(light music) (airy white noise rumbling) >> Hey everyone, welcome back to Las Vegas. It's theCUBE. We're here, day four of our coverage of AWS re:Invent 22. There's been about, we've heard, north of 55,000 folks here in person. We're seeing only a fraction of that but it's packed in the expo center. We're at the Venetian Expo, Lisa Martin, Dave Vellante. Dave, we've had such great conversations as we always do on theCUBE. With the AWS ecosystem, we're going to be talking with another partner on that ecosystem and what they're doing to innovate together next. >> Well, we know security is the number one topic on IT practitioners, mine, CIOs, CISOs. We also know that they don't have the bench strength, that's why they look to manage service providers, manage service security providers. It's a growing topic, we've talked about it. We talked about it at re:Inforce earlier this year. I think it was July, actually, and August, believe it or not, not everybody was at the Cape. It was pretty well attended conference and that's their security focus conference, exclusive on security. But there's a lot of security here too. >> Lot of security, we're going to be talking about that next. We have two guests from Capgemini joining us. Mike Wasielewski, the head of cloud security, and NextGen secure architectures, welcome Mike. Anne Saunders also joins us, the Director of Cybersecurity Technology Partnerships at Capgemini, welcome Anne. >> Thank you. >> Dave: Hey guys. >> So, day four of the show, how you feeling? >> Anne: Pretty good. >> Mike: It's a long show. >> It is a long, and it's still jamming in here. Normally on the last day, it dwindles down. Not here. >> No, the foot traffic around the booth and around the totality of this expo floor has been amazing, I think. >> It really has. Anne, I want to start with you. Capgemini making some moves in the waves in the cloud and cloud security spaces. Talk to us about what Cap's got going on there. >> Well, we actually have a variety of things going on. Very much partner driven. The SOC Essentials offering that Mike's going to talk about shortly is the kind of the starter offer where we're going to build from and build out from. SOC Essentials is definitely critical for establishing that foundation. A lot of good stuff coming along with partners. Since I manage the partners, I'm kind of keen on who we get involved with and how we work with them to build out value and focus on our overall cloud security strategy. Mike, you want to talk about SOC Essentials? >> Yeah, well, no, I mean, I think at Capgemini, we really say cybersecurity is part of our DNA and so as we look at what we do in the cloud, you'll find that security has always been an underpinning to a lot of what we deliver, whether it's on the DevSecOps services, migration services, stuff like that. But what we're really trying to do is be intentional about how we approach the security piece of the cloud in different ways, right? Traditional infrastructure, you mentioned the totality of security vendors here and at re:Inforce. We're really seeing that you have to approach it differently. So we're bringing together the right partners. We're using what's part of our DNA to really be able to drive the next generation of security inside those clouds for our clients and customers. So as Anne was talking about, we have a new service called the Capgemini Cloud SOC Essentials, and we've really brought our partners to bear, in this case Trend Micro, really bringing a lot of their intelligence and building off of what they do so that we can help customers. Services can be pretty expensive, right, when you go for the high end, or if you have to try to run one yourself, there's a lot of time, I think you mentioned earlier, right, the people's benches. It's really hard to have a really good cybersecurity people in those smaller businesses. So what we're trying to do is we're really trying to help companies, whether you're the really big buyers of the world or some of the smaller ones, right? We want to be able to give you the visibility and ability to deliver to your customers securely. So that's how we're approaching security now and we're cloud SOC Essentials, the new thing that we're announcing while we were here is really driving out of. >> When I came out of re:Invent, when you do these events, you get this Kool-Aid injection and after a while you're like hm, what did I learn? And one of the things that struck me in talking to people is you've got the shared responsibility model that the cloud has sort of created and I know there's complexities across cloud but let's just keep it at cloud generically for a moment. And then you've got the CISO, the AppDev, AppSecDev group is being asked to do a lot. They're kind of being dragged into security that's really not their wheelhouse and then you've got audit which is like the last line of defense. And so one of the things that struck me at re:Inforce is like, okay, Amazon, great job for their portion of the shared responsibility model but I didn't hear a lot in terms of making the CISO's life easier and I'm guessing that's where you guys come in. I wonder if you could talk about that trend, that conceptual layers that I just laid out and where you guys fit. >> Mike: Sure, so I think first and foremost, I always go back to a quote from, I think it's attributed to Peter Drucker, whether that's right or wrong, who knows? But culture eats strategy for breakfast, right? And I think what we've seen in our conversations with whether you're talking to the CISO, the application team, the AppDev team, wherever throughout the organization, we really see that culture is what's going to drive success or failure of security in the org, and so what we do is we really do bring that totality of perspective. We're not just cloud, not just security, not just AppDev. We can really bring across the totality of the Capgemini estate. So that when we go, and you're right, a CISO says, I'm having a hard time getting the app people to deliver what I need. If you just come from a security perspective, you're right, that's what's going to happen. So what we try to do is so, we've got a great DevSecOps service, for example in the cloud where we do that. We bring all the perspectives together, how do we align KPIs? That's a big problem, I think, for what you're seeing, making CISO's lives easier, is about making sure that the app team KPIs are aligned with the CISO's but also the CISO's KPIs are aligned with the app teams. And by doing that, we have had really great success in a number of organizations by giving them the tools then and the people on our side to be able to make those alignments at the business level, to drive the right business outcome, to drive the right security outcome, the right application outcome. That's where I think we've really come to play. >> Absolutely, and I will say from a partnering perspective, what's key in supporting that strategy is we will learn from our partners, we lean on our partners to understand what the trends they're seeing and where they're having an impact with regards to supporting the CISO and supporting the overall security strategy within a company. I mean, they're on the cutting edge. We do a lot to track their technology roadmaps. We do a lot to track how they build their buyer personas and what issues they're dealing with and what issues they're prepared to deal with regards to where they're investing and who's investing in them. A lot of strategy around which partner to bring in and support, how we're going to address the challenges, the CISO and the IT teams are having to kind of support that overall. Security is a part of everything, DNA kind of strategy. >> Yeah, do you have a favorite example, Anne, of a partner that came in with Capgemini, helped a customer really be able to do what Capgemini is doing and that is, have cybersecurity be actually part of their DNA when there's so many challenges, the skills gap. Any favorite example that really you think articulates how you're able to enable organizations to achieve just that? >> Anne: Well, actually the SOC Essentials offering that we're rolling out is a prime example of that. I mean, we work very, very closely with Trend on all fronts with regards to developing it. It's one of those completely collaborative from day one to going to the customer and that it's almost that seamless connectivity and just partnering at such a strategic level is a great example of how it's done right, and when it's done right, how successful it can be. >> Dave: Why Trend Micro? Because I mean, I'm sure you've seen, I think that's Optiv, has the eye test with all the tools and you talk to CISOs, they're like really trying to consolidate those tools. So I presume there's a portfolio play there, but tell us, tell the audience a little bit more about why Trend Micro and I mean your branding with them, why those guys? >> Well, it goes towards the technology, of course, and all the development they've done and their position within AWS and how they address assuring security for our clients who are moving onto and running their estates on AWS. There's such a long heritage with regards to their technology platform and what they've developed, that deep experience, that kind of the strength of the technology because of the longevity they've had and where they sit within their domain. I try to call partners out by their domain and their area of expertise is part of the reason, I mean. >> Yeah, I think another big part of it is Gartner is expecting, I think they published this out in the next three years, we expect to see another consolidation both inside of the enterprises as well as, I look back a couple years, when Palo Alto went on a very nice spending spree, right? And put together a lot of really great companies that built their Prisma platform. So what I think one of the reasons we picked Trend in this particular case is as we look forward for our customers and our clients, not just having point solutions, right? This isn't just about endpoint protection, this isn't just about security posture management. This is really who can take the totality of the customer's problems and deliver on the right outcomes from a single platform, and so when we look at companies like Trend, like Palo, some of the bigger partners for us, that's where we try to focus. They're definitely best in breed and we bring those to our customers too for certain things. But as we look to the future, I think really finding those partners that are going to be able to solve a swath of problems at the right price point for their customers, that is where I think we see the industry moving. >> Dave: And maybe be around as an independent company. Was that a factor as well? I mean, you see Thoma Bravo buying up all his hiring companies and right, so, and maybe they're trying to create something that could be competitive, but you're saying Trend Micros there, so. >> Well I think as Anne mentioned, the 30 year heritage, I think, of Trend Micro really driving this and I've done work with them in various past things. There's also a big part of just the people you like, the people that are good to work with, that are really trying to be customer obsessed, going back right, at an AWS event, the ones that get the cloud tend to be able to follow those Amazon LPs as well, right, just kind of naturally, and so I think when you look at the Trend Micros of the world, that's where that kind of cloud native piece comes out and I like working with that. >> In this environment, the macro environment, lets talk a bit, earning season, it's really mixed. I mean you're seeing some really good earnings, some mixed earnings, some good earnings with cautious guidance. So nobody really (indistinct), and it was for a period time there was a thinking that security was non-discretionary and it's clearly non-discretionary, but the CISO, she or he, doesn't have unlimited budgets, right? So what are you seeing in terms of how are customers dealing with this challenging macro environment? Is it through tools consolidation? Is that a play that's going on? What are you seeing in the customer base? >> Anne: I see ways, and we're working through this right now where we're actually weaving cybersecurity in at the very beginning of how we're designing offers across our entire offer portfolio, not just the cybersecurity business. So taking that approach in the long run will help contain costs and our hope, and we're already seeing it, is it's actually helping change the perception that security's that cost center and that final obstacle you have to get over and it's going to throw your margins off and all that sort of stuff. >> Dave: I like that, its at least is like a security cover charge. You're not getting in unless we do the security thing. >> Exactly, a security cover charge, that's what you should call it. >> Yeah. >> Like it. >> Another piece though, you mentioned earlier about making CISO's life easier, right? And I think, as Anne did a really absolutely true about building it in, not to the security stack but application developers, they want visibility they want observability, they want to do it right. They want CI/CD pipeline that can give them confidence in their security. So should the CISO have a budget issue, right? And they can't necessarily afford, but the application team as they're looking at what products they want to purchase, can I get a SaaS or a DaaS, right? The static or dynamic application security testing in my product up front and if the app team buys into that methodology, the CISO convinces them, yes, this is important. Now I've got two budgets to pull from, and in the end I end up with a cheaper, a lower cost of a service. So I think that's another way that we see with like DevSecOps and a few other services, that building in on day one that you mentioned. >> Lisa: Yeah. >> Getting both teams involved. >> Dave: That's interesting, Mike, because that's the alignment that you were talking about earlier in the KPIs and you're not a tech vendor saying, buy my product, you guys have deep consultancy backgrounds. >> Anne: And the customer appreciates that. >> Yeah. >> Anne: They see us as looking out for their best interest when we're trying to support them and help them and bringing it to the table at the very beginning as something that is there and we're conscientious of, just helps them in the long run and I think, they're seeing that, they appreciate that. >> Dave: Yeah, you can bring best practice around measurements, alignment, business process, stuff like that. Maybe even some industry expertise which you're not typically going to get from a product company. >> Well, one thing you just mentioned that I love talking about with Capgemini is the industry expertise, right? So when you look at systems integrators, there are a lot of really, really good ones. To say otherwise would be foolish. But Capgemini with our acquisition of Altran, a couple years ago, I think think it was, right? How many other GSIs or SIs are actually building silicon for IoT chips? So IoT's huge right now, the intelligent industry moving forward is going to drive a lot of those business outcomes that people are looking for. Who else can say we've built an autonomous vehicle, Capgemini can. Who can say that we've built the IoT devices from the ground up? We know not just how to integrate them into AWS, into the IoT services in the cloud, but to build and have that secure development for the firmware and all and that's where I think our customers really look to us as being those industry experts and being able to bring that totality of our business to bear for what they need to do to achieve their objectives to deliver to their customer. >> Dave: That's interesting. I mean, using silicon as a differentiator to drive a lot of business outcomes and security. >> Mike: Absolutely. >> I mean you see what Amazon's doing in silicon, Look at Apple. Look at what Tesla's doing with silicon. >> Dave: That's where you're seeing a lot of people start focusing 'cause not everybody can do it. >> Yeah. >> It's hard. >> Right. >> It's hard. >> And you'll see some interesting announcements from us and some interesting information and trends that we'll be driving because of where we're placed and what we have going around security and intelligent industry overall. We have a lot of investment going on there right now and again, from the partner perspective, it's an ecosystem of key partners that collectively work together to kind of create a seamless security posture for an intelligent industry initiative with these companies that we're working with. >> So last question, probably toughest question, and that's to give us a 30 second like elevator pitch or a billboard and I'm going to ask you, Anne, specifically about the SOC Essentials program powered by Trend Micro. Why should organizations look to that? >> Organizations should move to it or work with us on it because we have the expertise, we have the width and breadth to help them fill the gaps, be those eyes, be that team, the police behind it all, so to speak, and be the team behind them to make sure we're giving them the right information they need to actually act effectively on maintaining their security posture. >> Nice and then last question for you, Mike is that billboard, why should organizations in any industry work with Capgemini to help become an intelligent industrial player. >> Mike: Sure, so if you look at our board up top, right, we've got our tagline that says, "get the future you want." And that's what you're going to get with Capgemini. It's not just about selling a service, it's not just about what partners' right in reselling. We don't want that to be why you come to us. You, as a company have a vision and we will help you achieve that vision in a way that nobody else can because of our depth, because of the breadth that we have that's very hard to replicate. >> Awesome guys, that was great answers. Mike, Anne, thank you for spending some time with Dave and me on the program today talking about what's new with Capgemini. We'll be following this space. >> All right, thank you very much. >> For our guests and for Dave Vellante, I'm Lisa Martin, you're watching theCUBE, the leader in live enterprise and emerging tech coverage. (gentle light music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>> Announcer: TheCube presents HPE Discover 2022, brought to you by HPE. >> Welcome back to HPE Discover 2022, theCube's continuous wall to wall coverage, Dave Vellante with John Furrier. Keith Basil is here as the General Manager for the Edge Business Unit at SUSE. Keith, welcome to theCube, man good to see you. >> Great to be here, it's my first time here and I've seen many shows and you guys are the best. >> Thanks you. >> Thank you very much. >> Big fans of SUSE you know, we've had Melissa on several times. >> Yes. >> Let's start with kind of what you guys are doing here at Discover. >> Well, we're here to support our wonderful partner HPE, as you know SUSE's products and services are now being integrated into the GreenLake offering. So that's very exciting for us. >> Yeah. Now tell us about your background. It's quite interesting you've kind of been in the mix in some really cool places. Tell us a little bit about yourself. >> Probably the most relevant was I used to work at Red Hat, I was a Product Manager working in security for OpenStack and OpenShift working with DOD customers in the intelligence community. Left Red Hat to go to Rancher, started out there as VP of Edge Solutions and then transitioned over to VP of Product for all of Rancher. And then obviously we know SUSE acquired Rancher and as of November 1st, of 2020, I think it was. >> Dave: 2020. >> Yeah, yeah time is flying. I came over, I still remained VP of Product for Rancher for Cloud Native Infrastructure. And I was working on the edge strategy for SUSE and about four months ago we internally built three business units, one for the Linux business, one for enterprise container management, basically the Rancher business, and then the newly minted business unit was the Edge business. And I was offered the role to be GM for that business unit and I happily accepted it. >> Very cool. I mean the market dynamics since the 2018 have changed dramatically, IBM bought Red Hat. A lot of customers said, "Hmm let's see what other alternatives are out there." SUSE popped its head up. You know, Melissa's been quite, you know forthcoming about that. And then you acquire Rancher in 2020, IPO in 2021. That kind of gives you another tailwind. So there's a new market when you go from 2018 to 2022, it's a completely changed dynamic. >> Yes and I'm going to answer your question from the Rancher perspective first, because as we were at Rancher, we had experimented with different flavors of the underlying OS underneath Kubernetes or Kubernetes offerings. And we had, as I said, different flavors, we weren't really operating system people for example. And so post-acquisition, you know, one of my internal roles was to bring the two halves of the house together, the philosophies together where you had a cloud native side in the form of Rancher, very progressive leading innovative products with Rancher with K3s for example. And then you had, you know, really strong enterprise roots around compliance and security, secure supply chain with the enterprise grade Linux. And what we found out was SUSE had been building a version of Linux called SLE Micro, and it was perfectly designed for Edge. And so what we've done over that time period since the acquisition is that we've brought those two things together. And now we're using Kubernetes directives and philosophies to manage all the way down to the operating system. And it is a winning strategy for our customers. And we're really excited about that. >> And what does that product look like? Is that a managed service? How are customers consuming that? >> It could be a managed service, it's something that our managed service providers could embrace and offer to their customers. But we have some customers who are very sophisticated who want to do the whole thing themselves. And so they stand up Rancher, you know at a centralized location at cloud GreenLake for example which is why this is very relevant. And then that control plane if you will, manages thousands of downstream clusters that are running K3s at these Edge locations. And so that's what the complete stack looks like. And so when you add the Linux capability to that scenario we can now roll a new operating system, new kernel, CVE updates, build that as an OCI container image registry format, right? Put that into a registry and then have that thing cascade down through all the downstream clusters and up through a rolling window upgrade of the operating system underneath Kubernetes. And it is a tremendous amount of value when you talk to customers that have this massive scale. >> What's the impact of that, just take us through what happens next. Is it faster? Is it more performant? Is it more reliable? Is it processing data at the Edge? What's the impact of the customer? >> Yes, the answer is yes to that. So let's actually talk about one customer that we we highlighted in our keynote, which is Home Depot. So as we know, Kubernetes is on fire, right? It is the technology everybody's after. So by being in demand, the skills needed, the people shortage is real and people are commanding very high, you know, salaries. And so it's hard to attract talent is the bottom line. And so using our software and our solution and our approach it allows people to scale their existing teams to preserve those precious human resources and that human capital. So that now you can take a team of seven people and manage let's say 3000 downstream stores. >> Yeah it's like the old SRE model for DevOps. >> Correct. >> It's not servers they're managing one to many. >> Yes. >> One to many clusters. >> Correct so you've got the cluster, the life cycle of the cluster. You already have the application life cycle with the classic DevOps. And now what we've built and added to the stack is going down one step further, clicking down if you will to managing the life cycle of the operating system. So you have the SUSE enterprise build chain, all the value, the goodness, compliance, security. Again, all of that comes with that build process. And now we're hooking that into a cloud native flow that ends up downstream in our customers. >> So what I'm hearing is your Edge strategy is not some kind of bespoke, "Hey, I'm going after Edge." It connects to the entire value chain. >> Yes, yeah it's a great point. We want to reuse the existing philosophies that are being used today. We don't want to create something net new, cause that's really the point in leverage that we get by having these teams, you know, do these things at scale. Another point I'm going to make here is that we've defined the Edge into three segments. One is the near Edge, which is the realm of the-- >> I was going to ask about this, great. >> The telecommunications companies. So those use cases and profiles look very different. They're almost data center lite, right? So you've had regional locations, central offices where they're standing up gear classic to you machines, right? So things you find from HPE, for example. And then once you get on the other side of the access device right? The cable modem, the router, whatever it is you get into what we call the far Edge. And this is where the majority of the use cases reside. This is where the diversity of use cases presents itself as well. >> Also security challenges. >> Security challenges. Yes and we can talk about that following in a moment. And then finally, if you look at that far Edge as a box, right? Think of it as a layer two domain, a network. Inside that location, on that network you'll have industrial IOT devices. Those devices are too small to run a full blown operating system such as Linux and Kubernetes in the stack but they do have software on them, right? So we need to be able to discover those devices and manage those devices and pull data from those devices and do it in a cloud native way. So that's what we called the tiny Edge. And I stole that name from the folks over at Microsoft. Kate and Edrick are are leading a project upstream called Akri, A-K-R-I, and we are very much heavily involved in Akri because it will discover the industrial IOT devices and plug those into a local Kubernetes cluster running at that location. >> And Home Depot would fit into the near edge is that correct? >> Yes. >> Yeah okay. >> So each Home Depot store, just to bring it home, is a far Edge location and they have over 2,600 of these locations. >> So far Edge? You would put far Edge? >> Keith: Far Edge yes. >> Far edge, okay. >> John: Near edge is like Metro. Think of Metro. >> And Teleco, communication, service providers MSOs, multi-service operators. Those guys are-- >> Near Edge. >> The near edge, yes. >> Don't you think, John's been asking all week about machine learning and AI, in that tiny Edge. We think there's going to be a lot of AI influencing. >> Keith: Oh absolutely. >> Real time. And it actually is going to need some kind of lighter weight you know, platform. How do you fit into that? >> So going on this, like this model I just described if you go back and look at the SUSECON 2022 demo keynote that I did, we actually on stage stood up that exact stack. So we had a single Intel nook running SLE Micro as we mentioned earlier, running K3s and we plugged into that device, a USB camera which was automatically detected and it loaded Akri and gave us a driver to plug it into a container. Now, to answer your question, that is the point in time where we bring in the ML and the AI, the inference and the pattern recognition, because that camera when you showed the SUSE plush doll, it actually recognized it and put a QR code up on the screen. So that's where it all comes together. So we tried to showcase that in a complete demo. >> Last week, I was here in Vegas for an event Amazon and AWS put on called re:Mars, machine learning, automation, robotics, and space. >> Okay. >> Kind of but basically for me was an industrial edge show. Cause The space is the ultimate like glam to edge is like, you're doing stuff in space that's pretty edgy so to speak, pun intended. But the industrial side of the Edge is going to, we think, accelerate with machine learning. >> Keith: Absolutely. >> And with these kinds of new portable I won't say flash compute or just like connected power sources software. The industrial is going to move really fast. We've been kind of in a snails pace at the Edge, in my opinion. What's your reaction to that? Do you think we're going to see a mass acceleration of growth at the Edge industrial, basically physical, the physical world. >> Yes, first I agree with your assessment okay, wholeheartedly, so much so that it's my strategy to go after the tiny Edge space and be a leader in the industrial IOT space from an open source perspective. So yes. So a few things to answer your question we do have K3s in space. We have a customer partner called Hypergiant where they've launched satellites with K3s running in space same model, that's a far Edge location, probably the farthest Edge location we have. >> John: Deep Edge, deep space. >> Here at HPE Discover, we have a business unit called SUSE RGS, Rancher Government Services, which focuses on the US government and DOD and IC, right? So little bit of the world that I used to work in my past career. Brandon Gulla the CTO of of that unit gave a great presentation about what we call the tactical Edge. And so the same technology that we're using on the commercial and the manufacturing side. >> Like the Jedi contract, the tactical military Edge I think. >> Yes so imagine some of these military grade industrial IOT devices in a disconnected environment. The same software stack and technology would apply to that use case as well. >> So basically the tactical Edge is life? We're humans, we're at the Edge? >> Or it's maintenance, right? So maybe it's pulling sensors from aircraft, Humvees, submarines and doing predictive analysis on the maintenance for those items, those assets. >> All these different Edges, they underscore the diversity that you were just talking Keith and we also see a new hardware architecture emerging, a lot of arm based stuff. Just take a look at what Tesla's doing at the tiny Edge. Keith Basil, thanks so much. >> Sure. >> For coming on theCube. >> John: Great to have you. >> Grateful to be here. >> Awesome story. Okay and thank you for watching. This is Dave Vellante for John Furrier. This is day three of HPE Discover 2022. You're watching theCube, the leader in enterprise and emerging tech coverage. We'll be right back. (upbeat music)

(upbeat music) >> Hi everybody, this is Dave Vellante. And welcome to this CUBE conversation where we welcome an ESG senior analyst, Bob Laliberte Bob, good to see you. >> Great to see you too. Thanks for having me >> Love it, I love to have the analyst sessions. Set it up. What's your scope, what's your area of expertise? >> So my coverage area right now is networking in its entirety. So that spans everything from enterprise networking, wired, wireless, campus, data center, et cetera. All the way up through telco and, in cloud networking. >> So how do you look at the landscape? One of the big things I think about a lot is how does the shift to cloud migration? How does that affect the existing, network layers? I mean, you got Cisco as the big whale and it's just, it's amazing to me. They still have whatever percent market share they have 60, 65% of the market. Are things, what's happening in the competitive landscape. How is cloud affecting that? >> That's a great question. I think the interesting piece is so many times organizations think about the network as plumbing. But the reality is the it's really important plumbing because as you talk about cloud and things get more distributed, well, guess what connects those distributed locations? It's the network. And so organizations as they've moved to the cloud you've seen a big shift with things like SD-WAN and so forth. How do I get more efficient connectivity up to that cloud? How do I not only enable able better connectivity between my data centers in the cloud, but now all my remote workers in the cloud. And so there's been a lot of big shifts going on that have driven the importance of having not only network, but secure networks. So like I said, cloud is one thing, and you're moving your applications there. But with the pandemic you saw the remote work. Think about the network administrators who we're managing, hey, I've got to control network connections between my data centers, a couple clouds and maybe dozens maybe a hundred remote branches. And now I'm connecting to 10,000 micro branches that I need to ensure that they can connect up to these applications and so forth. Hell of a lot more complex environment today than it used to be for these network teams. When we look at the, what we're seeing, how the networking providers are responding it's by driving comprehensive end-to-end solutions. So unifying, wired, wireless, and WAN. Driving efficiencies there. You're seeing even ThousandEyes for Cisco and things like that. Because they know the Internet's becoming more integral part of the corporate network. So being able to drive those types of things being able to, I think look at how to drive those operational efficiencies through AI and ML. So one of the big shifts we've seen in networking is the transition to cloud-based network management. And obviously that couple of things that helps with, first of all, the operations teams who are working remotely can more easily access it. But once all that data is up in the cloud, it creates a platform to be able to invest in AI/ML, and be able to drive intelligent alerting and even automation. And that's really what's needed because as the environments get more distributed and complex, you need to have that those operational efficiencies that automation, that intelligence to help them. >> How has remote work and hybrid work affected sort of network, spending priorities. Obviously when the pandemic hit you had to accommodate end points. And I always have this theory okay, when people come back to the office and I know it's going to be a different world but, the HQ probably needs some love as well. So has that been a tailwind for the industry? >> Absolutely, that's what we're seeing now. I think when the pandemic first hit, everyone said I've got to ramp up my VPNs. I've got to scale out my concentrators. I've got to add more firewalls in my data center. And then after a while, when they realized this was here to stay, they said, okay we just created that hub-and-spoke network that we just got rid of with SD-WAN. So what are the better solutions we can implement? So now you're seeing them not only implement better networking solutions for the remote workers. But reimagining what the campus looks like. Because it's not going to be ever 100% full or maybe it will, but how, for how many times a year will it be 100% full? So you've got to go from 80% cubes and 20% conference and collaboration areas, to 80% collaboration areas and 20% cubes. So we're seeing a lot of transition taking place in the campus environment as organizations are deploying newer technologies like Wi-Fi 6E. That have greater bandwidth to allow for those collaboration apps to run in those collaboration areas. Instead of just having the single wired conference room for video. Everyone's got to be able to run their video, voice and video collaboration apps. >> So how do you look at the landscape now? Again, you can't talk about networking without talking about Cisco. I think they, up there, I saw you and Zeus as talking about out, Cisco's quarter and other networking topics. Their long term guidance is for 60% growth for a company that size that's really outstanding. I mean, Cisco's, really has always been an execution machine of course. And it's a new era now under Chuck. There are more than ankle biters. If you look at Arista's doing pretty well there's guys like Extreme, there's others that are out there but nobody seemed to be able to unseat Cisco. What's happening in the landscape? >> I mean, that's a great question. Cisco's just been around for so long and been so big for so long. And you have to also keep in mind that with Cisco it's not just about the technology, but the fact from a if you think about it from a cultural standpoint these are workers who have been trained on Cisco since, some of them since high school. The educational component that Cisco has done has groomed generations of network technologists. So when they come into the market, they're fully familiar and used to Cisco. Plus they make a really good product and they've got products that cover everything. They cover the whole gambit. So they're still able to maintain their share. They're able to grow. They're able to move. They've made a shift last year. They announced in last spring that they were going to focus more on end-to-end. So instead of just having, hey, here's a point product, here's a point product. Here's a point product. Let's think about it in its entirety. Let's deliver a complete end-to-end solution solve bigger problems for customers, which obviously makes it much harder to remove when you're just trying to remove a piece of that single problem. But the other competitors are also having good years. And I think also the rising tide floats all boats. And so because of this distributed nature, the importance of the network, everyone is doing that. Plus obviously this has to be said, the supply chain issues where people are ordering ahead as well. But organizations, you look at Arista, they've gone from just being a data center company to expanding all the way down to the campus edge, wireless, right there creating an end-to-end environment Extreme did the same thing. They went out and made a lot of acquisitions. They pulled them all together, integrated. They're all moving to this cloud based end-to-end network management. Arista has been on a tear, bringing in a lot of, not only innovative technology, but innovative technologists. So if you look at some of the organizations they bought. I keep calling it Route 128, it's 128 Technologies. So sorry folks I live in Massachusetts. It's always been Route 128. >> You Remember when don't we. 128 Technology's Mist was their big. Mist was their, Mist was kind of like their VMware. VMware to EMC was Mist was to Juniper. And so we call it the Mistification of Juniper where every organization, every company they bring in they're rolling under that and this the AI engine. So they're bringing in 128 Technologies into that. They've got their own, their own stuff under that, their wired switches. So they've got this unified wired and wireless and WAN assurance now that they have. They've been gaining a lot of traction with that. And again, for the things we were talking about because it's far more distributed and complex. You need to have, It's not like people are getting replaced. It's not like, hey, we're leveraging this automation so that we can get rid of network teams. It's because it's getting so much more complex just to have the same number of people manage that more complex environment. We need those intelligence solutions. >> So I want to ask you about network and multi-cloud. And so it's kind of tongue in cheek because we coined this term super cloud. And so what we meant by that, so here's the premise. And I wonder you could give us your perspective. Multi-cloud, I've said many times is I think largely a symptom of multi-vendor I run in this, I run in AWS or, Azure, I've done the work to understand their primitives and or Google, whatever it is. But it's not like an abstraction layer that's floating above all those but now you're starting to see that. In fact, it re:Invent in November. The ecosystem it seemed like was everybody was focused on developing what we call these super clouds. And again, it's tongue in cheek, this abstraction layer it hides the underlying complexity of the primitives and the APIs adds incremental value on top of that. So there's a company Prosimo, which Steve Herrod, is invested in and others Praveen Akkiraju, whom I'm sure you know from Viptela. Aviatrix is another company that's sort of, Steve Malaney has come on theCUBE and talked about what they're doing. Like yeah, that's super cloud. It seems like it's something new and different than just multi-cloud which is kind of connecting in to different clouds. It's that value on top. What do you think about that? And what does that mean for networking? >> That's a really good point because we are starting to see the inception of organizations going beyond having multiple cloud providers and looking at starting to deploy applications across multiple clouds. It's still really early. The vast majority of organizations are still, I use this application for this cloud and this application for that cloud. But that's the next frontier. That's what they're trying to solve is how do I create this basically cloud fabric and make it as simple as possible. And again, all the things we've been talking about how do I, instead of you having to learn Amazon, Google, Azure networking technology, learn mine, I'll take care of it, but I'll abstract all that complexity from you and make it so much simpler to be able to connect to these interconnect, and connect to them in a seamless fashion. And so that's what they're really trying to do is they're. And the hard part is it takes really sophisticated solutions to remove that high level of complexity and make it simple for an organization to do that. So yeah, absolutely. >> If I had more time I'd make it shorter as somebody who writes a lot. And I think you're right. I think it is future. It's not definitely not here today, but the other thing is it ties into digital transformation. We used this again, throw that buzzword around but, companies not just tech company, I mean everybody's becoming like a tech company, but organizations, financial services companies, healthcare they're building their own clouds on top of the hyperscalers who spend $100 billion a year on CapEx. And that seems to be a trend that I think is going to take legs over this next decade. Just like in the previous decade everybody was thinking, okay, we're going to SaaSify our business softwares (indistinct) the world. And now it's software and cloud services are the way in which I'm going to create customer experiences. >> Correct, yeah. It's why should I go out and make an investment in technology when the technology's already there? And I can rent it for when I need it scale it as I need it and, and do all of that. I agree with that. I think that's something that we're seeing. The interesting part though is that when we look at our data points, probably let than 40% of the applications and workloads are in the cloud today. So there's still a role that the corporate data center plays. We are seeing over time. They expect that to progress and transition but I think there's still always going to be maybe a quarter of the workloads and applications may never leave. Depending on how they're built, et cetera. So there's always going to be that distributed environment where you've got workloads in the private data centers, workloads in multiple public clouds. And also, the big thing too is don't forget about the edge. We're seeing a lot more edge activity take place as organizations recognize, as they deploy more IOT devices, and want to get realtime business insights they've got to deploy the compute there. >> Well, and that's something that I wanted to ask you about, but going back to what you just said, which is, I agree with you. So that suggests to me, Bob that we're just kind of, with cloud just entering the steep part of the S curve. Amazon's headed toward $100 billion, run rate business. Maybe they probably won't get there this year but they will next year. We're entering that steep growth phase, really could be. It's incredible. But I wanted to ask you about the edge. Because you're right is we got to move compute to the edge, ARM is going to dominate. I would think, the edge. They already are with our smartphones. How do you see the cloud guys participating in the edge? Whether it was Andy Jassy, or now Adam Selipsky or anybody at Amazon. They have the dogma of in the fullness of time all workloads are going to be in the cloud. So they either have to change their definition of cloud. Or they're wrong. So what's your thought on that? >> I think it really starts coming down to what's your definition of edge. And so, much like when the cloud technologies first came about and you had all the shadow IT. Everyone running off, and everyone thought oh this is all great, until you realized you had to operationalize it and you had to pull the brakes. Stop doing that. We're going to make sure IT operations. >> Call the CIO up. Exactly, finding out where stuff was by going through accounting and seeing credit card charges. For the edge what we've seen I think is maybe organizations really saying I've got to deploy my servers in my own site. Right at that edge in order to get the lowest possible latency. And so what I think we're starting to see is organizations looking at that and saying, okay well I'm in a metro and I've got 25 locations in a metro. And I've deployed technology to every single one of those sites. Do I need it there? Or can I put it in an Equinix facility that's less than five milliseconds from all 25 sites? So I think there's starting to be this pragmatic approach of looking at let's look at the edge, let's take a look at what type of latencies. What is our definition of real time. When do we actually need the data and so forth? What kind of connectivity do we have? And then from there figure out how we go about connecting it. And so for companies like AWS and Google and Azure a lot of them there's local zones and things like that. They're deploying them in those colos because they don't have data centers in every metro but they can leverage an Equinix. They can leverage someone else's hardware that's there to deploy their software stack within that location. So I think that's something that we're starting to see more and more of as the edge. And obviously the association with the telcos as well. They've got a great footprint. If you want to get close to the edge with their colos Their home offices and things like that and whatnot. Their ability to move the compute closer to the edge, the base stations of the antennas and things like that, are certainly significant. And that's why you're seeing the wavelengths and things like that, programs like that. >> So I was going to close, but there some really interesting topics you just brought up. Call it whatever you going to call it near edge, far edge or deep edge. And you mentioned real time. Yeah. So for those Equinix data centers, I don't need, true real time. But for Tesla, I need real time. I need real time inference at the edge probably using a bunch of ARM cores and I can't go back to any cloud. How do you look at that? Both, I would think big markets. Do you have a sense as to, is one bigger than the other? Are they both just enormous or we don't even know yet. >> I'm not sure that we know yet. I think certainly, it's riding the tail of the IOTs. So the more sensors, the more things that are deployed the more that, that data businesses realize they can leverage that data to make real time business insights to drive either better experiences. And if you're in retail. So location based services and real time offer management it doesn't do any good to offer a coupon for something that you've, that's 40 yards behind you. That that's past, like you said with the cars there's, I've seen some studies recently. They say, well, based on the latency, if the command is to stop and you're at one millisecond, it stops within four inches. If you are at 50 milliseconds, it stops 10 feet later. That's a big difference. And I don't know if those numbers are right but you get the idea about the impact, what the real time impact is of. >> Margin is not huge. >> Exactly, so that's where organizations, I think first and foremost need to take a pragmatic approach to determine what is real time for us. What's our definition of it. And then that can lead them to where do I need to place this compute technology? And then that goes to how do I then connect to it? So for the Teslas and so forth, obviously you're going to want 5G connections if possible. Ultra low latency and not just any 5G. The good stuff, the millimeter bandwidth stuff that that's the ultra low latency. >> So let's wrap. So, what's going on in your research world obviously the big, big acquisition tech target they seem to be investing in ESG. You guys are really growing and hiring. That's awesome. Any research that you're working on? >> Yeah, there's a couple of couple of projects we have going on right now. We're wrapping up a four part distributed cloud research series. So we did it on distributed cloud infrastructure. Applications, observability. And now this last one is on the edge. Coincidentally. So we're working on that. We've got some new network modernization research that we've published. And we're going to be looking, from a networking perspective looking at end-to-end network modernization which will be coming out soon. >> Awesome, Bob, thanks so much for coming on theCUBE. I really would love to have you back and chat about some of those things. Observability hot space. God, I wish we had more time. >> Absolutely, appreciate it, thanks. >> And thank you for watching this CUBE conversation. This is Dave Vellante and we'll see you next time. (upbeat music)

(upbeat music) >> Good afternoon and welcome back to Las Vegas. You're watching theCUBE's coverage of AWS 2021. My name is Dave Vellante. theCUBE goes out to the events. We extract the signal from the noise. Very few physical events this year doing a lot of hybrid stuff. It's great to be back in hybrid event... Physical event land, 25,000 people here. Probably a little few more registered than that. And then on the periphery, got to be another at least 10,000 people that came in, flew in and out, see what's happening. A bunch of VCs, checking things out, a few parties last night and so forth. A lot of action here. It's like re:Invent is back. Matt Coulter is here. He's a technical architect at Liberty Mutual. Matt, thanks for flying in from Belfast. Good to see ya. >> Dave, and thanks for having me today. >> Pleasure. So what's your role as a technical architect? Maybe describe that, we'll get into a little bit. >> Yeah so I am here to empower and enable our developers across the globe to rapidly deliver business value and solve problems for our customers in a well-architected way that doesn't introduce problems or risks, you know, later down the line. So instead of thinking of me as someone who directly every day, build software, I try to create the environment where other people can rapidly build software. >> That's, you know, it's interesting. because you're a developer, right? You can use like, "Hey I code." That's what normally you would say but you're actually creating frameworks and business model so that others can learn, teach them how to fish, so we speak. >> Yeah because I can only scale, there's a certain amount. Whereas if I can teach, there's 5,000 people in Liberty Mutual's tech organization. So if I can teach the 5,000 to be 5% better, it's way more than me even if I 10Xed >> When did you first touch the Cloud? >> Personally, it would have been four/five years ago. That's when I started in the Cloud. >> What was that experience like for you? >> Oh, it was hard. It was very different to anything that we'd done in the past. So it's because you... Traditionally, you would have just written your small piece of code. You would have had a big application that was out there, it had been out there maybe 20 years, it was deployed, and you were just adding a couple of lines. Whereas when you start putting stuff into the Cloud, it's out there. It's on the internet for anyone there to try and hack or try to get into. It was a bit overwhelming the amount that you needed to learn. So it was- >> Was it worth it? >> Oh yeah. Completely. (laughing) So that's the thing, that I would never go back to the way we did things before. And that's why I'm so passionate, enthusiastic about the stuff I've been doing. Because to me, the amount of benefits you can get, like now we can deliver thing. We have teams going out there and doing discovery and framing with the business. And they're pushing well-architected products three days later into production. That was unheard of before, you know, this year. >> Yeah. So you were part of Werner's keynote this morning. Of course that's always one of the keynotes that's most anticipated at re:Invent. It's on the sort of last day. He's awesome. This is you know, 10th year of re:Invent. He sort of did a look back. He started out (chuckles) he's just a cool guy and very passionate. But talk about what your role was in the keynote. >> Yeah so I had a section towards the end of the keynote, and I was to talk about Liberty Mutual's serverless first journey. I actually went through from 2014 through to the current day of all the major Cloud milestones that we've hit. And I talked through some of the impact it's had on our business and the impact it's had on our developers. And yeah it's just been this incredible journey where as I said, it was hard at the start. So we had to spark this culture within our company that we were going to empower and enable our developers and we were going to get them excited about doing this. And that's why we needed to make it safe. So there was a lot of work went down at the start to make the Cloud safe for our developers to experiment. And then the past two years have been known that it's safe, okay? Let's see what it can do. Let's go. >> Yeah so Liberty Mutual has been around many many years, Boston-based, you know, East Coast-based, my home city. I don't live in Boston but I consider it my city. And so talk about your business a little bit because you're an established company. I don't know, probably a hundred years old, right? Any all other newbies nipping at your business, right? Coming in with low-cost products. Maybe not bringing as much protection as you dig into it. But regardless, you've got to compete with them technically. So what are some of the drivers in your business and how are you using the Cloud to sort of defend your turf and grow? >> Yeah so first of all, we're 109 years old. (laughing) Yeah. So absolutely, there's an entire insurtech market of people here gunning for the big Liberty Mutual because we've been here for so long. And our whole thing is we're focused on our customers. So we want to be there for people in their time of need. Because at a point in time whenever you need insurance, typically something is going wrong. And that's why we're building innovative solutions like a serverless call center we built, that after natural disaster, it can automatically process claims in less than four minutes. So instead of having to wait on hold for maybe an hour, you can just text or pick up the phone, and four minutes later your claims are through. And that's we're using technology always focused on the customer. >> That's unbelievable. Think about that experience, to me. I mean I've filed claims before and it's, it's kind of time consuming. And you're saying you've compressed that to minutes? Days, weeks, you know, and now you've compressed that to minutes? >> Yeah. >> Tell us more about how you did that. >> And that's because it's a fully serverless solution that was built. So it doesn't require like people to scale. It can scale to whatever number of our customers need to make a claim at that point because that would typically be the bottleneck if there's some kind of natural disaster. So that means that if something happens we can just switch it on. And customers can choose not to use it. You can always choose to say I want to speak to a person. But now with this technology, we can just make it easy and just go. Everything, all the information we know in the back end, we just use it and actually make things better for you. >> You're talking about the impact that it had on your business and developers. So how do you quantify that? Maybe start with the business. Maybe share some ways in which you look at that measure. >> Yeah, so I mean, in terms of how we measure the impact of the Cloud on our business, we're always looking at our profitability and we're always looking, as I say, at our customers. And ideally, I want our Cloud bill to go down as our number of customers goes up because that's why we're using the serverless fast mindset, we call it. We don't want to build anything we don't have to build. We want to take the best that's out there and just piece it together and produce these products for our customers. So yeah, that's having an impact on our business because now developers aren't spending weeks, months, years doing all this configuration. And they can actually sit down with the business and understand how we write insurance. So now we can start being innovative with our products and talking about the real business instead of everything else. >> When you say you want your Cloud bill to go down, you know, it reminds me like in the old days of IT budgeting, right? It was always slash, do more with less cut, cut, cut, right? And it was kind of going in cycles. But with the Cloud a lot of customers that I talk to, they were like, might be going down as a percentage of revenues but actually it might be going up as you launch more projects because they're driving revenue. There's a tighter tie between revenue and Cloud bill. How do you look at that? >> Yeah. So I mean, with every project, you have to look at the worth-based development often and whether or not it's going to hold this away in the market. And the key thing is with the serverless products that are being released now, they cost pennies if they're low scale. So you can actually launch a new product into the market and it maybe only cost you $20 to see if that thing would fit in the market. So by the time you're getting into the big bills you know whether or not you've got a market fit and you can decide whether you want to pivot. >> Oh wow. So you you've compressed, that's another business metric. You've compressed the time to get certainty around product market fit, right? Which is huge because you really can't go to market until you have product market fit (laughing) >> Exactly. You have to be. Thoroughly understand if it's going to work. >> Right because if you go to the market and you've got 50% churn. (laughing) Well, you don't want to be worried about the go-to market. You got to get back to the product so you can test that and you can generate. >> So that's why, yeah, As I said, we have developers who can go out and do discovery and framing on a potential product and deliver it three days later which (chuckles) >> How has the Cloud effected developer satisfaction or passion? I guess it's... I mean we're in AWS Cloud. Our developers, we tell them "Okay, you got to go back on-prem." They would say, "I quit." (laughing) How has it affected their lives? >> Yeah it's completely there for them, it's way better. So now we have way more ownership over any, you know, of everything we ever did. So it feels like you're truly a part of Liberty Mutual and you're solving Liberty's problems now. Because it's not a case of like, "Okay, let's put in a request to stand up a server, it's going to take six months. And then let's do some big long acquisition." It's a case of like, "Let's actually get done into the nitty gritty of what we going to build." And that's- >> How do you use the Cloud developer kit? Maybe you could talk about that. I mean, explain what it is. It's a framework. But explain from your perspective. >> Yeah so the Cloud typically, it started off, and lot of it was done by Cloud infrastructure engineers who created these big YAML files. That's how they defined all the stuff that's going to be deployed. But that's not typically the development language that most developers use. The CDK is in like Java, TypeScript, .NET, Python. The language is developers ready known love. And it means that they can use everything they already know from all of their previous development experience and bring it to the Cloud. And you see some benefits like, you get, I talked about this morning, a 1500 line YAML file was reduced to 14 lines of TypeScript. And that's what we're talking about with the cognitive difference for a developer using CDK versus anything else. >> Cognitive abstraction, >> Right? >> Yeah. And so it just simplifies your living and you spend more time doing cool stuff. >> Yeah we can write an abstraction for our specific needs once. And then everybody can use that abstraction. And if we want to make a change and make it better, everyone benefits instead of everybody doing the same thing all the time. >> So for people who are unfamiliar, what do you need? You need an AWS account, obviously. You got to get a command-line interface, I would imagine. maybe some Node.js often running, or is it- >> Yeah. So that's it. You need an AWS account, and then you need to install CDK, which is from Node Package Manager. And then from there, it depends on which way you want to start. You could use my project CDK patterns, has a whole ray of working patterns that you can clone among commands. You just have to type, like one command you've got a pattern, and then CDK deploy. And you'll have something working. >> Okay so what do you do day-to-day? You sort of, you evangelize folks to come in and get trained? Is there just like a backlog of people that want your time? How do you manage that? >> So I try to be the place that I'm needed the most based on impact of the business. And that's why I try to go in. Liberty split up into different areas and I try to go into those areas, understand where they are versus where they need to be. And then if I can do that across everywhere, you can see the common thesis. And then I can see where I can have the most impact across the board instead of focusing on one micro place. So there's a variety of tools and techniques that I would do, you know, to go through that but that's the crux of it. >> So you look at your business across the portfolio, so you have portfolio view. And then you do a gap analysis essentially, say "Okay, where can I approach this framework and technology from a developer standpoint, add value? >> Yeah like I could go into every single team with every single project, draw it all out and like, what we call Wardley map, and then you can draw a line and then say "Everything blue in this line is undifferentiated, heavy-lifted. I want you to migrate that. And here's how you're going to do it I've already built the tools for that." And that's how we can drive those conversations. >> So, you know, it's funny, I spent a lot of time in the insurance business not in the business but consulting with heads of application development and looking at portfolios. And you know, they did their thing. But you know, a lot of people sort of question, "Can developers in an insurance company actually become cool Cloud native developers?" You're doing it, right? So that's going to be an amazing transformation for your colleagues and your industry. And it's happening as we look around here (indistinct) >> And that's the thing, in Liberty I'm not the only one. So there's Tommy Gloklin, he's an AWS hero, and there's Diali Mikan, who's an AWS hero. And Diali is in Workgrid but we're still all the same family. >> So what does it mean to be an AWS hero? >> Yeah so this is something that AWS has to offer you to join. So basically, it's about impacting the community. It's not... There's not like a checklist of items you can go through and you're hero. It's you have to be nominated internally through AWS, and then you have to have the right intentions. And yeah, just follow through. >> Dave: That's awesome. Yeah so our producer, Lynette, is looking for an Irish limerick. You know, every, say I'm half Irish is through my marriage. Dad, you didn't know that, did you? And every year we have a St Patrick's Day party and my daughter comes up with limericks. So I don't know, if you have one that you want to share. If you don't, that's fine. >> I have no limericks for now. I'm so sorry. (laughing) >> There once was a producer from, where are you from? (laughing) So where do you want to take this, Matt? What's your future look like with this program? >> So right now, today, I actually launched a book called the CDK book. >> Dave: Really? Awesome. >> Yeah So me and three other heroes got together and put everything we know about CDK and distilled it into one book. But the... I mean there's two sides, there's inside Liberty. The goal as I've mentioned is to get our developers to the point that they're talking about real insurance problems rather than tech. And then outside Liberty in the community the goal is things like CDK Day, which is a global conference that I created and run. And I want to just grow those farther and farther throughout the world so that eventually we can start learning you know, cross business, cross market, cross the main instead of just internally one company. >> It's impressive how tuned in you are to the business. Do you feel like the Cloud almost forces that alignment? >> It does. It definitely does. Because when you move quickly, you need to understand what you're doing. You can't bluff almost, you know. Like everything you're building you're demonstrating that every two weeks or faster. So you need to know the business to do it. >> Well, Matt, congratulations on all the great work that you've done and the keynote this morning. You know, true tech hero. We really appreciate your time coming in theCUBE. >> Thank you, Dave, for having me. >> Our pleasure. And thank you for watching. This is Dave Vellante for theCUBE at AWS re:Invent. We are the leader global tech coverage. We'll be right back. (light upbeat music)

>>Yeah, yeah. Okay. Welcome back, everyone to the cubes. Coverage of reinvent 20 twenty-one Jon, your host of the Cube. We're here. Live in person for a real event. It's a hybrid event is a live stream of action to cube sets here, wall to wall coverage dot com. And, of course, you don't need to check the coverage out. And Amazon has got their own live event site. Go check out all the action. Stewart, See two of Micro Focus, the company That was part of the big announcement involving the mainframe modernization that Adam announced on stage and his first keynote CEO. And under the covers Micro Focus powering a lot of that functionality. Stuart, thanks for coming on. The break it down with >>Thanks. >>So what does the announcement? I mean that that Adam gave the i b. M. I mean the mainframe announcement that I've known for the main frame, but he had the mainframe modernization program. What's that all about? >>I think I'd like to think of this is the next evolution of the main frame for those customers that have been running on the main thing for 40 years. They had their business on it. Where do they go next? What does the future? What does the future hold? And this is all part of the announcement yesterday is this is the journey that many, many customers are going to decide to go on. >>So it's all about the relationship between A. W S and micro Focus. Obviously, Um, yeah. I was talking about migration for the Oracle, and a lot of our customers have these main friends that are in the classic data centers. And he told me personally when I interviewed him that the main part of that data center mindset that people are chipping away at now they want to move them out and keep some functionality, but for the most part, migrated out eventually. Yeah, This is where you guys are involved. Take us through why that's important. >>I think it's the next level of agility that it is actually delivered for many customers. They need to move a hell of a lot faster than they currently are. Let's face it, the world is changing at pace. The applications support these customers need to also a change of pace. What a W s does give this market and momentum which is, Where do we go next? Where do we take customers where workloads have been running the business? Where? How are they going to run the business in five years time? How they're gonna run their business in 10. >>Well, congratulations on microphone. Big part of the announcement. Specifically explained to me, Micro focuses role in the announcement with a W S. What's the relationship? >>I think they're too old to call it out. Actually, we've been working with A W S for many, many years. This isn't something that radically new. We've been engaging with them for literally 10 years, at least. But the key elements Microphone provides technology That's an enabler to facilitate delivering the service as well as the competency partner to help customers actually accelerate their journey to take advantage of it. >>So we're bundling micro focus into that capability. Is it software that you guys have? What's going on the covers? >>I think it's software. It's capability. It's expertise. It's everything that a customer might need to help and be successful. Our job is to a W S H A W s job to make sure the customer is absolutely satisfied. >>Give me an example of a customer mainframe. I'm a bank. I've been using the main frame and just squeaked Time to get my back up before I turned the light in the morning. It's just working. It's coming. It's pumping it all cylinders, my cobalt program or just quit. What do I do? How do you help me? >>Well, I think there are two reasons why you can give us a call Is number one? Yeah, You need to move your business of pace. So what's going to run your business going forward? So you need to understand your applications. Number two, the cost profile of your existing infrastructure is going to be incredibly expensive. So what you wanna do is essentially make the change accelerate the change delivered at a much lower cost. >>So it looks like the application. So the software Okay, what's the app? And then create a replica of digital twin? I'm just trying to visualized. Now I see what you mean. What happens because, I mean, you know what? That is A big deal with that animal for a long time. What happens next is a container eyes. That application, >>the customer determines how far they want to go if they would like the application to run in the cloud exactly as is so it supports their customers exactly as they expect today. We can do that. On the other hand, if they need to enhance the experience for their customers if they need to take it into a completely different environment. If they do want to contain, arise if they want to take it into new levels of service. If they do want to leverage artificial intelligence and machine learning, then again they can determine the journey. Micro focus is that essentially support them. Do that first step, which is get the applications ready to be delivered into cloud as fast as possible. >>Congratulations. Relationship. I guess I've got to ask you a question. Which on my mind is that Okay? It's the death of the mainframe. Long live the mainframe. You know the expression, uh, mainframe dying. I'm gonna hang around for a while. The dinosaurs are out there. >>I think it is. We like to position there is an evolution. We don't think the main friends gonna die. There will be customers who want to stay there, and we respect their choices. But on the other hand, this is a way to truly accelerate the future of mainstream applications. >>You know, student, I talked to a lot of success and C E O. S. And they tell me the same thing when they moved into the cloud. White hardcore is pretty much the main or critical laps to get the edges first moved into the cloud. And then they come and they start chipping away at the main, the main core and then slowly move it out because they don't want to get in there and disrupt so disruptions. A huge concerns. How does this new, um, modernization Tranz, uh, migration program for the mainframe ensure that disruption doesn't happen? What? I'm sure that's on their mind >>as well. I think what you're describing is what's the cut over when you're running on the main street today? You wanna run on the main from tomorrow, You know, if that's the case, or do you want to run the main from today and you want to run the cloud tomorrow? Essentially, the cut over is the same. The process is fairly separate from the mainframe itself. You obviously bringing applications off. We're getting them ready to go tested, you know, regulated. So it's been approved securities all in place, and then essentially, it's literally a switch cut. We literally have customers that turn off the main frame and, you know, they're already running in the cloud, and then we don't even have some that photographs of them shipping mainframe out the door. >>So I've got to ask, Is there a party at that point? You know, some people do >>that. It's certainly true. Remember that people are also going along for this journey, and they're not, You know, it's a big moment for them. >>You know, I hate the sound of today's my birthday. So I have to say this, Um, I remember when I was breaking into the business in my twenties. I never I never program punch cards, But remember pointing at the mainstream guys are seeing those old relics. I guess that's what I would be today. But the young guns coming into the industry, they want containers. They want micro services. They want cloud and see what's going on here. I mean, some really cool stuff happening. >>Uh, they want to take advantage of all the stuff that is there and every single announcement has been made today and yesterday on the days ahead. All of those great capabilities if you can get them into the core of your business. And so the key is to actually take us running your business today, enhance it and improve it and take it forward. I >>think I think the key points great insight on your part about this cut over because people know what that means. It's a project plan. Cut it over, get set up. And I think that's the hard part. How hard is that? On the cloud side, In terms of staging, can you share some timetables with me? Just kind of Give me a feel for order of magnitude Mainframe. Assuming, pumping it snap I'm using. I really can't shut it down, but I want to put it on. How much time to prepare to get into the cloud? Um, roughly just order of magnitude. Most >>customers, they tend to face these things they're not trying to. If you're a really big bank, you are not gonna do that overnight. That isn't gonna come as a surprise. But what we're gonna do is we're gonna take it in chunks and typically 12 to 15 months, which is the biggest step of the journey, which is going from mainframe to cloud. The next generation is going to be modernizing those applications, and it's going to be much short timeframes. Then you're getting into months, weeks, days >>after that. Is there any category that you see that are more susceptible to migration? You mentioned banks. I know some banks that they will never going to touch the mainstream because it's just so critical that the migration longer is there. Other areas of your insurance is a big market mainframe. Is the verticals that kind of like a more converting than others? >>Well, yes. But actually, I take it back. One of the reasons are these applications absolutely critical to these businesses. If they are, that's the reason why they're still running where they are, because they're really truly valuable. They are the business, so you're you're taking the business into new framework. So in that context actually tends to be financial services insurance, as you say, but also government, For example, the federal government, state and local as well as you move into retail. And it's surprising how often as you go into some of the other verticals where some of these mainframe applications are still existing. >>I hate to ask a question, because I don't know. So I want to ask, Um, and you can see it's a dumb question. If you think it is. Just tell me, Are there still cobalt programmers out there? >>There are to be clear. Actually, it's not a problem. You can train a new guy and literally weeks. If the issue is, yeah, actually use the mainstream itself, the mainstream experience about how it works as getting rarer. And so the key element is, how can how can you take the new young guns, give them, give them the application and see what they can do? This is a mechanism to do that. >>Great, Great announcement. Congratulations. I was really impressed at the moment. I'm actually surprised to see Adam kind of focus on that. But again, in the spirit of the traditional, uh, reinvent jazzy before Adam and he did the same thing with Oracle and all the other kind of big the legacy old guard they call them Technologies maintains one. You guys are part of that. So congratulations. Final word. Your take on the event so far. What's been the feedback on the announcement? Share some color commentary on what the feedback for you guys >>were. Actually, since the announcement, we've had some great customer conversations. I mean, there are a lot of businesses that really do want to make this change. We're kind of there to help them. And that's really the next step, which is what needs to happen to make that a reality. >>Amazon may not like me saying it, but I think there's some cases where you keep them in there and you don't touch. It works there. You keep it unless you wanna move. But if you want to move it, people, sometimes we want to move faster. And just there >>even a W s respects customer choice. The purpose is to meet the demand for the customer. And if the customer to sounds great, if they want to move off, we're there to help >>with the mainframe. Long live the main friends. The Cube coverage here in Las Vegas. I'm John. I love the mainframe Thirty-seven terminal. When I worked at the back in the eighties getting myself, um, thanks for coming in. And I appreciate it. Okay. Coverage here in Las Vegas. The Cube. You're watching the leader in global tech event coverage? I'm your host. Thanks for watching. Yeah, Yeah, yeah, yeah, yeah. Uh, mhm, yeah.

(upbeat music) >> Welcome back to theCUBE's coverage of AWS re:Invent 2021. I'm John Furrier, host of theCUBE. You're watching CUBE's worldwide leader in tech coverage. We're in person on the show floor. It's also a hybrid event, online as well. CUBE coverage online with Amazon re:Invent site. Great content all around, amazing announcements, transformation in all areas are exploding and in innovation, of course, we have innovation here with Sandy Carter, the worldwide public sector vice-president of partners and programs for Amazon Web Services. Sandy, welcome back, CUBE alumni. Great to see you. Thanks for coming on theCUBE. >> Great to see you and great to see you in person again. It's so exciting. The energy level, oh my God. >> Oh my God. It's so much. Thanks, great keynote. Good to see you again in person. A lot of action, give us the top announcements. What's going on? What are the top 10 AWS announcements? >> Yeah, so we, this year for 2022, as we frame it out, we decided on a 3D strategy, a three-dimensional strategy. So we started with destination then data and then delivery. So if I could do them in that order, does that sound good? >> Yeah. Destination. >> So let's start with destination. So I got this from one of the customers and he said to me, "look, Sandy, I thought it was all going to be about getting to the cloud. But when I got to the cloud, I realized it wasn't about just in the cloud, it was about what you do in the cloud." And so we made some announcements this morning, especially around migration, modernization, and optimization. So for migration, we have the mainframe announcement that Adam made, and then we also echoed it. Cause most of the mainframes today sit in public sector. So this is a managed service, it's working with Micro Focus, one of our partners. And Lockheed Martin one of our partners is one of the first into the mainframe migration, which is a service and services to help customers transform their business with the mainframe. And then as we compliment them, we look at that we also have modernization occurring. So for example, IoT. IDC tells us that IoT and that data has increased four times since COVID because now devices and sensors are tracking a lot of data. So we made an announcement around smart cities and we now have badging for our partners. We have 18 partners solutions now in smart cities. So working backwards from the partners they were talking about given now COVID is kind of in the midst of where it is smart cities and making those cities work better in public transportation and utility, it's just all where it's at. And then the final announcement in that category is containers. So 60% of our customers said that they're going to be using containers. So we announced a Rapid Adoption Assistance program for our partners to be able to help our customers move to containers overall. >> So mainframe migration, I saw that on stage, but Micro Focus, that was a good job. Get that legacy out of the way, move to the cloud. You've got smart cities, which is basically IoT, which brings cloud to the edge. And then containerization for the cloud native, either development or compatibility, interoperability kind of sets that table. That's the destination. >> That's right. That's right. Because all of those things, you know, you've got to get the mainframe to the cloud, but then it's about modernizing, right? Getting rid of all that COBOL code and then, you know, IoT and then making sure that you are ready to go with containers. It's the newest- >> So you've got the 3D, destination, data and delivery. >> That's right. >> Okay. Destination, check. Cloud. Cloud destination. >> Yeah. >> I'm putting dots together in real time. >> Destination cloud. There you go. You've got it. >> I'm still with it after all these interviews. >> Yeah, there you go. >> Data, I'll say killer Swami's onstage today, whole new data, multiple databases. What's the data focus in this area? >> So for our partners, first it's about getting the data to the cloud, which means that we need a way to really migrate it. So we announced an initiative to help get that data to the cloud. We had a set of partners that came on with us early on in this initiative to move that data to the cloud, it's called a Rapid Adoption Assistance, which helps you envision where you want to go with your data. Do you want to put it in a data lake? Do you want data stored as it is? What do you want to visualize? What do you want to do with analytics? So envision that and then get enablement. So all the new announcements, all the new services get enablement and then to pilot it. And then the second announcement in this area is a set of private offers in the marketplace. Our customers told us that they love to go after data, but that there's too many pieces and moving parts. So they need the assessment bundled with the managed service and everything bundled together so it's a solution for them. So those were our two announcements in the data area. >> So take me through the private marketplace thing, because this came up when I was talking with Stephen Orban who's now running the marketplace. What does that mean? So you're saying that this private offer is being enabling the suppliers and in government? >> Yeah. So available in the marketplace, a lot of our government agencies can buy from the marketplace. So if they have a contract, they can come and buy. But instead of having to go and say, okay, here's an assessment to tell me what I should do, now here's the offering, and now here's the managed service, they want it bundled together. So we have a set of offerings that have that bundled together today with the set of our great public sector partners. >> So tons of data action, where's the delivery fit in? >> So delivery. This one is very interesting because our customers are telling us that they no longer want just technology skills, they also need industry skills too. So they're looking for that total package. For example, you know, the state of New Jersey when hurricane Ida hit, category four storm, they wanted someone who obviously could leverage all the data, but they wanted someone who understood disaster response. And so Maxar fits that bill. They have that industry specialty along with the technology specialty. And so for our announcements here, we announced a new competency, which is an industry competency for energy. So think about renewables and sustainability and low carbon. These are the partners that do that. We have 32 different partners who met the needs of that energy competency. So we were able to GA that here today. The other really exciting announcement that we made was for small businesses to get extra training, it's called Think Big for Small Business communities. So we announced last year virtually, Think Big for Small Business. We now have about 200 companies who are part of that program, really getting extra help as diverse companies. Women owned, black owned, brown owned, veteran owned businesses, right? But now what they told us was in addition to the AWS help, what they loved is how we connected them together and we almost just stumbled upon it. I was hosting some meetings and I had Tia from Bellflower, I had Lisa from DLZP together and they got a lot of value just being connected. And we kept hearing that over and over and over again. So now we've programmatized that so it's more scalable than me introducing people to each other. We now have a program to introduce those small business leaders to each other. And then the last one that we announced is our AWS government competency is now the largest competency at AWS. So the government competency, which is pretty powerful. So now we're going to do a focus enhancement for federal. So all of our federal partners with all that opportunity can now take advantage of some private advisory council, some additional training that will go on there, additional go-to market support that they can use to help them. >> Okay. I feel like my brain is going to explode. Those are just the announcements here. There's a lot going. >> Yeah. There's a lot going on. >> I mean it's so much you've got to put them into buckets. Okay. What's the rationale around 3D? Delivery, data... I mean, destination, delivery, data. Destination, meaning cloud. Data, meeting data. And delivery meaning just new ways to get up and running- >> Skills. >> To get this delivery for the services. >> Yep. >> Okay. So is there a pattern emerging? What can you say? Cause remember we talked about this before a year ago, as well as in person at your public sector summit with your partners. Is there a pattern emerging that you're seeing here? Cause lots of the announcements are coming, done with the mainframes. Connect on your watch has been a big explosion. Adam Slansky told me personally, it's on fire. And public sector, we saw a lot of that. >> Well, in fact, you know, if you look at public sector, three factoids that we shared this morning in the keynote. Our public sector partners grew 54% this year, this is after last year we grew 45%. They grew the number of certifications that they had by 40% and the number of new customers by 32%. I mean, those are unreal numbers. Last year we did 28% new customers and we thought that was the cat's meow, now we're at 32%. So our partners are just exploding in this public sector space right now. >> It's almost as if they have an advantage because they dragged their feet for so long. >> It's true. It's true. COVID accelerated their movement to the cloud. >> A lot of slow moving verticals because of the legacy and whether it's regulation or government funding or skills- >> Or mainframes. >> All had to basically move fast, they had no excuses. And then the cloud kind of changes everyone's mindset. How about the culture? I want to ask you about the culture in the public sector, because this is coming up a lot. Again, a lot of your customers that I'm interviewing all talk... and I try to get them to talk about horizontally scalable and machine learning, and they're always, no, it's culture. >> Yeah. It's true. >> Culture is the number one thing. >> It is true. You know, culture eats strategy for lunch. So even if you have a great strategy around the cloud, if you don't have that right culture, you won't win in the marketplace. So we are seeing this a lot. In fact, one of our most popular programs is PTP, Partner Transformation Program. And it lays out a hundred day program on cloud best practices. And guess what's the number one topic? Culture. Culture, governance, technology, all of those things are so important right now. And I think because, you know, a lot of the agencies and governments and countries, they had moved to the cloud now that they're in the cloud, they went through that pain during COVID, now they're seeing all the impact of artificial intelligence and containers and blockchain and all of that, right? It's just crazy. >> That's a great insight. And I'll add to that because I think one of the things I've observed, especially with your partners is the fear of getting eliminated by technology or the fear of having a job change or fear of change in general went away once they started using it because they saw the criticality of the cloud and how it impacted their job, but then what it offered them as new opportunities. In fact, it actually increases more areas to innovate on and do more, whether it's job advancement or cross training or lateral moves, promotion, that's a huge retention piece. >> It really is. And I will tell you that the movement to the cloud enabled people to see it wasn't as scary as they thought it was going to be, and that they could still leverage a lot of the skills that they had and learn new ones. So I think it is. And this is one of the reasons why, I was just talking with Maureen launching that 29 million training program for the cloud, that really touches public sector because there is so many agencies, countries, governments that need to have that training. >> You're talking about Maureen Lonergan, she does the training. She's been working on that for years. >> Yeah. >> That's the only getting better and better. >> Yeah. >> Well Sandy, I've got to ask you, since you have a few minutes left, I want to ask you about your journey. >> Yeah. >> We've interviewed you going back a long time look where we are now. >> I know. It's incredible. >> Look at these two sets going on at CUBE. >> You've been an incredible voice on theCUBE. We really appreciate having you on because you're innovative. You're always moving like a shark. You can't sit still. You're always innovating. Still going on, you had the great women's luncheon from 20 to 200. >> Yeah, we grew. So we started out with 20 people back five years ago and now we had about 200 women and it was incredible because we do different topics. Our topic was around empathy and empathetic leadership. And you know how you can really leverage that today, back with the skills and your people. You know, given that Amazon just announced our new leadership principle about wanting to be the Earth's most employee centric company. It fits right in, empathetic leadership. And we had amazing women at that luncheon that told some great stories about empathy that I think will live in our hearts forever. >> And the other thing I want to point out, we had some of the guests on sitting on theCUBE. We had Linda Jojo from United airlines. >> Oh yeah. >> And a little factoid, yesterday in the keynote, 50% of the speakers were women. >> I know. The first time I did a blog post on it, like we had two amazing women in STEM and we had, you know, the black pilot that was highlighted. So it's showing more diversity. So I was just so excited. Thank you Adam, for doing that because I think that was an amazing, amazing focus here at the conference. >> I wanted to bring up a point. I had a note here to bring up to you. Public sector, you guys doubled the number of partners, large migrations this year. That's a big statoid. You've had 575,000 individuals hold active certifications. Okay. That grew 40% from August 2021, clearly a pandemic impact. A lot of people jumping back in getting their certs, migrating so if they're not... They're in between transitions where they have a tailwind or a headwind, whether you're United Airlines or whether you're Zoom, you got some companies were benefiting from the pandemic and some were retooling. That's something that we talked about actually at the beginning. >> That's right. Absolutely. And I do think that those certifications also demonstrate that customers have raised the bar on what they expect from a partner. It's no longer just like that technology input, it's also that industry side. And so you see the number of certifications going up because customers are demanding higher skill level. And by the way, for the partners we conducted a study with ESG and ESG said that more skilled partners, you drive more margin, profit margin, 42% more profit margin for a higher skilled partner. And we're seeing that really come to fruition with some of these really intense focus on getting more certifications and more training. >> I want to get your thoughts on the healthcare and life science. I just got a note here that tells me that the vertical is one of the fastest growing verticals with 105% year on year growth. Healthcare and life sciences, another important... Again, a lot of legacy, a lot of old silos, forced to expand and innovate with the pandemic growing. >> Yes. You know, government is our largest segment today, our largest competency. Healthcare is our fastest growing segment. So we have a big focus there. And like you said, it's not just around, you know, seeing things stay the same. It's about digital transformation. It's one of the reasons we're also seeing such an increase in our authority to operate program both on the government side and the healthcare side. So we do, you know, FedRAMP and IL5. We had six companies that got IL5, five of them in 2021, which is an amazing achievement. And then, you know, if you think about the healthcare side, our fastest growing compliance is HIPAA and HITRUST. And that ATO program really brings best practices and templates and stronger go to market for those partners too. >> Yeah. I mean, I think it's opportunity recognition and then capture during the pandemic with the cloud. More agility, more speed. >> That's right. >> Sandy, always great to have you on. In the last couple of seconds we have left, summarize the top 10 announcements in a bumper sticker. If you had to kind of put that bumper sticker on the car as it drives away from re:Invent this year, what's on that bumper sticker? What's it say? >> Partners that focus on destination, data and delivery will grow faster and add more value to their customers. >> There it is. The three dimension, DDD. Delivery... Destination, data and delivery. >> There you go. >> Here on theCUBE, bringing you all the data live on the ground here, CUBE studios, two sets wall-to-wall coverage. You're watching theCUBE, the leader in global tech coverage. I'm John Furrier your host. Thanks for watching. (soft techno music)

(upbeat music) >> Okay, welcome back everyone to theCUBE's coverage of AWS re:Invent 2021. We're here live in Las Vegas for an in-person event. Of course, it's a hybrid event, virtual online. Many people online. A lot of people here on the event, a lot of action. cloud going next generation, mainframe transformation, more analytics, more chips, everything's faster and cheaper and getting better and better in the cloud. We've got the great coverage. We've got two great guests. We got Justin Hooper vice president of Global Operations Infrastructure Ingram Micro and JP Perot, EVP of Telecom Media and Technology and AWS executive sponsor for Atos. Gentlemen, thank you for joining me on theCUBE. >> Thank you. >> Thank you, glad to be here. >> So what is it about the conference so far? Pretty good, like a lot of people here? >> Super exciting. >> 27,000 people showing up. >> It's amazing. >> Real people not workers. >> Yeah, it feels almost normal. >> Yeah I can't believe the turnout. >> Got a great topic, you guys working together you got mainframe, you got analytics, transformation. Let's get into it. Let's start by introducing what you guys do, your company, and why you are here. JP, we'll start with you. >> Yeah, I can start. Okay, so yeah, so I'm leading, you know, in Atos all the cloud business and telecom media technology, Atos is a big company is a service and technology company, 11 billion Euro business, and we are leading all the transformation to cloud and also, all what is related to hybrid cloud transformation. Also with security. We are number two in the world in terms of security and cybersecurity. We have developed for so long lasting relationship with AWS. We have been an advanced technology partner of AWS for now many years, since 2013. And we have developed a specific program, you know, regarding manufacturing transformation and mega trends. So this is why we are super excited to be here with you Justin today, thank you, by the way having Ingram Micro with us, Justin. >> I appreciate it, it's good talking to you. Good to be here. >> And I'm Justin Hooper, I work for a Ingram Micro. I run their Global Infrastructure and IT operations. Ingram Micro is one of the world's largest technology suppliers, technology solutions, and cloud platform and services. >> Well, great for the intro. Thanks for that set up, a lot of action going on. You guys have recently purchased, you guys got the transformation in the cloud. What is the movement to the cloud? Take us through the current situation. >> Yeah, we see, a big acceleration and especially due to COVID situation. We have seen acceleration of transformation to cloud. There is a lot to do, a lot to do because many business critical application, which have not been transformed. And also, especially all the applications which are sitting on top of mainframe that is why executive discussion we are with Ingram at the moment is how we can help Ingram with some of the applications that are on mainframe to transform and design the future. >> Justin, take us through the transformation that they're helping you with, what's the key challenge? What problem are they solving? Take us through the specifics. >> Yeah, it's interesting because I'm actually a lover of the mainframe, I think most of the people at AWS would think, the mainframes, didn`t they put the rockets on the moon. That's old technology, but mainframes are still fantastic platforms. We, have great success, great resiliency with Atos . We are on the most modern chips, but there are a lot of restrictions. You know, you really have to size your mainframe for your peak workloads. You don't have the ability to separate segments, scale horizontally, and then there are really nuanced. Like it's hard to get resources that know mainframes, to be honest with you, it is just, there's a people issue there industry-wide, and we're not different than any other company and compete for resources, both on the system side and on the programming side. And we really want to look at how we can make a massive leave, if we're going to leave the mainframe, how do we start a journey where we can end up really being able to take advantage of horizontal scalability, the ability to have a utility compute model where we're really paying as we go, because that is the opposite how the mainframe model works today. >> Talk about the refactor 'cause I know I've covered a lot of mainframe stuff with IBM in the past and how banks are still using it. Everyone is they're real applications. They're mission critical. How are they integrating into the digital transformation. Containers, kubernetes are hot right now. You're starting to see a lot more integration. How do your customers and how do you guys see refactoring happening? I can see the integration, but that as the refactoring come in. >> There's really what we've learned with our partnership is there are really a couple of ways to do the refactoring. You can convert your old Cobalt code to something else like Java. And there are tools and companies out there that do that. Or you can really build a plan where you can effectively emulate your mainframe on commodity computing and through a relatively deep analysis with Atos, the recommendation that we're looking at is that ability to first get off of the hardware, get off of that reliance on the platform, but not jump all the way to modify your code to Java. There's not a lot of value in going from Cobalt to Java, for example, if you're not making improvements in your programs, adding business capabilities. So the journey starts with get off the hardware, but then it allows you to go and say, we are going to break up those complex programs. We are going to separate the data differently. And once you do that, you can start to take advantage of containers and start to separate yourself even more and really get into the cloud. But, there are ways to piece your way through that. >> You know that's really good insight, JP, I'd love to get your reaction on this too, because what Justin's getting at is what we hear a lot from experienced CIOs of large companies that have a lot of existing stuff. And the theme is and the word they use is you don't want to touch the white hot core. Meaning it's so mission critical that if you mangle it too hard, touch it too hard a lot of bad things happen. So this idea of push things out to the cloud that around the edges, and then work your way slowly in is a risk management and practical approach. >> Not exactly, you said it right, its exactly a risk management So, and Justin explain it different factors, which come to the end point in terms of decision there is one issue regarding competencies, because their lack of competency in the markets. There is what kind of business critical apps you have. There is a transformation as such, you know, as Justin explain you can record, or you can move, you know, to a different platform. So, each time it's a program, it's a program and analysis that we do with our customer advising the customer about, hey, based on your critical application, what is the right journey, what is the right transformation to do the right risk management? >> Justin you're taking the hot core I saw you nodding your head. You're like, yeah, what's your take on that? >> Well, yeah, I agree with you. And that fear, uncertainty and doubt it's kept people on the mainframe for a really long time. The technology has caught up and the expertise where just as JP said, you've got to be really careful in the way you plan it, and you've got to make sure that you can always get back. And so the approach that we're looking at taking is, you're able to accommodate more risk if there's an easy roll back plan, and some of the new new technologies and processes are going to allow that, so, you know, if I screw this up, I get to go find a job someplace else. So I'm aware of the white hot core, but I am confident it can be done. >> Yeah, and then technology, if you don't have to kill the old to bring in the new, you can do both, and I like your approach. I think that's a success path that people are talking about it's well documented. But at the end of the day, we're back in distributed computing, I mean, I want to get this at the end, but I want to give you guys some time to think about it. As cloud becomes everywhere as Adam Selipsky talks about, it's not just about mainframes, this it's a distributed computing paradigm. So we're going to come back to that, but let's get into the SAP Redshift `cause I think that's something that you guys are working on I think that's worth calling out here. Analytics is huge, tell us what's going on there, how you guys are working together on that. >> Yeah, so we have designed a high level of competency around SAP, and especially the migration and the SAP Redshift. So we have designed this program also with AWS and is something we are discussing at the moment also with Ingram. So we see an acceleration of this trajectory. It has been also highly pushed by SAP as well. And also we are one of the strongest partner of SAP and we see many many customers engage into this transformation at the moment. >> The cloud really gives you a lot of advantages when you're doing migration, especially around a pre-existing software, like SAP was pretty big, complex mission critical So you can throw compute at it, a lot of cool capabilities. >> Yeah, that's true, but you need, you still need to configure a lot of things as well, because it's, you need to customize and you have to really fine tune, you know, what is it, what is going to be available to the customer needs and to what you need in your company as well. >> Okay, lets get back to what Justin was saying about emulation, I mean, I can run SAP (laughs) on Amazon. I mean, we've talked about it, I wrote a story about this prior to the event called Superclouds. You can build these super applications that combine things that you never would have thought was possible. SAP running on Amazon or Ford can come to Redshift when you need it, so you have a lot more flexibility. This is now the new normal. >> Correct. >> Correct. Or Justin maybe you want also to comment on that, you know? >> You know, the great thing about being on Redshift is we pick that as a platform for our data warehouse a number of years ago, and there were basically analytics capabilities, but what we're seeing a lot here at re:Invent is as Amazon is catching up with their out of the box ML and AI capabilities in Redshift. So it feels good that we pick the platform that they're growing the capabilities in right, as we're advancing out of more of the traditional analytics and trying to go to that machine learning. And one of the things that we work at the Atos on is migrating off of SAPBW and saying, maybe we don't need that as a data and reporting platform, if we're solid with Redshift and we certainly don't need both. So we're working with them to look at the case to move all the way to Redshift, and then we can run our analytics and build the ML in that. >> And you know, that was a big theme in the keynote. This purpose-built capabilities, it's almost like having, you know, if you're building a building, you got iron steel girders made for you. You got this now better value in the platform to build on. This brings up the notion of distributed computing. >> JP: Yeah. >> In a way there's the same game, different generation. I mean, isn't it? You've got to integrate this still transformations inflection points, this is current. I feel like this now more than ever is a time where you can actually roll it all together with a little help from your friends or if Amazon's got somebody, you know, who want to reinvent the wheel. What's your reaction to that? 'Cause we've seen the movie before, when it's hard. Now, it seems easier, maybe its not. >> Yeah, we see three layers co-existing in more more. We see that, see application on data will be spread over three dimensions there will be edge computing there will be private cloud and there will be public cloud. And we see more more pressure in the direction that many customers are saying, hey, where should I put my data? This spot will go on and be processed at the edge, this spot will be process in the public cloud. There is also one of the capability where we in Atos we are able to advise customers about what is the best way to process your data if you have a lot of latency, you can process at the edge. You know, there's less equipment, you can process the public cloud. So, we see this coexistence of model. >> Justin what's your take on this distributed computing throwback concept, because look at the rise of companies like Snowflake. Where'd they come from? They're on Amazon, they pick the cloud. Now they're on going to other clouds. You can build a supercloud. You can actually build this out now faster. What's your take? >> Yeah, I, my take is that it's a pendulum and it swings back and forth, and like you said, there was client server and then everything was web-based. And a lot of things look a lot like the mainframe, put everything in the cloud and then attached to it. And then all of a sudden, you know what? We need edge computing, pull some stuff back out of the cloud and put it where we need it. So, it's going to continue to evolve. What I have noticed that I like more is, the major home one swings and statements like I want to get out of the data center business and go to the cloud, I hear those less. And people are realizing there's there's hybrid. There's purpose build computing like you said, and we need to make sure that we're putting our data where it needs to be, putting our compute where it needs to be. And that's going to change on our customer base and evolving technologies 5G is changing the whole world around edge computing. So I'm enjoying the ride, I'm glad I'm in technology because I get to move with the ebbs and flows, but I don't think we're ever going to land. I think it's going to keep moving. >> Yeah that's a totally fair point where it's fun as a technologist, but you're right. If you're operating with cloud, it doesn't matter if you're on premises or edge or public cloud, it's the same thing (laughs). >> Justin: Yeah. >> It's just pick your, pick, your use case. >> Justin: Right, your use case- >> I want a low latency at the edge. I'm not going to move my data, send it to cloud. Of course, we're going to leave it there. >> Yeah. >> If you're on premise before- >> We've already move workloads back and forth. And a lot of companies are doing that too, you know? >> I think that's what they're getting at when they talk about cloud everywhere. I think that's their way of saying, okay, hybrid is real. They won't ever say multicloud though. (all laughing) Not yet. (all laughing) >> Won't hear that here. >> All right, quick summary. What do you guys do? And what's the future hold for the relationship. You guys got a good thing going on? Take us through what's the future look like. >> Yeah, for me it's a big thank you for the partnership with Ingram. So we are extremely excited by what we can do for you. And in terms of advising your transformation and, you know, I hope that you get the right service and the right advice, you know, from Atos. >> Yeah, it's been great. We, we've appreciated. We've been, we started as a mainframe customer and now they're helping to advise on how we could get off the mainframe. I mean really cannibalizing one of the other areas there in the spirit of evolving and partnership, and you guys are bringing a ton of expertise and the way you guys attack the account and we centralized through our account team is very helpful. You're very aware of what's going on on all sides of the business. >> Well, congratulations. >> That's a big part of the theme, the keynote today on, on ad about mainframe transmission. But at the end of the day, it's about modern infrastructure, modern application development. >> Justin: Absolutely. >> Getting out, having set the table for the next generation. >> JP: Yeah. >> Thanks for coming on theCUBE and you guys want to get a quick plug in real quick for the company talk about Atos and Ingram. Give a quick plug for what you guys are working on. >> Sorry- >> Give a quick plug about what you`re working on. Give a quick commercial one minute about the company. >> One minute. >> Yeah. >> At Atos we're really transforming or leading the industry in terms of secured transformation to cloud security will be more and more important as data is everything about where is the value. So we are really making sure that our customers, they get to maximize, they can maximize the value around data transformation to cloud in a secured way. >> Justin, JP, thanks for coming on theCUBE. Really appreciate the insights. Don't touch the hot core and make, take your time. Have a good time, you're watching theCUBE, the official broadcasting of AWS re:Invent leader in tech coverage, theCUBE. Thanks for watching. (upbeat music)

>>Welcome back to the cubes. Continuous live coverage of AWS reinvent 2021 live from Las Vegas. It's I'm Lisa Martin. And it's so great to say that we are doing with AWS and its massive ecosystem of partners. One of the most important hybrid tech events of the year. We've two sets over a hundred guests to remote studios, lots going on. I've got an alumni back with me and a new guest. Please. Welcome back. Sabina. Jo said the GM of technology partners at AWS and Neil Fowler joins her is the GM of micro-focus AMC. And you're going to tell me what AMC stands for >>Application modernization and >>Connectivity. I love it. Awesome guys. It's great. It's great to see you again in person. Thank you for having us. It's great to have the buzz. I know it's gonna be a little bit hard to hear, but great to have. AWS has done a phenomenal job of getting everyone in here safely. I want to give them kudos to that. So being to talk to me with, it's been a while since I've seen you in person, but talk to me about your current role at AWS. What's going on? >>Yeah, so I'm the general manager for technology partnerships globally out of the Americas. We also help partners out of EMEA and APAC grow in the Americas. And one of the great examples of a successful partnership is micro-focus with their solutions across application modernization security, database services, mainframes. >>And so from your perspective, through your lens, how do you think they're performing as a partner? Yes. >>So, um, first of all, kudos to Neil and the entire micro-focus team. They have done a great job leaning in with a cloud first strategy with SAS solutions on AWS and these solutions help customers across application modernization, application, delivery, security, cyber resiliency, database services, and also it performance management. And we've been working with them now for a few years. And in fact, today we have actually 400 customer wins together regulations and then also eight digit annual recurring revenue. They have six active listings in marketplace and all of this is really helping customers move their workloads and modernize their workloads into AWS. >>We've seen that such an acceleration nail in the digital transformation cloud adoption. The pandemic has really been a forcing function for that. There are some silver linings, but talk to me about some of the things that you've seen at micro-focus the last 20 months or so. And how have you helped those 400 customers, you know, getting to that big ARR, how are you helping them with that acceleration? >>Well, I think as you're saying that there's lots of changes in the last 12 to 18 months, some of it brought on by the pandemic and the change in business in business to having to respond, deliver solutions more quickly to the market, as well as remote working. So optimizing and the economic environment of costs, but being there to be more dynamic, it really has caused businesses to have to do something different than just to be able to survive and serve their customers better. That was a >>Big thing that we saw in the very beginning. It was not survival mode. And then of course it wasn't too long when we started seeing those survivors really start to thrive. And you started seeing who were going to be the winners of tomorrow. Cause the thing is every company, these days is a data company. If it's not, it's going to be passed up by competitor, that's right there in the rear view mirror. >>For sure. And so we've got, you know, organizations, so running mainframes, you know, older applications, legacy applications, modernization, where are most industries in terms of adopting that, the mindset, first of all, that they need to change? Well, I think across the whole industry, I mean, it doesn't matter whether it's retail. I mean, if you think about airlines with when the, when the pandemic hit business went down to, unless they've got that elastic nature of flashy to respond to it, but everyone had to bring in new services, new offerings very quickly. So the ability to be able to innovate in their environments and bring more solutions to their customers in a really fast way, you know, they couldn't just sit there and work with what they had. They had to move forward just to be able to stay in the business, but also be able to reduce the costs out of what they're trying to do. So running and transforming at the same time. >>Absolutely. And so how can organizations integrate existing core applications with new technologies to really be able to thrive in today's dynamic market? >>We look at modernization overall. We think of it in sort of three different ways with application process and infrastructure. So with a move to cloud, that's the infrastructure modernization they've immediately got far more access to more scalable dynamic elastic, compute resources, as well as all the technology platforms they have around. And then if you look at the application size and that's where the Microfocus platform comes in, we can help customers actually move those applications forward in terms of making them available through API APIs, maybe as a journey to microservices and cloud native. But once that core business logic and that data is available, it can be integrated into artificial intelligence machine learning and actually rained out the whole solution. So the final part of that from the process modernization, if you, as they're developing these applications with new tools, new ranges, in terms of where they can deploy on the AWS platform, they can automate the build deployment and operations so that all those existing applications and they were running on to contemporary platform with full access to the technologies that were available. >>That's fantastic and so necessary for businesses in any industry. So can you talk about some of the different business units of micro-focus? Are there any ones in particular that you want to call out? >>Yeah, so we work with them across all of their business units, but some of them that come to my mind is of course, Neil and team are doing a great job with application modernization and connectivity, really helping customers modernize the applications. And as customers are modernizing the applications, their cyber resiliency business unit is helping customers secure those applications. And then they also have their it operations management bridge product listed in marketplace. And then just since September are verdict a business unit launch Vertica accelerator on AWS. So I think they have a very holistic story to help customers >>On AWS. Talk to me a little bit, Neil, about cyber resiliency. We have seen such a dramatic change in cybersecurity in the threat landscape the last 20 months. I think I saw a stat recently that ransomware was up almost 11 X in the first half of 2021. Every, every day that companies had had a company, that data is gotta be secure. It's no longer a nice to have. That is a core requirement. How are you helping customers achieve that cyber? >>Well, the thing is, I mean, as you say, across the whole spectrum from cyber, from, from the identity access management through data encryption, through data protection, it's not, it's not a nice to actually say it's not a nice to have Kate take capability. You really have to have an integrated solution to be able to manage access control it, and also generating the events in terms of being able to, if anyone tries to get into the systems and log it because, you know, before, by the time you've discovered something it's too late, so you really need a combined solution for multi-factor authentication to really take it to that next level. >>Absolutely. Right. Once you've detected it, it's too late. And I mean, with ransomware as a service, cyber criminals are getting so much more sophisticated and also more brazen. There's so much money in it that the security front is, is I think even more interesting now than it's ever been. Talk to me about some joint customers and how you've helped them together with AWS with micro-focus achieve some of those key outcomes that you were talking about earlier. Well, I think >>Obviously with AWS as a platform has quite over a technology solutions going in, what we often find with our customers is a lots of, um, they're coming from an existing on-prem solution. So they need that hybrid model. So as part of taking that forward, been able to have that integrated solution that allows them to work both on-prem and as part of the cloud, most of it all being hooked up now, even that from even down to the, uh, as they're developing the applications now to do static code analysis, to help those applications be more secure with things like 40 pound demand, as well as integrating internet security platform for multifactor. So I think as you know, it's a combination of Brunel to bridge between all the different technologies, but have one single view of mail to protect the whole real estate, multiple layers for both external and internal threat. So that's, that's the other thing you also need to take into and can be able to protect all, all layers multi-layered approach. >>Absolutely. But you're right. The internal threats is something that we don't talk about as much, but that is obviously a substantial problem for organizations and most, if not any industries to be, to talk to me a little bit about, let's kind of get into the, the responsibilities that you have a little bit more in there. You've got responsibility for multiple solutions segments at AWS. You told me before we went live, you have 50 meetings this week. My goodness. And since day one, it taught all good. It's fun, fun. It is. Talk to me about AWS approach to partnering. What does it look like? What are some of the things that you think are really critical components? Yeah. >>So as you may have heard, we always start with the, at Amazon and AWS, we start with the customer. We work backwards when we are relaunching our products, our programs or services, you really go and ask the customers, what do you want us to develop? Where do you want us to focus the resources? It takes a lot of discipline to do that, but it's something that where we really want to walk the talk and we use the same approach with our partners when we started to work with micro-focus, we really kind of want to make sure that what we are working on together is what customers want, because we firmly believe that once you lay that foundation of that solution, you can scale your business a lot more quicker. Your story is a lot more simple and the customers are going to find a lot of value in what you are doing together. So it's really all about the customer for us. It is >>Absolutely critical, right? That's the whole point that the whole reason that we're here now, talk to me a little bit about maybe some cultural alignment with AWS, that customer first customer obsession. It sounds like at Microfocus, very similar. >>Absolutely. I mean, the way that we always think about how we're building our products, it's all around customer centric innovation. So that aspect of trying to make sure that we can solve what the business, understanding what the customers are trying to do to then help develop, to deliver solutions that meet that and that combination of a, the way that we look at it from that infrastructure modernization and the range of technologies that are available and that relentless focus on making customer successful is so key. But we have to make sure that that collaboration works together to make sure that the solutions align and we're helping customers get there together >>In your customer conversations. I imagine they've changed quite a bit during the pandemic with so many things being escalated to the C-suite to the board. How have your, how important is that cultural alignment between AWS and Microfocus from your customer's perspective? Is it something that comes up fairly often? Well, >>It's, it's a, I think it, when you actually get a mismatching culture, it's more obvious. So don't think that necessarily people are looking for it to say, I need organizations, but if you're not thinking the same way, you're not behaving the same way and actually partnering. I think that partnering part of it is really important because you're both working together to come up with that desired outcome. So I think it's more, more obvious when it isn't a good match as opposed to what it looking for that particular site. But I think that's a really key aspect in the sense of working together to help that customer be successful. >>Right? That's a great point that you bring up, but it's probably more obvious when it isn't working than when it's beautifully aligned, falling into place and really focused on that customer. So what are some of the things that attendees can, can feel and see and learn at the micro-focus booth at this year's reinvent nail, >>As well as obviously the key Roundup application modernization, where we're looking at the mainframe modernization on the site, we've got the full range of the Microsoft booth in terms of cyber resilience, as well as our, uh, item, my top, uh, it operations management or ADM portfolios. So we've got a lot of technologies which we can learn about in the booth interactive as well as all by experts to understand how we can do all these things and work together as part of the AWS platform to be able to deliver those solutions. >>Excellent. I'm sure there will be plethora of, of knowledge shared at the booth there. Last question, Neil, for you, talk to me about the vision going forward with the partnership. What are some of the things that you're looking forward to as we end 2021 and go into hopefully what is a better year, 2022? >>You know, one of the key things, you know, especially range, no one might, my passionate areas is helping our customers really look in terms of building the platform of the future. We can help solve their customer the problems today, but we're really trying to create that innovation platform to going through. So again, that combination of the technologies that we can bring to help our customers and the breadth and the investment that AWS continue making in the platform, those two combinations really helps us help our customers, not just solve today's problems, who really move into the forward to be the platform for innovation for the next decade. >>And that's really critical that that future ready state that is so undefined most of the time, I mean, none of us saw the pandemic coming, all right. That was a complete shock, but to be able to partner together, to help your customers really set up the foundation to be innovative as things happen that we can't even predict is really critical. So congratulations on your 400 customer wins your eight digit ARR. That's fantastic. Yes, we thank you so much for joining us on the queue, talking about the Microfocus AWS partnership and all of the successes that you guys have had. Great job. And I hope that you have cough drops and a lot of water this week. Sabina. I hope you do too guys. Thanks for joining me. Pleasure for my is I'm Lisa Martin. You're watching the cube, the global leader in live tech coverage.

>>Hey everyone. And welcome to the cubes. Continuous coverage of AWS reinvent 2021. I'm Lisa Martin. So excited to be here in person with thousands of folks. Everybody covered vaccinated. We are winning one of the largest industry's largest tech hybrid events with AWS and it's huge ecosystem of partners. We're going to be having two black sets. Two remote says over a hundred guests, and I am pleased to welcome two new guests to the queue. Mike Milner is here the head of product management at trend micro and Danielle Greshaw worldwide partner solution architects at AWS guys. Welcome to the program. It's nice robbing us. Isn't it nice to say, I have this background noise of actual humans, >>Such a nice buzz. Yeah, it >>Really isn't. I suppose. So the last, obviously 20, 22 months have been quite challenging for all of us, kudos to AWS for doing this in such a safe manner. But Mike, I wanted to get kind of a background in the last year and a half or so since we last spoke, what's going on at trend micro, we've seen so much change in the security landscape, the threat landscape. What are some of the things that you guys are saying? >>Yeah, good question. So, you know, some things stay the same and some things are always changing certainly lately, a big rise in ransomware, really affecting companies. This is a case where in the past, maybe we were concerned with targeted attacks, but now things like ransomware can affect anyone. So it's really broad attacks looking at any possible threat, any possible vector that can impact >>Company ransomware as a service is on the rise massively. And it's become, I've talked to some about it a lot this last year and a half or so being with it growing so rapidly, it's now a matter of when we got hit, not if so that's a really interesting topic that you bring up. Daniel want to bring you into the conversation. Talk to us about from a partnership perspective and about what you guys are doing together with. >>I mean, we've had a partnership with trend micro. I mean, I've been at AWS almost eight years, as long as I've been there. I can remember, you know, trends being a huge AWS partner. Um, and of course we've evolved over the years. And, um, definitely in the last 12 to 18 months, we've been doing a lot of joint events together trying to broaden our reach of customers, um, about talking about trends, solution. And we're going now to a lot of companies that have not used cloud before and look at a solution such as trend solution as a way in which they can move their workloads into the cloud and feel secure and safe about it. And, you know, not have to worry about, you know, ransomware or any other kinds of cyber attacks and feel good about moving into the cloud, >>Thinking to the cloud while there's still so many folks that are working from home, working from anywhere really that will be for, >>He did that, uh, journey for a lot of companies who maybe weren't thinking about it, but now are making that move a lot faster. >>The, of the challenges that you're seeing in the last 20 months as the acceleration of digital transformation cloud adoption, it was for so many businesses that weren't there. And on that journey, I'm just curious what some of the things are that you guys have observed together in this interesting time. Yeah. >>Oh for sure. Certainly, you know, trend micro has a lot of capability, a lot of products. I focus on the cloud cloud one, but really the endpoint protection users are at home. They're remote, they're accessing their infrastructure from so many different environments. Like you said, it's really set this ahead probably 10 years, really this work from home concept, >>It has to talk to me about some of the other things that are changing. And then there's the security buyer like what's going on there? What are some of the conversations that you're having challenges that they're having, but this is kind of a new, uh, persona that's been. >>Yeah, I think there is a big shift happening here as consumers. We're so used to trying things out, adopting new technology really rapidly. And I think industry is kind of catching up. Historically, this has been kind of top down decisions. Uh, a CSO or executive is making security buying decisions. Increasingly customers want to actually try things out. They want to experience the value, see how it works in their environments. And this could be coming from different business units, different parts of the organization. So we've really been focusing on adapting our products, our capability, and how we address customers to really reach these people who are making these decisions. >>And I think more and more developers are actually part of that process as well, because they're being tasked with, if you're going to build it, you also have to operate it and you also have to secure it. And so, you know, >>What are some of the challenges that the specifically that you're hearing from developers that are helping you surely advanced cloud one and the partnership? >>I mean, I would say like for what I hear from developers is mostly how can I integrate this into my existing process and make it easy, but >>It's really developers who are shaping so much of the infrastructure that needs to be protected in the past. It maybe was the other way around. That's been a massive shift in the industry. And as you say, we need to help developers be secure without them having to learn a whole new set of skills and security. We want them to be security aware, but we can't expect them all to be experts. >>I was a developer myself for like 15, 16 years. And we're terrible at security we're terrible at. So, uh, anything that any products let that, that help in that journey is key >>For sure. And it's not that you don't want to be secure it's that really your goal is providing the business value and security. It needs to be there, but it's always going to be seen as kind of a drag kind of slowing things down. So we want to build tools to help their, >>I imagine too also. So it facilitate from a cultural perspective, the developers, the security folks becoming better partners together because the security, as we talked about in the very beginning, even mentioning ransomware is a massive issue. It's, it's a global issue with say national security issue for the U S and other countries like that. But that cultural shift has got to be interesting, especially Danielle, you as a former developer, talk to me about some of the customer conversations and how are you helping those developers become comfortable with the security responsibility. >>Again, it's back to integrating it into their normal process and to the dev ops process to just have that be an extra step in there, um, where they can, they can see that it's easy and B being easy as key. And then they can just be able to roll that out with everything that they're doing. They've already kind of like made the mind shift to test their work that they do. So it's now secure it. Um, and that's just one other practice that they start doing. So, >>Yeah, and I think it really goes in the other direction as well, security teams who have the responsibility for security. They now have to understand all of the new technologies coming out of AWS, all these new tools with Kubernetes, continuous integration, continuous deployment. And that's a big ask as well. We can't expect security teams to be experts in all that. So really it's the two sides of that coin >>For sure. The results are kind of like a shared responsibility model if you think of it in >>That way. Absolutely. Absolutely. >>Talk to me, Mike, about cloud one, is this a joint solution that just built on AWS? Help me understand it and what's going on with, >>For sure. I mean, cloud one is really a platform to help cloud builders be secure. We want to make security simple, and that is those different personas. We needed it to be simple for security, let them just set their policy goals. Hey, I need to be compliant to this standard or this standard. I want to follow the well-architected framework. These are my goals. And then the development teams need to work, deliver that value that they're trying to do and tools like cloud one, our goal is to really help them deliver that value and be secure following those guard rails and those goals set by security. And we do that across containers. Workloads server lists really extending our offering as customers start using new platforms. >>What are some of the things Mike that you've seen in during the pandemic, as we've seen this massive acceleration and the rush to the cloud what's been going on with cloud one from that perspective and how has the pandemic maybe helped shape the technology and the partnership? >>Yeah, that's a great point. Um, I think of it as well as, I mean, Cloud One, we build our platform and we've been doing that now remotely for the past two years with engineers all over the world, really around the world, five major engineering sites teams working from home. And in that time we've delivered all of our security value, but we've also ourselves deployed cloud one across eight regions worldwide. And now our engineering teams are deploying worldwide and we're making our system compliant and secure. So I really feel like all this remote work has helped us gain a really deeper understanding of the problems our customers are facing. For sure. Yeah. >>I was going to say just for us, as we've done some joint events together, we've had to do all of those things remotely. So that is definitely been a challenge, but also getting good with the messaging and making sure that we are able to connect with those customers, um, online, >>Right, as we knew, things shifted dramatically overnight for everyone in every industry. And it was interesting to see how technology helped shape and paved the pathway for those folks that survived and are now thriving. Um, but I did see some, some of the recent news on cloud one or on cloud security, the data data centers in nine countries. It sounds to me like a differentiator for trend micro in terms of data, sovereignty, data data. >>It's a major issue. These days, our companies, our customers are around the world and they've got their own security requirements. And obviously cloud one is helping them be secure, but they need to trust us with our compliance and with data sovereignty. They might have a specific requirement to store data within their own jurisdiction. And we want to support that, make it easy for them, security, simplified, >>Security stupefied. I like that. If we could only simplify more things in life, guys, that would be fantastic. Talk to me about, uh, a customer example that you think really speaks volumes to the partnership and the capabilities of club one. >>Yeah, I think it's interesting to see the companies come on board using cloud one who you don't typically associate with security issues like media companies who are used to sending information out security is a major concern. We've got major brands from news to media who needs security and it's coming up in more and more industries. Every company is a software company and they need to be secure. >>Really. Every company is a data company. You think of, of the supermarket, the grocery chains here we are at AWS reinvent, the big owning Amazon owning whole foods, for example, but the data challenge that did a growth challenge is huge it's and that's where I think the security, um, focus needs to be is wherever that data is. And now it's scattered everywhere. >>Absolutely trend micro has been in this business for over 30 years, and it's amazing to see the shifts of what's important, what needs to be secured, how it needs to be secured over that long a period. And we always feel that we're leading things. And I think cloud wine is really on the forefront for how customers are building applications, delivering value to their customers and we're helping them be secure. >>Yeah. And just to Mike's point, I mean, I definitely think, you know, years ago it was always financial services company, healthcare companies who had compliance requirements, but more and more travel and hospitality, media, and entertainment. These are all companies that are looking for security solutions. >>We're seeing a lot from a data privacy perspective. We're seeing regulations pop up all over the world, California as China DRCR. Exactly. And I'm sure that's the tip of the iceberg for more data security regulations that we're going to see across the board as we humans and our technology companies are generating more and more and more data. That's the one thing that is not slowing down at all and they're not going to no pandemic. Right. So what's the vision going forward, Danielle, in terms of the partnership with trend micro? >>Um, I mean, I think again, we are always looking for joint customers who are looking for simplicity and looking for the, you know, the value proposition that cloud one has and just continuing to grow that customer base together. >>Yeah, for sure. I think it was two years ago. We were in person here at the cube in 2019. I think talking about cloud one is a new thing. Two years later, a lot has changed, but it's great to see the market validating all the effort we're putting into it. And industry looking at these big platforms that provide that broad security as the way forward. >>And then from an analyst perspective, there's a lot of value if coming down from the analyst for cybersecurity firms, because of the threats that we talked about, the net landscape changing the fact that it is so easy to launch ransomware, the fact that it is coming through every media, we're seeing a lot more value placed on cybersecurity firms from, from the industry, which has gotta be kudos to you guys and what you're doing and also help kind of guide direction in terms of the vision going forward. >>Yeah, for sure. I mean, we have threatened research. We are really into understanding what attackers are doing and they lead our direction. We're always on the forefront of protecting our customers from the leading threats >>And our partnerships, the most successful partnerships that we have, or the ones in which we're consistently innovating and trend has always been doing that with us. Any new service that we released, any, you know, as he taught, as Mike was talking about, uh, Kubernetes, et cetera, all of those new areas in which to go in the CA the partners that are able to keep up with us are the ones who are, you know, the most successful. So >>One of the things I know about many things of AWS is that it's very customer obsessed, focused on the customer. I imagine culturally Mike there's alignment there in turn Microsoft. >>Absolutely. And AWS is a great organization to work with because it shows through throughout interaction that they are customer obsessed. Absolutely. >>That's a good, that's a good thing to be obsessed about all things considered. Last question, guys, tell me what some of the things are that that attendees are going to be learning from both of you guys and from the booth at the event this week. >>So certainly from the cloud one trend micro booth right behind us. If the cameras can see it, uh, we've got demos of all the different functionality in cloud. One from containers, file storage workloads serverless, definitely come check that out to really see the breadth of the platform and what it can do to help. >>Awesome guys, thank you so much. You're now cube alumni got to give, you got branded masks, very COVID friendly. Uh, we appreciate your insights talking to us about trend micro, the AWS partnership and sharing some of those customer examples. Great work in the last 20 months. And it's great to have you here in person. Thanks for having very much for my guests. I'm Lisa Martin. You're watching the cubes, continuous coverage of AWS reinvent 2021, the cube, the global leader in live tech coverage.

>>Mhm Welcome back to Los Angeles. The Cubans live, I can't say that enough. The Cubans live. We're at cu con cloud Native Con 21. We've been here all day yesterday and today and tomorrow talking with lots of gas. Really uncovering what's going on in the world of kubernetes, lisa martin here with Dave Nicholson. We've got some folks. Next we're gonna be talking about a customer use case, which is always one of my favorite things to talk about. Please welcome Michael Coletti, the principal platform engineer at CHG Healthcare and then cat from a christian VP of products from port works by pure storage. Guys, welcome to the program, Thank you. Happy to be here. Yeah. So Michael, first of all, let's go ahead and start with you, give the audience an overview of CHG healthcare. >>Yeah, so CHG Healthcare were a staffing company so we sure like a locum pen and so our clients are doctors and hospitals, so we help staff hospitals with temporary doctors or even permanent placing. So we deal with a lot of doctors, a lot of nursing and we're were a combination of multiple companies to see if she is the parents. So and uh yeah, we're known in the industry is one of the leaders in this, this field and providing uh hospitals with high quality uh doctors and nurses and uh you know, our customer services like number one and one of these are Ceos really focused on is now how do we make that more digital, how we provide that same level of quality of service, but a digital experience as rich for >>I can imagine there was a massive need for that in the last 18 months alone. >>Covid definitely really raised that awareness out for us and the importance of that digital experience and that we need to be out there in the digital market. >>Absolutely. So your customer report works by pure storage, we're gonna get into that. But then can talk to us about what's going on. The acquisition of port works by peer storage was about a year ago I talked to us about your VP of product, what's going on? >>Yeah, I mean, you know, first of all, I think I could not say how much of a great fit for a port works to be part of your storage. It's uh uh Pure itself is a very fast moving large start up that's a dominant leader in a flash and data center space. And you know, pure recognizes the fact that Cuban it is is the new operating system of the cloud is now how you know, it's kind of virtualizing the cloud itself and there is a, you know, a big burgeoning need for data management in communities and how you can kind of orchestrate work lords between your on prem data centers in the cloud and back. So port books fits right into the story as complete vision of data management for our customers and uh spend phenomenal or business has grown as part of being part of Pure and uh you know, we're looking at uh launching some new products as well and it's all exciting times. >>So you must have been pretty delighted to be acquired as a startup by essentially a startup because because although pure has reached significant milestones in the storage business and is a leader in flash storage still, that, that startup mindset is there, that's unique, that's not, that's not the same as being acquired by a company that's been around for 100 years seeking to revitalize >>itself. Can >>you talk a little bit about that >>aspect? So I think it will uh, Purest culture is highly innovation driven and it's a very open flat culture. Right? I mean everybody impure is accessible, it can easily have a conversation with folks and everybody has his learning mindset and Port works is and has always been in the same way. Right? So when you put these teams together, if we can create wonders, I mean we, right after that position, just within a few months we announced an integrated solution that Port works orchestrates volumes and she file shares in Pure flash products and then delivers as an integrated solution for our customers. And Pure has a phenomenal uh, cloud based monitoring and management system called Pure one that we integrated well into. Now we're bringing the power of all of the observe ability that Purest customers are used to for all of the partners customers and having super happy, you know, delivering that capability to our customers and our customers are delighted now they can have a complete view all the way from community is an >>app to the >>flash and I don't think any one company on the planet can even climb, they can do that. >>I think, I think it's fair to acknowledge that pure one was observe ability before observe ability was a word. Exactly one used regularly. So that's very interesting. >>I could talk to us about obviously you are a customer CHD as a customer of court works now Port works by peer storage. Talk to us about the use case, what what was the compelling? It was their compelling event and from a storage perspective that that led you to Port works in the >>first so we be, they began this our Ceo basically in the vision, we we need to have a digital presence, we need and hazards and this was even before Covid, so they brought me on board and my my manager read uh glass or he we basically had this task to how are we going to get out into the cloud, how we're going to make that happen And we we chose to follow very much cloud native strategy and the platform of choice. I mean it just made sense with kubernetes and so when we were looking at kubernetes, we're starting to figure out how we're doing, we knew that data is going to be a big factor, you know, um being to provide data, we're very much focused on an event driven, were really pushing to event driven architecture. So we leverage Kafka on top of kubernetes, but at the time we were actually leveraging Kafka with M S K down out in a W S and that was just a huge cost to us. So I came on board, I had experienced with poor works prior company before that and I basically said we need to figure out a great storage away overlay. And the only way to do is we gotta have high performance storage, we've got to have secure, we gotta be able to back up and recover that storage and the poor works was the right match and that allowed us to have a very smooth transition off of M S K onto kubernetes, saving us, it's a significant amount of money per month and just leverage that already existing hardware that are existing, compute memory and just in the and move right to port works, >>leveraging your existing investments. >>Exactly which is key. Very, very key. So, >>so been kept, how common are the challenges that when you guys came together with the HD, how common are the challenges? It's actually, >>that's a great question, you know, this is, I'll tell you the challenges that Michael and his team are running into is what we see a lot in the, in the industry where people pay a ton of money, you know, to, you know, to to other vendors or especially in some cases use some cloud native services, but they want to have control over the data. They want to control the cost and they want higher performance and they want to have, you know, there's also governance and regulatory things that they need to control better. So they want to kind of bring these services and have more control over them. Right? So now we will work very well with all of our partners including the cloud providers as well as uh, you know, an from several vendors and everybody but different customers are different kinds of needs and port works gives them the flexibility if you are a customer who want, you know, have a lot of control over your applications, the performance of the agency and want to control cars very well in leveraging existing investments board works can deliver that for you in your data center right now you can integrate it with pure slash and you get a complete solution or you won't run it in cloud and you still want to have leverage the agility of the cloud and scale for books delivers a solution for you as well. So it kind of not only protects their investment in future proves their architecture, you get future proving your architecture completely. So if you want to tear the cloud or burst the cloud, you have a great solution that you can continue to leverage >>when you hear a future proof and I'm a marketer. So I always go, I love to know what it means to different people, what does that mean to you in your environment? >>My environment. So a future proof means like one of the things we've been addressing lately, that's just a real big challenge and I'm sure it's a challenge in the industry, especially Q and A's is upgrading our clusters ability to actually maintain a consistent flow with how fast kubernetes is growing, you know, they they're out I think yes, we leverage eks so it's like 1 21 or 1 22 now, uh that effort to upgrade a cluster, it can be a daunting one with port works. We actually were able to make that to where we could actually spin up a brand new cluster and with port work shift, all our application services, data migrated completely over poor works, handles all that for us and stand up that new cluster in less than a day. And that effort, it would take us a week, two weeks to do so not even man hours the time spent there, but just the reliability of being able to do that and the cost, you know, instead of standing up a new cluster and configuring it and doing all that and spending all that time, we can just really, we move to what we call blue green cut over strategy and port works is an essential piece of that. >>So is it fair to say that there are a variety of ways that people approach port works from a, from a value perspective in terms of, I I know that one area that you are particularly good in is the area of backups in this environment, but then you get data management and there's a third kind of vector there. What is the third vector? >>Yeah, it's all of the data services. Data services, like for example, database as a service on any kubernetes cluster paid on your cloud or you're on from data centers, which >>data, what kind of databases >>you were talking about? Anything from Red is Kafka Postgres, my sequel, you know, council were supporting, we just announced something called port books, data services offering that essentially delivers all these databases as a service on any kubernetes cluster uh that that a customer can point to unless than kind of get the automated management of the database on day one to day three, the entire life cycle. Um you know, through regular communities, could curdle experience through Api and SDK s and a nice slick ui that they can, you know, just role based access control and all of that, that they can completely control their data and their applications through it. And, you know, that's the third vector of potatoes Africans >>like a question for you. So what works has been a part of peer storage? You've known it since obviously for several years before you were a c h G, you brought up to see H G, you now know it a year into being acquired by a fast paced startup. Talk to me about the relationship and some of the benefits that you're getting with port works as a part of pure storage. >>Well, I mean one of the things, you know, when, when I heard about the accusation, my first thing was I was a little bit concerned is that relationship going to change and when we were acquiring, when we're looking at a doctor and Poor works, One thing I would tell my management is poor works is not just a vendor that wants to throw a solution on you and provide some capability there, partner, they want to partner with you and your success in your journey and this whole cloud native journey to provide this rich digital experience for not only our platform engineering team, but our dev teams, but also be able to really accelerate the development of our services so we can provide that digital portal for our end users and that didn't change. If anything that accelerated that that relationship did not change. You know, I came to the cat with an issue we just, we're dealing with, he immediately got someone on the phone call with me and so that has not changed. So it's really exciting to see that now that they've been acquired that they still are very much invested in the success of their customers and making sure we're successful. You know, it's not all of a sudden I was worried I was gonna have to do a whole different support process and it's gonna go into a black hole didn't happen. They still are very much involved with their customers. And >>that sounds kind of similar to what you talked about with the cultural alignment I've known here for a long time and they're very customer centric. Sounds like one of the areas in which there was a very strong alignment with port works. >>Absolutely important works has always taken pride in being customer. First company. Our founders are heavily customer focused. Uh, you know, they are aligned. They want, they have always aligned uh, the portraits business to our customers needs. Uh Pure is a company that's men. I actually focused on customers, right? I mean, that's all, you know, purist founder cause and everybody care about and so, you know, bringing these companies together and being part of the pure team. I kind of see how synergistic it is. And you know, we have, you know, that has enabled us to serve our customers customers even better than before. >>So, I'm curious about the two of you personally, in terms of your histories, I'm going to assume that you didn't both just bounce out of high school into the world of kubernetes, right? So like lisa and I your spanning the generations between the world of, say, virtualization based on X 86 architecture and virtualization where you can have microservices, you have a full blown operating system that you're working with, that kind of talk about, you know, Michael with you first talk about what that's been like navigating that change. We were in the midst of that, Do you have advice for others that are navigating that change? >>Don't be afraid of it, you know, a lot of people want to, you know, I call it, we're moving from where we're uh naming, we still have cats and dogs, they have a name, the VMS either whether or not their physical boxes or their VMS to where it's more like it's a cattle, you know, it's like we don't own the Os and not to be afraid afraid of that because change is really good. You know, the ability for me to not have to worry about patching and operating system is huge, you know, where I can rely on someone like the chaos and and the version and allow them to, if CV comes out, they let me know I go and I use their tools to be able to upgrade. So I don't have to literally worry about owning that Os and continues the same thing. You know, you, you, you know, it's all about being fault tolerant, right? And being able to be changed where you can actually brought a new version of a container, a base image with a lot of these without having to go and catch a bunch of servers, I mean patch night was held, I'm sorry if I could say that, but it was a nightmare, you know, but this whole world has just been a game changer >>with that. So Van cut from your perspective, you were coming at it, going into a startup, looking at the landscape in the future and seeing opportunity, um what what what's that been like for you? I guess the question for you is more something lisa and I talk about this concept of peak kubernetes, where are we in the wave, is this just is this just the beginning, are we in the thick of it? >>Yeah, I think I would say we're kind of transitioning from earlier doctors too early majority face in the whole, you know, um crossing the chasm analogy. Right, so uh I would say we're still the early stages of this big wave that's going to transform how infrastructure is built, apps are, apps are built and managed and run in production. Um I think some of the uh pieces, the key pieces are falling in place and maturing, uh there are some other pieces like observe ability and security, uh you know, kind of edge use cases need to be, you know, they're kind of going to get a lot more mature and you'll see that the cloud as we know today and the apps as we know today, they're going to be radically different and you know, if you're not building your apps and your business on this modern platform, on this modern infrastructure, you're gonna be left behind. Um, you know, I, my wife's birthday was a couple of days ago. I was telling this story a couple of friends is that I r I used another flowers delivery website. Uh they missed delivering the flowers on the same day, right? So when they told me all kinds of excuses, then I just went and looked up, you know, like door dash, which delivers uh, you know, and then, you know, like your food, but there's also flower delivery, indoor dash and I don't do it, I door dash flowers to her and I can track the flower does all the way she did not eat them, okay, You need them. But my kids love the chocolates though. So, you know, the case in point is that you cannot be, you know, building a modern business without leveraging the moral toolchain and modern toolchain and how the business is going to be delivered. That that thing is going to be changing dramatically. And those kind of customer experience, if you don't deliver, uh, you're not gonna be successful in business and communities is the fundamental technology that enables these containers. It's a fundamental piece of technology that enables building new businesses, you know, modernizing existing businesses and the five G is gonna be, there's gonna be new innovations that's going to get unleashed. And uh, again, communities and containers enable us to leverage those. And so we're still scratching the surface on this, it's big now, it's going to be much, much bigger as we go to the next couple of years. >>Speaking of scratching the surface, Michael, take us out in the last 30 seconds or so with where CHG healthcare is on its digital transformation. How is port works facilitating that? >>So we're right in the thick of it. I mean we are we still have what we call the legacy, we're working on getting those. But I mean we're really moving forward um to provide that rich experience, especially with inventing driven platforms like Kafka and Kubernetes and partnering with port works is one of the key things for us with that and a W s along with that. But we're, and I remember I heard a talk and I can't, I can't remember me but he he talked about how, how kubernetes just sort of like 56 K. Modem, You're hearing it, see, but it's got to get to the point where it's just there, it's just the high speed internet and Kelsey Hightower, That's who Great. Yeah, and I really like that because that's true, you know, and that's where we're on that transition, where we're still early, it's still that 50. So you still want to hear a note, you still want to do cube Cto, you want to learn it the hard way and do all that fun stuff, but eventually it's gonna be where it's just, it's just there and it's running everything like five G. I mean stripped down doing Micro K. It's things like that, you know, we're gonna see it in a lot of other areas and just proliferate and really accelerate uh the industry and compute and memory and, and storage and >>yeah, a lot of acceleration guys, thank you. This has been a really interesting session. I always love digging into customer use cases how C H. G is really driving its evolution with port works Venkat. Thanks for sharing with us. What's going on with port works a year after the acquisition. It sounds like all good stuff. >>Thank you. Thanks for having us. It's been fun, our >>pleasure. Alright for Dave Nicholson. I'm lisa martin. You're watching the cube live from Los Angeles. This is our coverage of Yukon cloud native Con 21 mhm

(upbeat music) >> Okay, thanks to the studio there for the handoff. Appreciate it, we're here for breaking news and it's exciting that we have Amol Phadke who's the Managing Director, Google is breaking some hard news here, Dave, so we want to bring him in and get commentary while we end out day two. Obviously, the story here is CLOUD CITY. We are in the CLOUD CITY. Amol, thanks for coming on remotely into our physical hybrid set here. Thanks for coming on. >> Thank you, John. I'm very excited to be here, virtually at MWC 21. >> Oh we got Bon Jovi ready to play. Everyone's waiting for that concert and you're the only thing standing between Bon Jovi and all the great stuff so. >> A lot of people watching. >> Thanks for coming on. Seriously you guys got some big news first Ericsson partners with you guys on 5G, platform deal with anthesis as well as open O-ran Alliance. You guys are joining huge testament to the industry. Obviously Google with all your innovation you guys have in the big three cloud hyperscalers. Obviously you guys invented SRE, so you know, you're no stranger to large scale. What's the news? Tell us why this Ericsson news is so important. Let's start with the Ericsson announcement. >> Sure, so, John, I mean, we are very excited today to finally bring to the market, the strategic partnership that we've been building with Ericsson for the last few months, the partnership, the reason we feel this is very important to the industry is we are actually doing this in conjunction with very large CSPs. So it's not done in isolation. You in fact saw in the press release that we have already launched something together with Telecom Italia in Italy. Because you will see that also in the press. And really the partnership is on three pillars. Number one, how can CSPs monetize 5G and Edge, which is a real team at the moment using Google Clouds solutions like the Edge computing platform and Anthos and Ericsson's cutting Edge 5G components, 5G solutions. And if we can onboard this together at the CSPs, such as Telecom Italia, that creates massive time to market efficiency. So that's point 1. Speed and agility is key John. But then point 2, it also unlocks a lot of Edge use cases for a bunch of verticals, retail, manufacturing, healthcare and so on. Which we are already starting to launch together with Ericsson. And so that's the second pillar. And then the final pillar of course, is this continuous wave of Cloud Native innovation that you just highlighted, John. We are going to try and double down on it between ourselves and Ericsson to really try and create this Cloud Native Application Suite for 5G over time. >> Talk about the innovations around Cloud, because the message we're hearing this year at Mobile World Congress is that the public cloud is driving the innovation and you know, I can be a little bit over the top and say, so the Telcos are slow, they're like glaciers, they move slow, but they're just moving packets. They are there, they're moving the network around. The innovation is happening on top. So there's some hardened operations operating the networks. Now you have a build concept, Cloud Native enables that. So you've got containers. You can put that, encapsulate that older technology and integrate it in. So this is not a rip and replace, someone has to die to win. This is a partnership with the Telco's. Can you share your thoughts on that piece? >> Spot on, John, spot on. We, we believe that it's a massive partnership opportunity. There's zero conflict or tensions in this sort of ecosystem. And the reason for that is, when you talk about that containerization and write once and deploy everywhere type architecture, that we are trying to do, that's where the Cloud Native be really helps. Like when you create Ericsson 5G solutions with the operators at Telecom Italia, once you build a solution, you don't have to worry about, do I need to go create that again and again for every deployment. As long as you have Anthos and Ericsson working, you should be able to have the same experience everywhere. >> Yeah, John and I talk all the time in theCUBE about how developers are really going to drive the Edge. You're clearly doing that with your Distributor Cloud, building out a Telco Cloud. I wonder if you could talk a little bit more about how you see that evolving and a lot of the AI that's done today is done in the cloud. A lot of modeling being done. When you think about Edge, you think about AI inferencing, you think about all these monetization opportunities. How are you thinking about that? >> Sure, so I think David first of all, it's a fantastic segue into how we are looking at analytics at the Edge, right? So we, we have realized that (connection disruption) is a very, very data computing, heavy operation. So certainly the training of the models is still going to stay in cloud for the foreseeable future. But the influencing part that you mentioned, is definitely something that we can offload to the Edge? Why is that so important? In the pandemic era think of running a shop or a factory floor, completely autonomously, needing zero minimal human intervention. And if you want to look at an assembly line and look at AI influencing as a way to find out assembly line defects on products and manufacturing. That's a very difficult problem to solve unless you actually create those influencing models at the Edge. So creating that ecosystem of an Ericsson and a Google Cloud and Telecom Italia type of carrier, gives you that Edge placement of the workloads that would fit right next to a factory floor in our manufacturing example. And then on top of that, you could run the AI influencing to really put in the hands of the manufacturer, a visual inspection capability to just bring this to life. >> Great, thank you for that and now the other piece of the announcement of course is the open, Open RAN. We've been talking about that all week. And you know, you well remember when Cloud first came out, people were concerned about security. And of course, now everybody's asking the question, can we still get the reliability and the security that we're used to with the Telcos? And of course over time we learned that you guys actually are pretty good at security. So how do you see the security component? Maybe first talk about the Open RAN piece, why that's important and how security fits? >> Sure, so first of all, Open RAN is something that we have taken great interest in the last year or so as it started evolving. And the reason for that is fairly simple Dave, this aggregation of networks has been happening for some time. In the radio layer, we believe that's the final frontier of sort of unlocking and desegregating that radio layer. And why is that so important? 80% of the operators spent globally is on radio across the entire infrastructure, 80% is on radio. If you disaggregate that and if you created synergies for your CSP partners and clients, that meant you have standard purpose hardware, standard purpose software with open interfaces, number one, massive difference in PCO. Number two, the supply chain gets streamlined and becomes a really, really simple way to manage a fairly large distribution, that's about to get larger with 5G and the capillarity that 5G needs. You're thinking of tens of thousands of micro cells and radio cells going everywhere. And having that kind of standardized hardware, software with open interfaces, is an extremely important cost dimension too. And on the revenue side, the things is that, the reason we got so excited with Open RAN was, you can now run a lot of API's on the radio net itself. That then suddenly brings a whole developer community on the radio layer. That then helps you do a bunch of things like closed loop automation for network optimization, as well as potentially looking at monetization opportunities by hyper personalizing yours and mine experiences at a device level, from the cell tower. And so that really is what is driving us towards this Open RAN type announcement. >> John: Amol, we've only got a minute and a half. I want to get your thoughts real quick on, on Open Source and the innovation. Danielle Royston, who's the CEO of TelcoDr. She's a keynote today. And she mentioned that the iPhone, 14 years ago was launched, okay. And you think about Open, and you mentioned proprietary with the 5G, and having O-RAN be more commodity and industry standard. That's going to lower the costs, increase the surface area of infrastructure. Everyone wins, 'cause everyone wants more connectivity options. Software is going to be the key to success for the telco industry, and Open Source is driving that. Is Android the playbook that you guys pioneered, obviously at Google with phones was very successful. How is that a playbook or an indicator to what could happen at Telco? >> Absolutely John and the parallel analogy that you raised is spot on. We believe in the Telco world Anthos multi-cloud as a unifying software development layer and the app development platform is the way that people will start to drive this innovation. Whether it's a radio or whether it's in the core or whether it's on the IT side of house. Same software running everywhere. That really allows you that whole CICD SRE type development models that we are familiar with, but on the telecom side. And that's where we are seeing some massive innovation opportunities for start, that would be for systems to come on. >> John: That's great stuff. And I was, just heard someone in the hallway just yesterday and say, you want to be the smartphone. You don't want to be the Blackberry going forward. That's pretty much the consensus here at Mobile World Congress. Amol, thank you for coming on and sharing the hard news with Google. Congratulations on the Ericsson Anthos platform deal as well as the Open Ran Alliance. Congratulations, good to see you. And by the way, you'll be keynoting tomorrow on theCUBE featured segments. So, watch that interview. >> Thank you John. Glad to be here. >> Thanks Amol. Managing Director, Telecom Industry Solutions at Google, obviously player, he's managing that business. Big opportunities for Google because they have the technology to get the chops Dave, and we're going to now, bring on Danielle Royston, she's here, I want to bring her up on the stage. Bon Jovi's about to go on, behind us, Bon Jovi's here. And this is like a nightclub, small intimate setting here in CLOUD CITY. Dave, Bon Jovi is right there. He's going to come on stage after we close down here, but first let's bring up the CEO of TelcoDR, Danielle Royston, great to see you. She's hot off the keynote. We're going to see you have a mic. Great to see you. >> Oh, it's great to be here, awesome. >> We are going to see you tomorrow for an official unpacking of the keynote but thanks for coming by and closing, swinging by. >> I know we're closing down the show. It's been a big, it's been a big day today at MWC and in CLOUD CITY. >> And Bon Jovi by the way. >> Day two, I mean really starting to get packed. >> And I mean, everyone's coming in, the band's warming up. You can kind of hear it. I think Elon Musk is about to go on as well. So I mean, it's really happening. >> A lot of buzz about CLOUD CITY out there in the hallway. >> Yeah, yeah. No, I mean, I think everyone's talking about it. I'm really, really excited >> Awesome. >> with how it's going, so yeah. >> Well, this is awesome, while we got you here, we want to put you to work being theCUBE analyst for this segment. You just heard Google. We broke them in for a breaking news segment. Obviously, so hard news Ericsson partnership. We're in the, actually former Ericsson booth. They're not even here, it's now the TelcoDR booth. But that's and then Open RAN again, Open Source. You got 5G, you got Open Source all happening. What's your take on this, as you're seeing this? >> Yeah, I think, you know, there's two big, and I talked about in my keynote this morning, there's two big technological changes that are happening in our industry simultaneously. And I don't think we could have had it--MWC 21 I certainly wanted to make it about the Public Cloud. I think I'm sort of successful in doing that. And I think the other piece is Open RAN, right? And I think these two big shifts are happening and I'm really thrilled about it. And so, yeah, we saw these two. >> I loved your keynote, we were here live Chloe was here filling in for Dave while Dave was going to do some research and getting some breaking stories. But you are on stage and, and we were talking, Chloe's like, these there's trillions of dollars, John on the table. And I was making the point, that the money's in the middle of the table and it's changing hands. If people don't watch it. And then you onstage said there's trillions of dollars. This is a real competitive shift with dollars on the table. And you've got cultural collision. You've got operators and builders trying to figure out, it feels like Dev Ops is coming in here. >> Yeah. >> I mean, what's the, what's the holistic vibe. What's the, what do you? >> Yeah, I think my message is about, we can use the software and specifically the software, the Public Cloud, to double your ARPU without massive CapEx expenditure. And I think the CSPs has always viewed to get the increase in ARPU, I got to build out the network, I got to spend a lot of money. And with these two technologies that require might be dropped. And then in exchange for doubling our ARPU, why not? We should do that absolutely. >> You know, your message has been pretty clear that you got to get on, on the wave. Got to ride the wave or become driftwood, as John said yesterday. And I think it's pretty, it's becoming pretty clear that that's the case for the Telcos. I feel like Danielle, that they entering this decade, perhaps with a little bit more humility than they have in the past. And then, you know, maybe, especially as it relates to developers, we're just talking about building out the Edge. We always talk about how developers are really going to be a key factor in the Edge and that's not a wheelhouse necessarily. But, obviously they're going to have to partner for that to have, they're going to have to embrace Cloud Native. I mean, it's pretty clear that your premise is right on. We'll see how long it takes, but if it, if they don't move fast, you know, what's going to happen. >> Well, I think you look at it from the enterprise's perspective. And we just heard Google talking about it. We need to provide a tech stack that the enterprises can write to. Now, historically they haven't had this opportunity. Historically that CSPs have provided it. Now you're going to be able to write against Google's tech stack. And that's something that is documented, it's available. There's developers out there that know it. And so I think that's the big opportunity. And this might be the, the big use case that they've been looking for with 5G and looking forward to 6G. And so it's a huge opportunity for CSPs to do that. >> I think that's an important point because you've got to place bets. And if I'm betting on Google or Amazon, Microsoft, okay, those are pretty safe bets, right? Those guys are going to be around. >> You think, I mean, they're like, no, don't trust the hyperscalers. And like, are you guys nuts? They're safe bets. >> Safe bets in terms of your investment in technology, now you've got to move fast. >> Yeah. >> That's the other piece of it. >> Yeah. >> You got to change your business model. >> Yeah, absolutely. >> Well, you got to be in the right side of history too. I mean, I mean, what is trust actually really mean? Does Snowflake trust Amazon? It sure did to get them where they are, but now they're looking at other options. >> That is a great example, John. It really is, because there's a company that can move fast, but the same time they compete, but the same time they add incremental value. >> And so here you can see the narrative like, oh no, we're partnering, Telcos aren't bad. No one needs to die to bring in the new. Well containers do, will help them manage that operational legacy, but culturally, if they don't move, they're going to have an asset that'll get rolled up into a SPAC or some sort of private equity deal. And because the old model of building CapEx and extract rents is kind of shifting because the value's shifting. So to me, I think this is what we're watching still kind of unknown. Danielle, love to get your thoughts on this, because if the value shifts to services, which is a consumption model like cloud, >> Yeah. >> Then you can, don't have to try to extract the rents out of the CapEx or, what's your thought, I mean. >> Yeah, I don't think you need to own the entire stack to provide value. And I think that's where we are today in Telco, right. There, I mean, nuts and bolts of the stack, the servers, you know, the cabling, everything. And I'm like, stand on the shoulders of these amazing tech giants that have solved, you know, mega data centers, right? Huge data centers at scale, and just leverage their investment and for your own benefit and start to focus, and we heard Amol talking about it, starts to focus on your subscriber and driving a great experience for us, right, yeah. >> Well, you've talking about that many times that you exhibit, you're right. If the conversation has been, has to go beyond, okay, we're just connectivity. It's got to be going to be like, oh, it's $10 a month for roaming charges, ah great. >> Yeah. >> Tick that box. Right, it's those value added services that you're talking about. And it's an infinite number of those that can be developed. And that's where the partnerships come in, and creativity in the industry. It's just a blank piece of paper. >> Well, we, you know, everyone thinks Google knows everything about you, right? We've had the experience on our phone where they're serving up ads and you're like, how did it? >> Facebook does? >> Right, Facebook. But you know who knows more about us than, than Google or your mother even, your Telco. >> Yeah. >> You take your phone with you everywhere, right? And so it's time to start unlocking all of that knowledge and using it to provide a really great experience. >> And by the way, congratulations on the CEO to Totogi and the investment hundred million dollars. That's a game changer statement again, back to the billing and the there's a good, there's a whole new team, even all up and down the stack of solutions, great stuff. And I want to unpack that tomorrow. I want to hold that, we're going to meet tomorrow. I want to, I want to, leave that here. >> Stay in the data for a second, because you made the point before in your keynote as well. That, it's that it's the data that drives the value of these companies. Why is it that Apple, Amazon, Google, Facebook now trillion dollar valuations. >> Yeah. >> It's all about the data and the Telco's have the data, but they can't figure out how to turn that into valuation. >> I think there's two parts of the data problem, which is number one, the data is trapped in on-premise, siloed systems that are not open. You can't connect them, and you certainly do it without, and we talked about it, I think yesterday, you know, millions of dollars of expenditure. And I think the other piece that's really interesting is that it's not connected to a mechanism to get it out in a timely manner, right? This is data that's aging by the minute. And when it takes you weeks to get the insight , it's useless, right? And so to Totogi, we announced the launch of Totogi, I'll get a little to Totogi plug in there, right. Totogi is connecting that insight to the charger, to the engagement engine and getting it out to subscribers. I think that's the beginning of this connection. I think it's a hard problem to solve it would have been solved already. But I think the key is leveraging the Public Cloud to get your data out of on-premise and, and mashing it up against these great services that Google and Azure and Amazon provide to drive it into the hands of the subscriber, make it very actionable, very monetizeable right at the end, that's what they want. More ARPU, more revenue, right. And you know, we've heard some keynotes from GSMA yesterday, some big, big guys, you know, talking about how, you know, it's not fair that these other communication platforms are not regulated. You know, Telco is heavily regulated and they're like, it's not fair. And I'm like, yep, it's not fair. That's life, right? >> Yeah. >> Stop complaining about it and start treating your customers better. So they're happy to give you more money. >> Yeah, and I think that's the message about the assets too. But one thing I will say, this Mobile World Congress, is that we've been having a lot of fun here in CLOUD CITY. I have to ask you a personal question. Have you been having fun? You look great on the keynote. You have a spring to your step. CLOUD CITY is beautiful, spectacular here. >> Yeah. >> Give us some highlights, personal highlights from your trip so far. >> Well number one, I'm, I'm psyched that the keynote is delivered in and done. I mean, I think it takes my blood pressure down a bunch. You know, the spring in my step, I wore these fun little tennis shoes and that was really fun. But yeah, I'm having, I'm having, I think a lot of things, great conversations. Yes the attendance is reduced. You know, usually you see hundreds of people from the big group carriers, especially the European groups. And yeah the attendance is reduced, but the senior guys are here, right? The senior leadership teams are in the booth. We're having meetings, we're having amazing conversations. I think the last year we really did live a decade in one year. I think they woke up to the power of the Public Cloud. >> Yeah, the pandemic helped. >> I mean, there was no way that they got business done without cloud based tools. And I think the light bulb went off. I think I'm right in the right moment. It's Awesome. >> Do you think that, do you think that they'll think in there, like left money on the table because you look at the pandemic, there were three categories of companies, losers, people who held the line, struggled and then winners. >> Yeah. >> Big time tale wind, booming. Obviously the Zooms of the world. Telco's did well. They were up and running, business was good. You think they might've left some money on the table? They could have done more. >> Yeah, I think the ones that were, you know, people talk about digital transformation. We're digital Telco, we're digitally enabled. And I think the pandemic really tested this, right. Can you deliver a contactless SIM? Or do you need to go to a store, in person, to get to go pick it up? And I had a broken SIM during the pandemic. My provider made me go to the store and I'm like, is it even open? And so I heard other stories of Telcos that were very digitally enabled, right. They were using Uber to deliver sims, and all sorts of fun, crazy stuff and new ideas. And they were able to pivot. >> Agile. >> Right, agile. And so I think, I think that was a really big wake up call. >> Telemedicine booming. >> So If you were in a digital business during the pandemic. In general, you're out of business, maybe unless you were a Telco, but I think you're right. I think the light bulb went off. It was an aha moment. And they said, oh-oh, if we don't move. >> I mean, I am not kidding right. As an ex-CEO where I was trying to collect signatures on renewals, right. Here's a DocuSign, which for the world is like, duh. I mean, our school uses DocuSign. I had telcos that required an in-person signature, >> Facts. >> Right, in some country, once a month on Tuesday between 10 and 2. And I'm like, how are you doing business, like that? That's like the dark ages. >> Yeah, this is where the crypto guys got it right, with know your customer. >> Yeah, right. >> 'Cause they have the data. >> Well, they had to, they had to. >> Yeah. >> There's a lot of things that's going wrong on crypto, we don't want to, we could do a whole show on that. But Danielle great to have you drop by, obviously Bon Jovi's here. How did you get Bon Jovi? Huge fan, New Jersey boy, Patriot's fan. >> Yeah. >> Dave, we love him. >> Fantastic. >> Well, I mean, who doesn't love Bon Jovi, right? We knew we wanted a rocker, right. Rock and roll is all about challenging the status quo. That, I mean, since the beginning and that's what we're doing here, right. We're really challenging like the way things have been done in Telco. Kind of just shattering the glass ceiling in lots of different ways, right. Calling the old guys dinosaurs. I'm sure those guys love me, right. I mean, how much do they hate me right now? Or they're like that girl, oh, so. >> Well we are punk rock. They're rock and roll. >> Right, right. I mean, maybe we should have gotten The Clash, right. Black Flag, right. I'm a little bit older than you. >> Bon Jovi's good. >> Right, we'll go with Bon Jovi. >> We like both of them. >> Accessible, right. >> Once's more conservative rock and roll still edgy. >> Yeah, so really excited to get them here. I've met him before. And so hopefully he'll remember me. It's been a couple of years since I've seen him. So can't wait to connect with him again. I think we have Elon Musk coming up and that's going to be, it's always exciting to hear that guy talk, so yeah. >> Yeah, he's going to be inspiration he'll talk space, SpaceX, >> Oh yeah. >> And possibly Starlink. >> Talking about the edge. >> Starlink, right. >> Starlink. >> I mean, those guys are launching rockets and deploying satellites and I think that's really interesting for rural. For rural right in Telco, right. Being able to deploy very quickly in rural where the, maybe the cost, you know, per gig doesn't make sense. You know, the cost for deployment of tower, I think. I mean, that's an interesting idea right there, yeah. >> It's exciting, he's inspirational. I think a lot of people look at the younger generation coming in and saying why are we doing things? A lot of people are questioning and they see the cloud. They're saying, oh, A or B, why are we doing this? This is such an easier, better way. >> Yeah. >> I think eventually the generation shifts in time. >> It's coming. I'm so excited to be a part of it, yeah. >> Great, great leadership. And I want to say that you are real innovative, glad to have us here and presenting with you here. >> Awesome team. >> I'm excited to have you guys. We talked last night about how great this partnership is, so thank you so much, yeah. >> TheCUBE, theCUBE's rocking inside the CLOUD CITY. The streets of the CLOUD CITY are hustling and booming. >> Packed. >> Packed in here. All stuff, great stuff. Thanks for coming on. >> Yep, thanks so much. >> Bon Jovi is here, we got a shot of Bon Jovi. Do we have a screenshot of Bon Jovi? >> Yeah, there it is. >> There it is, yeah. >> Okay, he's about to come on stage and we're going to take a break here. We're going to take and send it back to Adam and the team in the studio. Thanks guys.

>>Welcome back to the cubes coverage of dr khan 2021. I'm john for your host of the cube. We're here with Amanda Silver, corporate vice president, product developer division at Microsoft. Amanda, Great to see you you were on last year, Dr khan. Great to see you again a full year later were remote. Thanks for coming on. I know you're super busy with build happening this week as well. Thanks for making the time to come on the cube for Dr khan. >>Thank you so much for having me. Yeah, I'm joining you like many developers around the globe from my personal home office, >>developers really didn't skip a beat during the pandemic and again, it was not a good situation but developers, as you talked about last year on the front lines, first responders to creating value quite frankly, looking back you were pretty accurate in your prediction, developers did have an impact this year. They did create the kind of change that really changed the game for people's lives, whether it was developing solutions from a medical standpoint or even keeping systems running from call centres to making sure people got their their their goods or services and checks and and and kept sanity together. So. >>Yeah absolutely. I mean I think I think developers you know get the M. V. P. Award for this year because you know at the end of the day they are the digital first responders to the first responders and the pivot that we've had to make over the past year in terms of supporting remote telehealth, supporting you know online retail, curbside pickup. All of these things were done through developers being the ones pushing the way forward remote learning. You know my kids are learning at home right behind me right now so you might hear them during the interview that's happening because developers made that happen. >>I don't think mom please stop hogging the band with, they've got a gigabit. Stop it. Don't be streaming. My kids are all game anyway, Hey, great to have you on and you have to get the great keynote, exciting to see you guys continue the collaboration with Docker uh with GIT hub and Microsoft, A great combination, it's a 123 power punch of value. You guys are really kind of killing it. We heard from scott and dan has been on the cube. What's your thoughts on the partnership with the developer division team at Microsoft with Doctor, What's it all about this year? What's the next level? >>Well, I mean, I think, I think what's really awesome about this partnership is that we all have, we all are basically sharing a common mission. What we want to do is make sure that we're empowering developers, that we're focused on their productivity and that we're delivering value to them so they can do their job better so that they can help others. So that's really kind of what drives us day in and day out. So what we focus on is developer productivity. And I think that's a lot of what dana was talking about in her session, the developer division. Specifically, we really try to make sure that we're improving the state of the art from modern developers. So we want to make sure that every keystroke that they take, every mouse move that they make, it sounds like a song but every every one of those matter because we want to make sure that every developers writing the code that only they can write and in terms of the partnership and how that's going. You know my team and the darker team have been collaborating a ton on things like dr desktop and the Doctor Cli tool integrations. And one of the things that we do is we think about pain points and various workflows. We want to make sure that we're shaving off the edges of all of the user experience is the developers have to go through to piece all of these applications together. So one of the big pain points that we have heard from developers is that signing into the Azure cloud and especially our sovereign clouds was challenging. So we contributed back to uh back to doctor to actually make it easier to sign into these clouds. And so dr developers can now use dr desktop and the Doctor Cli to actually change the doctor context so that its Azure. So that makes it a lot easier to connect the other. Oh, sorry, go ahead. No, I was just >>going to say, I love the reference of the police song. Every breath you take, every >>mouth moving. Great, >>great line there. Uh, but I want to ask you while you're on this modern cloud um, discussion, what is I mean we have a lot of developers here at dr khan. As you know, you guys know developers in your ecosystem in core competency. From Microsoft, Kublai khan is a very operator like focus developed. This is a developer conference. You guys have build, what is the state of the art for a modern cloud developer? Could you just share your thoughts because this comes up a lot. You know, what's through the art? What's next jan new guard guard? It's his legacy. What is the state of the art for a modern cloud developer? >>Fantastic question. And extraordinarily relevant to this particular conference. You know what I think about often times it's really what is the inner loop and the outer loop look like in terms of cycle times? Because at the end of the day, what matters is the time that it takes for you to make that code change, to be able to see it in your test environment and to be able to deploy it to production and have the confidence that it's delivering the feature set that you need it to. And it's, you know, it's secure, it's reliable, it's performance, that's what a developer cares about at the end of the day. Um, at the same time, we also need to make sure that we're growing our team to meet our demand, which means we're constantly on boarding new developers. And so what I take inspiration from our, some of the tech elite who have been able to invest significant amounts in, in tuning their engineering systems, they've been able to make it so that a new developer can join a team in just a couple of minutes or less that they can actually make a code change, see that be reflected in their application in just a few seconds and deploy with confidence within hours. And so our goal is to actually be able to take that state of the art metric and democratize that actually bring it to as many of our customers as we possibly can. >>You mentioned supply chain earlier in securing that. What are you guys doing with Docker and how to make that partnership better with registries? Is there any update there in terms of the container registry on Azure? >>Yeah, I mean, you know, we, we we have definitely seen recent events and and it almost seems like a never ending attacks that that you know, increasingly are getting more and more focused on developer watering holes is how we think about it. Kind of developers being a primary target um for these malicious hackers. And so what it's more important than ever that every developer um and Microsoft especially uh really take security extraordinarily seriously. Our engineers are working around the clock to make sure that we are responding to every security incident that we hear about and partnering with our customers to make sure that we're supporting them as well. One of the things that we announced earlier this week at Microsoft build is that we've actually taken, get have actions and we've now integrated that into the Azure Security Center. And so what this means is that, you know, we can now do things like scan for vulnerabilities. Um look at things like who is logging in, where things like that and actually have that be tracked in the Azure security center so that not just your developers get that notification but also your I. T. Operations. Um In terms of the partnership with dR you know, this is actually an ongoing partnership to make sure that we can provide more guidance to developers to make sure that they are following best practices like pulling from a private registry like Docker hub or at your container registry. So I expect that as time goes on will continue to more in partnership in this space >>and that's going to give a lot of confidence. Actually, productivity wise is going to be a big help for developers. Great stuff is always good, good progress. They're moving the needle. >>Last time we >>spoke we talked about tools and setting Azure as the doctor context duty tooling updates here at dot com this year. That's notable. >>Yeah, I mean, I think, you know, there's one major thing that we've been working on which has a big dependency on docker is get help. Code space is now one of the biggest pain points that developers have is setting up a new DEV box, which they often have to do when they are on boarding a new employee or when they're starting a new project or even if they're just kicking the tires on a new technology that they want to be able to evaluate and sometimes creating a developer environment can actually take hours um and especially when you're trying to create a developer environment that matches somebody else's developer environment that can take like a half a day and you can spend all of your time just debugging the differences in environment variables, for example, um, containers actually makes that much easier. So what you can do with this, this services, you can actually create death environment spun up in the cloud and you can access it in seconds and you get from there are working coding environment and a runtime environment and this is repeatable via containers. So it means that there's no inadvertent differences introduced by each DEV. And you might be interested to know that underneath this is actually using Docker files and dr composed to orchestrate the debits and the runtime bits for a whole bunch of different stacks. And so this is something that we're actually working on in collaboration with the with the doctor team to have a common the animal format. And in fact this week we actually introduced a couple of app templates so that everybody can see this all in action. So if you check out a ca dot m s forward slash app template, you can see this in action yourself. >>You guys have always had such a strong developer community and one thing I love about cloud as it brings more agility, as we always talk about. But when you start to see the enterprise grow into, the direction is going now, it's almost like the developer communities are emerging, it's no longer about all the Lennox folks here and the dot net folks there, you've got windows, you've got cloud, >>it's almost >>the the the solidification of everyone kind of coming together. Um and visual studio, for instance, last year, I think you were talking about that to having to be interrogated dr composed, et cetera. >>How do you see >>this melting pot emerging? Because at the end of the day, you pick the language you love and you got devops, which is infrastructure as code doesn't matter. So give us your take on where we are with that whole progress of of making that happen. >>Well, I mean I definitely think that, you know, developer environments and and kind of, you know, our approach to them don't need to be as dogmatic as they've been in the past. I really think that, you know, you can pick the right tool and language and stand developer stack for your team, for your experience and you can be productive and that's really our goal. And Microsoft is to make sure that we have tools for every developer and every team so that they can build any app that they want to want to create. Even if that means that they're actually going to end up ultimately deploying that not to our cloud, they're going to end up deploying it to AWS or another another competitive cloud. And so, you know, there's a lot of things that we've been doing to make that really much easier. We have integrated container tools in visual studio and visual studio code and better cli integrations like with the doctor context that we had talked about a little bit earlier. We continue to try to make it easier to build applications that are targeting containers and then once you create those containers it's much easier to take it to another environment. One of the examples of this kind of work is now that we have WsL and the Windows subsystem for Lennox. This makes it a lot easier for developers who prefer a Windows operating system as their environment and maybe some tools like Visual Studio that run on Windows, but they can still target Lennox with as their production environment without any impedance mismatch. They can actually be as productive as they would be if they had a Linux box as their Os >>I noticed on this session, I got to call this out. I want to get your reaction to it interesting. Selection of Microsoft talks, the container based development. Visual studio code is one that's where you're going to show some some some container action going on with note and Visual Studio code. And then you get the machine learning with Azure uh containers in the V. S. Code. Interesting how you got, you know, containers with V. S. And now you've got machine learning. What does that tell the world about where Microsoft's at? Because in a way you got the cutting edge container management on one side with the doctor integration. Now you get the machine learning which everyone's talking about shifting, left more automation. Why are these sessions so important? Why should people attend? And what's the what's the bottom line? >>Well, like I said, like containers basically empower developer productivity. Um that's what creates the reputable environments, that's what allows us to make sure that, you know, we're productive as soon as we possibly can be with any text act that we want to be able to target. Um and so that's kind of almost the ecosystem play. Um it's how every developer can contribute to the success of others and we can amor ties the kinds of work that we do to set up an environment. So that's what I would say about the container based development that we're doing with both visual studio and visual studio code. Um in terms of the machine learning development, uh you know, the number of machine learning developers in the world is relatively small, but it's growing and it's obviously a very important set of developers because to train a machine learning uh to train an ml model, it actually requires a significant amount of compute resources, and so that's a perfect opportunity to bring in the research that are in a public cloud. Um What's actually really interesting about that particular develop developer stack is that it commonly runs on things like python. And for those of you who have developed in python, you know, just how difficult it is to actually set up a python environment with the right interpreter, with the right run time, with the right libraries that can actually get going super quickly, um and you can be productive as a developer. And so it's actually one of the hardest, most challenging developer stacks to actually set up. And so this allows you to become a machine learning developer without having to spend all of your time just setting up the python runtime environment. >>Yeah, it's a nice, nice little call out on python, it's a double edged sword. It's easier to sling code around on one hand, when you start getting working then you gotta it gets complicated can get well. Um Well the great, great call out there on the island, but good, good, good project. Let me get your thoughts on this other tool that you guys are talking about project tie. Uh This is interesting because this is a trend that we're seeing a lot of conversations here on the cube about around more too many control planes. Too many services. You know, I no longer have that monolithic application. I got micro micro applications with microservices. What the hell is going on with my services? >>Yeah, I mean, I think, you know, containers brought an incredible amount of productivity in terms of having repeatable environments, both for dev environments, which we talked about a lot on this interview already, but also obviously in production and test environments. Super important. Um and with that a lot of times comes the microservices architecture that we're also moving to and the way that I view it is the microservices architecture is actually accompanied by businesses being more focused on the value that they can actually deliver to customers. And so they're trying to kind of create separations of concerns in terms of the different services that they're offering, so they can actually version and and kind of, you know, actually improve each of these services independently. But what happens when you start to have many microservices working together in a SAS or in some kind of aggregate um service environment or kind of application environment is it starts to get unwieldy, it's really hard to make it so that one micro service can actually address another micro service. They can pass information back and forth. And you know what used to be maybe easy if you were just building a client server application because, you know, within the server tear all of your code was basically contained in the same runtime environment. That's no longer the case when every microservices actually running inside of its own container. So the question is, how can we improve program ability by making it easier for one micro service that's being used in an application environment, be to be able to access another another service and kind of all of that context. Um and so, you know, you want to be able to access the service is the the api endpoint, the containers, the ingress is everything, make everything work together as though it felt just as easy as as um you know, server application development. Um And so what this means as well is that you also oftentimes need to get all of these different containers running at the same time and that can actually be a challenge in the developer and test loop as well. So what project tie does is it improves the program ability and it actually allows you to just write a command like thai run so that you can actually in stan she ate all of these containers and get them up and running and basically deploy and run your application in that environment and ultimately make the dev testing or loop much faster >>than productivity gain. Right. They're making it simple to stand up. Great, great stuff. Let me ask you a question as we kind of wrap down here for the folks here at Dakar Con, are >>there any >>special things you'd like to talk about the development you think are important for the developers here within this space? It's very dynamic. A lot of change happening in a good way. Um, but >>sometimes it's hard to keep >>track of all the cool stuff happening. Could you take a minute to, to share your thoughts on what you think are the most important develops developments in this space? That that might be interesting to ducker con attendees. >>I think the most important things are to recognize that developer environments are moving to containerized uh, environments themselves so that they can be repeated, they can be shared, the work, configuring them can be amortized across many developers. That's important thing. Number one important thing. Number two is it doesn't matter as much what operating system you're running as your chrome, you know, desktop. What matters is ultimately the production environment that you're targeting. And so I think now we're in a world where all of those things can be mixed and matched together. Um and then I think the next thing is how can we actually improve microservices, uh programming development together um so that it's easier to be able to target multiple micro services that are working in aggregate uh to create a single service experience or a single application. And how do we improve the program ability for that? >>You know, you guys have been great supporters of DACA and the community and open source and software developers as they transform and become quite frankly the superheroes for the transformation, which is re factoring businesses. So this has been a big thing. I'd love to get your thoughts on how this is all coming together inside Microsoft, you've got your division, you get the developer division, you got GIT hub, got Azure. Um, and then just historically, and he put this up last year army of an ecosystem. People who have been contributing encoding with Microsoft and the partners for many, many decades. >>Yes. The >>heart Microsoft now, how's it all working? What's the news? I get Lincoln, Lincoln, but there's no yet developer model there yet, but probably is soon. >>Um Yeah, I mean, I think that's a pretty broad question, but in some ways I think it's interesting to put it in the context of Microsoft's history. You know, I think when I think back to the beginning of my career, it was kind of a one stack shop, you know, we was all about dot net and you know, of course we want to dot net to be the best developer environment that it can possibly be. We still actually want that. We still want that need to be the most productive developer environment. It could we could possibly build. Um but at the same time, I think we have to recognize that not all developers or dot net developers and we want to make sure that Azure is the most productive cloud for developers and so to do that, we have to make sure that we're building fantastic tools and platforms to host java applications, javascript applications, no Js applications, python applications, all of those things, you know, all of these developers in the world, we want to make sure it can be productive on our tools and our platforms and so, you know, I think that's really kind of the key of you know what you're speaking of because you know, when I think about the partnership that I have with the GIT hub team or with the Azure team or with the Azure Machine learning team or the Lincoln team, um A lot of it actually comes down to helping empower developers, improving their productivity, helping them find new developers to collaborate with, um making sure that they can do that securely and confidently and they can basically respond to their customers as quickly as they possibly can. Um and when, when we think about partnering inside of Microsoft with folks like linkedin or office as an example, a lot of our partnership with them actually comes down to improving their colleagues efficiency. We build the developer tools that office and lengthen are built on top of and so every once in a while we will make an improvement that has, you know, 5% here, 3% there and it turns into an incredible amount of impact in terms of operations, costs for running these services. >>It's interesting. You mentioned earlier, I think there's a time now we're living in a time where you don't have to be dogmatic anymore, you can pick what you like and go with it. Also that you also mentioned just now this idea of distributed applications, distributed computing. You know, distributed applications and microservices go really well together. Especially with doctor. >>Can you share >>your thoughts on the framework that you guys released called Dapper? >>Yeah, yeah. We recently released Dapper. It's called D A P R. You can look it up on GIT hub and it's a programming model for common microservices pattern, two common microservices patterns that make it really easy and automatic to create those kinds of microservices. So you can choose to work with your favorite state stores or databases or pub sub components and get things like cloud events for free. You can choose either http or g R B C so that you can get mesh capabilities like service discovery and re tries and you can bring your own secret store and easily be able to call it from any environment variable. It's also like I was talking about earlier, multi lingual. Um so you don't need to embrace dot net, for example, as you're programming language to be able to benefit from Dapper, it actually supports many programming languages and Dapper itself is actually written and go. Um and so, you know, all developers can benefit from something like Dapper to make it easier to create microservices applications. >>I mean, always great to have you on great update. Take a minute to give an update on what's going on with your division. I know you had to build conference this week. V. S has got the new preview title. We just talked about what are the things you want to get to plug in for? Take a minute to get to plug in for what you're working on, your goals, your objectives hiring, give us the update. >>Yeah, sure. I mean, you know, we we built integrated container tools in visual studio uh and the Doctor extension and Visual Studio code and cli extensions. Uh and you know, even in this most recent release of our Visual Studio product, Visual Studio 16 10, we added some features to make it easier to use DR composed better. So one of the examples of this is that you can actually have uh Oftentimes you need to be able to use multiple doctor composed files together so that you can actually configure various different container environments for a single single application. But it's hard sometimes to create the right Yeah. My file so that you can actually invoke it and invoke the the container and the micro services that you need. And so what this allows you to do is to actually have just a menu of the different doctor composed files so that you can select the runtime and test environment that you need for the subset of the portion of the application that you're working on at the end of the day. This is always about developer productivity. You know, like I said, every keystroke matters. Um and we want to make sure that you as a developer can focus on the code that only you can Right. >>Amanda Silver, corporate vice president product development division of Microsoft. Always great to see you and chat with you remotely soon. We'll be back in in real life with real events soon as we come out of the pandemic and thanks for sharing your insight and congratulations on your success this year and and congratulations on your announcement here at Dakar Gone. >>Thank you so much for having me. >>Okay Cube coverage for Dunkirk on 2021. I'm John for your host of the Cube. Thanks for watching. Mhm

>> Announcer: From around the globe, it's theCUBE. With digital coverage of IBM Think 2021. Brought to you by IBM. >> John: Hello and welcome back to theCUBE's coverage of IBM Think 2021 Virtual. I'm John Furrier, your host of theCUBE. We're here with two great guests, Andrew Coward's the GM, Software Defined Networking at IBM and Caroline Chappel. Research Director, Cloud and Platform Services at Analysys Mason. Folks, thanks for coming on. Caroline, good to see you. Andrew, thanks for coming on theCUBE. >> You're welcome, it's nice to be here. >> Thank you. >> So software defined networking, love it. Software-defined data center, software defined cloud, all that has been pointing to what is now a reality which is hybrid cloud and the Edge, and soon to be multicloud. This kind of makes networking, again, at the centerpiece. This has been this way for now, at least for five hardcore years, at the center of the value proposition discussion. And certainly networking is super relevant. Why is networking now more important than ever for IBM? >> Well, to your point, I think networking is weaved into pretty much everything we touch. From Red Hat Linux for its analytics, machine learning tools, security, cloud services, and so on. And the networking business is changing very radically at the moment. We're going through kind of massive shift. Not just to the cloud, but the desegregation of networking products that, you know, you think of being very tight and integrated are actually being separated into their constituent parts. Distribution of applications and data across multiple clouds, ensuring that the products really have industry-leading capabilities, so that networking is weaved into what they do. The other thing is the scary numbers, right? But now, there's like 15 billion network-capable devices out there with general computing capabilities. And so I don't mean like really dumb things but things that are now we call smart, like a smart car. A medical center that's got applications that even your fridge now, has general compute capabilities. And all of those are expected to connect into the public or private cloud. And so how they connect, where data moves across that really on critical concern to everything that we at IBM do. >> So I have to ask you, I love the word radical change. It gets my attention for certain. What specifically are you referring to in radical change? Because, I mean, I would, I mean, I'm pretty radical that COVID has hit everybody and I think everyone woke up and never thought 100% of the workforce would be working remotely. So, you know, there is radical kind of macro conditions. What specifically though about networking would you say is radical and how does that impact the enterprise? >> Well, right. I think it's about how compute is shifting and how network has to follow. You know, we've been speaking a lot of enterprise accounts and customers. And, you know, it's through COVID and over the last year, we've seen that the ongoing migration into, not just one cloud but many clouds. But we need to think the enterprise you can stop and say, two clouds is enough to be here and to be able to do that. That's not happening. There is no limit to the number of clouds that each enterprise is going into and it's not a coordinated decision, so the radicalism is that the network guys, the cloud architects are being left to pick up the pieces and their job now is to kind of join together applications and data that might be spread in three or four different locations. And that's really, really challenging. And nobody's thinking about things like latency or connectivity, data accountability when these decisions are made. And it is kind of like the business units are allowed to make their own decisions to get it, but corporate itself then has to figure out how all this stuff works. And that's creating a lot of headaches. >> Caroline, If you could chime in on this, because this is kind of like what we're hearing. What's your thoughts? Because I mean, the platform shifting. I mean, five years ago. Oh, go move to the cloud, lift and shift. Now, the conversation is hyper-focused on cloud integration, at scale with kind of the features that enterprise really need. That's the confusion. What's your take on all this radical change? >> Well, I'd like to, to talk about another aspect of the radical change here, which I think is part of the story which is the radical change for the network itself. So the network itself is, as Andrew said, you know becoming desegregated into hardware and software and really becoming a software application if you think about it, that runs on the cloud itself. And that means you can distribute the network in a very different way, than you could in the past. And what that's really affecting is who can provide a network, how they can provide it, what services, what network services they can provide. And I think that is changing the decision points for operators, for enterprises. They're being faced with a very big choice about who do they, who will provide their connectivity services? Will it be an SD-WAN vendor? Who's not necessarily a traditional operator? Would it be a SaSS-y player that's basically just operating after the cloud. And if you look at the services themselves, there's the opportunity for enterprises to build really kind of rich, bespoke connectivity on demand and in a way that they've never had before. And I think that choice is obviously wonderful in one sense, but in another sense, it's pretty scary. And, and as Andrew said, it's not these decisions are not being taken particularly in a coordinated way. You know, you'll have your traditional network guys often very embedded with the lines of business and then you'll have the IT guys all going to the cloud. And these two parts of an enterprise don't necessarily even talk to each other in terms of how they're procuring their network services. So lot of choice, a lot of moving parts, a lot of change. And I think that's contributing to the situation we're finding ourselves in. >> So. First of all, great insight. I want to just double down on that one point around radical change, because what you just laid out is kind of the institutional lock-in or the way they've been operating things before You mentioned lines of business being embedded with the network guys. So you have radical change. So that's a disruption. So what's the disruption look like from your perspective because now you've got more choice, but it's hasn't been operationalized. What are the best practices? This is net new. Is it net new? How do I do security? This is all now new questions. So I got to ask you what's the disruption and what's it mean for the enterprise networks over the next couple of years going forward? >> Well, I think that there are a lot of disruptions but I think one of the ones that I haven't even mentioned. So I think, you know a lot of things are going to go, for example, I think that the idea of the network as being something fixed, persistent with fixed persistent connections is changing. So a lot of the enterprises I've talked to have said that their corporate networks, of course, they will need corporate networks with fixed VPNs between locations. Yeah, because they've got an awful lot of legacy they've got to support. But a lot of the new stuff that's coming along of the IOT driven stuff a lot of the changes around the edge and an operation, operational process automation and that kind of thing will actually be more on demand. We'll ask for on demand connectivity. A lot of it is will the applications themselves run on the cloud and not just on one cloud but as Andrew said on many, many distributed clouds. So you've got to think about zero trust security because you are basically spinning up these connections on demand. A lot of mobile will come in 5g. We know is going to be very important to operators in the future. So I think enterprises have got to deal with those data and security and all their best practices. We've got to shift to a much more dynamic, you know connectivity world, where they've got us to the playoffs. You know, what's the terministic on what's a network. That's just going to be on demand there when they need it and shut down when they don't. >> That's a great point. Andrew, I want you to weigh in on the IBM impact because what we just heard was application driven. That's dev ops. That's programmability. That's what we had hoped. Now you've got DevSecOps, all this is now the requirements. What's the bet on IBM side.? You got to make it happen. You got to bring the customers a solution and make it scale and be responsive to those you know, new, dynamically, flexible agile networks. >> Well, that's right. So the bet is that, you know that these applications that are being spent out there in containerize and they're being separated into these clouds and connecting those is what we as IBM have to have to do. And so kind of an example of that, kind of looking at the medical world, right? You think of an application that would today, monitor a patient. What's going on with that patient and all of the senses and so on. Well, the way we see it, the monitor itself, there might be monitoring temperature and heart rate etc. That what actually happens on that device might change moments depending on the patient's condition. That's one part of the application. Another part of that application may live in private data center. A third part of that application may live in the cloud. And depending on what's going on with that patient and what's going on with the ward and everything else. Those things may shift and move around. So, where does that data? Where's that data allowed to move to inform of what are the boundary points for that? How is the reliability, resiliency of our system guaranteed, but across many disparate parts of what's going on there. All of those things end up being a very vertically integrated solution. But fundamentally we've got a very different way, new ways of being able to react, dynamically. To both the network, the application and ultimately the unusual patient in this case and that's what kind of is the advantage of the outcome if you like for moving to this new world. >> So what are the implications then of the changes? These are massive changes for the better We're seeing that kind of innovation come from this transformational quick change. Hybrid cloud and edge is coming, you mentioned. Caroline talked about that too. What do you guys think about the implications and how enterprises specifically can prepare for these changes? >> Okay, well, I can pick that up. I think what enterprises are looking for at the moment is how do they get a holistic view of everything that's underneath them? I mean, I think the cloud providers individually are abstracting away as much of the network as they possibly can. They want it to appear to developers just as some kind of plumbing. And it's very easy now for enterprises to through API is you know, we've got a very API different world so it's very easy to say, okay I want this service and I'm just going to go through their API and connect to it. And that's why you get to the situation of multiple, multiple clouds. Now you've got this situation where you've got some companies are talking about needing 50 to 10,000 micro data centers, room closet data centers if you like ,to support some of the things that they want to do, like telemetry ,pick up telemetry from rental cars, for example. So what they really need is to look at all that connectivity, just as plumbing just as we don't worry about how electricity is being delivered to us. That's kind of how they want to do connectivity. So I think they want that view. They want that. Okay. I want to treat my network as one virtual thing. No matter how many different points of plumbing there are underneath. And it's getting to that point that I think they've really got to think about a plan for. You know, how do we get that to you? What's going to provide us with that holistic way that we can put a policy into our plumbing. And it proliferates across, you know all our applications and so on. I think that's a very difficult thing to achieve at the moment but it's certainly the way enterprises need to start thinking about things. >> Andrew, you know, when Caroline's talking, I can't help but kind of throw back to my days of the telephone closet. You know, back in the analog switches. But no, we're talking about a footprint. Radical footprint change too. You know, you need plumbing. Obviously that's a network. It's distributed. We just talked about that at the top of this interview. Now you have the plumbing, you got the footprint and data center could be in a closet, AKA, you know a couple of devices powering an edge. And the edge could be big, small, medium, extra large right? I mean, it's all now radically changed. This is reality now. what's your take on these implications and how do people prepare? >> Well, that's right. It's really the computer's generalized and it's everywhere and yes, it's in the closet. But as I say, it's also in your fridge, it's also in your medical censor and what loads and what runs on that is it's very intertwined with the network. And the lament, if you like, that network architects, the card architects have today is that they feel like they've lost control. They feel they've lost control of exactly what different business groups are doing, how these applications are playing out. And shout out to them, I guess for them is really that they need to be involved from a very early date on how these services are supposed to look. Just the latency of the patients, the data and where the data's supposed to live, where it's allowed to move to. All of those are deeply regulated and deeply controlled. And so making sure that that's aligned with how these applications will actually live and work. Even on a regular basis, sooner there has to be thought about now. An unplanned for so that we can get to the there and not trip up along the way. And then if it's bad enough now with all the different clouds, it's going to be much worse when everything can run a different workload on a minute by minute basis. Right. But that's cool. That's the world we have to find for. >> Okay. Andrew. Caroline. Thank you for your insight. Really appreciated coming on theCUBE. Thanks for coming. I really appreciate it. >> Thank you very much. >> Thank you >> Okay. This is the cube coverage of IBM Think 2021. I'm John Furrier, your host. Thanks for watching. (cheerful music playing)

>> Announcer: From around the globe, it's theCUBE. With digital coverage of IBM Think 2021. Brought to you by IBM. >> John: Hello and welcome back to theCUBE's coverage of IBM Think 2021 Virtual. I'm John Furrier, your host of theCUBE. We're here with two great guests, Andrew Coward's the GM, Software Defined Networking at IBM and Caroline Chappel. Research Director, Cloud and Platform Services at Analysys Mason. Folks, thanks for coming on. Caroline, good to see you. Andrew, thanks for coming on theCUBE. >> You're welcome, it's nice to be here. >> Thank you. >> So software defined networking, love it. Software-defined data center, software defined cloud, all that has been pointing to what is now a reality which is hybrid cloud and the Edge, and soon to be multicloud. This kind of makes networking, again, at the centerpiece. This has been this way for now, at least for five hardcore years, at the center of the value proposition discussion. And certainly networking is super relevant. Why is networking now more important than ever for IBM? >> Well, to your point, I think networking is weaved into pretty much everything we touch. From Red Hat Linux for its analytics, machine learning tools, security, cloud services, and so on. And the networking business is changing very radically at the moment. We're going through kind of massive shift. Not just to the cloud, but the desegregation of networking products that, you know, you think of being very tight and integrated are actually being separated into their constituent parts. Distribution of applications and data across multiple clouds, ensuring that the products really have industry-leading capabilities, so that networking is weaved into what they do. The other thing is the scary numbers, right? But now, there's like 15 billion network-capable devices out there with general computing capabilities. And so I don't mean like really dumb things but things that are now we call smart, like a smart car. A medical center that's got applications that even your fridge now, has general compute capabilities. And all of those are expected to connect into the public or private cloud. And so how they connect, where data moves across that really on critical concern to everything that we at IBM do. >> So I have to ask you, I love the word radical change. It gets my attention for certain. What specifically are you referring to in radical change? Because, I mean, I would, I mean, I'm pretty radical that COVID has hit everybody and I think everyone woke up and never thought 100% of the workforce would be working remotely. So, you know, there is radical kind of macro conditions. What specifically though about networking would you say is radical and how does that impact the enterprise? >> Well, right. I think it's about how compute is shifting and how network has to follow. You know, we've been speaking a lot of enterprise accounts and customers. And, you know, it's through COVID and over the last year, we've seen that the ongoing migration into, not just one cloud but many clouds. But we need to think the enterprise you can stop and say, two clouds is enough to be here and to be able to do that. That's not happening. There is no limit to the number of clouds that each enterprise is going into and it's not a coordinated decision, so the radicalism is that the network guys, the cloud architects are being left to pick up the pieces and their job now is to kind of join together applications and data that might be spread in three or four different locations. And that's really, really challenging. And nobody's thinking about things like latency or connectivity, data accountability when these decisions are made. And it is kind of like the business units are allowed to make their own decisions to get it, but corporate itself then has to figure out how all this stuff works. And that's creating a lot of headaches. >> Caroline, If you could chime in on this, because this is kind of like what we're hearing. What's your thoughts? Because I mean, the platform shifting. I mean, five years ago. Oh, go move to the cloud, lift and shift. Now, the conversation is hyper-focused on cloud integration, at scale with kind of the features that enterprise really need. That's the confusion. What's your take on all this radical change? >> Well, I'd like to, to talk about another aspect of the radical change here, which I think is part of the story which is the radical change for the network itself. So the network itself is, as Andrew said, you know becoming desegregated into hardware and software and really becoming a software application if you think about it, that runs on the cloud itself. And that means you can distribute the network in a very different way, than you could in the past. And what that's really affecting is who can provide a network, how they can provide it, what services, what network services they can provide. And I think that is changing the decision points for operators, for enterprises. They're being faced with a very big choice about who do they, who will provide their connectivity services? Will it be an SD-WAN vendor? Who's not necessarily a traditional operator? Would it be a SaSS-y player that's basically just operating after the cloud. And if you look at the services themselves, there's the opportunity for enterprises to build really kind of rich, bespoke connectivity on demand and in a way that they've never had before. And I think that choice is obviously wonderful in one sense, but in another sense, it's pretty scary. And, and as Andrew said, it's not these decisions are not being taken particularly in a coordinated way. You know, you'll have your traditional network guys often very embedded with the lines of business and then you'll have the IT guys all going to the cloud. And these two parts of an enterprise don't necessarily even talk to each other in terms of how they're procuring their network services. So lot of choice, a lot of moving parts, a lot of change. And I think that's contributing to the situation we're finding ourselves in. >> So. First of all, great insight. I want to just double down on that one point around radical change, because what you just laid out is kind of the institutional lock-in or the way they've been operating things before You mentioned lines of business being embedded with the network guys. So you have radical change. So that's a disruption. So what's the disruption look like from your perspective because now you've got more choice, but it's hasn't been operationalized. What are the best practices? This is net new. Is it net new? How do I do security? This is all now new questions. So I got to ask you what's the disruption and what's it mean for the enterprise networks over the next couple of years going forward? >> Well, I think that there are a lot of disruptions but I think one of the ones that I haven't even mentioned. So I think, you know a lot of things are going to go, for example, I think that the idea of the network as being something fixed, persistent with fixed persistent connections is changing. So a lot of the enterprises I've talked to have said that their corporate networks, of course, they will need corporate networks with fixed VPNs between locations. Yeah, because they've got an awful lot of legacy they've got to support. But a lot of the new stuff that's coming along of the IOT driven stuff a lot of the changes around the edge and an operation, operational process automation and that kind of thing will actually be more on demand. We'll ask for on demand connectivity. A lot of it is will the applications themselves run on the cloud and not just on one cloud but as Andrew said on many, many distributed clouds. So you've got to think about zero trust security because you are basically spinning up these connections on demand. A lot of mobile will come in 5g. We know is going to be very important to operators in the future. So I think enterprises have got to deal with those data and security and all their best practices. We've got to shift to a much more dynamic, you know connectivity world, where they've got us to the playoffs. You know, what's the terministic on what's a network. That's just going to be on demand there when they need it and shut down when they don't. >> That's a great point. Andrew, I want you to weigh in on the IBM impact because what we just heard was application driven. That's dev ops. That's programmability. That's what we had hoped. Now you've got DevSecOps, all this is now the requirements. What's the bet on IBM side.? You got to make it happen. You got to bring the customers a solution and make it scale and be responsive to those you know, new, dynamically, flexible agile networks. >> Well, that's right. So the bet is that, you know that these applications that are being spent out there in containerize and they're being separated into these clouds and connecting those is what we as IBM have to have to do. And so kind of an example of that, kind of looking at the medical world, right? You think of an application that would today, monitor a patient. What's going on with that patient and all of the senses and so on. Well, the way we see it, the monitor itself, there might be monitoring temperature and heart rate etc. That what actually happens on that device might change moments depending on the patient's condition. That's one part of the application. Another part of that application may live in private data center. A third part of that application may live in the cloud. And depending on what's going on with that patient and what's going on with the ward and everything else. Those things may shift and move around. So, where does that data? Where's that data allowed to move to inform of what are the boundary points for that? How is the reliability, resiliency of our system guaranteed, but across many disparate parts of what's going on there. All of those things end up being a very vertically integrated solution. But fundamentally we've got a very different way, new ways of being able to react, dynamically. To both the network, the application and ultimately the unusual patient in this case and that's what kind of is the advantage of the outcome if you like for moving to this new world. >> So what are the implications then of the changes? These are massive changes for the better We're seeing that kind of innovation come from this transformational quick change. Hybrid cloud and edge is coming, you mentioned. Caroline talked about that too. What do you guys think about the implications and how enterprises specifically can prepare for these changes? >> Okay, well, I can pick that up. I think what enterprises are looking for at the moment is how do they get a holistic view of everything that's underneath them? I mean, I think the cloud providers individually are abstracting away as much of the network as they possibly can. They want it to appear to developers just as some kind of plumbing. And it's very easy now for enterprises to through API is you know, we've got a very API different world so it's very easy to say, okay I want this service and I'm just going to go through their API and connect to it. And that's why you get to the situation of multiple, multiple clouds. Now you've got this situation where you've got some companies are talking about needing 50 to 10,000 micro data centers, room closet data centers if you like ,to support some of the things that they want to do, like telemetry ,pick up telemetry from rental cars, for example. So what they really need is to look at all that connectivity, just as plumbing just as we don't worry about how electricity is being delivered to us. That's kind of how they want to do connectivity. So I think they want that view. They want that. Okay. I want to treat my network as one virtual thing. No matter how many different points of plumbing there are underneath. And it's getting to that point that I think they've really got to think about a plan for. You know, how do we get that to you? What's going to provide us with that holistic way that we can put a policy into our plumbing. And it proliferates across, you know all our applications and so on. I think that's a very difficult thing to achieve at the moment but it's certainly the way enterprises need to start thinking about things. >> Andrew, you know, when Caroline's talking, I can't help but kind of throw back to my days of the telephone closet. You know, back in the analog switches. But no, we're talking about a footprint. Radical footprint change too. You know, you need plumbing. Obviously that's a network. It's distributed. We just talked about that at the top of this interview. Now you have the plumbing, you got the footprint and data center could be in a closet, AKA, you know a couple of devices powering an edge. And the edge could be big, small, medium, extra large right? I mean, it's all now radically changed. This is reality now. what's your take on these implications and how do people prepare? >> Well, that's right. It's really the computer's generalized and it's everywhere and yes, it's in the closet. But as I say, it's also in your fridge, it's also in your medical censor and what loads and what runs on that is it's very intertwined with the network. And the lament, if you like, that network architects, the card architects have today is that they feel like they've lost control. They feel they've lost control of exactly what different business groups are doing, how these applications are playing out. And shout out to them, I guess for them is really that they need to be involved from a very early date on how these services are supposed to look. Just the latency of the patients, the data and where the data's supposed to live, where it's allowed to move to. All of those are deeply regulated and deeply controlled. And so making sure that that's aligned with how these applications will actually live and work. Even on a regular basis, sooner there has to be thought about now. An unplanned for so that we can get to the there and not trip up along the way. And then if it's bad enough now with all the different clouds, it's going to be much worse when everything can run a different workload on a minute by minute basis. Right. But that's cool. That's the world we have to find for. >> Okay. Andrew. Caroline. Thank you for your insight. Really appreciated coming on theCUBE. Thanks for coming. I really appreciate it. >> Thank you very much. >> Thank you >> Okay. This is the cube coverage of IBM Think 2021. I'm John Furrier, your host. Thanks for watching. (cheerful music playing)