(upbeat music) >> Hi everyone. Welcome back to this Cube conversation here in Palo Alto, California. I'm John Furrier, host of "theCUBE." Got a great conversation around Cloud Native, Cloud Native Journey, how enterprises are looking at Cloud Native and putting it all together. And it comes down to operations, developer productivity, and security. It's the hottest topic in technology. We got Chris Jones here in the studio, director of Product Management for Platform9. Chris, thanks for coming in. >> Hey, thanks. >> So when we always chat about, when we're at KubeCon. KubeConEU is coming up and in a few, in a few months, the number one conversation is developer productivity. And the developers are driving all the standards. It's interesting to see how they just throw everything out there and whatever gets adopted ends up becoming the standard, not the old school way of kind of getting stuff done. So that's cool. Security Kubernetes and Containers are all kind of now that next level. So you're starting to see the early adopters moving to the mainstream. Enterprises, a variety of different approaches. You guys are at the center of this. We've had a couple conversations with your CEO and your tech team over there. What are you seeing? You're building the products. What's the core product focus right now for Platform9? What are you guys aiming for? >> The core is that blend of enabling your infrastructure and PlatformOps or DevOps teams to be able to go fast and run in a stable environment, but at the same time enable developers. We don't want people going back to what I've been calling Shadow IT 2.0. It's, hey, I've been told to do something. I kicked off this Container initiative. I need to run my software somewhere. I'm just going to go figure it out. We want to keep those people productive. At the same time we want to enable velocity for our operations teams, be it PlatformOps or DevOps. >> Take us through in your mind and how you see the industry rolling out this Cloud Native journey. Where do you see customers out there? Because DevOps have been around, DevSecOps is rocking, you're seeing AI, hot trend now. Developers are still in charge. Is there a change to the infrastructure of how developers get their coding done and the infrastructure, setting up the DevOps is key, but when you add the Cloud Native journey for an enterprise, what changes? What is the, what is the, I guess what is the Cloud Native journey for an enterprise these days? >> The Cloud Native journey or the change? When- >> Let's start with the, let's start with what they want to do. What's the goal and then how does that happen? >> I think the goal is that promise land. Increased resiliency, better scalability, and overall reduced costs. I've gone from physical to virtual that gave me a higher level of density, packing of resources. I'm moving to Containers. I'm removing that OS layer again. I'm getting a better density again, but all of a sudden I'm running Kubernetes. What does that, what does that fundamentally do to my operations? Does it magically give me scalability and resiliency? Or do I need to change what I'm running and how it's running so it fits that infrastructure? And that's the reality, is you can't just take a Container and drop it into Kubernetes and say, hey, I'm now Cloud Native. I've got reduced cost, or I've got better resiliency. There's things that your engineering teams need to do to make sure that application is a Cloud Native. And then there's what I think is one of the largest shifts of virtual machines to containers. When I was in the world of application performance monitoring, we would see customers saying, well, my engineering team have this Java app, and they said it needs a VM with 12 gig of RAM and eight cores, and that's what we gave it. But it's running slow. I'm working with the application team and you can see it's running slow. And they're like, well, it's got all of its resources. One of those nice features of virtualization is over provisioning. So the infrastructure team would say, well, we gave it, we gave it all a RAM it needed. And what's wrong with that being over provisioned? It's like, well, Java expects that RAM to be there. Now all of a sudden, when you move to the world of containers, what we've got is that's not a set resource limit, really is like it used to be in a VM, right? When you set it for a container, your application teams really need to be paying attention to your resource limits and constraints within the world of Kubernetes. So instead of just being able to say, hey, I'm throwing over the fence and now it's just going to run on a VM, and that VMs got everything it needs. It's now really running on more, much more of a shared infrastructure where limits and constraints are going to impact the neighbors. They are going to impact who's making that decision around resourcing. Because that Kubernetes concept of over provisioning and the virtualization concept of over provisioning are not the same. So when I look at this problem, it's like, well, what changed? Well, I'll do my scale tests as an application developer and tester, and I'd see what resources it needs. I asked for that in the VM, that sets the high watermark, job's done. Well, Kubernetes, it's no longer a VM, it's a Kubernetes manifest. And well, who owns that? Who's writing it? Who's setting those limits? To me, that should be the application team. But then when it goes into operations world, they're like, well, that's now us. Can we change those? So it's that amalgamation of the two that is saying, I'm a developer. I used to pay attention, but now I need to pay attention. And an infrastructure person saying, I used to just give 'em what they wanted, but now I really need to know what they've wanted, because it's going to potentially have a catastrophic impact on what I'm running. >> So what's the impact for the developer? Because, infrastructure's code is what everybody wants. The developer just wants to get the code going and they got to pay attention to all these things, or don't they? Is that where you guys come in? How do you guys see the problem? Actually scope the problem that you guys solve? 'Cause I think you're getting at I think the core issue here, which is, I've got Kubernetes, I've got containers, I've got developer productivity that I want to focus on. What's the problem that you guys solve? >> Platform operation teams that are adopting Cloud Native in their environment, they've got that steep learning curve of Kubernetes plus this fundamental change of how an app runs. What we're doing is taking away the burden of needing to operate and run Kubernetes and giving them the choice of the flexibility of infrastructure and location. Be that an air gap environment like a, let's say a telco provider that needs to run a containerized network function and containerized workloads for 5G. That's one thing that we can deploy and achieve in a completely inaccessible environment all the way through to Platform9 running traditionally as SaaS, as we were born, that's remotely managing and controlling your Kubernetes environments on-premise AWS. That hybrid cloud experience that could be also Bare Metal, but it's our platform running your environments with our support there, 24 by seven, that's proactively reaching out. So it's removing a lot of that burden and the complications that come along with operating the environment and standing it up, which means all of a sudden your DevOps and platform operations teams can go and work with your engineers and application developers and say, hey, let's get, let's focus on the stuff that, that we need to be focused on, which is running our business and providing a service to our customers. Not figuring out how to upgrade a Kubernetes cluster, add new nodes, and configure all of the low level. >> I mean there are, that's operations that just needs to work. And sounds like as they get into the Cloud Native kind of ops, there's a lot of stuff that kind of goes wrong. Or you go, oops, what do we buy into? Because the CIOs, let's go, let's go Cloud Native. We want to, we got to get set up for the future. We're going to be Cloud Native, not just lift and shift and we're going to actually build it out right. Okay, that sounds good. And when we have to actually get done. >> Chris: Yeah. >> You got to spin things up and stand up the infrastructure. What specifically use case do you guys see that emerges for Platform9 when people call you up and you go talk to customers and prospects? What's the one thing or use case or cases that you guys see that you guys solve the best? >> So I think one of the, one of the, I guess new use cases that are coming up now, everyone's talking about economic pressures. I think the, the tap blows open, just get it done. CIO is saying let's modernize, let's use the cloud. Now all of a sudden they're recognizing, well wait, we're spending a lot of money now. We've opened that tap all the way, what do we do? So now they're looking at ways to control that spend. So we're seeing that as a big emerging trend. What we're also sort of seeing is people looking at their data centers and saying, well, I've got this huge legacy environment that's running a hypervisor. It's running VMs. Can we still actually do what we need to do? Can we modernize? Can we start this Cloud Native journey without leaving our data centers, our co-locations? Or if I do want to reduce costs, is that that thing that says maybe I'm repatriating or doing a reverse migration? Do I have to go back to my data center or are there other alternatives? And we're seeing that trend a lot. And our roadmap and what we have in the product today was specifically built to handle those, those occurrences. So we brought in KubeVirt in terms of virtualization. We have a long legacy doing OpenStack and private clouds. And we've worked with a lot of those users and customers that we have and asked the questions, what's important? And today, when we look at the world of Cloud Native, you can run virtualization within Kubernetes. So you can, instead of running two separate platforms, you can have one. So all of a sudden, if you're looking to modernize, you can start on that new infrastructure stack that can run anywhere, Kubernetes, and you can start bringing VMs over there as you are containerizing at the same time. So now you can keep your application operations in one environment. And this also helps if you're trying to reduce costs. If you really are saying, we put that Dev environment in AWS, we've got a huge amount of velocity out of it now, can we do that elsewhere? Is there a co-location we can go to? Is there a provider that we can go to where we can run that infrastructure or run the Kubernetes, but not have to run the infrastructure? >> It's going to be interesting too, when you see the Edge come online, you start, we've got Mobile World Congress coming up, KubeCon events we're going to be at, the conversation is not just about public cloud. And you guys obviously solve a lot of do-it-yourself implementation hassles that emerge when people try to kind of stand up their own environment. And we hear from developers consistency between code, managing new updates, making sure everything is all solid so they can go fast. That's the goal. And that, and then people can get standardized on that. But as you get public cloud and do it yourself, kind of brings up like, okay, there's some gaps there as the architecture changes to be more distributed computing, Edge, on-premises cloud, it's cloud operations. So that's cool for DevOps and Cloud Native. How do you guys differentiate from say, some the public cloud opportunities and the folks who are doing it themselves? How do you guys fit in that world and what's the pitch or what's the story? >> The fit that we look at is that third alternative. Let's get your team focused on what's high value to your business and let us deliver that public cloud experience on your infrastructure or in the public cloud, which gives you that ability to still be flexible if you want to make choices to run consistently for your developers in two different locations. So as I touched on earlier, instead of saying go figure out Kubernetes, how do you upgrade a hundred worker nodes in place upgrade. We've solved that problem. That's what we do every single day of the week. Don't go and try to figure out how to upgrade a cluster and then upgrade all of the, what I call Kubernetes friends, your core DNSs, your metrics server, your Kubernetes dashboard. These are all things that we package, we test, we version. So when you click upgrade, we've already handled that entire process. So it's saying don't have your team focused on that lower level piece of work. Get them focused on what is important, which is your business services. >> Yeah, the infrastructure and getting that stood up. I mean, I think the thing that's interesting, if you look at the market right now, you mentioned cost savings and recovery, obviously kind of a recession. I mean, people are tightening their belts for sure. I don't think the digital transformation and Cloud Native spend is going to plummet. It's going to probably be on hold and be squeezed a little bit. But to your point, people are refactoring looking at how to get the best out of what they got. It's not just open the tap of spend the cash like it used to be. Yeah, a couple months, even a couple years ago. So okay, I get that. But then you look at the what's coming, AI. You're seeing all the new data infrastructure that's coming. The containers, Kubernetes stuff, got to get stood up pretty quickly and it's got to be reliable. So to your point, the teams need to get done with this and move on to the next thing. >> Chris: Yeah, yeah, yeah. >> 'Cause there's more coming. I mean, there's a lot coming for the apps that are building in Data Native, AI-Native, Cloud Native. So it seems that this Kubernetes thing needs to get solved. Is that kind of what you guys are focused on right now? >> So, I mean to use a customer, we have a customer that's in AI/ML and they run their platform at customer sites and that's hardware bound. You can't run AI machine learning on anything anywhere. Well, with Platform9 they can. So we're enabling them to deliver services into their customers that's running their AI/ML platform in their customer's data centers anywhere in the world on hardware that is purpose-built for running that workload. They're not Kubernetes experts. That's what we are. We're bringing them that ability to focus on what's important and just delivering their business services whilst they're enabling our team. And our 24 by seven proactive management are always on assurance to keep that up and running for them. So when something goes bump at the night at 2:00am, our guys get woken up. They're the ones that are reaching out to the customer saying, your environments have a problem, we're taking these actions to fix it. Obviously sometimes, especially if it is running on Bare Metal, there's things you can't do remotely. So you might need someone to go and do that. But even when that happens, you're not by yourself. You're not sitting there like I did when I worked for a bank in one of my first jobs, three o'clock in the morning saying, wow, our end of day processing is stuck. Who else am I waking up? Right? >> Exactly, yeah. Got to get that cash going. But this is a great use case. I want to get to the customer. What do some of the successful customers say to you for the folks watching that aren't yet a customer of Platform9, what are some of the accolades and comments or anecdotes that you guys hear from customers that you have? >> It just works, which I think is probably one of the best ones you can get. Customers coming back and being able to show to their business that they've delivered growth, like business growth and productivity growth and keeping their organization size the same. So we started on our containerization journey. We went to Kubernetes. We've deployed all these new workloads and our operations team is still six people. We're doing way more with growth less, and I think that's also talking to the strength that we're bringing, 'cause we're, we're augmenting that team. They're spending less time on the really low level stuff and automating a lot of the growth activity that's involved. So when it comes to being able to grow their business, they can just focus on that, not- >> Well you guys do the heavy lifting, keep on top of the Kubernetes, make sure that all the versions are all done. Everything's stable and consistent so they can go on and do the build out and provide their services. That seems to be what you guys are best at. >> Correct, correct. >> And so what's on the roadmap? You have the product, direct product management, you get the keys to the kingdom. What is, what is the focus? What's your focus right now? Obviously Kubernetes is growing up, Containers. We've been hearing a lot at the last KubeCon about the security containers is getting better. You've seen verification, a lot more standards around some things. What are you focused on right now for at a product over there? >> Edge is a really big focus for us. And I think in Edge you can look at it in two ways. The mantra that I drive is Edge must be remote. If you can't do something remotely at the Edge, you are using a human being, that's not Edge. Our Edge management capabilities and being in the market for over two years are a hundred percent remote. You want to stand up a store, you just ship the server in there, it gets racked, the rest of it's remote. Imagine a store manager in, I don't know, KFC, just plugging in the server, putting in the ethernet cable, pressing the power button. The rest of all that provisioning for that Cloud Native stack, Kubernetes, KubeVirt for virtualization is done remotely. So we're continuing to focus on that. The next piece that is related to that is allowing people to run Platform9 SaaS in their data centers. So we do ag app today and we've had a really strong focus on telecommunications and the containerized network functions that come along with that. So this next piece is saying, we're bringing what we run as SaaS into your data center, so then you can run it. 'Cause there are many people out there that are saying, we want these capabilities and we want everything that the Platform9 control plane brings and simplifies. But unfortunately, regulatory compliance reasons means that we can't leverage SaaS. So they might be using a cloud, but they're saying that's still our infrastructure. We're still closed that network down, or they're still on-prem. So they're two big priorities for us this year. And that on-premise experiences is paramount, even to the point that we will be delivering a way that when you run an on-premise, you can still say, wait a second, well I can send outbound alerts to Platform9. So their support team can still be proactively helping me as much as they could, even though I'm running Platform9s control plane. So it's sort of giving that blend of two experiences. They're big, they're big priorities. And the third pillar is all around virtualization. It's saying if you have economic pressures, then I think it's important to look at what you're spending today and realistically say, can that be reduced? And I think hypervisors and virtualization is something that should be looked at, because if you can actually reduce that spend, you can bring in some modernization at the same time. Let's take some of those nos that exist that are two years into their five year hardware life cycle. Let's turn that into a Cloud Native environment, which is enabling your modernization in place. It's giving your engineers and application developers the new toys, the new experiences, and then you can start running some of those virtualized workloads with KubeVirt, there. So you're reducing cost and you're modernizing at the same time with your existing infrastructure. >> You know Chris, the topic of this content series that we're doing with you guys is finding the right path, trusting the right path to Cloud Native. What does that mean? I mean, if you had to kind of summarize that phrase, trusting the right path to Cloud Native, what does that mean? It mean in terms of architecture, is it deployment? Is it operations? What's the underlying main theme of that quote? What's the, what's? How would you talk to a customer and say, what does that mean if someone said, "Hey, what does that right path mean?" >> I think the right path means focusing on what you should be focusing on. I know I've said it a hundred times, but if your entire operations team is trying to figure out the nuts and bolts of Kubernetes and getting three months into a journey and discovering, ah, I need Metrics Server to make something function. I want to use Horizontal Pod Autoscaler or Vertical Pod Autoscaler and I need this other thing, now I need to manage that. That's not the right path. That's literally learning what other people have been learning for the last five, seven years that have been focused on Kubernetes solely. So the why- >> There's been a lot of grind. People have been grinding it out. I mean, that's what you're talking about here. They've been standing up the, when Kubernetes started, it was all the promise. >> Chris: Yep. >> And essentially manually kind of getting in in the weeds and configuring it. Now it's matured up. They want stability. >> Chris: Yeah. >> Not everyone can get down and dirty with Kubernetes. It's not something that people want to generally do unless you're totally into it, right? Like I mean, I mean ops teams, I mean, yeah. You know what I mean? It's not like it's heavy lifting. Yeah, it's important. Just got to get it going. >> Yeah, I mean if you're deploying with Platform9, your Ops teams can tinker to their hearts content. We're completely compliant upstream Kubernetes. You can go and change an API server flag, let's go and mess with the scheduler, because we want to. You can still do that, but don't, don't have your team investing in all this time to figure it out. It's been figured out. >> John: Got it. >> Get them focused on enabling velocity for your business. >> So it's not build, but run. >> Chris: Correct? >> Or run Kubernetes, not necessarily figure out how to kind of get it all, consume it out. >> You know we've talked to a lot of customers out there that are saying, "I want to be able to deliver a service to my users." Our response is, "Cool, let us run it. You consume it, therefore deliver it." And we're solving that in one hit versus figuring out how to first run it, then operate it, then turn that into a consumable service. >> So the alternative Platform9 is what? They got to do it themselves or use the Cloud or what's the, what's the alternative for the customer for not using Platform9? Hiring more people to kind of work on it? What's the? >> People, building that kind of PaaS experience? Something that I've been very passionate about for the past year is looking at that world of sort of GitOps and what that means. And if you go out there and you sort of start asking the question what's happening? Just generally with Kubernetes as well and GitOps in that scope, then you'll hear some people saying, well, I'm making it PaaS, because Kubernetes is too complicated for my developers and we need to give them something. There's some great material out there from the likes of Intuit and Adobe where for two big contributors to Argo and the Argo projects, they almost have, well they do have, different experiences. One is saying, we went down the PaaS route and it failed. The other one is saying, well we've built a really stable PaaS and it's working. What are they trying to do? They're trying to deliver an outcome to make it easy to use and consume Kubernetes. So you could go out there and say, hey, I'm going to build a Kubernetes cluster. Sounds like Argo CD is a great way to expose that to my developers so they can use Kubernetes without having to use Kubernetes and start automating things. That is an approach, but you're going to be going completely open source and you're going to have to bring in all the individual components, or you could just lay that, lay it down, and consume it as a service and not have to- >> And mentioned to it. They were the ones who kind of brought that into the open. >> They did. Inuit is the primary contributor to the Argo set of products. >> How has that been received in the market? I mean, they had the event at the Computer History Museum last fall. What's the momentum there? What's the big takeaway from that project? >> Growth. To me, growth. I mean go and track the stars on that one. It's just, it's growth. It's unlocking machine learning. Argo workflows can do more than just make things happen. Argo CD I think the approach they're taking is, hey let's make this simple to use, which I think can be lost. And I think credit where credit's due, they're really pushing to bring in a lot of capabilities to make it easier to work with applications and microservices on Kubernetes. It's not just that, hey, here's a GitOps tool. It can take something from a Git repo and deploy it and maybe prioritize it and help you scale your operations from that perspective. It's taking a step back and saying, well how did we get to production in the first place? And what can be done down there to help as well? I think it's growth expansion of features. They had a huge release just come out in, I think it was 2.6, that brought in things that as a product manager that I don't often look at like really deep technical things and say wow, that's powerful. But they have, they've got some great features in that release that really do solve real problems. >> And as the product, as the product person, who's the target buyer for you? Who's the customer? Who's making that? And you got decision maker, influencer, and recommender. Take us through the customer persona for you guys. >> So that Platform Ops, DevOps space, right, the people that need to be delivering Containers as a service out to their organization. But then it's also important to say, well who else are our primary users? And that's developers, engineers, right? They shouldn't have to say, oh well I have access to a Kubernetes cluster. Do I have to use kubectl or do I need to go find some other tool? No, they can just log to Platform9. It's integrated with your enterprise id. >> They're the end customer at the end of the day, they're the user. >> Yeah, yeah. They can log in. And they can see the clusters you've given them access to as a Platform Ops Administrator. >> So job well done for you guys. And your mind is the developers are moving 'em fast, coding and happy. >> Chris: Yeah, yeah. >> And and from a customer standpoint, you reduce the maintenance cost, because you keep the Ops smoother, so you got efficiency and maintenance costs kind of reduced or is that kind of the benefits? >> Yeah, yep, yeah. And at two o'clock in the morning when things go inevitably wrong, they're not there by themselves, and we're proactively working with them. >> And that's the uptime issue. >> That is the uptime issue. And Cloud doesn't solve that, right? Everyone experienced that Clouds can go down, entire regions can go offline. That's happened to all Cloud providers. And what do you do then? Kubernetes isn't your recovery plan. It's part of it, right, but it's that piece. >> You know Chris, to wrap up this interview, I will say that "theCUBE" is 12 years old now. We've been to OpenStack early days. We had you guys on when we were covering OpenStack and now Cloud has just been booming. You got AI around the corner, AI Ops, now you got all this new data infrastructure, it's just amazing Cloud growth, Cloud Native, Security Native, Cloud Native, Data Native, AI Native. It's going to be all, this is the new app environment, but there's also existing infrastructure. So going back to OpenStack, rolling our own cloud, building your own cloud, building infrastructure cloud, in a cloud way, is what the pioneers have done. I mean this is what we're at. Now we're at this scale next level, abstracted away and make it operational. It seems to be the key focus. We look at CNCF at KubeCon and what they're doing with the cloud SecurityCon, it's all about operations. >> Chris: Yep, right. >> Ops and you know, that's going to sound counterintuitive 'cause it's a developer open source environment, but you're starting to see that Ops focus in a good way. >> Chris: Yeah, yeah, yeah. >> Infrastructure as code way. >> Chris: Yep. >> What's your reaction to that? How would you summarize where we are in the industry relative to, am I getting, am I getting it right there? Is that the right view? What am I missing? What's the current state of the next level, NextGen infrastructure? >> It's a good question. When I think back to sort of late 2019, I sort of had this aha moment as I saw what really truly is delivering infrastructure as code happening at Platform9. There's an open source project Ironic, which is now also available within Kubernetes that is Metal Kubed that automates Bare Metal as code, which means you can go from an empty server, lay down your operating system, lay down Kubernetes, and you've just done everything delivered to your customer as code with a Cloud Native platform. That to me was sort of the biggest realization that I had as I was moving into this industry was, wait, it's there. This can be done. And the evolution of tooling and operations is getting to the point where that can be achieved and it's focused on by a number of different open source projects. Not just Ironic and and Metal Kubed, but that's a huge win. That is truly getting your infrastructure. >> John: That's an inflection point, really. >> Yeah. >> If you think about it, 'cause that's one of the problems. We had with the Bare Metal piece was the automation and also making it Cloud Ops, cloud operations. >> Right, yeah. I mean, one of the things that I think Ironic did really well was saying let's just treat that piece of Bare Metal like a Cloud VM or an instance. If you got a problem with it, just give the person using it or whatever's using it, a new one and reimage it. Just tell it to reimage itself and it'll just (snaps fingers) go. You can do self-service with it. In Platform9, if you log in to our SaaS Ironic, you can go and say, I want that physical server to myself, because I've got a giant workload, or let's turn it into a Kubernetes cluster. That whole thing is automated. To me that's infrastructure as code. I think one of the other important things that's happening at the same time is we're seeing GitOps, we're seeing things like Terraform. I think it's important for organizations to look at what they have and ask, am I using tools that are fit for tomorrow or am I using tools that are yesterday's tools to solve tomorrow's problems? And when especially it comes to modernizing infrastructure as code, I think that's a big piece to look at. >> Do you see Terraform as old or new? >> I see Terraform as old. It's a fantastic tool, capable of many great things and it can work with basically every single provider out there on the planet. It is able to do things. Is it best fit to run in a GitOps methodology? I don't think it is quite at that point. In fact, if you went and looked at Flux, Flux has ways that make Terraform GitOps compliant, which is absolutely fantastic. It's using two tools, the best of breeds, which is solving that tomorrow problem with tomorrow solutions. >> Is the new solutions old versus new. I like this old way, new way. I mean, Terraform is not that old and it's been around for about eight years or so, whatever. But HashiCorp is doing a great job with that. I mean, so okay with Terraform, what's the new address? Is it more complex environments? Because Terraform made sense when you had basic DevOps, but now it sounds like there's a whole another level of complexity. >> I got to say. >> New tools. >> That kind of amalgamation of that application into infrastructure. Now my app team is paying way more attention to that manifest file, which is what GitOps is trying to solve. Let's templatize things. Let's version control our manifest, be it helm, customize, or just a straight up Kubernetes manifest file, plain and boring. Let's get that version controlled. Let's make sure that we know what is there, why it was changed. Let's get some auditability and things like that. And then let's get that deployment all automated. So that's predicated on the cluster existing. Well why can't we do the same thing with the cluster, the inception problem. So even if you're in public cloud, the question is like, well what's calling that API to call that thing to happen? Where is that file living? How well can I manage that in a large team? Oh my God, something just changed. Who changed it? Where is that file? And I think that's one of big, the big pieces to be sold. >> Yeah, and you talk about Edge too and on-premises. I think one of the things I'm observing and certainly when DevOps was rocking and rolling and infrastructures code was like the real push, it was pretty much the public cloud, right? >> Chris: Yep. >> And you did Cloud Native and you had stuff on-premises. Yeah you did some lifting and shifting in the cloud, but the cool stuff was going in the public cloud and you ran DevOps. Okay, now you got on-premise cloud operation and Edge. Is that the new DevOps? I mean 'cause what you're kind of getting at with old new, old new Terraform example is an interesting point, because you're pointing out potentially that that was good DevOps back in the day or it still is. >> Chris: It is, I was going to say. >> But depending on how you define what DevOps is. So if you say, I got the new DevOps with public on-premise and Edge, that's just not all public cloud, that's essentially distributed Cloud Native. >> Correct. Is that the new DevOps in your mind or is that? How would you, or is that oversimplifying it? >> Or is that that term where everyone's saying Platform Ops, right? Has it shifted? >> Well you bring up a good point about Terraform. I mean Terraform is well proven. People love it. It's got great use cases and now there seems to be new things happening. We call things like super cloud emerging, which is multicloud and abstraction layers. So you're starting to see stuff being abstracted away for the benefits of moving to the next level, so teams don't get stuck doing the same old thing. They can move on. Like what you guys are doing with Platform9 is providing a service so that teams don't have to do it. >> Correct, yeah. >> That makes a lot of sense, So you just, now it's running and then they move on to the next thing. >> Chris: Yeah, right. >> So what is that next thing? >> I think Edge is a big part of that next thing. The propensity for someone to put up with a delay, I think it's gone. For some reason, we've all become fairly short-tempered, Short fused. You know, I click the button, it should happen now, type people. And for better or worse, hopefully it gets better and we all become a bit more patient. But how do I get more effective and efficient at delivering that to that really demanding- >> I think you bring up a great point. I mean, it's not just people are getting short-tempered. I think it's more of applications are being deployed faster, security is more exposed if they don't see things quicker. You got data now infrastructure scaling up massively. So, there's a double-edged swords to scale. >> Chris: Yeah, yeah. I mean, maintenance, downtime, uptime, security. So yeah, I think there's a tension around, and one hand enthusiasm around pushing a lot of code and new apps. But is the confidence truly there? It's interesting one little, (snaps finger) supply chain software, look at Container Security for instance. >> Yeah, yeah. It's big. I mean it was codified. >> Do you agree that people, that's kind of an issue right now. >> Yeah, and it was, I mean even the supply chain has been codified by the US federal government saying there's things we need to improve. We don't want to see software being a point of vulnerability, and software includes that whole process of getting it to a running point. >> It's funny you mentioned remote and one of the thing things that you're passionate about, certainly Edge has to be remote. You don't want to roll a truck or labor at the Edge. But I was doing a conversation with, at Rebars last year about space. It's hard to do brake fix on space. It's hard to do a, to roll a someone to configure satellite, right? Right? >> Chris: Yeah. >> So Kubernetes is in space. We're seeing a lot of Cloud Native stuff in apps, in space, so just an example. This highlights the fact that it's got to be automated. Is there a machine learning AI angle with all this ChatGPT talk going on? You see all the AI going the next level. Some pretty cool stuff and it's only, I know it's the beginning, but I've heard people using some of the new machine learning, large language models, large foundational models in areas I've never heard of. Machine learning and data centers, machine learning and configuration management, a lot of different ways. How do you see as the product person, you incorporating the AI piece into the products for Platform9? >> I think that's a lot about looking at the telemetry and the information that we get back and to use one of those like old idle terms, that continuous improvement loop to feed it back in. And I think that's really where machine learning to start with comes into effect. As we run across all these customers, our system that helps at two o'clock in the morning has that telemetry, it's got that data. We can see what's changing and what's happening. So it's writing the right algorithms, creating the right machine learning to- >> So training will work for you guys. You have enough data and the telemetry to do get that training data. >> Yeah, obviously there's a lot of investment required to get there, but that is something that ultimately that could be achieved with what we see in operating people's environments. >> Great. Chris, great to have you here in the studio. Going wide ranging conversation on Kubernetes and Platform9. I guess my final question would be how do you look at the next five years out there? Because you got to run the product management, you got to have that 20 mile steer, you got to look at the customers, you got to look at what's going on in the engineering and you got to kind of have that arc. This is the right path kind of view. What's the five year arc look like for you guys? How do you see this playing out? 'Cause KubeCon is coming up and we're you seeing Kubernetes kind of break away with security? They had, they didn't call it KubeCon Security, they call it CloudNativeSecurityCon, they just had in Seattle inaugural events seemed to go well. So security is kind of breaking out and you got Kubernetes. It's getting bigger. Certainly not going away, but what's your five year arc of of how Platform9 and Kubernetes and Ops evolve? >> It's to stay on that theme, it's focusing on what is most important to our users and getting them to a point where they can just consume it, so they're not having to operate it. So it's finding those big items and bringing that into our platform. It's something that's consumable, that's just taken care of, that's tested with each release. So it's simplifying operations more and more. We've always said freedom in cloud computing. Well we started on, we started on OpenStack and made that simple. Stable, easy, you just have it, it works. We're doing that with Kubernetes. We're expanding out that user, right, we're saying bring your developers in, they can download their Kube conflict. They can see those Containers that are running there. They can access the events, the log files. They can log in and build a VM using KubeVirt. They're self servicing. So it's alleviating pressures off of the Ops team, removing the help desk systems that people still seem to rely on. So it's like what comes into that field that is the next biggest issue? Is it things like CI/CD? Is it simplifying GitOps? Is it bringing in security capabilities to talk to that? Or is that a piece that is a best of breed? Is there a reason that it's been spun out to its own conference? Is this something that deserves a focus that should be a specialized capability instead of tooling and vendors that we work with, that we partner with, that could be brought in as a service. I think it's looking at those trends and making sure that what we bring in has the biggest impact to our users. >> That's awesome. Thanks for coming in. I'll give you the last word. Put a plug in for Platform9 for the people who are watching. What should they know about Platform9 that they might not know about it or what should? When should they call you guys and when should they engage? Take a take a minute to give the plug. >> The plug. I think it's, if your operations team is focused on building Kubernetes, stop. That shouldn't be the cloud. That shouldn't be in the Edge, that shouldn't be at the data center. They should be consuming it. If your engineering teams are all trying different ways and doing different things to use and consume Cloud Native services and Kubernetes, they shouldn't be. You want consistency. That's how you get economies of scale. Provide them with a simple platform that's integrated with all of your enterprise identity where they can just start consuming instead of having to solve these problems themselves. It's those, it's those two personas, right? Where the problems manifest. What are my operations teams doing, and are they delivering to my company or are they building infrastructure again? And are my engineers sprinting or crawling? 'Cause if they're not sprinting, you should be asked the question, do I have the right Cloud Native tooling in my environment and how can I get them back? >> I think it's developer productivity, uptime, security are the tell signs. You get that done. That's the goal of what you guys are doing, your mission. >> Chris: Yep. >> Great to have you on, Chris. Thanks for coming on. Appreciate it. >> Chris: Thanks very much. 0 Okay, this is "theCUBE" here, finding the right path to Cloud Native. I'm John Furrier, host of "theCUBE." Thanks for watching. (upbeat music)

>>Welcome back here on the Cube. I'm John Walls. We are in Las Vegas at the Venetian, and this is Reinvent 22 in the Executive Summit sponsored by Accenture. Glad to have you with us here as we continue our conversations. I'm joined by Paul Puckett, who's the former director of the Enterprise Cloud Management Services at the US Army. Paul, good to see you sir. Hey, you as well, John. Thank you. And Justin, she who is managing director and cloud go to market lead at Accenture Federal Services. Justin, good morning to you. Good morning, John. Yeah, glad to have you both here on the cube. First time too, I believe, right? Yes sir. Well, welcome. I wish we had some kind of baptism or indoctrination, but I'll see what I can come up with in the next 10 minutes for you. Let's talk about the Army, Paul. So enterprise cloud management, US Army. You know, I can't imagine the scale we're talking about here. I can't imagine the solutions we're talking about. I can't imagine the users we're talking about. Just for our folks at home, paint the picture a little bit of what kind of landscape it is that you have to cover with that kind of title. >>Sure. The United States Army, about 1.4 million people. Obviously a global organization responsible for protecting and defending the United States as part of our sister services in the Department of Defense. And scale often comes up a lot, right? And we talk about any capability to your solution for the United States Army scale is the, the number one thing, but oftentimes people overlook quality first. And actually when you think of the partnership between the Army and Accenture Federal, we thought a lot when it came to establishing the enterprise Cloud management agency that we wanted to deliver quality first when it came to adopting cloud computing and then scale that quality and not so much be afraid of the, the scale of the army and the size that forces us to make bad decisions. Cuz we wanted to make sure that we proved that there was opportunity and value in the cloud first, and then we wanted to truly scale that. And so no doubt, an immense challenge. The organization's been around for now three years, but I think that we've established irreversible momentum when it comes to modernization, leveraging cloud computing >>For the army. So let's back up. You kind of threw it in there, the ecma. So this agency was, was your a collaboration, right? To create from the ground up and it's in three years in existence. So let's just talk about that. What went into that thinking? What went into the planning and then how did you actually get it up and run into the extent that it is today? >>Sure. Well, it was once the enterprise cloud management office. It was a directorate within the, the CIO G six of the United States Army. So at the headquarters, the army, the chief information Officer, and the G six, which is essentially the military arm for all IT capability were once a joint's organization and the ECMO was created to catalyze the adoption of cloud computing. The army had actually been on a, a cloud adoption journey for many years, but there wasn't a lot of value that was actually derived. And so they created the ecma, well, the ECMO at the time brought me in as the director. And so we were responsible for establishing the new strategy for the adoption of cloud. One of the components of that strategy was essentially we needed an opportunity to be able to buy cloud services at scale. And this was part of our buy secure and build model that we had in place. And so part of the buy piece, we put an acquisition strategy together around how we wanted to buy cloud at scale. We called it the cloud account management optimization. OTA >>Just rolls right off the >>Tongue, it just rolls right off the tongue. And for those that love acronyms, camo, >>Which I liked it when I was say cama, I loved that. That was, that was, >>You always have to have like a tundra, a little >>Piece of that. Very good. It was good. >>But at the time it was novetta, no, Nevada's been bought up by afs, but Novea won that agreement. And so we've had this partnership in place now for just about a year and a half for buying cloud computing net scale. >>So let's talk about, about what you deal with on, on the federal services side here, Justin, in terms of the army. So obviously governance, a major issue, compliance, a major issue, security, you know, paramount importance and all that STEM leads up to quality that Paul was talking about. So when you were looking at this and keeping all those factors in, in your mind, right? I mean, how many, like, oh my God, what kind of days did you have? Oh, well, because this was a handful. >>Well, it was, but you could see when we were responding to the acquisition that it was really, you know, forward thinking and forward leaning in terms of how they thought about cloud acquisition and cloud governance and cloud management. And it's really kind of a sleepy area like cloud account acquisition. Everyone's like, oh, it's easy to get in the cloud, you know, run your credit card on Amazon and you're in, in 30 seconds or less. That's really not the case inside the federal government, whether it's the army, the Air Force or whoever, right? Those, those are, they're real challenges in procuring and acquiring cloud. And so it was clear from, you know, Paul's office that they understood those challenges and we were excited to really meet them with them. >>And, and how, I guess from an institutional perspective, before this was right, I I assume very protective, very tight cloistered, right? You, you, in terms of being open to or, or a more open environment, there might have been some pushback was they're not. Right? So dealing with that, what did you find that to be the case? Well, so >>There's kind of a few pieces to unpacking that. There's a lot of fear in trepidation around something you don't understand, right? And so part of it is the teaching and training and the, and the capability and the opportunity in the cloud and the ability to be exceptionally secure when it comes to no doubt, the sensitivity of the information of the Department of Defense, but also from an action acquisition strategy perspective, more from a financial perspective, the DOD is accustomed to buying hardware. We make these big bets of these big things to, to live in today's centers. And so when we talk about consuming cloud as a utility, there's a lot of fear there as well, because they don't really understand how to kind of pay for something by the drink, if you will, because it incentivizes them to be more efficient with their utilization of resources. >>But when you look at the budgeting process of the d od, there really is not that much of incentive for efficiency. The p PPE process, the planning program, budgeting, execution, they care about execution, which is spending money and you can spend a lot of money in the cloud, right? But how are you actually utilizing that? And so what we wanted to do is create that feedback loop and so the utilization is actually fed into our financial systems that help us then estimate into the future. And that's the capability that we partnered with AFS on is establishing the closing of that feedback loop. So now we can actually optimize our utilization of the cloud. And that's actually driving better incentives in the PPE >>Process. You know, when you think about these keywords here, modernized, digitized, data driven, so on, so forth, I, I don't think a lot of people might connect that to the US government in general just because of, you know, it's a large intentionally slow moving bureaucratic machine, right? Is that fair to characterize it that way? It >>Is, but not in this case. Right? So what we done, >>You you totally juxtapose that. Yeah. >>Yeah. So what we've done is we've really enabled data driven decision making as it relates to cloud accounts and cloud governance. And so we have a, a tool called Cloud Tracker. We deployed for the army at a number of different classifications, and you get a full 360 view of all of your cloud utilization and cloud spend, you know, really up to date within 24 hours of it occurring, right? And there a lot of folks, you know, they didn't never went into the console, they never looked at what they were spending in cloud previously. And so now you just go to a simple web portal and see the entire entirety of the army cloud spend right there at your fingertips. So that really enables like better decision making in terms of like purchasing savings plans and reserved instances and other sorts of AWS specific tools to help you save money. >>So Paul, tell me about Cloud Tracker then. Yeah, I mean from the client side then, can you just say this dashboard lays it out for you right? In great detail about what kind of usage, what kind of efficiencies I assume Yeah. What's working, what's not? >>Absolutely. Well, and, and I think a few things to unpack that's really important here is listen, any cloud service provider has a concept. You can see what you're actually spending. But when it comes to money in the United States government, there are different colors of money. There's regulations when it comes to how money is identified for different capabilities or incentives. And you've gotta be very explicit in how you track and how you spend that money from an auditability perspective. Beyond that, there is a move when it comes to the technology business management, which is the actual labeling of what we actually spend money on for different services or labor or software. And what Cloud Tracker allows us to do is speak the language of the different colors of money. It allows us to also get very fine grain in the actual analysis of, from a TBM perspective, what we're spending on. >>But then also it has real time hooks into our financial systems for execution. And so what that really does for us is it allows us to complete the picture, not just be able to see our spend in the cloud, but also be able to able to see that spending context of all things in the P P P E process as well as the execution process that then really empowers the government to make better investments. And all we're seeing is either cost avoidance or cost savings simply because we're able to close that loop, like I said. Yep. And then we're able to redirect those funds, retag them, remove them through our actual financial office within the headquarters of the army, and be able to repurpose that to other modernization efforts that Congress is essentially asking us to invest >>In. Right. So you know how much money you have, basically. Exactly. Right. You know how much you've already spent, you know how you're spending it, and now you how much you have left, >>You can provide a reliable forecast for your spend. >>Right. You know, hey, we're, we're halfway through this quarter, we're halfway through the, the fiscal year, whatever the case might be. >>Exactly. And the focus on expenditures, you know, the government rates you on, you know, how much have you spent, right? So you have a clear total transparency into what you're going to spend through the rest of the fiscal. Sure. >>All right. Let's just talk about the relationship quickly then about going forward then in terms of federal services and then what on, on the, the US Army side. I mean, what now you've laid this great groundwork, right? You have a really solid foundation where now what next? >>We wanna be all things cloud to the army. I mean, we think there's tremendous opportunity to really aid the modernization efforts and governance across the holistic part of the army. So, you know, we just, we want to, we wanna do it all with the Army as much as we can. It's, it's, it's a fantastic >>Opportunity. Yeah. AFS is, is in a very kind of a strategic role. So as part of the ecma, we own the greater strategy and execution for adoption of cloud on behalf of the entire army. Now, when it comes to delivery of individual capabilities for mission here and there, that's all specific to system owners and different organizations. AFS plays a different role in this instance where they're able to more facilitate the greater strategy on the financial side of the house. And what we've done is we've proven the ability to adopt cloud as a utility rather than this fixed thing, kind of predict the future, spend a whole bunch of money and never use the resource. We're seeing the efficiency for the actual utilization of cloud as a utility. This actually came out as one of the previous NDAs. And so how we actually address nda, I believe it was 2018 in the adoption of cloud as a utility, really is now cornerstone of modernization across all of the do d and really feeds into the Jo Warfighting cloud capability, major acquisition on behalf of all of the D O D to establish buying cloud as just a common service for everyone. >>And so we've been fortunate to inform that team of some of our lessons learned, but when it comes to the partnership, we just see camo moving into production. We've been live for now a year and a half. And so there's another two and a half years of runway there. And then AFS also plays a strategic role at part of our cloud enablement division, which is essentially back to that teaching part, helping the Army understand the opportunity of cloud computing, align the architectures to actually leverage those resources and then deliver capabilities that save soldier's >>Lives. Well, you know, we've, we've always known that the Army does its best work on the ground, and you've done all this groundwork for the military, so I'm not surprised, right? It's, it's a winning formula. Thanks to both of you for being with us here in the executive summit. Great conversation. Awesome. Thanks for having us. A good deal. All right. Thank you. All right. You are watching the executive summit sponsored by Accenture here at Reinvent 22, and you're catching it all on the cube, the leader in high tech coverage.

>>Welcome back everyone to the Cube and Horizon three.ai special presentation. I'm John Furrier, host of the Cube. We with Chris Hill, Sector head for strategic accounts and federal@horizonthree.ai. Great innovative company. Chris, great to see you. Thanks for coming on the Cube. >>Yeah, like I said, you know, great to meet you John. Long time listener. First time call. So excited to be here with >>You guys. Yeah, we were talking before camera. You had Splunk back in 2013 and I think 2012 was our first splunk.com. Yep. And boy man, you know, talk about being in the right place at the right time. Now we're at another inflection point and Splunk continues to be relevant and continuing to have that data driving security and that interplay. And your ceo, former CTO of Splunk as well at Horizons Neha, who's been on before. Really innovative product you guys have, but you know, Yeah, don't wait for a brief to find out if you're locking the right data. This is the topic of this thread. Splunk is very much part of this new international expansion announcement with you guys. Tell us what are some of the challenges that you see where this is relevant for the Splunk and the Horizon AI as you guys expand Node zero out internationally? >>Yeah, well so across, so you know, my role within Splunk was working with our most strategic accounts. And so I look back to 2013 and I think about the sales process like working with, with our small customers. You know, it was, it was still very siloed back then. Like I was selling to an IT team that was either using us for IT operations. We generally would always even say, yeah, although we do security, we weren't really designed for it. We're a log management tool. And you know, we, and I'm sure you remember back then John, we were like sort of stepping into the security space and in the public sector domain that I was in, you know, security was 70% of what we did. When I look back to sort of the transformation that I was, was witnessing in that digital transformation, you know when I, you look at like 2019 to today, you look at how the IT team and the security teams are, have been forced to break down those barriers that they used to sort of be silo away, would not communicate one, you know, the security guys would be like, Oh this is my BA box it, you're not allowed in today. >>You can't get away with that. And I think that the value that we bring to, you know, and of course Splunk has been a huge leader in that space and continues to do innovation across the board. But I think what we've we're seeing in the space that I was talking with Patrick Kauflin, the SVP of security markets about this, is that, you know, what we've been able to do with Splunk is build a purpose built solution that allows Splunk to eat more data. So Splunk itself, as you well know, it's an ingest engine, right? So the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it, but without data it doesn't do anything, right? So how do you drive and how do you bring more data in? And most importantly from a customer perspective, how do you bring the right data in? >>And so if you think about what node zero and what we're doing in a Horizon three is that, sure we do pen testing, but because we're an autonomous pen testing tool, we do it continuously. So this whole thought of being like, Oh, crud like my customers, Oh yeah, we got a pen test coming up, it's gonna be six weeks. The wait. Oh yeah. You know, and everyone's gonna sit on their hands, Call me back in two months, Chris, we'll talk to you then. Right? Not, not a real efficient way to test your environment and shoot, we, we saw that with Uber this week. Right? You know, and that's a case where we could have helped. >>Well just real quick, explain the Uber thing cause it was a contractor. Just give a quick highlight of what happened so you can connect the >>Dots. Yeah, no problem. So there it was, I think it was one of those, you know, games where they would try and test an environment. And what the pen tester did was he kept on calling them MFA guys being like, I need to reset my password re to set my password. And eventually the customer service guy said, Okay, I'm resetting it. Once he had reset and bypassed the multifactor authentication, he then was able to get in and get access to the domain area that he was in or the, not the domain, but he was able to gain access to a partial part of the network. He then paralleled over to what would I assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains. And so within minutes they had access. And that's the sort of stuff that we do under, you know, a lot of these tools. >>Like not, and I'm not, you know, you think about the cacophony of tools that are out there in a CTA orchestra architecture, right? I'm gonna get like a Zscaler, I'm gonna have Okta, I'm gonna have a Splunk, I'm gonna do this sore system. I mean, I don't mean to name names, we're gonna have crowd strike or, or Sentinel one in there. It's just, it's a cacophony of things that don't work together. They weren't designed work together. And so we have seen so many times in our business through our customer support and just working with customers when we do their pen test, that there will be 5,000 servers out there. Three are misconfigured. Those three misconfigurations will create the open door. Cause remember the hacker only needs to be right once, the defender needs to be right all the time. And that's the challenge. And so that's why I'm really passionate about what we're doing here at Horizon three. I see this my digital transformation, migration and security going on, which we're at the tip of the sp, it's why I joined say Hall coming on this journey and just super excited about where the path's going and super excited about the relationship with Splunk. I get into more details on some of the specifics of that. But you know, >>I mean, well you're nailing, I mean we've been doing a lot of things around super cloud and this next gen environment, we're calling it NextGen. You're really seeing DevOps, obviously Dev SecOps has, has already won the IT role has moved to the developer shift left as an indicator of that. It's one of the many examples, higher velocity code software supply chain. You hear these things. That means that it is now in the developer hands, it is replaced by the new ops, data ops teams and security where there's a lot of horizontal thinking. To your point about access, there's no more perimeter. So >>That there is no perimeter. >>Huge. A hundred percent right, is really right on. I don't think it's one time, you know, to get in there. Once you're in, then you can hang out, move around, move laterally. Big problem. Okay, so we get that. Now, the challenges for these teams as they are transitioning organizationally, how do they figure out what to do? Okay, this is the next step. They already have Splunk, so now they're kind of in transition while protecting for a hundred percent ratio of success. So how would you look at that and describe the challenges? What do they do? What is, what are the teams facing with their data and what's next? What do they, what do they, what action do they take? >>So let's do some vernacular that folks will know. So if I think about dev sec ops, right? We both know what that means, that I'm gonna build security into the app, but no one really talks about SEC DevOps, right? How am I building security around the perimeter of what's going inside my ecosystem and what are they doing? And so if you think about what we're able to do with somebody like Splunk is we could pen test the entire environment from soup to nuts, right? So I'm gonna test the end points through to it. So I'm gonna look for misconfigurations, I'm gonna, and I'm gonna look for credential exposed credentials. You know, I'm gonna look for anything I can in the environment. Again, I'm gonna do it at at light speed. And, and what we're, what we're doing for that SEC dev space is to, you know, did you detect that we were in your environment? >>So did we alert Splunk or the SIM that there's someone in the environment laterally moving around? Did they, more importantly, did they log us into their environment? And when did they detect that log to trigger that log? Did they alert on us? And then finally, most importantly, for every CSO out there is gonna be did they stop us? And so that's how we, we, we do this in, I think you, when speaking with Stay Hall, before, you know, we've come up with this boils U Loop, but we call it fine fix verify. So what we do is we go in is we act as the attacker, right? We act in a production environment. So we're not gonna be, we're a passive attacker, but we will go in un credentialed UN agents. But we have to assume, have an assumed breach model, which means we're gonna put a Docker container in your environment and then we're going to fingerprint the environment. >>So we're gonna go out and do an asset survey. Now that's something that's not something that Splunk does super well, you know, so can Splunk see all the assets, do the same assets marry up? We're gonna log all that data and think then put load that into the Splunk sim or the smoke logging tools just to have it in enterprise, right? That's an immediate future ad that they've got. And then we've got the fix. So once we've completed our pen test, we are then gonna generate a report and we could talk about about these in a little bit later. But the reports will show an executive summary the assets that we found, which would be your asset discovery aspect of that, a fixed report. And the fixed report I think is probably the most important one. It will go down and identify what we did, how we did it, and then how to fix that. >>And then from that, the pen tester or the organization should fix those. Then they go back and run another test. And then they validate through like a change detection environment to see, hey, did those fixes taste, play take place? And you know, SNA Hall, when he was the CTO of JS o, he shared with me a number of times about, he's like, Man, there would be 15 more items on next week's punch sheet that we didn't know about. And it's, and it has to do with how we, you know, how they were prioritizing the CVEs and whatnot because they would take all CVS was critical or non-critical. And it's like we are able to create context in that environment that feeds better information into Splunk and whatnot. That >>Was a lot. That brings, that brings up the, the efficiency for Splunk specifically. The teams out there. By the way, the burnout thing is real. I mean, this whole, I just finished my list and I got 15 more or whatever the list just can, keeps, keeps growing. How did Node zero specifically help Splunk teams be more efficient? Now that's the question I want to get at, because this seems like a very scalable way for Splunk customers and teams, service teams to be more efficient. So the question is, how does Node zero help make Splunk specifically their service teams be more efficient? >>So to, so today in our early interactions with building Splunk customers, what we've seen are five things, and I'll start with sort of identifying the blind spots, right? So kind of what I just talked about with you. Did we detect, did we log, did we alert? Did they stop node zero, right? And so I would, I put that at, you know, a a a more layman's third grade term. And if I was gonna beat a fifth grader at this game would be, we can be the sparring partner for a Splunk enterprise customer, a Splunk essentials customer, someone using Splunk soar, or even just an enterprise Splunk customer that may be a small shop with three people and, and just wants to know where am I exposed. So by creating and generating these reports and then having the API that actually generates the dashboard, they can take all of these events that we've logged and log them in. >>And then where that then comes in is number two is how do we prioritize those logs, right? So how do we create visibility to logs that are, have critical impacts? And again, as I mentioned earlier, not all CVEs are high impact regard and also not all are low, right? So if you daisy chain a bunch of low CVEs together, boom, I've got a mission critical AP CVE that needs to be fixed now, such as a credential moving to an NT box that's got a text file with a bunch of passwords on it, that would be very bad. And then third would be verifying that you have all of the hosts. So one of the things that Splunk's not particularly great at, and they, they themselves, they don't do asset discovery. So do what assets do we see and what are they logging from that? And then for, from, for every event that they are able to identify the, one of the cool things that we can do is actually create this low-code, no-code environment. >>So they could let, you know, float customers can use Splunk. So to actually triage events and prioritize that events or where they're being routed within it to optimize the SOX team time to market or time to triage any given event. Obviously reducing mtr. And then finally, I think one of the neatest things that we'll be seeing us develop is our ability to build glass tables. So behind me you'll see one of our triage events and how we build a lock Lockheed Martin kill chain on that with a glass table, which is very familiar to this Splunk community. We're going to have the ability, not too distant future to allow people to search, observe on those IOCs. And if people aren't familiar with an ioc, it's an incident of compromise. So that's a vector that we want to drill into. And of course who's better at drilling in into data and Splunk. >>Yeah, this is a critical, this is awesome synergy there. I mean I can see a Splunk customer going, Man, this just gives me so much more capability. Action actionability. And also real understanding, and I think this is what I wanna dig into, if you don't mind understanding that critical impact, okay. Is kind of where I see this coming. I got the data, data ingest now data's data. But the question is what not to log, You know, where are things misconfigured? These are critical questions. So can you talk about what it means to understand critical impact? >>Yeah, so I think, you know, going back to those things that I just spoke about, a lot of those CVEs where you'll see low, low, low and then you daisy chain together and you're suddenly like, oh, this is high now. But then to your other impact of like if you're a, if you're a a Splunk customer, you know, and I had, I had several of them, I had one customer that, you know, terabytes of McAfee data being brought in and it was like, all right, there's a lot of other data that you probably also wanna bring, but they could only afford, wanted to do certain data sets because that's, and they didn't know how to prioritize or filter those data sets. And so we provide that opportunity to say, Hey, these are the critical ones to bring in. But there's also the ones that you don't necessarily need to bring in because low CVE in this case really does mean low cve. >>Like an ILO server would be one that, that's the print server where the, your admin credentials are on, on like a, a printer. And so there will be credentials on that. That's something that a hacker might go in to look at. So although the CVE on it is low, if you daisy chain was something that's able to get into that, you might say, ah, that's high. And we would then potentially rank it giving our AI logic to say that's a moderate. So put it on the scale and we prioritize though, versus a, a vulner review scanner's just gonna give you a bunch of CVEs and good luck. >>And translating that if I, if I can and tell me if I'm wrong, that kind of speaks to that whole lateral movement. That's it. Challenge, right? Print server, great example, look stupid low end, who's gonna wanna deal with the print server? Oh, but it's connected into a critical system. There's a path. Is that kind of what you're getting at? >>Yeah, I used daisy chain. I think that's from the community they came from. But it's, it's just a lateral movement. It's exactly what they're doing. And those low level, low critical lateral movements is where the hackers are getting in. Right? So that's what the beauty thing about the, the Uber example is that who would've thought, you know, I've got my multifactor authentication going in a human made a mistake. We can't, we can't not expect humans to make mistakes. Were fall, were fallible, right? Yeah. The reality is is once they were in the environment, they could have protected themselves by running enough pen tests to know that they had certain exposed credentials that would've stopped the breach. Yeah. And they did not, had not done that in their environment. And I'm not poking. Yeah, >>They put it's interesting trend though. I mean it's obvious if sometimes those low end items are also not protected well. So it's easy to get at from a hacker standpoint, but also the people in charge of them can be fished easily or spear fished because they're not paying attention. Cause they don't have to. No one ever told them, Hey, be careful of what you collect. >>Yeah. For the community that I came from, John, that's exactly how they, they would meet you at a, an international event introduce themselves as a graduate student. These are national actor states. Would you mind reviewing my thesis on such and such? And I was at Adobe at the time though I was working on this and start off, you get the pdf, they opened the PDF and whoever that customer was launches, and I don't know if you remember back in like 2002, 2008 time frame, there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it. And John, that's >>Or LinkedIn. Hey I wanna get a joke, we wanna hire you double the salary. Oh I'm gonna click on that for sure. You know? Yeah, >>Right. Exactly. Yeah. The one thing I would say to you is like when we look at like sort of, you know, cuz I think we did 10,000 pen test last year is it's probably over that now, you know, we have these sort of top 10 ways that we think then fine people coming into the environment. The funniest thing is that only one of them is a, a CVE related vulnerability. Like, you know, you guys know what they are, right? So it's it, but it's, it's like 2% of the attacks are occurring through the CVEs, but yet there's all that attention spent to that. Yeah. And very little attention spent to this pen testing side. Yeah. Which is sort of this continuous threat, you know, monitoring space and, and, and this vulnerability space where I think we play such an important role and I'm so excited to be a part of the tip of the spear on this one. >>Yeah. I'm old enough to know the movie sneakers, which I love as a, you know, watching that movie, you know, professional hackers are testing, testing, always testing the environment. I love this. I gotta ask you, as we kind of wrap up here, Chris, if you don't mind the benefits to team professional services from this alliance, big news Splunk and you guys work well together. We see that clearly. What are, what other benefits do professional services teams see from the Splunk and Horizon three AI alliance? >>So if you're a, I think for, from our, our, from both of our partners as we bring these guys together and many of them already are the same partner, right? Is that first off, the licensing model is probably one of the key areas that we really excel at. So if you're an end user, you can buy for the enterprise by the enter of IP addresses you're using. But if you're a partner working with this, there's solution ways that you can go in and we'll license as to MSPs and what that business model on our MSPs looks like. But the unique thing that we do here is this c plus license. And so the Consulting Plus license allows like a, somebody a small to midsize to some very large, you know, Fortune 100, you know, consulting firms uses by buying into a license called Consulting Plus where they can have unlimited access to as many ips as they want. >>But you can only run one test at a time. And as you can imagine when we're going and hacking passwords and checking hashes and decrypting hashes, that can take a while. So, but for the right customer, it's, it's a perfect tool. And so I I'm so excited about our ability to go to market with our partners so that we underhand to sell, understand how not to just sell too or not tell just to sell through, but we know how to sell with them as a good vendor partner. I think that that's one thing that we've done a really good job building bringing into market. >>Yeah. I think also the Splunk has had great success how they've enabled partners and professional services. Absolutely. They've, you know, the services that layer on top of Splunk are multifold tons of great benefits. So you guys vector right into that ride, that wave with >>Friction. And, and the cool thing is that in, you know, in one of our reports, which could be totally customized with someone else's logo, we're going to generate, you know, so I, I used to work at another organization, it wasn't Splunk, but we, we did, you know, pen testing as a, as a for, for customers and my pen testers would come on site, they, they do the engagement and they would leave. And then another really, someone would be, oh shoot, we got another sector that was breached and they'd call you back, you know, four weeks later. And so by August our entire pen testings teams would be sold out and it would be like, wow. And in March maybe, and they'd like, No, no, no, I gotta breach now. And, and, and then when they do go in, they go through, do the pen test and they hand over a PDF and they pat you on the back and say, there's where your problems are, you need to fix it. And the reality is, is that what we're gonna generate completely autonomously with no human interaction is we're gonna go and find all the permutations that anything we found and the fix for those permutations and then once you fixed everything, you just go back and run another pen test. Yeah. It's, you know, for what people pay for one pen test, they could have a tool that does that. Every, every pat patch on Tuesday pen test on Wednesday, you know, triage throughout the week, >>Green, yellow, red. I wanted to see colors show me green, green is good, right? Not red. >>And once CIO doesn't want, who doesn't want that dashboard, right? It's, it's, it is exactly it. And we can help bring, I think that, you know, I'm really excited about helping drive this with the Splunk team cuz they get that, they understand that it's the green, yellow, red dashboard and, and how do we help them find more green so that the other guys are >>In Yeah. And get in the data and do the right thing and be efficient with how you use the data, Know what to look at. So many things to pay attention to, you know, the combination of both and then, then go to market strategy. Real brilliant. Congratulations Chris. Thanks for coming on and sharing this news with the detail around this Splunk in action around the alliance. Thanks for sharing, >>John. My pleasure. Thanks. Look forward to seeing you soon. >>All right, great. We'll follow up and do another segment on DevOps and IT and security teams as the new new ops, but, and Super cloud, a bunch of other stuff. So thanks for coming on. And our next segment, the CEO of Verizon, three AA, will break down all the new news for us here on the cube. You're watching the cube, the leader in high tech enterprise coverage.

(upbeat music) >> Hey everyone and welcome back to The Cube. We are covering VMware Explore live in San Francisco. This is our third day of wall to wall coverage. And John Furrier is here with me, Lisa Martin. We are excited to welcome two guests from Kasten by Veeam, please welcome Tom Laden, VP of marketing and Matt LeBlanc, not Joey from friends, Matt LeBlanc, the systems engineer from North America at Kasten by Veeam. Welcome guys, great to have you. >> Thank you. >> Thank you for having us. >> Tom-- >> Great, go ahead. >> Oh, I was going to say, Tom, talk to us about some of the key challenges customers are coming to you with. >> Key challenges that they have at this point is getting up to speed with Kubernetes. So everybody has it on their list. We want to do Kubernetes, but where are they going to start? Back when VMware came on the market, I was switching from Windows to Mac and I needed to run a Windows application on my Mac and someone told me, "Run a VM." Went to the internet, I downloaded it. And in a half hour I was done. That's not how it works with Kubernetes. So that's a bit of a challenge. >> I mean, Kubernetes, Lisa, remember the early days of The Cube Open Stack was kind of transitioning, Cloud was booming and then Kubernetes was the paper that became the thing that pulled everybody together. It's now de facto in my mind. So that's clear, but there's a lot of different versions of it and you hear VMware, they call it the dial tone. Usually, remember, Pat Gelter, it's a dial tone. Turns out that came from Kit Colbert or no, I think AJ kind of coined the term here, but it's since been there, it's been adopted by everyone. There's different versions. It's open source. AWS is involved. How do you guys look at the relationship with Kubernetes here and VMware Explore with Kubernetes and the customers because they have choices. They can go do it on their own. They can add a little bit with Lambda, Serverless. They can do more here. It's not easy. It's not as easy as people think it is. And then this is a skill gaps problem too. We're seeing a lot of these problems out there. What's your take? >> I'll let Matt talk to that. But what I want to say first is this is also the power of the cloud native ecosystem. The days are gone where companies were selecting one enterprise application and they were building their stack with that. Today they're building applications using dozens, if not hundreds of different components from different vendors or open source platforms. And that is really what creates opportunities for those cloud native developers. So maybe you want to... >> Yeah, we're seeing a lot of hybrid solutions out there. So it's not just choosing one vendor, AKS, EKS, or Tanzu. We're seeing all the above. I had a call this morning with a large healthcare provider and they have a hundred clusters and that's spread across AKS, EKS and GKE. So it is covering everything. Plus the need to have a on-prem solution manage it all. >> I got a stat, I got to share that I want to get your reactions and you can laugh or comment, whatever you want to say. Talk to big CSO, CXO, executive, big company, I won't say the name. We got a thousand developers, a hundred of them have heard of Kubernetes, okay. 10 have touched it and used it and one's good at it. And so his point is that there's a lot of Kubernetes need that people are getting aware. So it shows that there's more and more adoption around. You see a lot of managed services out there. So it's clear it's happening and I'm over exaggerating the ratio probably. But the point is the numbers kind of make sense as a thousand developers. You start to see people getting adoption to it. They're aware of the value, but being good at it is what we're hearing is one of those things. Can you guys share your reaction to that? Is that, I mean, it's hyperbole at some level, but it does point to the fact of adoption trends. You got to get good at it, you got to know how to use it. >> It's very accurate, actually. It's what we're seeing in the market. We've been doing some research of our own, and we have some interesting numbers that we're going to be sharing soon. Analysts don't have a whole lot of numbers these days. So where we're trying to run our own surveys to get a grasp of the market. One simple survey or research element that I've done myself is I used Google trends. And in Google trends, if you go back to 2004 and you compare VMware against Kubernetes, you get a very interesting graph. What you're going to see is that VMware, the adoption curve is practically complete and Kubernetes is clearly taking off. And the volume of searches for Kubernetes today is almost as big as VMware. So that's a big sign that this is starting to happen. But in this process, we have to get those companies to have all of their engineers to be up to speed on Kubernetes. And that's one of the community efforts that we're helping with. We built a website called learning.kasten.io We're going to rebrand it soon at CubeCon, so stay tuned, but we're offering hands on labs there for people to actually come learn Kubernetes with us. Because for us, the faster the adoption goes, the better for our business. >> I was just going to ask you about the learning. So there's a big focus here on educating customers to help dial down the complexity and really get them, these numbers up as John was mentioning. >> And we're really breaking it down to the very beginning. So at this point we have almost 10 labs as we call them up and they start really from install a Kubernetes Cluster and people really hands on are going to install a Kubernetes Cluster. They learn to build an application. They learn obviously to back up the application in the safest way. And then there is how to tune storage, how to implement security, and we're really building it up so that people can step by step in a hands on way learn Kubernetes. >> It's interesting, this VMware Explore, their first new name change, but VMWorld prior, big community, a lot of customers, loyal customers, but they're classic and they're foundational in enterprises and let's face it. Some of 'em aren't going to rip out VMware anytime soon because the workloads are running on it. So in Broadcom we'll have some good action to maybe increase prices or whatnot. So we'll see how that goes. But the personas here are definitely going cloud native. They did with Tanzu, was a great thing. Some stuff was coming off, the fruit's coming off the tree now, you're starting to see it. CNCF has been on this for a long, long time, CubeCon's coming up in Detroit. And so that's just always been great, 'cause you had the day zero event and you got all kinds of community activity, tons of developer action. So here they're talking, let's connect to the developer. There the developers are at CubeCon. So the personas are kind of connecting or overlapping. I'd love to get your thoughts, Matt on? >> So from the personnel that we're talking to, there really is a split between the traditional IT ops and a lot of the people that are here today at VMWare Explore, but we're also talking with the SREs and the dev ops folks. What really needs to happen is we need to get a little bit more experience, some more training and we need to get these two groups to really start to coordinate and work together 'cause you're basically moving from that traditional on-prem environment to a lot of these traditional workloads and the only way to get that experience is to get your hands dirty. >> Right. >> So how would you describe the persona specifically here versus say CubeCon? IT ops? >> Very, very different, well-- >> They still go ahead. Explain. >> Well, I mean, from this perspective, this is all about VMware and everything that they have to offer. So we're dealing with a lot of administrators from that regard. On the Kubernetes side, we have site reliability engineers and their goal is exactly as their title describes. They want to architect arch applications that are very resilient and reliable and it is a different way of working. >> I was on a Twitter spaces about SREs and dev ops and there was people saying their title's called dev ops. Like, no, no, you do dev ops, you don't really, you're not the dev ops person-- >> Right, right. >> But they become the dev ops person because you're the developer running operations. So it's been weird how dev ops been co-opted as a position. >> And that is really interesting. One person told me earlier when I started Kasten, we have this new persona. It's the dev ops person. That is the person that we're going after. But then talking to a few other people who were like, "They're not falling from space." It's people who used to do other jobs who now have a more dev ops approach to what they're doing. It's not a new-- >> And then the SRE conversation was in site, reliable engineer comes from Google, from one person managing multiple clusters to how that's evolved into being the dev ops. So it's been interesting and this is really the growth of scale, the 10X developer going to more of the cloud native, which is okay, you got to run ops and make the developer go faster. If you look at the stuff we've been covering on The Cube, the trends have been cloud native developers, which I call dev ops like developers. They want to go faster. They want self-service and they don't want to slow down. They don't want to deal with BS, which is go checking security code, wait for the ops team to do something. So data and security seem to be the new ops. Not so much IT ops 'cause that's now cloud. So how do you guys see that in, because Kubernetes is rationalizing this, certainly on the compute side, not so much on storage yet but it seems to be making things better in that grinding area between dev and these complicated ops areas like security data, where it's constantly changing. What do you think about that? >> Well there are still a lot of specialty folks in that area in regards to security operations. The whole idea is be able to script and automate as much as possible and not have to create a ticket to request a VM to be billed or an operating system or an application deployed. They're really empowered to automatically deploy those applications and keep them up. >> And that was the old dev ops role or person. That was what dev ops was called. So again, that is standard. I think at CubeCon, that is something that's expected. >> Yes. >> You would agree with that. >> Yeah. >> Okay. So now translating VM World, VMware Explore to CubeCon, what do you guys see as happening between now and then? Obviously got re:Invent right at the end in that first week of December coming. So that's going to be two major shows coming in now back to back that're going to be super interesting for this ecosystem. >> Quite frankly, if you compare the persona, maybe you have to step away from comparing the personas, but really compare the conversations that we're having. The conversations that you're having at a CubeCon are really deep dives. We will have people coming into our booth and taking 45 minutes, one hour of the time of the people who are supposed to do 10 minute demos because they're asking more and more questions 'cause they want to know every little detail, how things work. The conversations here are more like, why should I learn Kubernetes? Why should I start using Kubernetes? So it's really early day. Now, I'm not saying that in a bad way. This is really exciting 'cause when you hear CNCF say that 97% of enterprises are using Kubernetes, that's obviously that small part of their world. Those are their members. We now want to see that grow to the entire ecosystem, the larger ecosystem. >> Well, it's actually a great thing, actually. It's not a bad thing, but I will counter that by saying I am hearing the conversation here, you guys'll like this on the Veeam side, the other side of the Veeam, there's deep dives on ransomware and air gap and configuration errors on backup and recovery and it's all about Veeam on the other side. Those are the guys here talking deep dive on, making sure that they don't get screwed up on ransomware, not Kubernete, but they're going to Kub, but they're now leaning into Kubernetes. They're crossing into the new era because that's the apps'll end up writing the code for that. >> So the funny part is all of those concepts, ransomware and recovery, they're all, there are similar concepts in the world of Kubernetes and both on the Veeam side as well as the Kasten side, we are supporting a lot of those air gap solutions and providing a ransomware recovery solution and from a air gap perspective, there are a many use cases where you do need to live. It's not just the government entity, but we have customers that are cruise lines in Europe, for example, and they're disconnected. So they need to live in that disconnected world or military as well. >> Well, let's talk about the adoption of customers. I mean this is the customer side. What's accelerating their, what's the conversation with the customer at base, not just here but in the industry with Kubernetes, how would you guys categorize that? And how does that get accelerated? What's the customer situation? >> A big drive to Kubernetes is really about the automation, self-service and reliability. We're seeing the drive to and reduction of resources, being able to do more with less, right? This is ongoing the way it's always been. But I was talking to a large university in Western Canada and they're a huge Veeam customer worth 7000 VMs and three months ago, they said, "Over the next few years, we plan on moving all those workloads to Kubernetes." And the reason for it is really to reduce their workload, both from administration side, cost perspective as well as on-prem resources as well. So there's a lot of good business reasons to do that in addition to the technical reliability concerns. >> So what is those specific reasons? This is where now you start to see the rubber hit the road on acceleration. >> So I would say scale and flexibility that ecosystem, that opportunity to choose any application from that or any tool from that cloud native ecosystem is a big driver. I wanted to add to the adoption. Another area where I see a lot of interest is everything AI, machine learning. One example is also a customer coming from Veeam. We're seeing a lot of that and that's a great thing. It's an AI company that is doing software for automated driving. They decided that VMs alone were not going to be good enough for all of their workloads. And then for select workloads, the more scalable one where scalability was more of a topic, would move to Kubernetes. I think at this point they have like 20% of their workloads on Kubernetes and they're not planning to do away with VMs. VMs are always going to be there just like mainframes still exist. >> Yeah, oh yeah. They're accelerating actually. >> We're projecting over the next few years that we're going to go to a 50/50 and eventually lean towards more Kubernetes than VMs, but it was going to be a mix. >> Do you have a favorite customer example, Tom, that you think really articulates the value of what Kubernetes can deliver to customers where you guys are really coming in and help to demystify it? >> I would think SuperStereo is a really great example and you know the details about it. >> I love the SuperStereo story. They were a AWS customer and they're running OpenShift version three and they need to move to OpenShift version four. There is no upgrade in place. You have to migrate all your apps. Now SuperStereo is a large French IT firm. They have over 700 developers in their environment and it was by their estimation that this was going to take a few months to get that migration done. We're able to go in there and help them with the automation of that migration and Kasten was able to help them architect that migration and we did it in the course of a weekend with two people. >> A weekend? >> A weekend. >> That's a hackathon. I mean, that's not real come on. >> Compared to thousands of man hours and a few months not to mention since they were able to retire that old OpenShift cluster, the OpenShift three, they were able to stop paying Jeff Bezos for a couple of those months, which is tens of thousands of dollars per month. >> Don't tell anyone, keep that down low. You're going to get shot when you leave this place. No, seriously. This is why I think the multi-cloud hybrid is interesting because these kinds of examples are going to be more than less coming down the road. You're going to see, you're going to hear more of these stories than not hear them because what containerization now Kubernetes doing, what Dockers doing now and the role of containers not being such a land grab is allowing Kubernetes to be more versatile in its approach. So I got to ask you, you can almost apply that concept to agility, to other scenarios like spanning data across clouds. >> Yes, and that is what we're seeing. So the call I had this morning with a large insurance provider, you may have that insurance provider, healthcare provider, they're across three of the major hyperscalers clouds and they do that for reliability. Last year, AWS went down, I think three times in Q4 and to have a plan of being able to recover somewhere else, you can actually plan your, it's DR, it's a planned migration. You can do that in a few hours. >> It's interesting, just the sidebar here for a second. We had a couple chats earlier today. We had the influences on and all the super cloud conversations and trying to get more data to share with the audience across multiple areas. One of them was Amazon and that super, the hyper clouds like Amazon, as your Google and the rest are out there, Oracle, IBM and everyone else. There's almost a consensus that maybe there's time for some peace amongst the cloud vendors. Like, "Hey, you've already won." (Tom laughs) Everyone's won, now let's just like, we know where everyone is. Let's go peace time and everyone, then 'cause the relationship's not going to change between public cloud and the new world. So there's a consensus, like what does peace look like? I mean, first of all, the pie's getting bigger. You're seeing ecosystems forming around all the big new areas and that's good thing. That's the tides rise and the pie's getting bigger, there's bigger market out there now so people can share and share. >> I've never worked for any of these big players. So I would have to agree with you, but peace would not drive innovation. And in my heart is with tech innovation. I love it when vendors come up with new solutions that will make things better for customers and if that means that we're moving from on-prem to cloud and back to on-prem, I'm fine with that. >> What excites me is really having the flexibility of being able to choose any provider you want because you do have open standards, being cloud native in the world of Kubernetes. I've recently discovered that the Canadian federal government had mandated to their financial institutions that, "Yes, you may have started all of your on cloud presence in Azure, you need to have an option to be elsewhere." So it's not like-- >> Well, the sovereign cloud is one of those big initiatives, but also going back to Java, we heard another guest earlier, we were thinking about Java, right once ran anywhere, right? So you can't do that today in a cloud, but now with containers-- >> You can. >> Again, this is, again, this is the point that's happening. Explain. >> So when you have, Kubernetes is a strict standard and all of the applications are written to that. So whether you are deploying MongoDB or Postgres or Cassandra or any of the other cloud native apps, you can deploy them pretty much the same, whether they're in AKS, EKS or on Tanzu and it makes it much easier. The world became just a lot less for proprietary. >> So that's the story that everybody wants to hear. How does that happen in a way that is, doesn't stall the innovation and the developer growth 'cause the developers are driving a lot of change. I mean, for all the talk in the industry, the developers are doing pretty good right now. They've got a lot of open source, plentiful, open source growing like crazy. You got shifting left in the CICD pipeline. You got tools coming out with Kubernetes. Infrastructure has code is almost a 100% reality right now. So there's a lot of good things going on for developers. That's not an issue. The issue is just underneath. >> It's a skillset and that is really one of the biggest challenges I see in our deployments is a lack of experience. And it's not everyone. There are some folks that have been playing around for the last couple of years with it and they do have that experience, but there are many people that are still young at this. >> Okay, let's do, as we wrap up, let's do a lead into CubeCon, it's coming up and obviously re:Invent's right behind it. Lisa, we're going to have a lot of pre CubeCon interviews. We'll interview all the committee chairs, program chairs. We'll get the scoop on that, we do that every year. But while we got you guys here, let's do a little pre-pre-preview of CubeCon. What can we expect? What do you guys think is going to happen this year? What does CubeCon look? You guys our big sponsor of CubeCon. You guys do a great job there. Thanks for doing that. The community really recognizes that. But as Kubernetes comes in now for this year, you're looking at probably the what third year now that I would say Kubernetes has been on the front burner, where do you see it on the hockey stick growth? Have we kicked the curve yet? What's going to be the level of intensity for Kubernetes this year? How's that going to impact CubeCon in a way that people may or may not think it will? >> So I think first of all, CubeCon is going to be back at the level where it was before the pandemic, because the show, as many other shows, has been suffering from, I mean, virtual events are not like the in-person events. CubeCon LA was super exciting for all the vendors last year, but the attendees were not really there yet. Valencia was a huge bump already and I think Detroit, it's a very exciting city I heard. So it's going to be a blast and it's going to be a huge attendance, that's what I'm expecting. Second I can, so this is going to be my third personally, in-person CubeCon, comparing how vendors evolved between the previous two. There's going to be a lot of interesting stories from vendors, a lot of new innovation coming onto the market. And I think the conversations that we're going to be having will yet, again, be much more about live applications and people using Kubernetes in production rather than those at the first in-person CubeCon for me in LA where it was a lot about learning still, we're going to continue to help people learn 'cause it's really important for us but the exciting part about CubeCon is you're talking to people who are using Kubernetes in production and that's really cool. >> And users contributing projects too. >> Also. >> I mean Lyft is a poster child there and you've got a lot more. Of course you got the stealth recruiting going on there, Apple, all the big guys are there. They have a booth and no one's attending you like, "Oh come on." Matt, what's your take on CubeCon? Going in, what do you see? And obviously a lot of dynamic new projects. >> I'm going to see much, much deeper tech conversations. As experience increases, the more you learn, the more you realize you have to learn more. >> And the sharing's going to increase too. >> And the sharing, yeah. So I see a lot of deep conversations. It's no longer the, "Why do I need Kubernetes?" It's more, "How do I architect this for my solution or for my environment?" And yeah, I think there's a lot more depth involved and the size of CubeCon is going to be much larger than we've seen in the past. >> And to finish off what I think from the vendor's point of view, what we're going to see is a lot of applications that will be a lot more enterprise-ready because that is the part that was missing so far. It was a lot about the what's new and enabling Kubernetes. But now that adoption is going up, a lot of features for different components still need to be added to have them enterprise-ready. >> And what can the audience expect from you guys at CubeCon? Any teasers you can give us from a marketing perspective? >> Yes. We have a rebranding sitting ready for learning website. It's going to be bigger and better. So we're not no longer going to call it, learning.kasten.io but I'll be happy to come back with you guys and present a new name at CubeCon. >> All right. >> All right. That sounds like a deal. Guys, thank you so much for joining John and me breaking down all things Kubernetes, talking about customer adoption, the challenges, but also what you're doing to demystify it. We appreciate your insights and your time. >> Thank you so much. >> Thank you very much. >> Our pleasure. >> Thanks Matt. >> For our guests and John Furrier, I'm Lisa Martin. You've been watching The Cube's live coverage of VMware Explore 2022. Thanks for joining us. Stay safe. (gentle music)

(upbeat music) >> Welcome back to a Blueprint For Trusted Infrastructure. We're here with Rob Emsley. Who's the director of product marketing for data protection and cyber security. Rob, good to see you. A new role. >> Yeah. Good to be back, Dave. Good to see you. Yeah, it's been a while since we chatted last and, you know, one of the changes in my world is that I've expanded my responsibilities beyond data protection marketing to also focus on cybersecurity marketing specifically for our infrastructure solutions group. So certainly that's, you know, something that really has driven us, you know, to come and have this conversation with you today. >> So data protection obviously has become an increasingly important component of the cyber security space. I don't think necessarily of, you know, traditional backup and recovery as security, to me, it's an adjacency. I know some companies have said, oh, yeah. Now we're a security company. They're kind of chasing the valuation bubble. >> For sure. >> Dell's interesting because you have, you know, data protection in the form of backup and recovery and data management, but you also have security, you know, direct security capabilities. So you're sort of bringing those two worlds together and it sounds like your responsibility is to connect those dots. Is that right? >> Absolutely. Yeah. I mean, I think that the reality is is that security is a multi-layer discipline. I think the days of thinking that it's one or another technology that you can use or process that you can use to make your organization secure are long gone. I mean, certainly you actually correct. If you think about the backup and recovery space, I mean, people have been doing that for years, you know, certainly backup and recovery, it's all about the recovery. It's all about getting yourself backup and running when bad things happen. And one of the realities, unfortunately today is that one of the worst things that can happen is cyber attacks. You know, ransomware, malware are all things that are top of mind for all organizations today. And that's why you see a lot of technology and a lot of innovation going into the backup and recovery space because if you have a copy, a good copy of your data, then that is really the first place you go to recover from a cyber attack. And that's why it's so important. The reality is is that unfortunately the cyber criminals keep on getting smarter. I don't know how it happens, but one of the things that is happening is that the days of them just going after your production data are no longer the only challenge that you have, they go after your backup data as well. So over the last half a decade, Dell Technologies with its backup and recovery portfolio has introduced the concept of isolated cyber recovery vaults. We've had many conversations about that over the years and that's really a big tenant of what we do in the data protection portfolio. >> So this idea of cybersecurity resilience that definition is evolving. What does it mean to you? >> Yeah, I think the analyst team over at Gartner, they wrote a very insightful paper called you will be hacked embrace the breach. And the whole basis of this analysis is so much money's been spent on prevention is that what's out of balance is the amount of budget that companies have spent on cyber resilience and cyber resilience is based upon the premise that you will be hacked. You have to embrace that fact and be ready and prepared to bring yourself back into business. You know, and that's really where cyber resiliency is very, very different than cyber security and prevention, you know, and I think that balance of get your security disciplines well funded, get your defenses as good as you can get them but make sure that if the inevitable happens and you find yourself compromised that you have a great recovery plan and certainly a great recovery plan, it's really the basis of any good, solid data protection backup from recovery philosophy. >> So if I had to do a SWOT analysis, we don't have to do the WOT, but let's focus on the S. What would you say are Dell's strengths in this, you know, cyber security space as it relates to data protection? >> One is we've been doing it a long time. You know, we talk a lot about Dell's data protection being proven and modern. You know, certainly the experience that we've had over literally three decades of providing enterprise scale data protection solutions to our customers has really allowed us to have a lot of insight into what works and what doesn't. As I mentioned to you, one of the unique differentiators of our solution is the cyber recovery vaulting solution that we introduce a little over five years ago, five, six years. Power protect cyber recovery is something which has become a unique capability for customers to adopt on top of their investment in Dell Technologies data protection, you know, the unique elements of our solution already threefold, and we call them the three Is. It's isolation, it's a immutability and it's intelligence. And the, the isolation part is really so important because you need to reduce the attack surface of your good known copies of data. You know, you need to put it in a location that the bad actors can't get to it. And that really is the essence of a cyber recovery vault. Interestingly enough, you're starting to see the market throw out that word, you know, from many other places, but really it comes down to having a real discipline that you don't allow the security of your cyber recovery vault to be compromised insofar as allowing it to be controlled from outside of the vault, you know, allowing it to be controlled by your backup application. Our cyber recovery vaulting technology is independent of the backup infrastructure. It uses it, but it controls its own security. And that is so, so important. It's like having a vault that the only way to open it is from the inside, you know, and think about that. If you think about, you know, vaults in banks or vaults in your home, normally you have a key pad on the outside. Think of our cyber recovery vault as having its security controlled from inside of the vault. >> So nobody can get in, nothing can get in unless it's already in. And if it's already in, then it's trusted. >> Exactly, exactly. >> Yeah. So isolation's the key. And then you mentioned immutability is the second piece. >> Yeah, so immutability is also something which has been around for a long time. People talk about backup mutability or immutable backup copies. So I mutability is just the additional technology that allows the data that's inside of the vault to be unchangeable, you know, but again that immutability, you know, your mileage varies, you know, when you look across the different offers that are out there in the market especially in the backup industry. You made a very valid point earlier that the backup vendors in the market seem to be security washing their marketing messages. I mean, everybody is leaning into the ever present danger of cybersecurity, not a bad thing, but the reality is is that you have to have the technology to back it up, you know, quite literally >> Yeah, no pun intended. Right. Actually pun intended. Now what about the intelligence piece of it? That's that's AI, ML, where does that fit? >> For sure. So the intelligence piece is delivered by a solution called CyberSense. And CyberSense for us is what really gives you the confidence that what you have in your cyber recovery vault is a good clean copy of data. So it's looking at the backup copies that get driven into the cyber vault, and it's looking for anomalies. So it's not looking for signatures of malware. You know, that's what your antivirus software does. That's what your endpoint protection software does. That's on the prevention side of the equation. But what we're looking for is we're looking to ensure that the data that you need when all hell breaks loose is good and that when you get a request to restore and recover your business, you go, right, let's go and do it. And you don't have any concern that what you have in the vault has been compromised. So cyber sense is really a unique analytic solution in the market based upon the fact that it isn't looking at at cursory indicators of malware infection or ransomware introduction, it's doing full content analytics, you know, looking at, you know, has the data in any way changed, has it suddenly become encrypted? Has it suddenly become different to how it was in the previous scan? So that anomaly detection is very, very different. It's looking for, you know, like different characteristics that really are an indicator that something is going on. And, of course, if it sees it, you immediately get flagged. But the good news is is that you always have in the vault the previous copy of good known data which now becomes your restore point. >> So we're talking to Rob Emsley about how data protection fits into what Dell calls DTI, Dell Trusted Infrastructure. And I want to come back, Rob, to this notion of, and not or cause I think a lot of people are skeptical. Like how can I have great security and not introduce friction into my organization? Is that an automation play? How does Dell tackle that problem? >> I mean, I think a lot of it is across our infrastructure is is security has to be built in, I mean, intrinsic security within our servers, within our storage devices, within our elements of our backup infrastructure. I mean, security, multifactor authentication, you know, elements that make the overall infrastructure secure. You know, we have capabilities that, you know, allow us to identify whether or not configurations have changed. You know, we'll probably be talking about that a little bit more to you later in the segment, but the essence is security is not a Bolton. It has to be part of the overall infrastructure. And that's so true, certainly in the data protection space >> Give us the bottom line on how you see Dell's key differentiators. Maybe you could talk about Dell, of course, always talks about its portfolio, but why should customers, you know, lead in to Dell in this whole cyber resilience space? >> You know, staying on the data protection space as I mentioned, the work we've been doing to introduce this cyber resiliency solution for data protection is in our opinion, as good as it gets. You know, you've spoken to a number of our best customers whether it be Bob Bender from Founders Federal or more recently at (indistinct) you spoke to Tony Bryson from the Town of Gilbert. And these are customers that we've had for many years that have implemented cyber recovery vaults. And at the end of the day, they can now sleep at night. You know, that's really the peace of mind that they have is that the insurance that a data protection from Dell cyber recovery vault, a power protect cyber recovery solution gives them, you know, really allows them to, you know, just have the assurance that they don't have to pay a ransom. If they have an insider threat issue and, you know, all the way down to data deletion is they know that what's in the cyber recovery vault is good and ready for them to recover from. >> Great. Well, Rob, congratulations on the new scope of responsibility. I like how, you know, your organization is expanding as the threat surface is expanding. As we said, data protection becoming an adjacency to security, not security in and of itself. A key component of a comprehensive security strategy. Rob Emsley, thank you for coming back in theCUBE. Good to see you again. >> You too, Dave. Thanks. >> All right, in a moment, I'll be back to wrap up a blueprint for trusted infrastructure. You are watching theCUBE. (upbeat music)

(upbeat music) >> Welcome back to theCUBE's continuing coverage of Snowflake Summit 22 live from Caesars Forum in Las Vegas. I'm Lisa Martin with Dave Vellante. We've got a couple of guests joining us now. We're going to be talking about financial services. Rinesh Patel joins us, the Global Head of Financial Services for Snowflake, and Jack Berkowitz, Chief Data Officer at ADP. Guys, welcome to the program. >> Thanks, thanks for having us. >> Thanks for having us. >> Talk to us about what's going on in the financial services industry as a whole. Obviously, we've seen so much change in the last couple of years. What does the data experience look like for internal folks and of course, for those end user consumers and clients? >> So, one of the big things happening inside of the financial services industry is overcoming the COVID wait, right? A lot of banks, a lot of institutions like ours had a lot of stuff on-prem. And then the move to the Cloud allows us to have that flexibility to deal with it. And out of that is also all these new capabilities. So the machine learning revolution has really hit the services industry, right? And so it's affecting how our IT teams or our data teams are building applications. Also really affecting what the end consumers get out of them. And so there's all sorts of consumerization of the experience over the past couple of years much faster than we ever expected it to happen. >> Right, we have these expectations as consumers that bleed into our business lives that I can do transactions. It's going to be on the swipe in terms of checking authenticity, fraud detection, et cetera. And of course we don't want things to go back in terms of how brands are serving us. Talk about some of the things that you guys have put in place with Snowflake in the last couple of years, particularly at ADP. >> Yeah, so one of the big things that we've done, is, one of the things that we provide is compensation data. So we issue a thing called the National Employment Report that informs the world as to what's happening in the U.S. economy in terms of workers. And then we have compensation data on top of that. So the thing that we've been able to do with Snowflake is to lower the time that it takes us to process that and get that information out into the fingertips of people. And so people can use it to see what's changed in terms of with the worker changes, how much people are making. And they can get it very, very quickly. And we're able to do that with Snowflake now. Used to take us weeks, now it's in a matter of moments we can get that updated information out to people. >> Interesting. It helps with the talent war and- >> Helps in the talent war, helps people adjust, even where they're going to put supply chain in reaction to where people are migrating. We can have all of that inside of the Snowflake system and available almost instantaneously. >> You guys announced the Financial Data Cloud last year. What was that like? 'Cause I know we had Frank on early, he clearly was driving the verticalization of Snowflake if you will, which is kind of rare for a relatively new software company but what's that been like? Give us the update on where you're at and biggest vertical, right? >> Absolutely, it's been an exciting 12 months. We're a platform, but the journey and the vision is more. We're trying to bring together a fragmented ecosystem across financial services. The aim is really to bring together key customers, key data providers, key solution providers all across the different Clouds that exist to allow them to collaborate with data in a seamless way. To solve industry problems. To solve industry problems like ESG, to solve industry problems like quantitative research. And we're seeing a massive groundswell of customers coming to Snowflake, looking at the Financial Services Data Cloud now to actually solve business problems, business critical problems. That's really driving a lot of change in terms of how they operate, in terms of how they win customers, mitigate risk and so forth. >> Jack, I think, I feel like the only industry that's sometimes more complicated than security, is data. Maybe not, security's still maybe more fragmented- >> Well really the intersection of the two is a nightmare. >> And so as you look out on this ecosystem, how do you as the chief data officer, how do you and your organization, what process do you use to decide, okay, which of the, like a chef, which of these ingredients am I going to put together for my business. >> It's a great question, right? There's been explosion of companies. We kind of look at it in two ways. One is we want to make sure that the software and the data can interoperate because we don't want to be in the business of writing bridge code. So first thing is, is having the ecosystem so that the things are tested and can work together. The other area is, and it's important to us is understanding the risk profile of that company. We process about 20% of the U.S. payroll, another 25% of the taxes. And so there's a risk to us that we have an imperative to protect. So we're looking at those companies are they financed, what's their management team. What's the sales experience like, that's important to us. And so technology and the experience of the company coming together are super important to us. >> What's your purview as a chief data officer, I mean, a lot of CDOs that I know came out of the back office and it was a compliance or data quality. You come out of industry from a technology company. So you're sort of the modern... You're like the modern CDO. >> Thanks. Thanks. >> Dave: What's your role? >> I appreciate that. >> You know what I'm saying though? >> And for a while it was like, oh yeah, compliance. >> So I actually- >> And then all of a sudden, boom, big deal. >> Yeah, I really have two jobs. So I have that job with data governance but a lot of data security. But I also have a product development unit, a massive business in monetization of data or people analytics or these compensation benchmarks or helping people get mortgages. So providing that information, so that people can get their mortgage, or their bank loans, or all this other type of transactional data. *So it's both sides of that equation is my reading inside. >> You're responsible for building data products? >> That's right. >> Directly. >> That's right. I've got a massive team that builds data products. >> Okay. That's somewhat unique in your... >> I think it's where CDOs need to be. So we build data products. We build, and we assist as a hub to allow other business units to build analytics that help them either optimize their cost or increase their sales. And then we help with all that governance and communication, we don't want to divide it up. There's a continuum to it. >> And you're a peer of the CIO and the CISO? >> Yeah, exactly. They're my peers. I actually talk to them almost every day. So I've got the CIO as a peer. >> It's a team. >> I've got the security as a peer and we get things done together. >> Talk about the alignment with business. We've been talking a lot about alignment with the data folks, the business folks, the technical folks to identify the right solutions, to be able to govern data, to monetize it, to create data products. What does that... You mentioned a couple of your cohorts, but on the business side, who are some of those key folks? >> So we're like any other big, big organization. We have lots of different business units. So we work directly with either the operational team or the heads of those business units to divine analytic missions that they'll actually execute. And at the same time, we actually have a business unit that's all around data monetization. And so I work with them every single day. And so these business units will come together. I think the big thing for us is to define value and measure that value as we go. As long as we're measuring that value as we go, then we can continue to see improvements. And so, like I said, sometimes it's bottom line, sometimes it's top line, but we're involved. Data is actually a substrate of the company. It's not a side thing to the company. >> Yeah, you are. >> ADP. >> Yeah but if they say data first but you really are data first. >> Yeah. I mean, our CEO says- >> Data's your product. >> Data's our middle name. And it literally is. >> Well, so what do you do in the Snowflake financial services data Cloud? Are you monetizing? >> Yeah. >> What's the plan? >> Yeah, so we have clients. So part of our data monetization is actually providing aggregate and anonymized information that helps other clients make business decisions. So they'll take it into their analytics. So, supply chain optimization, where should we actually put the warehouses based on the population shifts? And so we're actually using the file distribution capabilities or the information distribution, no longer files, where we use Snowflake to actually be that data cloud for those clients. So the data just pops up for our other clients. >> I think the industry's existed a lot with the physical movement of data. When you physically move data, you also physically move the data management challenges. Where do you store it? How do you map it? How do you concord it? And ultimately data sharing is taking away that friction that exists. So it's easier to be able to make informed decisions with the data at hand across two counterparties. >> Yeah, and there's a benefit to us 'cause it lowers our friction. We can have a conversation and somebody can be... Obviously the contracts have to be signed, but once they get done, somebody's up and running on it within minutes. And where it used to be, as you were saying, the movement of data and loss of control, we never actually lose control of it. We know where it is. >> Or yeah, contracts signed, now you got to go through this long process of making sure everything's cool, or a lot of times it could slow down the sale. >> That's right. >> Let's see how that's going to... Let's do a little advanced work. Now you're working without a contract. Here, you can say, "Hey, we're in the Snowflake data cloud. It's governed, you're a part of the ecosystem." >> Yeah, and the ecosystem we announced, oh gee, I think it's probably almost a year and a half ago, a relationship with ICE, Intercontinental Exchange, where they're actually taking our information and their information and creating a new data product that they in turn sell. So you get this sort of combination. >> Absolutely. The ability to form partnerships and monetize data with your partners vastly increases as a consequence. >> Talk to us about the adoption of the financial services data cloud in the last what, maybe nine months or so, since it was announced? And also in terms of the its value proposition, how does the ADP use case articulate that? >> So, very much so. So in terms of momentum, we're a global organization, as you mentioned, we are verticalized. So we have increasingly more expertise and expertise experience now within financial services that allows us to really engage and accelerate our momentum with the top banks, with the biggest asset managers by AUM, insurance companies, sovereign wealth funds on Snowflake. And obviously those data providers and solution providers that we engage with. So the momentum's really there. We're really moving very, very fast in a great market because we've got great opportunity with the capabilities that we have. I mean, ADP is just one of many use cases that we're working with and collaborations that we're taking to market. So yeah, the opportunity to monetize data and help our partners monetize the data has vastly increased within this space. >> When you think about... Oh go ahead, please. >> Yeah I was just going to say, and from our perspective, as we were getting into this, Snowflake was with us on the journey. And that's been a big deal. >> So when you think about data privacy, governance, et cetera, and public policy, it seems like you have, obviously you got things going on in Europe, and you got California, you have other states, there's increasing in complexity. You guys probably love that. (Dave laughs) More data warehouses, but where are we at with that whole? >> It's a great question. Privacy is... We hold some of the most critical information about people because that's our job to help people get paid. And we respect that as sort of our prime agenda. Part of it deals with the technology. How do you monitor, how do you see, make sure that you comply with all these regulations, but a lot of it has to do with the basic ethics of why you're doing and what you're doing. So we have a data and AI ethics board that meets and reviews our use cases. Make sure not only are we doing things properly to the regulation, but are these the types of products, are these the types of opportunities that we as a company want to stand behind on behalf of the consumers? Our company's been around 75 years. We talk about ourselves as a national asset. We have a trust relationship. We want to ensure that that trust relationship is never violated. >> Are you in a position where you can influence public policy and create more standards or framework. >> We actually are, right. We issue something every month called the National Employment Report. It actually tells you what's happening in the U.S. economy. We also issue it in some overseas countries like France. Because of that, we work a lot with various groups. And we can help shape, either data policy, we're involved in understanding although we don't necessarily want to be out in the front, but we want to learn about what's happening with federal trade commission, EOC, because at the end of the day we serve people, I always joke ADP, it's my grandfather's ADP. Well, it was actually my grandfather's ADP. (Dave laughs) He was a small businessman, and he used a ADP all those years ago. So we want to be part of that conversation because we want to continue to earn that trust every day. >> Well, plus your observation space is pretty wide. >> And you've got context and perspective on that that you can bring. >> We move somewhere between two, two and a half trillion dollars a year through our systems. And so we understand what's happening in the economy. >> What are some of the, oh sorry. >> Can your National Employment Report combined with a little Snowflake magic tell us what the hell's going to happen with this economy? >> It's really interesting you say that. Yeah, we actually can. >> Okay. (panelists laugh) >> I think when you think about the amount of data that we are working with, the types of partners that we're working with, the opportunities are infinite. They really, really are. >> So it's either a magic eight ball or it's a crystal ball, but you have it. >> We think- >> We've just uncovered that here on theCUBE. >> We think we have great partners. We have great data. We have a set of industry problems out there that we're working, collaboration with the community to be able to solve. >> What are some of the upcoming use cases Rinesh, that excite you, that are coming up in financial services- >> Great question. >> That snowflake is just going to knock out of the park. >> So look, I think there's a set of here and now problems that the industry faces, ESG's a good one. If you think about ESG, it means many different things from business ethics, to diversity, to your carbon footprint and every asset manager has to make sure they have now some form of green strategy that reflects the values of their investors. And every bank is looking to put in place sustainable lending to help their corporate customers transition. That's a big data problem. And so we're very much at the center of helping those organizations support those informed investors and help those corporates transition to a more sustainable landscape. >> Let me give you an example on Snowflake, we launched capabilities about diversity benchmarks. The first time in the industry companies can understand for their industry, their size, their location what their diversity profile looks like and their org chart profile looks like to differentiate or at least to understand are they doing the right things inside the business. The ability for banks to understand that and everything else, it's a big deal. And that was built on Snowflake. >> I think it's massive, especially in the context of the question around regulation 'cause we're seeing more and more disclosure agreements come out where regulators are making sure that there's no greenwashing taking place. So when you have really strong sources of data that are standardized, that allow that investment process to ingest that data, it does allow for a better outcome for investors. >> Real data, I mean, that diversity example they don't have to rely on a survey. >> It's not a survey. >> Anecdotes. >> It's coming right out of the transactional systems and it's updated, whenever those paychecks are run, whether it's weekly, whether it's biweekly or monthly, all that information gets updated and it's available. >> So it sounds like ADP is a facilitator of a lot of companies ESG initiatives, at least in part? >> Well, we partner with companies all the time. We have over 900,000 clients and all of them are... We've never spoken to a client who's not concerned about their people. And that's just good business. And so, yeah we're involved in that and we'll see where it goes over time now. >> I think there's tremendous opportunity if you think about the data that the ADP have in terms of diversity, in terms of gender pay gap. Huge, huge opportunity to incorporate that, as I said into the ESG principles and criteria. >> Good, 'cause that definitely is what needs to be addressed. (Lisa laughs) Guys thank you so much for joining Dave and me on the program, talking about Snowflake ADP, what you're doing together, and the massive potential that you're helping unlock with the value of data. We appreciate your insights and your time. >> Thank you for having us. >> Dave: Thanks guys. >> Thank you so much. >> For our guests, and Dave Vellante, I'm Lisa Martin. You're watching theCUBE, live in Las Vegas at Snowflake Summit 22. Dave and I will be right back with our next guest. (upbeat music)

(light music playing) >> Welcome back to VEEAMON 2022 in Las Vegas. We're at the Aria. This is theCUBE and we're covering two days of VEEAMON. We've done a number of VEEAMONs before, we did Miami, we did New Orleans, we did Chicago and we're, we're happy to be back live after two years of virtual VEEAMONs. I'm Dave Vellante. My co-host is David Nicholson. Eric Herzog is here. You think he's, Eric's been on theCUBE, I think more than any other guest, including Pat Gelsinger, who at one point was the number one guest. Eric Herzog, CMO of INFINIDAT great to see you again. >> Great, Dave, thank you. Love to be on theCUBE. And of course notice my Hawaiian shirt, except I now am supporting an INFINIDAT badge on it. (Dave laughs) Look at that. >> Is that part of the shirt or is that a clip-on? >> Ah, you know, one of those clip-ons but you know, it looks good. Looks good. >> Hey man, what are you doing at VEEAMON? I mean, you guys started this journey into data protection several years ago. I remember we were actually at one of their competitors' events when you first released it, but tell us what's going on with Veeam. >> So we do a ton of stuff with Veeam. We do custom integration. We got some integration on the snapshotting side, but we do everything and we have a purpose built backup appliance known as InfiniGuard. It works with Veeam. We also actually have some customers who use our regular primary storage device as a backup target. The InfiniGuard product will do the data reduction, the dedupe compression, et cetera. The standard product does not, it's just a standard high performance array. We will compress the data, but we have customers that do it either way. We have a couple customers that started with the InfiniBox and then transitioned to the InfiniGuard, realizing that why would you put it on regular storage? Why not go to something that's customized for it? So we do that. We do stuff in the field with them. We've been at all the VEEAMONs since the, since like, I think the second one was the first one we came to. We're doing the virtual one as well as the live one. So we've got a little booth inside, but we're also doing the virtual one today as well. So really strong work with Veeam, particularly at the field level with the sales guys and in the channel. >> So when INFINIDAT does something, you guys go hardcore, high end, fast recovery, you just, you know, reliable, that's kind of your brand. Do you see this movement into data protection as kind of an adjacency to your existing markets? Is it a land and expand strategy? Can you kind of explain the strategy there. >> Ah, so it's actually for us a little bit of a hybrid. So we have several accounts that started with InfiniBox and now have gone with the InfiniGuard. So they start with primary storage and go with secondary storage/modern data protection. But we also have, in fact, we just got a large PO from a Fortune 50, who was buying the InfiniGuard first and now is buying our InfiniBox. >> Both ways. Okay. >> All flash array. And, but they started with backup first and then moved to, so we've got them moving both directions. And of course, now that we have a full portfolio, our original product, the InfiniBox, which was a hybrid array, outperformed probably 80 to 85% of the all flash arrays, 'cause the way we use DRAM. And what's so known as our mural cash technology. So we could do very well, but there is about, you know, 15, 20% of the workloads we could not outperform the competition. So then we had an all flash array and purpose built backup. So we can do, you know, what I'll say is standard enterprise storage, high performance enterprise storage. And then of course, modern data protection with our partnerships such as what we do with Veeam and we've incorporated across the entire portfolio, intense cyber resilience technology. >> Why does the world, Eric, need another purpose built backup appliance? What do you guys bring that is filling a gap in the marketplace? >> Well, the first thing we brought was much higher performance. So when you look at the other purpose built backup appliances, it's been about our ability to have incredibly high performance. The second area has been CapEx and OpEx reduction. So for example, we have a cloud service provider who happens to be in South Africa. They had 14 purpose built backup appliances from someone else, seven in one data center and seven in another. Now they have two InfiniGuards, one in each data center handling all of their backup. You know, they're selling backup as a service. They happen to be using Veeam as well as one other backup company. So if you're the cloud provider from their perspective, they just dramatically reduce their CapEx and OpEx. And of course they've made it easier for them. So that's been a good story for us, that ability to consolidation, whether it be on primary storage or secondary storage. We have a very strong play with cloud providers, particularly those meeting them in small that have to compete with the hyperscalers right. They don't have the engineering of Amazon or Google, right? They can't compete with what the Azure guys have got, but because the way both the InfiniGuard and the InfiniBox work, they could dramatically consolidate workloads. We probably got 30 or 40 midsize and actually several members of the top 10 telcos use us. And when they do their clouds, both their internal cloud, but actually the clouds that are actually running the transmissions and the traffic, it actually runs on InfiniBox. One of them has close to 200 petabytes of InfiniBox and InfiniBox, all flash technology running one of the largest telcos on the planet in a cloud configuration. So all that's been very powerful for us in driving revenue. >> So phrases of the week have been air gap, logical air gap, immutable. Where does InfiniGuard fit into that universe? And what's the profile of the customer that's going to choose InfiniGuard as the target where they're immutable, Write Once Read Many, data is going to live. >> So we did, we announced our InfiniSafe technology first on the InfiniGuard, which actually earlier this year. So we have what I call the four legs of the stool of cyber resilience. One is immutable snapshots, but that's only part of it. Second is logical air gapping, and we can do both local and remote and we can provide and combine local with remote. So for example, what that air gap does is separate the management plane from the actual data plane. Okay. So in this case, the Veeam data backup sets. So the management cannot touch that immutable, can't change it, can't delete it. can't edit it. So management is separated once you start and say, I want to do an immutable snap of two petabytes of Veeam backup dataset. Then we just do that. And the air gap does it, but then you could take the local air gap because as you know, from inception to the end of an attack can be close to 300 days, which means there could be a fire. There could be a tornado, there could be a hurricane, there could be an earthquake. And in the primary data center, So you might as well have that air gap just as you would do- do a remote for disaster recovery and business continuity. Then we have the ability to create a fenced forensic environment to evaluate those backup data sets. And we can do that actually on the same device. That is the purpose built backup appliance. So when you look at the architectural, these are public from our competitors, including the guys that are in sort of Hopkinton/Austin, Texas. You can see that they show a minimum of two physical devices. And in many cases, a third, we can do that with one. So not only do we get the fence forensic environment, just like they do, but we do it with reduction, both CapEx and OpEx. Purpose built backup is very high performance. And then the last thing is our ability to recover. So some people talk about rapid recovery, I would say, they dunno what they're talking about. So when we launched the InfiniGuard with InfiniSafe, we did a live demo, 1.5 petabytes, a Veeam backup dataset. We recovered it in 12 minutes. So once you've identified and that's on the InfiniGuard. On the InfiniBox, once you've identified a good copy of data to do the recovery where you're free of malware ransomware, we can do the recovery in three to five seconds. >> Okay. >> So really, really quick. Actually want to double click on something because people talk about immutable copies, immutable snapshots in particular, what have the actual advances been? I mean, is this simply a setting that maybe we didn't set for retention at some time in the past, or if you had to engineer something net new into a system so to provide that logical air gap. >> So what's net new is the air gapping part. Immutable snapshots have been around, you know, before we were on screen, you talked about WORM, Write Once Read Many. Well, since I'm almost 70 years old, I actually know what that means. When you're 30 or 40 or 50, you probably don't even know what a WORM is. Okay. And the real use of immutable snapshots, it was to replace WORM which was an optical technology. And what was the primary usage? Regulatory and compliance, healthcare, finance and publicly traded companies that were worried about. The SEC or the EU or the Japanese finance ministry coming down on them because they're out of compliance and regulatory. That was the original use of immutable snap. Then people were, well, wait a second. Malware ransomware could attack me. And if I got something that's not changeable, that makes it tougher. So the real magic of immutability was now creating the air gap part. Immutability has been around, I'd say 25 years. I mean, WORMs sort of died back when I was at Mac store the first time. So that was 1990-ish is when WORMs sort of fell away. And there have been immutable snapshots from most of the major storage vendors, as well as a lot of the small vendors ever since they came out, it's kind of like a checkbox item because again, regulatory and compliance, you're going to sell to healthcare, finance, public trade. If you don't have the immutable snapshot, then they don't have their compliance and regulatory for SEC or tax purposes, right? With they ever end up in an audit, you got to produce data. And no one's using a WORM drive anymore to my knowledge. >> I remember the first storage conference I ever went to was in Monterey. It had me in the early 1980s, 84 maybe. And it was a optical disc drive conference. The Jim Porter of optical. >> Yep. (laughs) >> I forget what the guy's name was. And I remember somebody coming up to me, I think it was like Bob Payton rest his soul, super smart strategy guy said, this is never going to happen because of the cost and that's what it was. And now you've got that capability on flash, you know, hard disk, et cetera. >> Right. >> So the four pillars, immutability, the air gap, both local and remote, the fence forensics and the recovery speed. Right? >> Right. Pick up is one thing. Recovery is everything. Those are the four pillars, right? >> Those are the four things. >> And your contention is that those four things together differentiate you from the competition. You mentioned, you know, the big competition, but how unique is this in the marketplace, those capabilities and how difficult is it to replicate? >> So first of all, if someone really puts their engineering hat to it, it's not that hard to replicate. It takes a while. Particularly if you're doing an enterprise, for example, our solutions all have a hundred percent availability guarantee. That's hard to do. Most guys have seven nines. >> That's hard. >> We really will guarantee a hundred percent availability. We offer an SLA that's included when you buy. We don't charge extra for it. It's like if you want it, like you just get it. Second thing is really making sure on the recovery side is the hardest part, particularly on a purpose built backup appliance. So when you look at other people and you delve into their public material, press releases, white paper, support documentation. No one's talking about. Yeah, we can take a 1.5 petabyte Veeam backup data set and make it available in 12 minutes and 12 seconds, which was the exact time that we did on our live demo when we launched the product in February of 2022. No one's talking that. On primary storage, you're hearing some of the vendors such as my old employer that also who, also starts with an "I", talk about a recovery time of two to three hours once you have a known good copy. On primary storage, once we have a known good copy, we're talking three to five seconds for that copy to be available. So that's just sort of the power of the snapshot technology, how we manage our metadata and what we've done, which previous to cyber resiliency, we were known for our replication capability and our snapshot capability from an enterprise class data store. That's what people said. INFINIDAT really knows how to do the replication snapshot. I remember our founder was one of the technical founders of EMC for a product known as the Symmetric, which then became the DMAX, the VMAX and is now is the PowerMax. That was invented by the guy who founded INFINIDAT. So that team has the real chops at enterprise high-end storage to the global fortune 2000. And what are the key feature checkbox items they need that's in both the InfiniBox and also in the InfiniGuard. >> So the business case for cyber resiliency is changing. As Dave said, we've had a big dose last several months, you know, couple years actually, of the importance of cyber resiliency, given all the ransomware tax, et cetera. But it sounds like the business case is shifting really focused on avoiding that risk, avoiding that downtime time versus the cost. The cost is always important. I mean, you got a consolidation play here, right? >> Yeah, yeah. >> Dedupe, does dedupe come into play? >> So on the InfiniGuard we do both dedupe and compression. On the InfiniBox we only do compression. So we do have data reduction. It depends on which product you're using from a Veeam perspective. Most of that now is with the InfiniGuard. So you get the block level dedupe and you get compression. And if you can do both, depending on the data set, we do both. >> How does that affect recovery time? >> Yeah, good question. >> So it doesn't affect recovery times. >> Explain why. >> So first of all, when you're doing a backup data set, the final final recovery, you recovered the backup data set, whether it's Veeam or one of their competitors, you actually make it available to the backup administrator to do a full restore of a backup data set. Okay. So in that case, we get it ready and expose it to the Veeam admin or some other backup admin. And then they launch the Veeam software or the other software and do a restore. Okay. So it's really a two step process on the secondary storage model and actually three. First identifying a known good backup copy. Second then we recover, which is again 12, 13 minutes. And then the backup admin's got to do a, you know, a restore of the backup 'cause it's backup data set in the format of backup, which is different from every backup vendor. So we support that. We get it ready to go. And then whether it's a Veeam backup administrator and quite honestly, from our perspective, most of our customers in the global fortune 2000, 25% of the fortune 50 use INIFINIDAT products. 25% and we're a tiny company. So we must have some magic fairy dust that appeals to the biggest companies on the planet. But most of our customers in that area and actually say probably in the fortune 500 actually use two to three different backup packages. So we can support all those on a single InfiniGuard or multiples depending on how big their backup data sets. Our biggest InfiniGuard is 50 petabytes counting the data reduction technology. So we get that ready. On the InfiniBox, the recovery really is, you know, a couple of seconds and in that case, it's primary data in block format. So we just make that available. So on the InfiniBox, the recovery is once, well two. Identifying a known good copy, first step, then just doing recovery and it's available 'cause it's blocked data. >> And that recovery doesn't include movement of a whole bunch of data. It's essentially realignment of pointers to where the good data is. >> Right. >> Now in the InfiniBox as well as in InfiniGuard. >> No, it would be, So in the case of that, in the case of the InfiniGuard, it's a full recovery of a backup data set. >> Okay. >> So the backup software just launches and it sees, >> Okay. >> your backup one of Veeam and just starts doing a restore with the Veeam restoration technology. Okay? >> Okay. >> In the case of the block, as long as the physical InfiniBox, if that was the primary storage and then filter box is not damaged when you make it available, it's available right away to the apps. Now, if you had an issue with the app side or the physical server side, and now you're pointing new apps and you had to reload stuff on that side, you have to point it at that InfiniBox which has the data. And then you got to wait for the servers and the SAP or Oracle or Mongo, Cassandra to recognize, oh, this is my primary storage. So it depends on the physical configuration on the server side and the application perspective, how bad were the apps damaged? So let's take malware. Malware is even worse because you either destroying data or messing, playing with the app so that the app is now corrupted as well as the data is corrupted. So then it's going to take longer the block data's ready, the SAP workload. And if the SAP somehow was compromised, which is a malware thing, not a ransomware thing, they got to reload a good copy of SAP before it can see the data 'cause the malware attacked the application as well as the data. Ransomware doesn't do that. It just holds it for ransom and it encrypts. >> So this is exactly what we're talking about. When we talk about operational recovery and automation, Eric is addressing the reality that it doesn't just end at the line above some arbitrary storage box, you know, reaching up real recovery, reaches up into the application space and it's complicated. >> That's when you're actually recovered. >> Right. >> When the application- >> Well, think of it like a disaster. >> Okay. >> Yes, right. >> I'll knock on woods since I was born and still live in California. Dave too. Let's assume there's a massive earthquake in the bay area in LA. >> Let's not. >> Okay. Let's yes, but hypothetically and the data center's cat five. It doesn't matter what they're, they're all toast. Okay. Couple weeks later it's modern. You know, people figure out what to do and certain buildings don't fall down 'cause of the way earthquake standards are in California now. So there's data available. They move into temporary space. Okay. Data's sitting there in the Colorado data center and they could do a restore. Well, they can't do a restore. How many service did they need? Had they reloaded all of the application software to do a restoration. What happened to the people? If no one got injured, like in the 1989 earthquake in California, very few people got injured yet cost billions of dollars. But everyone was watching this San Francisco giants played in Oakland, >> I remember >> so no one was on the road. >> Al Michael's. >> Epic moment. >> Imagine it's in the middle of commute time in LA and San Francisco, hundreds of thousands of people. What if it's your data center team? Right? So there's a whole bunch around disaster recovery and business country that have nothing to do with the storage, the people, what your process. So I would argue that malware ransomware is a disaster and it's exactly the same thing. You know, you got the known good copy. You've got okay. You're sure that the SAP and Oracle, especially on the malware side, weren't compromised. On the ransomware side, you don't have to worry about that. And those things, you got to take a look at just as if it, I would argue malware and ransomware is a disaster and you need to have a process just like you would. If there was an earthquake, a fire or a flood in the data center, you need a similar process. That's slightly different, but the same thing, servers, people, software, the data itself. And when you have that all mapped out, that's how you do successful malware ransomeware recovery. It's a different type of disaster. >> It's absolutely a disaster. It comes down to business continuity and be able to transact business with as little disruption as possible. We heard today from the keynotes and then Jason Buffington came on about the preponderance of ransomware. Okay. We know that. But then the interesting stat was the percentage of customers that paid the ransom about a third weren't able to recover. And so 'cause you kind of had this feeling of all right, well, you know, see it on, you know, CNBC, should you pay the ransom or not? You know, pay the ransom. Okay. You'll get back. But no, it's not the case. You won't necessarily get back. So, you know, Veeam stated, Hey, our goal is to sort of eliminate that problem. Are you- You feel like you guys in a partnership can actually achieve that. >> Yes. >> So, and you have customers that have actually avoided, you know, been hit and were able to- >> We have people who won't publicly say they've been hit, but the way they talk about what they did, like in a meeting, they were hit and they were very thankful. >> (laughs) Yeah. >> And so that's been very good. I- >> So we got proof. >> Yes, we absolutely have proof. And quite honestly, with the recent legislation in the United States, malware and ransomware actually now is also regulatory and compliance. >> Yeah. >> Because the new law states mid-March that whether it's Herzog's bar and grill to bank of America or any large foreign company doing business in the US, you have to report to the United States federal government, any attack, same with the county school district with any local government, any agency, the federal government, as well as every company from the tiniest to the largest in the world that does, they're supposed to report it 'cause the government is trying to figure out how to fight it. Just the way if you don't report burglary, how they catch the burglars. >> Does your solution simplify testing in any way or reduce the risk of testing? >> Well, because the recovery is so rapid, we recommend that people do this on a regular basis. So for example, because the recovery is so quick, you can recover in 12 minutes while we do not practice, let's say once a month or once every couple weeks. And guess what? It also allows you to build a repository of known good copies. Remember when you get ransomeware, no one's going to come say, Hey, I'm Mr. Rans. I'm going to steal your stuff. It's all done surreptitiously. They're all James Bond on the sly who doesn't say "By the way, I'm James Bond". They are truly underneath the radar. And they're very slowly encrypting that data set. So guess what? Your primary data and your backup data that you don't want to be attacked can be attacked. So it's really about finding a known good copy. So if you're doing this on a regular basis, you can get an index of known good copies. >> Right. >> And then, you know, oh, I can go back to last Tuesday and you know that that's good. Otherwise you're literally testing Wednesday, Thursday, Friday, Saturday to try to find a known good copy, which delays the recovery process 'cause you really do have to test. They make sure it's good. >> If you increase that frequency, You're going to protect yourself. That's why I got to go. Thanks so much for coming on theCUBEs. Great to see you. >> Great. Thank you very much. I'll be wearing a different Hawaiian shirt next to. >> All right. That sounds good. >> All right, Eric Herzog, Eric Herzog on theCUBE, Dave Vallante for David Nicholson. We'll be right back at VEEAMON 2022. Right after this short break. (light music playing)

(pulsing music) (digital music) >> Welcome back to the Seaport in Boston. You're watching theCUBE's coverage of Red Hat Summit 2022. A lot of bummed out Bruins fans, but a lot of happy Celtics fans. We're optimistic for tonight, Boston's crazy sports town, but we're talking tech, we're talking open source. Dr. Amanda Purnell is here. She's the director of data and analytics innovation at the US Department of Veteran Affairs, and Ben Cushing is the chief architect for federal health and life sciences at Red Hat. Folks, welcome to theCUBE, thank for coming on. >> Thank you for having us. >> So glad to be here. >> So we heard your keynote this morning, project Arches. Now you were telling us just briefly about your previous life as a clinician. >> That's right. >> That's really interesting, because you know what the outcome has to be. So talk about that project in your perspective. What the goals were and how you actually got it done. >> I could tell the long view. I'm a psychologist by training. I spent the first 10 years of my VA career providing care to veterans. So engaging in healthcare behavior change, providing training to providers and really trying to understand what is the care pathway for veterans, what's the experience of veterans along each of those touchpoints, and it became clear to me over time that there were opportunities for us to improve the transitions of care and provide better information at the right time to improve those decisions that are being made at the point of care. Ben and I were just talking before we began today, part of the core of the development of Arches was beginning with human-centered design. We wanted to interview and better understand what was the experience across the VA of many different stakeholders and trying to access meaningful information, understand in that moment what do I need to make a decision with a veteran or what do I need to make a decision with my care team and how can I improve the quality of care for veterans? And so, hundreds of interviews later, it became clear to us that we wanted to help those individuals already working for the VA to continue to improve excellence of care and one of those ways that we're trying to do that is using technology to make life easier for our veterans and for our clinicians. >> I always like to say, they say, "Follow the money." I like to follow the data. And you said something in your keynote about nurses have to have access to information and it just gets to an architectural question, because as a caregiver, you have to get insights and data and you need it fast, 'cause you're saving lives, but a lot of times, architectures are very centralized. They're monolithic and you have to beg, borrow, steal, break through blockers to get to the data that you need. How do you square that circle in today's world? Maybe you could talk about that, and then specific to Arches, how you dealt with that. >> I can dive into that a little bit. I have to say, Amanda had touched on this during the keynote, VA was one of the first, if not the first, healthcare organizations in the world to actually adopt electronic health records and because of that, they just have this incredibly rich amount of historical data and the challenge, as you pointed out, is gaining access to it. So there are a number of programs within VA designed specifically for that. And they are bringing data not just from the data warehouses, but also data from the electronic health records that are running inside of VA right now, and then also third party community data sets, as well as applications that run inside the VA. Now the value here really happens when you produce insights. Data by itself is useless. >> Lot of data out there. They're plentiful. >> You need to create knowledge and then you need that knowledge to inform your process that comes next. Those actions are really what matters. All of healthcare is process and activity and data is really just a historical record. I mean, all data that we look at is happening in the past and then as we're reading it, we're producing knowledge, again, to inform our process. Arches, the program itself, is right in that space at the knowledge layer of actually taking that data and turning it into actual insight and something that is usable and insightful for clinicians to affect the ability to deliver better care and also to actually improve their own working experience. A lot of the models that are getting built out are specifically designed to help their workflow, help them reach better outcomes for the veterans, but also for themselves, because if we can care for the providers, it'll certainly help them care for the patients even more so. >> So how does it work? I mean, from the provider's perspective, how was their life improved by Arches? >> That's a great question. We want to make it easier to access the information. So as Ben noted, the average person providing care in the field doesn't know how to code, doesn't know how to pull a unique request for an individual data point, and what we're trying to do with Arches is provide a user interface that allows for both a non-technical person and a very technical person to access information, and then what gets provisioned in front of a provider is something that is farther abstracted from the underlying data layer and more like here's a specific insight. So I use the example in my keynote of chronic kidney disease. So what's provisioned to the provider in that moment is this person is at higher risk for chronic kidney disease based on this basic information. So it's surfacing just the right amount of information to allow for that care pathway to be improved, but the physician doesn't need to see all of the layers of code underneath. They need to trust that it's worthwhile, but they don't need to know all the background abstractions. >> So it's a self-service, essentially, infrastructure in that sense. You're hiding the underlying complexities. You gave an example in your keynote of an individual who realized that they were under counting the probability of a potential disease for African Americans. >> Yes. >> I believe she just rewrote the algorithm. >> She did. >> Describe that process, because in a lot of organizations, injecting that new algorithm may have required new data sources, would take an act of the Pope to do. How did it work in Arches? >> This is what I get excited about with Arches is that we have the opportunity to empower enthusiastic people like Dr. Joshi to discover an insight and she's a talented informaticist, so she could do the technical work and provision a container for her to work in, for her to do the data analysis, the underground stuff that we're not letting the average provider have to cope with. We were able to provision the tools that she need, the environment that she needed to be able to test and develop the new insight, confirm that they're there and then begin to validate that and test it in other facilities. So our thinking is, how do we bring the resources to the users rather than saying to the users, "This is what's available. Good luck." (chuckles) >> So we've been talking a lot about, I'm sorry, go ahead. >> I want to add on to that. What we're actually experiencing inside of healthcare right now is the emergence of of learning health systems. >> Yes. >> And this is a great example of that. The terrifying number is, it takes 17 years for new knowledge that gets created with healthcare research, whether it's NIH or VA or elsewhere, it takes 17 years for those practices to make their way into practice. Generally the way that happens is through the education of new staff. And so the dissemination of that knowledge is just so freaking slow that we cannot move nimbly enough to take on that new knowledge and actually implement it in clinical space. What Amanda's describing is something that now happens in months. New knowledge getting produced and then actually getting disseminated out, both the insights, whether they are those probabilities, predictions and recommendations and the actual processes, which are getting automated, as well. So if you think about healthcare as just a process, you can automate a whole lot of that and we can move that needle really fast and actually take that 70-year number down to a couple months. >> In the early days when we were all talking about AI and getting excited about digital, I would often ask the question, will machines be able to make better diagnoses than doctors and to your point, Ben, that's not the right question. >> Exactly. >> It isn't the right question. >> The question is, how can machines compress the time to better patient outcomes- >> Yes. >> in concert with humans and that's what we're seeing now. >> That's right, it's surfacing those insights to start a conversation. >> We've been talking a lot about artificial intelligence for the last two days. As clinician or someone with a clinical background, how do you see the clinical experience changing as machines grow more intelligent? >> I think that there's a learning curve for people to feel confident in an artificial intelligence. It makes sense. So someone spent decades, perhaps, of their life obtaining medical training, doing fellowships, doing additional training that they have trust in that deep training. There are times, however, where a technology is able to surface something that we didn't know that we didn't know and it's important, as we make use of artificial intelligence, that we clearly validate it with independent means and that we clearly also bring in additional analysis to understand what are the elements and then test that new technology in an environment before we scale it widely, so that clinicians can see, yes, this was useful. If it wasn't useful, how can we make it even better? So it goes back to what we were talking about earlier that we have to bring in human-centered design to figuring out how do we make use of AI or machine learning models and make sure that there's trust in those models and that we can clearly articulate value for the clinicians and care teams on the ground. >> Is that a natural evolution of Arches? >> This is all built around it. Arches is the technology platform, but there's no magical technology that's going to change how humans interact. And so the way we think about each project is we think about what are the technological components and what are the human factors components? And we have to think about the entire care pathway. I'll go back to that example, the chronic kidney disease. She identified that we were under identifying African Americans for chronic kidney disease. So she changed the algorithm. Not only did she change the algorithm, we also had to think about who would be informed of those changes, how would that change, who would be connected to the veteran in that point of care and build out the care pathway in the care team and that's really how you actually influence an outcome. Surfacing an insight is important, but it's one part of a much larger picture. >> So what is Arches? You said it's a technology platform built on open source. At least, there's a lot of open source in there. And it's got API connectors to all the legacy technologies that you need it to. Can you describe, paint a picture of what it actually is? >> Arches is evolving as it should. So it's designed to meet the unique needs that aren't being met by other infrastructure in the VA. So we started first by identifying the need for cloud compute, so it's in the cloud, it has open source technology so that we're not stuck with any one provider and also has the ability to use containers to be able to move insights out of Arches to an enterprise solution. We're also bringing in multi-cloud strategy, which also something had been discussed quite a bit at this conference, to make sure that we're not saying only one cloud provider can be the solution for veterans' needs. Our mission is serving veterans and so we want to have access to all the technology and not just one and so we're looking at how do we expand the scope to make sure that we have the most variety possible so we can meet the needs of veterans. >> I can add a little bit to it, as well. Think of Arches as a program. It's an incubation space under the office of innovation. So it's a place where the governance allows for trying new ideas and really pushing the envelope for VA in general. There's not a lot of organizations, if any at VA, that allow for that type of incubation and so Arches is in a unique position to create new technologies and new novel approaches to solving big problems. And then the next step to that is moving the work from Arches out into the enterprise, as you called it out. So for instance, the system of engagement where the actual clinicians interact with patients, the model needs to find its way there and we can't do that in a way that disturbs the current workflow that the clinicians have. We need to be able to bring the model to where the clinician is, have those recommendations, probabilities and predictions surfaced to the clinician in a way that is precise to their existing workflow. They need it at the time they need it. Arches itself is not delivering that part of it. It's more like the place where the innovation happens and the incubation really occurs and then it's about taking this container, really, and moving out to other systems that are already deployed out to the hospitals, the edge, and in the cloud. >> And the federated governance occurs in Arches or elsewhere? >> It happens across the continuum. It's starting in Arches. the clinical validation that happens there is wickedly important, because the clinicians need to know that what they're working with is actually legit. And so when they know that the researchers and the clinicians who are involved in that incubation period have done their work, they can feel confident with the recommendations they're getting from the machine learning models that are getting deployed to one of them. >> So many questions, so little time. What's the business impact? How would you describe that? >> For me, it's an emotional impact. People have a sense of, "I have a place to develop a solution and I can get in there quick, and I can test out an idea. I could potentially partner with an external partner or if I have the talents and skills to do it myself." It's empowering all of those innovators who have great ideas to work together to test and develop and validate solutions, and they're not waiting years to get the idea off the ground. >> Amazing. >> Go ahead, bring it. >> Is Arches open source? >> Arches is a platform and it has open source component. So that the underlying infrastructure of technology is open source. >> Why was it important to you that this be built on an open source platform? >> It's important for us that we not marry ourself to any one technology and that we allow for, as much as possible, transparency and many different tools and the right tools for the right solution. So we didn't want to find ourselves connected to only one way of doing things. We want to have versatility to have the right tool for the right problem at the right time. >> I'm so sorry, we're out of time. This is so interesting and I really appreciate you here guys, coming on and sharing your insights for theCUBE audience. All right, keep it right there. This is Dave Vellante for Paul Gillin. We're in day two of Red Hat Summit 2022. You're watching theCUBE. (digital pulsing music) >> Due to the pandemic, the federal government declared a public health emergency, which created an urgency for healthcare coverage. >> One of the biggest-

>>Welcome everyone to the cubes presentation of the AWS startup showcase open cloud innovations. This is season two episode one of the ongoing series and we're covering exciting and innovative startups from the AWS ecosystem. Today. We're going to focus on the open source community. I'm your host, Dave Vellante. And right now we're going to talk about open source security and mitigating risk in light of a recent discovery of a zero day flaw in log for J a Java logging utility and a related white house executive order that points to the FTC pursuing companies that don't properly secure consumer data as a result of this vulnerability and with me to discuss this critical issue and how to more broadly address software supply chain risk is Don Fisher. Who's the CEO of tide lift. Thank you for coming on the program, Donald. >>Thanks for having me excited to be here. Yeah, pleasure. >>So look, there's a lot of buzz. You open the news, you go to your favorite news site and you see this, you know, a log for J this is an, a project otherwise known as logged for shell. It's this logging tool. My understanding is it's, it's both ubiquitous and very easy to exploit. Maybe you could explain that in a little bit more detail. And how do you think this vulnerability is going to affect things this year? >>Yeah, happy to, happy to dig in a little bit in orient around this. So, you know, just a little definitions to start with. So log for J is a very widely used course component that's been around for quite a while. It's actually an amazing piece of technology log for J is used in practically every serious enterprise Java application over the last 10 going on 20 years. So it's, you know, log for J itself is fantastic. The challenge that organization organizations have been facing relate to a specific security vulnerability that was discovered in log for J and that has been given this sort of brand's name as it happens these days. Folks may remember Heartbleed around the openness to sell vulnerability some years back. This one has been dubbed logged for shell. And the reason why it was given that name is that this is a form of security vulnerability that actually allows attackers. >>You know, if a system is found that hasn't been patched to remediate it, it allows hackers to get full control of a, of a system of a server that has the software running on it, or includes this log for J component. And that means that they can do anything. They can access, you know, private customer data on that system, or really do anything and so-called shell level access. So, you know, that's the sort of definitions of what it is, but the reason why it's important is in the, in the small, you know, this is a open door, right? It's a, if, if organizations haven't patched this, they need to respond to it. But one of the things that's kind of, you know, I think important to recognize here is that this log for J is just one of literally thousands of independently created open source components that flow into the applications that almost every organization built and all of them all software is going to have security vulnerabilities. And so I think that log for J is, has been a catalyst for organizations to say, okay, we've got to solve this specific problem, but we all also have to think ahead about how is this all gonna work. If our software supply chain originates with independent creators across thousands of projects across the internet, how are we going to put a better plan in place to think ahead to the next log for J log for shell style incident? And for sure there will be more >>Okay. So you see this incident as a catalyst to maybe more broadly thinking about how to secure the, the digital supply chain. >>Absolutely. Yeah, it's a, this is proving a point that, you know, a variety of folks have been making for a number of years. Hey, we depend, I mean, honestly these days more than 70% of most applications, most custom applications are comprised of this third party open source code. Project's very similar in origin and governance to log for J that's just reality. It's actually great. That's an amazing thing that the humans collaborating on the internet have caused to be possible that we have this rich comments of open source software to build with, but we also have to be practical about it and say, Hey, how are we going to work together to make sure that that software as much as possible is vetted to ensure that it meets commercial standards, enterprise standards ahead of time. And then when the inevitable issues arise like this incident around the log for J library, that we have a great plan in place to respond to it and to, you know, close the close the door on vulnerabilities when they, when they show up. >>I mean, you know, when you listen to the high level narrative, it's easy to point fingers at organizations, Hey, you're not doing enough now. Of course the U S government has definitely made attempts to emphasize this and, and shore up in, in, in, in, in push people to shore up the software supply chain, they've released an executive order last may, but, but specifically, I mean, it's just a complicated situation. So what steps should organizations really take to make sure that they don't fall prey to these future supply chain attacks, which, you know, are, as you pointed out are inevitable. >>Yeah. I mean, it's, it's a great point that you make that the us federal government has taken proactive steps starting last year, 2021 in the fallout of the solar winds breach, you know, about 12 months ago from the time that we're talking, talking here, the U S government actually was a bit ahead of the game, both in flagging the severity of this, you know, area of concern and also directing organizations on how to respond to it. So the, in May, 2021, the white house issued an executive order on cybersecurity and it S directed federal agencies to undertake a whole bunch of new measures to ensure the security of different aspects of their technology and software supply chain specifically called out open source software as an area where they put, you know, hard requirements around federal agencies when they're acquiring technology. And one of the things that the federal government that the white house cybersecurity executive order directed was that organizations need to start with creating a list of the third-party open source. >>That's flowing into their applications, just that even have a table of contents or an index to start working with. And that's, that's called a, a software bill of materials or S bomb is how some people pronounce that acronym. So th the federal government basically requires federal agencies to now create Nessbaum for their applications to demand a software bill of materials from vendors that are doing business with the government and the strategy there has been to expressly use the purchasing power of the us government to level up industry as a whole, and create the necessary incentives for organizations to, to take this seriously. >>You know, I, I feel like the solar winds hack that you mentioned, of course it was widely affected the government. So we kind of woke them up, but I feel like it was almost like a stuck set Stuxnet moment. Donald were very sophisticated. I mean, for the first time patches that were supposed to be helping us protect, now we have to be careful with them. And you mentioned the, the bill of its software, bill of materials. We have to really inspect that. And so let's get to what you guys do. How do you help organizations deal with this problem and secure their open source software supply chain? >>Yeah, absolutely happy to tell you about, about tide lift and, and how we're looking to help. So, you know, the company, I co-founded the company with a couple of colleagues, all of whom are long-term open source folks. You know, I've been working in around commercializing open source for the last 20 years that companies like red hat and, and a number of others as have my co-founders the opportunity that we saw is that, you know, while there have been vendors for some of the traditional systems level, open source components and stacks like Linux, you know, of course there's red hat and other vendors for Linux, or for Kubernetes, or for some of the databases, you know, there's standalone companies for these logs, for shell style projects, there just hasn't been a vendor for them. And part of it is there's a challenge to cover a really vast territory, a typical enterprise that we inspect has, you know, upwards of 10,000 log for shell log for J like components flowing into their application. >>So how do they get a hand around their hands around that challenge of managing that and ensuring it needs, you know, reasonable commercial standards. That's what tide lifts sets out to do. And we do it through a combination of two elements, both of which are fairly unique in the market. The first of those is a purpose-built software solution that we've created that keeps track of the third-party open source, flowing into your applications, inserts itself into your DevSecOps tool chain, your developer tooling, your application development process. And you can kind of think of it as next to the point in your release process, where you run your unit test to ensure the business logic in the code that your team is writing is accurate and sort of passes tests. We do a inspection to look at the state of the third-party open source packages like Apache log for J that are flowing into your, into your application. >>So there's a software element to it. That's a multi-tenant SAS service. We're excited to be partnered with, with AWS. And one of the reasons why we're here in this venue, talking about how we are making that available jointly with AWS to, to drink customers deploying on AWS platforms. Now, the other piece of the, of our solution is really, really unique. And that's the set of relationships that Tyler has built directly with these independent open source maintainers, the folks behind these open source packages that organizations rely on. And, you know, this is where we sort of have this idea. Somebody is making that software in the first place, right? And so would those folks be interested? Could we create a set of aligned incentives to encourage them, to make sure that that software meets a bunch of enterprise standards and areas around security, like, you know, relating to the log for J vulnerability, but also other complicated parts of open source consumption like licensing and open source license, accuracy, and compatibility, and also maintenance. >>Like if somebody looking after the software going forward. So just trying to basically invite open source creators, to partner with us, to level up their packages through those relationships, we get really, really clean, clear first party data from the folks who create, maintain the software. And we can flow that through the tools that I described so that end organizations can know that they're building with open source components that have been vetted to meet these standards, by the way, there's a really cool side effect of this business model, which is that we pay these open source maintainers to do this work with us. And so now we're creating a new income stream around what previously had been primarily a volunteer activity done for impact in this universe of open source software. We're helping these open source maintainers kind of GoPro on an aspect of what they do around open source. And that means they can spend more time applying more process and tools and methodology to making that open source software even better. And that's good for our customers. And it's good for everyone who relies on open source software, which is really everyone in society these days. That's interesting. I >>Was going to ask you what's their incentive other than doing the right thing. Can you give us an example of, of maybe a example of an open source maintainer that you're working with? >>Yeah. I mean, w we're working with hundreds of open source maintainers and a few of the key open source foundations in different areas across JavaScript, Java PHP, Ruby python.net, and, you know, like examples of categories of projects that we're working with, just to be clear, are things like, you know, web frameworks or parser libraries or logging libraries, like a, you know, log for J and all the other languages, right? Or, you know, time and date manipulation libraries. I mean, they, these are sort of the, you know, kind of core building blocks of applications and individually, they, you know, they may seem like, you know, maybe a minor, a minor thing, but when you multiply them across how many applications these get used in and log for J is a really, really clarifying case for folks to understand this, you know, what can seemingly a small part of your overall application estate can have disproportionate impact on, on your operations? As we saw with many organizations that spent, you know, a weekend or a week, or a large part of the holidays, scrambling to patch and remediate this, a single vulnerability in one of those thousands of packages in that case log. >>Okay, got it. So you have this two, two headed, two vectors that I'm going to call it, your ecosystem, your relationship with these open source maintainers is kind of a, that just didn't happen overnight, and it develop those relationships. And now you get first party data. You monetize that with a software service that is purpose built as the monitor of the probe that actually tracks that third, third party activity. So >>Exactly right. Got it. >>Okay. So a lot of companies, Donald, I mean, this is, like I said before, it's a complicated situation. You know, a lot of people don't have the skillsets to deal with this. And so many companies just kind of stick their head in the sand and, you know, hope for the best, but that's not a great strategy. What are the implications for organizations if they don't really put the tools and processes into place to manage their open source, digital supply chain. >>Yeah. Ignoring the problem is not a viable strategy anymore, you know, and it's just become increasingly clear as these big headline incidents that happened like Heartbleed and solar winds. And now this logged for shell vulnerability. So you can, you can bet on that. Continuing into the future and organizations I think are, are realizing the ones that haven't gotten ahead of this problem are realizing this is a critical issue that they need to address, but they have help, right. You know, the federal government, another action beyond that cybersecurity executive order that was directed at federal agencies early last year, just in the last week or so, the FTC of the U S federal trade commission has made a much more direct warning to private companies and industry saying that, you know, issues like this log for J vulnerability risk exposing private, you know, consumer data. That is one of the express mandates of the FTC is to avoid that the FTC has said that this is, you know, bears on both the federal trade commission act, as well as the Gramm-Leach-Bliley act, which relates to consumer data privacy. >>And the FTC just came right out and said it, they said they cited the $700 million settlements that Equifax was subject to for their data breach that also related to open source component, by the way, that that had not been patched by, by Equifax. And they said the FTC intents to use its full legal authority to pursue companies that failed to take reasonable steps, to protect consumer data from exposure as a result of log for J or similar known vulnerabilities in the future. So the FTC is saying, you know, this is a critical issue for consumer privacy and consumer data. We are going to enforce against companies that do not take reasonable precautions. What are reasonable precautions? I think it's kind of a mosaic of solutions, but I'm glad to say tide lift is contributing a really different and novel solution to the mix that we hope will help organizations contend with this and avoid that kind of enforcement action from FTC or other regulators. >>Well, and the good news is that you can tap a tooling like tide lift in the cloud as a service and you know, much easier today than it was 10 or 15 years ago to, to resolve, or at least begin to demonstrate that you're taking action against this problem. >>Absolutely. There's new challenges. Now I'm moving into a world where we build on a foundation of independently created open source. We need new solutions and new ideas, and that's a, you know, that's part of what we're, we're, we're showing up with from the tide lift angle, but there's many other elements that are going to be necessary to provide the full solution around securing the open source supply chain going forward. >>Well, Donald Fisher of tide lift, thanks so much for coming to the cube and best of luck to your organization. Thanks for the good work that you guys do. >>Thanks, Dave. Really appreciate your partnership on this, getting the word out and yeah, thanks so much for today. >>Very welcome. And you are watching the AWS startup showcase open cloud innovations. Keep it right there for more action on the cube, your leader in enterprise tech coverage.

(upbeat music) >> Welcome back to Las Vegas. theCUBE is here, live at AWS re:Invent 2021. Lisa Martin with Dave Nicholson. theCUBE has two sets today, two, not one, two, two live sets, two remote sets, over 100 guests on the program at this event, it's a lot, talking about the next generation of cloud innovation with AWS and its massive ecosystem of partners and we are pleased to welcome Walton Smith to the program, the public sector, director of strategic partnerships for Worldwide Technology, Walton welcome to the program. >> Thank you so much for having me, it's really amazing to be here and look forward to a great conversation. Isn't it great to be in person again? >> It's so nice to be in person, I mean I'm glad everybody's being safe and, and checking vaccine status and whatnot, but it's good to get back and, and, and work with people cause we can really drive innovation when, when we get together. >> Those hallway conversations or those conversations here at events that you just can't replicate by video conferencing, right? Not replicate that, you getting grabbed in the hall and say, hey, have you thought about leveraging XYZ to do something? To me that's what makes this conference great. >> Talk to me about what's going on at WWT. What are some of the, the things that you guys have been working on? >> It's a really exciting time at Worldwide, we're really working closely with AWS to drive innovation to the edge. We're excited about their outpost offering, we actually have one in our data center, Sandy announced it today in a partnership with Intel to, to allow our customers to try to work out use cases, to, to kick the tires, so to speak, to see how it works as well as our partners to get their ISV products certified on the outpost platform. >> So I'm familiar with your ATC in St. Louis, is that what you're referring to? >> That's correct. >> Give us a little, give us a little insight into what goes on there, I know it's pretty amazing from a customer perspective because you are agnostic. because you are agnostic. >> Walton: Correct. >> You're there to serve the customer, but tell me, tell me what happens in the ATC. >> We say we're agnostic, but we have our, our, our preferences because we know- >> sure, sure, okay. what actually works. But our ATC is our crown jewel, it's about a $600 million data center that we built solely for proof of concepts for our customers. So our, our top customers come in and say, I have this problem, how can I solve it? And so with us being the single biggest reseller of just about every ISV is out there, I can stand up a, a, a Dell, I can stand up a, a, a Dell, Dell compute next to NetApp storage with Cisco router on top of it to replicate what my customer has at the VA, for example, and then to be able to plug in an outpost to show how leveraging the outpost can give them a single pane of glass to be able to work on their workload, so the training that our FSI, Federal System Integrators have put into their staff or our government customers on the Amazon platform can now be driven into their data center, so it's really taking the cloud down to where the data is. >> In terms of public sector, what are some of the prominent use cases that you guys are helping customers to solve, especially given the tumultuous times that we're still living in? Sure, so what we saw during COVID especially was how most of the government agencies had the capability to allow say 5% to 10% of their workforce to work remotely. And then with COVID, they went to 95% to a 100% workforce. So, a lot of the time we've spent over the last year is how do we securely allow our government employees to get access to the information, because as we know, the government was more valuable than ever to get us through this pandemic, we had to give them the tools that they needed to be able to make the decisions to, to move the country forward. >> Talk about security if you will for a second, we have seen such a dramatic change in the security landscape, the threat landscape, ransomware as a service, it's, you know, the cyber criminals, lot of money in it, they're becoming far more brazen. What are some of the things that you're seeing specifically with respect to security use cases? >> It's, it's gone from, let me just buy everything that's out there and that'll give me security to, I need to have visibility into my environment, because if, if you look at target, it's a great case studies around that, they had all the tools, they just didn't tie it all together. And so as more and more nation state actors And so as more and more nation state actors try to attack our government, or it's a great way to make money, I mean, in, in this, in the presentation, Sandy's today, they talked about, if you looked at the GDP of what's been taken in ransomware, it's like the 10th biggest country in the world, I mean, it's scary and staggering how much money is lost. So what we think, going back to our ATC, we can stand up their environment, we can work with the top security providers in the world to show those customers how we can give them that visibility, the, the, the protection and the ability to get back up, because there's really only two types of organizations, those who've been hacked and those who don't know they've been hacked, they're going to get in, it's how do we mitigate the damage, how do we get them back up and running and how we protect my customers or have some of the most sensitive data in the world, how do we protect that so our government can keep us safe and keep us moving forward. >> Yeah, cause these days it's a matter of when we get hacked, not if. And of course we are only hearing about the large attacks. >> Walton: Correct. We don't hear about- all of the ones that go on day in and day out, I think, I think I saw a stat recently that a ransomware attack happens like once every 11 seconds. >> Correct, I mean, just walking through here, how many text messages you've gotten? You want a free iPad click here, I mean, they're, they're down to the individual level. It's a whole lot cheaper to give a couple people, really powerful laptops, pizza and beer, and have them go attack, than it is to, to set up a real business and so, unfortunately, as long as there's money in it, there's going to be bad actors out there. We think partnering with AWS and other partners can help build solutions. >> You know, WWT has had an interesting history because you didn't start with the dawn of cloud. >> Walton: Right. So you've been in the business of AT for a long time So you've been in the business of AT for a long time and logistics out of St. Louis in a lot of ways. What does that look like in terms of navigating that divide? You know, there's a, there's a whole storied history of companies that were not able to cross the divide from the mainframe era to the client server era, let alone to cloud. You seem to have, you seem to be doing that pretty well. >> I, I appreciate that, I mean, we're the biggest company no one's ever heard of. We're 14, $15 billion privately held firm, the same two guys that founded it, still run it today and all they want to do is do cool things, they want it to be truly the best place to work. So from day one, they've invested in training our staff, building the ATC to give us the tools we need to be successful and then because we're a trusted partner with Amazon Intel and our other partners out there, they're investing in us to help build solutions, so we have over 6,000 engineers, they get up every day, how do I build something that can help our customers really drive change and innovation? So it's been a really fun ride and the, the best is yet to come. >> Talk to me about your customer focus, you know, when we talk, here we are at reinvent, we always talk with AWS about their, you know, Dave, we talked about this customer obsession, the fact that they're working backwards from the customer, do you share that sort of philosophy? Does WWT share that philosophy with AWS? >> 100%?, if you go to WWT.com we've published everything that we have so you can get full access to our lab to learn about x ISV and go deep to learn about x ISV and go deep and see the million and a half labs we've built around, say Red Hat and go and get access to it. So we think that if we educate our customers, there are going to be customers for life, and they're going to come to us with their biggest problems. And that what's, is what's exciting and what enables us to, to really continue to grow. >> And how did the customers help you innovate? And that's one of the things we, I was thinking yesterday with, with this AWS flywheel of when Adam was introducing, and now we have a, now we have, and it was because he would say, we did this, but you needed more, but you being the customer needed more. >> 100%, it, it's we want our customers to come to us with their biggest problems, because that's when we, the exciting innovation works. And so the ability to sit down with the foremost expert in, in virus control and be able to, in, in virus control and be able to, what are the tools that she need to be able to get ahead of the next change to COVID? How can we give them the tools to do that? That's what we want to do, the scalability, the ability to reach out to others is what Amazon brings. So we can bring the data science, we can bring the understanding of the storage, the security, and the network and then AWS gives that limitless scalability to solve those problems and to bring in someone from Africa, to bring in someone from the European Union to, to work together to solve those problems, that's what's, what's exciting and then coming back to the outpost, to be able to put that in the data center, we know the data center is better than just about anybody out there, so it would be the ability to add innovation to them, to bring those part ISV partners together. It's really exciting that Intel is funding it because they know that if, if customers can see the art of the possible, they're going to push that innovation. >> One of the things we've also sort of thematically Dave and I with guests, and the other has been talking about this week is that every company has to be a data company, whether it's public sector, private sector, if you're not, or if you're not on your way, there's a competitor right here in the rear view mirror ready to take your place. How do you help public sector organizations really develop, embrace an execute a data full course strategy? >> So we have a cadre of over 125 data scientists that work every day to help organizations unlock their most valuable asset, that data, their people and be able to put the data in the right place at the right time and so by investing in those data scientists, investing in the networking folks to be able to look at the holistic picture is how we can bring those solutions to our customers, because the data is the new oil of, of the environment and sorry for my Southern twang on the oil, but it, but it truly is the most valuable asset they have and so, how do we unlock that? How do they pull that data together, secure it? Because now that you're aggregating all that data, you're making it a treasure trove for those bad actors that are out there, so you've got to secure it, but then to be able to learn and, and automate based on, on what you learned from that data. >> You know I, I think with hindsight, it's easy to, it's easy to say, well, of course WWT is where WWT is today. Five years ago, though, I think it would have been an honest question to ask, how are you going to survive in the world of cloud? And here we are, you've got outposts. >> Walton: Sure. >> And, and of course it makes sense because you're focused on customers, sounds like I'm doing a commercial for you, But I'm a fan- >> I'll gladly apreciate that- because I, I, I've worked with you guys in a variety of roles for a long time, seems like yesterday we were testing a bunch of different storage arrays of the ATC and now you've got outposts in cloud and you're integrating it together. It's really more of the same, I'm sure if we had your founders here, they'd tell you, Dave, it's all the same. >> Walton: Correct. It's all the same. >> It's AT, it's where, where's the compute, where's the storage, how do you get access to it and the cloud has given the ability to, to scale and do things you could never imagine. I think it's the reason we're here is because our leadership continues to invest and pushing that envelope to give people the freedom to go out with that crazy idea, what if we did this? And having the tools and the ability to do that is, is what, what drives our innovation and that's what we bring to our customers and our partners, that ability to innovate to, that ability to innovate to, to tackle that next problem. >> So what's the tip of the spear right now for you guys? What are you, what's, what's, what's kind of, what's next? What are you waiting to have delivered to the ATC to racket, stack and cable up? >> Lot's of stuff that I can't tell you about because there, there's things that Amazon is, is always working on that we work with before it, it's, it's made public, so there's a lot of really cool stuff in the pipeline, because the, as you think about moving to the data center, that's one thing, moving to truly to the edge, where you can help that war fighter, where you can help that mission, where you can do disaster recovery, leveraging the snowball family, the outpost family, and custom built tools that really allow for quick response and custom built tools that really allow for quick response to whatever that problem is, is that next front and that's where we've been for a long time, helping our, our war fighters and folks do what needs to be done. Outpost sees that you can leverage big AWS Outpost sees that you can leverage big AWS to build the models, push it down to the edge because you don't have time or the bandwidth to get it back into the big cloud, to be able to put that compute and storage and analytics on the edge to make real time decisions, is what we have to do to stay relevant and that's where the joint partnership is really exciting. >> It's what you have to do to stay relevant, it's also what your customers need, cause one of the things that we've learned in the pandemic is that real-time data and access to it is no longer, longer a nice to have, this is business critical for everything. >> Correct and even if you have a fat pipe to get it, you need to make real time decisions and if you're in a really sandy space, excuse me, making hard decisions, you've got to get the best information to that soldier when, when they need it to, to save our lives or to save the other people's lives so it's, it's, it's not just a nice to have, it's mission critical. >> It is mission critical, Walton, thank you so much, we're out of time, but thank you for joining Dave and me talking about- >> Really enjoyed it. all the stuff going on with, with worldwide, the partnership with AWS, how you're helping really transform the public sector, we appreciate your time and your insights. >> Thank you so much, have a great conference. >> Thanks, you too. >> Okay, thanks. >> All right, from my buddy, Dave Nicholson, I'm Lisa Martin, you're watching theCUBE, the global leader in live tech coverage. (upbeat music)

(upbeat music) >> Hey, welcome back everyone to theCUBE's coverage of AWS re:Invent 2021. I'm John Furrier, your host of theCUBE. We've got two sets on the show floor, it's a virtual event, we've got the hybrid stream going, check out all the content we're here for wall-to-wall coverage. It's all been about data cloud transformation, culture change, and making things happen. I got a great segment here with Accenture, Chris Copeland, CTO of Accenture's Federal Services, and Mark Kim, the CEO of Municipal Securities Rulemaking Board, also known as the MSRB. Welcome to theCUBE. >> Thank you, John, it's a pleasure to be here. >> Thanks for coming, first of all, explain what the Municipal Rulemaking Board does, so people know what it is and we'll jump in. >> Sure, thank you, John, for the opportunity to have this conversation, the MSRB serves as the principal regulator of the $4 trillion Municipal Securities market. So Municipal Securities or muni-Bonds as there're most commonly known, finance the majority of this nation's infrastructure from the public schools that educate our kids to the hospitals that care for our sick. Muni-bonds even finance the airport that we flew into to get to this conference. But in addition to writing the rules that regulate this market, the MSRB also provides the technology infrastructure that supports this market. So, in addition to being a financial regulator, the MSRB is also a technology company and we saw the future of technology and cloud computing and that was our decision to embrace that future and to move the MSRB to the cloud. >> Correct, and obviously, Chris, this is critical infrastructure, you're talking about, legacy, has a lot of legacy as well. A lot of data, money's involved. I mean all the wrappings of transformation stories there. >> Yeah, and it's great. I mean, the MSRB and Mark in particular really had the right mindset of understanding that, we all talk about migrating to the cloud. That's really just the beginning. Like it's really about once you're in the cloud, the aperture that opens up the art of the possible and what you can really do. And the MSRB is like right on all of it, right? It's all about data. It's all about transformation, but I think the key for that transformational success that we've seen, is understanding that the organization needs to change too. And that we need to enable that organization to really be productive and deliver on that mission in a cloud first world. >> Well, Mark, I want to get into this 'cause this has been a big part of my reporting this past year during the pandemic and maybe the year earlier. I saw the public sector in particular really forced it to change. >> Yeah. >> Cultural shift instantly, they had no choice. It was a forcing function and there was the haves and have nots, the ones who have done the work, put their toe in the water, invested in some technology, knew about cloud and then ones that weren't, and they were thrown in the water. They had to figure out how to swim very quickly. So take us through the importance of that because we heard today and even in the keynote with Swami on stage from Amazon saying governance could be an enabler, not an inhibitor. So you're in this world of obviously muni-bonds, I'm sure there's a lot of compliance involved. So, take us through the journey, how you guys changed the culture? What was the outcome? Take us a quick highlight on the whole process. >> Absolutely, so, for the MSRB, the cloud migration was always about way more than just moving our applications from our servers to AWS's servers. This was an opportunity for the organization to put in place a cultural transformation. And that's the power of this opportunity for the MSRB. We were able to make a commitment to our people, which we did right at the outset, that we were going to bring all of our people with us on this journey to the cloud. This was a major investment in re-skilling and retraining our staff. We didn't have staff who had experienced migrating applications to the cloud. We didn't have software engineers who had prior experience working in cloud native environments. We trained them and we made that commitment to do that and to bring all of our people along. And that has enabled the MSRB to create a culture of innovation, of teamwork. It also allowed us to break down some silos within our organization. Not only within the IT organization, but between IT and business, it was a transformational opportunity. >> I mean, effecting change is hard, what was the learnings? When did you realize it's working? (John laughs) >> So having completed the migration itself, one of my fears was we've just literally spent millions of dollars investing in our staff, re-skilling and retraining them. We've just gone through a very technical, highly complex migration. These are people who are in high demand. Not to mention that AWS decided to put HQ2 right outside of Washington DC, announced plans to hire 10,000 people over the next 10 years. So I was worried on the other side of the migration that we would have a talent drain, and the best proof that I have that we've got our cultural transformation underway and going in the right direction is we didn't see that brain drain. We have staff that want to stay at the MSRB, that are excited about being able to continue to learn about new technologies, staff that are excited to be kind of on the cutting edge of financial regulation and being a part of building the future of the MSRB. >> Okay, there's a purpose there, I mean, I think this is, this highlights this whole conference here at re:Invent. I was just talking to someone off camera during lunch and like, it's an Amazon learning Conference as they say that their humble is learning, but it's also a thought leadership conference because they're introducing new stuff that's actually like, it gets the juices flowing and you're like, wait a minute, I can do more things. So, it's got that kind of conference, ted kind of vibe to it, plus it's real. >> I think that's one of the best benefits that we saw as part of this program that, and we talk a lot about how to infuse innovation into the fabric of your DNA and organization, and I don't think that personified itself anywhere that I've seen as well as at the MSRB. Mark was talking about people wanting to stay and work there. I'll even, I think he's understating it. People were excited about the process-- >> Yeah, they want to come to work everyday. >> There was competitions going on, on who was going to get certified. There was challenges about who's going to learn the most cloud and that desire to really continuously improve and bring those new innovations was unparalleled that I've seen. What Mark and the MSRB don't have the luxury of just keeping pace with those that they regulate. They've got to stay ahead. >> Yeah. >> And if you're going to stay ahead, you've got to have that innovative culture and you've got to take change as something that isn't this big mountain to climb, but something that's actually exciting to do every day. And I think it really, really came out in the program here. >> That's one of the things I think it's one of the smartest moves you can make and I think you've made it, by getting the people on the right wave of technology is a retention bonus. >> Absolutely. >> It's not just keeping them happy 'cause if you're working on cool stuff, it's fun. >> Right. >> But if you get them on the right way where they're constantly learning, and then they've to be a part of something. >> Yeah. >> This cloud migration, I think that's a real retention thing. Do you agree, you've seen the same thing? >> Yeah, absolutely. Its such a motivator to know that our staff is front and center leading the charge in transforming the MSRB. Not only culturally but also digitally. >> Yeah. >> And bringing us into the future. >> Okay, so I got to put you on the spot because I'm want to put my evil genius hat on for a second. Okay, I want to make money, I'm a FinTech arbitrager, I want to get in and work the muni-bond data angle, obviously worry about, you've got a lot of oversight, governance, regulation. Can you move fast enough to protect the data to make sure things are stable? Take us through that because there's a lot of money involved talking about like a serious part of our economy and a financial system. >> Yeah. >> It's critical infrastructure. >> Yeah. >> So, you got to also have that balance of innovation and compliance and governance without getting in the way. >> Absolutely. >> Take us through how you handle that. >> Absolutely, as a financial regulator that provides the market with its technology infrastructure, failure is not an option nor is falling behind the times. We have to evolve with our evolving market. And the pace of change is moving faster and faster. If you look at today, what's different about the MSRB being in the cloud than route being on-prem in our data centers, for our stakeholders, we don't have customers as a financial regulatory we have stakeholders, the entities that we regulate and the entities that we protect, our stakeholders will see systems that are more available. In the first 12 months of operations in the cloud, we achieved over 99.98% system availability. Performance has improved in our own internal benchmark tests, our systems are running 30% faster than they were and then finally our systems are more secure. This is a hard one to quantify or to explain or to kind of deliver to customers, but I-- >> There's no ROI conversation when you've been hacked. >> Exactly, I am-- >> Its only a disaster. >> But I am confident that our systems are more secure today in the cloud, than they were on-prem in our data centers. >> Yeah, Chris, this is a huge thing. I'm not going to rant a little bit, I'll do a side rant, but everyone who watches theCUBE knows I'm kind of a digital hawk. I truly believe that the red line needs to be changed because we are being attacked at a cyber level and almost like the, I get to see people being excited to work there because it's almost like the military, you got to protect. There's so much downsized, not so much justification of ROI. This is critical infrastructure, financial systems and databases. And there's no malice, there's no government forces to protect you. >> I mean, Mark said it well, failure isn't an option, right? And I think what we're seeing and why everyone is really rapidly moving to the cloud is you cannot get that level of cybersecurity, you cannot get that real time information access, and then run your models to look for trends of where the threats are maybe coming from, and proactively address those threats. You can't do that in a legacy infrastructure model on-prem, you've got to embrace the power of the cloud and the services that the AWS cloud provides to be able to truly try to stay ahead. I mean, you have to bring that innovation every day in your lunch bag and say, how are we going to use these tools that only the cloud affords us to bring security to the forefront? >> And John, can I add on that point? 'Cause I think it's an important one around security. In the legacy environment, in our data centers, the MSRB was handling security by ourselves, and I think one of the biggest lessons learned for us is pick your partners carefully. >> Yes. >> We chose AWS and we chose Accenture Federal Services and we've now tripled our investments in security, both what Amazon is investing in their infrastructure, we've also have AFS providing managed security services for the MSRB in addition to our own security team. So we've literally tripled our security. >> It's interesting and I think that's one of the reasons why you mentioned the retention thing and why people are happy is, it attracts a certain kind of individual to work there. It's the elite tech athlete, we call them, because they like, want the action, the young kids there, they want the tech, they don't want to be boring. So, what better wave to ride when you know there's a lot to protect, again, back to the cyber, this is huge cultural shift in the new generation coming in versus the old IT. The old IT was okay, we're operational, keep the lights on, add some servers, now it's like a lot more is at stake. >> Yeah. >> Okay, great, I know we don't have a lot of time left, but I do want to get the data question. I have to ask you-- >> Sure. >> You're a data company as well, you got to watch the data, what's the vision and data? How are you looking at the data with your team? >> So data is the future of the MSRB and we will remain a financial regulator and write the rules that regulate this market, that's our core mission and we will always do that. We will also always be a technology firm that provides the technology infrastructure for this market. But in the future what the cloud has enabled us to do is to become a data company. We serve as the central repository of market data for this $4 trillion market. And we now, thanks to almost infinite scalable computing power storage, we now have the ability to leverage cloud tools like artificial intelligence, machine learning, to actually get at an unlock insight from the vast amounts of market data that we have and deliver that to the industry that we regulate and serve. >> And you guys have so much headroom because Chris, with Graviton3-- >> Yep. >> And the Stack, you can actually write the apps built for the performance, for your needs. >> That's right. >> Yes. >> For the data needs, 'cause that's your advantage. >> That's right. >> Yeah, it's just incredible. I just find it like, I haven't seen anything like this since the shift from client server to inter networking back in the 90s where you saw a sea change of capabilities just completely change over, it's been pretty incredible. >> Yeah. >> Okay, final word. Just re:Invent, what do you guys think? >> This is my first business trip since the pandemic started and it's fantastic to be with people, to see people to do this in person instead of virtually, so thank you for this opportunity. >> I know, I felt so amazed. Chris, what about you, what's your take? >> It's wonderful to be here, it's great being back, back out in the world I guess. >> Yep >> Getting to meet with Mark, where we're not looking at a screen at each other, meeting with peers, but also just the collaboration and innovation you're going to get in an environment like this and the energy that it brings, you just can't match that. So it's been a great show so far and I'm looking forward to the rest of it. >> The phrase I hear a lot on theCUBE, also I say it a lot, a kid in the candy store 'cause there's so much coming out, just the capabilities, you're starting to see more ease of use, more infrastructure as code now, data as code, a lot of great stuff, all part of the cloud transformation. So great for coming on and sharing the story, Mark, I appreciate it. >> Thank you John. >> It's good to hear about your awesome program, Chris, thanks for coming on too. >> Yep, thanks for having us. >> Appreciate it, okay, Cube Coverage here in Las Vegas. I'm John Furrier, you're watching theCUBE, the leader in global tech coverage, thanks for watching. (upbeat music)

(upbeat intro jingle) >> 'Kay, welcome back everyone to theCUBE's coverage of AWS re:Invent, 2021. I'm John Furrier, your host of theCUBE, with your Matt Morgan, Vice President of Cloud Infrastructure Business Group of VMware, CUBE alumni. Matt, great to see you. Can't wait to see you in person, but thanks for coming in remotely for the virtual now hybrid CUBE for re:Invent. >> It's good to see you too, John. Thanks for having us. You know, it's our ninth year covering re:Invented, Remember the first year we went there, it was all developers, right? >> Right. >> And reminds me of the story that you guys have with AWS, you know, VMware Cloud, and VMware with vSphere pioneered operations in IT, you know, vSphere workloads, but now you move that all in the cloud. I remember Ragu when he announced that deal with Pat Gelsinger and Andy Jassy, we covered it extensively. People were like "What are they doing here? This is interesting". Boy- >> Yeah, you- >> The pundits all get it wrong. Their relationship has been blossoming. It's been really powerful, take us through the history here. >> Thanks, John, I mean, you're absolutely right. We have a phenomenal relationship with Amazon Web Services. The value of our partnership has been realized by customers all over the world, in every industry, as they embrace the seamless hybrid cloud experience powered by VMware, vSphere, and of course VM-ware Cloud Stack. Of course, we've recently expanded our operations here, including Japan and the launch of the Soccer Regions. And we're fully open for business with the U.S. Federal Government with VMware Cloud on AWS Gov Cloud. There's strong alignment across the field with new go-to-market teams on both sides and a powerful resell agreement that enables AWS sellers to take VMware Cloud on AWS and all the associated VMware services, such as VMware cloud disaster recovery, NSX vRealize Cloud Management, to their enterprise customers. And we couldn't be doing better. >> Yeah, and you brought up a lot of things there. You mentioned Outpost, mentioned Gov Cloud, you mentioned Marketplace, which means you mentioned the acronym, which is basically, I think it's called EDP Credits, which essentially the enterprise, Amazon's Salesforce working together. So, essentially full business model and technical integrations with Amazon. So, success certainly being demonstrated there. So congratulations, that being said, there's still more to do. We got this whole big wave coming on, you see the edge, you seeing multicloud, you seeing hybrid becoming the operational model, both on premises and in the cloud. And so, customers really are asking themselves "Okay, I got VMware, I got AWS Cloud, I got to secure these clouds now. I got to start putting the business model together on top of the technical architecture". You know, microservices, Kubernetes, Tansu, all the things you guys are doing, but customers want to ask you "What about securing the cloud?", this is the number one question, what's your reaction to that? >> Yeah, it's a great topic, John, at the end of the day, this is about evolving the hybrid cloud. And if you think about it, originally, the hybrid cloud was about unifying both infrastructure and operations between the on-premises world, and the public cloud world. And now what's happening, is we are seeing people embrace that in spades, and as a result of that, their Tier 1 applications are running both on-premises and in the public cloud. And with our new announced local cloud capabilities with VMware Cloud on AWS Outpost, it's leading to this whole new enterprise architecture, which we call the distributed cloud. When you look at deploying enterprise applications in a distributed cloud environment, the conversation starts with consistent networking and importantly security. So, let's talk about that for a moment. Customers are asking us "How do we secure our data when we start having infrastructure in a variety of locations? Are our applications and networks... Are they really secure when they run in these completely different environments? And importantly, when we move an application, we take it from our on-premise data center, we move it to the public cloud are the security policies... Are they moving with it? Do I need to re-architect for that?". And the real question, all of this boils down to "Are we expanding that attack surface when we move to VMware Cloud on AWS?". And so we have to come back to what do we do here to really alleviate these concerns? With data security, it's all about encryption, universal insights. We have the super root capability within our platform to ensure that everything is measured, every message from an application, every data, it's great for Chain Of Custody, Audit. Of course we have backup DR Ransomware. On the application side, of course, segmentation is super important with application centric firewalls, VPNs, tunneling, EDR, IDS, IPS. And of course, none of that matters if you have to reset everything up every time an application moves. And this is a real unique value proposition for us, it's about portability. We deliver portable security. We can move an application, the APIs are standard. You can move it up to the public cloud, your policies, your integrations, even if it's third-party integrations, they're maintained. And that really delivers the ability to say "Look, we can make sure your attack surface is not expanding, it's a controlled environment for you". And that really shrinks the risk factors associated with moving to this distributed cloud environment. >> You know, that's the really, I think the key point, I think that you brought up this infrastructure, kind of, table stakes. Which keeps rising because security's, honestly is now there's no... There's a huge... There's no perimeter. It's huge surface area. Everything has to be secured and locked down. And the big theme at re:Invent this year is data, right? So, you know, data and security all go hand in hand. And so that brings up the aspect of the edge. The edge is now booming, you seeing 5G again, you're here hearing it here at reinvent again, more and more 5G. You mentioned local services, Outpost is evolving. This is kind of the new area, and certainly, attack factor as well. So, you mentioned this whole local services. Take me through that because this becomes interesting because this is an architectural issue for enterprises to figure out, "Okay, I got to distribute a computing architecture, it's called The Cloud and multiple clouds. Now, I've got this edge, whole 'nother opening opens up the case for the architecture conversation". What's the strategy? How do you guys view the case? How do you make the case for local services? >> So, we were super excited to announce VMware Cloud on AWS Outpost. This is a local cloud as a service offering. So, let me break that down a little bit. Of course, compute at the edge is nothing new, but the problem with traditional approaches is typically edge locations may lack IT excellence. Which means there's no one there to manage the service. VMware Cloud on AWS outposts is that local cloud as a service, meaning it's fully managed and at the edge, that's a perfect fit. It's hand in glove for those types of workloads that are out, pushed all the way out, whether it's part of an agricultural deployment or an energy production facility or retail store, where there isn't that typical IT excellence. VMware cloud on AWS outposts enables customers to deploy the same Cloud instance as they're running VMware Cloud on AWS, but be able to do it out at that edge environment. And when you look at the overall value of VMware Cloud on AWS Outpost, it's about delivering a simpler, cost effective, consistent cloud experience for those on-prem environments that matches the operating model of the public cloud. Think of the places that you really want to have cloud infrastructure, where it's critical. Going back to your point on data, getting real time insights on that data, to be able to process that, we call those perishable insights. The value is the immediacy understanding that value specific to the moment it's being captured. Think about the different types of sensor environments, where data's coming off expensive equipment, that's measuring temperature and speed. Understanding that value back to the operator - really, really important. You don't have time to pipe that data up to a cloud process and send the results back down. Edge environments require that real-time stuff. So, together with AWS, we jointly deliver a fully managed service right down to the AWS hardware on which we built the VMware cloud instance. We think about where we're seeing the most interest here. You can look across all kinds of industries and use cases, and we're seeing it specifically in healthcare, out of the hospital, manufacturing for equipment monitoring, government, higher education, where those end points are typically virtualized. There are others, but these are the big ones so far. >> You know, I was just talking to an AMD executive or product marketing person on the gaming side. And they're living this right now because they're putting all the virtual collaboration in the cloud, all the data, because they have so much data and they have so much need for these special instances, whether it's GPUs, and CPUs, a mix and match. So, as instances become more special purposed, that's going to enable them to have more productivity. But then, when you have that baseline in the cloud, the edge also has processing power. So, I think people are starting to see this notion of "Okay, I'm in the cloud, but I can also have that cloud edge without moving data back to the centralized cloud and processing it at the edge with software". >> Yeah, that's true. >> This is real. >> It's super real. And the one that really resonates with customers, is one that we all understand and that's healthcare. Anytime you're in a regional environment where you're at a hospital, think of an ICU, the criticality of that data being processed, providing the insights, this is more mission critical than any other environment, because we're dealing with human lives, think about the complex compute requirements of that environment. And then look at the beauty and elegance of this system, a cloud-based system on premises, doing that compute, providing those insights, giving reality back to the clinician, so they can make those decisions. Healthcare is super, super important. And we see customers across the spectrum, looking at what's happening at the edge and embracing it, whether it's healthcare or other industries. And again, it's a perfect fit for them. >> Yeah, real quick, before we move on to what's new, I'm want to get to that, the Tansu stuff as well. What other industries are popping out? Obviously, manufacturing. What can you talk with some industries and some verticals that are really primed for this local cloud service? >> So, let's talk about manufacturing for a moment. Manufacturing is another facility oriented compute requirement that is perfectly fit, from a system and solution way like VMware cloud on AWS Outposts. Within the manufacturing environment, there's tons of very critical machines. There's inventory management, there's a combination of time management, people management, bringing it all together to ensure that process lines are moving as required, that inventory is provided at the specific moment it's needed, and to make sure that everything, especially in today's supply chain world is provided when is required. This type of capability allows an organization to bring in that sensor data, bring in that inventory data, produce applications that manage that in real time, delivering that compute. And in the manufacturing floor, again, limited IT excellence. So, this provides that capability. Another one is energy production. Think about energy production that's out in the field in North Dakota, or out on an oil rig that might be in the Gulf of Mexico. Not only are you dealing with lack of IT excellence, you're also dealing with limited connectivity. This equipment needs to be monitored and censored and the data from those sensors help drive critical decisions. And with limited connectivity, I mean, you may not even have an LTE signal, the need to do that real time is paramount, local cloud provides that. >> Yeah, and I'd also just add, because we're going to move on, but higher ED is going to be completely transformed. Well, I think that's going to be kind of like a pleat revamp. Let's get into what's new on VMware Cloud on AWS give us the update on the new things that people should know about. That's important that they should review, take us through that, what's new? >> Yeah, absolutely. So, the first is the integration with the AWS console. This is a big thing that we're delivering because VMware Cloud on AWS is a native service of AWS. I have to kind of say that twice, it's a native service of AWS. And because of that, we get the same operational and commerce experience for VMware Cloud instances as customers do with traditional AWS services. This means customers now have a choice between AWS centric operating model, which is highly relevant to DevOps and developers, or VMware centric operating model, which is very relevant to traditional operators, and IT users. VMware Cloud on AWS Gov Cloud is expanded to the U.S., East Virginia Region, and achieved aisle five certification. This new region will make the service more relevant for the Eastern Seaboard where much of the Federal Government resides. And of course with aisle five, it opens up VMware Cloud on AWS to the U.S. military and defense contractors, which is huge because there's massive cloud transformation contracts currently in play. And of course, VMware Cloud on AWS Gov Cloud provides the most secure enterprise cloud for those DOD customers, especially when they focus on those critical Tier 1 workloads. >> It's been three years since the GA of the VMware cloud on AWS, has been earlier, since you announced it> You're pumping on all cylinders, as we had predicted, others didn't, just FYI for the folks watching. What's the final vibe? End the segment with your view of what's going on with VMware Cloud on AWS? What's the bumper sticker? >> So, at the end of the day, every customer is looking to migrate and modernize their workloads. And VMWare cloud gives them that capability to do it faster than anyone else. Customers take their applications, tier 1 applications, move it to that secure distributed cloud construct, that idea of having VMware Cloud on AWS, sharing all those security policies, all of that consistent infrastructure and operations. And then they can modernize those applications, using all of those cloud services and the ability to use Tansu to containerize where applicable. We're excited about these capabilities, and our customers are adopting it faster each and every year. And we're thrilled about the traction we're had. And we're thrilled about the partnership we have with Amazon Web Services. So, lots more to come in this space. >> Lot of great stuff, people moving up the stack on the cloud, you're seeing more refactoring in the cloud. Matt Morgan, great to see you. We've been talking 'about this for years on theCUBE. Great to come on and give some insights. All happening. Infrastructure is code. And everyone's winning with containers and microservices. So, great stuff. Thanks for coming on. >> Thanks a lot, John, take care. >> Okay, Matt Morgan, the VP of Cloud Infrastructure Business Group of VMware. This theCUBE's coverage of AWS re:Invent, 2021. I'm John Furrier, your host. Thanks for watching. (upbeat outro jingle)

(upbeat intro jingle) >> 'Kay, welcome back everyone to theCUBE's coverage of AWS re:Invent, 2021. I'm John Furrier, your host of theCUBE, with your Matt Morgan, Vice President of Cloud Infrastructure Business Group of VMware, CUBE alumni. Matt, great to see you. Can't wait to see you in person, but thanks for coming in remotely for the virtual now hybrid CUBE for re:Invent. >> It's good to see you too, John. Thanks for having us. You know, it's our ninth year covering re:Invented, Remember the first year we went there, it was all developers, right? >> Right. >> And reminds me of the story that you guys have with AWS, you know, VMware Cloud, and VMware with vSphere pioneered operations in IT, you know, vSphere workloads, but now you move that all in the cloud. I remember Ragu when he announced that deal with Pat Gelsinger and Andy Jassy, we covered it extensively. People were like "What are they doing here? This is interesting". Boy- >> Yeah, you- >> The pundits all get it wrong. Their relationship has been blossoming. It's been really powerful, take us through the history here. >> Thanks, John, I mean, you're absolutely right. We have a phenomenal relationship with Amazon Web Services. The value of our partnership has been realized by customers all over the world, in every industry, as they embrace the seamless hybrid cloud experience powered by VMware, vSphere, and of course VM-ware Cloud Stack. Of course, we've recently expanded our operations here, including Japan and the launch of the Soccer Regions. And we're fully open for business with the U.S. Federal Government with VMware Cloud on AWS Gov Cloud. There's strong alignment across the field with new go-to-market teams on both sides and a powerful resell agreement that enables AWS sellers to take VMware Cloud on AWS and all the associated VMware services, such as VMware cloud disaster recovery, NSX vRealize Cloud Management, to their enterprise customers. And we couldn't be doing better. >> Yeah, and you brought up a lot of things there. You mentioned Outpost, mentioned Gov Cloud, you mentioned Marketplace, which means you mentioned the acronym, which is basically, I think it's called EDP Credits, which essentially the enterprise, Amazon's Salesforce working together. So, essentially full business model and technical integrations with Amazon. So, success certainly being demonstrated there. So congratulations, that being said, there's still more to do. We got this whole big wave coming on, you see the edge, you seeing multicloud, you seeing hybrid becoming the operational model, both on premises and in the cloud. And so, customers really are asking themselves "Okay, I got VMware, I got AWS Cloud, I got to secure these clouds now. I got to start putting the business model together on top of the technical architecture". You know, microservices, Kubernetes, Tansu, all the things you guys are doing, but customers want to ask you "What about securing the cloud?", this is the number one question, what's your reaction to that? >> Yeah, it's a great topic, John, at the end of the day, this is about evolving the hybrid cloud. And if you think about it, originally, the hybrid cloud was about unifying both infrastructure and operations between the on-premises world, and the public cloud world. And now what's happening, is we are seeing people embrace that in spades, and as a result of that, their Tier 1 applications are running both on-premises and in the public cloud. And with our new announced local cloud capabilities with VMware Cloud on AWS Outpost, it's leading to this whole new enterprise architecture, which we call the distributed cloud. When you look at deploying enterprise applications in a distributed cloud environment, the conversation starts with consistent networking and importantly security. So, let's talk about that for a moment. Customers are asking us "How do we secure our data when we start having infrastructure in a variety of locations? Are our applications and networks... Are they really secure when they run in these completely different environments? And importantly, when we move an application, we take it from our on-premise data center, we move it to the public cloud are the security policies... Are they moving with it? Do I need to re-architect for that?". And the real question, all of this boils down to "Are we expanding that attack surface when we move to VMware Cloud on AWS?". And so we have to come back to what do we do here to really alleviate these concerns? With data security, it's all about encryption, universal insights. We have the super root capability within our platform to ensure that everything is measured, every message from an application, every data, it's great for Chain Of Custody, Audit. Of course we have backup DR Ransomware. On the application side, of course, segmentation is super important with application centric firewalls, VPNs, tunneling, EDR, IDS, IPS. And of course, none of that matters if you have to reset everything up every time an application moves. And this is a real unique value proposition for us, it's about portability. We deliver portable security. We can move an application, the APIs are standard. You can move it up to the public cloud, your policies, your integrations, even if it's third-party integrations, they're maintained. And that really delivers the ability to say "Look, we can make sure your attack surface is not expanding, it's a controlled environment for you". And that really shrinks the risk factors associated with moving to this distributed cloud environment. >> You know, that's the really, I think the key point, I think that you brought up this infrastructure, kind of, table stakes. Which keeps rising because security's, honestly is now there's no... There's a huge... There's no perimeter. It's huge surface area. Everything has to be secured and locked down. And the big theme at re:Invent this year is data, right? So, you know, data and security all go hand in hand. And so that brings up the aspect of the edge. The edge is now booming, you seeing 5G again, you're here hearing it here at reinvent again, more and more 5G. You mentioned local services, Outpost is evolving. This is kind of the new area, and certainly, attack factor as well. So, you mentioned this whole local services. Take me through that because this becomes interesting because this is an architectural issue for enterprises to figure out, "Okay, I got to distribute a computing architecture, it's called The Cloud and multiple clouds. Now, I've got this edge, whole 'nother opening opens up the case for the architecture conversation". What's the strategy? How do you guys view the case? How do you make the case for local services? >> So, we were super excited to announce VMware Cloud on AWS Outpost. This is a local cloud as a service offering. So, let me break that down a little bit. Of course, compute at the edge is nothing new, but the problem with traditional approaches is typically edge locations may lack IT excellence. Which means there's no one there to manage the service. VMware Cloud on AWS outposts is that local cloud as a service, meaning it's fully managed and at the edge, that's a perfect fit. It's hand in glove for those types of workloads that are out, pushed all the way out, whether it's part of an agricultural deployment or an energy production facility or retail store, where there isn't that typical IT excellence. VMware cloud on AWS outposts enables customers to deploy the same Cloud instance as they're running VMware Cloud on AWS, but be able to do it out at that edge environment. And when you look at the overall value of VMware Cloud on AWS Outpost, it's about delivering a simpler, cost effective, consistent cloud experience for those on-prem environments that matches the operating model of the public cloud. Think of the places that you really want to have cloud infrastructure, where it's critical. Going back to your point on data, getting real time insights on that data, to be able to process that, we call those perishable insights. The value is the immediacy understanding that value specific to the moment it's being captured. Think about the different types of sensor environments, where data's coming off expensive equipment, that's measuring temperature and speed. Understanding that value back to the operator - really, really important. You don't have time to pipe that data up to a cloud process and send the results back down. Edge environments require that real-time stuff. So, together with AWS, we jointly deliver a fully managed service right down to the AWS hardware on which we built the VMware cloud instance. We think about where we're seeing the most interest here. You can look across all kinds of industries and use cases, and we're seeing it specifically in healthcare, out of the hospital, manufacturing for equipment monitoring, government, higher education, where those end points are typically virtualized. There are others, but these are the big ones so far. >> You know, I was just talking to an AMD executive or product marketing person on the gaming side. And they're living this right now because they're putting all the virtual collaboration in the cloud, all the data, because they have so much data and they have so much need for these special instances, whether it's GPUs, and CPUs, a mix and match. So, as instances become more special purposed, that's going to enable them to have more productivity. But then, when you have that baseline in the cloud, the edge also has processing power. So, I think people are starting to see this notion of "Okay, I'm in the cloud, but I can also have that cloud edge without moving data back to the centralized cloud and processing it at the edge with software". >> Yeah, that's true. >> This is real. >> It's super real. And the one that really resonates with customers, is one that we all understand and that's healthcare. Anytime you're in a regional environment where you're at a hospital, think of an ICU, the criticality of that data being processed, providing the insights, this is more mission critical than any other environment, because we're dealing with human lives, think about the complex compute requirements of that environment. And then look at the beauty and elegance of this system, a cloud-based system on premises, doing that compute, providing those insights, giving reality back to the clinician, so they can make those decisions. Healthcare is super, super important. And we see customers across the spectrum, looking at what's happening at the edge and embracing it, whether it's healthcare or other industries. And again, it's a perfect fit for them. >> Yeah, real quick, before we move on to what's new, I'm want to get to that, the Tansu stuff as well. What other industries are popping out? Obviously, manufacturing. What can you talk with some industries and some verticals that are really primed for this local cloud service? >> So, let's talk about manufacturing for a moment. Manufacturing is another facility oriented compute requirement that is perfectly fit, from a system and solution way like VMware cloud on AWS Outposts. Within the manufacturing environment, there's tons of very critical machines. There's inventory management, there's a combination of time management, people management, bringing it all together to ensure that process lines are moving as required, that inventory is provided at the specific moment it's needed, and to make sure that everything, especially in today's supply chain world is provided when is required. This type of capability allows an organization to bring in that sensor data, bring in that inventory data, produce applications that manage that in real time, delivering that compute. And in the manufacturing floor, again, limited IT excellence. So, this provides that capability. Another one is energy production. Think about energy production that's out in the field in North Dakota, or out on an oil rig that might be in the Gulf of Mexico. Not only are you dealing with lack of IT excellence, you're also dealing with limited connectivity. This equipment needs to be monitored and censored and the data from those sensors help drive critical decisions. And with limited connectivity, I mean, you may not even have an LTE signal, the need to do that real time is paramount, local cloud provides that. >> Yeah, and I'd also just add, because we're going to move on, but higher ED is going to be completely transformed. Well, I think that's going to be kind of like a pleat revamp. Let's get into what's new on VMware Cloud on AWS give us the update on the new things that people should know about. That's important that they should review, take us through that, what's new? >> Yeah, absolutely. So, the first is the integration with the AWS console. This is a big thing that we're delivering because VMware Cloud on AWS is a native service of AWS. I have to kind of say that twice, it's a native service of AWS. And because of that, we get the same operational and commerce experience for VMware Cloud instances as customers do with traditional AWS services. This means customers now have a choice between AWS centric operating model, which is highly relevant to DevOps and developers, or VMware centric operating model, which is very relevant to traditional operators, and IT users. VMware Cloud on AWS Gov Cloud is expanded to the U.S., East Virginia Region, and achieved aisle five certification. This new region will make the service more relevant for the Eastern Seaboard where much of the Federal Government resides. And of course with aisle five, it opens up VMware Cloud on AWS to the U.S. military and defense contractors, which is huge because there's massive cloud transformation contracts currently in play. And of course, VMware Cloud on AWS Gov Cloud provides the most secure enterprise cloud for those DOD customers, especially when they focus on those critical Tier 1 workloads. >> It's been three years since the GA of the VMware cloud on AWS, has been earlier, since you announced it> You're pumping on all cylinders, as we had predicted, others didn't, just FYI for the folks watching. What's the final vibe? End the segment with your view of what's going on with VMware Cloud on AWS? What's the bumper sticker? >> So, at the end of the day, every customer is looking to migrate and modernize their workloads. And VMWare cloud gives them that capability to do it faster than anyone else. Customers take their applications, tier 1 applications, move it to that secure distributed cloud construct, that idea of having VMware Cloud on AWS, sharing all those security policies, all of that consistent infrastructure and operations. And then they can modernize those applications, using all of those cloud services and the ability to use Tansu to containerize where applicable. We're excited about these capabilities, and our customers are adopting it faster each and every year. And we're thrilled about the traction we're had. And we're thrilled about the partnership we have with Amazon Web Services. So, lots more to come in this space. >> Lot of great stuff, people moving up the stack on the cloud, you're seeing more refactoring in the cloud. Matt Morgan, great to see you. We've been talking 'about this for years on theCUBE. Great to come on and give some insights. All happening. Infrastructure is code. And everyone's winning with containers and microservices. So, great stuff. Thanks for coming on. >> Thanks a lot, John, take care. >> Okay, Matt Morgan, the VP of Cloud Infrastructure Business Group of VMware. This theCUBE's coverage of AWS re:Invent, 2021. I'm John Furrier, your host. Thanks for watching. (upbeat outro jingle)

>>Well, hello everybody. I'm John Walls here with the cube, and we're very happy to continue our coverage here of a splunk.com 21. And today we're going to talk about cyber security. Uh, obviously everybody is well aware of a number of, uh, breaches that have happened around the globe, but you might say there's been a surge in trying to prevent those from happening down the road. And I'm going to let our guests explain that Ryan Covar, who is the security strategist at Splunk. Ryan. Good to see you with, uh, with us here on the cube. Glad you could join us today. >>Thank you very much. I've wished we could have been doing this in person, but such as the time of life we live. >>Yeah. We have learned to live on zoom that's for sure. And, uh, it's the next best thing to being there. So, uh, again, thanks for that. Um, well, let's talk about surge, if you will. Um, uh, I know obviously Splunk and data security go hand in hand that is a high priority with the, with the company, but now you have a new initiative that you're just now rolling out to take that to an even higher level. Tell us about that. >>Yeah, something I'm extremely excited to announce. Uh, it's the first time we're really talking about it is that.com 21, which is wonderful. And it's kind of the culmination of my seven years here at Splunk. Uh, before I came to Splunk, I did about 20 years of cyber security research and defense and nation state hunting and threat intelligence and policy and compliance, and just about everything, uh, public sector in the U S and the UK private sector, a couple of different places. So I've kind of been around the block. And one of the things I've found that I'm really passionate about is just being a network defender or a blue teamer. And a lot of my time here at Splunk has been around that. It's been speaking at conferences, doing research, um, coming up with ways to basically defend organizations, but the tools they have at hand and something that we say Alon is, uh, we, we work on the problems of today and tomorrow, not the distant future, right? >>The really practical things. And we had an, you know, there was a little bit of a thing called solar winds. You might've heard of it. Um, that happened earlier in December and we were able to stand up kind of on an ad hoc ragtag group of Splunkers around the world, uh, in a matter of hours. And we worked about 24 hours for panning over to Australia, into a Mia, and then back over to America and able to publish really helpful work to, for our customers to detect or defend or mitigate against what we knew at the time around solar winds, the attack. And then as time went on, we were continuing to write and create material, but we didn't have a group that was focused on it. We were all kind of chipping in after hours or, you know, deep deprecating, other bits of work. >>And I said, you know, we really need to focus on this. This is a big deal. And how can we actually surge up to meet these needs if you will, uh, the play on the punter. So we created an idea of a small team, a dedicated to current events and also doing security research around the problems that are facing around the world insecurity who use Splunk and maybe even those who don't. And that's where the idea of this team was formed. And we've been working all summer. We're releasing our first research project, excuse me, uh, at.com, which is around supply chain, compromise using jaw three Zeke and Splunk, uh, author by myself and primarily Marcus law era. And we have other research projects coming out every quarter, along with doing this work around, just helping people with any sort of immediate cybersecurity threat that we're able to assist with. >>So what are you hoping that security teams can get out of this work? Obviously you're investing a lot of resources and doing the research, I assume, diversifying, you know, the areas and to which you're, um, exploring, um, ultimately what would be the takeaway if I was on the other end, if I was on the client and what would you hope that I would be, uh, extracting from this work? >>Sure. We want to get you promoted. I mean, that's kind of the, the joke of it, but we, we talk a lot. I want to make everyone in the world who use a Splunk or cybersecurity, looked into their bosses and defend their company as fast and quickly as possible. So one of the big, mandates for my team is creating consumable, actionable work and research. So we, you know, we joke a lot that, you know, I have a pretty thick beard here. One might even call it a neck beard and a lot of people in our community, we create things for what I would call wizards, cybersecurity wizards, and we go to conferences and we talk from wizard to wizard, and we kind of sit on our ivory tower on stage and kind of proclaim out how to do things. And I've sat on the other side and sometimes those sound great, but they're not actually helping people with their job today. And so the takeaway for me, what I hope people are able to take away is we're here for you. We're here for the little guys, the network defenders, we're creating things that we're hoping you can immediately take home and implement and do and make better detections and really find the things that are immediate threats to your network and not necessarily having to, you know, create a whole new environment or apply magic. So >>Is there a difference then in terms of say enterprise threats, as opposed to, if I'm a small business or of a medium sized business, maybe I have four or 500 employees as opposed to four or 5,000 or 40,000. Um, what about, you know, finding that ground where you can address both of those levels of, of business and of concern, >>You know, 20 years ago or 10 years ago? I would've answered that question very differently and I fully acknowledge I have a bias in nation state threats. That's what I'm primarily trained in, however, in the last five years, uh, thanks or not. Thanks to ransomware. What we're seeing is the same threats that are affecting and impacting fortune 100 fortune 10 companies. The entire federal government of the United States are the exact same threats that are actually impacting and causing havoc on smaller organizations and businesses. So the reality is in today's threat landscape. I do believe actually the threat is the same to each, but it is not the same level of capabilities for a 100% or 500 person company to a company, the size of Splunk or a fortune 100 company. Um, and that's something that we are actually focusing on is how do we create things to help every size of that business, >>Giving me the tools, right, exactly. >>Which is giving you the power to fight that battle yourself as much as possible, because you may never be able to have the head count of a fortune 100 company, but thanks to the power of software and tools and things like the cloud, you might have some force multipliers that we're hoping to create for you in a much more package consumable method. >>Yeah. Let's go back to the research that you mentioned. Um, how did you pick the first topic? I mean, because this is your, your splash and, and I'm sure there was a lot of thought put into where do we want to dive in >>First? You know, I'd love to say there was a lot of thought put into it because it would make me sound smarter, but it was something we all just immediately knew was a gap. Um, you know, solar winds, which was a supply chain, compromise attack really revealed to many of us something that, um, you know, reporters had been talking about for years, but we never really saw come to fruition was a real actionable threat. And when we started looking at our library of offerings and what we could actually help customers with, I talked over 175 federal and private sector companies around the world in a month and a half after solar winds. And a lot of times the answer was, yeah, we can't really help you with this specific part of the problem. We can help you around all sorts of other places, but like, gosh, how do you actually detect this? >>And there's not a great answer. And that really bothered me. And to be perfectly honest, that was part of the reason that we founded the team. So it was a very obvious next step was, well, this is why we're creating the team. Then our first product should probably be around this problem. And then you say, okay, supply chain, that's really big. That's a huge chunk of work. So the first question is like, well, what can we actually affect change on without talking about things like quantum computing, right? Which are all things that are, you know, blockchain, quantum computing, these are all solutions that are actually possible to solve or mitigate supply chain compromise, but it's not happening today. And it sure as heck isn't even happening tomorrow. So how do we create something that's digestible today? And so what Marcus did, and one of his true skillsets is really refining the problem down, down, down, down. >>And where can we get to the point of, Hey, this is data that we think most organizations have a chance of collecting. These are methodologies that we think people can do and how can they actually implement them with success in their network. And then we test that and then we kind of keep doing a huge fan of the concept of OODA loop, orient, orient, observe, decide, and act. And we do that through our hypothesizing. We kind of keep looking at that and iterating over and over and over again, until we're able to come up with a solution that seems to be applicable for the personas that we're trying to help. And that's where we got out with this research of, Hey, collect network data, use a tool like Splunk and some of our built-in statistical analysis functions and come out the other side. And I'll be honest, we're not solving the problem. >>We're helping you with the problem. And I think that's a key differentiator of what we're saying is there is no silver bullet and frankly, anyone that tells you they can solve supply chain, uh, let me know, cause I want to join that hot new startup. Um, the reality is we can help you go from a field of haystacks to a single haystack and inside that single haystack, there's a needle, right? And there's actually a lot of value in that because before the PR problem was unapproachable, and now we've gotten it down to saying like, Hey, use your traditional tools, use your traditional analytic craft on a much smaller set of data where we've pretty much verified that there's something here, but look right here. And that's where we kind of focused. >>You talked about, you know, and we all know about the importance and really the emphasis that's put on data protection, right? Um, at the same time, can you use data to help you protect? I mean, is there information or insight that could be gleaned from, from data that whether it's behavior or whatever the case might be, that, that not only, uh, is something that you can operationalize and it's a good thing for your business, but you could also put it into practice in terms of your security practices to >>A hundred percent. The, the undervalued aspect of cybersecurity in my opinion, is elbow grease. Um, you can buy a lot of tools, uh, but the reality is to get value immediately. Usually the easiest place to start is just doing the hard detail oriented work. And so when you ask, is there data that can help you immediately data analytics? Actually, I go to, um, knowing what you have in your network, knowing what you have, that you're actually trying to protect asset and inventory, CMDB, things like this, which is not attractive. It's not something people want to talk about, but it's actually the basis of all good security. How do you possibly defend something if you don't know what you're defending and where it is. And something that we found in our research was in order to detect and find anomalous behavior of systems communicating outbound, um, it's too much. >>So what you have to do is limit the scope down to those critical assets that you're most concerned about and a perfect example of critical asset. And there's no, no shame or victim blaming here, put on solar winds. Uh, it's just that, that is an example of an appliance server that has massive impact on the organization as we saw in 2020. And how can you actually find that if you don't know where it is? So really that first step is taking the data that you already have and saying, let's find all the systems that we're trying to protect. And what's often known as a crown jewels approach, and then applying these advanced analytics on top of those crown jewel approaches to limit the data scope and really get it to just what you're trying to protect. And once you're positive that you have that fairly well defended, then you go out to the next tier and the next tier in next year. And that's a great approach, take things you're already doing today and applying them and getting better results tomorrow. >>No, before I let you go, um, I I'd like to just have you put a, uh, a bow on surge, if you will, on that package, why is this a big deal to you? It's been a long time in the making. I know you're very happy about the rollout of this week. Um, you know, what's the impact you want to have? Why is it important? >>We did a lot of literature review. I have a very analytical background. My time working at DARPA taught me a lot about doing research and development and on laying out the value of failure, um, and how much sometimes even failing as long as you talk about it and talk about your approach and methodology and share that is important. And the other part of this is I see a lot of work done by many other wonderful organizations, uh, but they're really solving for a problem further down the road or they're creating solutions that not everyone can implement. And so what I think is so important and what's different about our team is we're not only thinking differently, we're hiring differently. You know, we have people who have a threat intelligence background from the white house. We have another researcher who did 10 years at DARPA insecurity, research and development. >>Uh, we've recently hired a, a former journalist who she's made a career pivot into cybersecurity, and she's helping us really review the data and what people are facing and come up with a real connection to make sure we are tackling the right problems. And so to me, what I'm most excited about is we're not only trying to solve different problems. And I think what most of the world is looking at for cybersecurity research, we've staffed it to be different, think different and come up with things that are probably a little less, um, normal than everyone's seen before. And I'm excited about that. >>Well, and, and rightly so, uh, Ryan, thanks for the time, a pleasure to have you here on the cube and, uh, the information again, the initiative is Serge, check it out, uh, spunk very much active in the cyber security protection business. And so we have certainly appreciate that effort. Thank you, Ryan. >>Well, thank you very much, John. You bet Ryan, >>Covar joining us here on our cube coverage. We continue our coverage of.com for 21.

>> Welcome to theCUBEs, continuing coverage of Splunk's dot conf 21. I'm Dave Nicholson, and I am joined by Chris Faulk, director, cybersecurity policy, and strategic partnerships at MITRE corporation; As well as Mohan Koo, the co-founder and chief technology officer at tech systems. Now, uh, gentlemen, we've heard this before, but I think this is going to be the best example of a conversation on this subject I've ever had. Security is a team sport. So let's talk about how that applies, where MITRE and D techs and Splunk all come together and work as a team. Uh, starting with you, Chris. miter published the, the attack framework. And, just so people are clear on that Ca- all caps, ATT, Ampersand or, AndSign, I should say. Capital C, capital K looks like attack. That's how you say it. Their framework was created by MITRE. Uh, It's a bit of a game changer. Now, enterprise security teams use that pretty religiously. So, so tell us about that, and tell us what we can expect next from MITRE. >> So thank you David, uh, pleasure to be here. You know, I think that the, um, what made attack resonate with users is it's based on data; It started with data that we observed in our networks and organized around at that time, the emergent principle that Lockheed Martin had put out on the kill chain. Uh, so it gave it structure. And we have, we have been lucky that the community has sort of embraced that concept of what we started off. We got the numbers completely wrong. Uh, we, we started off with like 41 TTPs. And, um, that was because that was based on a small subset of data that we had, uh, and what's been powerful and what's made it truly wonderful as the community's adopted it. And it's, that's, what's it's added to it. It's an additive approach. Um, and but it's all based on data and it's all just a fabulous, um, opportunity for the community to come together. So, what Myers really focused on is understanding how data, and those, uh, problems come together. And then, we surround the ecosystem of that problem with things like language. So we give it a framework and we give it, um, we give it operational data so that it actually has resonance with the users of that community. >> So give me an example, uh, of the language that's used. You know, there are, there are things that are, that are under the heading of tactics as an example. Give me an example of some of those things. What did, what's the term in plain English, and what does it mean? >> So tactics are a way for, um, an adversary to go about taking care of their business. So, in the day, uh, when we were first thinking about this, we thought about it as, um, the old cartoons where you'd have the-the-the coyote and the-the sheep would check in, you know, the coyote was given his lunchbox. He was given it, um, if you think about it, as a, uh, the adversary target list. And he was given his tools, he was, he would open up his toolbox, and he would go after those targets for the day. And he would use those tools. What we realized is that in most cases, a lot of those tools were expensive to create. They were, uh, hard to, um, train up on. And so they tended to use the same basic toolkit over and over again. What changed was, perhaps one little thing that they would exploit that was always changing. And so what, you know, what I likened it to was a burglar. A burglar would show up with his bag of- of, uh, tools. He would have a crowbar, and he would have a flashlight, and he would have a bag. And what he would do is he sometimes choose to go in through the windows. Sometimes they choose to go in through the door. Sometimes he choose to go in through the basement. It didn't matter. But once he got in the house, he had that flashlight, he had that bag, and he had that crowbar, I could figure out through my sensors, what he had in his bag or with, with him, I could catch that. And then I could alert on that, and find the other pieces of that. And so that's what really tactics, um, are about and getting that-that concept boiled down to a language that, uh, cyber defenders could readily understand and put into practice in their businesses. >> So Mohan, tell us about Dtex; And I'm particularly interested in the, in the connection between DTex and what Chris was just talking about; That MITRE has provided us, uh, this language that attack provides us. Um, essentially, you're- You're looking- you're listening for those things that go bump in the night. Chris has given us a language to describe them. Tell- tell us how Dtex fits here. >> Yeah. So, so what we're doing, David, um, and thank you for having me as well, um, what we're doing is we're bringing to the table a whole different type of telemetry, and it's all around human behavior. And, and how we got together with MITRE, um, is actually a direct connection to how we got together with Splunk as well. I'm actually sitting here in Adelaide, in Australia, at the Australian Cyber Collaboration Center. And this is an initiative we put together with the state government of South Australia, and federal government as well, um, to actually bring everybody onto one trusted group. So we could break down the silos and collaborate a hell of a lot better. As we all know, the bad guys collaborate extremely well. You know, they share everything, including their IP and their tactics, and their techniques, everything is shared. And that puts them at an extreme advantage to the good guys, and girls, right? And-and so we have to do a much better job at that collaboration. And-and when we came together and were introduced to MITRE here at the Australian Cyber Collaboration Center, we decided that taking MITREs expertise, and they've got like 15, more than 15 years, worth of dedicated experience around behavioral science, and how it contributes to insider threats and studying that in some depth. Putting that together with the data that we're collecting for our enterprise customers was something that was really, really important, and actually, you know, it was here in the Australian Cyber Collaboration Center that we first kept locked together with Splunk. And Splunk started to identify a problem statement amongst their customers too, That, you know, the data that exists out there for security operations teams just doesn't have that cleanliness and, it doesn't have the context when it comes to human behavior. And that's really what we're bringing to the, to the table here. >> So give me an example of a human behavior that you're looking for, or, you know, so, so Splunk is- Splunk is providing this data that's being gathered from logs. These events are being rolled up and, uh, and-and DTex is analyzing them. Can you give us an example that doesn't educate adversaries of-of behaviors that you look at? >> Yeah, absolutely. And I'll-I'll just touch on it. And then I'll hand over to Chris cause, cause uh, MITRE are truly the experts of this stuff. But- but what I will say is that a lot of organizations, when they think about human behavior and the insider threat, per se, they always think about the malicious actor, right? The, the Snowden type character that's, that's maliciously, and intentionally, trying to get access to take stuff. But it's, it's much more than that. It's, it's also insiders that do negligent things, and it's insider's that are victims of-of their own lack of understanding of things that they're facing. And when outsiders are cleverer, or more technically proficient, they can find ways to-to usurp the insider, and get them to do bad things without them even knowing they're doing it. And so understanding intent, and we call it, at Dtex, we call it, indicators of intent, are really important for us to know. Those indicators are what we've been working with MITRE on for the last year or so; Kind of understanding what the newest, most complicated indicators of intent are. And how do we determine those to be able to know the difference between a malicious insider, versus somebody that's just doing the wrong thing without even knowing about it? I-I don't know, Chris, if-if you wanted to touch on that a little bit. >> Yeah, yeah, yeah Chris, absolutely. You've, you know, uh, Mohan's joining us from Australia, Chris, you and MITRE have done a ton of work with the U.S. Federal Government around detection, and prevention of those insider threats. Talk to us, talk us through that. And, and more specifically, tell us how that is applicable to nongovernmental agencies. >> Yeah, well, so I mean, think at the, at the core of it, human behavior is human cue and behavior. And whether those are being applied to, uh, critical infrastructures, whether they're being applied to working at a federal government organization, or a state, local, uh, government organization, it doesn't matter. Humans, humans have behaviors. Every human has behaviors. What makes them unique, is understanding the context behind those behaviors. And then looking for, uh, indicators that are distinguishable from an individual doing his, or her, job. Right? So, one of the challenges that you have with insider behavior is that, you know, data collection is everyone's job, at every organization, right? You're always trying to put together the numbers for the spreadsheet to-to brief to your boss. Well, when you're doing that data collection, it can look like normal work. And you can't trigger on something like that, because otherwise you're going to be triggering, uh, every individual doing their job every day. So you have to add additional context, and behavioral indicators to that, to understand how the individual is doing that differently in a case where they are up to-up to no good, we'll say, as opposed to under circumstances of doing their job in a regular course of action. So, what we have long held as beliefs about how people behave are actually manifesting themselves differently in online behavior; How fast they click, um, what kinds of tools they use to do legitimate work, versus the kinds of tools that they do-to do, uh, I'll call it elicit collection. Uh, literally those kinds of subtle nuances. So while they might do the same collection activities, how fast they do it, um, where they put that information, um, how they, how often they go back to the same site, those are indicators that when taken with that behavioral context really matter. And that's what distinguishes them from just normal, typical user behavior. >> So how much does that context vary between private entities, governmental entities, and across private entities? Is this the classic 80/20 situation where, you know, 80-80% of it's the same, 20% very different? What, what does that look like? >> Yeah, I would say that, you know, an 80/20 is a very good rule. I'd probably put it up closer to 90 to 95 to five, right? So behaviors work the same. Now, the protocols that organizations have are going to drive some of that, right? So a-a government organization is going to have certain things in place that a private company may or may not. So, you know, how, how locked down the systems are, the kinds of access, um, things that, that you allow. So do you allow USB drives? Do you allow, um, those kinds of-of capabilities in your organization? So, if you're a private sector organization, but even within a private sector organization, they'd run the gamut, right? You have very locked down environments like banks, and regulated industries and then, you have very unregulated industries as well. So it really isn't about government and industry. It's about the kind of, um, protocols that are already in place for other reasons that really drive the differences between that. And then you have, again, you have those additional safeguards that you have, say with a-with a government organization and that you've got, uh, security vetting, right? So you've done security vetting of a lot of your employees, whether even if it's not security clearance, it's a- it's a personnel vetting. And so, it's an additional level, um, but all it does is change the-the emphasis of-of where you place the value in your security mechanisms. >> So, you mentioned a variety of contexts. Mohan, We've had a mass shift to remote working, obviously. Um, Splunk has shared with us that, uh, that the customers are concerned about, you know, giving- giving people visibility without compromising privacy. And I, and I-I say Splunk like Splunk is a person (man laughing) We like to personalize everything here at theCUBE, but how is DTex helping with this challenge, this challenge of not being intrusive, yet, uh, getting the important work done that needs to be done? >> Yeah, that's a, that's a great question. And-and for us, you know, we, as DTex, we kind of grew up in-in Europe, that's kind of where we became an international organization. So, employee privacy is at the heart of everything that we do. And-and, we make privacy by designing into everything that we do. So, we're actually able to, uh, pseudo anonymize every bit of data that we're collecting, so that you're actually really, truly looking for bad behaviors or unusual behaviors. You're not looking for bad people or unusual people, right? Like it's, it's a very clear distinction; and being able to do it in a way that gives you the visibility, gives the organization, the visibility to prevent against risk and to de-risk the organization without infringing on anyone's privacy is, is really critical. And, you know, as Chris was mentioning, even if you go to the private sector, you know, you've got those very regulated banks or healthcare organizations that are typically quite locked down, but we're dealing more and more with, with high-tech companies, right? A lot of bay area firms, Silicon valley companies, which have always required the flexibility for their workforce, right? They want them to be innovative. They want them to do different things. And in order to do that, they need the ability to have any tools they need to get their job done. But in those environments, you can't have too many hard and fast controls. So how do we actually provide that visibility to the organization without infringing privacy? That is absolutely what the game is about. And so, you know, not kind of having to scrape screens, and type key strokes and type video capture, you know, that's the old school way of doing it. You know, in some cases maybe you do need that level of surveillance, but in most cases you absolutely do not. And so, you know, for many, many years, a lot of enterprise security organizations have been collecting way more data than they need to and taking way more intrusive approaches. And we're about backing that off and kind of getting the right balance between security and privacy, because what we truly believe is where you overlap security and privacy, that Venn diagram that you get in the middle is where you get safety. And we really see it as, as an extension of health and safety. >> So Mohan, if we do all of these things correctly, between Splunk, MITRE, and DTex, you get the perfect scenario where you're catching bad actors and you're not inconveniencing good actors. So what's your view of this? Dystopian future, Utopian future, a mix of both? >> Well, uh, look, I think-I think that the future really is, you know, as the title to this discussion is it's a team sport, right? Like, and, and I think the, the approach that Splunk is taking right now is absolutely the right one. Like we, we need to all come together. We can't be everything to everyone. I don't think there is a one size fits all solution in enterprise security today. And those organizations that understand that and recognize that, but neither is it, are we able to continue just kind of investing in hundreds of point solutions across the enterprise and layering them across the business. Like, band-aids, we need that consolidation, but we do need to take best of breed solution providers to, to focus on those integrations and doing it properly. And that's what we've really enjoyed about working with Splunk over the last couple of years is kind of taking a very holistic approach and realizing that we all need to come together to play these teams sport because, you know, we, as detects, we bring together a very clean data set that gives you that human telemetry and then MITRE brings to get brings the behavioral science capability and behavioral science understanding. And Splunk provides that big data platform to bring everything together and show it and visualize it. And, and really that's, that's, that's, that's one way of looking at it. And I, and I think, you know, going forward those vendors or those organizations that don't recognize that that proper integration actual true integration has to be done collectively. And it has to be done in a way that's light and easy for anybody to consume. >> Perfect way to wrap this cube conversation. Thank you, Mohan. Thank you, Chris. And thank all of you for joining us on this cube conversation or continuing coverage of splunk.com 21 continues. I'm Dave Nicholson. Thanks for joining.

>>AWS public sector summit here in person in Washington, D. C. For two days live. Finally a real event. I'm john for your host of the cube. Got a great guest Howard Levinson from data bricks, regional vice president and general manager of the federal team for data bricks. Uh Super unicorn. Is it a decade corn yet? It's uh, not yet public but welcome to the cube. >>I don't know what the next stage after unicorn is, but we're growing rapidly. >>Thank you. Our audience knows David bricks extremely well. Always been on the cube many times. Even back, we were covering them back when big data was big data. Now it's all data everything. So we watched your success. Congratulations. Thank you. Um, so there's no, you know, not a big bridge for us across to see you here at AWS public sector summit. Tell us what's going on inside the data bricks amazon relationship. >>Yeah. It's been a great relationship. You know, when the company got started some number of years ago we got a contract with the government to deliver the data brooks capability and they're classified cloud in amazon's classified cloud. So that was the start of a great federal relationship today. Virtually all of our businesses in AWS and we run in every single AWS environment from commercial cloud to Govcloud to secret top secret environments and we've got customers doing great things and experiencing great results from data bricks and amazon. >>The federal government's the classic, I call migration opportunity. Right? Because I mean, let's face it before the pandemic even five years ago, even 10 years ago. Glacier moving speed slow, slow and they had to get modernized with the pandemic forced really to do it. But you guys have already cleared the runway with your value problems. You've got lake house now you guys are really optimized for the cloud. >>Okay, hardcore. Yeah. We are, we only run in the cloud and we take advantage of every single go fast feature that amazon gives us. But you know john it's The Office of Management and Budget. Did a study a couple of years ago. I think there were 28,000 federal data centers, 28,000 federal data centers. Think about that for a minute and just think about like let's say in each one of those data centers you've got a handful of operational data stores of databases. The federal government is trying to take all of that data and make sense out of it. The first step to making sense out of it is bringing it all together, normalizing it. Fed aerating it and that's exactly what we do. And that's been a real win for our federal clients and it's been a real exciting opportunity to watch people succeed in that >>endeavour. We have another guest on. And she said those data center huggers tree huggers data center huggers, majority of term people won't let go. Yeah. So but they're slowly dying away and moving on to the cloud. So migrations huge. How are you guys migrating with your customers? Give us an example of how it's working. What are some of the use cases? >>So before I do that I want to tell you a quick story. I've I had the luxury of working with the Air Force Chief data officer Ailene vedrine and she is commonly quoted as saying just remember as as airmen it's not your data it's the Air Force's data. So people were data center huggers now their data huggers but all of that data belongs to the government at the end of the day. So how do we help in that? Well think about all this data sitting in all these operational data stores they're getting it's getting updated all the time. But you want to be able to Federated this data together and make some sense out of it. So for like an organization like uh us citizenship and immigration services they had I think 28 different data sources and they want to be able to pull that data basically in real time and bring it into a data lake. Well that means doing a change data capture off of those operational data stores transforming that data and normalizing it so that you can then enjoy it. And we've done that I think they're now up to 70 data sources that are continually ingested into their data lake. And from there they support thousands of users doing analysis and reports for the whole visa processing system for the United States, the whole naturalization environment And their efficiency has gone up I think by their metrics by 24 x. >>Yeah. I mean Sandy carter was just on the cube earlier. She's the Vice president partner ecosystem here at public sector. And I was coming to her that federal game has changed, it used to be hard to get into you know everybody and you navigate the trip wires and all the subtle hints and and the people who are friends and it was like cloak and dagger and so people were locked in on certain things databases and data because now has to be freely available. I know one of the things that you guys are passionate about and this is kind of hard core architectural thing is that you need horizontally scalable data to really make a I work right. Machine learning works when you have data. How far along are these guys in their thinking when you have a customer because we're seeing progress? How far along are we? >>Yeah, we still have a long way to go in the federal government. I mean, I tell everybody, I think the federal government's probably four or five years behind what data bricks top uh clients are doing. But there are clearly people in the federal government that have really ramped it up and are on a par were even exceeding some of the commercial clients, U. S. C. I. S CBP FBI or some of the clients that we work with that are pretty far ahead and I'll say I mentioned a lot about the operational data stores but there's all kinds of data that's coming in at U S. C. I. S. They do these naturalization interviews, those are captured in real text. So now you want to do natural language processing against them, make sure these interviews are of the highest quality control, We want to be able to predict which people are going to show up for interviews based on their geospatial location and the day of the week and other factors the weather perhaps. So they're using all of these data types uh imagery text and structure data all in the Lake House concept to make predictions about how they should run their >>business. So that's a really good point. I was talking with keith brooks earlier directive is development, go to market strategy for AWS public sector. He's been there from the beginning this the 10th year of Govcloud. Right, so we're kind of riffing but the jpl Nasa Jpl, they did production workloads out of the gate. Yeah. Full mission. So now fast forward today. Cloud Native really is available. So like how do you see the the agencies in the government handling Okay. Re platform and I get that but now to do the reef acting where you guys have the Lake House new things can happen with cloud Native technologies, what's the what's the what's the cross over point for that point. >>Yeah, I think our Lake House architecture is really a big breakthrough architecture. It used to be, people would take all of this data, they put it in a Hadoop data lake, they'd end up with a data swamp with really not good control or good data quality. And uh then they would take the data from the data swamp where the data lake and they curate it and go through an E. T. L. Process and put a second copy into their data warehouse. So now you have two copies of the data to governance models. Maybe two versions of the data. A lot to manage. A lot to control with our Lake House architecture. You can put all of that data in the data lake it with our delta format. It comes in a curated way. Uh there's a catalogue associated with the data. So you know what you've got. And now you can literally build an ephemeral data warehouse directly on top of that data and it exists only for the period of time that uh people need it. And so it's cloud Native. It's elastically scalable. It terminates when nobody's using it. We run the whole center for Medicaid Medicare services. The whole Medicaid repository for the United States runs in an ephemeral data warehouse built on Amazon S three. >>You know, that is a huge call out, I want to just unpack that for a second. What you just said to me puts the exclamation point on cloud value because it's not your grandfather's data warehouse, it's like okay we do data warehouse capability but we're using higher level cloud services, whether it's governance stuff for a I to actually make it work at scale for those environments. I mean that that to me is re factoring that's not re platform Ng. Just re platform that's re platform Ng in the cloud and then re factoring capability for on uh new >>advantages. It's really true. And now you know at CMS, they have one copy of the data so they do all of their reporting, they've got a lot of congressional reports that they need to do. But now they're leveraging that same data, not making a copy of it for uh the center for program integrity for fraud. And we know how many billions of dollars worth of fraud exist in the Medicaid system. And now we're applying artificial intelligence and machine learning on entity analytics to really get to the root of those problems. It's a game >>changer. And this is where the efficiency comes in at scale. Because you start to see, I mean we always talk on the cube about like how software is changed the old days you put on the shelf shelf where they called it. Uh that's our generation. And now you got the cloud, you didn't know if something is hot or not until the inventory is like we didn't sell through in the cloud. If you're not performing, you suck basically. So it's not working, >>it's an instant Mhm. >>Report card. So now when you go to the cloud, you think the data lake and uh the lake house what you guys do uh and others like snowflake and were optimized in the cloud, you can't deny it. And then when you compare it to like, okay, so I'm saving you millions and millions if you're just on one thing, never mind the top line opportunities. >>So so john you know, years ago people didn't believe the cloud was going to be what it is. Like pretty much today, the clouds inevitable. It's everywhere. I'm gonna make you another prediction. Um And you can say you heard it here first, the data warehouse is going away. The Lake house is clearly going to replace it. There's no need anymore for two separate copies, there's no need for a proprietary uh storage copy of your data and people want to be able to apply more than sequel to the data. Uh Data warehouses, just restrict. What about an ocean house? >>Yeah. Lake is kind of small. When you think about this lake, Michigan is pretty big now, I think it's I >>think it's going to go bigger than that. I think we're talking about Sky Computer, we've been a cloud computing, we're going to uh and we're going to do that because people aren't gonna put all of their data in one place, they're going to have, it spread across different amazon regions or or or amazon availability zones and you're going to want to share data and you know, we just introduced this delta sharing capability. I don't know if you're familiar with it but it allows you to share data without a sharing server directly from picking up basically the amazon, you RLS and sharing them with different organizations. So you're sharing in place. The data actually isn't moving. You've got great governance and great granularity of the data that you choose to share and data sharing is going to be the next uh >>next break. You know, I really loved the Lake House were fairly sing gateway. I totally see that. So I totally would align with that and say I bet with you on that one. The Sky net Skynet, the Sky computing. >>See you're taking it away man, >>I know Skynet got anything that was computing in the Sky is Skynet that's terminated So but that's real. I mean I think that's a concept where it's like, you know what services and functions does for servers, you don't have a data, >>you've got to be able to connect data, nobody lives in an island. You've got to be able to connect data and more data. We all know more data produces better results. So how do you get more data? You connect to more data sources, >>Howard great to have you on talk about the relationship real quick as we end up here with amazon, What are you guys doing together? How's the partnership? >>Yeah, I mean the partnership with amazon is amazing. We have, we work uh, I think probably 95% of our federal business is running in amazon's cloud today. As I mentioned, john we run across uh, AWS commercial AWS GovCloud secret environment. See to us and you know, we have better integration with amazon services than I'll say some of the amazon services if people want to integrate with glue or kinesis or Sagemaker, a red shift, we have complete integration with all of those and that's really, it's not just a partnership at the sales level. It's a partnership and integration at the engineering level. >>Well, I think I'm really impressed with you guys as a company. I think you're an example of the kind of business model that people might have been afraid of which is being in the cloud, you can have a moat, you have competitive advantage, you can build intellectual property >>and, and john don't forget, it's all based on open source, open data, like almost everything that we've done. We've made available to people, we get 30 million downloads of the data bricks technology just for people that want to use it for free. So no vendor lock in. I think that's really important to most of our federal clients into everybody. >>I've always said competitive advantage scale and choice. Right. That's a data bricks. Howard? Thanks for coming on the key, appreciate it. Thanks again. Alright. Cube coverage here in Washington from face to face physical event were on the ground. Of course, we're also streaming a digital for the hybrid event. This is the cubes coverage of a W. S. Public sector Summit will be right back after this short break.