 rule. What is 80% of our costs and revenues coming from? And then you need to understand the level of granularity that you need in your data to really develop the appropriate values that you want to plan again and set those targets. And you should refer to the existing spreadsheets. They have lots of value just to understand the sources of data, the calculations that get used, what's effective and not effective across the different functions and how they link together. And then you really need to determine your planning horizon. You need to understand who's going to be contributing to the plan who hasn't been doing this before, because you want people closest to the processes and the decisions to do that. And what's the frequency? As I mentioned, people moved from quarterly to monthly as a matter of fact, in a rolling forecast and they started moving to daily and you got to understand when do you recommend this kind of a model for what businesses and what's that, how much attention do you want to give to those plans on a regular basis? >> One more question for you, Dave. When you're in those customer conversations, I'm curious, is this a C-level conversation now in terms of, "Hey, we need to be able to utilize AI and predictive for planning technology and reporting technology", Has that elevated in conversation within the organization? >> So yes, the pandemic has opened up, and just disruptions in general have opened up the conversation around about the importance of better planning and business continuity and building resilience into an organization. That is a boardroom conversation that's very important. So it is definitely raised up into that level. As planning starts to sprawl outside of just the office of finance into these operational areas, those line of business executives are getting very involved and saying, you know, we need to plan to perform and setting that conversation up and using these types of new technologies and capabilities that we're kind of replacing what can't be automated by human beings, right? Or just can't be done with the amount of manual work involved. And we see this today, just the amount of sheer number of data, the amount of volume and the amount of data intersections that have to occur. You need the capabilities of something like planet windows with Watson to go to deliver something like that. >> Awesome. Well, Dave, thanks so much for joining me today sharing what you've seen in the last year and how some of the customers have been very successful at adapting to a pretty dynamic time. We appreciate you coming on the show. >> Thank you very much. I appreciate this. >> Bye Dave Marmer. I'm Lisa Martin, you're watching the cubes coverage of IBM Think. (upbeat music)

>>from around the globe. It's the Cube with digital coverage of AWS reinvent 2020. Special coverage sponsored by AWS Global Partner Network. Hello, everyone. This is Dave Balanta. And welcome to the cubes Virtual coverage of AWS reinvent 2020 with a special focus on the A p N partner experience. I'm excited to have two great guests on the program. Fernando Castillo is the head s a p on AWS Partner Network and s A P Alliance and AWS and Stephen Jones is the general manager s a p E c to enterprise that aws Gentlemen, welcome to the Cube. Great to see you. >>I'm here. >>So guys ASAP on AWS. It's a core workload for customers. I call it the poster child for mission Critical workloads and applications. Now a lot has happened since we last talked to you guys. So So tell us it. Maybe start with Stephen. What's going on with Sapna Ws? Give us the update. >>I appreciate the question Day. Look, a lot of customers continue to migrate. These mission critical workloads State of us on a good example is the U. S. Navy right? Who moved their entire recipe landscape European workload AWS. This is a very large system of support. Over 72,000 users across 66 different navy commands. They estimate that 70 billion worth of parts and goods actually transact through the system every year. Just just massive. Right? And this this type of adoptions continued to accelerate a very rapid clip. And today, over 5000 customers now are running SFP workloads. I need to be us on there really trusting us, uh, to to manage and run these workloads. And another interesting stat here is that more than half of these customers are actually running asap, Hana, which is a safe He's flagship in memory database. >>Right, Fernando, can you add to that? >>Sure. So definitely about, you know, the customs are also SCP themselves continue to lose a dollar less to run their own offerings. Right? So think about conquer SCP platform. SCP analytics were when new offers like Hannah Cloud. In addition to that, we continue to see the P and L despondent network to grow at an accelerated pace. Today we have over 60 SNP company partners all over the world helping SFP customers s O that customers are my green. There s appeal asking CW's. They only look for reduced costs, improved performance but also toe again access to new capabilities. So innovate around their core business systems and transform their businesses. >>So for now, I wonder if I could stay with you for a minute. I mean, the numbers that Steve was putting out there, it's just massive scale. So you obviously have a lot of data. So I'm wondering when you talk to these customers, Are you discerning any common patterns that are emerging? What are some of the things that you're hearing or seeing when you analyze the data? >>Sure. So just to give a couple example right. Our biggest customers are doing complete ASAP. Transformations on Toe s four Hana. Their chance they're going to these new S a p r p code nine All customers have immediate needs, and they're taking their existing assets to AWS, so looking to reduce costs and improve performance, but also to sell them apart for innovation. This innovation is something that operation or something that they can wait. They need it right now. It's they This time to innovate is now right on some of these customers saying that while s and P has nice apart. So that is a multi year process on most organizations and have a look from waiting for this just before they start innovating. So instead of that, they focus on bringing what they have on start innovating right away on Steve has some great stories around here, so maybe Steve can share with that. Goes with that? >>Yeah, that'd be great, Steve. >>Yeah. Look, I think a good example here on and Fernando touched it, touched on it. Well, right. So customers coming from all kind of different places in their journey aws as it relates to this this critical workload and some are looking to really reap the benefits of the investments they made over the last couple decades sometimes. And Vista is a really good example Here, um there a subsidiary of Cook Industries, they migrated and moved their existing S a P r P solution called E c C. To AWS. They estimate that this migration alone from an infrastructure cost savings perspective, has netted them about two million per year. Additionally, you know, they started to bring some of the other issues they were trying to solve from a business perspective, together now that they were on the on the on the business on the AWS platform. And one thing that recognizes they had different data silos, that they had been operating in an on premises world. Right? So massive factories solution and bringing all of that data together on a single platform on AWS and enriching that with the SCP data has allowed them to actually improve their forecasting supply chain processes across multiple data sources and the estimate that that is saving them additional millions per year. So again, customers are not necessarily waiting to innovate. Um, but actually moving forward now. >>All right, so I gotta ask, you don't hate me for asking this question, but but everybody talks about how great they are. Supporting s a P is It's one of the top, of course, because s a p, you know, huge player in the in the application space. So I want you guys to address how aws specifically compares Thio some of your competitors that are, you know, the hyper scaler specifically as it relates to supporting S a P workloads. What's the rial differential value that you guys bring? Maybe Steve, you could start >>Sure, you're probably getting to know us a little bit. Way don't focus a lot on competition, Aziz mentioned week We continue to see customers adopt AWS for S a p a really rapid clip. And that alone actually brings a lot of feedback back into how we consider our own service offerings as it relates to this particular workload on that, that's it. That's important signal right for what we're building. But customers do tell us the security performance availability matters, especially for this workload, which, you know, to be honest, is the backbone of many, many organizations. Right? And we understand why. And there was a study that was done recently about a. D. C. Where they found that even a single hour of unplanned downtime as a released this particular workload could cost millions. And so it's it's super important. And if you look at, um, you know, publicly available data from an average perspective, um, it has considerably less downtime than the other hyper scale is out there way. Take the performance and availability of oh, our entire global footprint and in this workload in particular, super important. >>Well, you know, that's a great point, Steve. I mean, if you got critical mission critical applications like ASAP supporting the business, that's driving revenue. It's driving productivity. The higher the value of the application, the greater the impact when it's down, I wonder, Fernando, you know, Steve said, You guys don't focus on the competition. Well, is an analyst. You know, I always focused on the competition, So I wonder if you're gonna add anything to that. >>Sure. So again, as you can imagine, multiple analyst called Space right. And, uh, everybody shares information. And analysts have agreed that Italy's clean infrastructure services, including the three quite a for CP across the globe. So we feel very humble and honor about this recognition on this encourages to continue to improve ourselves to give you a couple examples for a 10 year in a row. Italy's US evaluated as a leader in the century Gardner Magic Quadrant, right for cloud infrastructure from services. And, as you know, the measure to access right they measure very execute on complete, insufficient were the highest, both of them. Another third party, just not keep with one is icy, right? You know, technology research dreamers, you already you might know advice for famous Well, the reason they publisher s a p on infrastructure service provider lands reports long name which, basically, the analyzers providers were best suited to host s a. P s four hana workloads on more broadly s a p Hannah landscapes, you know, very large scape ASAP 100 landscapes. So they recognize it, at least for the third year in a row. And conservative right, the best class enterprise. Great infrastructure towards security performances, Steve mentioned, but also making the panic community secure. Differentiation. Andi, they posted. They mentioned it all us as a little position in quadrant for the U. S. U K France, Germany, the Nordics in Brazil. So again, really honor and humble on discontinued in court just to continue to improve. >>You know, Steve, I just wrote a piece on Cloud 2030 trying to project what the next 10 years is gonna look like in one of the I listed a lot of things, but one of the things I talked about was some of the technical factors like alternative processors, specialized networks, and you guys have have have really, always done a good job of sort of looking at purpose built, you know, stuff that that can run workloads faster. How relevant is that in the the S A P community? >>Oh, that's a great question, David. It's It's absolutely relevant. You take a look at what? What we've done over the years with nitro and how we've actually brought the ability for customers to run on environmental infrastructure but still have that integrated, uh, native cloud experience. Uh, that is absolutely applicable to Unless if you workload and we're actually able toe with that technology, bring the capability to customers to run thes mission critical workloads on instances with up to 24 terabytes of brand, albeit bare metal, but fully integrated into the AWS network fabric, >>right? I mean, a lot of people, you know, need that bare metal raw performance on, and that makes sense that you've been, you know, prioritize such an important class of workload. I'm not surprised that that I mean, the numbers that you threw out a pretty impressive eso. It's clear you're leading the charge here. Maybe you could share a little glimpse of what's coming in the future. Show us a little leg, Steve. >>Yeah, well, look, uh, we know that infrastructure is super important. Thio. Our customers and in particular the customers are running these mission critical workloads. But there's a lot of heavy lifting, uh, that that we also want to simplify. And so you've seen some indications of what we've done here over the years, uh, ice G that Fernando mentioned actually called out. AWS is differentiating here, right? So for for many years, we've actually been leading in releasing tools for customers to actually orchestrate and automate the deployment of these types of worthless so ASAP in particular. I mean, if you think about it a customer who is coming to a to a hyper scale platforms like AWS and having to learn what that means, Plus understand all the best practices from S, A, P and AWS to make that thing really shine from a performance and availability perspective, that's a heavy asked. Right? So we put a lot of work from a tooling perspective into into automating this and making this super simple not just for customers, but also partners. >>Anything you wanna chime in on that particular the partner side, Fernando. >>Sure. So this is super important for public community, right? As you can imagine, the tooling that we're bringing together toe. The market is helping the Spanish to move quicker, right? So they don't have to reinvent. They will all the time. They will just take this and move and take it and move forward. Give an example. One of our parents in New York, three hosts. Thanks for lunch. We start with Steve just reference right. They want to create work clothes in an automated way. Speeding up the delivery time. 75% corporation is every environments. So it just imagine the the impact of these eso a thing here that is important is our goal is to help customers and partners move quicker, removing any undifferentiated heavy lifting, right, Andi, that's kind of the mantra of this group. >>You know, when you think about what Doug Young was saying is in the keynote, um, the importance of partners and I've been on this kick about we've moved in this industry from products to platforms, and the next 10 years is gonna be about leveraging ecosystems. The power of many versus the resource is of a few or even one is large is a W s so so partners air critical on I wonder if you could talk toe the role that that the network partners air playing in affecting S a p customer outcomes and strategies. Maybe Steve, you could take that first. >>Yeah, but look, we recognize that the migration on the management of these systems it's complex, right? And for years, we've invested in a global community of partners many partners who have been fundamental to s a p customer success over over a couple decades, Right? And so, um, that there are some nuances that that need to be realized when it comes to running ASAP on on a hyper scale platforms like AWS. And so we put a lot of work into making sure these partners are equipped to ensure customers have have a really good experience. And I mean, in a recent conversation I had with a CEO of a large, uh, CPG company, he told me he reflected that the partners really are the glue. That kind of brings it all together for them. And, uh, you know, just to share something with you today, our partners, our partner community network for S. If he is actually helping over 90% of net new customers who are coming toe migrate as if you were close to AWS, so they're just absolutely critical. >>So, Fernando, there's the m word, the migration, you know, it's you don't want to unless you have to, but people have to move to the cloud. So So what can you add to this conversation? >>Sure, they So again, just to echo what Steve mentioned, right? Uh, migration. Super important. We have ah group of partners that are right now specializing in migration projects. And they have built migration factories. You may have seen some of them. They have been doing press releases through the whole year saying that they're part of these and their special cells they're bringing to the helping customers adopt AWS. So they go through the next, you know, very detailed process. We call them map for ASAP partners. So they have these incremental value on top of being SCP competent funds, which I referred earlier on. This group has, as mentioned, you know, show additional capability to safeguard these migrations on. Of course, we appreciate and respect and we have put investment programs for them to help them support their own customers right in those in these migrations. But because the SNP ecosystem on it. But it's not about only migrations, right? One important topic that we need technologies as you as Steve mentioned, we have these great set of partner of customers have trusted us or 5000 through a year on these, uh, these customers asking for innovation right there, asking us how come the ecosystem help us innovate faster? So these partners are using a dollars a plan off innovation, creating new solutions that are relevant for SCP. So basically helping customers modernize their business processes so you can take an example like Accenture Data Accelerator writers taking SCP information and data legs Really harm is the power of data there or the Lloyd you know, kinetic finances helping, you know, deploy Central finance, which is a key component of SCP, or customer like partners like syntax that has created our industrial i o. T. Offering that connects with the SNP core. So more and more you will see thes ecosystem partners innovating on AWS to support SNP customers. >>You know, I think that's such an important point because for for decades have been around for a while. It's the migrations air like this. Oftentimes there's forced March because maybe a vendor is not going to support it anymore. Or you're just trying to, you know, squeeze Mawr costs out of the lemon. What you guys are talking about is leveraging an ecosystem for innovation and again that ties into the themes that we're talking about about Cloud 2030 in the next decade of innovation. Let's close, guys. What can customers ASAP customers AWS customers expect from reinvent this year? Um, you know, maybe more broadly, what can they expect from A W S in the coming 12 months? Maybe, Steve, you could give us a sense, and then Fernando could bring us home. >>You bet. Look, um, this year we've really tried to focus on customer stories, right? So we've we've optimized. There's a number of sessions here agreement this year. We want customers and partners to learn from other from other customer experiences, so customers will be able to listen to Bristol Myers Squibb talk about their performance, their their experiences, Alando Newmont's and Volkswagen. And I'll be talking about kind of different places where they are on this, this journey to cloud and this innovation life cycle, right, because it really is about choice and what's right for their business. So we're pretty excited about that. >>Yeah. Nice mix of representative Industries there. I Fernando bring us home, please. >>Sure. So, again, we think about 21 in the future. Rest assured, we'll continue to invest heavily to make sure it values remains the platform innovation. Right on choice for recipe customers where a customer wants to move their existing investments on continue to add value. So what they have already done for years or goto export transformation. We're here to support their choice. Right? And we're committed to that as part of our customers Asian culture. So we're super excited about the future. And we're thankful for you to spend time with us today. >>Great, guys, Look, these are the most demanding workloads we're seeing that that rapid movement to the cloud is just gonna accelerate over the coming years. Thanks so much for coming on The Cube. Really appreciate it. >>Our pleasure. Thank >>you. All >>right. Thank you for watching everyone keep it right there from or great content. You're watching the cube aws reinvent 2020

from around the globe it's thecube with digital coverage of exascale day made possible by hewlett packard enterprise welcome everyone to the cube celebration of exascale day ben bennett is here he's an hpc strategist and evangelist at hewlett-packard enterprise ben welcome good to see you good to see you too son hey well let's evangelize exascale a little bit you know what's exciting you uh in regards to the coming of exoskilled computing um well there's a couple of things really uh for me historically i've worked in super computing for many years and i have seen the coming of several milestones from you know actually i'm old enough to remember gigaflops uh coming through and teraflops and petaflops exascale is has been harder than many of us anticipated many years ago the sheer amount of technology that has been required to deliver machines of this performance has been has been us utterly staggering but the exascale era brings with it real solutions it gives us opportunities to do things that we've not been able to do before if you look at some of the the most powerful computers around today they've they've really helped with um the pandemic kovid but we're still you know orders of magnitude away from being able to design drugs in situ test them in memory and release them to the public you know we still have lots and lots of lab work to do and exascale machines are going to help with that we are going to be able to to do more um which ultimately will will aid humanity and they used to be called the grand challenges and i still think of them as that i still think of these challenges for scientists that exascale class machines will be able to help but also i'm a realist is that in 10 20 30 years time you know i should be able to look back at this hopefully touch wood look back at it and look at much faster machines and say do you remember the days when we thought exascale was faster yeah well you mentioned the pandemic and you know the present united states was tweeting this morning that he was upset that you know the the fda in the u.s is not allowing the the vaccine to proceed as fast as you'd like it in fact it the fda is loosening some of its uh restrictions and i wonder if you know high performance computing in part is helping with the simulations and maybe predicting because a lot of this is about probabilities um and concerns is is is that work that is going on today or are you saying that that exascale actually you know would be what we need to accelerate that what's the role of hpc that you see today in regards to sort of solving for that vaccine and any other sort of pandemic related drugs so so first a disclaimer i am not a geneticist i am not a biochemist um my son is he tries to explain it to me and it tends to go in one ear and out the other um um i just merely build the machines he uses so we're sort of even on that front um if you read if you had read the press there was a lot of people offering up systems and computational resources for scientists a lot of the work that has been done understanding the mechanisms of covid19 um have been you know uncovered by the use of very very powerful computers would exascale have helped well clearly the faster the computers the more simulations we can do i think if you look back historically no vaccine has come to fruition as fast ever under modern rules okay admittedly the first vaccine was you know edward jenner sat quietly um you know smearing a few people and hoping it worked um i think we're slightly beyond that the fda has rules and regulations for a reason and we you don't have to go back far in our history to understand the nature of uh drugs that work for 99 of the population you know and i think exascale widely available exoscale and much faster computers are going to assist with that imagine having a genetic map of very large numbers of people on the earth and being able to test your drug against that breadth of person and you know that 99 of the time it works fine under fda rules you could never sell it you could never do that but if you're confident in your testing if you can demonstrate that you can keep the one percent away for whom that drug doesn't work bingo you now have a drug for the majority of the people and so many drugs that have so many benefits are not released and drugs are expensive because they fail at the last few moments you know the more testing you can do the more testing in memory the better it's going to be for everybody uh personally are we at a point where we still need human trials yes do we still need due diligence yes um we're not there yet exascale is you know it's coming it's not there yet yeah well to your point the faster the computer the more simulations and the higher the the chance that we're actually going to going to going to get it right and maybe compress that time to market but talk about some of the problems that you're working on uh and and the challenges for you know for example with the uk government and maybe maybe others that you can you can share with us help us understand kind of what you're hoping to accomplish so um within the united kingdom there was a report published um for the um for the uk research institute i think it's the uk research institute it might be epsrc however it's the body of people responsible for funding um science and there was a case a science case done for exascale i'm not a scientist um a lot of the work that was in this documentation said that a number of things that can be done today aren't good enough that we need to look further out we need to look at machines that will do much more there's been a program funded called asimov and this is a sort of a commercial problem that the uk government is working with rolls royce and they're trying to research how you build a full engine model and by full engine model i mean one that takes into account both the flow of gases through it and how those flow of gases and temperatures change the physical dynamics of the engine and of course as you change the physical dynamics of the engine you change the flow so you need a closely coupled model as air travel becomes more and more under the microscope we need to make sure that the air travel we do is as efficient as possible and currently there aren't supercomputers that have the performance one of the things i'm going to be doing as part of this sequence of conversations is i'm going to be having an in detailed uh sorry an in-depth but it will be very detailed an in-depth conversation with professor mark parsons from the edinburgh parallel computing center he's the director there and the dean of research at edinburgh university and i'm going to be talking to him about the azimoth program and and mark's experience as the person responsible for looking at exascale within the uk to try and determine what are the sort of science problems that we can solve as we move into the exoscale era and what that means for humanity what are the benefits for humans yeah and that's what i wanted to ask you about the the rolls-royce example that you gave it wasn't i if i understood it wasn't so much safety as it was you said efficiency and so that's that's what fuel consumption um it's it's partly fuel consumption it is of course safety there is a um there is a very specific test called an extreme event or the fan blade off what happens is they build an engine and they put it in a cowling and then they run the engine at full speed and then they literally explode uh they fire off a little explosive and they fire a fan belt uh a fan blade off to make sure that it doesn't go through the cowling and the reason they do that is there has been in the past uh a uh a failure of a fan blade and it came through the cowling and came into the aircraft depressurized the aircraft i think somebody was killed as a result of that and the aircraft went down i don't think it was a total loss one death being one too many but as a result you now have to build a jet engine instrument it balance the blades put an explosive in it and then blow the fan blade off now you only really want to do that once it's like car crash testing you want to build a model of the car you want to demonstrate with the dummy that it is safe you don't want to have to build lots of cars and keep going back to the drawing board so you do it in computers memory right we're okay with cars we have computational power to resolve to the level to determine whether or not the accident would hurt a human being still a long way to go to make them more efficient uh new materials how you can get away with lighter structures but we haven't got there with aircraft yet i mean we can build a simulation and we can do that and we can be pretty sure we're right um we still need to build an engine which costs in excess of 10 million dollars and blow the fan blade off it so okay so you're talking about some pretty complex simulations obviously what are some of the the barriers and and the breakthroughs that are kind of required you know to to do some of these things that you're talking about that exascale is going to enable i mean presumably there are obviously technical barriers but maybe you can shed some light on that well some of them are very prosaic so for example power exoscale machines consume a lot of power um so you have to be able to design systems that consume less power and that goes into making sure they're cooled efficiently if you use water can you reuse the water i mean the if you take a laptop and sit it on your lap and you type away for four hours you'll notice it gets quite warm um an exascale computer is going to generate a lot more heat several megawatts actually um and it sounds prosaic but it's actually very important to people you've got to make sure that the systems can be cooled and that we can power them yeah so there's that another issue is the software the software models how do you take a software model and distribute the data over many tens of thousands of nodes how do you do that efficiently if you look at you know gigaflop machines they had hundreds of nodes and each node had effectively a processor a core a thread of application we're looking at many many tens of thousands of nodes cores parallel threads running how do you make that efficient so is the software ready i think the majority of people will tell you that it's the software that's the problem not the hardware of course my friends in hardware would tell you ah software is easy it's the hardware that's the problem i think for the universities and the users the challenge is going to be the software i think um it's going to have to evolve you you're just you want to look at your machine and you just want to be able to dump work onto it easily we're not there yet not by a long stretch of the imagination yeah consequently you know we one of the things that we're doing is that we have a lot of centers of excellence is we will provide well i hate say the word provide we we sell super computers and once the machine has gone in we work very closely with the establishments create centers of excellence to get the best out of the machines to improve the software um and if a machine's expensive you want to get the most out of it that you can you don't just want to run a synthetic benchmark and say look i'm the fastest supercomputer on the planet you know your users who want access to it are the people that really decide how useful it is and the work they get out of it yeah the economics is definitely a factor in fact the fastest supercomputer in the planet but you can't if you can't afford to use it what good is it uh you mentioned power uh and then the flip side of that coin is of course cooling you can reduce the power consumption but but how challenging is it to cool these systems um it's an engineering problem yeah we we have you know uh data centers in iceland where it gets um you know it doesn't get too warm we have a big air cooled data center in in the united kingdom where it never gets above 30 degrees centigrade so if you put in water at 40 degrees centigrade and it comes out at 50 degrees centigrade you can cool it by just pumping it round the air you know just putting it outside the building because the building will you know never gets above 30 so it'll easily drop it back to 40 to enable you to put it back into the machine um right other ways to do it um you know is to take the heat and use it commercially there's a there's a lovely story of they take the hot water out of the supercomputer in the nordics um and then they pump it into a brewery to keep the mash tuns warm you know that's that's the sort of engineering i can get behind yeah indeed that's a great application talk a little bit more about your conversation with professor parsons maybe we could double click into that what are some of the things that you're going to you're going to probe there what are you hoping to learn so i think some of the things that that are going to be interesting to uncover is just the breadth of science that can be uh that could take advantage of exascale you know there are there are many things going on that uh that people hear about you know we people are interested in um you know the nobel prize they might have no idea what it means but the nobel prize for physics was awarded um to do with research into black holes you know fascinating and truly insightful physics um could it benefit from exascale i have no idea uh i i really don't um you know one of the most profound pieces of knowledge in in the last few hundred years has been the theory of relativity you know an austrian patent clerk wrote e equals m c squared on the back of an envelope and and voila i i don't believe any form of exascale computing would have helped him get there any faster right that's maybe flippant but i think the point is is that there are areas in terms of weather prediction climate prediction drug discovery um material knowledge engineering uh problems that are going to be unlocked with the use of exascale class systems we are going to be able to provide more tools more insight [Music] and that's the purpose of computing you know it's not that it's not the data that that comes out and it's the insight we get from it yeah i often say data is plentiful insights are not um ben you're a bit of an industry historian so i've got to ask you you mentioned you mentioned mentioned gigaflop gigaflops before which i think goes back to the early 1970s uh but the history actually the 80s is it the 80s okay well the history of computing goes back even before that you know yes i thought i thought seymour cray was you know kind of father of super computing but perhaps you have another point of view as to the origination of high performance computing [Music] oh yes this is um this is this is one for all my colleagues globally um you know arguably he says getting ready to be attacked from all sides arguably you know um computing uh the parallel work and the research done during the war by alan turing is the father of high performance computing i think one of the problems we have is that so much of that work was classified so much of that work was kept away from commercial people that commercial computing evolved without that knowledge i uh i have done in in in a previous life i have done some work for the british science museum and i have had the great pleasure in walking through the the british science museum archives um to look at how computing has evolved from things like the the pascaline from blaise pascal you know napier's bones the babbage's machines uh to to look all the way through the analog machines you know what conrad zeus was doing on a desktop um i think i think what's important is it doesn't matter where you are is that it is the problem that drives the technology and it's having the problems that requires the you know the human race to look at solutions and be these kicks started by you know the terrible problem that the us has with its nuclear stockpile stewardship now you've invented them how do you keep them safe originally done through the ascii program that's driven a lot of computational advances ultimately it's our quest for knowledge that drives these machines and i think as long as we are interested as long as we want to find things out there will always be advances in computing to meet that need yeah and you know it was a great conversation uh you're a brilliant guest i i love this this this talk and uh and of course as the saying goes success has many fathers so there's probably a few polish mathematicians that would stake a claim in the uh the original enigma project as well i think i think they drove the algorithm i think the problem is is that the work of tommy flowers is the person who took the algorithms and the work that um that was being done and actually had to build the poor machine he's the guy that actually had to sit there and go how do i turn this into a machine that does that and and so you know people always remember touring very few people remember tommy flowers who actually had to turn the great work um into a working machine yeah super computer team sport well ben it's great to have you on thanks so much for your perspectives best of luck with your conversation with professor parsons we'll be looking forward to that and uh and thanks so much for coming on thecube a complete pleasure thank you and thank you everybody for watching this is dave vellante we're celebrating exascale day you're watching the cube [Music]

>> Announcer: From London, England, it's theCUBE, covering Coupa Inspire '19 EMEA, brought to you by Coupa. >> Hey, welcome to theCUBE! Lisa Martin on the ground in London at Coupa Inspire. Because I'm in the UK, I have to say, you know of Sting, right? Well, guess who's here? Somebody cool enough to go by one name, it's Chandar, the CMO at Coupa. Welcome back! >> Great, Lisa, it's great to be here. >> So, this morning kicked off with Rob's talk all about community. One of the interesting things about Coupa is this community that you guys have built. Talk to me about, I know $1.3 trillion of spend is going through the Coupa platform, the community. Talk to me about how you've cultivated this community at Coupa. >> Yeah, it's a great question. Now, if you take a step back, you know, people don't buy features, people buy tribal feelings. And if you think it, if you look at, like, you know, if you look at a product like Harley-Davidson. Anybody can go buy any bike, but people are not buying the features, they're buying the tribal feeling of being part of that community. If you look at a product like Peloton, you know, people can go buy, have any stationary bike or any workout bike today. But they want to be part of that community. And as my wife tells me, Sephora, right? I don't have a lot of experience with that-- >> She's right. >> She is right, great, (Lisa laughs) thanks for the endorsement there. But again, it is about being part of the community and people like that and stuff, and that's what we're doing is, it's the features or the capability, it's the community the tribal feeling, and that's what Rob was talking about, the inspirational attributes of these different people that are part of this community, and how we're trying to, how we are building this community by showcasing the great leaders and their attributes and how they're transforming change in their organizations, and that's what we're creating in this conference, the feeling, the #emotion, of I want to be part of this cool club, and that's what we're doing. >> You know, a lot of companies talk about customer first, customer centricity. The community here is really helping Coupa innovate on its own technology. Talk to me about some of the things that, you know, since we last spoke, a few months ago, that have been inspired by the voice of the community. >> Yeah, so, you know, there is this concept of co-creation that Rob talked about today with our community. And a lot of the community is inspired by the community and it's for the community. And we have a number of innovations, 80 plus innovations that have been inspired in the last one year by the community. And even a concept like Source Together that Rob talked about, and the idea of Source Together is how can we come together as one community and drive the best negotiated savings together with a supplier, this is an idea that's been co-created with the community. So there's a number of different things. You look at community intelligence, Rob talked about commodity insights, as well as a number of other capabilities that we are showcasing today, has been driven, co-created, inspired by the community. And that's what's great. You want to set the innovation agenda for the industry by having this community inspire us. In fact we had our customer advisory board at every conference that is happening for us, and that's what drives to a lot of the innovation that we do today. >> Speaking of customers, Rob shared a lot of examples during his keynote this morning. I lost count of how many of your Coupa Spendsetters were mentioned, other customers, all with very strong business, measurable business outcomes. I know tomorrow in your keynote, you're going to be talking with a number of customers. But some of the things that are interesting about what Rob shared is these are examples that aren't just about refining procurement and reducing spend and, it's much more transformative. Give me some of your favorite examples of where this is beyond improving procurement. >> Yeah, it's a great question. It's a great question. And we have a number of stories, for example, tomorrow in my keynote, I'm going to be talking about storytelling, right. I'm going to be talking about how we can inspire the community through storytelling, and great storytelling starts with great storytellers. And these Spendsetters, and we can see them in the hallways here, we have found about 15 of them, and they're all great storytellers for one reason. They have great transformative stories in business spend management, but what makes them a great storyteller is that they're telling a story beyond the boundaries of the business spend management. Let me give a couple of examples, right. So one story that I'll highlight tomorrow is about Jarkko, the CPO of Telia. Now, I don't know if we know Telia, but 60% of the word's internet traffic goes through Telia. >> 60%? >> 60%. So everyday morning, checking out coupa.com that we all do. >> Every day. >> Or I'm looking at some less popular sites like Facebook or LinkedIn or anything else, you're probably on the Telia network, especially in this part of the world. And their challenge, their business spend management challenge is, they're pretty fragmented across the Nordics and the Baltics and other regions, and now with Jarkko, he's a strategic crusader, not a hired gun, but more of a driven crusader who's come in, transformed the sourcing function, made it more strategic, consolidated seven systems into one system with Coupa, and had 20,000 employees using that as well as all the different people for sourcing, so that they get the global benefits of scale across the regions. Now that's a great business spend management story, but what makes him a great storyteller, he's telling a story beyond the boundaries of business spend management, because he's not talking about savings attainability, he's talking about environmental sustainability, and the story he talks about is what their initiative at a board level is, you know, zero emission and zero waste by 2030, and how the work that his team is doing is directly impacting that board level initiative on how are they driving a communication strategy across the supplier base to get their environmental plans into the Telia's operations, and how me measures plans and progress of every supplier in their CO2 emission, and how that's going to be an explicit part of how they work with their suppliers, and how he is the trusted advisor that he is actually challenging everybody to rethink this whole idea of source to pay. That is telling a boundary beyond the boundaries of business spend management, it's telling a story. So that's one example, right. >> Is that a gentleman who's in procurement in finance within an organization? >> He is the CPO, the procurement-- >> That is having an impact on the sustainability footprint of the company. >> That's right, so directly associating with the initiative at a board level, right. So he's shifted it, by shifting the storytelling from talking about savings attainability to environmental sustainability, he shifted the perception of the organization from something that's operational to something that's very strategic in the organization. So that's one good storytelling. The other one I'll highlight, an example, is Matthieu at Global Fund. Now the Global Fund is the world's largest financier of fighting malaria, AIDS, HIV in 100-plus countries. They disperse $4 billion every year for that. And they have this partner called OneWorld.org, it's powered by Coupa, that Matthieu and his team are doing. So he could get a great business spend management story. He can say, you know, I've driven digital transformation, I've done 99.9% of my POs are electronic, and I've come to this new age of where, you know, on contract spend is being done, et cetera. Now what makes him a great storyteller, he's telling the story beyond the boundaries of BSM again. He's talking about a story of how this, the work that his team is doing, is directly impacting saving 32 million lives. How they are treating millions of people, get the right treatment for HIV, help pregnant mothers or on HIV, they get the right treatment on time, so that the babies don't get infected with HIV, and how they're distributing hundreds of millions of mosquito nets throughout the world for preventing malaria, through this OneWorld tool that's powered by Coupa to get the right medication on time. So that's millions and millions of lives, but the speed and ease of every single medication to get there, has an impact on the life of that person, and that's the story he's telling. >> This is so interesting, because it's so common for businesses to tell the common success story, and a lot of what Coupa shares of customers holding those big white cards with big numbers of what they're saving are very impactful. What was the idea behind the Spendsetters program, 'cause when I was reading a few of them in preparation to come here, it seems like it was a little bit more about the person and how that individual has facilitated transformation. Tell me about the concept-- >> It's a great point. There's two components to it, right. One is empirical, two is emotive. And if you look at both concepts, one of them is the empirical value that, yes, ultimately Coupa is about driving value, and that has to be as a company, has a capability of driving value to our customers. And that's the empirical value of you have driven so much saving, so much percentage of spend, and you know, millions of dollars, billions of dollars savings et cetera. Procter & Gamble, for example, $2.5 billion in savings. That's the empirical value. It's very clear, that's the value. But behind that is a person, and that is the emotive story of what is that person, what is the personal story, what have they gone through in their life, what's their, you know, nurture and nature, and how that's influenced them that's becoming, that made them into the great leader today, and that's the emotive stories we're trying to also tell on the Spendsetters site. So there's the value side of the story, and then there is the emotive side of the story, and the spendsetters.com is purely on telling the human stories, because behind every purchase order is a person, and we're telling the story of that person. >> So as we look at the changing role of the Chief Procurement Officer, the changing role of finance decision makers, not just here in the UK, and I know Coupa recently did a study that showed that 96% of UK financial decision makers said, "Hey, I don't have complete visibility over all my spend", so big opportunity there, but even from a transformation perspective, the Spendsetters examples, how is that showing that Coupa can fundamentally help a business not just change procurement, but have such wide lasting impacts? >> Yeah, I think ultimately, if you look at procurement, you know, for it to go as going from operation to strategic, you're just getting that seat at the table. And getting that seat at the table in any executive discussion is about first aligning to some strategic initiative that is important at that executive table. So more as we align these value stories and the value that procurement is driving, through these strategic initiatives that are important at the board level, at the executive level, the more the profile and the more the R-E-S-P-E-C-T, as we like to say, and get that seat at the table, and that's what this whole Spendsetters program is aiming to do is A, showcase the personal heroes, and B, showcase how they're telling stories that align to bigger level initiatives, that's getting them get that elevate their position and get that seat at the table. And that's what the plan is there. >> So, lots of growth. Second quarter results, I was taking a look at those, revenues up, billings are up, very high renewal rates. So from a customer satisfaction perspective, the data is there to show that Coupa is going in the right direction. From your perspective, how influential are your existing, your incumbent customers in helping prospective customers evaluate Coupa and go, this is the right decision for us. >> It's a great question. You know, I say we live in a peer-bound world, right, where it's really, we more and more, first of all, 80 to 90% of buyers' journeys are self directed, because buyers have more power than ever before, and second of all, anything we do within our personal lives as well as in business decisions, we rely more on peers and people we trust to help us make those decisions, right? From that perspective, our best sellers, the best sellers we have in this conference, are our customers. I just came from an executive luncheon, where we had 50% of the room was customers and 50% of the room was prospects, and we had our best sellers, not our salespeople, our customers talking to the prospects, in real, authentic conversations of what's value, what's their journey, what did they struggle with, and what are the lessons learned, and how did they get there. And those are really meaningful interactions that ultimately is going to make a prospect, influence a prospect on what decision they have to make. >> Absolutely. >> So that's very, very important from us, and then providing a platform for this authentic dialog and these authentic interactions. That's important for us. And also, I think, you know, ultimately in a SaaS business, the true measurement of success, I say is two things, right. One is what I call lifetime value, and two is the number of brand advocates. So the idea there if someone is staying with you longer and giving you lifetime value, and is shouting from the rooftop that I really love my interaction with this brand, then invariably you're driving value to them in a long term way. And that's really the true measure of success, and that's what excites us from our perspective. >> And is the foundation of that trust? >> The foundation of that is two things. It's trust based on value, right, and you've got to deliver value, and Rob has a great line where he talks about, it is not about customer satisfaction, it's about customer success. 'Cause many times a customer may be satisfied, may not really know what their success metrics really mean, but it's not about sometimes a customer may not be satisfied, but really be successful because you're driving the true metrics what is important to the customer. So once you get the value delivered, and do it in an open, authentic way, then, in that case, there's trust that build, and based on that trust, you earned that trust, and that becomes the foundation of the lifetime value. >> We were talking about, well, we, Rachel Botsman was talking about the importance of a brand, any brand, earning trust. A lot of times she gave that example in her keynote where she showed three brand logos, Uber, Facebook, and Amazon, and said, trust is so contextual and so subjective, but clap for which brand you trust the most. And it's so interesting when she started talking about, Facebook got the least, in fact Facebook got no applause at all, I was expecting a few folks (Chandar laughs) to maybe do some clapping, but Amazon being the clear winner, and I thought, yeah, I trust Amazon to deliver whatever it is that I buy when they say they're going to deliver it, and she said she trusts them to do the same, but, would you trust them to pay their taxes on time-- >> Chandar: Sure. >> So when she started talking about trust being subjective and contextual, it really kind of changes the whole dynamic. >> Chandar: It does. >> So that earned trust, but also the ability to reduce the risk that your customers are facing, whether it's overpaying suppliers or paying duplicate invoices, that trust risk balance seems pretty critical as well. >> Ti does, it does. It's an interesting perspective. I think because, in that case of Amazon, I think there's operational trust, that they're going to get the job done and deliver the whatever you ordered in one day with frame or two days with frames, this is operational trust. But is there a trust in the sense of purpose is where she was going with, right. And today for organizations, especially with the millennial crowd, as being customers as well as employees, the question is, you can get operational trust, but you also have a sense of purpose that they trust in, and have that be, and be authentic as an organization. And that's why is say it is not being, you talk about AI, as artificial intelligence, the real AI is authentic interactions. >> Lisa: Authentic interactions. >> And that's really the authenticity as a brand, being open, and acknowledge your failures but strive for excellence for success, and have this open platform with your customers, and always look towards adding value. I think that invariably, over time, creates this trust feeling that ultimately drives long term lifetime value for us. So that I think is the most important thing. >> Absolutely. So tell me again, which three customers are going to be on stage with you tomorrow sharing their stories? >> It's great, I have three. One, Procter & Gamble, a company that my mom knows about, my 86-year-old mom. So one of the greatest brands, so that's a great story about, again, they have a great business spend management story, but they're telling a story beyond the boundaries of business spend management and it's a fun story. And then we're going to have the Global Fund. Again, I told you, one of the world's largest financier of fighting HIV, malaria and AIDS. And we're going to have Telia, one of the largest telecommunications providers. >> Excellent. So really kind of showing the breadth of the technologies and the industries that Coupa helps to transform. >> And the breadth of the personalities, and the people behind that are driving all this change. >> Excellent, well Chandar, thank you for joining me on theCUBE. I wish we were going to be here tomorrow to see your keynote, but it sounds exciting and the Spendsetter program is certainly one that I think is quite differentiated in terms of telling those transformative stories that you said are both empirical and emotional. >> Yes, thank you Lisa, it's great to be here. >> Likewise. >> Great. >> For Chandar, I am Lisa Martin. You're watching theCUBE from Coupa Inspire London. Thanks for watching.

>> From Seattle. Washington. It's the key you covering Goob Khan and Cloud Native Con North America. Twenty eighteen. Brought to you by Red Hat, the Cloud Native Computing Foundation and its ecosystem partner. >> Okay. Welcome back. It runs the cubes. Live coverage of three days Wall to wall here at Koop Khan and Cloud Native Khan, twenty eighteen in Seattle, where day three only actions happening. Mr Keep John for was to Minuteman where you have bread. French Compton, Tina. Director, Technical Market had read, had breaking down the container storage trends and directions. Costly containers are super important. That's happened. Communities has happened. Now. New things were happening around a lot of innovation. Thanks for coming on the Q. Appreciate it. >> Thanks for having me back. >> So what's the state of the art of containers of trends? Some of the market directions? What's going on around containers? >> Well, here at this show, of course, it's been all about service mesh. Right is Theo. Service mesh, dynamically dynamic discovery, dynamic invocation of services. But all of those things Well, a certain percentage of those things, according to Keynote, require some type of persistent so eso yet service message, service meshes and persistence. >> So storage is a big part of the networking and compute all working together. The cloud that's been a big part of it. What's what's important here in this show? What's going on this week. That's really impacting that piece of it. That container in storage you mentioned state versus stateless work area stateless is to find people from persistence in state become important and applications. How much conversation's been here this week on that piece >> we'll talk about this week, and then I'll talk about the last couple of weeks this week. There, there. Couple of significant thing is going on. They're going to sort of unleash innovation in persistence as it pertains to the coup bernetti subsystem. First, of course, is a container storage inter. See, you know, today, all the all of the volume plug ins have been entry. You want to change. You know, some vendor wants to change their their storage capabilities. They need to re compile the binaries. Very slow. Very, very non agile. Of course, with the advent of the container storage interface, it's okay. Here's the common interface. All the all the volume plugging providers right to that interface so they could. Then they Khun Iterated to their heart's content without having to change the the entry >> source. So the impact is what? Speed, agility, >> agility of innovation, allowing all those guys t innovate Kind of the second thing. That's so that's man of discussion this week. Another thing's been a discussion you've seen in the in some of the sessions and stuff is the operator framework, you know, coming a champion by the Coral West guys, of course. Now part of Red hat, the operator framework in terms of effectively automating things that human operators would do for complex subsystems. Such a CZ storage. Eso basic installation based basic upgrades, you know, monitoring those services. So when you know something falls over, what do you do with that type of stuff? So I'd say C s I container storage interface as well as operator from me. Those are some of the things have been talked about this week. I still want to go back. Talk about last week, but go ahead. >> I wonder if you could tease this out a little before. So, you know, lost five years. You know, container ization, Cooper Netease. You know, massive change the way we think about architectures. Things like networking in storage. I have often been the anchor to kind of hold us down to be ableto make changes faster. Virtual ization helped some, but you know, container ization. We're gonna have to fix some of these same things. What conversations you're having with customers, You know, give us the latest on the, you know, the state versus state falls we heard in the keynote. It was They said forty percent of deployments have, you know, st full applications out there spending on numbers. And, you know, it's definitely has been growing. And at least I can do it as opposed to, you know, two years ago, it was like, Okay, we're doing containers, but we're just going to stateless for now, and we'll try to figure out what architectures goingto work. Even a year ago at this show, I heard in the back rooms there were lots of arguments as to which one of the storage projects was going to lead and seems seems like we're getting some maturity. I hope we hope to give us some visibility is where we are, and you know what's working and what still needs to be done. >> So although the industry talks about serve earless there, not yet talking about data lists, the or storage lists. I mean, you know, if we threw out the basic principle of data gravity data is the sun around which applications services rotate And so even I mean, even stateless aps stateless app Still do I owe frequently? The io of stateless apse is, you know, be arrest Will puts and gets to an object store that actually brings me. So let's let's talk about let's unpack the stateless and then let's go to St ful. So I'm gonna come back. Tio some of the conversations. A couple of weeks ago, Red had announced the acquisition of Nuba and Israeli Company. So when you think about what new Bob Plus sef due to provide stateless aps with a common set of Davis, a common set of David data services across the hybrid and multi cloud so those stateless app saying, Okay, I'm going to do I'm going to rest well puts and gets. But, man, it's complicated. If I'm gonna have to develop to various proprietary protocols I've got, you know, the is your blob protocol. I've got a W. S s three. I'm talking Teo Google persistent disc. And then if I want to run hybrid, I'm also talking to SEF objects storage on premises. And if I'm a developer I'm thinking, man, Wouldn't it be nice if I had a common set of David data services, including common protocol to talkto all of those different cloud storage back end? So, Nuba some people kind of call it a cloud storage controller provides that kind of common data services. So things like common FBI protocol? Um, things like mirroring. So you you want to write, right Once you're uprights once and it smeared across the various cloud object storage back ends to facilitate easy migration. The second one I wanna uproot to move over here. Your data is already there. So that's, uh that's a couple of reasons. And some of the conversation from a couple weeks ago about how Nuba plus self are helping stateless aps get Teo hybrid and multi cloud >> this. I think that is a great point. You have a hybrid cloud and multi cloud coming around the corner, which is about choice, Right? But see, I CD pipe lining of having a consistent developer environment clearly is one of the main benefits we're seeing in this community here. Okay, I got some sulfur developers with crank teams move around that consistency, no matter where were the environment is just really good goodness. Their storage is interesting and data is that because you're right, the sun is the data and every is orbiting around it. That's the Holy Grail. This is what people want. They want addressable data. They wanted real time. They wanna have an access. They don't want to do all this code to configure manage data, and it's complicate. Got data warehouses? You got time. Siri's data so date is getting more complicated, but it needs to be simple. So this is kind of challenge of the industry. How are you guys seeing that with open ship? How is your container piece fit in? How do you guys make that easy for customers to say? Look, I want to have that data like I wanted intelligent, that brick of access to data. So my abs don't have to do all the heavy lifting almost like Dev ops for data. It's like day tops, like I need to have programmable data on the absolutely which, which have thoughts on that. >> So first I wanna I wanna address that in two ways. The first is about open shipped itself that what you described is in fact, the sweet spot of what open shift is providing a common set of Cooper Nettie Services. Plus. See, I see the pipeline services for developers and operation staff independent of your cloud infrastructures. So whether open shift is running on top of a heavy west, whether it's running on top of his your whether it's running on top of the G, C. P. Whether it's running on premises on bare metal, you know, common set of cou bernetti services and CD pipeline services. Okay, that so what you described there's wanted to just highlight that That is open ship hybrid multi >> valuable check. That's awesome data >> now coming down. Coming down to data. So, in fact, open shift container storage is the mirror analog to open shift for that, providing a common set of Cooper Netease volume services. Independent of what? The storage substrate. ID. So think about it. If you're If you're inside of eight of us, you've got CBS is what's you know? When in Rome, act as the Romans. You've got E. B s there when you're inside of eight of us. Well, the type of communities volumes service of the CBS provides natively differed them for instance, when you're on premises and it's surfacing via and NFS plug in, maybe different. Likewise. We're inside of a CZ. You're with your persistent disco, so open shift container storage device the same type of abstraction Lee are providing a common set of cou bernetti communities volumes services independent of what? The storage server layer is so >> cool you guys was tracked away the complexity. So the APP developer doesn't do anything about storage on those discreet platforms, >> doesn't know anything about storage and provides a common set of services instead of Well, let's see, this is running on this cloud. I don't have the have a different set of services, so common set of services. >> So one of things I love about talking right out of the shows is you actually have a lot of customers that are doing this way. Actually, we spoke to one of your customers yesterday. Talk about how you know communities is helping them create sustainable data centers over in Europe. In the Nordics, especially so communities is awesome. But what's really awesome is the things that we can do on top of it. I wonder if you've got, you know, help connect some of this toe. You know, your customers really things, you know? How does this, you know, change the game? How does it change their teams? You know, what can you share with us? >> One of things that I can't. What's what's top of mind. So what's not top of mind for me at the moment is you know what kind of knew how their reinventing the world what is top of mind with me right now? We've just been studying. Our our results is we look back and this is a little bit of a A Okay? It's a trend, but it's a different kind of friend you're talking about. In the last six quarters, we've had six hundred percent growth with open ship container storage. Um, so And now we send last six quarters were also at a point. Now we're seeing some of those same folks from the Nordics here. You're describing that are coming back now, you know, they have experimented on, So there are some There are Cem Cem cruise ship. There's a cruise ship company that is deployed this on on ships. What we're now seeing. What's very gratifying for us is they're coming back now for a second pass. Now, a year into it, it's okay. Clearly, it must be providing enough value that you come back. Okay. I want to buy this for another ship or more shifts. That's gratifying for us. The first year was, let's see. Let's try this uber Netease, this open ship container store stuff out. But, you know, coming back to the trough for another take, It's good for us. >> And what's going around the corner? He opens shifting, doing great. I love this abstraction layer we're seeing for the first time in the industry, clear visibility and a real value proposition. When I were joking yesterday, you know, we were at open stack years ago, or even Cube con three years ago. We would ask the question If you had a magic wand, what would you hope to have happened? It's actually some of the things that are actually happening. I mean, clean, heavy lifting is gone, and all the developer side consistency, productivity, better advantage on the application development side and then taking away all the hassles of having that she trained people on multiple clouds. So this is kind of happening. What's next? So what's the next next, uh, bowling pin to fall down? What's the, you know, Hit the front ten. What's next? What's going on? How do you guys see the next innovation around Open ship and storage containers, >> cloud independent data services and mobility. So independent of the clouds. And again, it's hybrid, too. So you don't want to be locked into your own cloud either. So cloud independent data services and mobility. So he said, Listen, I want to be I want to have a common de doop compression mirroring, but I want to sit in the layer above my clouds back to the data gravity thing. I want to ensure that my data is where I need it on different clouds. So I'm elevating to a new layer this this cloud storage controller, this this cloud independent set of data services way. Think that's where the pucks going? >> Yeah, I think the data date is critical, I think. Way said years ago. Data ops. There's a Dev ops model for data. You look at that way's not just putting into a data lake actually making it useful. Yeah, Thanks. Come on. Cuba. Here. Bringing all the data here. The Cube. We're sharing it here. Live in Seattle. Is our third year coop coming there from the beginning? That's the cubes coverage of Cloud Native Khan and Coop gone. Bring all the action here. Was red hot on the Cube. Back with more live coverage. Stay with us. Day three, three days ago off the wall. Coverage will be back after this short break.

>> From Seattle, Washington, it's 'theCUBE' Covering KubeCon and CloudNativeCon North America 2018, brought to you by 'redhat' The CloudNative computing foundation and it's ecosystem partners. (upbeat music) >> Hello everyone and welcome back to live CUBE coverage here at Seattle for KubeCon, CloudNativeCon2018. I'm John Furrier. Stu Miniman, breaking down all the action here for CloudNative, trend, a lot of ecosystem partners, a lot of new developers, a lot of great open-source action in the cubes here covering it. We've been there from the beginning, our next guest and user, Max Schulze, Advisor and Founder of NBF, welcome to the CUBE, thanks for coming on. >> Thank-you, thank-you for having me. >> So tell me about what you're working on. You are doing something pretty compelling with Kubernetes and CloudNative, take a minute to explain what you do. >> Yeah actually, we are advising a very large energy utility in the Nordics and what we're trying to do with Openshift and Kubernetes is actually to shift loads between different data centers based on power availability. So if you have wind and solar power, you know that you only get energy when the wind is blowing so you really need to be able to match that load of the data center with the actually energy production which is quite challenging to be honest. >> Max you have different take on 'Follow-the-sun' that we used to talk about in IT I'm guessing, yes? >> Yes >> Take us inside a little bit, the sustainability is really interesting and how some of the power, you know, usage and heat and everything and maybe you can explain that a little bit before we get into the data. >> Of course, so generally how we got to a sustainable data center source was that in the Nordics you see a big growth of data centers in general so all the hyperscalers: Google, Microsoft, AWS. They are all coming to build data centers in Nordics. It's cold, power is cheap, you have lots of renewable energy available and we started to think 'Okay, but they have two problems essentially.' They generate a lot of heat, which is just emitted into the atmosphere so it's wasted, and the second problem is that they want 100% reliable power and reliable power you only get from nuclear, you get from gas, coal fire power plants not from renewables. So we looked into this, and we started to think about okay can we maybe get the heat out? Can we extract the heat from a data center and inject it into district heating grids and actually heat homes? With a hyperscale data center from Microsoft, 300 megawatts you can heat about 150,000 homes, that's quite significant. >> Yeah and how are you doing that? I mean I talked to a company once that was like 'Oh well we're going to, you know, we'll just distribute the servers different places and there will be ambient heat off of it.' But you're extracting the heat and sharing it. Explain that a little bit more. >> So most existing data center projects, they extract the heat out of the air but that's really inefficient. You get to about 100 degrees Fahrenheit which is not uh high quality heat. So what we want is 140 degrees Fahrenheit, about 60 degrees celsius, which means that we have to use liquid. So we have to use water in this case and we use a cooling system that is quite ironic from a start up in Germany called Cloud & Heat that uses hot water to cool servers. So the water really flows at a very very high speed through the data center and on it's way picks up a very low amount of temperature and we get out the temperature, we get out the water at 140 degrees Fahrenheit and we put it in at 120 degrees Fahrenheit. So it's quite, not a big difference, but it flows at a very high speed. >> So it makes it work? Makes the numbers work. >> Exactly. And so what's the home count again you mentioned one hyperscale data center, like a Microsoft data center powers heat for how many homes? >> About 150,000 homes from 300 megawatts worth of data center. >> And you guys put this into a grid so that's, does the location of the homes need to be nearby, is there a co-location kind of map or? >> Yeah actually, in order to do this we have to move data centers closer to cities. But luckily, data centers actually want to be closer to cities because your closer to peering points and one of the reasons why they usually can't come closer to cities is because power is not available near a city. So we um try, we can give them both. Right, they can come closer to the city and we can give them power, and we get the heat in return. So, so everybody wins. >> Yeah so I mean, a lot of the discussion we've had is the interaction between software and my data center infrastructure. You've got a story of software, with you know, actual like city underneath the infrastructure. Maybe you got to help explain how that was built out, what tools you're using and walk us through this all. >> So we originally started with Openstack, which was the first test because we need, in order to do this heat extraction we need to also steer really the software, the workloads that run on the data center because you know a chip only gets hot when the server actually does something so we really had to figure this out. We started with Openstack and then we started looking into load shifting which immediately brought us to Kubernetes and then Openshift because you can use the internal scheduler to basically force loads across different locations. We connect it to our energy systems, to our forecasting systems and to our heat load management systems and then basically push workloads around. Right now we have two sites where we test this and it's not as easy as it sounds. And we basically want to move workloads, concentrate them where we want, we have heat. So um yeah, Redhat is helping us a lot doing this but still it's not that easy. >> Yeah yeah, it's interesting. You know, I think back you know, virtualization was about you know, how can we drive some utilization and get some out? You really want to you know, concentrate and run things hot. >> Yeah, exactly. >> Quite inter- Alright tell us about your involvement in this ecosystem, you know, what brings you to the show this week, what do you get out of coming to a show like this? >> Yeah, actually I came because Redhat invited us to talk at the Openshift gathering at the beginning of the conference. And generally, we don't really have a commercial interest in making data centers or data infrastructure sustainable, we, we don't gain anything from that, but we believe it's necessary. If you look at the growth curve of data centers you can really see that they will consume more and more power, and then the power they consume is not compatible with renewable energy. So we are hoping that we can influence people and we come here to tell people our story and we actually get great feedback from most of the nerds. >> Well it's a great story. It's one of those things where you're starting to see data centers trying to solve these problems. It's great with the renewable energy, having that kind of success story is really huge. Um, You mentioned that data centers want to be close to cities. I got to ask the question, in Europe, well you've lived around a lot of places. Is there a more cloud city oriented, like is it London, you got Paris, you got... I know Amazon's got data centers in Ireland. Is there certain cities that are more CloudNative culture? How would you break down the affinity towards CloudNative? If you had to map Europe, which major countries and cities would you think are advanced, cloud thinking vs. tire kickers or you know, people just kind of just trying it? >> In Europe there is a region called the FLAP region, that's Frankfurt, London, Amsterdam and Paris. Those are where you have the highest concentration of data centers, but it terms of CloudNative adoption, I would say that probably in the UK you have the most adoption rates and in the Netherlands. Germany is always, I am German so I can say this, we are always a bit behind in terms of cloud technology because we're a bit scared and we don't know- >> You'll watch everyone test it out and then you guys will make it go faster. (john laughs) >> Maybe, maybe, maybe a bit more efficient but uh, generally I think the cloud adoption rate in Germany is the lowest and the UK and the Netherlands is the highest I would say, yeah. >> Awesome, well thanks so much. Congratulations on your success, we'll keep following you and when we're in Europe we're going to come by and say hello. Thanks for coming and sharing the stories. The CUBE, breaking down all the action at KubeCon, CloudNativeCon. I'm John with Stu Miniman. Day 2, we got three days of wall to wall coverage. Thanks for watching. (upbeat techno music)

>> Live from London England, it's The Cube, covering .Next Conference Europe 2018, brought to you by Nutanix. >> Welcome back to The Cube, I'm Stu Miniman with my co-host Joep Piscaer. And you're watching The Cube, and actually Bear Grylls is going to be on the keynote shortly, but we're gonna talk a little bit more tech first. First of all I wanna welcome back to the program Chris Kaddaras is the senior vice president and general manager for EMEA with Nutanix, and welcome to the program for the first time, Sylvain Siou, senior director of Systems Engineering, also for EMEA with Nutanix. Gentlemen, thanks so much for joining us. >> Thank you for having me. >> Alright so Chris, we were thinking back, two years ago, the first European show in Vienna, I had you on the program, and you were fresh on, I always loved getting people when they're fresh into the company because they have the why they're joining in, why they think they're doing things. So, bring us up to speed. Two years, couple things have changed in Nutanix, couple things have changed in the industry, but why don't you bring us up to speed? >> Sure, no I'm happy to do that. First I'll tell you that some of the things I told you on the show two years ago actually proved true. I could see the energy in Vienna at that time in regards to what I call kind of a religious following in Nutanix because of the compelling-ness of the technology and the solution, and that hasn't stopped. One thing that I wasn't quite prepared for is just the rate of growth of this company, and how our customers really embraced us in the market. Now in the EMEA market we've had some success I would say. The team's done a really good job. When I started we had less than a thousand customers, now we have over 3,000 customers. When I started with Nutanix, in the region we had about 200 employees, now we have almost 800 employees in the region. So collectively as a region we're growing a bit faster than the rest of the world which is a good thing for us, and customers are showing their appreciation for us, so it's been a really good experience, but something like the hyper-growth that we have at Nutanix takes some getting used to when you come from other companies, but it's been a really good thing for our customers. The thing that I think I'm the most proud of is we've done that hyper-growth and we've still kept our NPS score above 90 for our customers, so our customers are getting a really good experience both from our sales teams, our product, our implementation teams, and our support teams, that it's kept everything in check for our customers which I'm really proud of. >> Well congratulations on that. Sylvain I have to think that your team has something to do with that NPS score. In my career, I have great respect for the SEs, they're the one that have to not only know the product inside and out, but they need to be working closely with the customers, have a good viewpoint on the customers. Being here at a European show, I wanna get your viewpoint. Tell us, what's different here compared to what you hear from people back at Corporate, what are some of the differences here your team sees? >> So we have a very good relationship with Corporate, so we're really aligned and we're involved in the project in same way as any other region. I think we were faster on some very big accounts, and that was really surprising and also the, I think the timing for the need of the customer to solve situation after virtualization was the exact timing when we start in EMEA, the product was mature enough so that was exactly the right timing, it's five years ago when I joined, so really we solved this first situation and after that everything we promised in term of making this platform a true cloud platform for enterprise is there, I think all these services on top of it, who have the same kind of services you can see on public cloud, is there, we show it this morning, and now giving the ability to the customer to manage situation with this cloud from different providers and what is on premise is there, so I think all the control, the costs on the compliance and so on have done a lot to manage the situation and take you through the control everyday. >> So, what is the adoption maybe compared to the US for the core products that you have now versus the additional services? Is there a big change or a big difference between the US and Europe or, what are you seeing with your customers? >> So, we follow the same path. There is some region and maybe I will relay on Chris, some region that we invest later than the others so, of course France, Germany, UK, Northern Europe was really the beginning and after that we have more southern regions or eastern region that come after, but we are surprised sometimes because people can jump to the last technology faster than the others, so I don't think there are really rules, there is really people who is painpoint, we have the solution, and when it fits, they go faster. >> Yeah I think from a solution perspective we are thriving at the same rate our emerging technologies into the market as our other regions in the world. In some cases we're ahead, things like IoT, what was originally called Sherlock, we're ahead, we have like first customer, second customer to start coming to adopt, so we do have markets within the EMEA region that are much earlier adopters compared to other regions. Think of places like the Middle East, the Nordics, France, adopting much quicker than some other regions of the world. So we see our new products starting to roll, we're really excited about Xi Leap, I know that the first instantiation went live, I think yesterday or today within the Americas, we're looking forward to going live within London, and then moving in to mainland Europe from there, and I think that will be a huge difference-maker for us in the markets as well. >> So looking at those regions specifically, I know there's a couple of markets in Europe, especially Germany, that have such strict data sovereignty laws that it makes it really difficult to actually do business from a DR or cloud perspective. How's Nutanix dealing with that? >> I think that's where we... When we have our SAS-based products, that's a challenge. When we have our cloud-based products, that's a challenge.` So, for our cloud-based products we have a plan really quickly to go into places that have data sovereignty compliance regulations that they have to adhere to. So Germany, we have a plan to go into Germany really quickly; we obviously have a plan to go into some other markets, Amsterdam, we have a plan to go into London for cloud. For SAS, a lot of customers are consuming SAS and they're okay if there's a good security problem, parameter around SAS, and they're consuming Salesforce.com without data centers, they're consuming other products that way so, as long as we put the right security parameters in place, then their consumption model around SAS is typically gonna work, I don't see us distributing SAS data centers all throughout every market in the world to do that. Our core product right now consumption is mostly local, and it's consumed either in an appliance way or it's consumed in a software way, so that's not something that we have to worry about. >> Yeah it's interesting, you wonder if North America has a greater adoption of public cloud, if that actually gets you an advantage in the EMEA region here to get deeper with some of the core and essential offerings. >> It does; customers will adopt a private cloud because of those data sovereignty regulations. But a lot of the uber-clouds have come in and solved that, they've come in into country, they've created gov clouds, they've done it in Germany, they've done it in the UK, so they're starting to solve that, but they have to put out a lot of investment to do that. But it has given us a lead in the marketplace, but there are certain markets that are very much like the US market, so the UK, it's very similar to the US market with regards to uber-cloud or public cloud adoptions so in that market we have a lot of opportunities with somebody like Beam, because they've consumed a lot of the other uber-clouds, whether it's AWS, UCP, or... And we have that opportunity to sit down and provide them with solutions. >> Sylvain, what else are you hearing from your customers, what are some of the pain points that they're feeling that your team's able to help with? >> Clearly in the past we saw the proliferation of the VM, and we find a way to control that, but with the cloud the proliferation is without any limits. So really this is something important for the customer to take back control, take control of the shuttle IT and so on, and it's very lowly. And also I want to take a specific point really the R&D are really taken care of when we see in the field, I will take just an example, the synchronus replication, metro-culturing and stuff like this to high availability, between (inaudible) and so on, it's typically European, because we have fiber, we are really city close to each other and so on, in America, that makes no sense, and really at really early stage of the company we get the R&D taking care of that, developing specifically for our market what is needed for our market, and it means that we're a really global company and not really American company, we have also R&D in different places, we have in Serbia with Frame, we have in India, and so on, so really to be really taking care of each issue or pain point of the customer is really our main driver. >> So one of those other differences I see a lot is the scale of the organization, the size. So what is an SMB in the Americas might be an enterprise in Europe. So what are the solutions you have for those types of customers, for that problem? >> So definitely we need, so we are talking to customers we have a critical science, they need to have a minimum of VM to face the issue of the bottom neck of the storage or the management part and so on, but also we have example of small customers just need a platform that works, and don't want to have anyone taking care of it. And so now it's like you phone, you don't take care of the storage and CPU, it's just your application and that's it, could be internal, external, and so on, so really the SMB of course is not the main market for us, it's more the big account and so on, but we have all kinds of customers in any verticals, there is no specific one that we cover, and it's really because the platform is something that has become just normal to be invisible. >> Yeah I would add on that, if you don't mind, I'd say that the nice thing about the product is it's in a form factor in a pricing mechanism that can be consumed from SMB all the way up to global accounts. That's the nice thing. Now, maybe we spend a lot of our field resource on mid-market up, because that's where we get larger transactions from customers, and it's just a value conversation with regards to return on investment, but the nice thing is our product can be consumed at the smallest customer. We have just released new pricing mechanisms that allow our customers to now consume at much smaller levels, so we're not allow for SMB but for ROBO, because if you think about it if you just have a one size fits all pricing structure how does that work in the data center, that same price doesn't work in the ROBO area, so you have to give the customers the ability to look at the same experience in the remote office or the small sites compared to a data center, and that's something that we've just kinda brought to the market in the last three to four months, and I think that's a real advantage of not only the product but the pricing structure. >> Chris, we wanna give you the final word. If EMEA customers, what do you want them taking away from this week? >> Sure. I think, they've already told me, and I'll tell you, which is good, 'cause it's what I want them to take away, is just the credibility that Nutanix is here for the enterprise work load, they can look at their entire data center delivery mechanism on a Nutanix platform. But also Nutanix is a company they should be looking for for their cloud-based platform. There is a decision in the marketplace to be had right now around what do you use for your cloud, lack of a better word, orchestration layout, cloud automation layout? And there's only a few choices in the market today, some of them are more open source, some of them are specific vendors, and what I want them to take way is Nutanix is an option for that, leave it up to me and my team to prove why we think we're the best option for it, but that's really what I want them to take away, the credibIlity of tier one platforms running Nutanix in their data center, and then two, Nutanix for the cloud-based platform. >> Congratulations on the progress. I wanna say some feedback I've heard from customers is despite how fast Nutanix has been growing, they still feel that they're getting the personal touch, don't feel like just a number for some fast-growing company so congrats on that, I know a lot of effort goes into that. Alright so we're at the end of the Day 1 for Joep Piscaer, I'm Stu Minimn, be sure to join us tomorrow for a full day of wall-to-wall coverage. Of course go to theCube.net for all the websites to watch us live and on demand for all the shows we're doing and once again thank you for watching the cube. (digital music)

>> Live from Washington, D.C., it's theCUBE. Covering Inforum, DC 2018. Brought to you by Infor. >> We are back this afternoon here in Washington, D.C., at the Walter Washington Convention Center. As we continue our coverage here of Inforum 2018 along with Dave Vellante, I'm John Walls, and we now welcome Mr. Cormack Watters to the program today, EVP of Emea and APAC at Infor. Cormack, good to see you sir. >> Nice to be here. >> So, we're going to talk about Guinness, over in Ireland (chuckling). Cormack's from Dublin, so we had a little conversation. We're getting a primer here. >> It's actually the best conversation we should have, right? >> Right, we'll save that for the end. How about that? So, you're fairly new, right? About a year or so. >> Ten months or so, not that I'm counting it by the day >> No no no, always going forward, never backward. But a big plate you have, right, with EMEA and APAC? Different adoptions, different viewpoints, different perspectives... We've talked a lot really kind of focusing domestically here for the past couple of days. Your world's a little different than that though, right? >> It is. It is. And it's very good that you've actually recognized it because that's actually the biggest challenge that we have. To be a little bit humble about it, I think we've got world-class products and solutions. I actually fundamentally believe that. But we have lots of different languages, cultures, and localization requirements in the multiple Countries that we look after. So, it's great to have great products, but it needs to be in French, Spanish, Portuguese, Italian, Swedish, Norwegian, Finish, Arabic, which most of them are. Customers realize that we are actually international and localized for many, many markets. But now we've become an intriguing option for them, if you're a multi-national business, with subsidiaries all over the world. So, it's good that Infor is big enough to do that. We need to do a better job of letting everybody know that we've done that, if that makes any sense. >> Sure. >> So what's happening in Europe? Europe's always pockets, there's no..I mean.. Yes, EU but there's really still no one Europe. What's going on? Obviously, we have Brexit hanging over our head. I felt like U.S. markets are maybe a little bit overheated in Europe has potential upside. >> Yeah >> And it seems like others seem to agree with that. What happening on the ground? Any specific, interesting areas? Is Southern Europe still a concern? Maybe you can give us an update? >> Yeah, so Brexit is quite a dominant conversation. I am from Ireland. I live in Dublin, but I'm working all over Europe, the Middle East, Africa and the Far East. So, I don't get to be at home very often, except the weekends. London is really our regional headquarters from a European perspective, and Brexit is on everybody's mind. Interestingly, when you go outside the UK, Brexit is not such a big topic because... That's Europe. And they kind of go, "Well if you don't want to be here, then you don't need to be here." Right? So it's a little bit of that, and they're saying, "Well, we'd like for them to stay, but if they don't want to stay, well, don't wait around." But in the UK, it's causing a lot of uncertainty. And the UK's one of our biggest markets. It's a lot of uncertainty, and what would be best is if we just knew what was going to happen, and then we could deal with it. And actually, once we know what's going to happen, that's going to bring a degree of change. And change, from our industry perspective means there's going to be some requirements that emerge. So, we need to be ready to serve those, which is opportunity. But the uncertainty is just slowing down investment. So, we need that to be resolved. >> So, clarity obviously is a good thing obviously a good thing in any market. Are there any hotspots? >> Yeah, actually for us, we're doing, for us the Hotspots right now, we're doing incredibly well in Germany. Which, one of our lesser known competitors is a small Company called SAP. And they're headquartered in Germany. It's quite interesting to see that we're actually taking a lot of market there in Germany, which is fantastic. That's a little bit unexpected, but it's going very well right now. We're seeing a ton of activity in the Asia Pacific, I would say that region is probably our fastest growing in all of Infor. And consistently so for several quarters and maybe past a year at this point. So Asia Pacific, Germany, U.K., and then as it happens, we are doing very well in Southern Europe, which is a combination of countries really. France, Italy, Spain, Portugal and Greece. Hard to put it down to which particular Country is doing well, but there seems to be a general uplift in that region. Because they were hit the hardest, arguably, by the crash back in 2008. So they've definitely come out of that now. >> And when they come out, excuse me I'm sorry John, but, they come out, Cloud becomes more important to them, Right? >> Yeah, I mean, absolutely. Anyone who's been delaying investment for years, can actually leapfrog what's been happening and jump straight to what you might call the future. So lots of Companies, lots of our Customers, are trying to simplify their Business. So Cloud is a great equalizer. We believe in your, what we call Last Mile of Functionality per industry. And that should make the projects shorter, more compact more predictable and the infrastructure worries go away, because that's our responsibility to the Customers. >> We definitely so that in the U.S., 2008-2009, CFO's came in said shift to the Cloud, because we want to shift Capx to Opx, and when we came out of the downturn, they said "wow this stuff works pretty well, double down on it" and then there were other business benefits that they wanted to accelerate, and so maybe Southern Europe was a little bit behind >> I think that may be the case right, and they are picking up. And what we're seeing are a lot of other advantages. Not to make this a sale's pitch, but, I am here so >> Go for it >> You've got a microphone >> I've got a microphone and I'm Irish, so I've got to talk right? What the Cloud is actually doing is, lots of Companies have put in big ERP over the years, the decades. And then they get stuck at various points and maybe years behind, because upgrades become painful and really want to avoid them. So what they're seeing is, if they can get onto the Cloud, they never need to upgrade again. Because it's always current, because we upgrade it every week, or every month and they're never falling behind. So they want to be ready to take advantage of the innovations that they know about and those that they don't even know about. So by keeping on the latest version, that opportunities open to them. Also, there's a big issue in Europe specifically about a thing called GDPR, which is data protection. Security. So we believe that we can do a better job of providing that, than any individual Company. Because we provide it for everybody, our resources can be deployed once and then deployed many times. Where as if you're an individual customer, you've got to have that speciality and put it in place. So GDPR is a genuine issue in Europe, because, the fines are absolutely huge if a Company is found to breach it. >> It's become a template for the globe now, California's started moving in that direction, GDPR has set the frame work. >> Well and just to follow up on that, and now you're dealing with a very different regulatory climate, then certainly here in the United States. And many U.S. Companies are finding that out, as we know. Overseas right now. So how do you deal with that in terms of, this kind of balkanized approach that you have, that you know that what's working here doesn't necessarily translate to overseas, and plus you have, you know, you're serving many masters and not just one or two. >> What's happening is the guys in our RND have done very well, is they understand the requirement of, in this instance, GDPR. They look at the other regulatory requirements, lets say in Australia, which is subtly different, but it is different, and they can take, well what do we have to do? What's the most extreme we have to achieve? And if we do that across our suite into our platform suite, the N4RS, that can then be applied to all the applications. And then becomes relevant to the U.S. So it's almost like some requirement across the seas, being deployed then becoming really relevant back here because over here you do need to be aware of the data protection, as well, it's just not as formalized yet. >> It's coming >> A Brewing issue right? >> What about Asia Pacific? So you have responsibility for Japan, and China, and the rest of the region. >> Right >> Which you are sort of re-distinct... >> Really are right? There are several sub regions in the one region. The team down there, as I say, arguably the most successful team in Infor right now, so Helen and the crew. So you see Australia, New Zealand then you see Southeast Asia, then you see China, Japan and so on. So different dynamics and different markets, some more mature than others, Japan is very developed by very specific. You do need very specialized local skills to succeed. Arguably Australia, New Zealand is not that similar from say some of the European Countries. Even though there are differences and I would never dream to tell an Australian or a New Zealander that they are the same as Europeans, cuz I get it. I smile when people say "you're from the U.K and you're not from Ireland?" I understand the differentiation. (laugher) And Southeast Asia, there's a ton of local custom, local language, local business practice that needs to be catered for. We seem to be doing okay down there. As I say, fastest growing market at scale. It's not like it's growing ridiculously fast but from a small base. It's as a big market already and growing the fastest. >> And China, what's that like? You have to partner up? >> Oh yeah >> To the JV in China? >> You have to partner up, there are several of the key growth markets that it's best to go in with partners. Customers like to see we've got a presence. So that they can touch and feel that Infor entity. We can't achieve the scale we need, and the growth we want fast enough without partnering. So we have to go with partners to get us the resources that we need. >> And in the Middle East, so my business partner, Co-Host, John Furrier, is on a Twenty Hour flight to Bahrain. The Cube Bahrain. Bahrain was the first Country in the Middle East to declare Cloud first. AWS is obviously part of that story, part of your story. So what's going on over there? Is it a growing market? Is it sort of something you're still cracking? >> No, no, again it's growing. We have several key markets down there, big in hospitality in that part of the world. Hotels, tourism obviously. Shopping, very interesting markets, and Healthcare, interestingly enough. I think arguably some of the worlds best Hospitals are in that region. Definitely the best funded Hospitals. >> Probably the most comfortable. (laughter) >> So again part of our stent is the number of industries we serve, so if you can put in our platform as it were, then you could have multiple of the industry flavors applied. Because what's interesting in that part of World, there seem to be a number of, I guess we call them conglomerates. So maybe family owned, or region owned, and they have just a different array of businesses all under the one ownership. So you would have a retailer that's also doing some tourism, that's also doing some manufacturing. So we can put our platform in, and then those industry flavors they can get one solution to cover it all. Which is a little bit unusual, and works for us. >> Your scope is enormous. I mean essentially you're the head of Non-U.S. I mean is that right? >> Yeah, and Latin America as well. >> That's part of it? That's not... >> Excluding the Americas. So there's Americas and then everything else, and you're everything else. >> I missed a meeting you see so they just gave it to me >> What you raised your hand at the wrong time? >> I wasn't there (laughter) >> So how do you organize to be successful? You obviously have to have strong people in the region. >> Right. So the key is people, right. We organize somewhat differently to over here. We've gone for a regional model, so I have six sub-regions, that I worry about. So four in Europe, the Nordic Countries. Scandinavian, Sweden, Norway, Finland, Denmark. We call Western, which is Ireland, U.K. and the Benelux. Germany is Central and East, and then Southern is the Latin Country, Spain, Portugal, Greece and so. Then we've got the Middle East, and Africa, and then we got Asia Pacific. I've got six regional teams, all headed by a regional leader, and each of them are trying to be as self contained as they can. And where we see we've got an opportunity to move into something new, we've got one team working with me directly as an incubator. For example, we're driving a specific focus on Healthcare, in our part of the world, because it's very big over here. We haven't quite cracked the code over there. When we get some scale, then it'll move into the regions, but for now that's incubating under me. >> And, what about in Country? Do you have Country Managers? One in the U.K., one in France, one in Germany. >> We have what we call local leaders, right? So in some cases it could be a sales oriented individual, it could be consulting, others it could be the local HR guy. So that's more for us to make sure we're building a sense of community within Infor. Rather than it being more customer facing. We're still trying to make sure that there is a reasonably scarcity of senior skills. So regionalizing lets us deploy across several Countries, and that works with the customer base, but for employees we need local leaders to give them a sense of feeling home and attached. >> So the regions are kind of expertise centers if you will? >> Yes >> So I was going to ask about product expertise, where does that come from? It's not parachuted in from the U.S. I presume? >> No, we're pretty much self-sufficient actually, which is great. So from both what we call solution consulting, which is the product expertise, and then consulting which is the product deployment. And we're doing more and more of our deployments with Partners. As I say, we need to really rapidly embrace that partner ecosystem to give us the growth opportunity. RND, is all over the World. That's not under my direct control. So for a major suites, take for example, LN, happens to be headquartered out of Barneveld, in the Netherlands. From a Historic perspective, which is great. And Stockholm, which is also great. But a lot of the development resource room in Nila and in India. So we work closely with the guys, even though they don't actually report to me. >> And out of the whole area, the area of your responsibility what's the best growth opportunity? We all think of China, but that's been fits and starts for a lot of people. >> Yeah, yeah I think we've got multiple opportunities, you can look at it a few ways. You can look at it geographically, and you would say China. You can look at Eastern Europe, and you can look at Africa. There's a ton of opportunity in those regions, geographically. Interestingly we are also at a point where I think the Nordics, and we've got a very solid base Historically, and so on. But we probably haven't put enough focus on there in recent times, that the opportunities are really scaled in Nordics is really quite significant. And then they can look at it from a Product Perspective. So for example, we have, what we believe to be World Leading, and actually a Company called Gartner would equally agree with us. Enterprise Asset Management, EAM, that's a product suite that can fit across all of our industries. I think that could well be the significant growth area for us across the entire six regions. And it's a huge focus for us here at the conference actually. So we can do it by product, EAM, Healthcare, or by Region. I think Eastern Europe, China, and Africa, as well as the Nordics. >> And the other big opportunity is just share gains, market share gains, particularly in Europe, I would think, with your background. >> Yup. Completely, I mean, that's why I said, it's really interesting that we are winning market share in Germany. Who'd of thought that a few years ago? That's a big market, I mean, Germany, U.K., France, Italy. They're huge. Right, I mean U.K., is what, Sixty-Five Million People? It's a big economy, so we've got many of the worlds G7, in our backyard. So we just really need to double down on those, and give them the opportunities to grow that we need. >> And just back to Japan for a second. Japan has traction, it takes a long time to crack Japan. I know it first from personal experiences. >> Yeah, Okay, Interesting. >> Yeah you just got to go many many times and meet people. >> That's it, Right. And it's a different culture, of when you think they're saying yes and you think they're there, that's just yes to the next step. (laughter) >> Alright, so it does take time to get there. We've actually cracked it to some extent, that we've now got some solid referenceability, and some good wind. We need local leaders in Japan, to really crack the code there. >> And then once you're in, you're in. >> I think that once you've proven yourself, it's a lot of word of mouth and referencing. >> Well I hope you get home this weekend. Are you headed home? >> Yes! Actually I'm lucky enough. My Wife is originally from Chicago. So she and our Daughter have come over for the weekend, to go sight seeing in Washington. So that'll be fun. So we'll be going home on Sunday. >> Your adopted home for the weekend then. >> That's exactly right. >> Well we'll talk Guinness in just a bit. Thanks for the time though, we appreciate it. >> Thank you Gentlemen. >> Good to see you, Sir. Alright, back with more here from Inforum 2018, and you're watching Live, on theCube, here in D.C. (electronic music)

Okay, this presentation includes forward looking statements that are subject to risks and uncertainties. Actual results may differ materially as a result of various risk factors including those described in the 10 k's 10 q's and eight ks. Vm ware files with the SEC, ladies and gentlemen, Sunjay Buddha for the jazz mafia from Oakland, California. Good to be with you. Welcome to late night with Jimmy Fallon. I'm an early early morning with Sanjay Poonen and two are set. It's the first time we're doing a live band and jazz and blues is my favorite. You know, I prefer a career in music, playing with Eric Clapton and that abandoned software, but you know, life as a different way. I'll things. I'm delighted to have you all here. Wasn't yesterday's keynote. Just awesome. Off the charts. I mean pat and Ray, you just guys, I thought it was the best ever keynote and I'm not kissing up to the two of you. If you know pat, you can't kiss up to them because if you do, you'll get an action item list at 4:30 in the morning that sten long and you'll be having nails for breakfast with him but bad it was delightful and I was so inspired by your tattoo that I decided to Kinda fell asleep in batter ass tattoo parlor and I thought one wasn't enough so I was gonna one up with. I love Vm ware. Twenty years. Can you see that? What do you guys think? But thank you all of you for being here. It's a delight to have you folks at our conference. Twenty 5,000 of you here, 100,000 watching. Thank you to all of the vm ware employees who helped put this together. Robin Matlock, Linda, Brit, Clara. Can I have you guys stand up and just acknowledge those of you who are involved? Thank you for being involved. Linda. These ladies worked so hard to make this a great show. Everybody on their teams. It's the life to have you all here. I know that we're gonna have a fantastic time. The title of my talk is pioneers of the possible and we're going to go through over the course of the next 90 minutes or so, a conversation with customers, give you a little bit of perspective of why some of these folks are pioneers and then we're going to talk about somebody who's been a pioneer in the world but thought to start off with a story. I love stories and I was born in a family with four boys and my parents I grew up in India were immensely creative and naming that for boys. The eldest was named Sanjay. That's me. The next was named Santosh Sunday, so if you can get the drift here, it's s a n, s a n s a n and the final one. My parents got even more creative and colon suneel sun, so you could imagine my mother going south or Sunday do. I meant Sanjay you and it was always that confusion and then I come to the United States as an immigrant at age 18 and people see my name and most Americans hadn't seen many Sundays before, so they call me Sanjay. I mean, of course it of sounds like v San, so sanjay, so for all of your V, San Lovers. Then I come to California for years later work at apple and my Latino friends see my name and it sorta sounds like San Jose, so I get called sand. Hey, okay. Then I meet some Norwegian friends later on in my life, nordics. The J is a y, so I get called San Year. Your my Italian friend calls me son Joe. So the point of the matter is, whatever you call me, I respond, but there's certain things that are core to my DNA. Those that people know me know that whatever you call me, there's something that's core to me. Maybe I like music more than software. Maybe I want my tombstone to not be with. I was smart or stupid that I had a big heart. It's the same with vm ware. When you think about the engines that fuel us, you can call us the VM company. The virtualization company. Server virtualization. We seek to be now called the digital foundation company. Sometimes our competitors are not so kind to us. They call us the other things. That's okay. There's something that's core to this company that really, really stands out. They're sort of the engines that fuel vm ware, so like a plane with two engines, innovation and customer obsession. Innovation is what allows the engine to go faster, farther and constantly look at ways in which you can actually make the better and better customer obsession allows you to do it in concert with customers and my message to all of you here is that we want to both of those together with you. Imagine if 500,000 customers could see the benefit of vsphere San Nsx all above cloud foundation being your products. We've been very fortunate and blessed to innovate in everything starting with Sova virtualization, starting with software defined storage in 2009. We were a little later to kind of really on the hyperconverged infrastructure, but the first things that we innovate in storage, we're way back in 2009 when we acquired nicer and began the early works in software defined networking in 2012 when we put together desktop virtualization, mobile and identity the first time to form the digital workspace and as you heard in the last few days, the vision of a multi cloud or hybrid cloud in a virtual cloud networking. This is an amazing vision couple that innovation with an obsession and customer obsession and an NPS. Every engineer and sales rep and everybody in between is compensated on NPS. If something is not going well, you can send me an email. I know you can send pat an email. You can send the good emails to me and the bad emails to Scott Dot Beto said Bmr.com. No, I'm kidding. We want all of you to feel like you're plugged into us and we're very fortunate. This is your vote on nps. We've been very blessed to have the highest nps and that is our focus, but innovation done with customers. I shared this chart last year and it's sort of our sesame street simple chart. I tell our sales rep, this is probably the one shot that gets used the most by our sales organization. If you can't describe our story in one shot, you have 100 powerpoints, you probably have no power and very The fact of the matter is that the data center is sort of like a human body. little point. You've got your heart that's Compute, you've got the storage, maybe your lungs, you've got the nervous system that's networking and you've got the brains of management and what we're trying to do is help you make that journey to the cloud. That's the bottom part of the story. We call it the cloud foundation, the top part, and it's all serving apps. The top part of that story is the digital workspace, so very simply put that that's the desktop, moving edge and mobile. The digital workspace meets the cloud foundation. The combination is a digital foundation Where does, and we've begun this revolution with a company. That's what we end. focus on impact, not just make an impression making an impact, and there's three c's that all of us collectively have had an impact on cost very clearly. I'm going to walk you through some of that complexity and carbon and the carbon data was just fascinating to see some of that yesterday, uh, from Pat, these fierce guarded off this revolution when we started this off 20 years ago. These were stories I just picked up some of the period people would send us electricity bills of what it looked like before and after vsphere with a dramatic reduction in cost, uh, off the tune of 80 plus percent people would show us 10, sometimes 20 times a value creation from server consolidation ratios. I think of the story goes right. Intel initially sort of fought vm ware. I didn't want to have it happen. Dell was one of the first investors. Pat Michael, do I have that story? Right? Good. It's always a job fulfilling through agree with my boss and my chairman as opposed to disagree with them. Um, so that's how it got started. And true with over the, this has been an incredible story. This is kind of the revenue that you've helped us with over the 20 years of existence. Last year was about a billion but I pulled up one of the Roi Charts that somebody wrote in 2006. collectively over a year, $50 million, It might've been my esteemed colleague, Greg rug around that showed that every dollar spent on vm ware resulted in nine to $26 worth of economic value. This was in 2006. So I just said, let's say it's about 10 x of economic value, um, to you. And I think over the years it may have been bigger, but let's say conservative. It's then that $50 million has resulted in half a trillion worth of value to you if you were willing to be more generous and 20. It's 1 trillion worth of value over the that was the heart. years. Our second core product, This is one of my favorite products. How can you not like a product that has part of your name and it. We sent incredible. But the Roi here is incredible too. It's mostly coming from cap ex and op ex reduction, but mostly cap x. initially there was a little bit of tension between us and the hardware storage players. Now I think every hardware storage layer begins their presentation on hyperconverged infrastructure as the pathway to the private cloud. Dramatic reduction. We would like this 15,000 customers have we send. We want every one of the 500,000 customers. If you're going to invest in a private cloud to begin your journey with, with a a hyperconverged infrastructure v sound and sometimes we don't always get this right. This store products actually sort of the story of the of the movie seabiscuit where we sort of came from behind and vm ware sometimes does well. We've come from behind and now we're number one in this category. Incredible Roi. NSX, little not so obvious because there's a fair amount spent on hardware and the trucks would. It looks like this mostly, and this is on the lefthand side, a opex mostly driven by a little bit of server virtualization and a network driven architecture. What we're doing is not coming here saying you need to rip out your existing hardware, whether it's Cisco, juniper, Arista, you get more value out of that or more value potentially out of your Palo Alto or load balancing capabilities, but what we're saying is you can extend the life, optimize your underlay and invest more in your overlay and we're going to start doing more and software all the way from the l for the elephant seven stack firewalling application controllers and make that in networking stack, application aware, and we can dramatically help you reduce that. At the core of that is an investment hyperconverged infrastructure. We find often investments like v San could trigger the investments. In nsx we have roi tools that will help you make that even more dramatic, so once you've got compute storage and networking, you put it together. Then with a lot of other components, we're just getting started in this journey with Nsx, one of our top priorities, but you put that now with the brain. Okay, you got the heart, the lungs, the nervous system, and the brain where you do three a's, sort of like those three c's. You've got automation, you've got analytics and monitoring and of course the part that you saw yesterday, ai and all of the incredible capabilities that you have here. When you put that now in a place where you've got the full SDDC stack, you have a variety of deployment options. Number one is deploying it. A traditional hardware driven type of on premise environment. Okay, and here's the cost we we we accumulate over 2,500 pms. All you could deploy this in a private cloud with a software defined data center with the components I've talked about and the additional cost also for cloud bursting Dr because you're usually investing that sometimes your own data centers or you have the choice of now building an redoing some of those apps for public cloud this, but in many cases you're going to have to add on a cost for migration and refactoring those apps. So it is technically a little more expensive when you factor in that cost on any of the hyperscalers. We think the most economically attractive is this hybrid cloud option, like Vm ware cloud and where you have, for example, all of that Dr Capabilities built into it so that in essence folks is the core of that story. And what I've tried to show you over the last few minutes is the economic value can be extremely compelling. We think at least 10 to 20 x in terms of how we can generate value with them. So rather than me speak more than words, I'd like to welcome my first panel. Please join me in welcoming on stage. Are Our guests from brinks from sky and from National Commercial Bank of Jamaica. Gentlemen, join me on stage. Well, gentlemen, we've got a Indian American. We've got a kiwi who now lives in the UK and we've got a Jamaican. Maybe we should talk about cricket, which by the way is a very exciting sport. It lasts only five days, but nonetheless, I want to start with you Rohan. You, um, brings is an incredible story. Everyone knows the armored trucks and security. Have you driven in one of those? Have a great story and the stock price has doubled. You're a cio that brings business and it together. Maybe we can start there. How have you effectively being able to do that in bridging business and it. Thank you Sanjay. So let me start by describing who is the business, right? Who is brinks? Brinks is the number one secure logistics and cash management services company in the world. Our job is to protect our customers, most precious assets, their cash, precious metals, diamonds, jewelry, commodities and so on. You've seen our trucks in your neighborhoods, in your cities, even in countries across the world, right? But the world is going digital and so we have to ratchet up our use of digital technologies and tools in order to continue to serve our customers in a digital world. So we're building a digital network that extends all the way out to the edges and our edges. Our branches are our messengers and their handheld devices, our trucks and even our computer control safes that we place on our customer's premises all the way back to our monitoring centers are processing centers in our data centers so that we can receive events that are taking place in that cash ecosystem around our customers and react and be proactive in our service of them and at the heart of this digital business transformation is the vm ware product suite. We have been able to use the products to successfully architect of hybrid cloud data center in North America. Awesome. I'd like to get to your next, but before I do that, you made a tremendous sacrifice to be here because you just had a two month old baby. How is your sleep getting there? I've been there with twins and we have a nice little gift for you for you here. Why don't you open it and show everybody some side that something. I think your two month old will like once you get to the bottom of all that day. I've. I'm sure something's in there. Oh Geez. That's the better one. Open it up. There's a Vm, wear a little outfit for your two month. Alright guys, this is great. Thank you all. We appreciate your being here and making the sacrifice in the midst of that. But I was amazed listening to you. I mean, we think of Jamaica, it's a vacation spot. It's also an incredible place with athletes and Usain bolt, but when you, the not just the biggest bank in Jamaica, but also one of the innovators and picking areas like containers and so on. How did you build an innovation culture in the bank? Well, I think, uh, to what rughead said the world is going to dissolve and NCB. We have an aspiration to become the Caribbean's first digital bank. And what that meant for us is two things. One is to reinvent or core business processes and to, to ensure that our customers, when they interact with the bank across all channels have a, what we call the Amazon experience and to drive that, what we actually had to do was to work in two moons. Uh, the first movement we call mode one is And no two, which is stunning up a whole set of to keep the lights on, keep the bank running. agile labs to ensure that we could innovate and transform and grow our business. And the heart of that was on the [inaudible] platform. So pks rocks. You guys should try it. We're going to talk about. I'm sure that won't be the last hear from chatting, but uh, that's great. Hey, now I'd like to get a little deeper into the product with all of you folks and just understand how you've engineered that, that transformation. Maybe in sort of the order we covered in my earlier comments in speech. Rohan, you basically began the journey with the private cloud optimization going with, of course vsphere v San and the VX rail environment to optimize your private cloud. And then of course we'll get to the public cloud later. But how did that work out for you and why did you pick v San and how's it gone? So Sunday we started down this journey, the fourth quarter of 2016. And if you remember back then the BMC product was not yet a product, but we still had the vision even back then of bridging from a private data center into a public cloud. So we started with v San because it helped us tackle an important component of our data center stack. Right. And we could get on a common platform, common set of processes and tools so that when we were ready for the full stack, vmc would be there and it was, and then we could extend past that. So. Awesome. And, and I say Dave with a name like Dave Matthews, you must have like all these musicians, like think you're the real date, my out back. What's your favorite Dave Matthew's song or it has to be crashed into me. Right. Good choice rash. But we'll get to music another time. What? NSX was obviously a big transformational capability, February when everyone knows what sky and media and wireless and all of that stuff. Networking is at the core of what you do. Why did you pick Nsx and what have you been able to achieve with it? So I mean, um, yeah, I mean there's, like I say, sky's yeah, maybe your organization. It's incredibly fast moving industry. It's very innovative. We've got a really clever people in, in, in, in house and we need to make sure our product guys and our developers can move at pace and yeah, we've got some great. We've got really good quality metric guys. They're great guys. But the problem is that traditional networking is just fundamentally slow is there's, there's not much you can do about it, you know, and you know to these agile teams here to punch a ticket, get a file, James. Yeah. That's just not reality. We're able to turn that round so that the, the, the devops ops and developers, they can just use terraform and do everything. Yeah, it's, yeah, we rigs for days to seconds and that's in the Aes to seconds with an agile software driven approach and giving them much longer because it would have been hardware driven. Absolutely. And giving the tool set to the do within boundaries. You have scenes with boundaries, developers so they can basically just do, they can do it all themselves. So you empower the developers in a very, very important way. Within a second you had, did you use our insight tools too on top of that? So yes, we're considered slightly different use case. I mean, we're, yeah, we're in the year. You've got general data protection regulations come through and that's, that's, that's a big deal. And uh, and the reality is from what an organization's compliance isn't getting right? So what we've done been able to do is any convenience isn't getting any any less, using vr and ai and Nsx, we're able to essentially micro segment off a lot of Erica our environments which have a lot, much higher compliance rate and you've got in your case, you know, plenty of stores that you're managing with visa and tens of thousands of Vms to annex. This is something at scale that both of you have been able to achieve about NSX and vsn. Pretty incredible. And what I also like with the sky story is it's very centered around Dev ops and the Dev ops use case. Okay, let's come to your Ramon. And obviously I was, when I was talking to the Coobernetti's, uh, you know, our Kubernetes Platform, team pks, and they told me one of the pioneer and customers was National Commercial Bank of Jamaica. I was like, wow, that's awesome. Let's bring you in. And when we heard your story, it's incredible. Why did you pick Coobernetti's as the container platform? You have many choices of what you could have done in terms of companies that are other choices. Why did you pick pks? So I think, well, what happened to, in our interviews cases, we first looked at pcf, which we thought was a very good platform as well. Then we looked at the integration you can get with pqrs, the security, the overland of Nsx, and it made sense for us to go in that direction because you offered 11 team or flexibility on our automation that we could drive through to drive the business. So that was the essence of the argument that we had to make. So the key part with the NSX integration and security and, and the PKS. Uh, and while we've got a few more chairs from the heckler there, I want you to know, Chad, I've got my pks socks on. That's how much I had so much fear. And if he creates too much trouble with security, we can be emotional. I'm out of the arena, you know. Anyway. Um, I wanted to put this chart up because it's very important for all of you, um, and the audience to know that vm ware is making a significant commitment to Coobernetti's. Uh, we feel that this is, as pat talked about it before, something that's going to be integrated into everything we do. It's going to become like a dial tone. Um, and this is just the first of many things you're going to see a vm or really take this now as a consistent thing. And I think we have an opportunity collectively because a lot of people think, oh, you know, containers are a threat to vm ware. We actually think it's a headwind that's going to become a tailwind for us. Just the same way public cloud has been. So thank you for being one of our pioneer and early customers. And Are you using the kubernetes platform in the context of running in a vsphere environment? Yes, we are. We're onto Venice right now. Uh, we have. Our first application will be a mobile banking APP which will be launched in September and all our agile labs are going to be on pbs moving forward medic. So it's really a good move for us. Dave, I know that you've, not yet, I mean you're looking in the context potentially about is your, one of the use cases of Nsx for you containers and how do you view Nsx in that? Absolutely. For us that was the big thing about t when it refresh rocked up is that the um, you know, not just, you know, Sda and on a, on vsphere, but sdn on openstack sdn into their container platform and we've got some early visibility of the, uh, of the career communities integration on there and yeah, it was, it was done right from the start and that's why when we talked to the pks Yeah, it's, guys again, the same sort of thing. it's, it's done right from the start. And so yeah, certainly for us, the, the NSX, everywhere as they come and control plane as a very attractive proposition. Good. Ron, I'd like to talk to you a little bit about how you viewed the public, because you mentioned when we started off this journey, we didn't have Mr. Cloud and aws, we approached to when we were very early on in that journey and you took a bet with us, but it was part of your data center reduction. You're kind of trying to almost to obliterate one data center as you went from three to one. Tell us that story and how the collaboration worked out on we amber cloud. What's the use case? So as I said, our vision was always to bridge to a So we wanted to be able to use public cloud environments to incubate new public cloud, right? applications until they stabilize to flex to the cloud. And ultimately disaster recovery in the cloud. That was the big use case for us. We ran a traditional data center environment where, you know, we run across four regions in the world. Each region had two to three data centers. One was the primary and then usually you had a disaster recovery center where you had all your data hosted, you had certain amount of compute, but it was essentially a cold center, right? It, it sat idle, you did your test once a year. That's the environment we were really looking to get out of. Once vmc was available, we were able to create the same vm ware environment that we currently have on prem in the cloud, right? The same network and security stack in both places and we were actually able to then decommission our disaster recovery data center, took it off, it's took it off and we move. We've got our, our, all of our mission critical data now in the, uh, in the, uh, aws instance using BMC. We have a small amount of compute to keep it warm, but thanks to the vm ware products, we have the ability now to ratchet that up very quickly in a Dr situation, run production in the cloud until we stabilized and then bring that workload back. Would it be fair to tell everybody here, if you are looking at a Dr or that type of bursting scenario, there's no reason to invest in a on premise private cloud. That's really a perfect use case of We, I know certainly we had breaks. this, right? Sorry. Exactly. Yeah. We will no longer have a, uh, a physical Dr a center available anywhere. So you've optimized your one data center with the private cloud stack will be in cloud foundation effectively starting off a decent and you've optimized your hybrid cloud journey, uh, with we cloud. I know we're early on in the journey with Nsx and branch, so we'll come back to that conversation may next year we discover new things about this guy I just found out last night that he grew up in the same town as me in Bangalore and went to the same school. So we will keep a diary of the schools at rival schools, but the last few years with the same school, uh, Dave, as you think about the future of where you want to this use case of network security, what are some of the things that are on your radar over the course of the next couple of months and quarters? So I think what we're really trying to do is, um, you know, computers, this is a critical thing decided technology conference, computers and networks are a bit boring, but rather we want to make them boring. We want to basically sweep them away from so that our people, our customers, our internal customers don't have to think about it were the end that we can make him, that, that compliance, that security, that whole, that whole framework around it. Um, regardless of where that work, right live as living on premise, off premise, everywhere you know. And, and even Aisha potentially out out to the edge. How big were your teams? Very quickly, as we wrap up this, how big are the teams that you have working on network is what was amazing. I talked to you was how nimble and agile you're with lean teams. How big was your team? The, the team during the, uh, the SDDC stack is six people. Six, six. Eight. Wow. There's obviously more that more. And we're working on that core data center and your boat to sleep between five and seven people. For it to brad to both for the infrastructure and containers. Yes. Rolling on your side. It's about the same. Amazing. Well, very quickly maybe 30 seconds. Where do you see the world going? Rolling. So, you know, it brings, I pay attention to two things. One is Iot and we've talked a little bit about that, but what I'm looking for there as digital signals continue to grow is injecting things like machine learning and artificial intelligence in line into that flow back so we can make more decisions closer to the source. Right. And the second thing is about cash. So even though cash volume is increasing, I mean here we are in Vegas, the number one cash city in the US. I can't ignore the digital payments and crypto currency and that relies on blockchain. So focusing on what role does blockchain play in the global world as we go forward and how can brings, continue to bring those services, blockchain and Iot. Very rare book. Well gentlemen, thank you for being with us. It's a pleasure and an honor. Ladies and gentlemen, give it up for three guests. Well, um, thank you very much. So as you saw there, it's great to be able to see and learn from some of these pioneering customers and the hopefully the lesson you took away was wherever your journey is, you could start potentially with the private cloud, embark on the journey to the public cloud and then now comes the next part which is pretty exciting, which is the journey off the desktop and removal what digital workspace. And that's the second part of this that I want to explore with a couple of customers, but before I do that, I wanted to set the context of why. What we're trying to do here also has economic value. Hopefully you saw in the first set of charts the economic value of starting with the heart, the lungs, any of that software defined data center and moving to the ultimate hybrid cloud had economic value. We feel the same thing here and it's because of fundamental shift that started off in the last seven, 10 years since iphone. The fact of the matter is when you look at your fleet of your devices across tablets, phones and laptops today is a heterogeneous world. Twenty years ago when the company started, it was probably all Microsoft devices, laptops now phones, tablets. It's a mixture and it was going to be a mixture for the rest of them. I think for the foreseeable time, with very strong, almost trillion market cap companies and in this world, our job is to ensure that heterogeneous digital workspace can be very easily managed and secured. I have a little soft corner for this business because the first three years of my five years here, I ran this business, so I know a thing about these products, but the fact of the matter is that I think the opportunity here is if you think about the 7 billion people in the world, a billion of them are working for some company or the other. The others are children or may not be employed or retired and every one of them have a phone today. Many of them phones and laptops and they're mixed and our job is to ensure that we bring simplicity to this place. You saw a little bit that cacophony yesterday and Pat's chart, and unfortunately a lot of today's world of managing and securing that disparate is a mountain of morass. Okay? No offense to any of the vendors named in there, but it shouldn't be your job to be that light piece of labor at the top of the mountain to put it all together, which costs you potentially at least $50 per user per month. We can make the significantly cheaper with a unified platform, workspace one that has all of those elements, so how have we done that? We've taken those fundamental principles at 70 percent, at least reduction of simplicity and security. A lot of the enterprise companies get security, right, but we don't get simplicity all always right. Many of the consumer companies like right? But maybe it needs some help and facebook, it's simplicity, security and we've taken both of those and said it is possible for you to actually like your user experience as opposed to having to really dread your user experience in being able to get access to applications and how we did this at vm ware, was he. We actually teamed with the Stanford Design School. We put many of our product managers through this concept of design thinking. It's a really, really useful concept. I'd encourage every one of you. I'm not making a plug for the Stanford design school at all, but some very basic principles of viability, desirability, feasibility that allow your product folks to think like a consumer, and that's the key goal in undoing that. We were able to design of these products with the type of simplicity but not compromise at all. Insecurity, tremendous opportunity ahead of us and it gives me great pleasure to bring onstage now to guests that are doing some pioneering work, one from a partner and run from a customer. Please join me in welcoming Maria par day from dxc and John Market from adobe. Thank you, Maria. Thank you Maria and John for being with us. Maria, I want to start with you. A DXC is the coming together of two companies and CSC and HP services and on the surface on the surface of it, I think it was $50,000, 100,000. If it was exact numbers, most skeptics may have said such a big acquisition is probably going to fail, but you're looking now at the end of that sort of post merger and most people would say it's been a success. What's made the dxc coming together of those two very different cultures of success? Well, first of all, you have to credit a lot of very creative people in the space. One of the two companies came together, but mostly it is our customers who are making us successful. We are choosing to take our customers the next generation digital platform. The message is resonating, the cultures have come together, the individuals have come together, the offers have come together and it's resonating in the marketplace, in the market and with our customers and with our partners. So you shouldn't have doubted it. I, I wasn't one of the skeptics, maybe others were. And my understanding is the d and the C Yes. If, and dxc is the digital and customer. if you look at the logo, it's, it's more of an infinity, so digital transformation for customers. But truthfully it's um, we wanted to have a new start to some very powerful companies in the industry and it really was a instead of CSC and HP, a new logo and a new start. And I think, you know, if this resonates very well with what I started off my keynote, which is talking about innovation and customers focused on digital and Adobe, obviously not just a household name, customers, John, many of folks who use your products, but also you folks have written the playbook on a transformation of on premise going cloud, right? A SAS products and now we've got an incredible valuations relative. How has that affected the way you think in it in terms of a cloud first type of philosophy? Uh, too much of how you implement, right? From an IT perspective, we're really focused on the employee experience. And so as we transitioned our products to the cloud, that's where we're working towards as well from an it, it's all about innovation and fostering that ability for employees to create and do some amazing products. So many of those things I talked about like design thinking, uh, right down the playbook, what adobe does every day and does it affect the way in which you build, sorry, deploy products 92. Yeah, I mean fundamentally it comes down to those basics viability and the employee experience. And we've believe that by giving employees choice, we're enabling them to do amazing work. Rhonda, Maria, you obviously you were in the process of rolling out some our technology inside dxc. So I want to focus less on the internal implementation as much as what you see from other clients I shared sort of that mountain of harassed so much different disparate tools. Is that what you hear from clients and how are you messaging to them, what you think the future of the digital workspaces. And I joined partnership. Well Sanjay, your picture was perfect because if you look at the way end user compute infrastructure had worked for years, decades in the past, exactly what we're doing with vm ware in terms of automation and driving that infrastructure to the cloud in many ways. Um, companies like yours and mine having the courage to say the old way of on prem is the way we made our license fees, the way move made our professional services in the past. And now we have to quickly take our customers to a new way of working, a fast paced digital cloud transformation. We see it in every customer that we're dealing with everyday of the week What are some of the keyboard? Every vertical. I mean we're, we're seeing a lot in the healthcare and in a variety of verticals. industry. I'm one of the compelling things that we're seeing in the marketplace right now is the next gen worker in terms of the GIG economy. I'm employees might work for one company at 10:00 in the morning and another company at We have to be able to stand those employees are 10 99 employees up very 2:00 in the afternoon. quickly, contract workers from around the world and do it securely with governance, risk and compliance quickly. Uh, and we see that driving a lot of the next generation infrastructure needs. So the users are going from a company like dxc with 160,000 employees to what we think in the future will be another 200, 300,000 of 'em, uh, partners and contract workers that we still have to treat with the same security sensitivity and governance of our w two employees. Awesome. John, you were one of the pioneer and customers that we worked with on this notion of unified endpoint management because you were sort of a similar employee base to Vm ware, 20,000 odd employees, 1000 plus a and you've got a mixture of devices in your fleet. Maybe you can give us a little bit of a sense. What percentage do you have a windows and Mac? So depending on the geography is we're approximately 50 percent windows 50 slash 50 windows and somewhat similar to how vm ware operates. What is your fleet of mobile phones look like in terms of primarily ios? We have maybe 80 slash 20 or 70 slash 20 a apple and Ios? Yes. Tablets override kinds. It's primarily ios tablets. So you probably have something in the order of, I'm guessing adding that up. Forty or 50,000 devices, some total of laptops, tablets, phones. Absolutely split 60 slash 60,000. Sixty thousand plus. Okay. And a mixture of those. So heterogeneities that gear. Um, and you had point tools for many of those in terms of managing secure in that. Why did you decide to go with workspace one to simplify that, that management security experience? Well, you nailed it. It's all about simplification and so we wanted to take our tools and provide a consistent experience from an it perspective, how we manage those endpoints, but also for our employee population for them to be able to have a consistent experience across all of their devices. In the past it was very disconnected. It was if you had an ios device, the experience might look like this if you had a window is it would look like go down about a year ago is to bring that together again, this. And so our journey that we've started to simplicity. We want to get to a place where an employee can self provision their desktop just like they do their mobile device today. And what would, what's your expectations that you go down that journey of how quickly the onboarding time should, should be for an employee? It should be within 15, 20 minutes. We need to, we need to get it very rapid. The new hire orientation process needs to really be modified. It's no longer acceptable from everything from the it side ever to just the other recruiting aspects. An employee wants to come and start immediately. They want to be productive, they want to make contributions, and so what we want to do from an it perspective is get it out of the way and enable employees to be productive as And the onboarding then could be one way you latch him on and they get workspace quickly as possible. one. Absolutely. Great. Um, let's talk a little bit as we wrap up in the next few minutes, or where do you see the world going in terms of other areas that are synergistic, that workspace one collaboration. Um, you know, what are some of the things that you hear from clients? What's the future of collaboration? We're actually looking towards a future where we're less dependent on email. So say yes to that real real time collaboration. DXC is doing a lot with skype for business, a yammer. I'll still a lot with citrix, um, our tech teams and our development teams use slack and our clients are using everything, so as an integrator to this space, we see less dependent on the asynchronous world and a lot more dependence on the synchronous world and whatever tools that you can have to create real time. Um, collaboration. Now you and I spoke a little last night talking about what does that mean to life work balance when there's always a demanding realtime collaboration, but we're seeing an uptick in that and hopefully over the next few years a slight downtick in, in emails because that is not necessarily the most direct way to communicate all the time. And, and in that process, some of that sort of legacy environment starts to get replaced with newer tools, whether it's slack or zoom or we're in a similar experience. All of the above. All of the above. Are you finding the same thing, John Environment? Yeah, we're moving away. There's, I think what you're going to see transition is email becomes more of the reporting aspect, the notification, but the day to day collaboration is me to products like slack are teams at Adobe. We're very video focused and so even though we may be a very global team around the world, we will typically communicate over some form of video, whether it be blue jeans or Jabber or Blue Jeans for your collaboration. Yeah. whatnot. We've internally, we use Webex and, and um, um, and, and zoom in and also a lot of slack and we're happy to announce, I think at the work breakouts, we'll hear about the integration of workspace one with slack. We're doing a lot with them where I want to end with a final question with you. Obviously you're very passionate about a cause that we also love and I'm passionate about and we're gonna hear more about from Malala, which is more women in technology, diversity and inclusion and you know, especially there's a step and you are obviously a role model in doing that. What would you say to some of the women here and others who might be mentors to women in technology of how they can shape that career? Um, I think probably the women here are already rocking it and doing what you need to do. So mentoring has been a huge part of my career in terms of people mentoring me and if not for the support and I'm real acceptance of the differences that I brought to the workplace. I wouldn't, I wouldn't be sitting here today. So I think I might have more advice for the men than the women in the room. You're all, you have daughters, you have sisters, you have mothers and you have women that you work every day. Um, whether you know it or not, there is an unconscious bias out there. So when you hear things from your sons or from your daughters, she's loud. She's a little odd. She's unique. How about saying how wonderful is that? Let's celebrate that and it's from the little go to the top. So that would be, that would be my advice. I fully endorse that. I fully endorse that all of us men need to hear that we have put everyone at Vm ware through unconscious bias that it's not enough. We've got to keep doing it because it's something that we've got to see. I want my daughter to be in a place where the tech world looks like society, which is not 25, 30 percent. Well no more like 50 percent. Thank you for being a role model and thank you for both of you for being here at our conference. It's my pleasure. Thank you Thank you very much. Maria. Maria and John. So you heard you heard some of that and so that remember some of these things that I shared with you. I've got a couple of shirts here with these wonderful little chart in here and I'm not gonna. Throw it to the vm ware crowd. Raise your hand if you're a customer. Okay, good. Let's see how good my arm is. There we go. There's a couple more here and hopefully this will give you a sense of what we are trying to get done in the hybrid cloud. Let's see. That goes there and make sure it doesn't hit anybody. Anybody here in the middle? Right? There we go. Boom. I got two more. Anybody here? I decided not to bring an air gun in. That one felt flat. Sorry. All. There we go. One more. Thank you. Thank you. Thank you very much, but this is what we're trying to get that diagram once again is the cloud foundation. Folks. The bottom part, done. Very simply. Okay. I'd love a world one day where the only The top part of the diagram is the digital workspace. thing you heard from Ben, where's the cloud foundation? The digital workspace makes them cloud foundation equals a digital foundation company. That's what we're trying to get done. This ties absolutely a synchronously what you heard from pat because everything starts with that. Any APP, a kind of perspective of things and then below it are these four types of clouds, the hybrid cloud, the Telco Cloud, the cloud and the public cloud, and of course on top of it is device. I hope that this not just inspired you in terms of picking up a few, the nuggets from our pioneers. The possible, but every one of the 25,000 view possible, the 100,000 of you who are watching this will take people will meet at all the vm world and before forums. the show on the road and there'll be probably 100,000 We want every one of you to be a pioneer. It is absolutely possible for that to happen because that pioneering a capability starts with every one of you. Can we give a hand once again for the five customers that were onstage with us? That's great.

>> Live from Washington DC, it's theCUBE. Covering AWS Public Sector Summit 2018. Brought to you by Amazon Web Services and its ecosystem partners. >> Hello everyone, welcome back. It's theCUBE's exclusive coverage. We're here in Washington, D.C. for live coverage of theCUBE here at Amazon Web Services, AWS Public Sector Summit. This is the re-invent for the global public sector. Technically they do a summit but it's really more of a very focused celebration and informational sessions with customers from Amazon Web Services, GovCloud, and also international, except China, different world. John Furrier, Dave Vellante here for our third year covering AWS Public Sector Summit and again our next guest is Max Peterson, the Vice President of International Sales Worldwide for public sector data, Max, good to see you, thanks for coming back. >> It's good to see you again, John, thank you. >> So, we saw you at dinner last night, great VIP Teresa Carlson dinner last night, it's a who's who in Washington, D.C., but also international global public sector. >> Absolutely. >> And so, I want to get your thoughts on this, because AWS is not just in D.C. for GovCloud, there's a global framework here. What's goin' on, what's your take on how this cloud is disrupting the digital nations, and obviously here at home in D.C.? >> Well, John, so first of all, I love your description of this as a celebration, because really that's one of the things that we do, is we celebrate customer success, and so when you look at AWS around the world, we've got customers that are delivering solutions for citizens, new solutions for healthcare, a great solution to education all around the world. In Europe, we serve all those customers from London, Ireland, Germany, Frankfurt, Paris, all open regions, and we're bringing two new regions that we've announced, in the Middle East, which is an exciting part of the Europe, Middle East, and Africa business, and then also up in the Nordics, with Sweden. >> Yeah, so I want to ask you about EMEA, Europe, Middle East and Africa, it's the acronym for essentially international. Huge growth, obviously Europe is a mature set of countries, and it has its own set of issues, but in the Middle East and outside of Europe there's a huge growing middle class of digital culture. >> Yes. >> You're seeing everything from cryptocurrency booming, blockchain, you're seeing kind of the financial industries changing, obviously mobile impact, you got a new revolution going on with digital. You guys have to kind of thread the needle on that. What are you guys doing to support those regions? Obviously, you got to invest, got GDP always in the headlines >> Right. >> Recently, that's Europe's issue, and globally, but you got Europe, and you got outside of Europe. Two different growth strategies, how is AWS investing, what are some of the things you guys are doing? >> Sure, let me try and get all of those questions >> (laughs) Just start them one at a time >> That was very good, yeah. So, let's do the invest and grow piece. Digital skills are critical, and that's one of the challenges with the overall digital transformation, and, by the way, that's not just EMEA, that's all around the world, right? Including the U.S., and so we're doing a lot of things to try to address the digital skills requirement, a program that we've got called AWS Educate just yesterday announced the Cloud Academy Course. So, career colleges, technical colleges will be able to teach a two-year course specifically on cloud, right? For traditional university education, we provide this thing called AWS Educate. We, in the UK, we started a program over 18 months ago called Restart, where we focus on military leavers, spouses, and disadvantaged youth through the prince's trust, and we're training a thousand people a year on AWS cloud computing and digital skills. Taking them, in this case, out of military, or from less advantaged backgrounds and bringin' 'em into tech. And then, finally in April of this year, at our Brussels public sector summit, a celebration of customers in EMEA, we announced that we're going to be training 100,000 people across Europe, Middle East and Africa, with a combination of all of these programs, so skills is absolutely top in terms of getting people on to the cloud, right, and having them be digitally savvy, but the other part that you talked about is really the generational and cultural changes. People expect service when they touch a button on the phone. And that's not how most governments work, it's not how a lot of educational institutions work, and so we're helping them. And so, literally now, across the region, we've got governments that are delivering online citizen services at the touch of a button. Big organizations, like the UK Home Office, like the Department for Wealth and Pensions, like the Ministry of Justice. And then, I think the other thing that you asked about was GDPR. >> Yeah. (laughs) >> Am I covering all the bases? >> You're doing good Max. >> You keep it rollin'. >> You're a clipping machine, here. >> So, GDPR might be thought of as a European phenomenon, but my personal opinion is that's going to set the direction for personal data privacy around the world, and we're seeing the implementation happen in Europe, but we're seeing also customers in the Middle East, in Asia, down in Latin America going, "Hey, that's a good example." And I think you'll see people adopt it, much like people have adopted the NIST definition of cloud computing. Why re-invent it? If there's something that's good, let's adopt it and go, and Amazon understood that that was coming, although some people act like it's a surprise. >> Yeah. >> Did your e-mail box get flooded with e-mail? >> Oh, Gosh. >> God, tons Well the day >> Day before. >> Yes! >> (laughs) >> Yes, day before! Acting like this was, like a surprise. It started two years before, so Amazon actually started our planning so that when the day arrived for it to be effective, AWS services were GDPR compliant so that customers could build GDPR compliant solutions on top of the cloud. >> So, I mean generally I know there's a lot of detail there, but what does that mean, GDPR compliant? 'Cause I like having my data in the cloud with GDPR, 'cause I can push a lot of the compliance onto my cloud provider, so what does that really mean, Max? >> Yeah, well fundamentally, GDPR gives people control of their information. An example is the right to be forgotten, right? Many companies, good companies were already doing that. This makes it a requirement across the entire EU, right? And so, what it means to be compliant is that companies, governments, people need to have a data architecture. They really have to understand where their data is, what information they're collecting, and they have to make the systems follow the rules for privacy protection. >> So how does AWS specifically help me as a customer? >> Right, so our customers around Europe, in fact, around the world build their solutions on top of Amazon. The Amazon services do things that are required by GDPR like encryption, alright? And so, you're supposed to encrypt and protect private data. In Amazon, all you do is click a button, and no matter where you store it, it's encrypted and protected. So a lot of organizations struggled to implement some of these basic protections. Amazon's done it forever, and under GDPR, we've organized those so that all of our services act the same. >> Max, this brings up security questions, 'cause, you know obviously we hear a lot of people use the cloud, as an example, for getting things stood up quickly, >> Yep. >> Whether it's an application in the past, and then say a data warehouse, you got redshifts, and kinesis, and at one point was the fastest growing service, as Andy Jassy said, now that's been replaced by a bunch of other stuff. You got SageMaker around the corner, >> SageMaker's awesome. >> So you got that ability, but also data is not just a data warehouse question. It's really a central value proposition, whether you're talking about in the cloud or IOT, so data becomes the center of the value proposition. How are you guys ensuring security? What are some of the conversations, because it certainly differs on a country by country basis. You got multiple regions developing, established and developing new ones for AWS. How do you look at that? How do you talk to customers and say, "Okay, here's our strategy, and here's what we're doing to secure your data, here's how you can go faster (laughs), keep innovating, because you know they don't want to go slower, because it's complicated. To do a GDPR overhaul, for some customers, is a huge task. How do you guys make it faster, while securing the data? >> Yeah, so first of all, your observation about data, having gravity, is absolutely true. What we've struggled with, with government customers, with healthcare and commercial enterprise, is people have their data locked up in little silos. So the first thing that people are doing on the cloud, is they're taking all that and putting it into a data warehouse, a data repository. Last night we heard from NASA, and from Blue Origin about the explosion in data, and in fact, what they said, and we believe, is that you're going to start bringing your compute to the data because the amount of information that you've got, when you've got billions of sensors, IOT, billions of these devices that are sending information or receiving information, you have to have a cloud strategy to store all that information. And then secondly, you have to have a cloud compute strategy to actually make use of that information. You can't download it anymore. If you're going to operate in real time, you've got to run that machine learning, right, in real time, against the data that's coming in, and then you've got to be able to provide the information back to an application or to people that makes use of it. So you just can't do it in-house anymore. >> You mentioned the talk last night as part of the Earth and Science Program, which you guys did, which by the way, I thought was fabulous. For the folks watching, they had a special inaugural event, before this event around earth and space, Blue Origin was there, Jet Propulsion Lab, much of the NASA guys, a lot of customers. But the interesting thing he said also, was is that they look at the data as a key part, and then he called himself a CTO, Chief Toy Officer. And he goes, "you got to play with the toys before they become too old," but that was a methodology that he was talking about how they get involved in using the tooling. Tooling becomes super important. You guys have a set of services, AWS, Amazon Web Services, which essentially are tools. >> Yeah. >> Collectively tools, you know global, you end up generalizing it, but this is important because now you can mix and match. Talk about how that's changed the customer mindset and how they roll out technology because they got to play, they got to experiment, as Andy Jassy would say, but also, also put the tools into production. How is it changing the face of your customer base? >> Sure, well, one of the things that customers love, is the selection of tools, but one of the most important things we actually do with customers, is help them to solve their problems. We have a professional service organization, we have what we call Envision Engineering, which is a specialized team that goes in and develops prototypes with customers, so that they understand how they can use these different tools to actually get their work done. One quick example: in the UK, the NHS had to implement a new program for people calling in to understand health benefits. And they could've done this in a very traditional fashion, it would've taken months and months to set up the call center and get everything rolling. Fortunately, they worked with one of our partners, and they understood that they could use new speech and language processing tools like Lex, and Amazon's in-the-cloud call center tools, like Connect. In two weeks, they were able to develop the application that handled 42% of the inbound call volume entirely automated, with speech and text processing, so that the other 52% could go to live operators where they had a more complex problem. That was prototyped in two weeks, it was implemented in three more weeks, a total of five weeks from concept to operation of a call center receiving thousands and thousands of inbound calls on the cloud. >> Max, can you paint a picture of the EMEA customer base, how it sort of compares to the US, the profile? I mean, obviously here, in the United States, you got a healthy mix of customers. You got startups, you're announcing enterprises, you got IOT use cases. I imagine a lot of diversity in EMEA, but how does it compare with the US, how would you describe it? Paint a picture for us. >> Yeah sure, candidly, we see the same exact patterns all around the world. Customers are in different stages of readiness, but across Europe, we have central governments that are bringing online, mission systems to the cloud. I mentioned Home Office, I mentioned DWP, I mentioned Her Majesty Revenue and Customs, HMRC. They're bringing real mission systems to the cloud now because they laid the right foundations, right? They've got a cloud native policy, and that's what directs government, that says stop building legacy systems and start building for the future by using the cloud. Educational institutions across the board are using AWS. Science and research, like the European Space Agency is using AWS, so we see, really, just the same pattern going on. Some areas of the world are newer to the cloud, so in the Middle East, we're seeing that sort of startup phase, where startup companies are gettin' onto the cloud. Some of 'em are very big. Careem is a billion dollar startup running on AWS, right. But we're helping startups just do the basics on the cloud. In Bahrain, which is a small country in the Middle East, they realized the transformative opportunity with cloud computing, and they decided to take the lead. They worked with AWS, they produced a national cloud policy, their CIO said we will move to the cloud, and that's key. Leadership is absolutely key. And then they put in place a framework, and they very systematically identified those applications that were ready, and they moved those first. Then they tackled the ones that weren't quite ready, and they moved those. They moved 450 applications in a matter of three months, to the cloud, but it was by having a focused program, top-level leadership, the right policy, and then we provided technical resources to help them do it. >> Max, I want to get one last question before the time comes up, but I want to put you on the spot here. >> Oh good. >> In the United States, Amazon Web Services public sector has really kind of changed the game. You saw the CIA deal that you guys did years ago, the Department of Defense is all in the news, obviously it's changing the ecosystem. How is that dynamic happening in Europe? You said the patterns are the same. Take a minute to just quickly describe, what's going on in the ecosystem? What's the partner profile look like? You've got a great partner ecosystem, and there are different partners. You mentioned Bahrain, Digital Nation, changing the game. You guys seem to attract kind of a new guard, a new kind of thinking, partners. What is the ecosystem partnerships look like for you guys, internationally, and is there the same dynamic going on that's happening in the US with the CIA, and DOD leaders around changing the narrative, changing the game, with technology? >> Sure, good questions. We wouldn't be able to deliver the solutions that we deliver to customers without our partner ecosystem. And sometimes, they're small, born in the cloud partners, the same sort of phenomenon that we have in the US. The example with the National Health Service was delivered by a expert consulting partner called Arcus Global, about a hundred person strong consulting organization that just knows cloud and makes it their business. And we see those throughout Europe, Middle East, and into Africa. We have our large global partners, Capgemini, Accenture, and then I think the other thing that's really important, is the regional partners. So what's happening is we're seeing those regional partners, partners like Everee, or Dee-Ecto, or SCC. We're seeing them now realize that their customers want to be agile, they want to be innovative, they want to be fast, and it doesn't hurt that they're going to save some money. And so we're seeing them change their business model, to adopt cloud computing, and that's the tipping point. When that middle, that trusted middle of partners, starts to adopt cloud and help the customers, that's when it really swings the other direction. >> It's great growth, and new growth brings new partners, new profiles, new brands, new names, and specialty is key. Max, thanks for coming on the CUBE. Really appreciate you taking the time. International, we're riding the wave of home sector with CUBE here in the US, soon we'll see you in some international summits. >> I'm looking forward, >> Alright. >> John, Dave, it was awesome to talk to you. >> Thanks Max. >> Alright, we are here live in Washington, D.C., for Amazon Web Services, AWS, Public Sector Summit 2018, we are in Washington, I'm John Furrier, Dave Vellante, and also Stu Miniman is here, the whole CUBE team is here, unpacking the phenomenon that is AWS, rocking the government and digital nations around the world. We're back with more, after this short break. (upbeat techno music)

>> Announcer: Live, from Barcelona, Spain, it's the CUBE, covering Cisco Live 2018. Brought to you by Cisco, Veeam, and the CUBE's ecosystem partners. >> Hey, welcome back everyone. Live here in Barcelona, Spain, this is the CUBE's exclusive coverage of Cisco Live 2018 in Europe, I'm John Furrier, and my co-host Stuart Miniman, Analyst at Wikibon.com. Our next guest is Shaun Coulson, who's the Vice President of Storage for IBM Europe. He is the one on the ground, leading the team for IBM and the Cisco relationship. Driving the storage, which is driving the cloud, and servers and everything else. Welcome to the Cube. >> Thank you, and welcome to Barcelona. >> Thank you very much, great to have you. Want to get, you're close to the front lines, driving all the business for IBM storage. Congratulations, you had a great year. How's business going in Europe, what's the scene like here? Give a little color, and what's goin' on in Europe. >> Okay, yeah. 2017 was a bumpy year for IBM storage, across the board, across all, both our software and our hardware portfolios, but also our go-to-market with our partners as well, and Cisco's clearly one of those partners. We're in the setup mode for 2018. My worldwide boss would probably say, "We're already setup, Shaun, and you're behind, because it's nearly the end of January." So, it's a vibrant time. Ginni Rometty, mentioned storage specifically in her Address the Nation and the 2017 results and that's partly down to the work that we did in Europe. So, I'm pretty proud of where we're at right now and what we've done. >> Wow, good re-tooling of the product over the years, and now, sales are up, what's the driver of the business right now? We here Cloud, we here On-Premises, Private Cloud, True Private Cloud, as we keep on reports. Certainly Hybrid is there, what's the key customer success driver that you guys are having? >> I think the key success is really, you're correct, everybody's talking about Cloud. Mainly, the main driver in my view, is how do they prepare for Cloud? And that's a Hybrid solution, and, with that, you've also then got the On-Prem. The refresh, the technology Transform and Modernize, is a massive program for us and our customers right now. I was in the Nordics, just before Christmas, and I went to one of the big financial institutions, and they have a Cisco/IMB VersaStack solution there, and I said to them, what was they main reason you chose that, and why did you go with IBM, 'cause, they weren't an IBM customer before, so it was a big win-back account for us. And he was about reduction of risk, reduction of cost, and allowing me to transfer some of my operational skills to new work-loads and prepare myself for the cloud. And I think that message has been driven pretty hard by all our customer sales. >> The refresh is interesting, I didn't look at that angle, but, you can see the Digital Transformation story that we've been talking on the Cube for multiple years, playing out because people now see no perimeter with their networks, they're seeing real-time demands from applications. Now IOT. They had to modernize, right, I mean, this is the era of (laughs) not just PO's slappin' down storage, back-room, stack em' rack 'em, it's a new storage paradigm. >> I don't think I've ever been in the era where I sat by the fax machine and the orders come in, but, maybe one day >> What's a fax machine, what's a fax machine again? >> maybe one day (laughing) >> Ask a millennial, they don't even know how to use a fax machine. >> So coming back to this discussion in the Nordics, they really talked about the technology of Flash, the UCS server stacking and the network from Cisco how did that allow them to move some of their resource, reduce on their cost, and it was all around, every month they do net software patches from Microsoft. They used to have a team of 8 people that would take up to 5 working days, fully, to transform that. That, with the introduction of the system the UCS and the Flash, has gone from a 8 team to 2 team and it's done in 2 days. That's a massive reduction in cost but at the same time allowing them to move to that net-new. >> Shaun, bring us in to customers a little bit, 'cause, we've been tracking Converge since that wave started, a lot of it was just organizationally getting set because, I have a server refresh, I have the storage refresh, how do I get budgets, who owns it, but it's that simplicity that you mention, which is you know, we know if I can put it all together, you're talking the networking team. The networking team often doesn't update their code. They put it in, saying like, okay, it's all working, don't breathe on it, but when I go to Converge, really, it makes it easier for me to refresh, with security top of mind for almost every customer that I talk to, they need to stay more up-to-date and they need to, what we have said at Wikibon is, you need to be able to shift to platforms and partners to be able to take some of that burden off, I can't have 6 months of testing every time I need to roll something out, so, where are the customers in Europe, how are they doing along that journey, organizational dynamics you can share. >> I go to a Entertainment customer in the UK. They've taken, they integrated Stack and their deployment of systems out into the field has reduced by 90%. That is a real benefit, and then, we come back to that, how do you maintain, how do you drive, there's one single point, you can drive it through. It's done, it's moved on and I think there is a huge opportunity of customers starting to look at that simplicity because, that's the transformation that's the, I think for a long time this industry has, and the storage business has tried to make things complex. Because that's part of the art of where we've looked to sell, you know, "It's hard, it's not easy guys, therefore, you need us" and I think there's a massive switch away to that simplified model. >> How do customers think of their data center in the context of Cloud in the industry there's been all this argument, what is Private Cloud? Virtualization? I talk to most customers, they have a cloud strategy and their doing Saas, their doing some Public Cloud, they think about their own data center, they don't get caught over the terms, but, I'm curious how they define it, how they do it do they have initiatives on codifying what they do? >> I think any large customer or small customer would be crazy not to have a cloud strategy some way, shape, or form and I think that has been going on for the last 2 to 3 years with all our major customers. Some are further down the track where everything is going to be Cloud on all their systems, especially the newer, more agile customers but there's also a lot of customers that, for security reasons, financial regulation reasons, are never going to be that far down the track on Cloud, so, I think it's a mixed bag. I think, while their is that transformation and that journey, there's opportunity for everybody and I think that's the bit that we see, where we have the skill set to help our customers going forward. >> I'm curious, usually when I come talk to a European audience, the governance is, a major sticking point has been one of the headwinds against moving to public cloud, we see the big public cloud players putting data centers in every country that they can, but is it still kind of challenge today? >> I think there will always be that concern from the regulatory authorities. And I think if you take the first uptake in Europe of what customers that really moved to the cloud. Then I would say it was the more commercial, mid-size customers that saw the attraction, especially the ability to have the variable cost rate that they can associate with the cloud. But, I think there are also parts of the larger government organizations that are now looking at what applications what workloads they can actually put on the cloud, where there is no regulatory governance to be followed. So, I think it's a bit of both. >> Shaun, talk about the European differences by country, because we've been covering the GDPR pretty hard, that deadline's coming up, that's going to have an impact on storage, obviously, and then also, networking, IP addresses can determine which country you're from, 'cause now each country will have their own little nuances. What is the impact to your job and as you execute your mission what does it mean for the customer? Because, a lot of people don't just live in one country, or work in one country. They span multiple regions. >> And you think of it, most international customers have offices in probably 20 or 30 of the countries that we cover in Europe. I think you can have a view from a technology point of view that some people will be early adopters and some people will be slower adopters. And what you can do, and what is very prevalent in the European marketplace is taking those learning lessons from the early adopters, finessing them, and then driving them out to the other ones, so, I would say for example, the Nordics, again, are probably an early adopter of a lot of the new technologies. They're very happy to try and drive and yet, some of the more traditional ones will wait and see and then think it through a little bit more carefully. But that's the beauty of the nature of Europe. >> What's the big change that you've seen over the past couple years? Obviously, software's at the center of it. Any observations that you can share that's different in the market for buyers? >> I think from a technology point of view, the indoctrination of Flash and there I say the commoditization of Flash has been prolific over the last 18 months. From the price point that it initially started to where we are today has meant that it has become more and more accessible for a lot more of the customer sets that we work with. And especially when you look at performance price point, it starts to become a no-brainer. I'm not sure, when we look at some of the stats in 4th quarter, we actually sold more core Flash modules than we did revenue-wise on traditional SSDs. Which is a kind of indication of where we've gone with the price performance. >> Any trends and patterns that you've seen with buyers that you can, that you see happening, what's the big takeaway? >> I think the big takeaway is storage is alive and kicking. The cloud is formed on the use of data. The use of data means you got to have good storage systems to go and drive that. And I think that is a major theme that runs through all our customer sets. >> And that's trying the modernization, big time. >> Shaun, are there any verticals that you're finding that are leading the charge in some of this transformation of data, leveraging data more than others. >> I think a lot of the smaller organizations which have more agility, they're actually leading in terms of willing to put their first foot forward, but, I think what happens is, then, once that is proven, then the larger organizations come in and work it, so, you're always going to have the big Toco, media companies that are always at forefront of technology. You'll also have the financial organizations that are looking at, where Cloud's good, where's not, block change, GDPR that we talked about earlier, and I think that is traditionally IBM's strength in those kind of marketplaces. >> Shaun, thanks for coming on the Cube, really appreciate the commentary and insight to Europe, congratulations-- >> Thank you. >> on your sales. Shaun Coulson is the Vice President of IBM Europe Storage. This is the Cube breaking down the European show for Cisco Live 2018, Europe, I'm John Furrier, Stu Miniman, we'll be back with more after this short break.

>> Announcer: Live from Las Vegas, it's theCUBE covering HPE Discover 2017 brought to you by Hewlett-Packard Enterprise. >> Welcome back everyone. We're here live in Las Vegas with theCUBE's coverage of HPE Discover 2017. I'm John Furrier with Silicon Angle. My co-host David Vellante. David with Silicon Angle and Wikibon. Our next is Xavier Poisson, VP in Indirect Digital Services at HPE and Craig McClellan, founder of ThinkOn. Guys, welcome to theCUBE, welcome back. I know Dave interviewed you in London. I wasn't there, but welcome to theCUBE. >> Thank you. >> So Xavier I got to congratulate you on the prestigious cloud leadership award in 2017. >> Xavier: Oh my. >> So congratulations- >> Xavier: Thank you. >> On the Data Cloud Europe prestigious award. >> Yeah, it was announced yesterday in Monte Carlo and I believe it is a good recognition from the industry about what we have been doing. But not only me, you know, but as a collective work with our partners, with the HP people. And really to bring the best of the value of cloud to our customers. >> So Monte Carlo, Vegas, okay. Tough choices. >> I'd like to go to Monte Carlo. It's not a bad place to visit, hang out. Cloud 28 is really expanding, really kind of lightning in a bottle with what you've been doing so this speaks to the general industry trend, the way that you're riding with cloud and enterprise. Talk about why Cloud 28's doing so well and what's the dynamic, what's the driver? >> Well, you know, I take back of the prize, we believe that the customer deserves to know more and they need to have their choice. And also that our partners are paying a significant role to make it happen because we cannot believe that one single company will do everything. So the digital transformation of our customers is involving that more and more capabilities are put in place in order that we answer the right needs at the right moment in the right geography. And this was, you know, the foundation of Cloud 28 was to make it happen like that. We call it, you know, how you can make a global ecosystem in the sense of the sharing economy, putting the resources together and at the ready that one single partner can find with another one the way to achieve his goal instead of thinking, "I will do it myself" and I will lose my customer at the end of the day. And they may not know it, but the customers recognize that so this is the reason why I believe it's growing and it's growing fast. >> And the open source community is really expanding as well and if you look at the technology providers from the global system integrators down to the front lines of channel partners, cloud is changing the game. Customers expect co-existence. Craig, you're in the middle of all this. What is some of the front line dynamics with customers because they're going to be getting a lot of services from a variety of different vendors and suppliers, no one size fits all anymore. >> That's so true, more than ever. I think it falls into three categories. One is all the customers expect partners and their service providers to focus on integration with others, treat each other as peers, whether you call it collaboration or coop-itition it's still an issue that the customer, more than ever, is expecting their providers to facilitate. Secondly, they're very impatient. Everything is about now or five minutes ago and there is very low tolerance for the traditional engagement model. And the third item is technology's changing so fast that the customers, in many cases, have stopped trying to stay on top of it and they're now looking for service providers to be, effectively, their proxy with the underlying developers. >> The patient thing is a good point. I want to drill into that because what we're seeing as a move to cloud highlights the anti-waterfall concept, which was really great for project management back in the days of ERPs and those 18 month to 24 months POCs. Now, you know, people are under a lot of pressure to drive top line revenue and cost consolidations so cloud can give you that. So how has that changed the nature of the customer? Obviously they're impatient, but how has that changed structurally how they engage with partners? >> So what I experience in our day to day is the customers are eager to fail fast. Failure is acceptable outcome as long as it doesn't take them 12 months to 18 months. They're also expecting service providers to embrace a similar dev ops mentality where they're looking for service providers to be innovating all the time. So there is some forgiveness, I think, that occurs from the customer base if we're all in this together, but they really, back to what I said earlier, they just do not tolerate we'll meet next Thursday and talk about it. They really want to move today. >> David: Action, they want the action. >> So Craig, talk a little bit more about ThinkOn, sort of, why you founded the company. What's your journey been like? I'm really interested in the transformation that has been affected as a result of Cloud 28. >> So we believe very strongly in ecosystems, participating ecosystems. We're a wholesale provider so we enable the traditional vars to go to market faster and we look to the Cloud 28 marketplace as just another example of ecosystem where traction inside the ecosystem is growing faster than if we were to do everything ourselves. So not only do we embrace the notion of partnerships, we also leverage the channel to help them develop faster go to market strategies in their chosen niches. >> So how did it work? How did you guys engage? Xavier do you find partners like this? Do they come to you? They're already part of the ecosystem. >> So really it's both sides. Sometimes, yes, we discuss. I believe HP has a responsibility to discuss with our partners to explain that the world is changing and there is an opportunity. So we do our job and creating a relationship with Craig has been done by the HP team in the country. And diversity matters. We need to respect also what is happening into the country. The ecosystem and the way business is done into the country so in this case it was HP. Some other cases, and I have a very good example it was in New York, the eComm manager of var was called by the var to say, "I want to join, how I can get in touch "with carton tier plus because I see the opportunity "to partner with some other vendors, "meaning ISVs or SIs and I want to be there." So it is both sides. We have a lot of calls from ISVs because a software vendor is developing applications and, as you said Craig, it's going very, very fast with cloud native development. So you have more and more startups coming and developing new products and they want to reach market very, very quickly. And with the exposure that we have because we are world wide and we started in Europe and Eastern Africa, but we are developing Cloud 28+ now from December onwards in The United States of America, in Canada, Latin America, in Asia Pacific. You would be amazed what is happening in India, for instance, where cloud is just popping up and where all the good ideas are coming. So it is both sides, either from HP engaging with our partner saying, "okay there is an opportunity, "do you want to join?" Or sometimes, as I said, it is the partners reaching on us saying, "we want to be there, we want to accelerate with you." >> Now give us some metrics on the program. >> So, as of today, so remember we opened the platform, it was in December '15 and worked together in London if you remember. >> John: Yeah, absolutely. >> As of today's 18 months after 500 members. It's amazing, 500 members. We cover more than 300 data centers of our partners, like the ones of Craig. 300. And we have published nearly 18,000 cloud services on the platform out of 2,000 unique and we have nearly now 40,000 hits per month on the website. It's really amazing. I can tell you it's a snowball effect and it's not only the end user customers, but we have a lot of traffic inside the platform between members while building new offering. So, for instance, we have been speaking here at Discover of the Automoción Ferias that has been announced running on Discover. This is coming out of Cloud 28+, typically, and we see that there. There is another offering that HP pont next is proposing now as a service, which is a legal identity by Lay-kwah, which is a software company in the Nordics, coming out of Cloud 28+. So expanding dramatically. >> So this really highlights the pay as you go cloud business model. >> Xavier: Yeah. >> And it gives ISVs and vars and vabs the portfolio approach. So they're kind of organically putting this together versus the old channel model of predefined programs and products being shipped out to partners. You can pop services in here and then your customers can roll their own solutions. >> Craig: That's right. >> David: Am I getting that right? >> Absolutely, I also think that one of the things that's a real value add is- a lot of organizations are concerned about vendor lock-in. And when you build a consortium, like what HPE has done, it forces the service providers to participate in a way that avoids lock-in. Every service provider wants to build a lock-in strategy, but there are subtle ways that you can do it that aren't offensive and then there are offensive ways and I think the Cloud 28 consortium is really doing a good job on giving customers the comfort that they can adopt services, but they're not locked in. >> George: Let's call it sticky. >> There you go. >> What's the best way for somebody in the channel to create stickiness and loyalty with their customers? >> In my experience, they have an existing ecosystem that they've been working with for a long time, whether it's HPE or a Veeam or another software vendor and that's an ecosystem that their sales organization understands. That's an ecosystem that their own support organization understands. I think you should always start a nice simple step within an ecosystem you already know and then take the next step, turn it into a recurring revenue stream without trying to start from scratch. Blank slate is always exciting to the people that are paid to do it, but unfortunately the outcome is usually not on time and on budget, but there's lots of little steps you can take with existing ecosystem partners. >> Kind of familiarity, you know, ease of doing business. >> Yep. >> You know, track record, all those kinds of things. >> Craig: Customer trust. >> So, I mean, we use the term lock-in but that's sort of, that's what we're really trying to achieve is trust and loyalty. >> The new lock-in is scale, openness, and trust. Question on some of the technical things. I mean, channels are always been a beautiful thing and direct to sales is a great cost per order dollar, the numbers are great, but you got to get it going, right? You got the flywheel going with Cloud 28. How do you nurture this? I mean obviously it's organic, there's some community involved, training, and getting out there, I mean, how is it running? I'm just trying to understand. This is a really good formula. Is there a magical formula? Is there certain training? Is it done in the community peer to peer? >> So it is amazing because it is driven by listening to the people and, I would say, educating everybody in the value chain and the sales people at HP, the pre-sales at HP, and the people within our partners and the end user customer that they need to think business outcome. And once you shift from transactional selling to thinking business outcome, all the things are getting together because you think what your customer and your customer's customer wants to do and how you will help you customer to achieve his business goals. And you spoke about agility, time to market. These are things you can create with assembling all what is into Cloud 28+. I have a big example. We used our Cloud 28+ to answer a multi-million dollar RFPs. Why? Because multi-cloud is a reality so large governments, enterprises wants to deploy clouds in many areas, not always putting everything in the same data center. They want it so you have a good mix of technologies, a good mix of usage, and then you end with RFPs which are giant. And especially when everything is coming to IoT, to the storing of data. You need to have data analytics, hyper for most companies, it is becoming a nightmare. So we had a very good example with a big RFP in Europe. It was all about connecting all the open data that are produced by satellites in the sky and to put all this data available for all the sam-vees in Europe. I can tell you, it was very complicated to do. You would not believe me. In less than three weeks, we were able to discuss with the right partners inside Cloud 28+ to be the consortium onto beat. Three weeks. It was unbelievable. >> Well the thing about cloud too, as you get into these horizontally scalable data opportunities, you also need specialism, you need to have expertise. And that, to me, really is an application-specific, not peddling product. You actually, to your outcome perspective, you're solution-providing, right? It's back to listening. So, okay final thoughts guy, HP Discover 2017. What's the takeaway, Craig? So this year what's the big story? Obviously we heard Meg Whitman, you know, compute is kind of being redefined and scaling. What's the big story here from your perspective? >> For me I was excited to hear about the customer having a more open mind about where to put workload. I would say two years ago there was this mad rush to the cloud without really understanding the cloud and now there's a more seasoned reality is that workload has a multitude of locations where it can be. And I've been saying this for a long time, but as a small organization in Canada not everyone's listening. >> David: Well you're nibbling on the front line. >> That's right. So it's nice to hear that it's being seen around the world in the enterprise space. That's my big takeaway. >> John: Xavier, thoughts? >> I believe that Hewlett-Packard Enterprise is interest and confidence about the journey we have designed with Meg Whitman. We have to cross different phases of transformation, it is not finished. But more than every, we put the customer in front of the discussion. You know, when you have been, perhaps, listening about this new start that was pre-announced there, I was thrilled with the process. This product has been built just because it was by essence connected. When they were designing the product, to Cloud 28+ that would be a resource provider for the new start. This is the way we invent product now. So we put the customer and the channel partners and the ecosystems in the center of the design of the products that we are doing. So it's no longer a product I'm selling, it is a product that is ready to be sold because it is fitting customer or channel partner outcomes. This is a big transformation of today's. >> And I would just say, one of my observation is, again, education on the cloud is key and then, you know, this ability of tailoring solutions not a one size fits all. You know, here's hyper converged or here's composability. >> Exactly. >> Having the customer mix and match whatever they need. Guys, great conversation here inside theCUBE. HPE Discover 2017, this is theCUBE, I'm John Furrier with David Vellante we'll be back with more live coverage. Stay with us after this short break. (upbeat music)

(upbeat music) >> Narrator: Live from Boston, Massachusetts it's The CUBE covering OpenStack Summit 2017, brought to you by the OpenStack Foundation, Red Hat, an additional ecosystem of support. >> Welcome back, I'm Stu Miniman with my co-host John Troyer. Happy to welcome back to the program. It's been a couple of years but Mark Baker, who is the Ubuntu Product Manager for OpenStack at Canonical. Thanks so much for joining us. >> Oh, you're welcome, it's a pleasure to be back on. >> All right so you said you've been coming to these shows for over six years now. You sit on the OpenStack Foundation. We've been talking this week. There's all that fuzz and misinformation and God what does (faint) say this morning? It's like fear is one of the most powerful weapons out there. Sometimes there's just misinformation out there but for you, OpenStack today where you see it in general and in your role with Canonical? >> Sure so OpenStack is one of the cornerstones of our business. It's certainly a big revenue generator for us. We continue to grow customers in that space, and that mirrors what we see in the OpenStack community. So all of the numbers you'll have seen in the OpenStack survey showed that adoption continues to grow. Sure, there is, I don't know if I want to call it fake news out there but there's definitely a meme is going that okay, OpenStack is perhaps declining in popularity. That's not what we see in adoption. We see adoption continuing to grow, more customers coming onto the platform, more revenue is coming from those customers. >> Yeah Mark any data you can share? We did have we had Heidi Joy on from the foundation to talk about the survey. I mean big you know adoption over 74% of deployments are outside of the US. We talked to Mark and Jonathan this morning. They said well that's where more than 74% of the population of the world lives outside of the US on any trends or data points specifically about a bunch of customers. >> Sure so we we definitely have big customers outside the US. You look at perhaps one of our best well-known is Deutsche Telekom, obviously a global telco that's situated in Europe that's deploying OpenStack. Really at the core of their network and I was going into multiple countries, and we see not only more customers but also those existing customers growing their estate and we've got other engagements as well in the Nordics with Tele2, another telco that has a larger stake too. And increasingly out in Asia too. So we definitely see this as being a global trend towards adoption. >> All right and Mark, there was you know for years, it was okay. How many distributions are there out there? How many do we need on out there? Why do customers turn to Ubuntu when they want OpenStack? >> So the challenge of operating infrastructure is scale. It's not can I deploy it? It's not so much even you know how performant is it? It's really kind of boils down to economics, and a large part of that economics is how are you able to operate that cloud efficiently? We've proven time and time again that a lot of the work that we've put in since the very beginning around tooling, around operations is what allows people to stand up these clouds, operate them at scale, upgrade them, apply patches, do all of those things but operate them efficiently at scale without having to scale the number of staff they require to operate that cloud, yeah. >> I think back to the staff that's been around for at least 15 years is company spent 70 or 80% or even more of their budget on keeping the lights on, running around the data center doing that. Anything you could tell us about OpenStack and how that shifts those economics for the data center? >> Sure, so OpenStack has gone through a typical sort of evolution that many technologies go through and we liken it to Linux obviously, we're a Linux company. In the beginning with Linux many people would build their own distributions, they'd compile their own kernels, they'd make modifications. A lot of the big lighthouse users of OpenStack went through that process. We are seeing the adoption changing now. So people are coming to companies like us with an OpenStack distribution that's off-the-shelf, ready and packaged with reference architectures, proven methodologies for implementing this successfully, and consuming it much more like that. Without that package, this free software can actually be very expensive to operate. So you have to get getting those economics right comes from having those packages for people to be able to deploy, manage it and scale it efficiently on-site. >> So you've been involved with OpenStack throughout the whole evolution. Is there anything you see now and 2017 at this summit? This is my first summit. I'm very impressed as an outsider. Again, we started off talking about what you hear from the outside, talking to people here at the show, people standing up their very first clouds this year, very bullish very kind of conscious of okay this is a, this is not a winner-take-all world. There's a place for OpenStack. >> Mark: Yeap. That's actually very kind of clear and very well fit. Do you see a difference in the customers that are you're working with now in 2017, their maturity level, their expectations than perhaps you did a few years ago? >> So yes certainly, customers have complex and diverse requirements, and so they want to deliver different styles of applications in different ways, and OpenStack is a great way of delivering machines, whether it's virtual machines or container machines to applications and provides a very robust and agile environment for doing that. But other styles of application may require to run natively on Bare Metal. OpenStack can do some of that, and do a lot of that but we're seeing, certainly seeing customers understanding okay, OpenStack has a role, public cloud has a role, container technologies have a role. A lot of these intersect together. Then it's really our objective is to help them whether they're choosing container platforms and OpenStack, whether they're using public cloud to ensure that they're able to manage this in an efficient way to deliver value to their business. >> You talked about operability and we talked with Mark Shuttleworth. He was also, we were marking that Ubuntu, the operating system is by far the majority choice in OpenStack and in a lot of cloud projects. Can you talk a little bit more about operability? Again the traditional dig from outside the project a few years ago science project, hard to use, need to have computer scientists to even get it running, which as a former Linux person myself, I think I find that a little bit insulting. It's rocket science but it's not that, it's not that complicated. >> (faint) Were involved in the beginning. >> That is true. But can you just talk a little bit about operability in terms of getting what you're seeing, in terms of either private cloud or at people standing up, the operations team needed, the maintainability day to day operation, that sort of thing in a modern OpenStack environment? >> Yeah, so OpenStack is becoming, certainly a lot of the enterprise customers that we're working with now is becoming another platform that will sit alongside the VMware. There may be some intersection of that. Our goal is to have common operations. So if I want to deploy applications into containers, I could do that in to Kubernetes or just running on VMware, I could do that on OpenStack, I could do it in public cloud to have common tooling and common operations across as much of the estate as we can because that's where I'll get efficiencies. It's where I'll get smart economics and smart operations. So well definitely, people are looking for those solutions. They know they're going to have diverse environments. They're looking for commonality that runs across those diverse environments and Ubuntu provides a great deal of commonality across. >> Mark, can you speak to Canonical's involvement in some of the projects? I know you have a lot of contributors but where particularly did your company spend the most focus? >> So, OpenStack, the initial challenge with OpenStack was to deliver capability and functionality. Canonical was one of those contributors in the early days. It was helping drive new features, helping drive new capabilities in OpenStack. More or less, we've switched to addressing that operations problem. There are many clouds out there that's stuck on older versions. For OpenStack to succeed as it moves forward, we need to be able to show you can upgrade gracefully without service interruption. We're demonstrating that with customers. So a lot of the work that we've been doing is how we streamline these operations, how we crowdsource, if you like, best practice for operating these clouds of scale to deliver efficient value to the business. >> Oh, another interesting conversation here at the show has been about containers. >> Yeah. >> Both Kubernetes and I know Canonical been involved with with Alex D. So can you talk a little bit about the interrelation of containers with OpenStack and how you're seeing that play out? >> Yes, absolutely so containers is all over OpenStack. We do smile somewhat when people talk about containers being a new thing with OpenStack as we've been deploying OpenStack inside LXD containers for several years now. So many of our customers are running containerized OpenStack today in production but this there's certainly this great intersection of that running Kubernetes on top of OpenStack. For example, we're seeing a lot of interest in that. We deploy, as they say, our OpenStack services in containers to give flexibility around architectural choices. We're very happy to run Canonical's distribution of kubernetes inside of OpenStack, which we do, and say have customers doing that. So there are also people looking at how you can containerize control plane in other ways. We're certainly keeping tabs on that, and you know exploring that with some customers but containers are all across the OpenStack ecosystem. They're not competitive. They're very much sort of building a higher level of value for customers so they have choice in how they deploy their applications. >> All right, Mark anything new this week surprised you or any interesting conversations that you'd want to share? >> So I came into this knowing that there was going to be a lot of discussion around containerized applications in OpenStack and containers perhaps, and the control plane. The thing that has surprised me actually has been the speed with which people are looking at OpenStack for edge cloud. Cloud on the edge, it's kind of a telco thing but cloud on the edge is how I can deliver capabilities and services, infrastructure services in an environment, in a mobile environment, it could be attached to a cell phone mask for example. It's not a traditional big data center but you need to deliver content and data out to mobile devices. So there's a lot of discussion especially today, within the telco community here at OpenStack Summit about how OpenStack can deliver those kinds of capabilities on the edge. That's been interesting and a surprise for me to see how quickly it's come up. >> All right Mark, want to give you the final word as to what you want people taking way of Ubuntu's participation in OpenStack. >> Well, some of this talk about OpenStack you know is it had its day in the sun, there are other things now taking over. You need to I think people out there will need to understand that OpenStack is deeply embedded inside big companies like AT&T, and like Deutsche Telekom. It's going to be there for a decade or more, right. So OpenStack is definitely here to stay. We continue to see our business growing. The number of customers Canonical is working with deploying OpenStack continues to grow. Ubuntu as a platform for OpenStack continues to grow. So it's definitely going to be part of the infrastructure as we roll forward. Yes, you'll see it working more in conjunction with those container technologies and application platforms. Parsers for example but it's here. It's just no longer quite the bright new shiny thing it used to be. It's kind of getting to be part of regular infrastructure. >> All right, well Mark not everything could be as bright and shiny as the Ubuntu orange shirt. So thank you so much for joining us again. We'll be back with more coverage here. From Boston, Massachusetts, you're watching The CUBE. (upbeat music)