>> Welcome everyone to "theCUBE's" coverage of "Compute engineered for your hybrid world," sponsored by HP and Intel. Today we're going to going to discuss how to transform your compute management experience with the new 4th Gen Intel Xeon scalable processors. Hello, I'm John Furrier, host of "theCUBE," and my guests today are Chinmay Ashok, director cloud engineering at Intel, and Koichiro Nakajima, principal product manager, compute at cloud services with HPE. Gentlemen, thanks for coming on this segment, "Transform your compute management experience." >> Thanks for having us. >> Great topic. A lot of people want to see that system management one pane of glass and want to manage everything. This is a really important topic and they started getting into distributed computing and cloud and hybrid. This is a major discussion point. What are some of the major trends you guys see in the system management space? >> Yeah, so system management is trying to help user manage their IT infrastructure effectively and efficiently. So, the system management is evolving along with the IT infrastructures which is trying to accommodate market trends. We have been observing the continuous trends like digital transformation, edge computing, and exponential data growth never stops. AI, machine learning, deep learning, cloud native applications, hybrid cloud, multi-cloud strategies. There's a lot of things going on. Also, COVID-19 pandemic has changed the way we live and work. These are all the things that, given a profound implication to the system design architectures that system management has to consider. Also, security has always been the very important topic, but it has become more important than ever before. Some of the research is saying that the cyber criminals becoming like a $10.5 trillion per year. We all do our efforts on the solution provider size and on the user side, but still cyber criminals are growing 15% year by year. So, with all this kind of thing in the mind, system management really have to evolve in a way to help user efficiently and effectively manage their more and more distributed IT infrastructure. >> Chinmay, what's your thoughts on the major trends in system management space? >> Thanks, John, Yeah, to add to what Koichiro said, I think especially with the view of the system or the service provider, as he was saying, is changing, is evolving over the last few years, especially with the advent of the cloud and the different types of cloud usage models like platform as a service, on-premises, of course, infrastructure is a service, but the traditional software as a service implies that the service provider needs a different view of the system and the context in which we need the CPU vendor, or the platform vendor needs to provide that, is changing. That includes both in-band telemetry being able to monitor what is going on on the system through traditional in-band methods, but also the advent of the out-of-band methods to do this without end user disruption is a key element to the enhancements that our customers are expecting from us as we deploy CPUs and platforms. >> That's great. You know what I love about this discussion is we had multiple generation enhancements, 4th Gen Xeon, 11th Gen ProLiant, iLOs going to come up with got another generation increase on that one. We'll get into that on the next segment, but while we're here, what is iLO? Can you guys define what that is and why it's important? >> Yeah, great question. Real quick, so HPE Integrated Lights-Out is the formal name of the product and we tend to call it as a iLO for short. iLO is HPE'S BMC. If you're familiar with this topic it's a Baseboard Management Controller. If not, this is a small computer on the server mother board and it runs independently from host CPU and the operating system. So, that's why it's named as Lights-Out. Now what can you do with the iLO? iLO really helps a user manage and use and monitor the server remotely, securely, throughout its life from the deployment to the retirement. So, you can really do things like, you know, turning a server power on, off, install operating system, access to IT, firmware update, and when you decide to retire server, you can completely wipe the data off that server so then it's ready to trash. iLO is really a best solution to manage a single server, but when you try to manage hundreds or thousand of servers in a larger scale environment, then managing server one by one by one through the iLO is not practical. So, HPE has two options. One of them is a HPE OneView. OneView is a best solution to manage a very complex, on-prem IT infrastructure that involves a thousand of servers as well as the other IT elements like fiber channel storage through the storage agent network and so on. Another option that we have is HPE for GreenLake Compute Ops Management. This is our latest, greatest product that we recently launched and this is a best solution to manage a distributed IT environment with multiple edge points or multiple clouds. And I recently involved in the customer conversation about the computer office management and with the hotel chain, global hotel chain with 9,000 locations worldwide and each of the location only have like a couple of servers to manage, but combined it's, you know, 27,000 servers and over the 9,000 locations, we didn't really have a great answer for that kind of environment before, but now HPE has GreenLake for computer office management for also deal with, you know, such kind of environment. >> Awesome. We're going to do a big dive on iLO in the next segment, but Chinmay, before we end this segment, what is PMT? >> Sure, so yeah, with the introduction of the 4th Gen Intel Xeon scalable processor, we of course introduce many new technologies like PCI Gen 5, DDR5, et cetera. And these are very key to general system provision, if you will. But with all of these new technologies come new sources of telemetry that the service provider now has to manage, right? So, the PMT is a technology called Platform Monitoring Technology. That is a capability that we introduced with the Intel 4th Gen Xeon scalable processor that allows the service provider to monitor all of these sources of telemetry within the system, within the system on chip, the CPU SOC, in all of these contexts that we talked about, like the hybrid cloud and cloud infrastructure as a service or platform as a service, but both in their in-band traditional telemetry collection models, but also out-of-band collection models such as the ones that Koichiro was talking about through the BMC et cetera. So, this is a key enhancement that we believe that takes the Intel product line closer to what the service providers require for managing their end user experience. >> Awesome, well thanks so much for spending the time in this segment. We're going to take a quick break, we're going to come back and we're going to discuss more what's new with Gen 11 and iLO 6. You're watching "theCUBE," the leader in high tech enterprise coverage. We'll be right back. (light music) Welcome back. We're continuing the coverage of "theCUBE's" coverage of compute engineered for your hybrid world. I'm John Furrier, I'm joined by Chinmay Ashok who's from Intel and Koichiro Nakajima with HPE. We're going to dive deeper into transforming your compute management experience with 4th Gen Intel Xeon scalable processors and HP ProLiant Gen11. Okay, let's get into it. We want to talk about Gen11. What's new with Gen11? What's new with iLO 6? So, NexGen increases in performance capabilities. What's new, what's new at Gen11 and iLO 6 let's go. >> Yeah, iLO 6 accommodates a lot of new features and the latest, greatest technology advancements like a new generation CPUs, DDR5 memories, PCI Gen 5, GPGPUs, SmartNICs. There's a lot of great feature functions. So, it's an iLO, make sure that supports all the use cases that associate with those latest, greatest advancements. For instance, like you know, some of the higher thermal design point CPU SKUs that requires a liquid cooling. We all support those kind of things. And also iLO6 accommodates latest, greatest industry standard system management, standard specifications, for instance, like an DMTF, TLDN, DMTF, RDE, SPDM. And what are these means for the iLO6 and Gen11? iLO6 really offers the greatest manageability and monitoring user experiences as well as the greatest automation through the refresh APIs. >> Chinmay, what's your thoughts on the Gen11 and iLO6? You're at Intel, you're enabling all this innovation. >> Yeah. >> What's the new features? >> Yeah, thanks John. Yeah, so yeah, to add to what Koichiro said, I think with the introduction of Gen11, 4th Gen Intel Xeon scalable processor, we have all of these rich new feature sets, right? With the DDR5, PCI Gen5, liquid cooling, et cetera. And then all of these new accelerators for various specific workloads that customers can use using this processor. So, as we were discussing previously, what this brings is all of these different sources of telemetry, right? So, our sources of data that the system provider or the service provider then needs to utilize to manage the compute experience for their end user. And so, what's new from that perspective is Intel realized that these new different sources of telemetry and the new mechanisms by which the service provider has to extract this telemetry required us to fundamentally think about how we provide the telemetry experience to the service provider. And that meant extending our existing best-in-class, in-band telemetry capabilities that we have today already built into in market Intel processors. But now, extending that with the introduction of the PMT, the Platform Monitoring Technology, that allows us to expand on that in-band telemetry, but also include all of these new sources of telemetry data through all of these new accelerators through the new features like PCI Gen5, DDR5, et cetera, but also bring in that out-of-band telemetry management experience. And so, I think that's a key innovation here, helping prepare for the world that the cloud is enabling. >> It's interesting, you know, Koichiro you had mentioned on the previous segment, COVID-19, we all know the impact of how that changed, how IT at the managed, you know, all of a sudden remote work, right? So, as you have cloud go to hybrid, now we got the edge coming, we're talking about a distributed computing environment, we got telemetry, you got management. This is a huge shift and it's happening super fast. What's the Gen11 iLO6 mean for architects as they start to look at going beyond hybrid and going to the edge, you're going to need all this telemetry. What's the impact? Can you guys just riff and share your thoughts on what this means for that kind of NexGen cloud that we see coming on on which is essentially distributed computing. >> Yeah, that's a great topic to discuss. So, there's a couple of the things. Really, to make sure those remote environment and also the management distributed IT environments, the system management has to reach across the remote location, across the internet connections, and the connectivities. So, the system management protocol, for instance, like traditionally IPMI or SNMP, or those things, got to be modernized into more restful API and those modern integration friendly to the modern tool chains. So, we're investing on those like refresh APIs and also again, the security becomes paramount importance because those are exposed to the bad people to snoop and trying to do some bad thing like men in a middle attacks, things like that. So we really, you know, focus on the security side on the two aspects on the iLO6 and Gen11. One other thing is we continue our industry unique silicon root of trust technology. So, that one is fortunate platform making sure the platform firmware, only the authentic and legitimate image of the firmware can run on HP server. And when you check in, validating the firmware images, the root of the trust reside in the silicon. So, no one can change it. Even the bad people trying to change the root of trust, it's bond in the chips so you cannot really change. And that's why, even bad people trying to compromise, you know, install compromise the firmware image on the HPE servers, you cannot do that. Another thing is we're making a lot of enhancements to make sure security on board our HP server into your network or onto a services like a GreenLake. Give you a couple of example, for instance, like a IDevID, Initial Device ID. That one is conforming to IEEE 802.1AR and it's immutable so no one can change it. And by using the IDevID, you can really identify you are not onboarding a rogue server or unknown server, but the server that you you want to onboard, right? It's absolutely important. Another thing is like platform certificate. Platform certificate really is the measurement of the configuration. So again, this is a great feature that makes sure you receive a server from the factory and no one during the transportation touch the server and alter the configuration. >> Chinmay, what's your reaction to this new distributed NextGen cloud? You got data, security, edge, move the compute to the data, don't move the data around. These are big conversations. >> Yeah, great question, John. I think this is an important thing to consider for the end user, the service provider in all of these contexts, right? I think Koichiro mentioned some of these key elements that go into as we develop and design these new products. But for example, from a security perspective, we introduce the trust domain extensions, TDX feature, for confidential computing in Intel 4th Generation Xeon scalable processors. And that enables the isolation of user workloads in these cloud environments, et cetera. But again, going back to the point Koichiro was making where if you go to the edge, you go to the cloud and then have the edge connect to the cloud you have independent networks for system management, independent networks for user data, et cetera. So, you need the ability to create that isolation. All of this telemetry data that needs to be isolated from the user, but used by the service provider to provide the best experience. All of these are built on the foundations of technologies such as TDX, PMT, iLO6, et cetera. >> Great stuff, gentlemen. Well, we have a lot more to discuss on our next segment. We're going to take a break here before wrapping up. We'll be right back with more. You're watching "theCUBE," the leader in high tech coverage. (light music) Okay, welcome back here, on "theCUBE's" coverage of "Compute engineered for your hybrid world." I'm John Furrier, host of the Cube. We're wrapping up our discussion here on transforming compute management experience with 4th Gen Intel Xeon scalable processors and obviously HPE ProLiant Gen11. Gentlemen, welcome back. Let's get into the takeaways for this discussion. Obviously, systems management has been around for a while, but transforming that experience on the management side is super important as the environment just radically changing for the better. What are some of the key takeaways for the audience watching here that they should put into their kind of tickler file and/or put on their to-do list to keep an eye on? >> Yeah, so Gen11 and iLO6 offers the latest, greatest technologies with new generation CPUs, DDR5, PCI Gen5, and so on and on. There's a lot of things in there and also iLO6 is the most mature version of iLO and it offers the best manageability and security. On top of iLO, HP offers the best of read management options like HP OneView and Compute Ops Management. It's really a lot of the things that help user achieve a lot of the things regardless of the use case like edge computing, or distributed IT, or hybrid strategy and so on and on. And you could also have a great system management that you can unleash all the full potential of latest, greatest technology. >> Chinmay, what's your thoughts on the key takeaways? Obviously as the world's changing, more gen chips are coming out, specialized workloads, performance. I mean, I've never met anyone that says they want to run on slower infrastructure. I mean, come on, performance matters. >> Yes, no, it definitely, I think one of the key things I would say is yes, with Gen11 Intel for gen scalable we're introducing all of these technologies, but I think one of the key things that has grown over the last few years is the view of the system provider, the abstraction that's needed, right? Like the end user today is migrating a lot of what they're traditionally used to from a physical compute perspective to the cloud. Everything goes to the cloud and when that happens there's a lot of just the experience that the end user sees, but everything underneath is abstracted away and then managed by the system provider, right? So we at Intel, and of course, our partners at HP, we have spent a lot of time figuring out what are the best sets of features that provide that best system management experience that allow for that abstraction to work seamlessly without the end user noticing? And I think from that perspective, the 4th Gen Intel Xeon scalable processors is so far the best Intel product that we have introduced that is prepared for that type of abstraction. >> So, I'm going to put my customer hat on for a second. I'll ask you both. What's in it for me? I'm the customer. What's in it for me? What's the benefit to me? What does this all mean to me? What's my win? >> Yeah, I can start there. I think the key thing here is that when we create capabilities that allow you to build the best cloud, at the end of the day that efficiency, that performance, all of that translates to a better experience for the consumer, right? So, as the service provider is able to have all of these myriad capabilities to use and choose from and then manage the system experience, what that implies is that the end user sees a seamless experience as they go from one application to another as they go about their daily lives. >> Koichiro, what's your thoughts on what's in it for me? You guys got a lot of engineering going on in Gen11, every gen increase always is a step function and increase of value. What's in it for me? What do I care? What's in it for me? I'm the customer. >> Alright. Yeah, so I fully agree with Chinmay's point. You know, he lays out the all the good points, right? Again, you know what the Gen11 and iLO6 offer all the latest, greatest features and all the technology and advancements are packed in the Gen11 platform and iLO6 unleash all full potentials for those benefits. And things are really dynamic in today's world and IT system also going to be agile and the system management get really far, to the point like we never imagine what the system management can do in the past. For instance, the managing on-prem devices across multiple locations from a single point, like a single pane of glass on the cloud management system, management on the cloud, that's what really the compute office management that HP offers. It's all new and it's really help customers unleash full potential of the gear and their investment and provide the best TCO and ROIs, right? I'm very excited that all the things that all the teams have worked for the multiple years have finally come to their life and to the public. And I can't really wait to see our customers start putting their hands on and enjoy the benefit of the latest, greatest offerings. >> Yeah, 4th Gen Xeon, Gen11 ProLiant, I mean, all the things coming together, accelerators, more cores. You got data, you got compute, and you got now this idea of security, I mean, you got hitting all the points, data and security big features here, right? Data being computed in a way with Gen4 and Gen11. This is like the big theme, data security, kind of the the big part of the core here in this announcement, in this relationship. >> Absolutely. I believe, I think the key things as these new generations of processors enable is new types of compute which imply is more types of data, more types of and hence, with more types of data, more types of compute. You have more types of system management more differentiation that the service provider has to then deal with, the disaggregation that they have to deal with. So yes, absolutely this is, I think exciting times for end users, but also for new frontiers for service providers to go tackle. And we believe that the features that we're introducing with this CPU and this platform will enable them to do so. >> Well Chinmay thank you so much for sharing your Intel perspective, Koichiro with HPE. Congratulations on all that hard work and engineering coming together. Bearing fruit, as you said, Koichiro, this is an exciting time. And again, keep moving the needle. This is an important inflection point in the industry and now more than ever this compute is needed and this kind of specialization's all awesome. So, congratulations and participating in the "Transforming your compute management experience" segment. >> Thank you very much. >> Okay. I'm John Furrier with "theCUBE." You're watching the "Compute Engineered for your Hybrid World Series" sponsored by HP and Intel. Thanks for watching. (light music)

>> Welcome to "theCUBE's" coverage of "Compute Engineered for Your Hybrid World" sponsored by HPE and Intel. I'm John Furrier, host of "theCUBE" with the new fourth gen Intel Z on scalable process being announced, HPE is releasing four new HPE ProLiant Gen 11 servers and here to talk about the feature of those servers as well as the partnership between HPE and Intel, we have Darren Anthony, director compute server product manager with HPE, and Suzi Jewett, general manager of the Zion products with Intel. Thanks for joining us folks. Appreciate you coming on. >> Thanks for having us. (Suzi's speech drowned out) >> This segment is about NextGen enhanced scale of process. Obviously the Zion fourth gen. This is really cool stuff. What's the most exciting element of the new Intel fourth gen Zion processor? >> Yeah, John, thanks for asking. Of course, I'm very excited about the fourth gen Intel Zion processor. I think the best thing that we'll be delivering is our new ong package accelerators, which you know allows us to service the majority of the server market, which still is buying in that mid core count range and provide workload acceleration that matters for every one of the products that we sell. And that workload acceleration allows us to drive better efficiency and allows us to really dive into improved sustainability and workload optimizations for the data center. >> It's about al the rage about the cores. Now we got the acceleration continued to innovate with Zion. Congratulations. Darren what does the new Intel fourth Gen Zion processes mean for HPE from the ProLiant perspective? You're on Gen 11 servers. What's in it? What's it mean for you guys and for your customers? >> Well, John, first we got to talk about the great partnership. HPE and Intel have been partners delivering innovation for our server products for over 30 years, and we're continuing that partnership with HP ProLiant Gen 11 servers to deliver compelling business outcomes for our customers. Customers are on a digital transformation journey, and they need the right compute to power applications, accelerate analytics, and turn data into value. HP ProLiant Compute is engineered for your hybrid world and delivers optimized performance for your workloads. With HP ProLiant Gen 11 servers and Intel fourth gen Zion processors, you can have the performance to accelerate workloads from the data center to the edge. With Gen 11, we have more. More performance to meet new workload demands. With PCI Gen five which delivers increased bandwidth with room for more data and graphics accelerators for workloads like VDI, our new demands at the edge. DDR5 memory springs greater bandwidth and performance increases for low latency and memory solutions for database and analytics workloads and higher clock speed CPU chipset combinations for processor intensive AI and machine learning applications. >> Got to love the low latency. Got to love the more performance. Got to love the engineered for the hybrid world. You mentioned that. Can you elaborate more on engineered for the hybrid world? What does that mean? Can you elaborate? >> Well, HP ProLiant Compute is based on three pillars. First, an intuitive cloud operating experience with HPE GreenLake compute ops management. Second, trusted security by design with a zero trust approach from silicone to cloud. And third, optimize for performance for your workloads, whether you deploy as a traditional infrastructure or a pay-as-you-go model with HPE GreenLake on-premise at the edge in a colo and in the public cloud. >> Well, thanks Suzi and Darren, we'll be right back. We're going to take a quick break. We're going to come back and do a deep dive and get into the ProLiant Gen 11 servers. We're going to dig into it. You're watching "theCUBE," the leader in high tech enterprise coverage. We'll be right back. (upbeat music) >> Hello everyone. Welcome back continuing coverage of "theCUBE's" "Compute Engineered for Your Hybrid World" with HP and Intel. I'm John Furrier, host of "theCUBE'" joined back by Darren Anthony from HPE and Suzie Jewitt from Intel. as we continue our conversation on the fourth gen Zion scalable processor and HP Gen 11 servers. Suzi, we'll start with you first. Can you give us some use cases around the new fourth gen, Intel Zion scalable processors? >> Yeah, I'd love to. What we're really seeing with an ever-changing market, and you know, adapting to that is we're leading with that workload focus approach. Some examples, you know, that we see are with vRAN. For in vRAN, we estimate the 2021 market size was about 150 million, and we expect a CAG of almost 30% all the way through 2030. So we're really focused on that, on, you know deployed edge use cases, growing about 10% to over 50% in 2026. And HPC use cases, of course, continue to grow at a study CAGR around, you know, about 7%. Then last but not least is cloud. So we're, you know, targeting a growth rate of almost 20% over a five year CAGR. And the fourth G Zion is targeted to all of those workloads, both through our architectural improvements that, you know deliver node level performance as well as our operational improvements that deliver data center performance. And wrapping that all around with the accelerators that I talked about earlier that provide that workload specific improvements that get us to where our customers need to operationalize in their data center. >> I love the focus solutions around seeing compute used that way and the processors. Great stuff. Darren, how do you see the new ProLiant Gen 11 servers being used on your side? I mean obviously, you've got the customers deploying the servers. What are you seeing on those workloads? Those targeted workloads? (John chuckling) >> Well, you know, very much in line with what Suzi was talking about. The generational improvements that we're seeing in performance for Gen 11. They're outstanding for many different use cases. You know, obviously VDI. what we're seeing a lot is around the analytics. You know, with moving to the edge, there's a lot more data. Customers need to convert that data into something tangible. Something that's actionable. And so we're really seeing the strong use cases around analytics in order to mine that data and to make better, faster decisions for the customers. >> You know what I love about this market is people really want to hear about performance. They love speed, they love the power, and low power, by the way on the other side. So, you know, this has really been a big part of the focus now this year. We're seeing a lot more discussion. Suzi, can you tell us more about the key performance improvements on the processors? And Darren, if you don't mind, if you can follow up on the benefits of the new servers relative to the performance. Suzi? >> Sure, so, you know, at a standard expectant rate we're looking at, you know, 60% gen over gen, from our previous third gen Zion, but more importantly as we've been mentioning is the performance improvement we get with the accelerators. As an example, an average accelerator proof point that we have is 2.9 times improvement in performance per wat for accelerated workloads versus non-accelerated workloads. Additionally, we're seeing really great and performance improvement in low jitter so almost 20 to 50 times improvement versus previous gen in jitter on particular workloads which is really important, you know to our cloud service providers. >> Darren, what's your follow up on this? This is obviously translates into the the gen 11 servers. >> Well, you know, this generation. Huge improvements across the board. And what we're seeing is that not only customers are prepared for what they need now you know, workloads are evolving and transitioning. Customers need more. They're doing more. They're doing more analytics. And so not only do you have the performance you need now, but it's actually built for the future. We know that customers are looking to take in that data and do something and work with the data wherever it resides within their infrastructure. We also see customers that are beginning to move servers out of a centralized data center more to the edge, closer to the way that where the data resides. And so this new generation really tremendous for that. Seeing a lot of benefits for the customers from that perspective. >> Okay, Suzi, Darren, I want to get your thoughts on one of the hottest trends happening right now. Obviously machine learning and AI has always been hot, but recently more and more focus has been on AI. As you start to see this kind of next gen kind of AI coming on, and the younger generation of developers, you know, they're all into this. This is really the one of the hottest trends of AI. We've seen the momentum and accelerations kind of going next level. Can you guys comment on how Zion here and Gen 11 are tying into that? What's that mean for AI? >> So, exactly. With the fourth gen Intel Zion, we have one of our key you know, on package accelerators in every core is our AMX. It delivers up to 10 times improvement on inference and training versus previous gens, and, you know throws the competition out of the water. So we are really excited for our AI performance leading with Zion >> And- >> And John, what we're seeing is that this next generation, you know you're absolutely right, you know. Workloads a lot more focused. A lot more taking more advantage of AI machine learning capabilities. And with this generation together with the Intel Zion fourth gen, you know what we're seeing is the opportunity with that increase in IO bandwidth that now we have an opportunity for those applications and those use cases and those workloads to take advantage of this capability. We haven't had that before, but now more than ever, we've actually, you know opened the throttle with the performance and with the capabilities to support those workloads. >> That's great stuff. And you know, the AI stuff also does all lot on differentiated heavy lifting, and it needs processing power. It needs the servers. This is just, (John chuckling) it creates more and more value. This is right in line. Congratulations. Super excited by that call out. Really appreciate it. Thanks Suzi and Darren. Really appreciate. A lot more discuss with you guys as we go a little bit deeper. We're going to talk about security and wrap things up after this short break. I'm John Furrier, "theCUBE," the leader in enterprise tech coverage. (upbeat music) >> Welcome back to "theCUBE's" coverage of "Compute Engineered for Your Hybrid World." I'm John Furrier, host of "theCUBE" joined by Darren Anthony from HPE and Suzi Jewett from Intel as we turn our discussion to security. A lot of great features with the new Zion scalable processor's gen four and the ProLiant gen 11. Let's get into it. Suzi, what are some of the cool features of the fourth gen Intel Zion scalable processors? >> Sure, John, I'd love to talk about it. With fourth gen, Intel offers the most comprehensive confidential computing portfolio to really enhance data security and ingest regulatory compliance and sovereignty concerns. A couple examples of those features and technologies that we've included are a larger baseline enclave with the SGX technology, which is our application isolation technology and our Intel CET substantially reduces the risk of whole class software-based attacks. That wrapped around at a platform level really allows us, you know, to secure workload acceleration software and ensure platform integrity. >> Darren, this is a great enablement for HPE. Can you tell us about the security with the the new HP ProLiant Gen 11 servers? >> Absolutely, John. So HP ProLiant engineered with a fundamental security approach to defend against increasingly complex threats and uncompromising focus on state-of-the-art security innovations that are built right into our DNA, from silicon to software, from the factory to the cloud. It's our goal to protect the customer's infrastructure, workloads, and the data from threats to hardware and risk from third party software and devices. So Gen 11 is just a continuation of the the great technological innovations that we've had around providing zero trust architecture. We're extending our Silicon Root of Trust, and it's just a motion forward for innovating on that Silicon Root of Trust that we've had. So with Silicon Root of Trust, we protect millions of lines of firmware code from malware and ransomware with the digital footprint that's unique to the server. With this Silicon Root of Trust, we're securing over 4 million HPE servers around the world and beyond that Silicon, the authentication of and extending this to our partner ecosystem, the authentication of platform components, such as network interface cards and storage controllers just gives us that protection against additional entry points of security threats that can compromise the entire server infrastructure. With this latest version, we're also doing authentication integrity with those components using the security protocol and data model protocol or SPDM. But we know that trusted and protected infrastructure begins with a secure supply chain, a layer of protection that starts at the manufacturing floor. HP provides you optimized protection for ProLiant servers from trusted suppliers to the factories and into transit to the customer. >> Any final messages Darren you'd like to share with your audience on the hybrid world engineering for the hybrid world security overall the new Gen 11 servers with the Zion fourth generation process scalable processors? >> Well, it's really about choice. Having the right choice for your compute, and we know HPE ProLiant servers, together, ProLiant Gen 11 servers together with the new Zion processors is the right choice. Delivering the capabilities to performance and the efficiency that customers need to run their most complex workloads and their most performance hungry work workloads. We're really excited about this next generation of platforms. >> ProLiant Gen 11. Suzi, great customer for Intel. You got the fourth generation Zion scalable processes. We've been tracking multiple generations for both of you guys for many, many years now, the past decade. A lot of growth, a lot of innovation. I'll give you the last word on the series here on this segment. Can you share the the collaboration between Intel and HP? What does it mean and what's that mean for customers? Can you give your thoughts and share your views on the relationship with with HPE? >> Yeah, we value, obviously HPE as one of our key customers. We partner with them from the beginning of when we are defining the product all the way through the development and validation. HP has been a great partner in making sure that we deliver collaboratively to the needs of their customers and our customers all together to make sure that we get the best product in the market that meets our customer needs allowing for the flexibility, the operational efficiency, the security that our markets demand. >> Darren, Suzi, thank you so much. You know, "Compute for an Engineered Hybrid World" is really important. Compute is... (John stuttering) We need more compute. (John chuckling) Give us more power and less power on the sustainability side. So a lot of great advances. Thank you so much for spending the time and give us an overview on the innovation around the Zion and, and the ProLiant Gen 11. Appreciate your time. Appreciate it. >> You're welcome. Thanks for having us. >> You're watching "theCUBE's" coverage of "Compute Engineered for Your Hybrid World" sponsored by HPE and Intel. I'm John Furrier with "theCUBE." Thanks for watching. (upbeat music)

>> Hello everyone. Welcome to theCUBEs coverage of Compute Engineered for your Hybrid World sponsored by HPE and Intel. Today we're going to dive into advanced performance of VDI with the fourth gen Intel Zion scalable processors. Hello I'm John Furrier, the host of theCUBE. My guests today are Alan Chu, Director of Data Center Performance and Competition for Intel as well as Denis Kondakov who's the VDI product manager at HPE, and also joining us is Cynthia Sustiva, CAD/CAM product manager at HPE. Thanks for coming on, really appreciate you guys taking the time. >> Thank you. >> So accelerating VDI to the Edge. That's the topic of this topic here today. Let's get into it, Dennis, tell us about the new HPE ProLiant DL321 Gen 11 server. >> Okay, absolutely. Hello everybody. So HP ProLiant DL320 Gen 11 server is the new age center CCO and density optimized compact server, compact form factor server. It enables to modernize and power at the next generation of workloads in the diverse rec environment at the Edge in an industry standard designed with flexible scale for advanced graphics and compute. So it is one unit, one processor rec optimized server that can be deployed in the enterprise data center as well as at the remote office at end age. >> Cynthia HPE has announced another server, the ProLiant ML350. What can you tell us about that? >> Yeah, so the HPE ProLiant ML350 Gen 11 server is a powerful tower solution for a wide range of workloads. It is ideal for remote office compute with NextGen performance and expandability with two processors in tower form factor. This enables the server to be used not only in the data center environment, but also in the open office space as a powerful workstation use case. >> Dennis mentioned both servers are empowered by the fourth gen Intel Zion scale of process. Can you talk about the relationship between Intel HPE to get this done? How do you guys come together, what's behind the scenes? Share as much as you can. >> Yeah, thanks a lot John. So without a doubt it takes a lot to put all this together and I think the partnership that HPE and Intel bring together is a little bit of a critical point for us to be able to deliver to our customers. And I'm really thrilled to say that these leading Edge solutions that Dennis and Cynthia just talked about, they're built on the foundation of our fourth Gen Z on scalable platform that's trying to meet a wide variety of deployments for today and into the future. So I think the key point of it is we're together trying to drive leading performance with built-in acceleration and in order to deliver a lot of the business values to our customers, both HP and Intels, look to scale, drive down costs and deliver new services. >> You got the fourth Gen Z on, you got the Gen 11 and multiple ProLiants, a lot of action going on. Again, I love when these next gens come out. Can each of you guys comment and share what are the use cases for each of the systems? Because I think what we're looking at here is the next level innovation. What are some of the use cases on the systems? >> Yeah, so for the ML350, in the modern world where more and more data are generated at the Edge, we need to deploy computer infrastructure where the data is generated. So smaller form factor service will satisfy the requirements of S&B customers or remote and branch offices to deliver required performance redundancy where we're needed. This type of locations can be lacking dedicated facilities with strict humidity, temperature and noise isolation control. The server, the ML350 Gen 11 can be used as a powerful workstation sitting under a desk in the office or open space as well as the server for visualized workloads. It is a productivity workhorse with the ability to scale and adapt to any environment. One of the use cases can be for hosting digital workplace for manufacturing CAD/CAM engineering or oil and gas customers industry. So this server can be used as a high end bare metal workstation for local end users or it can be virtualized desktop solution environments for local and remote users. And talk about the DL320 Gen 11, I will pass it on to Dennis. >> Okay. >> Sure. So when we are talking about age of location we are talking about very specific requirements. So we need to provide solution building blocks that will empower and performance efficient, secure available for scaling up and down in a smaller increments than compared to the enterprise data center and of course redundant. So DL 320 Gen 11 server is the perfect server to satisfy all of those requirements. So for example, S&B customers can build a video solution, for example starting with just two HP ProLiant TL320 Gen 11 servers that will provide sufficient performance for high density video solution and at the same time be redundant and enable it for scaling up as required. So for VGI use cases it can be used for high density general VDI without GP acceleration or for a high performance VDI with virtual VGPU. So thanks to the modern modular architecture that is used on the server, it can be tailored for GPU or high density storage deployment with software defined compute and storage environment and to provide greater details on your Intel view I'm going to pass to Alan. >> Thanks a lot Dennis and I loved how you're both seeing the importance of how we scale and the applicability of the use cases of both the ML350 and DL320 solutions. So scalability is certainly a key tenant towards how we're delivering Intel's Zion scalable platform. It is called Zion scalable after all. And we know that deployments are happening in all different sorts of environments. And I think Cynthia you talked a little bit about kind of a environmental factors that go into how we're designing and I think a lot of people think of a traditional data center with all the bells and whistles and cooling technology where it sometimes might just be a dusty closet in the Edge. So we're defining fortunes you see on scalable to kind of tackle all those different environments and keep that in mind. Our SKUs range from low to high power, general purpose to segment optimize. We're supporting long life use cases so that all goes into account in delivering value to our customers. A lot of the latency sensitive nature of these Edge deployments also benefit greatly from monolithic architectures. And with our latest CPUs we do maintain quite a bit of that with many of our SKUs and delivering higher frequencies along with those SKUs optimized for those specific workloads in networking. So in the end we're looking to drive scalability. We're looking to drive value in a lot of our end users most important KPIs, whether it's latency throughput or efficiency and 4th Gen Z on scalable is looking to deliver that with 60 cores up to 60 cores, the most builtin accelerators of any CPUs in the market. And really the true technology transitions of the platform with DDR5, PCIE, Gen five and CXL. >> Love the scalability story, love the performance. We're going to take a break. Thanks Cynthia, Dennis. Now we're going to come back on our next segment after a quick break to discuss the performance and the benefits of the fourth Gen Intel Zion Scalable. You're watching theCUBE, the leader in high tech coverage, be right back. Welcome back around. We're continuing theCUBE's coverage of compute engineer for your hybrid world. I'm John Furrier, I'm joined by Alan Chu from Intel and Denis Konikoff and Cynthia Sistia from HPE. Welcome back. Cynthia, let's start with you. Can you tell us the benefits of the fourth Gen Intel Zion scale process for the HP Gen 11 server? >> Yeah, so HP ProLiant Gen 11 servers support DDR five memory which delivers increased bandwidth and lower power consumption. There are 32 DDR five dim slots with up to eight terabyte total on ML350 and 16 DDR five dim slots with up to two terabytes total on DL320. So we deliver more memory at a greater bandwidth. Also PCIE 5.0 delivers an increased bandwidth and greater number of lanes. So when we say increased number of lanes we need to remember that each lane delivers more bandwidth than lanes of the previous generation plus. Also a flexible storage configuration on HPDO 320 Gen 11 makes it an ideal server for establishing software defined compute and storage solution at the Edge. When we consider a server for VDI workloads, we need to keep the right balance between the number of cords and CPU frequency in order to deliver the desire environment density and noncompromised user experience. So the new server generation supports a greater number of single wide and global wide GPU use to deliver more graphic accelerated virtual desktops per server unit than ever before. HPE ProLiant ML 350 Gen 11 server supports up to four double wide GPUs or up to eight single wide GPUs. When the signing GPU accelerated solutions the number of GPUs available in the system and consistently the number of BGPUs that can be provisioned for VMs in the binding factor rather than CPU course or memory. So HPE ProLiant Gen 11 servers with Intel fourth generation science scalable processors enable us to deliver more virtual desktops per server than ever before. And with that I will pass it on to Alan to provide more details on the new Gen CPU performance. >> Thanks Cynthia. So you brought up I think a really great point earlier about the importance of achieving the right balance. So between the both of us, Intel and HPE, I'm sure we've heard countless feedback about how we should be optimizing efficiency for our customers and with four Gen Z and scalable in HP ProLiant Gen 11 servers I think we achieved just that with our built-in accelerator. So built-in acceleration delivers not only the revolutionary performance, but enables significant offload from valuable core execution. That offload unlocks a lot of previously unrealized execution efficiency. So for example, with quick assist technology built in, running engine X, TLS encryption to drive 65,000 connections per second we can offload up to 47% of the course that do other work. Accelerating AI inferences with AMX, that's 10X higher performance and we're now unlocking realtime inferencing. It's becoming an element in every workload from the data center to the Edge. And lastly, so with faster and more efficient database performance with RocksDB, we're executing with Intel in-memory analytics accelerator we're able to deliver 2X the performance per watt than prior gen. So I'll say it's that kind of offload that is really going to enable more and more virtualized desktops or users for any given deployment. >> Thanks everyone. We still got a lot more to discuss with Cynthia, Dennis and Allen, but we're going to take a break. Quick break before wrapping things up. You're watching theCUBE, the leader in tech coverage. We'll be right back. Okay, welcome back everyone to theCUBEs coverage of Compute Engineered for your Hybrid World. I'm John Furrier. We'll be wrapping up our discussion on advanced performance of VDI with the fourth gen Intel Zion scalable processers. Welcome back everyone. Dennis, we'll start with you. Let's continue our conversation and turn our attention to security. Obviously security is baked in from day zero as they say. What are some of the new security features or the key security features for the HP ProLiant Gen 11 server? >> Sure, I would like to start with the balance, right? We were talking about performance, we were talking about density, but Alan mentioned about the balance. So what about the security? The security is really important aspect especially if we're talking about solutions deployed at the H. When the security is not active but other aspects of the environment become non-important. And HP is uniquely positioned to deliver the best in class security solution on the market starting with the trusted supply chain and factories and silicon route of trust implemented from the factory. So the new ISO6 supports added protection leveraging SPDM for component authorization and not only enabled for the embedded server management, but also it is integrated with HP GreenLake compute ops manager that enables environment for secure and optimized configuration deployment and even lifecycle management starting from the single server deployed on the Edge and all the way up to the full scale distributed data center. So it brings uncompromised and trusted solution to customers fully protected at all tiers, hardware, firmware, hypervisor, operational system application and data. And the new intel CPUs play an important role in the securing of the platform. So Alan- >> Yeah, thanks. So Intel, I think our zero trust strategy toward security is a really great and a really strong parallel to all the focus that HPE is also bringing to that segment and market. We have even invested in a lot of hardware enabled security technologies like SGX designed to enhance data protection at rest in motion and in use. SGX'S application isolation is the most deployed, researched and battle tested confidential computing technology for the data center market and with the smallest trust boundary of any solution in market. So as we've talked about a little bit about virtualized use cases a lot of virtualized applications rely also on encryption whether bulk or specific ciphers. And this is again an area where we've seen the opportunity for offload to Intel's quick assist technology to encrypt within a single data flow. I think Intel and HP together, we are really providing security at all facets of execution today. >> I love that Software Guard Extension, SGX, also silicon root of trust. We've heard a lot about great stuff. Congratulations, security's very critical as we see more and more. Got to be embedded, got to be completely zero trust. Final question for you guys. Can you share any messages you'd like to share with the audience each of you, what should they walk away from this? What's in it for them? What does all this mean? >> Yeah, so I'll start. Yes, so to wrap it up, HPR Proliant Gen 11 servers are built on four generation science scalable processors to enable high density and extreme performance with high performance CDR five memory and PCI 5.0 plus HP engine engineered and validated workload solutions provide better ROI in any consumption model and prefer by a customer from Edge to Cloud. >> Dennis? >> And yeah, so you are talking about all of the great features that the new generation servers are bringing to our customers, but at the same time, customer IT organization should be ready to enable, configure, support, and fine tune all of these great features for the new server generation. And this is not an obvious task. It requires investments, skills, knowledge and experience. And HP is ready to step up and help customers at any desired skill with the HP Greenlake H2 cloud platform that enables customers for cloud like experience and convenience and the flexibility with the security of the infrastructure deployed in the private data center or in the Edge. So while consuming all of the HP solutions, customer have flexibility to choose the right level of the service delivered from HP GreenLake, starting from hardwares as a service and scale up or down is required to consume the full stack of the hardwares and software as a service with an option to paper use. >> Awesome. Alan, final word. >> Yeah. What should we walk away with? >> Yeah, thanks. So I'd say that we've talked a lot about the systems here in question with HP ProLiant Gen 11 and they're delivering on a lot of the business outcomes that our customers require in order to optimize for operational efficiency or to optimize for just to, well maybe just to enable what they want to do in, with their customers enabling new features, enabling new capabilities. Underpinning all of that is our fourth Gen Zion scalable platform. Whether it's the technology transitions that we're driving with DDR5 PCIA Gen 5 or the raw performance efficiency and scalability of the platform in CPU, I think we're here for our customers in delivering to it. >> That's great stuff. Alan, Dennis, Cynthia, thank you so much for taking the time to do a deep dive in the advanced performance of VDI with the fourth Gen Intel Zion scalable process. And congratulations on Gen 11 ProLiant. You get some great servers there and again next Gen's here. Thanks for taking the time. >> Thank you so much for having us here. >> Okay, this is theCUBEs keeps coverage of Compute Engineered for your Hybrid World sponsored by HP and Intel. I'm John Furrier for theCUBE. Accelerate VDI at the Edge. Thanks for watching.

(upbeat music) >> Welcome to theCUBE's continuing coverage of AMD's fourth generation EPYC launch. I've got a special guest with me today from Prowess Consulting. His name is Evan Touger, he's a senior technical writer with Prowess. Evan, welcome. >> Hi, great to be here. Thanks. >> So tell us a little bit about Prowess, what does Prowess do? >> Yeah, we're a consulting firm. We've been around for quite a few years, based in Bellevue, Washington. And we do quite a few projects with folks from Dell to a lot of other companies, and dive in. We have engineers, writers, production folks, so pretty much end-to-end work, doing research testing and writing, and diving into different technical topics. >> So you- in this case what we're going to be talking about is some validation studies that you've done, looking at Dell PowerEdge servers that happened to be integrating in fourth-gen EPYC processors from AMD. What were the specific workloads that you were focused on in this study? >> Yeah, this particular one was honing in on virtualization, right? You know, obviously it's pretty much ubiquitous in the industry, everybody works with virtualization in one way or another. So just getting optimal performance for virtualization was critical, or is critical for most businesses. So we just wanted to look a little deeper into, you know, how do companies evaluate that? What are they going to use to make the determination for virtualization performance as it relates to their workloads? So that led us to this study, where we looked at some benchmarks, and then went a little deeper under the hood to see what led to the results that we saw from those benchmarks. >> So when you say virtualization, does that include virtual desktop infrastructure or are we just talking about virtual machines in general? >> No, it can include both. We looked at VMs, thinking in terms of what about database performance when you're working in VMs, all the way through to VDI and companies like healthcare organizations and so forth, where it's common to roll out lots of virtual desktops, and performance is critical there as well. >> Okay, you alluded to, sort of, looking under the covers to see, you know, where these performance results were coming from. I assume what you're referencing is the idea that it's not just all about the CPU when you talk about a system. Am I correct in that assumption and- >> Yeah, absolutely. >> What can you tell us? >> Well, you know, for companies evaluating, there's quite a bit to consider, obviously. So they're looking at not just raw performance but power performance. So that was part of it, and then what makes up that- those factors, right? So certainly CPU is critical to that, but then other things come into play, like the RAID controllers. So we looked a little bit there. And then networking, of course can be critical for configurations that are relying on good performance on their networks, both in terms of bandwidth and just reducing latency overall. So interconnects as well would be a big part of that. So with, with PCIe gen 5 or 5.0 pick your moniker. You know in this- in the infrastructure game, we're often playing a game of whack-a-mole, looking for the bottlenecks, you know, chasing the bottlenecks. PCIe 5 opens up a lot of bandwidth for memory and things like RAID controllers and NICs. I mean, is the bottleneck now just our imagination, Evan, have we reached a point where there are no bottlenecks? What did you see when you ran these tests? What, you know, what were you able to stress to a point where it was saturated, if anything? >> Yeah. Well, first of all, we didn't- these are particular tests were ones that we looked at industry benchmarks, and we were examining in particular to see where world records were set. And so we uncovered a few specific servers, PowerEdge servers that were pretty key there, or had a lot of- were leading in the category in a lot of areas. So that's what led us to then, okay, well why is that? What's in these servers, and what's responsible for that? So in a lot of cases they, we saw these results even with, you know, gen 4, PCIe gen 4. So there were situations where clearly there was benefit from faster interconnects and, and especially NVMe for RAID, you know, for supporting NVMe and SSDs. But all of that just leads you to the understanding that it means it can only get better, right? So going from gen 4 to- if you're seeing great results on gen 4, then gen 5 is probably going to be, you know, blow that away. >> And in this case, >> It'll be even better. >> In this case, gen 5 you're referencing PCIe >> PCIe right. Yeah, that's right. >> (indistinct) >> And then the same thing with EPYC actually holds true, some of the records, we saw records set for both 3rd and 4th gen, so- with EPYC, so the same thing there. Anywhere there's a record set on the 3rd gen, you know, makes us really- we're really looking forward to going back and seeing over the next few months, which of those records fall and are broken by newer generation versions of these servers, once they actually wrap to the newer generation processors. You know, based on, on what we're seeing for the- for what those processors can do, not only in. >> (indistinct) Go ahead. >> Sorry, just want to say, not only in terms of raw performance, but as I mentioned before, the power performance, 'cause they're very efficient, and that's a really critical consideration, right? I don't think you can overstate that for companies who are looking at, you know, have to consider expenditures and power and cooling and meeting sustainability goals and so forth. So that was really an important category in terms of what we looked at, was that power performance, not just raw performance. >> Yeah, I want to get back to that, that's a really good point. We should probably give credit where credit is due. Which Dell PowerEdge servers are we talking about that were tested and what did those interconnect components look like from a (indistinct) perspective? >> Yeah, so we focused primarily on a couple benchmarks that seemed most important for real world performance results for virtualization. TPCx-V and VMmark 3.x. the TPCx-V, that's where we saw PowerEdge R7525, R7515. They both had top scores in different categories there. That benchmark is great for looking at database workloads in particular, right? Running in virtualization settings. And then the VMmark 3.x was critical. We saw good, good results there for the 7525 and the R 7515 as well as the R 6525, in that one and that included, sorry, just checking notes to see what- >> Yeah, no, no, no, no, (indistinct) >> Included results for power performance, as I mentioned earlier, that's where we could see that. So we kind of, we saw this in a range of servers that included both 3rd gen AMD EPYC and newer 4th gen as well as I mentioned. The RAID controllers were critical in the TPCx-V. I don't think that came into play in the VM mark test, but they were definitely part of the TPCx-V benchmarks. So that's where the RAID controllers would make a difference, right? And in those tests, I think they're using PERC 11. So, you know, the newer PERC 12 controllers there, again we'd expect >> (indistinct) >> To see continued, you know, gains in newer benchmarks. That's what we'll be looking for over the next several months. >> Yeah. So I think if I've got my Dell nomenclature down, performance, no no, PowerEdge RAID Controller, is that right? >> Exactly, yeah, there you go. Right? >> With Broadcom, you know, powered by Broadcom. >> That's right. There you go. Yeah. Isn't the Dell naming scheme there PERC? >> Yeah, exactly, exactly. Back to your comment about power. So you've had a chance to take a pretty deep look at the latest stuff coming out. You're confident that- 'cause some of these servers are going to be more expensive than previous generation. Now a server is not a server is not a server, but some are awakening to the idea that there might be some sticker shock. You're confident that the bang for your buck, the bang for your kilowatt hour is actually going to be beneficial. We're actually making things better, faster, stronger, cheaper, more energy efficient. We're continuing on that curve? >> That's what I would expect to see, right. I mean, of course can't speak to to pricing without knowing, you know, where the dollars are going to land on the servers. But I would expect to see that because you're getting gains in a couple of ways. I mean, one, if the performance increases to the point where you can run more VMs, right? Get more performance out of your VMs and run more total VMs or more BDIs, then there's obviously a good, you know, payback on your investment there. And then as we were discussing earlier, just the power performance ratio, right? So if you're bringing down your power and cooling costs, if these machines are just more efficient overall, then you should see some gains there as well. So, you know, I think the key is looking at what's the total cost of ownership over, you know, a standard like a three-year period or something and what you're going to get out of it for your number of sessions, the performance for the sessions, and the overall efficiency of the machines. >> So just just to be clear with these Dell PowerEdge servers, you were able to validate world record performance. But this isn't, if you, if you look at CPU architecture, PCIe bus architecture, memory, you know, the class of memory, the class of RAID controller, the class of NIC. Those were not all state of the art in terms of at least what has been recently announced. Correct? >> Right. >> Because (indistinct) the PCI 4.0, So to your point- world records with that, you've got next-gen RAID controllers coming out, and NICs coming out. If the motherboard was PCIe 5, with commensurate memory, all of those things are getting better. >> Exactly, right. I mean you're, you're really you're just eliminating bandwidth constraints latency constraints, you know, all of that should be improved. NVMe, you know, just collectively all these things just open the doors, you know, letting more bandwidth through reducing all the latency. Those are, those are all pieces of the puzzle, right? That come together and it's all about finding the weakest link and eliminating it. And I think we're reaching the point where we're removing the biggest constraints from the systems. >> Okay. So I guess is it fair to summarize to say that with this infrastructure that you tested, you were able to set world records. This, during this year, I mean, over the next several months, things are just going to get faster and faster and faster and faster. >> That's what I would anticipate, exactly, right. If they're setting world records with these machines before some of the components are, you know, the absolute latest, it seems to me we're going to just see a continuing trend there, and more and more records should fall. So I'm really looking forward to seeing how that goes, 'cause it's already good and I think the return on investment is pretty good there. So I think it's only going to get better as these roll out. >> So let me ask you a question that's a little bit off topic. >> Okay. >> Kind of, you know, we see these gains, you know, we're all familiar with Moore's Law, we're familiar with, you know, the advancements in memory and bus architecture and everything else. We just covered SuperCompute 2022 in Dallas a couple of weeks ago. And it was fascinating talking to people about advances in AI that will be possible with new architectures. You know, most of these supercomputers that are running right now are n minus 1 or n minus 2 infrastructure, you know, they're, they're, they're PCI 3, right. And maybe two generations of processors old, because you don't just throw out a 100,000 CPU super computing environment every 18 months. It doesn't work that way. >> Exactly. >> Do you have an opinion on this question of the qualitative versus quantitative increase in computing moving forward? And, I mean, do you think that this new stuff that you're starting to do tests on is going to power a fundamental shift in computing? Or is it just going to be more consolidation, better power consumption? Do you think there's an inflection point coming? What do you think? >> That's a great question. That's a hard one to answer. I mean, it's probably a little bit of both, 'cause certainly there will be better consolidation, right? But I think that, you know, the systems, it works both ways. It just allows you to do more with less, right? And you can go either direction, you can do what you're doing now on fewer machines, you know, and get better value for it, or reduce your footprint. Or you can go the other way and say, wow, this lets us add more machines into the mix and take our our level of performance from here to here, right? So it just depends on what your focus is. Certainly with, with areas like, you know, HPC and AI and ML, having the ability to expand what you already are capable of by adding more machines that can do more is going to be your main concern. But if you're more like a small to medium sized business and the opportunity to do what you were doing on, on a much smaller footprint and for lower costs, that's really your goal, right? So I think you can use this in either direction and it should, should pay back in a lot of dividends. >> Yeah. Thanks for your thoughts. It's an interesting subject moving forward. You know, sometimes it's easy to get lost in the minutiae of the bits and bites and bobs of all the components we're studying, but they're powering something that that's going to effect effectively all of humanity as we move forward. So what else do we need to consider when it comes to what you've just validated in the virtualization testing? Anything else, anything we left out? >> I think we hit all the key points, or most of them it's, you know, really, it's just keeping in mind that it's all about the full system, the components not- you know, the processor is a obviously a key, but just removing blockages, right? Freeing up, getting rid of latency, improving bandwidth, all these things come to play. And then the power performance, as I said, I know I keep coming back to that but you know, we just, and a lot of what we work on, we just see that businesses, that's a really big concern for businesses and finding efficiency, right? And especially in an age of constrained budgets, that's a big deal. So, it's really important to have that power performance ratio. And that's one of the key things we saw that stood out to us in, in some of these benchmarks, so. >> Well, it's a big deal for me. >> It's all good. >> Yeah, I live in California and I know exactly how much I pay for a kilowatt hour of electricity. >> I bet, yeah. >> My friends in other places don't even know. So I totally understand the power constraint question. >> Yeah, it's not going to get better, so, anything you can do there, right? >> Yeah. Well Evan, this has been great. Thanks for sharing the results that Prowess has come up with, third party validation that, you know, even without the latest and greatest components in all categories, Dell PowerEdge servers are able to set world records. And I anticipate that those world records will be broken in 2023 and I expect that Prowess will be part of that process, So Thanks for that. For the rest of us- >> (indistinct) >> Here at theCUBE, I want to thank you for joining us. Stay tuned for continuing coverage of AMD's fourth generation EPYC launch, for myself and for Evan Touger. Thanks so much for joining us. (upbeat music)

(upbeat music) >> Hi everybody. Welcome back to theCUBE as to continue our coverage here at AWS re:Invent '22. We're in the Venetian. Out in Las Vegas, it is Wednesday. And the PaaS is still happening. I can guarantee you that. We continue our series of discussions as part of the "AWS Startup Showcase". This is the "Global Startup Program", a part of that showcase. And I'm joined by two gentlemen today who are going to talk about what CoreStack is up to. One of them is Ez Natarajan, who is the Founder and CEO. Good to have you- (simultaneous chatter) with us today. We appreciate it. Thanks, EZ. >> Nice to meet you, John. >> And Brad Winney who is the area Sales Leader for startups at AWS. Brad, good to see you. >> Good to see you, John. >> Thanks for joining us here on The Showcase. So Ez, first off, let's just talk about CoreStack a little bit for people at home who might not be familiar with what you do. It's all about obviously data, governance, giving people peace of mind, but much deeper than that. I'll let you take it from there. >> So CoreStack is a governance platform that helps customers maximize their cloud usage and get governance at scale. When we talk about governance, we instill confidence through three layers: solving the problems of the CIO, solving the problems of the CTO, solving the problems of the CFO, together with a single pin of class,- >> John: Mm-hmm. >> which helps them achieve continuous holistic automated outcomes at any given time. >> John: Mm-hmm. So, Brad, follow up on that a little bit- >> Yeah. because Ez touched on it there that he's got a lot of stakeholders- >> Right. >> with a lot of different needs and a lot of different demands- >> Mm-hmm. >> but the same overriding emotion, right? >> Yeah. >> They all want confidence. >> They all want confidence. And one of the trickiest parts of confidence is the governance issue, which is policy. It's how do we determine who has access to what, how we do that scale. And across not only start been a process. This is a huge concern, especially as we talked a lot about cutting costs as the overriding driver for 2023. >> John: Mm-hmm. >> The economic compression being what it is, you still have to do this in a secure way and as a riskless way as possible. And so companies like CoreStack really offer core, no pun intended, (Ez laughs) function there where you abstract out a lot of the complexity of governance and you make governance a much more simple process. And that's why we're big fans of what they do. >> So we think governance from a three dimensional standpoint, right? (speaks faintly) How do we help customers be more compliant, secure, achieve the best performance and operations with increased availability? >> Jaohn: Mm-hmm. >> At the same time do the right spend from a cost standpoint. >> Interviewer: Mm-hmm. So when all three dimensions are connected, the business velocity increases and the customer's ability to cater to their customers increase. So our governance tenants come from these three pillars of finance operations, security operations and air operations at cloud operations. >> Yeah. And... Yeah. Please, go ahead. >> Can I (indistinct)? >> Oh, I'm sorry. Just- >> No, that's fine. >> So part of what's going on here, which is critical for AWS, is if you notice a lot of (indistinct) language is at the business value with key stakeholders of the CTO, the CSO and so on. And we're doing a much better job of speaking business value on top of AWS services. But the AWS partners, again, like CoreStack have such great expertise- >> John: Mm-hmm. >> in that level of dialogue. That's why it's such a key part for us, why we're really interested partnering with them. >> How do you wrestle with this, wrestle may not be the right word, but because you do have, as we just went through these litany, these business parts of your business or a business that need access- >> Ez: Mm-hmm. >> and that you need to have policies in place, but they change, right? I mean, and somebody maybe from the financial side should have a window into data and other slices of their business. There's a lot of internal auditing. >> Man: Mm-hmm. >> Obviously, it's got to be done, right? And so just talk about that process a little bit. How you identify the appropriate avenues or the appropriate gateways for people to- >> Sure. >> access data so that you can have that confidence as a CTO or CSO, that it's all right. And we're not going to let too much- >> out to the wrong people. >> Sure. >> Yeah. So there are two dimensions that drive the businesses to look for that kind of confidence building exercise, right? One, there are regulatory external requirements that say that I know if I'm in the financial industry, I maybe need to following NIST, PCI, and sort of compliances. Or if I'm in the healthcare industry, maybe HIPAA and related compliance, I need to follow. >> John: Mm-hmm. >> That's an external pressure. Internally, the organizations based on their geographical presence and the kind of partners and customers they cater to, they may have their own standards. And when they start adopting cloud; A, for each service, how do I make sure the service is secure and it operates at the best level so that we don't violate any of the internal or external requirements. At the same time, we get the outcome that is needed. And that is driven into policies, that is driven into standards which are consumable easily, like AWS offers well-architected framework that helps customers make sure that I know I'm architecting my application workloads in a way that meets the business demands. >> John: Mm-hmm. >> And what CoreStack has done is taken that and automated it in such a way it helps the customers simplify that process to get that outcome measured easily so they get that confidence to consume more of the higher order services. >> John: Okay. And I'm wondering about your relationship as far with AWS goes, because, to me, it's like going deep sea fishing and all of a sudden you get this big 4, 500 pound fish. Like, now what? >> Mm-hmm. >> Now what do we do because we got what we wanted? So, talk about the "Now what?" with AWS in terms of that relationship, what they're helping you with, and the kind of services that you're seeking from them as well. >> Oh, thanks to Brad and the entire Global Startup Ecosystem team at AWS. And we have been part of AWS Ecosystem at various levels, starting from Marketplace to ISV Accelerate to APN Partners, Cloud Management Tools Competency Partner, Co-Sell programs. The team provides different leverages to connect to the entire ecosystem of how AWS gets consumed by the customers. Customers may come through channels and partners. And these channels and partners maybe from WAs to MSPs to SIs to how they really want to use each. >> John: Mm-hmm. >> And the ecosystem that AWS provides helps us feed into all these players and provide this higher order capability which instills confidence to the customers end of the day. >> Man: Absolutely. Right. >> And this can be taken through an MSP. This can be taken through a GSI. This can be taken to the customer through a WA. And that's how our play of expansion into larger AWS customer base. >> Brad: Yeah. >> Brad, from your side of the fence. >> Brad: No, its... This is where the commons of scale come to benefit our partners. And AWS has easily the largest ecosystem. >> John: Mm-hmm. >> Whether or not it's partners, customers, and the like. And so... And then, all the respective teams and programs bring all those resources to bear for startups. Your analogy of of catching a big fish off coast, I actually have a house in Florida. I spend a lot of time there. >> Interviewer: Okay. >> I've yet to catch a big 500 pound fish. But... (interviewer laughs) >> But they're out there. >> But they're definitely out there. >> Yeah. >> And so, in addition to the formalized programs like the Global Partner Network Program, the APN and Marketplace, we really break our activities down with the CoreStacks of the world into two major kind of processes: "Sell to" and "Sell with". And when we say "Sell to", what we're really doing is helping them architect for the future. And so, that plays dividends for their customers. So what do we mean by that? We mean helping them take advantage of all the latest serverless technologies: the latest chip sets like Graviton, thing like that. So that has the added benefit of just lowering the overall cost of deployment and expend. And that's... And we focus on that really extensively. So don't ever want to lose that part of the picture of what we do. >> Mm-hmm. >> And the "Sell with" is what he just mentioned, which is, our teams out in the field compliment these programs like APN and Marketplace with person-to-person in relationship development for core key opportunities in things like FinTech and Retail and so on. >> Interviewer: Mm-hmm. >> We have significant industry groups and business units- >> Interviewer: Mm-hmm. >> in the enterprise level that our teams work with day in and day out to help foster those relationships. And to help CoreStack continue to develop and grow that business. >> Yeah. We've talked a lot about cost, right? >> Yeah. >> But there's a difference between reducing costs or optimizing your spend, right? I mean there- >> Brad: Right. >> Right. There's a... They're very different prism. So in terms of optimizing and what you're doing in the data governance world, what kind of conversations discussions are you having with your clients? And how is that relationship with AWS allowing you to go with confidence into those discussions and be able to sell optimization of how they're going to spend maybe more money than they had planned on originally? >> So today, because of the extra external micro-market conditions, every single customer that we talk to wanting to take a foster status of, "Hey, where are we today? How are we using the cloud? Are we in an optimized state?" >> Interviewer: Mm-hmm. >> And when it comes to optimization, again, the larger customers that we talk to are really bothered about the business outcome and how their services and ability to cater to their customers, right? >> Interviewer: Mm-hmm. >> They don't want to compromise on that just because they want to optimize on the spend. That conversation trickled down to taking a poster assessment first, and then are you using the right set of services within AWS? Are the right set of services being optimized for various requirements? >> Interviewer: Mm-hmm. >> And AWS help in terms of catering to the segment of customers who need that kind of a play through the patent ecosystem. >> John: Mm-hmm. Yeah. We've talked a lot about confidence too, cloud with confidence. >> Brad: Yeah. Yeah. >> What does that mean to different people, you think? I mean, (Brad laughing) because don't you have to feel them out and say "Okay. What's kind of your tolerance level for certain, not risks, but certain measures that you might need to change"? >> I actually think it's flipped the other way around now. I think the risk factor- >> Okay. >> is more on your on-prem environment. And all that goes with that. 'Cause you... Because the development of the cloud in the last 15 years has been profound. It's gone from... That's been the risky proposition now. With all of the infrastructure, all the security and compliance guardrails we have built into the cloud, it's really more about transition and risk of transition. And that's what we see a lot of. And that's why, again, where governance comes into play here, which is how do I move my business from on-prem in a fairly insecure environment relatively speaking to the secure cloud? >> Interviewer: Sure. >> How do I do that without disrupting business? How do I do that without putting my business at risk? And that's a key piece. I want to come back, if I may, something on cost-cutting. >> Interviewer: Sure. >> We were talking about this on the way up here. Cost-cutting, it's the bonfire of the vanities in that in that everybody is talking about cost-cutting. And so we're in doing that perpetuating the very problem that we kind of want to avoid, which is our big cost-cutting. (laughs) So... And I say that because in the venture capital community, what's happening is two things: One is, everybody's being asked to extend their runways as much as possible, but they are not letting them off the hook on growth. And so what we're seeing a lot of is a more nuanced conversation of where you trim your costs, it's not essential, spend, but reinvest. Especially if you've got good strong product market fit, reinvest that for growth. And so that's... So if I think about our playbook for 2023, it's to help good strong startups. Either tune their market fit or now that they good have have good market fit, really run and develop their business. So growth is not off the hook for 2023. >> And then let me just hit on something- >> Yeah. >> before we say goodbye here that you just touched on too, Brad, about. How we see startups, right? AWS, I mean, obviously there's a company focus on nurturing this environment of innovation and of growth. And for people looking at maybe through different prisms and coming. >> Brad: Yeah. >> So if you would maybe from your side of the fence, Ez from CoreStack, about working as a startup with AWS, I mean, how would you characterize that relationship about the kind of partnership that you have? And I want to hear from Brad too about how he sees AWS in general in the startup world. But go ahead. >> It's kind of a mutually enriching relationship, right? The support that comes from AWS because our combined goal is help the customers maximize the potential of cloud. >> Interviewer: Mm-hmm. >> And we talked about confidence. And we talked about all the enablement that we provide. But the partnership helps us get to the reach, right? >> Interviewer: Mm-hmm. >> Reach at scale. >> Interviewer: Mm-hmm. We are talking about customers from different industry verticals having different set of problems. And how do we solve it together so that like the reimbursement that happens, in fact healthcare customers that we repeatedly talk to, even in the current market conditions, they don't want to save. They want to optimize and re-spend their savings using more cloud. >> Interviewer: Mm-hmm. >> So that's the partnership that is mutually enriching. >> Absolutely. >> Yeah. To me, this is easy. I think the reason why a lot of us are here at AWS, especially the startup world, is that our business interests are completely aligned. So I run a pretty significant business unit in a startup neighbor. But a good part of my job and my team's job is to go help cut costs. >> Interviewer: Mm-hmm. >> So tell me... Show me a revenue responsibility position where part of your job is to go cut cost. >> Interviewer: Right. >> It's so unique and we're not a non-profit. We just have a very good long-term view, right? Which is, if we help companies reduce costs and conserve capital and really make sure that that capital is being used the right way, then their long-term viability comes into play. And that's where we have a chance to win more of that business over time. >> Interviewer: Mm-hmm. >> And so because those business interests are very congruent and we come in, we earn so much trust in the process. But I think that... That's why I think we being AWS, are uniquely successful startups. Our business interests are completely aligned and there's a lot of trust for that. >> It's a great success story. It really is. And thank you for sharing your little slice of that and growing slice of that too- >> Yeah. Absolutely. >> from all appearances. Thank you both. >> Thank you, John. >> Thank you very much, John. >> Appreciate your time. >> This is part of the AWS Startup Showcase. And I'm John Walls. You're watching theCUBE here at AWS re:Invent '22. And theCUBE, of course, the leader in high tech coverage.

(upbeat music) >> Hey guys, welcome back to the show floor of KubeCon + CloudNativeCon '22 North America from Detroit, Michigan. Lisa Martin here with John Furrier. This is day one, John at theCUBE's coverage. >> CUBE's coverage. >> theCUBE's coverage of KubeCon. Try saying that five times fast. Day one, we have three wall-to-wall days. We've been talking about Kubernetes, containers, adoption, cloud adoption, app modernization all morning. We can't talk about those things without addressing security. >> Yeah, this segment we're going to hear container and Kubernetes security for modern application 'cause the enterprise are moving there. And this segment with Red Hat's going to be important because they are the leader in the enterprise when it comes to open source in Linux. So this is going to be a very fun segment. >> Very fun segment. Two guests from Red Hat join us. Please welcome Doron Caspin, Senior Principal Product Manager at Red Hat. Michael Foster joins us as well, Principal Product Marketing Manager and StackRox Community Lead at Red Hat. Guys, great to have you on the program. >> Thanks for having us. >> Thank you for having us. >> It's awesome. So Michael StackRox acquisition's been about a year. You got some news? >> Yeah, 18 months. >> Unpack that for us. >> It's been 18 months, yeah. So StackRox in 2017, originally we shifted to be the Kubernetes-native security platform. That was our goal, that was our vision. Red Hat obviously saw a lot of powerful, let's say, mission statement in that, and they bought us in 2021. Pre-acquisition we were looking to create a cloud service. Originally we ran on Kubernetes platforms, we had an operator and things like that. Now we are looking to basically bring customers in into our service preview for ACS as a cloud service. That's very exciting. Security conversation is top notch right now. It's an all time high. You can't go with anywhere without talking about security. And specifically in the code, we were talking before we came on camera, the software supply chain is real. It's not just about verification. Where do you guys see the challenges right now? Containers having, even scanning them is not good enough. First of all, you got to scan them and that may not be good enough. Where's the security challenges and where's the opportunity? >> I think a little bit of it is a new way of thinking. The speed of security is actually does make you secure. We want to keep our images up and fresh and updated and we also want to make sure that we're keeping the open source and the different images that we're bringing in secure. Doron, I know you have some things to say about that too. He's been working tirelessly on the cloud service. >> Yeah, I think that one thing, you need to trust your sources. Even if in the open source world, you don't want to copy paste libraries from the web. And most of our customers using third party vendors and getting images from different location, we need to trust our sources and we have a really good, even if you have really good scanning solution, you not always can trust it. You need to have a good solution for that. >> And you guys are having news, you're announcing the Red Hat Advanced Cluster Security Cloud Service. >> Yes. >> What is that? >> So we took StackRox and we took the opportunity to make it as a cloud services so customer can consume the product as a cloud services as a start offering and customer can buy it through for Amazon Marketplace and in the future Azure Marketplace. So customer can use it for the AKS and EKS and AKS and also of course OpenShift. So we are not specifically for OpenShift. We're not just OpenShift. We also provide support for EKS and AKS. So we provided the capability to secure the whole cloud posture. We know customer are not only OpenShift or not only EKS. We have both. We have free cloud or full cloud. So we have open. >> So it's not just OpenShift, it's Kubernetes, environments, all together. >> Doron: All together, yeah. >> Lisa: Meeting customers where they are. >> Yeah, exactly. And we focus on, we are not trying to boil the ocean or solve the whole cloud security posture. We try to solve the Kubernetes security cluster. It's very unique and very need unique solution for that. It's not just added value in our cloud security solution. We think it's something special for Kubernetes and this is what Red that is aiming to. To solve this issue. >> And the ACS platform really doesn't change at all. It's just how they're consuming it. It's a lot quicker in the cloud. Time to value is right there. As soon as you start up a Kubernetes cluster, you can get started with ACS cloud service and get going really quickly. >> I'm going to ask you guys a very simple question, but I heard it in the bar in the lobby last night. Practitioners talking and they were excited about the Red Hat opportunity. They actually asked a question, where do I go and get some free Red Hat to test some Kubernetes out and run helm or whatever. They want to play around. And do you guys have a program for someone to get start for free? >> Yeah, so the cloud service specifically, we're going to service preview. So if people sign up, they'll be able to test it out and give us feedback. That's what we're looking for. >> John: Is that a Sandbox or is that going to be in the cloud? >> They can run it in their own environment. So they can sign up. >> John: Free. >> Doron: Yeah, free. >> For the service preview. All we're asking for is for customer feedback. And I know it's actually getting busy there. It's starting December. So the quicker people are, the better. >> So my friend at the lobby I was talking to, I told you it was free. I gave you the sandbox, but check out your cloud too. >> And we also have the open source version so you can download it and use it. >> Yeah, people want to know how to get involved. I'm getting a lot more folks coming to Red Hat from the open source side that want to get their feet wet. That's been a lot of people rarely interested. That's a real testament to the product leadership. Congratulations. >> Yeah, thank you. >> So what are the key challenges that you have on your roadmap right now? You got the products out there, what's the current stake? Can you scope the adoption? Can you share where we're at? What people are doing specifically and the real challenges? >> I think one of the biggest challenges is talking with customers with a slightly, I don't want to say outdated, but an older approach to security. You hear things like malware pop up and it's like, well, really what we should be doing is keeping things into low and medium vulnerabilities, looking at the configuration, managing risk accordingly. Having disparate security tools or different teams doing various things, it's really hard to get a security picture of what's going on in the cluster. That's some of the biggest challenges that we talk with customers about. >> And in terms of resolving those challenges, you mentioned malware, we talk about ransomware. It's a household word these days. It's no longer, are we going to get hit? It's when? It's what's the severity? It's how often? How are you guys helping customers to dial down some of the risk that's inherent and only growing these days? >> Yeah, risk, it's a tough word to generalize, but our whole goal is to give you as much security information in a way that's consumable so that you can evaluate your risk, set policies, and then enforce them early on in the cluster or early on in the development pipeline so that your developers get the security information they need, hopefully asynchronously. That's the best way to do it. It's nice and quick, but yeah. I don't know if Doron you want to add to that? >> Yeah, so I think, yeah, we know that ransomware, again, it's a big world for everyone and we understand the area of the boundaries where we want to, what we want to protect. And we think it's about policies and where we enforce it. So, and if you can enforce it on, we know that as we discussed before that you can scan the image, but we never know what is in it until you really run it. So one of the thing that we we provide is runtime scanning. So you can scan and you can have policy in runtime. So enforce things in runtime. But even if one image got in a way and get to your cluster and run on somewhere, we can stop it in runtime. >> Yeah. And even with the runtime enforcement, the biggest thing we have to educate customers on is that's the last-ditch effort. We want to get these security controls as early as possible. That's where the value's going to be. So we don't want to be blocking things from getting to staging six weeks after developers have been working on a project. >> I want to get you guys thoughts on developer productivity. Had Docker CEO on earlier and since then I had a couple people messaging me. Love the vision of Docker, but Docker Hub has some legacy and it might not, has does something kind of adoption that some people think it does. Are people moving 'cause there times they want to have these their own places? No one place or maybe there is, or how do you guys see the movement of say Docker Hub to just using containers? I don't need to be Docker Hub. What's the vis-a-vis competition? >> I mean working with open source with Red Hat, you have to meet the developers where they are. If your tool isn't cutting it for developers, they're going to find a new tool and really they're the engine, the growth engine of a lot of these technologies. So again, if Docker, I don't want to speak about Docker or what they're doing specifically, but I know that they pretty much kicked off the container revolution and got this whole thing started. >> A lot of people are using your environment too. We're hearing a lot of uptake on the Red Hat side too. So, this is open source help, it all sorts stuff out in the end, like you said, but you guys are getting a lot of traction there. Can you share what's happening there? >> I think one of the biggest things from a developer experience that I've seen is the universal base image that people are using. I can speak from a security standpoint, it's awesome that you have a base image where you can make one change or one issue and it can impact a lot of different applications. That's one of the big benefits that I see in adoption. >> What are some of the business, I'm curious what some of the business outcomes are. You talked about faster time to value obviously being able to get security shifted left and from a control perspective. but what are some of the, if I'm a business, if I'm a telco or a healthcare organization or a financial organization, what are some of the top line benefits that this can bubble up to impact? >> I mean for me, with those two providers, compliance is a massive one. And just having an overall look at what's going on in your clusters, in your environments so that when audit time comes, you're prepared. You can get through that extremely quickly. And then as well, when something inevitably does happen, you can get a good image of all of like, let's say a Log4Shell happens, you know exactly what clusters are affected. The triage time is a lot quicker. Developers can get back to developing and then yeah, you can get through it. >> One thing that we see that customers compliance is huge. >> Yes. And we don't want to, the old way was that, okay, I will provision a cluster and I will do scans and find things, but I need to do for PCI DSS for example. Today the customer want to provision in advance a PCI DSS cluster. So you need to do the compliance before you provision the cluster and make all the configuration already baked for PCI DSS or HIPAA compliance or FedRAMP. And this is where we try to use our compliance, we have tools for compliance today on OpenShift and other clusters and other distribution, but you can do this in advance before you even provision the cluster. And we also have tools to enforce it after that, after your provision, but you have to do it again before and after to make it more feasible. >> Advanced cluster management and the compliance operator really help with that. That's why OpenShift Platform Plus as a bundle is so popular. Just being able to know that when a cluster gets provision, it's going to be in compliance with whatever the healthcare provider is using. And then you can automatically have ACS as well pop up so you know exactly what applications are running, you know it's in compliance. I mean that's the speed. >> You mentioned the word operator, I get triggering word now for me because operator role is changing significantly on this next wave coming because of the automation. They're operating, but they're also devs too. They're developing and composing. It's almost like a dashboard, Lego blocks. The operator's not just manually racking and stacking like the old days, I'm oversimplifying it, but the new operators running stuff, they got observability, they got coding, their servicing policy. There's a lot going on. There's a lot of knobs. Is it going to get simpler? How do you guys see the org structures changing to fill the gap on what should be a very simple, turn some knobs, operate at scale? >> Well, when StackRox originally got acquired, one of the first things we did was put ACS into an operator and it actually made the application life cycle so much easier. It was very easy in the console to go and say, Hey yeah, I want ACS my cluster, click it. It would get provisioned. New clusters would get provisioned automatically. So underneath it might get more complicated. But in terms of the application lifecycle, operators make things so much easier. >> And of course I saw, I was lucky enough with Lisa to see Project Wisdom in AnsibleFest. You going to say, Hey, Red Hat, spin up the clusters and just magically will be voice activated. Starting to see AI come in. So again, operations operator is got to dev vibe and an SRE vibe, but it's not that direct. Something's happening there. We're trying to put our finger on. What do you guys think is happening? What's the real? What's the action? What's transforming? >> That's a good question. I think in general, things just move to the developers all the time. I mean, we talk about shift left security, everything's always going that way. Developers how they're handing everything. I'm not sure exactly. Doron, do you have any thoughts on that. >> Doron, what's your reaction? You can just, it's okay, say what you want. >> So I spoke with one of our customers yesterday and they say that in the last years, we developed tons of code just to operate their infrastructure. That if developers, so five or six years ago when a developer wanted VM, it will take him a week to get a VM because they need all their approval and someone need to actually provision this VM on VMware. And today they automate all the way end-to-end and it take two minutes to get a VM for developer. So operators are becoming developers as you said, and they develop code and they make the infrastructure as code and infrastructure as operator to make it more easy for the business to run. >> And then also if you add in DataOps, AIOps, DataOps, Security Ops, that's the new IT. It seems to be the new IT is the stuff that's scaling, a lot of data's coming in, you got security. So all that's got to be brought in. How do you guys view that into the equation? >> Oh, I mean you become big generalists. I think there's a reason why those cloud security or cloud professional certificates are becoming so popular. You have to know a lot about all the different applications, be able to code it, automate it, like you said, hopefully everything as code. And then it also makes it easy for security tools to come in and look and examine where the vulnerabilities are when those things are as code. So because you're going and developing all this automation, you do become, let's say a generalist. >> We've been hearing on theCUBE here and we've been hearing the industry, burnout, associated with security professionals and some DataOps because the tsunami of data, tsunami of breaches, a lot of engineers getting called in the middle of the night. So that's not automated. So this got to get solved quickly, scaled up quickly. >> Yes. There's two part question there. I think in terms of the burnout aspect, you better send some love to your security team because they only get called when things get broken and when they're doing a great job you never hear about them. So I think that's one of the things, it's a thankless profession. From the second part, if you have the right tools in place so that when something does hit the fan and does break, then you can make an automated or a specific decision upstream to change that, then things become easy. It's when the tools aren't in place and you have desperate environments so that when a Log4Shell or something like that comes in, you're scrambling trying to figure out what clusters are where and where you're impacted. >> Point of attack, remediate fast. That seems to be the new move. >> Yeah. And you do need to know exactly what's going on in your clusters and how to remediate it quickly, how to get the most impact with one change. >> And that makes sense. The service area is expanding. More things are being pushed. So things will, whether it's a zero day vulnerability or just attack. >> Just mix, yeah. Customer automate their all of things, but it's good and bad. Some customer told us they, I think Spotify lost the whole a full zone because of one mistake of a customer because they automate everything and you make one mistake. >> It scale the failure really. >> Exactly. Scaled the failure really fast. >> That was actually few contact I think four years ago. They talked about it. It was a great learning experience. >> It worked double edge sword there. >> Yeah. So definitely we need to, again, scale automation, test automation way too, you need to hold the drills around data. >> Yeah, you have to know the impact. There's a lot of talk in the security space about what you can and can't automate. And by default when you install ACS, everything is non-enforced. You have to have an admission control. >> How are you guys seeing your customers? Obviously Red Hat's got a great customer base. How are they adopting to the managed service wave that's coming? People are liking the managed services now because they maybe have skills gap issues. So managed service is becoming a big part of the portfolio. What's your guys' take on the managed services piece? >> It's just time to value. You're developing a new application, you need to get it out there quick. If somebody, your competitor gets out there a month before you do, that's a huge market advantage. >> So you care how you got there. >> Exactly. And so we've had so much Kubernetes expertise over the last 10 or so, 10 plus year or well, Kubernetes for seven plus years at Red Hat, that why wouldn't you leverage that knowledge internally so you can get your application. >> Why change your toolchain and your workflows go faster and take advantage of the managed service because it's just about getting from point A to point B. >> Exactly. >> Well, in time to value is, you mentioned that it's not a trivial term, it's not a marketing term. There's a lot of impact that can be made. Organizations that can move faster, that can iterate faster, develop what their customers are looking for so that they have that competitive advantage. It's definitely not something that's trivial. >> Yeah. And working in marketing, whenever you get that new feature out and I can go and chat about it online, it's always awesome. You always get customers interests. >> Pushing new code, being secure. What's next for you guys? What's on the agenda? What's around the corner? We'll see a lot of Red Hat at re:Invent. Obviously your relationship with AWS as strong as a company. Multi-cloud is here. Supercloud as we've been saying. Supercloud is a thing. What's next for you guys? >> So we launch the cloud services and the idea that we will get feedback from customers. We are not going GA. We're not going to sell it for now. We want to get customers, we want to get feedback to make the product as best what we can sell and best we can give for our customers and get feedback. And when we go GA and we start selling this product, we will get the best product in the market. So this is our goal. We want to get the customer in the loop and get as much as feedback as we can. And also we working very closely with our customers, our existing customers to announce the product to add more and more features what the customer needs. It's all about supply chain. I don't like it, but we have to say, it's all about making things more automated and make things more easy for our customer to use to have security in the Kubernetes environment. >> So where can your customers go? Clearly, you've made a big impact on our viewers with your conversation today. Where are they going to be able to go to get their hands on the release? >> So you can find it on online. We have a website to sign up for this program. It's on my blog. We have a blog out there for ACS cloud services. You can just go there, sign up, and we will contact the customer. >> Yeah. And there's another way, if you ever want to get your hands on it and you can do it for free, Open Source StackRox. The product is open source completely. And I would love feedback in Slack channel. It's one of the, we also get a ton of feedback from people who aren't actually paying customers and they contribute upstream. So that's an awesome way to get started. But like you said, you go to, if you search ACS cloud service and service preview. Don't have to be a Red Hat customer. Just if you're running a CNCF compliant Kubernetes version. we'd love to hear from you. >> All open source, all out in the open. >> Yep. >> Getting it available to the customers, the non-customers, they hopefully pending customers. Guys, thank you so much for joining John and me talking about the new release, the evolution of StackRox in the last season of 18 months. Lot of good stuff here. I think you've done a great job of getting the audience excited about what you're releasing. Thank you for your time. >> Thank you. >> Thank you. >> For our guest and for John Furrier, Lisa Martin here in Detroit, KubeCon + CloudNativeCon North America. Coming to you live, we'll be back with our next guest in just a minute. (gentle music)

>>Good afternoon, friends. My name is Savannah Peterson here in the Cube Studios live from Detroit, Michigan, where we're at Cuban and Cloud Native Foundation, Cloud Native Con all week. Our last interview of the day served me a real treat and one that I wasn't expecting. It turns out that I am in the presence of two caddies. It's a literal episode of Caddy Shack up here on Cube. John Furrier. I don't think the audience knows that you were a caddy. Tell us about your caddy days. >>I used to caddy when I was a kid at the local country club every weekend. This is amazing. Double loops every weekend. Make some bang, two bags on each shoulder. Caddying for the members where you're going. Now I'm >>On show. Just, just really impressive >>Now. Now I'm caddying for the cube where I caddy all this great content out to the audience. >>He's carrying the story of emerging brands and established companies on their cloud journey. I love it. John, well played. I don't wanna waste any more of this really wonderful individual's time, but since we now have a new trend of talking about everyone's Twitter handle here on the cube, this may be my favorite one of the day, if not Q4 so far. Drew, not reply. AKA Drew ne Drew Nielsen, excuse me, there is here with us from Teleport. Drew, thanks so much for being here. >>Oh, thanks for having me. It's great to be here. >>And so you were a caddy on a whole different level. Can you tell us >>About that? Yeah, so I was in university and I got tired after two years and didn't have a car in LA and met a pro golfer at a golf course and took two years off and traveled around caddying for him and tried to get 'em through Q School. >>This is, this is fantastic. So if you're in school and your parents are telling you to continue going to school, know that you can drop out and be a caddy and still be a very successful television personality. Like both of the gentlemen at some point. >>Well, I never said my parents like >>That decision, but we'll keep our day jobs. Yeah, exactly. And one of them is Cloud Native Security. The hottest topic here at the show. Yep. I want to get into it. You guys are doing some really cool things. Are we? We hear Zero Trust, you know, ransomware and we even, I even talked with the CEO of Dockets morning about container security issues. Sure. There's a lot going on. So you guys are in the middle of teleport. You guys have a unique solution. Tell us what you guys got going on. What do you guys do? What's the solution and what's the problem you solve? >>So Teleport is the first and only identity native infrastructure access solution in the market. So breaking that down, what that really means is identity native being the combination of secret list, getting rid of passwords, Pam Vaults, Key Vaults, Yeah. Passwords written down. Basically the number one source of breach. And 50 to 80% of breaches, depending on whose numbers you want to believe are how organizations get hacked. >>But it's not password 1 23 isn't protecting >>Cisco >>Right >>Now. Well, if you think about when you're securing infrastructure and the second component being zero trust, which assumes the network is completely insecure, right? But everything is validated. Resource to resource security is validated, You know, it assumes work from anywhere. It assumes the security comes back to that resource. And we take the combination of those two into identity, native access where we cryptographically ev, validate identity, but more importantly, we make an absolutely frictionless experience. So engineers can access infrastructure from anywhere at any time. >>I'm just flashing on my roommates, checking their little code, changing Bob login, you know, dongle essentially, and how frustrating that always was. I mean, talk about interrupting workflow was something that's obviously necessary, but >>Well, I mean, talk about frustration if I'm an engineer. Yeah, absolutely. You know, back in the day when you had these three tier monolithic applications, it was kind of simple. But now as you've got modern application development environments Yeah, multi-cloud, hybrid cloud, whatever marketing term around how you talk about this, expanding sort of disparate infrastructure. Engineers are sitting there going from system to system to machine to database to application. I mean, not even a conversation on Kubernetes yet. Yeah. And it's just, you know, every time you pull an engineer or a developer to go to a vault to pull something out, you're pulling them out for 10 minutes. Now, applications today have hundreds of systems, hundreds of microservices. I mean 30 of these a day and nine minutes, 270 minutes times 60. And they also >>Do the math. Well, there's not only that, there's also the breach from manual error. I forgot to change the password. What is that password? I left it open, I left it on >>Cognitive load. >>I mean, it's the manual piece. But even think about it, TR security has to be transparent and engineers are really smart people. And I've talked to a number of organizations who are like, yeah, we've tried to implement security solutions and they fail. Why? They're too disruptive. They're not transparent. And engineers will work their way around them. They'll write it down, they'll do a workaround, they'll backdoor it something. >>All right. So talk about how it works. But I, I mean, I'm getting the big picture here. I love this. Breaking down the silos, making engineers lives easier, more productive. Clearly the theme, everyone they want, they be gonna need. Whoever does that will win it all. How's it work? I mean, you deploying something, is it code, is it in line? It's, >>It's two binaries that you download and really it starts with the core being the identity native access proxy. Okay. So that proxy, I mean, if you look at like the zero trust principles, it all starts with a proxy. Everything connects into that proxy where all the access is gated, it's validated. And you know, from there we have an authorization engine. So we will be the single source of truth for all access across your entire infrastructure. So we bring machines, engineers, databases, applications, Kubernetes, Linux, Windows, we don't care. And we basically take that into a single architecture and single access platform that essentially secures your entire infrastructure. But more importantly, you can do audit. So for all of the organizations that are dealing with FedRAMP, pci, hipaa, we have a complete audit trail down to a YouTube style playback. >>Oh, interesting. We're we're California and ccpa. >>Oh, gdpr. >>Yeah, exactly. It, it, it's, it's a whole shebang. So I, I love, and John, maybe you've heard this term a lot more than I have, but identity native is relatively new to me as as a term. And I suspect you have a very distinct way of defining identity. How do you guys define identity internally? >>So identity is something that is cryptographically validated. It is something you have. So it's not enough. If you look at, you know, credentials today, everyone's like, Oh, I log into my computer, but that's my identity. No, it's not. Right. Those are attributes. Those are something that is secret for a period of time until you write it down. But I can't change my fingerprint. Right. And now I >>Was just >>Thinking of, well no, perfect case in point with touch ID on your meth there. Yeah. It's like when we deliver that cryptographically validated identity, we use these secure modules in like modern laptops or servers. Yeah. To store that identity so that even if you're sitting in front of your computer, you can't get to it. But more importantly, if somebody were to take that and try to be you and try to log in with your fingerprint, it's >>Not, I'm not gonna lie, I love the apple finger thing, you know, it's like, you know, space recognition, like it's really awesome. >>It save me a lot of time. I mean, even when you go through customs and they do the face scan now it actually knows who you are, which is pretty wild in the last time you wanna provide ones. But it just shifted over like maybe three months ago. Well, >>As long as no one chops your finger off like they do in the James Bond movies. >>I mean, we try and keep it a light and fluffy here on the queue, but you know, do a finger teams, we can talk about that >>Too. >>Gabby, I was thinking more minority report, >>But you >>Knows that's exactly what I, what I think of >>Hit that one outta bounds. So I gotta ask, because you said you're targeting engineers, not IT departments. What's, is that, because I in your mind it is now the engineers or what's the, is always the solution more >>Targeted? Well, if you really look at who's dealing with infrastructure on a day-to-day basis, those are DevOps individuals. Those are infrastructure teams, Those are site reliability engineering. And when it, they're the ones who are not only managing the infrastructure, but they're also dealing with the code on it and everything else. And for us, that is who is our primary customer and that's who's doing >>It. What's the biggest problem that you're solving in this use case? Because you guys are nailing it. What's the problem that your identity native solution solves? >>You know, right out of the backs we remove the number one source of breach. And that is taking passwords, secrets and, and keys off the board. That deals with most of the problem right there. But there are really two problems that organizations face. One is scaling. So as you scale, you get more secrets, you get more keys, you get all these things that is all increasing your attack vector in real time. Oh >>Yeah. Across teams locations. I can't even >>Take your pick. Yeah, it's across clouds, right? Any of it >>On-prem doesn't. >>Yeah. Any of it. We, and we allow you to scale, but do it securely and the security is transparent and your engineers will absolutely love it. What's the most important thing about this product Engineers. Absolutely. >>What are they saying? What are some of those examples? Anecdotally, pull boats out from engineering. >>You're too, we should have invent, we should have invented this ourselves. Or you know, we have run into a lot of customers who have tried to home brew this and they're like, you know, we spend an in nor not of hours on it >>And IT or they got legacy from like Microsoft or other solutions. >>Sure, yeah. Any, but a lot of 'em is just like, I wish I had done it myself. Or you know, this is what security should be. >>It makes so much sense and it gives that the team such a peace of mind. I mean, you never know when a breach is gonna come, especially >>It's peace of mind. But I think for engineers, a lot of times it deals with the security problem. Yeah. Takes it off the table so they can do their jobs. Yeah. With zero friction. Yeah. And you know, it's all about speed. It's all about velocity. You know, go fast, go fast, go fast. And that's what we enable >>Some of the benefits to them is they get to save time, focus more on, on task that they need to work on. >>Exactly. >>And get the >>Job done. And on top of it, they answer the audit and compliance mail every time it comes. >>Yeah. Why are people huge? Honestly, why are people doing this? Because, I mean, identity is just such an hard nut to crack. Everyone's got their silos, Vendors having clouds have 'em. Identity is the most fragmented thing on >>The planet. And it has been fragmented ever since my first RSA conference. >>I know. So will we ever get this do over? Is there a driver? Is there a market force? Is this the time? >>I think the move to modern applications and to multi-cloud is driving this because as those application stacks get more verticalized, you just, you cannot deal with the productivity >>Here. And of course the next big thing is super cloud and that's coming fast. Savannah, you know, You know that's Rocket. >>John is gonna be the thought leader and keyword leader of the word super cloud. >>Super Cloud is enabling super services as the cloud cast. Brian Gracely pointed out on his Sunday podcast of which if that happens, Super Cloud will enable super apps in a new architectural >>List. Please don't, and it'll be super, just don't. >>Okay. Right. So what are you guys up to next? What's the big hot spot for the company? What are you guys doing? What are you guys, What's the idea guys hiring? You put the plug in. >>You know, right now we are focused on delivering the best identity, native access platform that we can. And we will continue to support our customers that want to use Kubernetes, that want to use any different type of infrastructure. Whether that's Linux, Windows applications or databases. Wherever they are. >>Are, are your customers all of a similar DNA or are you >>No, they're all over the map. They range everything from tech companies to financial services to, you know, fractional property. >>You seem like someone everyone would need. >>Absolutely. >>And I'm not just saying that to be a really clean endorsement from the Cube, but >>If you were doing DevOps Yeah. And any type of forward-leaning shift, left engineering, you need us because we are basically making security as code a reality across your entire infrastructure. >>Love this. What about the team dna? Are you in a scale growth stage right now? What's going on? Absolutely. Sounds I was gonna say, but I feel like you would have >>To be. Yeah, we're doing, we're, we have a very positive outlook and you know, even though the economic time is what it is, we're doing very well meeting. >>How's the location? Where's the location of the headquarters now? With remote work is pretty much virtual. >>Probably. We're based in downtown Oakland, California. >>Woohoo. Bay area representing on this stage right now. >>Nice. Yeah, we have a beautiful office right in downtown Oakland and yeah, it's been great. Awesome. >>Love that. And are you hiring right now? I bet people might be. I feel like some of our cube watchers are here waiting to figure out their next big play. So love to hear that. Absolutely love to hear that. Besides Drew, not reply, if people want to join your team or say hello to you and tell you how brilliant you looked up here, or ask about your caddy days and maybe venture a guest to who that golfer may have been that you were CAD Inc. For, what are the best ways for them to get in touch with you? >>You can find me on LinkedIn. >>Great. Fantastic. John, anything else >>From you? Yeah, I mean, I just think security is paramount. This is just another example of where the innovation has to kind of break through without good identity, everything could cripple. Then you start getting into the silos and you can start getting into, you know, tracking it. You got error user errors, you got, you know, one of the biggest security risks. People just leave systems open, they don't even know it's there. So like, I mean this is just, just identity is the critical linchpin to, to solve for in security to me. And that's totally >>Agree. We even have a lot of customers who use us just to access basic cloud consoles. Yeah. >>So I was actually just gonna drive there a little bit because I think that, I'm curious, it feels like a solution for obviously complex systems and stacks, but given the utility and what sounds like an extreme ease of use, I would imagine people use this for day-to-day stuff within their, >>We have customers who use it to access their AWS consoles. We have customers who use it to access Grafana dashboards. You know, for, since we're sitting here at coupon accessing a Lens Rancher, all of the amazing DevOps tools that are out there. >>Well, I mean true. I mean, you think about all the reasons why people don't adopt this new federated approach or is because the IT guys did it and the world we're moving into, the developers are in charge. And so we're seeing the trend where developers are taking the DevOps and the data and the security teams are now starting to reset the guardrails. What's your >>Reaction to that? Well, you know, I would say that >>Over the top, >>Well I would say that you know, your DevOps teams and your infrastructure teams and your engineers, they are the new king makers. Yeah. Straight up. Full stop. >>You heard it first folks. >>And that's >>A headline right >>There. That is a headline. I mean, they are the new king makers and, but they are being forced to do it as securely as possible. And our job is really to make that as easy and as frictionless as possible. >>Awesome. >>And it sounds like you're absolutely nailing it. Drew, thank you so much for being on the show. Thanks for having today. This has been an absolute pleasure, John, as usual a joy. And thank all of you for tuning in to the Cube Live here at CU Con from Detroit, Michigan. We look forward to catching you for day two tomorrow.

>>Hey everyone. Welcome to the cubes presentation of the AWS startup showcase. This is season two, episode four, where we continue to talk with the AWS ecosystem partners, this topic, cybersecurity protect and detect against threats. I'm your host, Lisa Martin. I've got a new guest with me. Ryan Ferris joins me the VP of products and engineering at Anisha. Ryan. Welcome to the program. Great to have you. >>Thank you so much for having me. >>So let's dig right in. Why are software vendors turning to Anisha to help them address and access the nearly for over 200 billion market public sector, federal market for cloud services? What is that key event? >>Yeah, it's it. If you know anything about FedRAMP and if you've looked into it, it takes a long time to achieve Fedra. So when customers kind of go into this cold and they're from Mars and they're like, what is bed? They usually find that it's an 18 month journey, maybe a 24 month journey. And so Anisha helps shorten that journey with lower costs and faster time to market. So if you're waiting for our revenue stream from say a government entity, we can get you there faster and get you to a, a state of Fedra certified in a shorter time period. And that's the value problem. >>Faster time to value is critical for organizations. So let's look at this journey as you talked about it, what does the path to compliance look like for specifically for AWS customers with a nation and without help us understand the value add? >>Yeah. So if you're doing it without Angen or if you're just kind of doing it yourself, which some customers choose to do, then they have to go on that journey and kind of learn about three primary things. One thing is how do I just write the entire package? Like there there's a thing called an SSP or a, a system security plan. And that thing is maybe seven or 800 pages long. And you have to offer that all by yourself so you can get help with that or not. That's sort of the academic and, and, and tech writing piece of it. There's another piece of it around what does my environment look like? So as I am ruling out this Fedra solution, what are each piece in my environment that needs to be compliant with Fedra? And it's a voluminous amount of things can be either a dozen or maybe up to a hundred things that you have to tweak and change. So there's a technical deployment store here as well. And then the third thing is keeping you compliant in your AWS environment after you've achieved kind of that readiness state. So the journey does not stop once you achieve Fedra, ATO, it goes on and on and on, and Anisha helps customers kind of maintain and keep them there in that fully compliance state after achieving ATO, >>What's the timeframe for AWS customers in terms of going, alright, we realize we're going on this journey. It's challenging. We need An's help. What's the timeframe to get them actually certified. >>Yeah. We look at the timeframe between the moment you deploy and the moment you start writing about that tech, that Fedra package and when you're audit ready, and in the best case scenario, that could be a few months, right? But you're always, your mileage may vary based on kind of your application readiness and how ready you are to pursue that journey. So the fastest happy path is a few months to audit, audit an audit ready state, but then you have, you kinda have to go through a process whereby you're in the queue for Fedra. And that can kind of take maybe an extra few months, but it really is that that three month accelerated timeframe in the best case scenario, >>Got it. Three months accelerated timeframe. Are there other compliance standards that besides Fedra that you help organizations get compliance with? >>Right. So it's a great question. So FedRAMP in and of itself is just really hard to get to. It's just so many things that you have to do, but if you get to that state, it's based off of a standard called missed 853 specifically rev four, that's kind of a mouthful, but once you achieve that state, there's basically 325 controls that come along with fed moderate. And that buys you a lot of leverage in leeway in mapping and sort of crosswalking to other compliance levels. So if you achieve that state, you buy a lot of, kind of goodness with things that map to either PCI or even HIPAA or SOC two. And, and so you, you kind of get a big benefit and sort of a big bang for your buck by having achieved that, that state for Fedra. >>So from an AWS customer, talk to me about, obviously we talked about the time to value the speed with which you enable organizations to achieve compliance and, and readiness. What what's in it for me in terms of working with a nation as an AWS customer. >>Yeah. For, so for AWS specifically our stack, well, we have kind of two versions of our stack. One is meant for Azure and it's kind of cookie cutter and meant for folks that have an entrenched Azure footprint. The other is it's the majority of our market it's folks that want to in accelerator footprint in AWS. So what's in it for you is that Anan kind of presents something that looks pretty similar to a landing zone, but it's a little bit more peppered with complexity and with tuned configurations. So if you're an AWS customer and let's see you've had an environment for the last 5, 6, 7 years, we help you kind of take that environment and enhance it and become FedRAMP ready in a much faster state. And we are leveraging and utilizing a lot of native AWS core services like ECR, for example, is one we're just starting to lean into AWS inspector for bone scans, those types of things. And then kind of when you get up to that audit, ready state and through ATO, we aggregate a lot of that vulnerability information and vulnerability scanning information into a parable readable, actionable format. And most of those things, those gatherings of data are AWS specific functions that we kind of piggyback on. So we're heavily into cloud trail and, and quite heavy into kind of using the things that are already at our fingertips just by deploying into AWS. >>Yeah. Leveraging what they already are familiar with kind of meeting the customers where they are. I think these days is such an important factor to help organizations make the changes as quickly and dynamically as they need to. >>That's right. Yeah. That's perfect. Yeah. A lot of customers, you know, when, when they start on the journey, they kind of, they, they sort of uncover the, uncover the details around, well, I have an application and this application has existed for six or seven years. How do I get this thing FedRAMP ready? And what does onboarding mean to your stack? We try to make that specific step as easy as possible. So when I'm on the phone with prospects and I'm talking to 'em about embarking on a journey, I kind of get them to a mental model where they treat their application VPC or their application environment as sort of a, and we deploy a separate VPC into their, into their cloud account. And then we peer that information. It's kind of getting into the mechanics a little bit, but we try to make it as easy as possible to start doing the things that we're obliged to do for FedRAMP, for their application, like bone scans and, and operationalization of logging and things like that. And then we pull that information into our AIAN managed BPC. And I think once customers really start to understand and sort of synthesize that mental model, then they kind of have this Baha moment. They're like, oh, okay. Now I, now I really understand how your platform can accelerate this journey into a period that is no more than say two or three months of onboarding >>No more than two or three months. That's, that's a nice kind of guarantee for organizations who are you typically engaging with? Is it the CISO level or are there other folks involved in this conversation? >>Yeah, I, the CISO is probably the best persona to engage with, but it so varies from customer to customer and you never really know who's really gonna, oftentimes it's the CEO or, or sometimes it's a champion that might be the CFO or someone that's incentivized to really start getting market share for federal customers that they don't have access to. That might even be a VP of engineering that we're, that we're conversing with. But most often I think the CISO is central because the CISO of course wants to give in details of what does the staff consist of and exactly how are you helping me with this big burden of continuous monitoring that fed Fedra makes me do. And, and where, where do you fit in that story? So it's usually the CSO, >>Usually the CSO, but some of the other personas that you mentioned sounds like it's definitely a C level or at least a, an executive level conversation. >>It is. Yeah. I'll try to divide that a little bit from my persona. Like I, I run engineering and product. I'm usually dealing with a rather talking to and engaging with the CSO, but the folks that cut the check are either either the CEO or the CFO that really want to widen that kind of revenue stream that they don't have access to. And they're the real decision making personas in this deal. Now, after the decision decision is made, then, you know, they're vetting through VPs of engineering or engineering leaders or the CSO. So like the, the folks that pull the purse strings are usually, you know, the ones that are cutting the check to make this investment that is usually the CSO or rather CEO and the CFO. >>Got it. Okay. So if I'm an AWS customer and I'm on this journey for fed re certification, I've, I've been on it for a while. How do I know it's time to raise my hand or pick up the phone and call Anisha? >>Yeah. You know, some customers that we speak with have already tried to do it and maybe they've failed. Maybe they've been like 12 or 14 months into the journey. And they've said things like, we just don't know how to put the package together, or maybe they've engaged with the third party auditor. And the third party auditor has said, sorry, you guys need to go back to the drawing board or maybe they've missed a good percentage of the technical requirements and they need some consultation and advice or a cookie cutter approach. So it kind of, every journey is different when we are engaging. Sometimes folks are just coming in completely cold or maybe they failed. But the more interesting ones, and I think when we can look a little bit more like heroes are the ones that have tried it, and then a year later they come back, they come back to an, and they want that accelerated goodness. >>Do you have a favorite customer story that you think really articulates the value either from a customer who came in cold or a customer who came in after trying it on their own or with another partner for a year that you think really demonstrates the value that AIAN delivers? >>Yeah. There is a customer story that's sort of top of mind and it's, I think the guy primarily stuck in what tooling I'll anonymize the customer, but this customer kind of chose the wrong level of tooling as they embarked on their journey. And by tooling, I mean, let me get a little bit more specific here. You can't just choose any vulnerability scanner, for instance, if it's a SAS product, or if it's sending data or requests outside of your Fedra boundary, then you're gonna run into trouble. And this reference customer, or this prospect at the time kind of had a lot of friction there. So as they were bumping up against that three Pao deadline, they realized they had a lot of work to do. And we simplified that, that part of the journey substantially for them by essentially selecting and spoon feeding them and, and sort of accelerating that part of the deployment and technical journey for them. And they were very delighted by that part of it. >>When you're talking with customers who are in, in a state of, of change and fluxes, who isn't these days, we've seen the acceleration of digital transformation considerably over the last couple of years. How do you talk with them about a nation as an enabler of their digital transformation overall? >>Yeah. Digital transformation. It's a, it's a broad word. Isn't it like for, for customers that are moving from an on-prem world into the cloud world, you have this great opportunity to kind of start from scratch. And so for Anisha, we are deploying and maybe not start from scratch, but when you're moving from an on-prem environment into the cloud, your footprint, you have this really nice opportunity to embrace more of AWS core services and to kind of rebuild things, kind of make your architecture drastically improved, or like look different to be more supportable and like less operational overhead. And so when an nation presents itself as sort of this platform in a walled garden environment, some customers have this aha moment that like, if you're gonna move either a portion of your environment or a specific application to the cloud, AIAN really helps you establish that security within that boundary and that footprint in a, in a much more accelerated fashion, then if you were selecting each part of your security infrastructure and then trying to implement it by hand, and that's kind of where we shine. >>Got it. We talked about the personas that you're typically engaging with depending on the organization, but how do you help enterprise companies who say Anisha, we wanna improve DevOps efficiency. We wanna get our applications secure that are running on AWS and those that we may wanna move to AWS in the future. >>Yeah. This gets into futures a little bit, but part of our roadmap, a little bit of a, a kind of a look around the corner for our roadmap is that since we know so much about the FedRAMP environment and FedRAMP moderate and the standard called this 853, it's a really powerful security view. And it's also a really powerful compliance view. So, you know, as I was saying before that, if you achieve a lot of depth and excellence in nest 853, it buys you a lot of kind of crosswalk and applicability for SOC two and HIPAA and PCI. So for DevOps organizations and for just engineering organizations that want more pre-pro insight, there's no reason why you can't just deploy our platform and our stack in a pre fraud environment to get that security signaling such that you can catch things early and prevent maybe spillage or leakage or security issues to go into production. So one of the things that we're doing on a roadmap is a, a feature that we call compliance insights, whereby we present a frame of missed 853 RAV4 that you can deploy into any environment. And that particularly helps the DevOps role by saying, well, if I just, for example, exposed an S3 bucket to world, then I can catch that configuration, that compliance product and catch it, trap it and fix before it leaks out to. >>So you talked a little bit about kind of some of the things that are coming up on a, on the product side, what's next for Anisha, as we look at we're rounding out calendar year 22 coming into 2023, there's still so much change in the market. We've got to embrace that. What's next for the company. What can we expect from the VP of products and engineering? >>Yeah, I think in two, two big areas here, we're gonna double down on our Fedra offering offering, and just continuously improve it and improve it. We're pretty tempted to lean in more heavily to CMMC. We hear a lot about CMMC kind of on the periphery, but we just haven't quite felt the market pressure to really go after that. But there's definitely something there. And I would anticipate some offering that maps to that specific compliance that, that compliance framework. And then in the enterprise, we just month after month, we discuss more about how we can create more flexibility in our platform, such that commercial customers can get more of that goodness, and sort of more of that consolidation and time to market, particularly for small and mid-sized customers. So we'll be releasing more of those pieces of functionality in 2023 as well. >>So the commercial folks be on the lookout for that. >>Yes, absolutely. That's a huge untapped market for us. We're super excited about it and we'll be a little cagey on in our plans until we kind of get through this early availability period and then probably make a bigger splash in the first half of 2023. >>That sounds appropriate. Where can the audience go to learn more about what you guys are doing and maybe get ahead on some of those teaser that you just mentioned? >>Yeah. I think our marketing folks will push out more data sheets and marketing material on what's to come. And if you ever wanted to be part of this early availability program that I just discussed, or that I mentioned, you can always go to anan.com and ping us, and we'd be happy to have a conversation with you and we'll lift up the hood and allow you to look under there for, and just carry on the conversation around what's to come. >>All right, getting a peek of what's under the hood. That's always exciting, Ryan, thank you for joining me on this program. AWS startup showcase. We appreciate your time, your insights and a peek into what's going on at Anisha. >>Awesome. It was a pleasure. Thank you so much. >>Likewise. We wanna thank you for watching the AWS startup showcase for Ryan Ferris. I'm Lisa Martin stick right here on the, for great content coming your way. Take care.

(bright upbeat music) >> Welcome, everyone, to this Cube conversation. It's part of our season two, episode four of the ongoing AWS Startup Showcase Series. Today's theme, "Cybersecurity: Detect and Protect Against Threats." I'm your host, Lisa Martin. I've got one of our alumni back with us. Rakesh Narasimhan joins me, President and CEO of Anitian. Rakesh, it's great to have you back on the program. >> Thank you very much. Pleasure to be here. >> So some congratulations are in order. I see that Anitian was recently awarded nine global InfoSec awards at RSA conference just this year including couple great titles here hot company and security company of the year. Talk to the audience who knows Anitian what is it doing to enable and empower the digital transformation for enterprises that are, I mean, we've been talking about the acceleration of digital transformation. How is Anitian an enabler of that? >> Thank you again for the opportunity. I think the big change that we brought to the table in Anitian is really what is typically a very manual, complex time consuming and quite expensive process. We've just brought software innovations to it and really that's customers who are trying to do compliance or security in the cloud which just provide a platform that basically accelerates a customer's application migration to cloud. And so that ability is the software innovation that we were able to bring to the space and that just wasn't there before. And so we're just happy that we took the opportunity to innovate there and just bring it to the customers. >> So let's now talk to and address those AWS customers. When you're talking to prospects, existing AWS customers what do you say are the differentiators that makes Anitian so unique when in AWS. >> That's a great question. I think the biggest innovation, the biggest thing that we bring to the table is really an acceleration and timeline and completion of their application. So if you're a customer and you're trying to get into a new market for compliance, for example or you're trying to basically get a new application up and running in a secure environment in either one of those cases, we have a product offering a platform offering that enables you to quickly get up and running and get to production. And that's been the reason why we've enjoyed enormous success in the marketplace in the AWS customer base. >> One of the areas where I see that an Anitian has been very successful is in helping cloud software vendors get FedRAMP compliance and be able to access what is a huge federal market. How are you able to do that? >> Yeah, I think the big thing that we focused on was you have a complete class of SaaS vendors out there who provide enormous innovation that they bring to the marketplace but the government market in general has not been able to participate in it because it again, like I said, it's very complex. It takes time and it's very expensive. And so we focused on that opportunity to really make it easier for all these cloud service providers to be able to bring their innovations to the government market, for example, with FedRAMP and so we help with the automation and the acceleration with our platform offering on top of cloud providers like AWS, and that enables the SaaS provider to offer that opportunity that hitherto is not available to now make it available in the government marketplace. And that's a huge buyer, if you will their budgets are huge. They're still buying even on a downturn in the market even as commercial vendors, who look at that, that market everybody's nervous about it. But if you look at the government market they have budget, they're buying and that needs to be provided to the install base. And so we help make that happen. >> How does that make you unique from a competitive perspective to be able to accelerate veteran for AWS customers in particular? >> I think the biggest issue has always been three things, right? It's complex, it's time consuming but most importantly, how quickly can a company make their software innovations available to a large market has always been sort of the challenge especially in the federal market. So we basically pre-engineering a platform taking care of all the requirements of the standard in compliance and security and then essentially help the customer bring that innovation on top of the AWS environment and making that available to the customers and record time. That's the reason why we're able to enjoy the success. Historically, the space has been very very focused on a lot of consulting folks really providing consulting on an hourly basis. We thought of actually bringing a software oriented approach just like people buy email, they buy service and then all the innovations that come along with it for the subscription that you pay. It's a very similar concept we brought to this space prior to this, either people did it themselves or they hired a lot of consulting folks to tell them what to do. And that could take a long time and then not just time and expense but every single time they made a change they would still, again, have to go redo all that work. We just brought a platform approach which is well understood by now in the industry you pay a subscription, you buy a platform and all the innovations come along for them. So that's huge productivity, time to market but most importantly it enables them to achieve their revenue goals because they're trying to get to market and service the customer, right? So we help them accomplish that in record time. >> So you are really impacting your customer's bottom line. You've been very successful in helping AWS public sector customers to accelerate FedRAMP. As you talked about FedRAMP compliance how are you now switching gears to focus on the AWS commercial customers and even enterprise DevOps teams to be able to accelerate cloud application security? >> Yeah, I think, again we started from a place of humility, if you will. You know, there's a lot of vendors a lot of folks make a lot of claims. We wanted to make sure that we first we're very good at doing something. And that's something was really go after the federal market and the success we achieved in that marketplace had a few insights for ourselves which was people really struggle in all kinds of environments, not just public sector. And what we found is that commercial customers are also trying to go to cloud. They're also dealing with the issues of security in securing their environments. And it's really the DevOps and DevSecOps folks on whom this burden falls. And they have to answer to so many different constituencies in an enterprise company. And so we time and time again while we did the work in FedRAMP we learned that, you know it's not just about compliance. It's also about securing on a base of standards. So how could we provide the same pre-engineered environment for DevOps and DevSecops teams to be able to run that environment for their applications that became an 'aha' for us because we were running into it all the time in the public sector side. So we went and talked to a few customers and said, 'Hey, how about we do the same thing on the commercial side for you?' And I wish I could take credit for this but it's actually not true. It's actually customers who came to us and said, 'Hey you did this really well for us in public sector side. Could you provide the same thing for us in the commercial side?' where it's not about all the documentation and all the audits and things that happen on the compliance side of the house. I just want you to provide an environment so that our DevOps teams could just operate in that environment and Devs can work on it. Can you do that? And we'll pay you. And that was born really our idea of secure cloud enterprise. Our primary offering historically has been secure cloud compliance with a compliance business if you will, where people could go into market and have a completely new market to go after. Whereas in the enterprise side we brought those innovations, those learnings and brought it to a commercial market. And so that's the new product, if you will, that we're launching to service that customer base, if you will. >> So if I'm an AWS customer when do I know it's time to contact Anitian and say, 'Guys we need help and we think you're the right ones to help us accelerate.' >> Yeah, I think it's re really straightforward if you are a customer commercial SaaS vendor, if you will, that runs an AWS and you want to go after a new market then you come to us and we can help you quickly get to all the compliance standards so that you can go sell in the government marketplace. That's an offering we already have, or you are a a brand new company and B2B company and you're developing an application and you want a pre-engineered environment that passes all the security standards so that you don't have to worry about it. You have a subscription to AWS and you have a subscription to us. And then that basically provides you a secure environment in which you can start developing your applications and start developing, deploying them much like your DevOps cycle would work. So we provide that basis already for you. So if you're a customer on the B2B side and you're going to cloud to get your applications to the marketplace on AWS, we're a great solution for you to actually have that engineered platform in place already. So those are the two areas where you can contact us and we can help you out. >> And talk to me about when you are in customer conversations especially as we've had such challenging times the last couple of years, how have those customer conversations changed and evolved? Are you seeing an acceleration up the C-suite stack? Is this a key priority for the CEO and his or her team? >> Yeah, I think it's a phenomenal point. I think security's always been top of mind for folks, not just the C-suite, but in boardrooms as well. But you know, the key thing we found is that even in a down market, sometimes in the environment that is playing out in the macro environment. I think the thing that has not changed is people are still trying to figure out how to make their dollar go further. And how do I get a better return on investment? So if you look at our compliance business that growth is all about that market is growing. There's still opportunity, and people are still having budgets and spending. So commercial companies are still trying to figure out how can I extend my market reach into new markets? So that's an area that the C-suite is really interested in. Funny enough, you would think in the cyber world it's a CSOs who are the ones who actually are looking for solutions from us that certainly an audience but CEOs and CROs are the folks who really clamor for our solution because it is their ability to enter a new market and go after a new budget that can grow their business and have an ROI pretty quickly. That's the ability for them to make that decision. So it's very pertinent to their buying behavior that we have aligned ourselves to very simply put by engaging us. They get to go after a new market to establish a new line of revenue they didn't have before. So that's always interesting to any C-suite member as you can imagine. And that's the compliance side. >> Absolutely establishing new revenue streams is huge and that's a big competitive differentiator. We've seen a lot of customers that weren't able in any industry to do that during the challenging pandemic times. And that is a game changer for organizations across industries. >> Exactly, exactly. And wishing that play out, not just on that side, but even on the commercial side where people are also trying to figure out how do I basically make sure it's pre-done so that it's one less thing for me to have to worry about so that I can be more productive. I can get to market pretty quickly which means I can, again, deliver to my customers quickly which means revenue for them as well. So we are the security business, but really if you notice we're solving a business problem for our customers and we're aligned to their ROI so that it's relatively easier for them to make a decision. They certainly get security in compliance but the bigger benefit for them is to grow their business itself. So we are trying to accelerate that momentum for them. >> That's critical, and I'm sure your customers really appreciate the impact that you're having on their growth, their ability to deliver to what I can only presume is their demanding customers. As one of the things I know that's been in short supply the last couple of years, is patience and tolerance. Is there Rakesh a customer story that you think really articulates the value of what Anitian is delivering? Maybe a favorite customer story that you mentioned when you're giving talks? >> Sure, sure. We really have a very customer base across the landscape. If you think about our compliance business, Smartsheet is a great example who partnered early. They were not even in the cloud before. And then that's a great example with AWS where the three of us work together to offer Smartsheet the collaboration software public SaaS company, if you will, who really established themselves and differentiated themselves in the marketplace by offering that on AWS. And we helped them accomplish their FedRAMP itself not just for once, but you know they've been great customers of ours multiple renewals over the years and every single year that the business that they get on the federal sizes increased because of the work that they did first with us. And so, you know, we've look for more opportunities with them, certainly on that part. And increasingly we start thinking about where else can we help them grow? Because typically most customers have a thing to solve on a compliance standard, but it turns out that the compliance journey is, you know some companies are trying to do Socto to be able to even sell. Then you want to do electronic commerce. You might have to do PCI or you want to sell under the federal government. You'll have to do FedRAMP and FedRAMP has moderate, high but depending on the customers you have, including DOD and once you get to DOD, they'll ask for IL4 and IL5. So these are different compliance regimes. If you will think of them as a journey and we want to be the company that provides a seamless progression for customers as they're on that journey so that we can actually deliver something of value. We're not interested in nickel and diamond customers and charging them by the hour, we're a platform player. We want to make sure that they use it to basically get their ROI and growth happening. And we just take care of the hard part of making sure that they're in compliance, right? And similarly, we're bringing the same idea like Smartsheet. I told you about to a commercial marketplace of customers who can do the same thing for commercial apps in the cloud. And so that gives us a very clean way for customers to really become not just productive, but satisfy their customers quickly and hence grow their business. And we celebrate that collaboration and all of that happens because of AWS and our ability to focus on those customers >> Sounds like a great partnership and definite synergy there on I know, and, you know as well, how customer obsessed in their own words AWS. Speaking of customers one more question for you in terms of being on that journey that compliance journey, which isn't a destination, right? It's probably a zigzaggy path. Do you work with customers that both haven't started the process to FedRAMP plans or those that maybe have with a competitor are running into roadblocks? Are those both routes to market for you? >> Yeah, we interestingly enough historically we used to see a lot of folks who have tried to do it themselves and found it hard or for a variety of reasons they just gave up. And so they would come to us. We have also examples of customers who have tried to go down the consulting path and has not worked and come to us so that it's sort of a broken project. We start from there, but a majority of our business is people who've gotten a contract from one of the agencies. Then they're like, 'oh now what!' We need to get this done before September. And so what's the quickest way to get there. And generally that's where we can help you because we are the best, fastest way to get there. And so we get that mix of customers people who have already tried hasn't worked out people who have tried with other folks hasn't worked out, but a majority of the folks are people who don't even know, you know how to go about doing it, but they know they have to do it in order for them to keep the customer that they've won one of the agencies, if you will. So that has given us a very healthy perspective on how to help customers of different kinds in that journey. The other thing is, you know, we've grown tremendously in the last couple of years. And the other thing we learned is every customer is different. And we tried to bring a very common approach to addressing this problem. Even though customers come in all shapes and forms we have startup companies in, you know early forms of maturity. And we have like really iconic, you know unicorn companies who we've helped go through FedRAMP. So the gamut is large, but you know we're learning a lot by doing this. And I think that's the key thing for me. I want our company to be one that is growing with innovation, but at the same time keeping flexibility in our approach so that we are not just learning new things, we're delivering on the harder problems our customers are facing. Cause I think that's where software innovation can really play a big differentiating role. And that's the reason why I always enjoyed being at Anitian and growing the business and keeping the company really, fast moving and innovative. >> Speaking of being fast moving and innovative here we are coming up on the fourth quarter of calendar year 22, what's next for Anitian? What are some of the exciting things that have you pumped up? Have you mojo going for what's next for the rest of the year? >> Yeah, I think a big portion of my enthusiasm for the company and the road ahead is I think it's rare if you look at the industry, oftentimes you see companies that start out with a single solution and then are able to grow from there. One of the best advantages Anitian has is this platform centric approach to do compliance on the journey I talked about. So if you think about that journey every customer that is going to cloud has this challenge that, they either have to comply do a bunch of standards, one or many. And then how do I do that in a platform approach in a common way so that I don't have to worry about it. I play a subscription and I am just protected by that. And I actually get the marketplace. So that's a tremendous journey we are on. We've only done a few of them and we have a whole new set of compliance standards coming on our platform. So that's one way, look forward to that. The other one I'm really looking forward to is the commercial customers. There's a huge opportunity for people to really know that they're sitting on top of a very secure environment in AWS. And how do I quickly propel myself into the marketplace so that I can be differentiated. I can get to market quickly but I can also make sure my innovations are getting to the marketplace as a customer, right? So I think I'm really excited about the things we are bringing to market just not just this year, but next year early next year on the compliance side, as well as the commercial side, that'll actually differentiate us and make it a lasting part of a customer's journey. And that's, I think the best thing you can hope for building a lasting company where your innovations are powering the productivity of your customers in a meaningful manner. And I always feel proud of the team. You mentioned the awards, but honestly more than anything else, we've put together a great team. And the team does a tremendous job with a very good ecosystem of partners. And our humility is it's not just us it's the ecosystem together. And the partnership with Amazon that helps us be the company we are able to be. We live in really story times and we're lucky to be part of this opportunity if you will. >> Yeah better together. That ecosystem is incredibly powerful. Thank you so much Rakesh for talking about what's going on at Anition, how you're helping customers, accelerate FedRAMP compliance, what you're doing in the commercial space and how you're helping your customers really improve their bottom line. We thank you so much for partnering with the Cube for season two, episode four of the AWS startup showcase. >> My pleasure. Thank you very much. >> And we want to thank you for watching but keep it right here for more action on the Cube which as you know, is your leader in tech coverage. I'm Lisa Martin. See you next time. (lively music)

Okay. We're back at AWS reinforced 2022. My name is Dave Vellante, and this is the cube we're here in Boston, home of lobster and CDA. And we're here, the convention center where the cube got started in 2010, Shariq Qureshi is here the senior manager at Deloitte and two LL P and merit bear is back on the cube. Good to see >>You guys can't keep me away, >>Right? No. Well, we love having you on the cube shark set up your role at, at Deloitte and toosh what do you actually, what's your swim lane, if you will. >>Yeah, sure. You know, I spend, I wear a lot of hats. I spend a lot of time in the assurance, the controls advisory audit type of role. So I spend our time, a lot of time working with our clients to understand, you know, regulatory requirements, compliance requirements, and then controls that they need to have in place in order to address risks, technology risks, and ultimately business risks. >>So I like to put forth premise, you know, when I walk around a show like this and come up with some observations and then I like to share 'em and then people like me. Well, you know, maybe so help me course correct. My epiphany at this event is the cloud is becoming the first line of defense. The CISO at your customers is now the second line of defense. I think audit is maybe the th third line of defense. Do, do you buy that the sort of organizational layered approach? >>No, because in fact, what we're here to talk about today is audit manager, which is integrated, right? Like if you're doing so the whole notion of cloud is that we are taking those bottom layers of the stack, right? So the concrete floors up through layer for the hypervisor, the, the racks and stacks and HVAC and guards and gates up through the hypervisor, right? Our, our proprietary hardware nitro ecosystem, which has security inheritance is okay upon that. We are then virtualized. Right? And so what we're really talking about is the ways that audit looks different today, that you can reason about what you're doing. So you're doing infrastructure as code. You can do securities code, you can do compliances code, and that's the beauty of it. So like for better, or in your case for worse in your analogy, you know, these are integrated, these are woven together and they are an API call >>Seamless. >>It, it is like easy to describe, right? I mean, like you can command line knowledge about your resources. You can also reason about it. So like, this is something that's embedded, for example, an inspector you can do network reachability know whether you have an internet facing endpoint, which is a PCI, you know, requirement, but that'll be dashboarded in your security hub. So there's the cloud is all the stuff we take away that you don't have to deal with. And also all the stuff that we manage on top of it that then you can reason about and augment and, and take action on. >>Okay. So at the same time you can't automate the audit entirely. Right? So, but, but talk about the challenges of, of, of, of automating and auditing cloud environment. >>Yeah. I mean, when I look at cloud, you know, organizations move to take advantage of cloud characteristics and cloud capabilities, right? So elasticity, scalability is one of them. And, you know, for market conditions, business, business outcomes, you know, resources expand and contract. And one of the questions that we often get as an auditor is how do you maintain a control environment for resources that weren't there yesterday, but are there today, or that are, that are no longer there and that are there today. So how do you maintain controls and how do you maintain security consistently uniformly throughout an audit environment? It's not there. So that's a challenge auditors, you know, historically when you look at the on-prem environment, you have servers that are there, it's a physical, it's a physical box. You can touch it and see it. And if it goes down, then, you know, it's still there. You can hug >>It if you're some people >>It's still there. So, but you know, with, you know, with cloud things get torn down that you don't see. So how do you maintain controls? That's, you know, it, one challenges, it >>Sounds like you're describing a CMDB for audit. >>I mean, that's a, that's an outcome of having, you know, getting good controls of having a CMDB to keep track and have an inventory of your assets. >>But the problem with CMDB is they're out of date, like so, so quickly, is it different in the cloud world? >>Yeah, exactly. I mean, yes. And yes, they are outta date. Cuz like anything static will be manual and imprecise, like it's gonna be, did John go calculate, like go count how many servers we have. That's why I was joking about server huggers versus like virtualizing it. So you put out a call and you know, not just whether it exists, but whether it's been patched, whether it's, you know, like there are ways that we can reason about what we've done, permissioning pruning, you know, like, and these, by the way, correspond to audit and compliance requirements. And so yes, we are not like there, it's not a click of a, whatever, a snap of the fingers, right. It takes work to translate between auditors and us. And it also takes work to have customers understand how they can augment the way that they think about compliance. But a lot of this is just the good stuff that they already need to be doing, right? Knowing internet facing endpoints or whatever, you know, like pruning permissioning. And there's a lot of ways that, you know, access analyzer, for example, these are automated reasoning tools that come from our formal reasoning group, automated reason group that's in identity. Like they, computers can reason about things in ways that are more complex, as long as it can be resolved. It's like EEU utility in mathematics. You don't go out and try to count every prime number. We accept the infinitude of primes to be true. If you believe in math, then we can reason about it. >>Okay. So hearing that there's a changing landscape yeah. In compliance shift from a lot of manual work to one that's much more highly automated, maybe not completely integrated and seamless. Right. But, but working in that direction, right. Yeah. Is that right? And maybe you could describe that in a little bit more detail, how that, you know, journey has progressed. >>I mean, just the fact alone that you have, you know, a lot of services, a lot of companies that are out there that are trying to remove the manual component and to automate things, to make things more efficient. So then, you know, developers can develop and we can be more agile and to do the things that, you know, really what the core competencies are of the business to remove those manual, you know, components to take out the human element and there's a growing need for it. You know, like we always look at security as, you know, like a second class citizen, we don't take advantage of, you know, the, you know, the opportunities that we need to, to do to maintain controls. So, you know, there's an opportunity here for us to look at and, and automate compliance, to automate controls and, and to make things, you know, seamless >>As a fun side benefit, you will actually hopefully have improved your actual security and also retain your workforce because people don't wanna be doing manual processes. You know, they wanna be doing stuff that humans are designed for, which is creative thinking, innovation, you know, creating ways to make new pathways instead of just like re walking these roads that a computer can analyze, >>You mentioned audit manager, what is that? I mean, let's give a plug for the product or the service. What's that all about what problems does it solve? Let's get >>Into that. Yeah. I mean, audit manager is a first of its kind service. You're not gonna find this offered through any other hyperscaler it's specifically geared and tailored towards the second line, which is security and compliance and a third line function, which is internal audit. So what is it looking to do and what is it looking to address some of those challenges working in a cloud space working, and if you have a cloud footprint. So for example, you know, most organizations operate in a multi account strategy, right? You don't just have one account, but how do you maintain consistency of controls across all your accounts? Auto manager is a service that can give, you know, kind of that single pane of view that to see across your entire landscape, just like a cartographer has a map to see, you know, the entire view of what he's designing auto managers does the same thing only from a cloud perspective. So there's also other, you know, features and capabilities that auto managers trying to integrate, you know, that presents challenges for those in compliance those in the audit space. So, you know, most companies, organizations they have, you know, not just one framework like SOC two or GDPR, high trust, HIPAA PCI, you know, you can select an industry accepted framework and evaluate your cloud consumption against, you know, an industry accepted framework to see where you stand in terms of your control posture, your security hygiene, >>And that's exclusive to AWS. Is that what you're saying? You won't find that on any other hyper scale >>And you'll find similarities in other products, but you won't find something that's specifically geared towards the second line and third line. There's also other features and capabilities to collect evidence, which is, I don't see that in the marketplace. >>Well, the only reason I ask that is because, you know, you, everybody has multiple clouds and I would love, I would love a, you know, an audit manager that's, that's span that transcends, you know, one cloud, is that possible? Or is that something that is just not feasible because of the, the, the deltas between clouds? >>I mean, anything's possible with the APIs right now, the way that, you know, you have to ingrain in, right. There's, you know, a, a feature that was introduced recently for audit manager was the ability to pull in APIs from third party sources. So now you're not just looking, looking exclusively at one cloud provider, you're looking at your entire digital ecosystem of services, your tools, your SA solutions that you're consuming to get a full, comprehensive picture of your environment. >>So compliance, risk, audit security, they're like cousins that are all sort of hanging out on the same holiday, but, but they're different. Like what help us understand and squint through those different disciplines. >>Yeah. I mean, each of them have, you know, a different role and a hat to wear. So internal audit is more of your independent arm of management working or reporting directly towards, you know, to the audit committee or to the board to give an independent view on company control and posture security and compliance works with management to help design the, that there that are intended to prevent, detect, or even correct, you know, controls, breakdowns, you know, those action, those action verb items that you wanna prevent unauthorized access, or you wanna restrict changes from making its way into production unless it's approved and, and documented and tracked and so on and so forth. So each, you know, these roles they're very similar, but they're also different in terms of what their function is. >>How are customers dealing with regional differences? You mentioned GDPR, different regulations, data sovereignty, what are the global nuances and complexities that, that, that cloud brings. And how are you addressing those? >>Yeah. Merit, I don't know if you had any thoughts on that one. >>I mean, I think that a lot of what, and this will build off of your response to the sort of Venn diagrams of security and risk and compliance and audit. I think, you know, what we're seeing is that folks care about the same stuff. They care about privacy. They care about security. They care about incentivizing best practices. The form that that takes when it's a compliance framework is by definition a little bit static over time. Whereas security tends to be more quickly evolving with standards that are like industry standards. And so I think one of the things that, you know, all these compliance frameworks have in, in mind is to go after those best practices, the forms that they take may take different forms. You know what I mean? And so I, I see them as hopeful in the motivation sense that we are helping entities get the wherewithal, they need to grow up or mature or get even more security minded. I think there are times that they feel a little clunky, but you know, that's just Frank. Yeah. >>It, it, it can audit manager sort of help me solve that problem. Is that the intent? And I see what you're saying, merit, that there security is at a different pace than, than, you know, GDPR, a privacy, you know, person, >>Right. I mean, like security says, we want this outcome. We want to have, you know, data be protected. The compliance may say, it must be this particular encryption standard. You know what I mean? Like the form I see things taking over time will evolve and, and feels dynamic. Whereas I think that sometimes when we think about compliance and it's exactly why we need stuff like audit manager is to like help manage exactly what articulation of that are we getting in this place at this time for this regulated industry? And like almost every customer I have is regulated. If you're doing business, you're probably in PCI, right. >>And there's never just one silver bullet. So security is, is a number of things that you're gonna do, the number of tools that you're gonna have. And it's often the culture in, in what you develop in your people, your process and technology. So auto manager is one of the components of robust strategy on how to address security. >>But it's also one of those things where like, there are very few entities, maybe Deloitte is one that are like built to do compliance. They're built to do manufacturing, automotive hospitality. Yeah. You know, like they're doing some other industry as their industry. Right. And we wanna let them have less lag time as they make sure that they can do that core business. And the point is to enable them to move our, I mean like sure. I think that folks should move to the pod because of security, but you don't have to, you should move because it enables your business. And this is one of the ways in which it just like minimizes, you know, like whatever our tailwinds lagging or push it anyway, it pushes you. Right. I mean, like it minimizes the lag >>Definitely tailwind. So are you suggesting merit that you can inject that industry knowledge and specificity into things like audit manager and, and actually begin to automate that as, and of course Deloitte has, you know, industry expertise char, but, but, but how should we think about that? >>I mean, you're gonna, you're gonna look at your controls comprehensively a across the board. So if you operate in an industry, you're gonna look to see like, what's, what's important for you. What do you have to, you know, be mindful of? So if you have data residency concerns, you wanna make sure that you've tailored your controls based on the risks that you're addressing. So if there's a framework >>And remember that you can go in the console and choose what region you're, you know, like we never remove your data from your region that you have chosen, you know, like this is, there's an intentionality and an ability to do this with a click of a mouse or with an API call that's, you know, or with a cloud formation template. That's like, there is a deliberateness there. There's not just like best wishes. >>You know, >>ESG is in scope. I presume, you know, helping the CISO become more green, more diverse. Increasingly you're seeing ESG reports come out from major organizations. I presume that's part of the compliance, but maybe not, maybe it hasn't seeped in yet. Are you seeing >>For that? I think it's still a new service auto manager. It's still, you know, being developed, but, you know, continuous feedback to make sure that, you know, we're covering a, a broad range of services and, and, and those considerations are definitely in the scope. Yeah. >>I mean, are you hearing more of that from >>Clients? So, I mean, we have an internal commitment to sustainability, right. That has been very publicly announced and that I'm passionate about. We also have some other native tools that probably, you know, are worth mentioning here, like security hub that does, you know, CIS benchmarking and other things like that are traffic lighted in their dashboard. You know, like there are ways a lot of this is going to be the ways that we can take what might have been like an ugly ETL process and instead take the managed ness on top of it and, and consume that and allow your CISO to make high velocity decision, high velocity, high quality decisions. >>What's the relationship between your two firms? How do you work >>To I'm like we just met. >>Yeah. I sense that, so is it, is it, how do you integrate, I guess is >>A question. Yeah. I mean, I mean, from the audit perspective, our perspective, working with clients and understanding, you know, their requirements and then bringing the service audit manager from the technical aspect and how we can work together. So we have a few use cases, one we've working with the tech company who wanted to evaluate, you know, production workload that had content, you know, critical client information, client data. So they needed to create custom controls. We were working with them to create custom controls, which auto manager would evaluate their environment, which would, you know, there's a reporting aspect of it, which was used to, you know, to present to senior leadership. So we were working together with AWS and on helping craft what those custom controls were in implement at the customer. >>Yeah. I mean, among other things, delight can help augment workforce. It can help folks interpret their results when they get outputs and act upon them and understand industry standards for responsiveness there. I mean, mean like it's a way to augment your approach by, you know, bringing in someone who's done this before. >>Yeah. Cool, cool. Collaboration on a topic that's generally considered, sorry. Don't, don't hate me for saying this boring, but really important. And the fact that you're automating again makes it a lot more interesting guys. Excellent. Thanks for your sharp first time on the cube. Thank you. Absolutely on, appreciate it. Rapidly. Becoming a VIP. Thanks. Coming on. Hey, I'll take it. All right. Keep it right there. Thank you. This is Dave ante for the cube. You're watching our coverage of AWS reinforce 2022 from Boston. We'll be right back.

(upbeat music) >> Hello, welcome to this CUBE Conversation here in Palo Alto, California. I'm John Furrier, host of theCUBE. We're here with Tim Everson, CISO at Kalahari Resorts & Conventions. Tim, great to see you. Thanks for coming on theCUBE. >> Thank you for having me. Looking forward to it. >> So, you know, RSA is going on this week. We're talking a lot about security. You've got a lot of conferences. Security is a big scale now across all enterprises, all businesses. You're in the hospitality, you got conventions. You're in the middle of it. You have an interesting environment. You've got a lot of diverse use cases. And you've got a lot of needs. They're always changing. I mean, you talk about change. You've got a network that has to be responsive, robust and support a lot of tough customers who want to have fun or do business. >> Exactly, yeah. We have customers that come in, that we were talking about this before the segment. And we have customers that come in that bring their own Roku Sticks their own Amazon devices. All these different things they bring in. You know, our resort customers need dedicated bandwidth. So they need dedicated network segments stood up at a moment's notice to do the things they're doing and run the shows they're showing. So it's never, never ending. It's constantly changing in our business. And there's just data galore to keep an eye on. So it's really interesting. >> Can you scope the scale of the current cybersecurity challenges these days in the industry? Because they're wide and far, they're deep. You got zero trust on one end, which is essentially don't trust anything. And then you got now on the software supply chain, things like more trust. So you got the conflict between a direction that's more trusted and then zero trust, and everything in between. From, endpoint protection. It's a lot going on. What's the scale of this situation right now in cyber? >> You know, right now everything's very, very up in the air. You talk about zero trust. And zero trust can be defined a lot of ways depending on what security person you talk to today. So, I won't go into my long discussion about zero trust but suffice to say, like I said zero trust can be perceived so many different ways. From a user perspective, from a network perspective, from an end point. I look more broadly at the regulatory side of things and how that affects things too. Because, regulations are changing daily. You've got your GDPRs, your CCPAs, your HIPAA regulations, PCI. All these different things that affect businesses, and affect businesses different ways. I mean, at Kalahari we're vulnerable or we're not vulnerable, but we're subject to a lot of these different regulations, more so than other people. You wouldn't expect a lot of hotels to have HIPAA regulations for instance. We have health people at our resorts. So we actually are subject to HIPAA in a lot of cases. So there's a lot of these broad scenarios that apply and they come into play with all different industries. And again, things you don't expect. So, when you see these threats coming, when you see all the hacks coming. Even today I got an email that the Marriott breach data from a few years ago, or the MGM breach from a few years ago. We've got all these breaches out there in the world, are coming back to the surface and being looked at again. And our users and our guests and our corporate partners, and all these different people see those things and they rely on us to protect them. So it makes that scope just exponentially bigger. >> Yeah, there's so many threads to pull on here. One is, you know we've observed certainly with the pandemic and then now going forward is that if you weren't modern in your infrastructure, in your environment, you are exposed. Even, I'm not talking old and antiquated like in the dark ages IT. We're talking like really state of the art, current. If you're lagging just by a few years, the hackers have an advantage. So, the constant bar raising, leveling up on technology is part of this arms race against the bad guys. >> Absolutely. And you said it, you talked earlier about the supply chain. Supply chain, these attacks that have come through the SolarWinds attacks and some of these other supply chain attacks that are coming out right now. Everybody's doing their best to stay on top of the latest, greatest. And the problem with that is, when you rely on other vendors and other companies to be able to help you do that. And you're relying on all these different tool sets, the supply chain attack is hugely critical. It makes it really, really important that you're watching where you're getting your software from, what they're doing with it, how they secure it. And that when you're dealing with your vendors and your different suppliers, you're making sure that they're securing things as well as you are. And it just, it adds to the complexity, it adds to the footprint and it adds to the headache that a lot of these security teams have. Especially small teams where they don't have the people to manage those kind of contacts. >> It's so interesting, I think zero trust is a knee jerk reaction to the perimeter being gone. It's like, you got to People love the zero trust. Oh it's like, "We're going to protect this that nobody, and then vet them in." But once you're trusted, trust also is coming in to play here. And in your environment, you're a hotel, you're a convention. You have a lot of rotation of guests coming in. Very much high velocity. And spear phishing and phishing, I could be watching and socially engineering someone that could be on your property at any given time. You got to be prepared for that. Or, you got ransomware coming around the corners or heavily. So, you got the ransomware threat and you got potentially spear phishing that could be possible at your place. These are things that are going on, right? That you got to protect for. What's your reaction to that? >> Absolutely. We see all those kind of attacks on a daily basis. I see spear phishing attacks. I see, web links and I chase them down and see what's going on. I see that there's ransomware trying to come in. We see these things every single day. And the problem you have with it is not only, especially in a space where you have a high volume of customers and a high turnover of customers like you're talking about that are in and out of our resorts, in and out of our facilities. Those attacks aren't just coming from our executives and their email. We can have a guest sitting on a guest network, on a wireless network. Or on one of our business center machines, or using our resort network for any one of a number of the conference things that they're doing and the different ports that we have to open and the different bandwidth scenarios that you've got dealing with. All of these things come into play because if any attack comes from any of those channels you have to make sure that segmentation is right, that your tooling is proper and that your team is aware and watching for it. And so it does. It makes it a very challenging environment to be in. >> You know, I don't want to bring up the budget issue but I'll bring up the budget issue. You can have unlimited budget because there's so many tools out there and platforms now. I mean, if you've look at the ecosystem map of the cybersecurity landscape that you have to navigate through as a customer. You've got a lot of people knocking on your door to sell you stuff. So I have to ask you, what is the scale? I mean, you can't have unlimited budget. But the reality is you have to kind of, do the right thing. What's the most helpful kind of tools and platforms for you that you've seen that you've had experience with? Where's this going in terms of the most effective mechanisms and software and platforms that are available out there? >> From the security perspective specifically, the three things that are most important to me are visibility. Whether it's asset visibility or log visibility. You know, being able to see the data, being able to see what's going on. End user. Making sure that the end user has been trained, is aware and that you're watching them. Because the end user, the human is always the weakest link. The human doesn't have digital controls that can be hard set and absolutely followed. The human changes every day. And then our endpoint security solutions. Those are the three biggest things for me. You know, you have your network perimeter, your firewalls. But attackers aren't always looking for those. They're coming from the inside, they're finding a way around those. The biggest three things for me are endpoint, visibility and the end user. >> Yeah, it's awesome. And a lot of companies are really looking at their posture right now. So I would ask you as a CISO, who's in the front end of all this great stuff and protecting your networks and all your environments and the endpoints and assets. What advice would you have for other CISOs who are kind of trying to level up to where you're at, in terms of rethinking their security posture? What advice would you give them? >> The advice I would give you is surround yourself with people that are like-minded on the security side. Make sure that these people are aware but that they're willing to grow. Because security's always changing. If you get a security person that's dead set that they're going to be a network security person and that's all they're going to do. You know, you may have that need and you may fill it. But at the end of the day, you need somebody who's open rounded and ready to change. And then you need to make sure that you can have somebody, and the team that you work with is able to talk to your executives. It never fails, the executives. They understand security from the standpoint of the business, but they don't necessarily understand security from the technical side. So you have to make sure that you can cross those two boundaries. And when you grow your team you have to make sure that that's the biggest focus. >> I have to ask the pandemic question, but I know cybersecurity hasn't changed. In fact, it's gotten more aggressive in the pandemic. How has the post pandemic or kind of like towards the tail end of where we're at now, affect the cybersecurity landscape? Has it increased velocity? Has it changed any kind of threat vectors? Has it changed in any way? Can you share your thoughts on what happened during the pandemic and now has we come out of it into the next, well post pandemic? >> Absolutely. It affected hospitality in a kind of unique way. Because, a lot of the different governments, state, federal. I'm in Ohio. I work out of our Ohio resort. A lot of the governments literally shut us down or limited severely how many guests we could have in. So on the one hand you've got less traffic internal over the network. So you've got a little bit of a slow down there. But on the flip side it also meant a lot of our workers were working from home. So now you've got a lot of remote access coming in. You've got people that are trying to get in from home and work machines. You have to transition call centers and call volume and all of the things that come along with that. And you have to make sure that that human element is accounted for. Because, again, you've got people working from home, you no longer know if the person that's calling you today, if it's not somebody you're familiar with you don't know if that person is Joe Blow from the front desk or if that person's a vendor or who they are. And so when you deal with a company with 5,000 ish employees or 10,000 that some of these bigger companies are. 15,000, whatever the case may be. You know, the pandemic really put a shift in there because now you're protecting not only against the technologies, but you're dealing with all of the scams, all of the phishing attempts that are coming through that are COVID related. All of these various things. And it really did. It threw a crazy mix into cybersecurity. >> I can imagine that the brain trust over there is prior thinking, "Hey, we were a hybrid experience." Now, if people who have come and experienced our resorts and conventions can come in remotely, even in a hybrid experience with folks that are there. You've seen a lot of hybrid events for instance go on, where there's shared experience. I can almost imagine your service area is now extending to the homes of those guests. That you got to start thinking differently. Has that been something that you guys are looking at? >> We're looking at it from the standpoint of trying to broaden some of the events. In the case of a lot of our conventions, things of that nature. The conventions that aren't actually Kalahari's run conventions, we host them, we manage them. But it does... When you talk about workers coming from home to attend these conventions. Or these telecommuters that are attending these conventions. It does affect us in the stance that, like I said we have to provision network for these various events. And we have to make sure that the network and the security around the network are tight. So it does. It makes a big deal as far as how Kalahari does its business. Being able to still operate these different meetings and different conventions, and being able to host remotely as well. You know, making sure that telecommunications are available to them. Making sure that network access and room access are available to them. You know for places where we can't gather heavily in meetings. You know, these people still being able to be near each other, still being able to talk, but making sure that that technology is there between them. >> Well, Tim is great to have you on for this CUBE Conversation. CISO from the middle of all the action. You're seeing a lot. There's a lot of surface area you got to watch. There's a lot of data you got to observe. You got to get that visibility. You can only protect what you can see, and the more you see the better it is. The better the machine learning. You brought up the the common area about like-minded individuals. I want to just ask you on the final point here, on hiring and talent coming into the marketplace. I mean, this younger generation coming out of university and college is, or not even going to school. There's no cyber degree. I mean, there are now. But I mean, the world's changing. It's easy to level up. So, skill sets you can't get a degree in certain things. I mean, you got to have a broad set. What do you look for in talent? Is there a trend you see in terms of what makes a good cybersecurity professional, developer, analyst? Is there roles that you see emerging that you think people should pay attention to? What's your take on this as someone who's looking at the future? And- >> You know, it's very interesting that you bring this up. I actually have two of my team members, one directly working for me and another team member at Kalahari that are currently going through college degree programs for cybersecurity. And I wrote recommendations for them. I've worked with them, I'm helping them study. But as you bring people up, you know the other thing I do is I mentor at a couple of the local technical schools as well. I go in, I talk to people, I help them design their programs. And the biggest thing I try to get across to them is, number one, if you're in the learning side of it. Not even talking about the hiring side of it. If you're in the learning side of it, you need to come into it with a kind of an understanding to begin with to where you want to fit into security. You know, do you want to be an attacker, a defender, a manager? Where do you want to be? And then you also need to look at the market and talk to the businesses in the area. You know, I talk to these kids regularly about what their need is. Because if you're in school and you're taking Cisco classes, and focusing on firewalls and what an organization needs as somebody who can read log and do things like that. Or somebody who can do pen testing. You know, that's a huge thing. So I would say if you're on the hiring side of that equation, you know. Like you said, there's no super degrees that I can speak to. There's a lot of certifications. There's a lot of different things like that. The goal for me is finding somebody who can put hands to the ground and feet to the ground, and show me that they know what they know. You know, I'll pull somebody in, I'll ask them to show me a certain specific or I'll ask them for specific information and try to feel that out. Because at the end of the day, there's no degree that's going to protect my network. There's no degree that's a hundred percent going to understand Kalahari, for instance. So I want to make sure that the people I talk to, I get a broad interview scope, I get a number of people to talk to. And really get a feel for what it is they know, and what tools they want to work with and make sure it's going to align with us. >> Well, Tim, that's great that you do that. I think the industry needs that. And I think that's really paying it forward, by getting in and using your time to help shape the young curriculums and the young guns out there. It's interesting you know, like David Vellante and I talk on theCUBE all the time. Cyber is like sports. If you're playing football, you got to know the game. If you're playing football and you come in as a baseball player, the skills might not translate, right? So it's really more of, categorically cyber has a certain pattern to it. Math, open mindedness, connecting dots, seeing things around corners. Maybe it's more holistic views, if you're at the visibility level or getting the weeds with data. A lot of different skill sets needed. The aperture of the job requirements are changing a lot. >> They are. And you know, you touched on that really well. You know, they talk about hacking and the hacker mindset. You know, all the security stuff revolves around hacker. And people mislabel hacker. Hacking in general is making something do something that it wasn't originally designed to do. And when I hire people in security, I want people that have that mindset. I want people that not only are going to work with the tool set we have, and use that mathematical ability and that logic and that reasoning. But I want them to use a reasoning of, "Hey, we have this tool here today. How can this tool do what I want it do but what else can it do for me?" Because like any other industry we have to stretch our dollar. So if I have a tool set that can meet five different needs for me today, rather than investing in 16 different tool sets and spreading that data out and spreading all the control around. Let's focus on those tool sets and let's focus on using that knowledge and that adaptive ability that the human people have on the security side, and put that to use. Make them use the tools that work for them but make 'em develop things, new tools, new methods, new techniques that help us get things across. >> Grow the capabilities, protect, trust all things coming in. And Tim, you're a tech athlete, as we say and you've got a great thing going on over there. And again, congratulations on the work you're doing on the higher ed and the education side and the Kalahari Resorts & Conventions. Thanks for coming on theCUBE. I really appreciate the insight you're sharing. Thank you. >> Thanks for having me. >> Okay. I'm John Furrier here in Palo Alto for theCUBE. Thanks for watching. (somber music)

hello and welcome to the cube i'm dave nicholson chief technology officer at thecube and we're here for a very special cube conversation with andy brown from broadcom andy welcome to the cube tell us a little about yourself a little bit my about myself my name is andy brown i'm currently the senior director of software architecture and performance analysis here within the data center solutions group at broadcom i've been doing that for about seven years prior to that i held various positions within the system architecture systems engineering and ic development organization but ultimately as well i spent some time in our support organization and managing our support team but ultimately have landed in the architecture organization as well as performance analysis great so a lot of what you do is around improving storage performance tell us more about that so let me give you a brief history of uh storage from from my perspective um you know i as i mentioned i go back about 30 years in my career and that would have started back in the ncr microelectronics days and originally with parallel scuzzy so that would be if anyone would remember the 5380 controller which was one of the original parallel scuzzy controllers that existed and built by ncr microelectronics at the time i've i've seen the advent of parallel scuzzy a stint of fiber channel ultimately leading into the serialization of those of the scuzzy standard into sas as well as sata and then ultimately leading to nvme protocols and the advent of flash moving from hard drives into a flash based media and as well on on that's on the storage side on the host side moving from parallel interfaces isa if everybody could remember that moving to pci pci express that's where we land today so andy we're square in the middle of the era of both nvme and sas what kinds of challenges does that overlap represent well i think you know obviously we've seen sas around for a while it was the conversion from parallel into a serial attached scuzzy and that really sas brings with it the ability to uh connect on really a high number of devices um and uh was was kind of the original scaling of devices and and really uh also enabled uh was was one of the things that enabled flash based media given the the speed and performance that came to the table of course nvme came in as well with the promise of of even higher speeds and as we saw flash media really really take a strong role in storage uh nvme came around and and really was focused on trying to address that whereas sas originated with hard drive technology nvme was really born out of how do we how do we most efficiently deal with flash based media you know sas with its but sas still carries a benefit on scalability nvme maybe has i don't want to say challenges there but it's definitely was not designed as much to be broadly scalable across many many say hundreds or thousands of devices but definitely addressed some of the performance issues that were coming up as flash media was becoming so uh uh was was increasing the overall storage performance that we could experience if you will let's talk about host interfaces like pcie what's the significance there um really uh the all the storage in the world all of the performance in the world and on the storage side is not of much use to you unless you can really feed it into the into the beast if you will into the cpu and into this the rest of the server subsystem and that's really where pci comes into play pci uh originally was in parallel form and then moved to serial with pci express as we know it today and and really has created a pathway to to to enable not not only storage performance but any other adapter or any other networking or other other types of technologies to just open up that pathway and feed the processor if and as we've moved through from pci to pci express pci 2.0 3.0 4.0 and just opening up those pipes has really enabled just a tremendous amount of flow of data into into the compute engine allowing it to be analyzed sorted used to analyze data big data uh ai type applications just those pipes are critical in those types of applications we know we've seen dramatic increases in performance going from one generation of pcie to the next but how does that translate into the worlds of sas sata and nvme um so from a performance perspective when we look at these different types of media whether it be sata sas or nvme um of course there are performance difference inherent in that media sata being probably the lowest performing with nvme uh topping out at higher performing although sas can perform quite well as a flash based you know as a protocol connected to flash based media and of course nvme from us an individual device scaling from a by one to a by four interface really that is where nvme kind of has enabled a bigger pipe directly to the storage media uh being able to scale up to buy four whereas sas is kind of limited to buy one maybe buy two in some cases although most servers only connect the sas device by one so from a difference perspective then you're really wanting to create a solution or or enable the infrastructure to be able to consume that performance that nvme is going to give you and i think that you know that is something where our solutions have really in in the recent generations shine at their ability to really now uh keep up with uh storage performance in nvme uh as well as provide that connectivity back down into the sas and sata world as well let's talk about your perspective on raid today so uh there's been a lot of uh views and opinions on raid over the years it's been a and those have been changing over time raid has been around for a very very long time uh probably about as long as again going back over my 30-year career uh it's been around for almost the entire time obviously raid originally was viewed as as something that was uh very very necessary uh devices fail they don't last forever but the data that's on them is very very important and people care about that so raid was brought about you know knowing that individual devices that are storing that data are going to fail and really took hold as a primary mechanism of protection but as time went on uh and and as performance moved up uh both in the server and both in in the media itself if we start talking about flash uh raid really took on people people started to look at traditional server storage raid uh but with maybe a more of a negative connotation i think that because uh to be quite honest it fell behind a little bit if you look at things like parity raid raid five and rate six very very effective and efficient means of protecting your data very storage efficient but ultimately had some penalties a primarily around wright performance random rights in raid 5 volumes was not keeping up with what really needed to be there and um i think that really shifted uh opinions of raid that hey it's just it's just not it's not going to keep up and we need to move on to other avenues and and we've seen that we've seen disaggregated storage and other solutions pop up to protect your data obviously in cloud environments and things like that it's shown up and uh and they have been successful so one of the drawbacks with raid is always the performance tax associated with generating parity for parity rate what has broadcom done to address those potential bottlenecks we've really solved the raid performance issue the right performance issue we're we're in our latest generation of controllers we're exceeding a million rate five right iops which is enough to satisfy many many many applications as a matter of fact even in virtual environments aggregated solutions we have multiple applications and then as well in the rebuild arena we really have through our architecture through our hardware automation have been able to move the bar on that to where the rebuild not only the rebuild times have been brought down dramatically in sas based or in i'm sorry in flash based solutions but the performance that you can observe while those rebuilds are going on is almost immeasurable so in most applications you would almost observe no performance deficiencies during a rebuild operation which is really night and day compared to where things were just a few short years ago so the fact that you've been able to dramatically decrease the time necessary for a raid rebuild is obviously extremely important but give us your overall performance philosophy from broadcom's point of view you know over the years we have recognized that performance is is obviously critically important for our products and the ability to analyze performance from many many angles is critically important there are literally infinite ways you can look at performance in a storage subsystem what we have done in our labs and in our solutions through not only hardware scaling in our in our in our labs but also through automation scripts and things like that allowed us to collect a substantial amount of data to look at the performance of our solutions from every angle you know iops bandwidth application level performance small topologies large topologies just just many many aspects it's still honestly only scratches the surface of all the possible uh performance points that you could gather but it it has we have moved the bar dramatically in that regard and and it's something that our customers really demanded of us um you know storage technology has gotten more complex and you have to look at it from a lot different angles especially on the performance front to make sure that there are no holes there that somebody's going to run into so based on specific customer needs and requests you look at performance from a variety of different angles um what are some of the trends that you're seeing specifically in storage performance today and moving into the future yeah emerging trends within the storage industry i think that to look at the emerging trends you really need to go back and look at where we started we started uh in compute where people were you would have basically your uh your server that would be under the desk in a small business operation and individual uh businesses would have their own uh set of set of servers and and the storage would really be localized to those obviously the industry has recognized that um that to some extent disaggregation of that we we see that obviously in what's happening in cloud uh in hyper-converged storage and things like that those afford a tremendous amount of flexibility uh and and are obviously uh great players in the storage world today but what with that flexibility is come some sacrifice in performance and actually quite substantial sacrifice and what we're observing is almost uh it comes back full circle the uh the need for inbox high performing server storage that is well protected uh and and with people with confidence that people have confidence that their data is protected and that they can uh extract the performance that they need for the demanding database applications that still exist today and they still operate in in the offices around the country and around the world that really need to protect their data on a local basis in the server and i think that from a trend perspective that's what we're seeing also from the standpoint of nvme store nvme itself is really started out with hey we'll just software rate that we'll just we'll just wrap software around that we can protect the data we had so many customers come back to us saying you know what we really need hardware raid on nvme and when they came to us we were ready we had a solution ready to go and we're able to provide that and now we're seeing going on demand we are we are complementary to other storage solutions out there server storage is not going to necessarily rule the world but it is surely has a place in the broader storage spectrum and we think we have the right solution for that speaking of servers and server-based storage why would for example a dell customer care about the broadcom components in that dell server so uh uh let's say you're configuring a dell server and you're going why does why does hardware raid matter what what what's important about that well i think when you look at today's hardware raid uh first of all you're going to see dramatically better performance you're going to see dramatically better performance in it's going to enable you to put raid 5 volumes a very effective and efficient mechanism for protecting your data a storage efficient mechanism you're going to use raid 5 volumes where you weren't able to do that before because when you're in the millions of iops range you really uh can satisfy a lot of application needs out there and and then you're going to also going to have rebuilt times that are lightning fast your performance is not going to degrade when you're when you're running those application especially database applications but not not only database but streaming applications uh bandwidth uh to to protected raid volumes is is almost almost imperceptibly different from just raw bandwidth to the media so the rate rate configurations in today's dell servers really afford you the opportunity to make use of that storage where you you may not have uh you may have already written it off as well ray just doesn't is not going to get me there quite frankly uh into this in in the storage servers that dell is providing uh with with raid technology uh there are huge windows open and what you can do today with applications well all of this is obviously good news for dell and dell customers thanks again andy for joining us for this cube conversation i'm dave nicholson for the cube [Music]

(upbeat music) >> Hello and welcome to theCUBE. I'm Dave Nicholson, Chief Technology Officer at theCUBE and we are here for a very special Cube Conversation with Andy Brown from Broadcom. Andy, welcome to theCUBE, tell us a little about yourself. >> Well, a little bit about myself, my name is Andy Brown, I'm currently the Senior Director of Software Architecture and Performance Analysis here within the Data Center Solutions Group at Broadcom. I've been doing that for about seven years prior to that, I held various positions within the system architecture, systems engineering, and IC development organization, but ultimately as well as spent some time in our support organization and managing our support team. But ultimately have landed in the architecture organization as well as performance analysis. >> Great, so a lot of what you do is around improving storage performance, tell us more about that. >> So let me give you a brief history of storage from my perspective. As I mentioned, I go back about 30 years in my career and that would've started back in the NCR Microelectronics days. And originally with Parallel SCSI, so that would be, if anyone would remember the the 5380 Controller, which was one of the original Parallel SCSI controllers that existed in built by NCR Microelectronics at the time, I've seen the advent of Parallel SCSI, a stint of fiber channel, ultimately leading into the serialization of the SCSI standard into SaaS, as well as SATA, and then ultimately leading to NVMe protocols and the advent of flash moving from hard drives into a flash based media and as well on that's on the storage side on the host side, moving from parallel interfaces, ISA if everybody could remember that, moving to PCI, PCI Express and that's where we land today. >> So Andy, we are square in the middle of the era of both NVMe and SaaS. What kinds of challenges does that overlap represent? >> Well, I think obviously we've seen SaaS around for a while, it was the conversion from parallel into a serial attached SCSI and that really SaaS brings with it, the ability to connect really a high number of devices and was kind of the original scaling of devices. And really also enabled was one of the things that enabled flash based media, given the the speed and performance that came to the table. Of course NVMe came in as well with the promise of even higher speeds. And as we saw flash media really, really take a strong role in storage. NVMe came around and really was focused on trying to address that, whereas SaaS originated with hard drive technology. NVMe was really born out of how do we most efficiently deal with flash based media, SaaS with its. But SaaS still carries a benefit on scalability and NVMe maybe has, I don't want to say challenges there, but it's definitely was not designed as much to be broadly scale across many, many, say high hundreds or thousands of devices. But definitely addressed some of the performance issues that were coming up as flash media was becoming. So it was increasing the overall storage performance that we could experience if you will. >> Let's talk about host interfaces, PCIe. What's the significance there? >> Really all the storage in the world, all the performance in the world on the storage side, is not of much use to you unless you can really feed it into the beast, if you will, into the CPU and into the the rest of the service subsystem. And that's really where PCI comes into play. PCI originally was in parallel form and then moved to serial with the PCI Express as we know it today, and really has created a pathway to enable not only storage performance but any other adapter or any other networking or other types of technologies to just open up that pathway and feed the processor. And as we've moved through from PCI to PCI Express PCI 2.0 3.0 4.0, and just opening up those pipes has really enabled just a tremendous amount of flow of data into the compute engine, allowing it to be analyzed, sorted used to analyze data, big data, AI type applications. Just those pipes are critical in those types of applications. >> We know we've seen dramatic increases in performance, going from one generation of PCIe to the next. But how does that translate into the worlds of SaaS, SATA and NVMe? >> So from a performance perspective when we look at these different types of media whether it be SATA, SaaS or NVMe, of course, there are performance difference inherent in that media, SATA being probably the lowest performing with NVMe topping out at higher performing although SaaS can perform quite well as a flash based as protocol connected to flash based media. And of course, NVMe from an individual device scaling, from a by one to a by four interface, really that is where NVMe kind of has enabled a bigger pipe directly to the storage media, being able to scale up to by four whereas SaaS can limit it to by one, maybe by two in some cases, although most servers only connect the SaaS device of by one. So from a different perspective then you're really wanting to create a solution or enable the infrastructure to be able to consume that performance at NVMe is going to give you. And I think that is something where our solutions have really in the recent generation shined, at their ability to really now keep up with storage performance and NVMe, as well as provide that connectivity back down into the SaaS and SATA world as well. >> Let's talk about your perspective on RAID today. >> So there've been a lot of views and opinions on RAID over the years, it's been and those have been changing over time. RAID has been around for a very, very long time, probably about as long as again, going back over my 30 year career, it's been around for almost the entire time. Obviously RAID originally was viewed as some thing that was very, very necessary devices fail. They don't last forever, but the data that's on them is very, very important and people care about that. So RAID was brought about knowing that individual devices that are storing that data are going to fail, and really took cold as a primary mechanism of protection. But as time went on and as performance moved up both in the server and both in the media itself if we start talking about flash. RAID really took on, people started to look at traditional server storage RAID, well, maybe a more of a negative connotation. I think that because to be quite honest, it fell behind a little bit. If you look at things like parity RAID 5 and RAID 6, very, very effective efficient means of protecting your data, very storage efficient, but ultimately had some penalty a primarily around right performance, random rights in RAID 5 volumes was not keeping up with what really needed to be there. And I think that really shifted opinions of RAID that, "Hey it's just not, it's not going to keep up and we need to move on to other avenues." And we've seen that, we've seen disaggregated storage and other solutions pop up and protect your data obviously in cloud environments and things like that have shown up and they have been successful, but. >> So one of the drawbacks with RAID is always the performance tax associated with generating parody for parody RAID. What has Broadcom done to address those potential bottlenecks? >> We've really solved the RAID performance issue the right performance issue. We're in our latest generation of controllers we're exceeding a million RAID 5 right IOPS which is enough to satisfy many, many, many applications as a matter of fact, even in virtual environments aggregated solutions, we have multiple applications. And then as well in the rebuild arena, we really have through our architecture, through our hardware automation have been able to move the bar on that to where the rebuild not only the rebuild times have been brought down dramatically in SaaS based or in I'm sorry in flash based solutions. But the performance that you can observe while those rebuilds are going on is almost immeasurable. So in most applications you would almost observe no performance deficiencies during a rebuild operation which is really night and day compared to where things were just few short years ago. >> So the fact that you've been able to, dramatically decrease the time necessary for a RAID rebuild is obviously extremely important. But give us your overall performance philosophy from Broadcom's point of view. >> Over the years we have recognized that performance is obviously a critically important for our products, and the ability to analyze performance from many many angles is critically important. There are literally infinite ways you can look at performance in a storage subsystem. What we have done in our labs and in our solutions through not only hardware scaling in our labs, but also through automation scripts and things like that, have allowed us to collect a substantial amount of data to look at the performance of our solutions from every angle. IOPS, bandwidth application level performance, small topologies, large topologies, just many, many aspects. It still honestly only scratches the surface of all the possible performance points that you could gather, but we have moved them bar dramatically in that regard. And it's something that our customers really demanded of us. Storage technology has gotten more complex, and you have to look at it from a lot different angles, especially on the performance front to make sure that there are no holes there that somebody's going to run into. >> So based on specific customer needs and requests, you look at performance from a variety of different angles. What are some of the trends that you're seeing specifically in storage per performance today and moving into the future? >> Yeah, emerging trends within the storage industry. I think that to look at the emerging trends, you really need to go back and look at where we started. We started in compute where people were you would have basically your server that would be under the desk in a small business operation and individual businesses would have their own set of servers, and the storage would really be localized to those. Obviously the industry has recognized that to some extent, disaggregation of that, we see that obviously in what's happening in cloud, in hyper-converged storage and things like that. Those afford a tremendous amount of flexibility and are obviously great players in the storage world today. But with that flexibility has come some sacrifice and performance and actually quite substantial sacrifice. And what we're observing is almost, it comes back full circle. The need for inbox high performing server storage that is well protected. And with people with confidence that people have confidence that their data is protected and that they can extract the performance that they need for the demanding database applications, that still exists today, and that still operate in the offices around the country and around the world, that really need to protect their data on a local basis in the server. And I think that from a trend perspective that's what we're seeing. We also, from the standpoint of NVMe itself is really started out with, "Hey, we'll just software rate that. We'll just wrap software around that, we can protect the data." We had so many customers come back to us saying, you know what? We really need hardware RAID on NVMe. And when they came to us, we were ready. We had a solution ready to go, and we're able to provide that, and now we're seeing ongoing on demand. We are complimentary to other storage solutions out there. Server storage is not going to necessarily rule a world but it is surely has a place in the broader storage spectrum. And we think we have the right solution for that. >> Speaking of servers and server-based storage. Why would, for example, a Dell customer care about the Broadcom components in that Dell server. >> So let's say you're configuring a Dell server and you're going, why does hardware where RAID matter? What's important about that? Well, I think when you look at today's hardware RAID, first of all, you're going to see a dramatically better performance. You're going to see dramatically better performance it's going to enable you to put RAID 5 volumes a very effective and efficient mechanism for protecting your data, a storage efficient mechanism. You're going to use RAID 5 volumes where you weren't able to do that before, because when you're in the millions of IOPS range you really can satisfy a lot of application needs out there. And then you're going to also going to have rebuilt times that are lightning fast. Your performance is not going to degrade, when you're running those application, especially database applications, but not only database, but streaming applications, bandwidth to protected RAID volumes is almost imperceptively different from just raw bandwidth to the media. So the RAID configurations in today's Dell servers really afford you the opportunity to make use of that storage where you may not have already written it off as well RAID just doesn't, is not going to get me there. Quite frankly, into this in the storage servers that Dell is providing with RAID technology, there are huge windows open in what you can do today with applications. >> Well, all of this is obviously good news for Dell and Dell customers, thanks again, Andy for joining us, for this Cube Conversation, I'm Dave Nicholson for theCUBE. (upbeat music)

>> The introduction of the modern public cloud in the mid 2000s, permanently changed the way we think about IT. At the heart of it, the cloud operating model attacked one of the biggest problems in enterprise infrastructure, human labor costs. More than half of IT budgets were spent on people, and much of that effort added little or no differentiable value to the business. The automation of provisioning, management, recovery, optimization, and decommissioning infrastructure resources has gone mainstream as organizations demand a cloud-like model across all their application infrastructure, irrespective of its physical location. This has not only cut cost, but it's also improved quality and reduced human error. Hello everyone, my name is Dave Vellante and welcome to Simplifying Hybrid Cloud, made possible by Cisco. Today, we're going to explore Hybrid Cloud as an operating model for organizations. Now the definite of cloud is expanding. Cloud is no longer an abstract set of remote services, you know, somewhere out in the clouds. No, it's an operating model that spans public cloud, on-premises infrastructure, and it's also moving to edge locations. This trend is happening at massive scale. While at the same time, preserving granular control of resources. It's an entirely new game where IT managers must think differently to deal with this complexity. And the environment is constantly changing. The growth and diversity of applications continues. And now, we're living in a world where the workforce is remote. Hybrid work is now a permanent state and will be the dominant model. In fact, a recent survey of CIOs by Enterprise Technology Research, ETR, indicates that organizations expect 36% of their workers will be operating in a hybrid mode. Splitting time between remote work and in office environments. This puts added pressure on the application infrastructure required to support these workers. The underlying technology must be more dynamic and adaptable to accommodate constant change. So the challenge for IT managers is ensuring that modern applications can be run with a cloud-like experience that spans on-prem, public cloud, and edge locations. This is the future of IT. Now today, we have three segments where we're going to dig into these issues and trends surrounding Hybrid Cloud. First up, is DD Dasgupta, who will set the stage and share with us how Cisco is approaching this challenge. Next, we're going to hear from Manish Agarwal and Darren Williams, who will help us unpack HyperFlex which is Cisco's hyperconverged infrastructure offering. And finally, our third segment will drill into Unified Compute. More than a decade ago, Cisco pioneered the concept of bringing together compute with networking in a single offering. Cisco frankly, changed the legacy server market with UCS, Unified Compute System. The X-Series is Cisco's next generation architecture for the coming decade and we'll explore how it fits into the world of Hybrid Cloud, and its role in simplifying the complexity that we just discussed. So, thanks for being here. Let's go. (upbeat music playing) Okay, let's start things off. DD Dasgupta is back on theCUBE to talk about how we're going to simplify Hybrid Cloud complexity. DD welcome, good to see you again. >> Hey Dave, thanks for having me. Good to see you again. >> Yeah, our pleasure. Look, let's start with big picture. Talk about the trends you're seeing from your customers. >> Well, I think first off, every customer these days is a public cloud customer. They do have their on-premise data centers, but, every customer is looking to move workloads, new services, cloud native services from the public cloud. I think that's one of the big things that we're seeing. While that is happening, we're also seeing a pretty dramatic evolution of the application landscape itself. You've got, you know, bare metal applications, you always have virtualized applications, and then most modern applications are containerized, and, you know, managed by Kubernetes. So I think we're seeing a big change in, in the application landscape as well. And, probably, you know, triggered by the first two things that I mentioned, the execution venue of the applications, and then the applications themselves, it's triggering a change in the IT organizations in the development organizations and sort of not only how they work within their organizations, but how they work across all of these different organizations. So I think those are some of the big things that, that I hear about when I talk to customers. >> Well, so it's interesting. I often say Cisco kind of changed the game in server and compute when it developed the original UCS. And you remember there were organizational considerations back then bringing together the server team and the networking team and of course the storage team as well. And now you mentioned Kubernetes, that is a total game changer with regard to whole the application development process. So you have to think about a new strategy in that regard. So how have you evolved your strategy? What is your strategy to help customers simplify, accelerate their hybrid cloud journey in that context? >> No, I think you're right Dave, back to the origins of UCS and we, you know, why did a networking company build a server? Well, we just enabled with the best networking technologies so, would do compute better. And now, doing something similar on the software, actually the managing software for our hyperconvergence, for our, you know, Rack server, for our blade servers. And, you know, we've been on this journey for about four years. The software is called Intersight, and, you know, we started out with Intersight being just the element manager, the management software for Cisco's compute and hyperconverged devices. But then we've evolved it over the last few years because we believe that a customer shouldn't have to manage a separate piece of software, would do manage the hardware, the underlying hardware. And then a separate tool to connect it to a public cloud. And then a third tool to do optimization, workload optimization or performance optimization, or cost optimization. A fourth tool to now manage, you know, Kubernetes and like, not just in one cluster, one cloud, but multi-cluster, multi-cloud. They should not have to have a fifth tool that does, goes into observability anyway. I can go on and on, but you get the idea. We wanted to bring everything onto that same platform that manage their infrastructure. But it's also the platform that enables the simplicity of hybrid cloud operations, automation. It's the same platform on which you can use to manage the, the Kubernetes infrastructure, Kubernetes clusters, I mean, whether it's on-prem or in a cloud. So, overall that's the strategy. Bring it to a single platform, and a platform is a loaded word we'll get into that a little bit, you know, in this conversation, but, that's the overall strategy, simplify. >> Well, you know, you brought platform. I like to say platform beats products, but you know, there was a day, and you could still point to some examples today in the IT industry where, hey, another tool we can monetize that. And another one to solve a different problem, we can monetize that. And so, tell me more about how Intersight came about. You obviously sat back, you saw what your customers were going through, you said, "We can do better." So tell us the story there. >> Yeah, absolutely. So, look, it started with, you know, three or four guys in getting in a room and saying, "Look, we've had this, you know, management software, UCS manager, UCS director." And these are just the Cisco's management, you know, for our, softwares for our own platforms. And every company has their own flavor. We said, we took on this bold goal of like, we're not, when we rewrite this or we improve on this, we're not going to just write another piece of software. We're going to create a cloud service. Or we're going to create a SaaS offering. Because the same, the infrastructure built by us whether it's on networking or compute, or the cyber cloud software, how do our customers use it? Well, they use it to write and run their applications, their SaaS services, every customer, every customer, every company today is a software company. They live and die by how their applications work or don't. And so, we were like, "We want to eat our own dog food here," right? We want to deliver this as a SaaS offering. And so that's how it started, we've being on this journey for about four years, tens of thousands of customers. But it was a pretty big, bold ambition 'cause you know, the big change with SaaS as you're familiar Dave is, the job of now managing this piece of software, is not on the customer, it's on the vendor, right? This can never go down. We have a release every Thursday, new capabilities, and we've learned so much along the way, whether it's to announce scalability, reliability, working with, our own company's security organizations on what can or cannot be in a SaaS service. So again, it's been a wonderful journey, but, I wanted to point out, we are in some ways eating our own dog food 'cause we built a SaaS application that helps other companies deliver their SaaS applications. >> So Cisco, I look at Cisco's business model and I compare, of course compare it to other companies in the infrastructure business and, you're obviously a very profitable company, you're a large company, you're growing faster than most of the traditional competitors. And, so that means that you have more to invest. You, can afford things, like to you know, stock buybacks, and you can invest in R&D you don't have to make those hard trade offs that a lot of your competitors have to make, so-- >> You got to have a talk with my boss on the whole investment. >> Yeah, right. You'd never enough, right? Never enough. But in speaking of R&D and innovations that you're intro introducing, I'm specifically interested in, how are you dealing with innovations to help simplify hybrid cloud, the operations there, improve flexibility, and things around Cloud Native initiatives as well? >> Absolutely, absolutely. Well, look, I think, one of the fundamentals where we're kind of philosophically different from a lot of options that I see in the industry is, we don't need to build everything ourselves, we don't. I just need to create a damn good platform with really good platform services, whether it's, you know, around, searchability, whether it's around logging, whether it's around, you know, access control, multi-tenants. I need to create a really good platform, and make it open. I do not need to go on a shopping spree to buy 17 and 1/2 companies and then figure out how to stich it all together. 'Cause it's almost impossible. And if it's impossible for us as a vendor, it's three times more difficult for the customer who then has to consume it. So that was the philosophical difference and how we went about building Intersight. We've created a hardened platform that's always on, okay? And then you, then the magic starts happening. Then you get partners, whether it is, you know, infrastructure partners, like, you know, some of our storage partners like NetApp or PR, or you know, others, who want their conversion infrastructures also to be managed, or their other SaaS offerings and software vendors who have now become partners. Like we did not write Terraform, you know, but we partnered with Hashi and now, you know, Terraform service's available on the Intersight platform. We did not write all the algorithms for workload optimization between a public cloud and on-prem. We partner with a company called Turbonomic and so that's now an offering on the Intersight platform. So that's where we're philosophically different, in sort of, you know, how we have gone about this. And, it actually dovetails well into, some of the new things that I want to talk about today that we're announcing on the Intersight platform where we're actually announcing the ability to attach and be able to manage Kubernetes clusters which are not on-prem. They're actually on AWS, on Azure, soon coming on GC, on GKE as well. So it really doesn't matter. We're not telling a customer if you're comfortable building your applications and running Kubernetes clusters on, you know, in AWS or Azure, stay there. But in terms of monitoring, managing it, you can use Intersight, and since you're using it on-prem you can use that same piece of software to manage Kubernetes clusters in a public cloud. Or even manage DMS in a EC2 instance. So. >> Yeah so, the fact that you could, you mentioned Storage Pure, NetApp, so Intersight can manage that infrastructure. I remember the Hashi deal and I, it caught my attention. I mean, of course a lot of companies want to partner with Cisco 'cause you've got such a strong ecosystem, but I thought that was an interesting move, Turbonomic you mentioned. And now you're saying Kubernetes in the public cloud. So a lot different than it was 10 years ago. So my last question is, how do you see this hybrid cloud evolving? I mean, you had private cloud and you had public cloud, and it was kind of a tug of war there. We see these two worlds coming together. How will that evolve on for the next few years? >> Well, I think it's the evolution of the model and I, really look at Cloud, you know, 2.0 or 3.0, or depending on, you know, how you're keeping terms. But, I think one thing has become very clear again, we, we've be eating our own dog food, I mean, Intersight is a hybrid cloud SaaS application. So we've learned some of these lessons ourselves. One thing is for sure that the customers are looking for a consistent model, whether it's on the edge, on the COLO, public cloud, on-prem, no data center, it doesn't matter. They're looking for a consistent model for operations, for governance, for upgrades, for reliability. They're looking for a consistent operating model. What (indistinct) tells me I think there's going to be a rise of more custom clouds. It's still going to be hybrid, so applications will want to reside wherever it most makes most sense for them which is obviously data, 'cause you know, data is the most expensive thing. So it's going to be complicated with the data goes on the edge, will be on the edge, COLO, public cloud, doesn't matter. But, you're basically going to see more custom clouds, more industry specific clouds, you know, whether it's for finance, or transportation, or retail, industry specific, I think sovereignty is going to play a huge role, you know, today, if you look at the cloud provider there's a handful of, you know, American and Chinese companies, that leave the rest of the world out when it comes to making, you know, good digital citizens of their people and you know, whether it's data latency, data gravity, data sovereignty, I think that's going to play a huge role. Sovereignty's going to play a huge role. And the distributor cloud also called Edge, is going to be the next frontier. And so, that's where we are trying line up our strategy. And if I had to sum it up in one sentence, it's really, your cloud, your way. Every customer is on a different journey, they will have their choice of like workloads, data, you know, upgrade reliability concern. That's really what we are trying to enable for our customers. >> You know, I think I agree with you on that custom clouds. And I think what you're seeing is, you said every company is a software company. Every company is also becoming a cloud company. They're building their own abstraction layers, they're connecting their on-prem to their public cloud. They're doing that across clouds, and they're looking for companies like Cisco to do the hard work, and give me an infrastructure layer that I can build value on top of. 'Cause I'm going to take my financial services business to my cloud model, or my healthcare business. I don't want to mess around with, I'm not going to develop, you know, custom infrastructure like an Amazon does. I'm going to look to Cisco and your R&D to do that. Do you buy that? >> Absolutely. I think again, it goes back to what I was talking about with platform. You got to give the world a solid open, flexible platform. And flexible in terms of the technology, flexible in how they want to consume it. Some of our customers are fine with the SaaS, you know, software. But if I talk to, you know, my friends in the federal team, no, that does not work. And so, how they want to consume it, they want to, you know, (indistinct) you know, sovereignty we talked about. So, I think, you know, job for an infrastructure vendor like ourselves is to give the world a open platform, give them the knobs, give them the right API tool kit. But the last thing I will mention is, you know, there's still a place for innovation in hardware. And I think some of my colleagues are going to get into some of those, you know, details, whether it's on our X-Series, you know, platform or HyperFlex, but it's really, it's going to be software defined, it's a SaaS service and then, you know, give the world an open rock solid platform. >> Got to run on something All right, Thanks DD, always a pleasure to have you on the, theCUBE, great to see you. >> Thanks for having me. >> You're welcome. In a moment, I'll be back to dig into hyperconverged, and where HyperFlex fits, and how it may even help with addressing some of the supply chain challenges that we're seeing in the market today. >> It used to be all your infrastructure was managed here. But things got more complex in distributing, and now IT operations need to be managed everywhere. But what if you could manage everywhere from somewhere? One scalable place that brings together your teams, technology, and operations. Both on-prem and in the cloud. One automated place that provides full stack visibility to help you optimize performance and stay ahead of problems. One secure place where everyone can work better, faster, and seamlessly together. That's the Cisco Intersight cloud operations platform. The time saving, cost reducing, risk managing solution for your whole IT environment, now and into the future of this ever-changing world of IT. (upbeat music) >> With me now are Manish Agarwal, senior director of product management for HyperFlex at Cisco, @flash4all, number four, I love that, on Twitter. And Darren Williams, the director of business development and sales for Cisco. MrHyperFlex, @MrHyperFlex on Twitter. Thanks guys. Hey, we're going to talk about some news and HyperFlex, and what role it plays in accelerating the hybrid cloud journey. Gentlemen, welcome to theCUBE, good to see you. >> Thanks a lot Dave. >> Thanks Dave. >> All right Darren, let's start with you. So, for a hybrid cloud, you got to have on-prem connection, right? So, you got to have basically a private cloud. What are your thoughts on that? >> Yeah, we agree. You can't have a hybrid cloud without that prime element. And you've got to have a strong foundation in terms of how you set up the whole benefit of the cloud model you're building in terms of what you want to try and get back from the cloud. You need a strong foundation. Hyperconversions provides that. We see more and more customers requiring a private cloud, and they're building it with Hyperconversions, in particular HyperFlex. Now to make all that work, they need a good strong cloud operations model to be able to connect both the private and the public. And that's where we look at Intersight. We've got solution around that to be able to connect that around a SaaS offering. That looks around simplified operations, gives them optimization, and also automation to bring both private and public together in that hybrid world. >> Darren let's stay with you for a minute. When you talk to your customers, what are they thinking these days when it comes to implementing hyperconverged infrastructure in both the enterprise and at the edge, what are they trying to achieve? >> So there's many things they're trying to achieve, probably the most brutal honesty is they're trying to save money, that's probably the quickest answer. But, I think they're trying to look in terms of simplicity, how can they remove layers of components they've had before in their infrastructure? We see obviously collapsing of storage into hyperconversions and storage networking. And we've got customers that have saved 80% worth of savings by doing that collapse into a hyperconversion infrastructure away from their Three Tier infrastructure. Also about scalability, they don't know the end game. So they're looking about how they can size for what they know now, and how they can grow that with hyperconvergence very easy. It's one of the major factors and benefits of hyperconversions. They also obviously need performance and consistent performance. They don't want to compromise performance around their virtual machines when they want to run multiple workloads. They need that consistency all all way through. And then probably one of the biggest ones is that around the simplicity model is the management layer, ease of management. To make it easier for their operations, yeah, we've got customers that have told us, they've saved 50% of costs in their operations model on deploying HyperFlex, also around the time savings they make massive time savings which they can reinvest in their infrastructure and their operations teams in being able to innovate and go forward. And then I think probably one of the biggest pieces we've seen as people move away from three tier architecture is the deployment elements. And the ease of deployment gets easy with hyperconverged, especially with Edge. Edge is a major key use case for us. And, what I want, what our customers want to do is get the benefit of a data center at the edge, without A, the big investment. They don't want to compromise in performance, and they want that simplicity in both management and deployment. And, we've seen our analysts recommendations around what their readers are telling them in terms of how management deployment's key for our IT operations teams. And how much they're actually saving by deploying Edge and taking the burden away when they deploy hyperconversions. And as I said, the savings elements is the key bit, and again, not always, but obviously those are case studies around about public cloud being quite expensive at times, over time for the wrong workloads. So by bringing them back, people can make savings. And we again have customers that have made 50% savings over three years compared to their public cloud usage. So, I'd say that's the key things that customers are looking for. Yeah. >> Great, thank you for that Darren. Manish, we have some hard news, you've been working a lot on evolving the HyperFlex line. What's the big news that you've just announced? >> Yeah, thanks Dave. So there are several things that we are announcing today. The first one is a new offer called HyperFlex Express. This is, you know, Cisco Intersight led and Cisco Intersight managed eight HyperFlex configurations. That we feel are the fastest path to hybrid cloud. The second is we are expanding our server portfolio by adding support for HX on AMD Rack, UCS AMD Rack. And the third is a new capability that we are introducing, that we are calling, local containerized witness. And let me take a minute to explain what this is. This is a pretty nifty capability to optimize for Edge environments. So, you know, this leverages the, Cisco's ubiquitous presence of the networking, you know, products that we have in the environments worldwide. So the smallest HyperFlex configuration that we have is a 2-node configuration, which is primarily used in Edge environments. Think of a, you know, a backroom in a departmental store or a oil rig, or it might even be a smaller data center somewhere around the globe. For these 2-node configurations, there is always a need for a third entity that, you know, industry term for that is either a witness or an arbitrator. We had that for HyperFlex as well. And the problem that customers face is, where you host this witness. It cannot be on the cluster because the job of the witness is to, when the infrastructure is going down, it basically breaks, sort of arbitrates which node gets to survive. So it needs to be outside of the cluster. But finding infrastructure to actually host this is a problem, especially in the Edge environments where these are resource constraint environments. So what we've done is we've taken that witness, we've converted it into a container reform factor. And then qualified a very large slew of Cisco networking products that we have, right from ISR, ASR, Nexus, Catalyst, industrial routers, even a Raspberry Pi that can host this witness. Eliminating the need for you to find yet another piece of infrastructure, or doing any, you know, care and feeding of that infrastructure. You can host it on something that already exists in the environment. So those are the three things that we are announcing today. >> So I want to ask you about HyperFlex Express. You know, obviously the whole demand and supply chain is out of whack. Everybody's, you know, global supply chain issues are in the news, everybody's dealing with it. Can you expand on that a little bit more? Can HyperFlex Express help customers respond to some of these issues? >> Yeah indeed Dave. You know the primary motivation for HyperFlex Express was indeed an idea that, you know, one of the folks are on my team had, which was to build a set of HyperFlex configurations that are, you know, would have a shorter lead time. But as we were brainstorming, we were actually able to tag on multiple other things and make sure that, you know, there is in it for, something in it for our customers, for sales, as well as our partners. So for example, you know, for our customers, we've been able to dramatically simplify the configuration and the install for HyperFlex Express. These are still HyperFlex configurations and you would at the end of it, get a HyperFlex cluster. But the part to that cluster is much, much simplified. Second is that we've added in flexibility where you can now deploy these, these are data center configurations, but you can deploy these with or without fabric interconnects, meaning you can deploy with your existing top of rack. We've also, you know, added attractive price point for these, and of course, you know, these will have better lead times because we've made sure that, you know, we are using components that are, that we have clear line of sight from our supply perspective. For partner and sales, this is, represents a high velocity sales motion, a faster turnaround time, and a frictionless sales motion for our distributors. This is actually a set of disty-friendly configurations, which they would find very easy to stalk, and with a quick turnaround time, this would be very attractive for the distys as well. >> It's interesting Manish, I'm looking at some fresh survey data, more than 70% of the customers that were surveyed, this is the ETR survey again, we mentioned 'em at the top. More than 70% said they had difficulty procuring server hardware and networking was also a huge problem. So that's encouraging. What about, Manish, AMD? That's new for HyperFlex. What's that going to give customers that they couldn't get before? >> Yeah Dave, so, you know, in the short time that we've had UCS AMD Rack support, we've had several record making benchmark results that we've published. So it's a powerful platform with a lot of performance in it. And HyperFlex, you know, the differentiator that we've had from day one is that it has the industry leading storage performance. So with this, we are going to get the fastest compute, together with the fastest storage. And this, we are hoping that we'll, it'll basically unlock, you know, a, unprecedented level of performance and efficiency, but also unlock several new workloads that were previously locked out from the hyperconverged experience. >> Yeah, cool. So Darren, can you give us an idea as to how HyperFlex is doing in the field? >> Sure, absolutely. So, both me and Manish been involved right from the start even before it was called HyperFlex, and we've had a great journey. And it's very exciting to see where we are taking, where we've been with the technology. So we have over 5,000 customers worldwide, and we're currently growing faster year over year than the market. The majority of our customers are repeat buyers, which is always a good sign in terms of coming back when they've proved the technology and are comfortable with the technology. They, repeat buyer for expanded capacity, putting more workloads on. They're using different use cases on there. And from an Edge perspective, more numbers of science. So really good endorsement of the technology. We get used across all verticals, all segments, to house mission critical applications, as well as the traditional virtual server infrastructures. And we are the lifeblood of our customers around those, mission critical customers. I think one big example, and I apologize for the worldwide audience, but this resonates with the American audience is, the Super Bowl. So, the SoFi stadium that housed the Super Bowl, actually has Cisco HyperFlex running all the management services, through from the entire stadium for digital signage, 4k video distribution, and it's completely cashless. So, if that were to break during Super Bowl, that would've been a big news article. But it was run perfectly. We, in the design of the solution, we're able to collapse down nearly 200 servers into a few nodes, across a few racks, and have 120 virtual machines running the whole stadium, without missing a heartbeat. And that is mission critical for you to run Super Bowl, and not be on the front of the press afterwards for the wrong reasons, that's a win for us. So we really are, really happy with HyperFlex, where it's going, what it's doing, and some of the use cases we're getting involved in, very, very exciting. >> Hey, come on Darren, it's Super Bowl, NFL, that's international now. And-- >> Thing is, I follow NFL. >> The NFL's, it's invading London, of course, I see the, the picture, the real football over your shoulder. But, last question for Manish. Give us a little roadmap, what's the future hold for HyperFlex? >> Yeah. So, you know, as Darren said, both Darren and I have been involved with HyperFlex since the beginning. But, I think the best is yet to come. There are three main pillars for HyperFlex. One is, Intersight is central to our strategy. It provides a, you know, lot of customer benefit from a single pane of class management. But we are going to take this beyond the lifecycle management, which is for HyperFlex, which is integrated into Intersight today, and element management. We are going to take it beyond that and start delivering customer value on the dimensions of AI Ops, because Intersight really provides us a ideal platform to gather stats from all the clusters across the globe, do AI/ML and do some predictive analysis with that, and return back as, you know, customer valued, actionable insights. So that is one. The second is UCS expand the HyperFlex portfolio, go beyond UCS to third party server platforms, and newer UCS server platforms as well. But the highlight there is one that I'm really, really excited about and think that there is a lot of potential in terms of the number of customers we can help. Is HX on X-Series. X-Series is another thing that we are going to, you know, add, we're announcing a bunch of capabilities on in this particular launch. But HX on X-Series will have that by the end of this calendar year. And that should unlock with the flexibility of X-Series of hosting a multitude of workloads and the simplicity of HyperFlex. We're hoping that would bring a lot of benefits to new workloads that were locked out previously. And then the last thing is HyperFlex data platform. This is the heart of the offering today. And, you'll see the HyperFlex data platform itself it's a distributed architecture, a unique distributed architecture. Primarily where we get our, you know, record baring performance from. You'll see it can foster more scalable, more resilient, and we'll optimize it for you know, containerized workloads, meaning it'll get granular containerized, container granular management capabilities, and optimize for public cloud. So those are some things that we are, the team is busy working on, and we should see that come to fruition. I'm hoping that we'll be back at this forum in maybe before the end of the year, and talking about some of these newer capabilities. >> That's great. Thank you very much for that, okay guys, we got to leave it there. And you know, Manish was talking about the HX on X-Series that's huge, customers are going to love that and it's a great transition 'cause in a moment, I'll be back with Vikas Ratna and Jim Leach, and we're going to dig into X-Series. Some real serious engineering went into this platform, and we're going to explore what it all means. You're watching Simplifying Hybrid Cloud on theCUBE, your leader in enterprise tech coverage. >> The power is here, and here, but also here. And definitely here. Anywhere you need the full force and power of your infrastructure hyperconverged. It's like having thousands of data centers wherever you need them, powering applications anywhere they live, but manage from the cloud. So you can automate everything from here. (upbeat music) Cisco HyperFlex goes anywhere. Cisco, the bridge to possible. (upbeat music) >> Welcome back to theCUBE's special presentation, Simplifying Hybrid Cloud brought to you by Cisco. We're here with Vikas Ratna who's the director of product management for UCS at Cisco and James Leach, who is director of business development at Cisco. Gents, welcome back to theCUBE, good to see you again. >> Hey, thanks for having us. >> Okay, Jim, let's start. We know that when it comes to navigating a transition to hybrid cloud, it's a complicated situation for a lot of customers, and as organizations as they hit the pavement for their hybrid cloud journeys, what are the most common challenges that they face? What are they telling you? How is Cisco, specifically UCS helping them deal with these problems? >> Well, you know, first I think that's a, you know, that's a great question. And you know, customer centric view is the way that we've taken, is kind of the approach we've taken from day one. Right? So I think that if you look at the challenges that we're solving for that our customers are facing, you could break them into just a few kind of broader buckets. The first would definitely be applications, right? That's the, that's where the rubber meets your proverbial road with the customer. And I would say that, you know, what we're seeing is, the challenges customers are facing within applications come from the the way that applications have evolved. So what we're seeing now is more data centric applications for example. Those require that we, you know, are able to move and process large data sets really in real time. And the other aspect of applications I think to give our customers kind of some, you know, pause some challenges, would be around the fact that they're changing so quickly. So the application that exists today or the day that they, you know, make a purchase of infrastructure to be able to support that application, that application is most likely changing so much more rapidly than the infrastructure can keep up with today. So, that creates some challenges around, you know, how do I build the infrastructure? How do I right size it without over provisioning, for example? But also, there's a need for some flexibility around life cycle and planning those purchase cycles based on the life cycle of the different hardware elements. And within the infrastructure, which I think is the second bucket of challenges, we see customers who are being forced to move away from the, like a modular or blade approach, which offers a lot of operational and consolidation benefits, and they have to move to something like a Rack server model for some applications because of these needs that these data centric applications have, and that creates a lot of you know, opportunity for siloing the infrastructure. And those silos in turn create multiple operating models within the, you know, a data center environment that, you know, again, drive a lot of complexity. So that, complexity is definitely the enemy here. And then finally, I think life cycles. We're seeing this democratization of processing if you will, right? So it's no longer just CPU focused, we have GPU, we have FPGA, we have, you know, things that are being done in storage and the fabrics that stitch them together that are all changing rapidly and have very different life cycles. So, when those life cycles don't align for a lot of our customers, they see a challenge in how they can manage this, you know, these different life cycles and still make a purchase without having to make too big of a compromise in one area or another because of the misalignment of life cycles. So, that is a, you know, kind of the other bucket. And then finally, I think management is huge, right? So management, you know, at its core is really right size for our customers and give them the most value when it meets the mark around scale and scope. You know, back in 2009, we weren't meeting that mark in the industry and UCS came about and took management outside the chassis, right? We put it at the top of the rack and that worked great for the scale and scope we needed at that time. However, as things have changed, we're seeing a very new scale and scope needed, right? So we're talking about a hybrid cloud world that has to manage across data centers, across clouds, and, you know, having to stitch things together for some of our customers poses a huge challenge. So there are tools for all of those operational pieces that touch the application, that touch the infrastructure, but they're not the same tool. They tend to be disparate tools that have to be put together. >> Right. >> So our customers, you know, don't really enjoy being in the business of, you know, building their own tools, so that creates a huge challenge. And one where I think that they really crave that full hybrid cloud stack that has that application visibility but also can reach down into the infrastructure. >> Right. You know Jim, I said in my open that you guys, Cisco sort of changed the server game with the original UCS, but the X-Series is the next generation, the generation for the next decade which is really important 'cause you touched on a lot of things, these data intensive workload, alternative processors to sort of meet those needs. The whole cloud operating model and hybrid cloud has really changed. So, how's it going with with the X-Series? You made a big splash last year, what's the reception been in the field? >> Actually, it's been great. You know, we're finding that customers can absolutely relate to our, you know, UCS X-Series story. I think that, you know, the main reason they relate to it is they helped create it, right? It was their feedback and their partnership that gave us really the, those problem areas, those areas that we could solve for the customer that actually add, you know, significant value. So, you know, since we brought UCS to market back in 2009, you know, we had this unique architectural paradigm that we created, and I think that created a product which was the fastest in Cisco history in terms of growth. What we're seeing now is X-Series is actually on a faster trajectory. So we're seeing a tremendous amount of uptake. We're seeing all, you know, both in terms of, you know, the number of customers, but also more importantly, the number of workloads that our customers are using, and the types of workloads are growing, right? So we're growing this modular segment that exist, not just, you know, bringing customers onto a new product, but we're actually bring them into the product in the way that we had envisioned, which is one infrastructure that can run any application and do it seamlessly. So we're really excited to be growing this modular segment. I think the other piece, you know, that, you know, we judge ourselves is, you know, sort of not just within Cisco, but also within the industry. And I think right now is a, you know, a great example, you know, our competitors have taken kind of swings and misses over the past five years at this, at a, you know, kind of the new next architecture. And, we're seeing a tremendous amount of growth even faster than any of our competitors have seen when they announced something that was new to this space. So, I think that the ground up work that we did is really paying off. And I think that what we're also seeing is it's not really a leap frog game, as it may have been in the past. X-Series is out in front today, and, you know, we're extending that lead with some of the new features and capabilities we have. So we're delivering on the story that's already been resonating with customers and, you know, we're pretty excited that we're seeing the results as well. So, as our competitors hit walls, I think we're, you know, we're executing on the plan that we laid out back in June when we launched X-Series to the world. And, you know, as we continue to do that, we're seeing, you know, again, tremendous uptake from our customers. >> So thank you for that Jim. So Vikas, I was just on Twitter just today actually talking about the gravitational pull, you've got the public clouds pulling CXOs one way and you know, on-prem folks pulling the other way and hybrid cloud. So, organizations are struggling with a lot of different systems and architectures and ways to do things. And I said that what they're trying to do is abstract all that complexity away and they need infrastructure to support that. And I think your stated aim is really to try to help with that confusion with the X series, right? I mean, so how so can you explain that? >> Sure. And, that's the right, the context that you built up right there Dave. If you walk into enterprise data center you'll see plethora of compute systems spread all across. Because, every application has its unique needs, and, hence you find drive node, drive-dense system, memory dense system, GPU dense system, core dense system, and variety of form factors, 1U, 2U, 4U, and, every one of them typically come with, you know, variety of adapters and cables and so forth. This creates the siloness of resources. Fabric is (indistinct), the adapter is (indistinct). The power and cooling implication. The Rack, you know, face challenges. And, above all, the multiple management plane that they come up with, which makes it very difficult for IT to have one common center policy, and enforce it all across, across the firmware and software and so forth. And then think about upgrade challenges of the siloness makes it even more complex as these go through the upgrade processes of their own. As a result, we observe quite a few of our customers, you know, really seeing an inter, slowness in that agility, and high burden in the cost of overall ownership. This is where with the X-Series powered by Intersight, we have one simple goal. We want to make sure our customers get out of that complexities. They become more agile, and drive lower TCOs. And we are delivering it by doing three things, three aspects of simplification. First, simplify their whole infrastructure by enabling them to run their entire workload on single infrastructure. An infrastructure which removes the siloness of form factor. An infrastructure which reduces the Rack footprint that is required. An infrastructure where power and cooling budgets are in the lower. Second, we want to simplify by delivering a cloud operating model, where they can and create the policy once across compute network storage and deploy it all across. And third, we want to take away the pain they have by simplifying the process of upgrade and any platform evolution that they're going to go through in the next two, three years. So that's where the focus is on just driving down the simplicity, lowering down their TCOs. >> Oh, that's key, less friction is always a good thing. Now, of course, Vikas we heard from the HyperFlex guys earlier, they had news not to be outdone. You have hard news as well. What innovations are you announcing around X-Series today? >> Absolutely. So we are following up on the exciting X-Series announcement that we made in June last year, Dave. And we are now introducing three innovation on X-Series with the goal of three things. First, expand the supported workload on X-Series. Second, take the performance to new levels. Third, dramatically reduce the complexities in the data center by driving down the number of adapters and cables that are needed. To that end, three new innovations are coming in. First, we are introducing the support for the GPU node using a cableless and very unique X-Fabric architecture. This is the most elegant design to add the GPUs to the compute node in the modular form factor. Thereby, our customers can now power in AI/ML workload, or any workload that need many more number of GPUs. Second, we are bringing in GPUs right onto the compute node, and thereby our customers can now fire up the accelerated VDI workload for example. And third, which is what you know, we are extremely proud about, is we are innovating again by introducing the fifth generation of our very popular unified fabric technology. With the increased bandwidth that it brings in, coupled with the local drive capacity and densities that we have on the compute node, our customers can now fire up the big data workload, the FCI workload, the SDS workload. All these workloads that have historically not lived in the modular form factor, can be run over there and benefit from the architectural benefits that we have. Second, with the announcement of fifth generation fabric, we've become the only vendor to now finally enable 100 gig end to end single port bandwidth, and there are multiple of those that are coming in there. And we are working very closely with our CI partners to deliver the benefit of these performance through our Cisco Validated Design to our CI franchise. And third, the innovations in the fifth gen fabric will again allow our customers to have fewer physical adapters made with ethernet adapter, made with power channel adapters, or made with, the other storage adapters. They've reduced it down and coupled with the reduction in the cable. So very, very excited about these three big announcements that we are making in this month's release. >> Great, a lot there, you guys have been busy, so thank you for that Vikas. So, Jim, you talked a little bit about the momentum that you have, customers are adopting, what problems are they telling you that X-Series addresses, and how do they align with where they want to go in the future? >> That's a great question. I think if you go back to, and think about some of the things that we mentioned before, in terms of the problems that we originally set out to solve, we're seeing a lot of traction. So what Vikas mentioned I think is really important, right? Those pieces that we just announced really enhance that story and really move again, to the, kind of, to the next level of taking advantage of some of these, you know, problem solving for our customers. You know, if you look at, you know, I think Vikas mentioned accelerated VDI. That's a great example. These are where customers, you know, they need to have this dense compute, they need video acceleration, they need tight policy management, right? And they need to be able to deploy these systems anywhere in the world. Well, that's exactly what we're hitting on here with X-Series right now. We're hitting the market in every single way, right? We have the highest compute config density that we can offer across the, you know, the very top end configurations of CPUs, and a lot of room to grow. We have the, you know, the premier cloud based management, you know, hybrid cloud suite in the industry, right? So check there. We have the flexible GPU accelerators that Vikas just talked about that we're announcing both on the system and also adding additional ones to the, through the use of the X-Fabric, which is really, really critical to this launch as well. And, you know, I think finally, the fifth generation of fabric interconnect and virtual interface card, and, intelligent fabric module go hand in hand in creating this 100 gig end to end bandwidth story, that we can move a lot of data. Again, you know, having all this performance is only as good as what we can get in and out of it, right? So giving customers the ability to manage it anywhere, to be able to get the bandwidth that they need, to be able to get the accelerators that are flexible that it fit exactly their needs, this is huge, right? This solves a lot of the problems we can tick off right away. With the infrastructure as I mentioned, X-Fabric is really critical here because it opens a lot of doors here, you know, we're talking about GPUs today, but in the future, there are other elements that we can disaggregate, like the GPUs that solve these life cycle mismanagement issues. They solve issues around the form factor limitations. It solves all these issues for like, it does for GPU we can do that with storage or memory in the future. So that's going to be huge, right? This is disaggregation that actually delivers, right? It's not just a gimmicky bar trick here that we're doing, this is something that customers can really get value out of day one. And then finally, I think the, you know, the future readiness here, you know, we avoid saying future proof because we're kind of embracing the future here. We know that not only are the GPUs going to evolve, the CPUs are going to evolve, the drives, you know, the storage modules are going to evolve. All of these things are changing very rapidly. The fabric that stitches them together is critical, and we know that we're just on the edge of some of the development that are coming with CXL, with some of the PCI Express changes that are coming in the very near future, so we're ready to go. And the X-Fabric is exactly the vehicle that's going to be able to deliver those technologies to our customers, right? Our customers are out there saying that, you know, they want to buy into to something like X-Series that has all the operational benefits, but at the same time, they have to have the comfort in knowing that they're protected against being locked out of some technology that's coming in the future, right? We want our customers to take these disruptive technologies and not be disrupted, but use them to disrupt their competition as well. So, you know, we're really excited about the pieces today, and, I think it goes a long way towards continuing to tell the customer benefit story that X-Series brings, and, you know, again, you know, stay tuned because it's going to keep getting better as we go. >> Yeah, a lot of headroom for scale and the management piece is key there. Just have time for one more question Vikas. Give us some nuggets on the roadmap. What's next for X-Series that we can look forward to? >> Absolutely Dave. As we talked about, and as Jim also hinted, this is a future ready architecture. A lot of focus and innovation that we are going through is about enabling our customers to seamlessly and painlessly adopt very disruptive hardware technologies that are coming up, no refund replace. And, there we are looking into, enabling the customer's journey as they transition from PCI generation four, to five to six without driven replace, as they embrace CXL without driven replace. As they embrace the newer paradigm of computing through the disaggregated memory, disaggregated PCIe or NVMe based dense drives, and so forth. We are also looking forward to X-Fabric next generation, which will allow dynamic assignment of GPUs anywhere within the chassis and much more. So this is again, all about focusing on the innovation that will make the enterprise data center operations a lot more simpler, and drive down the TCO by keeping them not only covered for today, but also for future. So that's where some of the focus is on Dave. >> Okay. Thank you guys we'll leave it there, in a moment, I'll have some closing thoughts. (upbeat music) We're seeing a major evolution, perhaps even a bit of a revolution in the underlying infrastructure necessary to support hybrid work. Look, virtualizing compute and running general purpose workloads is something IT figured out a long time ago. But just when you have it nailed down in the technology business, things change, don't they? You can count on that. The cloud operating model has bled into on-premises locations. And is creating a new vision for the future, which we heard a lot about today. It's a vision that's turning into reality. And it supports much more diverse and data intensive workloads and alternative compute modes. It's one where flexibility is a watch word, enabling change, attacking complexity, and bringing a management capability that allows for a granular management of resources at massive scale. I hope you've enjoyed this special presentation. Remember, all these videos are available on demand at thecube.net. And if you want to learn more, please click on the information link. Thanks for watching Simplifying Hybrid Cloud brought to you by Cisco and theCUBE, your leader in enterprise tech coverage. This is Dave Vellante, be well and we'll see you next time. (upbeat music)

>>And welcome back to the cubes coverage of alias reinvent 2021. I'm Jon furrier, your host of the cube we're onsite we're hybrid. It's a hybrid event. We've got Odile, Shara Dean vice president of north America solution engineering at Salesforce. We deal SIM thank you for coming on the cube >>You John, excited to be >>Here. So w you know, Salesforce obviously, um, being in Palo Alto in the bay area, they've got the Salesforce tower, great business cloud before cloud great innovation. A lot of growth has been very successful at SAS and platform. So you take that to the government, uh, an area public sector where public sector and other areas around this have been exploding with the pandemic with new use cases and just kind of a refactoring and replatforming of L all aspects of digital. It's been a big digital transformation surge, and rightfully so you guys are in the mix here. Um, talk about the Salesforce is positioned as you guys innovate and scale your platform and rethink this architecture with AWS in the public sector. >>Yeah. Thank you, John. So you're spot on Salesforce defines SAS as a delivery of services to customers, and that's really the precursor to where we are with cloud here. So let's talk about public sector and what that means. I'm very proud to work in and around public sector for many years. And I'll Salesforce, public sector group supports any number of use cases, different missions, anywhere from state and local, all the way through to federal use cases on, on a global scale. But what that means, and I mean, right back to your question is how do we deliver those in the cloud in a scalable, responsive way? You mentioned the pandemic and throughout the pandemic, we were instrumental in trying to deliver these services and getting states and localities towns, countries up and running to deliver the critical things that we all learned about in a hurry contact pricing. >>COVID testing all these ideas around vaccine management, what it takes to get vaccines to populations, but many of our customers, many of our governments just weren't well positioned to do that. So what they were relying on was a secure, scalable, flexible environment that allowed them to define their workflows or their business models in a very, very rapid pace as we were dealing with the surge and the constantly changing landscape of the pandemic. So from our perspective, we've spent years investing in public sector to make sure that we need the compliance requirements, whether that's FedRAMP or, or CMMC, or protected being Canada, how do we do that reliably quickly so that our government customers can rely on us for situations like the pandemic to be able to respond? >>Yeah, one of the things we've been doing a lot of reporting around is the idea that the pandemic has kind of forced, and it was a forcing function around digital transformation. Uh, so I have to ask you knowing the history of Salesforce and the greatness of the company that you guys have had over the years, uh, when you get into the public sector, I'm sure you get all kinds of questions. We don't have sales forces, and we don't have sales managers. Um, we don't need a CRM. Um, and we have industry regulations. We're not a commercial thing. How do you answer those? Because you guys have infrastructure, you are a hyperscale, uh, what's your take on that and how do you answer those direct questions when they come up? >>All great questions and yes, we get them all the time. Uh, so how do we answer them? Well, first and foremost, the idea of a CRM is around putting your customer at the center of your view of them. So that customer relationship management means you, you have a view into the services your customer needs and how they're engaging with you, digitally engagement, in-person engagement, et cetera. I would intend that that's no different for a government entity than it is for a consumer. Very sensitive government entity wants to treat their constituents around the services they need and getting that full 360 view of what, what are the services available to them? How do they access them, et cetera, actually fits really well into that CRM model, but it does take some explaining and reinvisioning it, but it plays really well into the digital transformation imperatives that these agencies have, because what you want to do in a digital transformation is also re-imagined all these old systems and legacy systems, how you're going to make them more accessible. >>But also to your point, how do you bring them to this level of expectation that our consumers have? I'm now accustomed to having mobile apps and on-demand, uh, applications and websites for ordering products for ordering needs, et cetera, for booking a restaurant reservation, I've developed the exact same requirements and expectations of my government services and our government customers are clearly aware of this. So they want to bring this capability to the fore and offer their constituents a better experience as well. When you asked about government regulations, this is absolutely critical to how we think about delivering that service, the value of the cloud. Isn't just, you can go get access to a service and not have to worry about that service. It's also, how do we unencumber agencies from these compliance requirements from audits, from privacy checks and needs in a constantly evolving landscape. There's always a legislative imperative to change something, add more constraints, more privacy requirements, compliance requirements, et cetera. So what we want to do is free our customers up from having to worry about that. That's what we undertake. We provide them that level of assurance, and they focus once again, on that higher value of the business flows, the mission, the constituency context, and how to make that constituent experience better. >>I have to ask you, I had a chance to sit down one-on-one with Adam. Slupski the new CEO of AWS recently prior to re-invent. And he said something to me. I want to get your reaction to, he said with scale, you can get visibility on some new use cases. So this applies to Salesforce. You guys are a hyperscaler, you have this new architecture named hyper force. What is this all about? And how does that tie into celebrities comment? Okay. >>Yeah. Uh, excellent question. And we'll talk a little about that history that brings us to two hype before. So just like many of our customers, we realize that having the ability to scale across the globe and be able to offer our services in different regions, different compliance requirements meant that our investments in first party data centers needed to be reconstructed a little bit. And that posed a bit of a rearchitecture for us as well. But that's what gave us the flexibility then to essentially decouple our architecture from the physical infrastructure layer, but it afforded us then the ability to deploy very quickly and very scaleably on AWS in regions that we previously weren't operating in. So it allows us to move along quicker, allows us to bring that flexibility and that scale to the customer where they are. And then we can meet once again, coming back to compliance and regulations. >>We can meet requirements around data residency and data privacy requirements in different regions that we were somewhat constrained in doing earlier. And that also then gives us the ability, I think, to what Adam might've been alluding to now that we're able to bring that service to the customer, they can say, well, actually here's another use case that I would like Salesforce to deliver on. And it gives us that flexibility. We do a lot in terms of expanding across use cases. And if I can point to the pandemic again, just as a great frame of reference that we're all thrust into. Initially, if you cast your mind back to may of last year, we were all worried about contact tracing, right? No side effects scenes, yet we didn't even have pelvic testing. Well, shortly thereafter, COVID testing became available and states were offering those well that from contact tracing to COVID testing is a massive shift. If you think about the use case for technology. So we enable our customers to move very quickly from contact tracing, to COVID, testing them to vaccine management. They're actually entirely different use cases, even though they all apply to solving for the pandemic where we had so many others, digital outreach, helping with loans and grants and management through the PPP programs, through unemployment programs, all different use cases that we helped our customers extend to, which you can't do that if you're not flexible enough to move quickly and scale effectively to support those. >>I think that value proposition and that notion of having that regional global support is going to really come into the whole data programmability trend. I call data as dev ops kind of vibe where data as code becomes more, more agile, right? You're going to see that. I think that's going to be, that's a big theme at a reinvent this year. So, so I have to ask you now, now we're sitting in this global scale, you've got geopolitics, you got public sector. How does Salesforce government cloud plus, and hyper force help your help governments and their partners because their ecosystems too, right? So it's not a commercial. Now it's looking a lot like a commercial lines between commercial and government looking the same. How do you guys help governments and their partners? >>So having been in this, this, uh, area for so long, I, I like to position this tonight. I use this actually as a good selling point, even in selling the value propositions for investment internally, I think of the government regulations and requirements around privacy compliance as a minimum barrier of entry. So I'll, uh, you mentioned our government cloud, plus that's really more in the U S and it's a FedRAMP, uh, tested at a federal and PI level. We've got privacy of lays. We've got our DOD out for, uh, PA in there we've got HIPAA and PCI compliance bank 10. Those are efforts that if a company or a government customer were to go run through individually, it's going to take them a lot of time, effort, and investment to support those. And you end up creating an operations business that just does that for 24 7. >>That's the only reason for them to exist is to manage those. But then we have the government adjacent industries that you're referring to. What about the parkers that service government, they have their own set of regulations. more recently CMMC coming out, et cetera. We provide all of those as a baseline for our government cloud plus. So that level of assurance is assumed by customers and consumers of the service. And again, they're worried about what type of beta and what type of business workflows they're gonna enable and not, can they meet the basic regulations to stand up the service? >>Yeah, I think that highly of the workflows piece is critical because workflows is the new integration layer, right? So these seeing a lot of that, and again, that's a big theme at a re-invent this year. I'll see the performance is key graviton to all the processor stuff and, and, you know, it's lambed and old serverless, but as you move up to the stack where there's actual agility and modern applications that need to be built, whatever they are, you need to have this programmable cloud scale, but the customization on workflows and machine learning and AI. So this is all beautiful for everyone to think about, but now they have to implement it. So how might your customers and prospects consider expanding their offerings with Salesforce in the cloud? Is there, is there a certain playbook that you see, is there a situational awareness that's needed? How would you advise your customers will want to consider expanding, uh, their portfolio in their, their apps and workflows with Salesforce? >>Yeah, that's a fantastic question. So, John, and I'm going to start with, again, going back a little bit to what is Salesforce and who are we as a company? So in as much as we started talking about Salesforce as the number one CRM platform was SAS, we've also acquired some companies and invested in a lot of different, uh, elements of businesses, uh, Tableau NeoSoft and velocity more recently, the slack acquisition, and they're all slightly outside of our platform in terms of capabilities and what we intend for those to deliver. So our customers have a lot more options in terms of what it means to partner with and invest with Salesforce. Uh, slack is a great example of where that becomes a communications mesh and infrastructure that allows them to integrate, uh, technologies, applications, workflows, et cetera. So you want to rethink almost what is Salesforce and what does it mean in your enterprise? >>And then coming back to, to the core of what we do, a lot of how we enable our customers is here's an environment. We enable these very quickly a customer's access to the environment right away. They can set up testing environments, sandboxes, start playing with workflows and really reimagine what that environment is going to look like for their internal users and their engagement with these applications. So yes, we have runbooks we have playbooks, but we've also got enablers in the form of applications. We have a huge application market, if you will, where customers can download different accelerators and try those. We've got a huge network of partners that have delivered rich value added applications. So in most cases, our customers are going to find someone's already created the use case or the application or the workflow they needed. And maybe it's a case of just announcing that a little bit or updating it a little bit, or creating the integration to an in-house system already. So it makes it very exciting, but also makes it a very quick start to solve a problem. >>Oh, Nielsen, you guys have a great opportunity with the cloud and cloud scale. Obviously, companies successful Salesforce is well-known, but as data and governance has to be more agile, more secure often, that sounds counter-intuitive, but this is the big deal that's happening right now, where you need the leverage, the scale you need to have it secure, which you'd think needs to be protective, but making it more permissive is agility. This is the core theme, your, your reaction to wrap up, >>Uh, all great points and yes, to be the data isn't useful if it's entirely locked up. So at Todd, you bring the user to the data they have access to, and that data to provide them value. But especially in a, we'll put a government lens on this. On the government side, the data is ultimately what our government entities are stewarding. So yes services, but that data is imperative. So our customers understand the value of that data and then also how to not just extract value from it, but how to shepherd and steward the security of that data very well. So for us, it's the ability to get that data to the right users, allow them to construct their business omission flow on that data. But the data has to persist has to add value, has to be available for analytics and so on >>Nielsen. Jardeen vice president of north America solutions engineering at Salesforce. Thanks for coming on the cube and, and sharing your story and congratulate a big opportunity ahead for you guys. Congratulations. >>Absolutely. John, thank you so much. Enjoy the rest of the week. Okay. >>It was coverage of eight of us reinvent 2021. Um, John for a, your host. Thanks for watching.

(cheerful music) >> Hello everyone, welcome to today's session of theCUBE's presentation of AWS Startup Showcase, New Breakthroughs in DevOps, Data Analytics, Cloud Management Tools, featuring Okera from the cloud management migration track. I'm John Furrier, your host. We've got two great special guests today, Nong Li, founder and CTO of Okera, and Sanjeev Mohan, principal @SanjMo, and former research vice president of big data and advanced analytics at Gartner. He's a legend, been around the industry for a long time, seen the big data trends from the past, present, and knows the future. Got a great lineup here. Gentlemen, thank you for this, so, life in the trenches, lessons learned across compliance, cloud migration, analytics, and use cases for Fortune 1000s. Thanks for joining us. >> Thanks for having us. >> So Sanjeev, great to see you, I know you've seen this movie, I was saying that in the open, you've at Gartner seen all the visionaries, the leaders, you know everything about this space. It's changing extremely fast, and one of the big topics right out of the gate is not just innovation, we'll get to that, that's the fun part, but it's the regulatory compliance and audit piece of it. It's keeping people up at night, and frankly if not done right, slows things down. This is a big part of the showcase here, is to solve these problems. Share us your thoughts, what's your take on this wide-ranging issue? >> So, thank you, John, for bringing this up, and I'm so happy you mentioned the fact that, there's this notion that it can slow things down. Well I have to say that the old way of doing governance slowed things down, because it was very much about control and command. But the new approach to data governance is actually in my opinion, it's liberating data. If you want to democratize or monetize, whatever you want to call it, you cannot do it 'til you know you can trust said data and it's governed in some ways, so data governance has actually become very interesting, and today if you want to talk about three different areas within compliance regulatory, for example, we all know about the EU GDPR, we know California has CCPA, and in fact California is now getting even a more stringent version called CPRA in a couple of years, which is more aligned to GDPR. That is a first area we know we need to comply to that, we don't have any way out. But then, there are other areas, there is insider trading, there is how you secure the data that comes from third parties, you know, vendors, partners, suppliers, so Nong, I'd love to hand it over to you, and see if you can maybe throw some light into how our customers are handling these use cases. >> Yeah, absolutely, and I love what you said about balancing agility and liberating, in the face of what may be seen as things that slow you down. So we work with customers across verticals with old and new regulations, so you know, you brought up GDPR. One of our clients is using this to great effect to power their ecosystem. They are a very large retail company that has operations and customers across the world, obviously the importance of GDPR, and the regulations that imposes on them are very top of mind, and at the same time, being able to do effective targeting analytics on customer information is equally critical, right? So they're exactly at that spot where they need this customer insight for powering their business, and then the regulatory concerns are extremely prevalent for them. So in the context of GDPR, you'll hear about things like consent management and right to be forgotten, right? I, as a customer of that retailer should say "I don't want my information used for this purpose," right? "Use it for this, but not this." And you can imagine at a very, very large scale, when you have a billion customers, managing that, all the data you've collected over time through all of your devices, all of your telemetry, really, really challenging. And they're leveraging Okera embedded into their analytics platform so they can do both, right? Their data scientists and analysts who need to do everything they're doing to power the business, not have to think about these kind of very granular customer filtering requirements that need to happen, and then they leverage us to do that. So that's kind of new, right, GDPR, relatively new stuff at this point, but we obviously also work with customers that have regulations from a long long time ago, right? So I think you also mentioned insider trading and that supply chain, so we'll talk to customers, and they want really data-driven decisions on their supply chain, everything about their production pipeline, right? They want to understand all of that, and of course that makes sense, whether you're the CFO, if you're going to make business decisions, you need that information readily available, and supply chains as we know get more and more and more complex, we have more and more integrated into manufacturing and other verticals. So that's your, you're a little bit stuck, right? You want to be data-driven on those supply chain analytics, but at the same time, knowing the details of all the supply chain across all of your dependencies exposes your internal team to very high blackout periods or insider trading concerns, right? For example, if you knew Apple was buying a bunch of something, that's maybe information that only a select few people can have, and the way that manifests into data policies, 'cause you need the ability to have very, very scalable, per employee kind of scalable data restriction policies, so they can do their job easier, right? If we talk about speeding things up, instead of a very complex process for them to get approved, and approved on SEC regulations, all that kind of stuff, you can now go give them access to the part of the supply chain that they need, and no more, and limit their exposure and the company's exposure and all of that kind of stuff. So one of our customers able to do this, getting two orders of magnitude, a 100x reduction in the policies to manage the system like that. >> When I hear you talking like that, I think the old days of "Oh yeah, regulatory, it kind of slows down innovation, got to go faster," pretty basic variables, not a lot of combination of things to check. Now with cloud, there seems to be combinations, Sanjeev, because how complicated has the regulatory compliance and audit environment gotten in the past few years, because I hear security in a supply chain, I hear insider threats, I mean these are security channels, not just compliance department G&A kind of functions. You're talking about large-scale, potentially combinations of access, distribution, I mean it seems complicated. How much more complicated is it now, just than it was a few years ago? >> So, you know the way I look at it is, I'm just mentioning these companies just as an example, when PayPal or Ebay, all these companies started, they started in California. Anybody who ever did business on Ebay or PayPal, guess where that data was? In the US in some data center. Today you cannot do it. Today, data residency laws are really tough, and so now these organizations have to really understand what data needs to remain where. On top of that, we now have so many regulations. You know, earlier on if you were healthcare, you needed to be HIPAA compliant, or banking PCI DSS, but today, in the cloud, you really need to know, what data I have, what sensitive data I have, how do I discover it? So that data discovery becomes really important. What roles I have, so for example, let's say I work for a bank in the US, and I decide to move to Germany. Now, the old school is that a new rule will be created for me, because of German... >> John: New email address, all these new things happen, right? >> Right, exactly. So you end up with this really, a mass of rules and... And these are all static. >> Rules and tools, oh my god. >> Yeah. So Okera actually makes a lot of this dynamic, which reduces your cloud migration overhead, and Nong used some great examples, in fact, sorry if I take just a second, without mentioning any names, there's one of the largest banks in the world is going global in the digital space for the first time, and they're taking Okera with them. So... >> But what's the point? This is my next topic in cloud migration, I want to bring this up because, complexity, when you're in that old school kind of data center, waterfall, these old rules and tools, you have to roll this out, and it's a pain in the butt for everybody, it's a hassle, huge hassle. Cloud gives the agility, we know that, and cloud's becoming more secure, and I think now people see the on-premise, certainly things that'd be on-premises for secure things, I get that, but when you start getting into agility, and you now have cloud regions, you can start being more programmatic, so I want to get you guys' thoughts on the cloud migration, how companies who are now lifting and shifting, replatforming, what's the refactoring beyond that, because you can replatform in the cloud, and still some are kind of holding back on that. Then when you're in the cloud, the ones that are winning, the companies that are winning are the ones that are refactoring in the cloud. Doing things different with new services. Sanjeev, you start. >> Yeah, so you know, in fact lot of people tell me, "You know, we are just going to lift and shift into the cloud." But you're literally using cloud as a data center. You still have all the, if I may say, junk you had on-prem, you just moved it into the cloud, and now you're paying for it. In cloud, nothing is free. Every storage, every processing, you're going to pay for it. The most successful companies are the ones that are replatforming, they are taking advantage of the platform as a service or software as a service, so that includes things like, you pay as you go, you pay for exactly the amount you use, so you scale up and scale down or scale out and scale in, pretty quickly, you know? So you're handling that demand, so without replatforming, you are not really utilizing your- >> John: It's just hosting. >> Yeah, you're just hosting. >> It's basically hosting if you're not doing anything right there. >> Right. The reason why people sometimes resist to replatform, is because there's a hidden cost that we don't really talk about, PaaS adds 3x to IaaS cost. So, some organizations that are very mature, and they have a few thousand people in the IT department, for them, they're like "No, we just want to run it in the cloud, we have the expertise, and it's cheaper for us." But in the long run, to get the most benefit, people should think of using cloud as a service. >> Nong what's your take, because you see examples of companies, I'll just call one out, Snowflake for instance, they're essentially a data warehouse in the cloud, they refactored and they replatformed, they have a competitive advantage with the scale, so they have things that others don't have, that just hosting. Or even on-premise. The new model developing where there's real advantages, and how should companies think about this when they have to manage these data lakes, and they have to manage all these new access methods, but they want to maintain that operational stability and control and growth? >> Yeah, so. No? Yeah. >> There's a few topics that are all (indistinct) this topic. (indistinct) enterprises moving to the cloud, they do this maybe for some cost savings, but a ton of it is agility, right? The motor that the business can run at is just so much faster. So we'll work with companies in the context of cloud migration for data, where they might have a data warehouse they've been using for 20 years, and building policies over that time, right? And it's taking a long time to go proof of access and those kind of things, made more sense, right? If it took you months to procure a physical infrastructure, get machines shipped to your data center, then this data access taking so long feels okay, right? That's kind of the same rate that everything is moving. In the cloud, you can spin up new infrastructure instantly, so you don't want approvals for getting policies, creating rules, all that stuff that Sanjeev was talking about, that being slow is a huge, huge problem. So this is a very common environment that we see where they're trying to do that kind of thing. And then, for replatforming, again, they've been building these roles and processes and policies for 20 years. What they don't want to do is take 20 years to go migrate all that stuff into the cloud, right? That's probably an experience nobody wants to repeat, and frankly for many of them, people who did it originally may or may not be involved in this kind of effort. So we work with a lot of companies like that, they have their, they want stability, they got to have the business running as normal, they got to get moving into the new infrastructure, doing it in a new way that, you know, with all the kind of lessons learned, so, as Sanjeev said, one of these big banks that we work with, that classical story of on-premise data warehousing, maybe a little bit of Hadoop, moved onto AWS, S3, Snowflake, that kind of setup, extremely intricate policies, but let's go reimagine how we can do this faster, right? What we like to talk about is, you're an organization, you need a design that, if you onboarded 1000 more data users, that's got to be way, way easier than the first 10 you onboarded, right? You got to get it to be easier over time, in a really, really significant way. >> Talk about the data authorization safety factor, because I can almost imagine all the intricacies of these different tools creates specialism amongst people who operate them. And each one might have their own little authorization nuance. Trend is not to have that siloed mentality. What's your take on clients that want to just "Hey, you know what? I want to have the maximum agility, but I don't want to get caught in the weeds on some of these tripwires around access and authorization." >> Yeah, absolutely, I think it's real important to get the balance of it, right? Because if you are an enterprise, or if you have diversive teams, you want them to have the ability to use tools as best of breed for their purpose, right? But you don't want to have it be so that every tool has its own access and provisioning and whatever, that's definitely going to be a security, or at least, a lot of friction for you to get things going. So we think about that really hard, I think we've seen great success with things like SSO and Okta, right? Unifying authentication. We think there's a very, very similar thing about to happen with authorization. You want that single control plane that can integrate with all the tools, and still get the best of what you need, but it's much, much easier (indistinct). >> Okta's a great example, if people don't want to build their own thing and just go with that, same with what you guys are doing. That seems to be the dots that are connecting you, Sanjeev. The ease of use, but yet the stability factor. >> Right. Yeah, because John, today I may want to bring up a SQL editor to go into Snowflake, just as an example. Tomorrow, I may want to use the Azure Bot, you know? I may not even want to go to Snowflake, I may want to go to an underlying piece of data, or I may use Power BI, you know, for some reason, and come from Azure side, so the point is that, unless we are able to control, in some sort of a centralized manner, we will not get that consistency. And security you know is all or nothing. You cannot say "Well, I secured my Snowflake, but if you come through HTFS, Hadoop, or some, you know, that is outside of my realm, or my scope," what's the point? So that is why it is really important to have a watertight way, in fact I'm using just a few examples, maybe tomorrow I decide to use a data catalog, or I use Denodo as my data virtualization and I run a query. I'm the same identity, but I'm using different tools. I may use it from home, over VPN, or I may use it from the office, so you want this kind of flexibility, all encompassed in a policy, rather than a separate rule if you do this and this, if you do that, because then you end up with literally thousands of rules. >> And it's never going to stop, either, it's like fashion, the next tool's going to come out, it's going to be cool, and people are going to want to use it, again, you don't want to have to then move the train from the compliance side this way or that way, it's a lot of hassle, right? So we have that one capability, you can bring on new things pretty quickly. Nong, am I getting it right, this is kind of like the trend, that you're going to see more and more tools and/or things that are relevant or, certain use cases that might justify it, but yet, AppSec review, compliance review, I mean, good luck with that, right? >> Yeah, absolutely, I mean we certainly expect tools to continue to get more and more diverse, and better, right? Most innovation in the data space, and I think we... This is a great time for that, a lot of things that need to happen, and so on and so forth. So I think one of the early goals of the company, when we were just brainstorming, is we don't want data teams to not be able to use the tools because it doesn't have the right security (indistinct), right? Often those tools may not be focused on that particular area. They're great at what they do, but we want to make sure they're enabled, they do some enterprise investments, they see broader adoption much easier. A lot of those things. >> And I can hear the sirens in the background, that's someone who's not using your platform, they need some help there. But that's the case, I mean if you don't get this right, there are some consequences, and I think one of the things I would like to bring up on next track is, to talk through with you guys is, the persona pigeonhole role, "Oh yeah, a data person, the developer, the DevOps, the SRE," you start to see now, developers and with cloud developers, and data folks, people, however they get pigeonholed, kind of blending in, okay? You got data services, you got analytics, you got data scientists, you got more democratization, all these things are being kicked around, but the notion of a developer now is a data developer, because cloud is about DevOps, data is now a big part of it, it's not just some department, it's actually blending in. Just a cultural shift, can you guys share your thoughts on this trend of data people versus developers now becoming kind of one, do you guys see this happening, and if so, how? >> So when, John, I started my career, I was a DBA, and then a data architect. Today, I think you cannot have a DBA who's not a developer. That's just my opinion. Because there is so much of CICD, DevOps, that happens today, and you know, you write your code in Python, you put it in version control, you deploy using Jenkins, you roll back if there's a problem. And then, you are interacting, you're building your data to be consumed as a service. People in the past, you would have a thick client that would connect to the database over TCP/IP. Today, people don't want to connect over TCP/IP necessarily, they want to go by HTTP. And they want an API gateway in the middle. So, if you're a data architect or DBA, now you have to worry about, "I have a REST API call that's coming in, how am I going to secure that, and make sure that people are allowed to see that?" And that was just yesterday. >> Exactly. Got to build an abstraction layer. You got to build an abstraction layer. The old days, you have to worry about schema, and do all that, it was hard work back then, but now, it's much different. You got serverless, functions are going to show way... It's happening. >> Correct, GraphQL, and semantic layer, that just blows me away because, it used to be, it was all in database, then we took it out of database and we put it in a BI tool. So we said, like BusinessObjects started this whole trend. So we're like "Let's put the semantic layer there," well okay, great, but that was when everything was surrounding BusinessObjects and Oracle Database, or some other database, but today what if somebody brings Power BI or Tableau or Qlik, you know? Now you don't have a semantic layer access. So you cannot have it in the BI layer, so you move it down to its own layer. So now you've got a semantic layer, then where do you store your metrics? Same story repeats, you have a metrics layer, then the data centers want to do feature engineering, where do you store your features? You have a feature store. And before you know, this stack has disaggregated over and over and over, and then you've got layers and layers of specialization that are happening, there's query accelerators like Dremio or Trino, so you've got your data here, which Nong is trying really hard to protect, and then you've got layers and layers and layers of abstraction, and networks are fast, so the end user gets great service, but it's a nightmare for architects to bring all these things together. >> How do you tame the complexity? What's the bottom line? >> Nong? >> Yeah, so, I think... So there's a few things you need to do, right? So, we need to re-think how we express security permanence, right? I think you guys have just maybe in passing (indistinct) talked about creating all these rules and all that kind of stuff, that's been the way we've done things forever. We get to think about policies and mechanisms that are much more dynamic, right? You need to really think about not having to do any additional work, for the new things you add to the system. That's really, really core to solving the complexity problem, right? 'Cause that gets you those orders of magnitude reduction, system's got to be more expressive and map to those policies. That's one. And then second, it's got to be implemented at the right layer, right, to Sanjeev's point, close to the data, and it can service all of those applications and use cases at the same time, and have that uniformity and breadth of support. So those two things have to happen. >> Love this universal data authorization vision that you guys have. Super impressive, we had a CUBE Conversation earlier with Nick Halsey, who's a veteran in the industry, and he likes it. That's a good sign, 'cause he's seen a lot of stuff, too, Sanjeev, like yourself. This is a new thing, you're seeing compliance being addressed, and with programmatic, I'm imagining there's going to be bots someday, very quickly with AI that's going to scale that up, so they kind of don't get in the innovation way, they can still get what they need, and enable innovation. You've got cloud migration, which is only going faster and faster. Nong, you mentioned speed, that's what CloudOps is all about, developers want speed, not things in days or hours, they want it in minutes and seconds. And then finally, ultimately, how's it scale up, how does it scale up for the people operating and/or programming? These are three major pieces. What happens next? Where do we go from here, what's, the customer's sitting there saying "I need help, I need trust, I need scale, I need security." >> So, I just wrote a blog, if I may diverge a bit, on data observability. And you know, so there are a lot of these little topics that are critical, DataOps is one of them, so to me data observability is really having a transparent view of, what is the state of your data in the pipeline, anywhere in the pipeline? So you know, when we talk to these large banks, these banks have like 1000, over 1000 data pipelines working every night, because they've got that hundred, 200 data sources from which they're bringing data in. Then they're doing all kinds of data integration, they have, you know, we talked about Python or Informatica, or whatever data integration, data transformation product you're using, so you're combining this data, writing it into an analytical data store, something's going to break. So, to me, data observability becomes a very critical thing, because it shows me something broke, walk me down the pipeline, so I know where it broke. Maybe the data drifted. And I know Okera does a lot of work in data drift, you know? So this is... Nong, jump in any time, because I know we have use cases for that. >> Nong, before you get in there, I just want to highlight a quick point. I think you're onto something there, Sanjeev, because we've been reporting, and we believe, that data workflows is intellectual property. And has to be protected. Nong, go ahead, your thoughts, go ahead. >> Yeah, I mean, the observability thing is critically important. I would say when you want to think about what's next, I think it's really effectively bridging tools and processes and systems and teams that are focused on data production, with the data analysts, data scientists, that are focused on data consumption, right? I think bridging those two, which cover a lot of the topics we talked about, that's kind of where security almost meets, that's kind of where you got to draw it. I think for observability and pipelines and data movement, understanding that is essential. And I think broadly, on all of these topics, where all of us can be better, is if we're able to close the loop, get the feedback loop of success. So data drift is an example of the loop rarely being closed. It drifts upstream, and downstream users can take forever to figure out what's going on. And we'll have similar examples related to buy-ins, or data quality, all those kind of things, so I think that's really a problem that a lot of us should think about. How do we make sure that loop is closed as quickly as possible? >> Great insight. Quick aside, as the founder CTO, how's life going for you, you feel good? I mean, you started a company, doing great, it's not drifting, it's right in the stream, mainstream, right in the wheelhouse of where the trends are, you guys have a really crosshairs on the real issues, how you feeling, tell us a little bit about how you see the vision. >> Yeah, I obviously feel really good, I mean we started the company a little over five years ago, there are kind of a few things that we bet would happen, and I think those things were out of our control, I don't think we would've predicted GDPR security and those kind of things being as prominent as they are. Those things have really matured, probably as best as we could've hoped, so that feels awesome. Yeah, (indistinct) really expanded in these years, and it feels good. Feels like we're in the right spot. >> Yeah, it's great, data's competitive advantage, and certainly has a lot of issues. It could be a blocker if not done properly, and you're doing great work. Congratulations on your company. Sanjeev, thanks for kind of being my cohost in this segment, great to have you on, been following your work, and you continue to unpack it at your new place that you started. SanjMo, good to see your Twitter handle taking on the name of your new firm, congratulations. Thanks for coming on. >> Thank you so much, such a pleasure. >> Appreciate it. Okay, I'm John Furrier with theCUBE, you're watching today's session presentation of AWS Startup Showcase, featuring Okera, a hot startup, check 'em out, great solution, with a really great concept. Thanks for watching. (calm music)

(upbeat music) >> Hello and welcome today's session of the cube presentation of the 80 best startup showcase. The next big thing in security featuring Anitian for the security track. I'm your host John Furrier. We're here with the CEO of Anitian, Rakesh Narasimhan, and Aditya Muppavarapu global segment leader of Dev ops for 80 minutes partner network, Rakesh, Aditya, Thanks for coming on. Appreciate it. >> Thank you very much, John. Pleasure is mine. >> So this is the track session. We're going to get into the, the into the details on the leadership of digital transformation and dev sec ops automation, cloud security and compliance. So let's get started. But first Rakesh, we last talked you guys had some awards, RSA conference, 2021, virtual. You guys got some serious awards. Give us the update. >> Yeah, thank you very much, John. Yeah, we were, you know, humbled to be recognized. You know, industry recognition is always a great thing. We deliver value for customers and the industry is recognizing it. So at the RSA conference, we got seven different awards you know, very excited that we were chosen for, you know publishers choice and security company of the year editor's choice and blood security and heart company in cloud security automation. So really thrilled about the recognition thanks. >> Awesome. Seven awards. I mean, RSA is obviously a show that's in transition itself. They're transforming no longer part of Dell technologies now kind of on their own kind of speaks to the wave we're in. So congratulations on the success. They're hot startup here in security track. Give us a quick overview what you guys are enabling because this transformation is everywhere. It's in every sector, it's in every vertical dev sec ops shifting left, you know day two operations get ops. All. This is all talking to one thing, developer, productivity programmable infrastructure with security. Rakesh give us a quick overview of >> Yeah. Exactly. Right. John, I think there's a big shift happening obviously to the cloud and, you know, affects every one of our lives in productivity in enterprise applications, consumers you name it. There's a huge change happening, but central to that theme is security. And so it's one of the areas we focus on Anitian is the fastest way for both existing and new applications to be developed in the cloud. And so we make sure that you can get there fastest time to value and time to revenue pretty quickly by providing the best secure and compliance environment for you. That's really the core of what we do as a company. And we look forward to helping all of our customers and the industry >> Aditya you're a global segment lead at AWS partner network. You seeing on successful companies, you've got a winner here, obviously a success story. I want to get your take on this because this is a trend in cloud native scale, you know, heart, you know horizontally scalable, large scale, but shifting left, okay. Get ops big topics where code is being inspected in real time. People want automation. So I've got to ask you, what does shift left mean to to being out there and this in the security world? What does that mean? >> So, instead of applying your security and compliance guard rails only in production, we also need to apply them across your application development and delivery cycles. Instead of having one gate that becomes a bottleneck we should have multiple checkpoints at various stages. This provides a fast feedback for the developers while they're still in the context of developing that feature. So it's easier and less expensive fix the issues and what it is not is this doesn't mean you move all your focus to dev and ignore production. It also doesn't mean developers are now responsible for security and you can get rid of your security teams. We needed a process and a mechanism in place to leverage the expertise off the security teams and offer their services to the developers very early on in the development cycles, thereby enabling and empowering developers to write secure and compliant code >> I mean, to me not to put my old school hat on, but it's, you know I think to me, I view it as security at the point of coding right at the point of, I don't want to say point of sale but the point of writing the code and the old days it used to be like a patches and getting updates and provisioned into, into production. Same that kind of concept. But as a developer, that's kind of the focus is getting the latest knowledge either through tools and technologies to make it easier for me as a developer to inject at the point of code. Is that right? >> That's right. Yeah. >> So what makes Anitian so different and what's successful within AWS? That's, what's the why the success there? Can you share with us why they're so unique in AWS? >> So I think the biggest case for that is really you know, security, oftentimes security is thought of as an impediment sometimes actually believe it or not. So the configuration, the management, the deployment all of that, you got to be able to do and you got to be able to do that at scale. The great thing about the cloud at is scale and a big portion of that is automation. So what we at Anitian have done is taken that lifecycle of taking, you know applications on a variety of states. If you will, if you're trying to get to production you're trying to do one of two things. You're either you're trying to get into a compliance standard, like Fed Ramp you want a very predictable process, or you're just trying to get an application secure pretty quickly. So how can you do either one of those things becomes the challenge and we help you do that by having a pre-engineered environment where configuration defining deployment all that becomes very consistent and very predictable which means we've automated it in a way that it can scale. You can sort of almost have this regularly happening and not just one application with multiple applications for any company. That is, I think the biggest obstacle that has happened for a lot of folks in the enterprise for sure, to try to get to production and keep that cycle going continuously. And we help with that in a big way. That's one of the reasons why we're having a lot of adoption customers working with partners of course and getting industry recognition for it. >> Yeah. I mean, this is one of the benefits of cloud. I want to get you guys both reaction to this, where as things get going, it's kind of like that, you're you you got to take advantage. You can take advantage of all these solutions. So how many of his customer, I want to look for solutions that help me move the ball forward, not backwards right? So, or help me move the ball forward without building anything that I don't need or that's already been built. So here it sounds like if I get this right Anitian is saying, Hey if you're an Amazon customer I can accelerate you with Fed Ramp compliance. So you don't have to spend all these cycle times getting ready or hiring or operationalizing it is that right? I mean, is that the value proposition? >> They're very accurate, John. So what happens is, you know, we're working with Amazon web services, who's really innovated quite a bit in building all the building blocks, if you will. And so, you know, we're standing on the shoulders of giants if you will, to basically get the max level of automation and acceleration happen. So that just like customers have gotten used to not having to buy servers, but guide, compute and storage. If you will, now they're able to secure and also become compliant with the services that we offer. That level of acceleration I think is needed. If you believe that there's going to be a lot more cloud applications, lot more cloud. If you're going to achieve scale, you've got to automate. And if you want to automate, but secure as well you need a mechanism to doing that. That's really where Anitian comes in, if you will. >> Yeah. And I think Fedramp to me is just a great low hanging fruit example because everyone wants to get into the public sector market. They know how hard it is. Kind of like, you know, we want to do it, but stand in line we've got to get some resources. I'm not kind of get that. But the question I want to get to you Rakesh and Aditya is the bigger picture, which is, as you said more cloud applications are coming. So customers in the enterprise have, have or are building fast dev ops teams accelerate the security paradigm. How do you help those, those folks? Because that's really kind of where the action's going. The puck is going to go there too. Right? So beyond Fed Ramp there's other things >> Right? So I think, I think the way we approached it is really, there's like at least two different sets of customers, right? In the federal market itself. You just think about a commercial SAS companies who are trying to enter the, the, the, the the public sector market. Well, you need to clear a standard like Fed Ramp. So we're the fastest way to not just complete it but be able to start selling and producing revenue. That'd be market per using that functionality. If you will, to that market. Similarly, there's a lot of public sector organizations who are trying to move to the cloud because they have traditionally developed applications and architectures based on what they've done over the last 20 plus years. Well guess what, they're also trying to migrate. So how do you help both commercial companies as well as public sector companies transition, if you will to the cloud in a secure way, but also meeting a public standard. We're helping both those organizations to do that migration and that journey if you will, but it's premised on with pre-engineered it, it's the fastest way for you to get there for you to be able to provide your capability and functionality to the larger marketplace. That's one of the main reasons why I think the productivity jump is enormously high because that's how you get to larger marketplace, if you will, to serve that market >> Aditya. So they have to change your title from global segment leader, dev ops to dev sec ops 80 of his partner network here with this solution in a way it's kind of becoming standard. >> Yeah. Security is getting him embedded into all of your development and delivery life cycle. So that dev sec Ops is becoming more and more critical with customers migrating to the cloud and modernizing their applications. >> How much has automation playing into this? Because one of the things we're talking about fueling digital transformation is the automation component of the security piece here Rakesh How important is automation and what how do you set yourself up for that to be successful? >> That's big question. I think that the big key to that is automation. I think automation is there in general in the cloud space. People expect it, frankly. But I think that the key thing what we have done is pre-integrated not just our platform but a variety of the partner ecosystem are on AWS. And so when a customer is looking forward to taking an application and going to the cloud they're not just getting functionality from us and AWS but also a lot of partner functionality around it so that they don't have to build it. Remember this discussion we had earlier about how do you jumpstart that? Well, it's, it's, it's really, instead of them having the best of breed assemble we've pre done it for them, which means it's predictable, it's consistent it's configured correctly. They can rely on it. That allows us to be able to help them move faster which means they can go serve larger markets and obviously make money around it. >> Rakesh, I got to follow up on that and ask you specifically around this business model. Obviously cloud has become great service. Everyone kind of knows that and then kind of sees the edge coming next and all these other issues that are going to provide more opportunities. But I got to ask you for your company what industries and business models are you disrupting? >> Yeah, I think primarily to we're a classic example of software eating the world, right? Primarily what happens is most of the folks that certainly in the compliance arena are really trying to figure out how to do it themselves, right? And then that's primarily the group of people who are sort of trying to figure that out. And then there's a class of who do consulting who are trying to consult with you and what you should do. And we have taken a very software oriented approach built on Amazon that we will not only help you fast forward that but also, you know, get you compliant but also keep you compliant because it's a cycle much like in other industries you've seen there used to be a time when people that email and they used to run email servers and ran the email servers and backups and things of that nature that transitioned over time where people procure that service from somebody else. And it's still a secure, it's still a scalable and they can rely on that service without having to be in that business if you will. So we see us disrupting the consulting and do it yourself world to actually providing a dependable service out there that you can rely on for security and compliance. >> Awesome. Aditya, I got to ask you on the Amazon side obviously you see a lot of it there. What are some of the challenges that you see with security? >> One of the main challenges I see that is that the landscape itself is rapidly changing. As customers are migrating to the cloud and modernizing what used to be a simple monolithic application running on a server and a office or a data center is now distributed hybrid and spans across development practices like microservices managed services, packaged applications, et cetera and also in the infrastructure platform choices have dramatically increased to from on-prem to call data centers, to edge computing, IOT VMs containers, serverless a lot more options. All these leads to more complexity and it increased the number of threat vectors exponentially though this advancement was great from a usability perspective. It now created a whole slew of challenges. This, this is complex. It's very hard to keep up. It's not something you set and forget. One needs to make sure you have the right guardrails in place to make sure you're continuously compliant with with your own policies are also with regulatory compliance frameworks that are needed for your business. Like GDPR, PCI, DSS, Nast, HIPAA Sox, Fed Ramp, et cetera >> For Rakesh. We're specifically on the dev ops efficiency with Amazon. What do you guys, what's your top few value proposition points? You say >> Biggest value proposition honestly is keeping and maintaining security while you're in compliance at scale with speed. I think those are big issues for companies. Like if you, if you're a company you're trying to be in the cloud, you want to enter the federal market. For example, you got to get that quickly. So what could take a lot of money? 18 - 24 months, our prawn malleable we've just completely automated back. And so within a quarter, depending on quickly the two organizations can work. We can get you into the marketplace. That that speed is of enormous value to companies. But also to remember that as Aditya pointed out there's a lot of complexity in the kind of architecture that is evolved but we have to feel like people like in the issue of what we can help customers would is as much as you take advantage of all the cloud style architecture providing the simplicity of providing security consistently and providing compliance consistently quickly. I think there'll always be a value for that because people are always trying to get faster and cheaper quicker. And I think we're able to do that. But remember, security is not just about fast. It's got to be secure, right? We got to be effective, not just efficient but I think that's a big value prop that we're able to bring to the table on AWS. >> Well I want to go, I got you here. I'll see what showcasing you guys as the hot startup who is your customer on Amazon? I'll see, you have customers that sell in marketplace for fedramp. That's a huge, that's the people who are in business to sell software but also other enterprises as well. Right? So could you just quickly break down your customers? And then when do they know it's time to call a Anitian? >> Yeah, so we have two large groups of customers. If you will. Certainly the commercial segment, as well as in the public sector and the commercial side, you have lots of companies in the cyber security enterprise collaboration as a little robotic process automation, all those categories of companies in the commercial environment they're trying to enter the public sector federal market to go sell their services. Well, you have to get compliant. We are the fastest path to get you there time to value type of revenue we can accomplish for you. That's a group of customers we, we have in market. And then we have the other side, which is a lot of government agencies who are themselves trying to migrate to the cloud. So if you're trying to get your applications for sure once on hybrid or on-premise, and you're trying to go to the AWS cloud, well, we're a great way for you to have a pre-engineered environment into which you can move in. So not only are you secure it's, pre-built, it can scale to the cloud that you're in front of migrate to. So we have both those particular sites if you will, of the marketplace. And then in market, we have lots of agencies, big and small and the government side, but also all these categories in the commercial side that I mentioned >> For Rakesh, Anitian's helping a lot of companies sell them to the public sector market. How big is the public sector federal market >> Right? Yeah. Billions of dollars. More than $250 billion is what people say but it's a very large market, but, but remember it's any any commercial SAS company who's trying to go into that federal market is a target market. We can help that customer get in into that market. >> And just real quick, their choice alternative to not working with the Anitian is what? months the pain. And what's the heavy lift as Andy Jassy would say the heavy lifting, undifferentiated lifting a lot of paperwork, a lot of hoops to jump through. Good. Can you just paint a picture of the paths with, and without >> There's three key areas that I think customers or, you know companies have to do, A. they have to understand the standard B. They have to really figure out the technology the integration, the partners, and the platform itself. It's a lift to basically get all of that together and then actually produce the documentation produce all the configuration and in a repeatable way. And that's just to get one application up there. Well, guess what? Not only do you need to get that up there you need to keep that compliant. And then our future standards come in. You need to go upgrade to that. So the best way for me to describe that is either you you come to the Anitian and we make that age just a service that is subscribed to to keep you compliant and grow or you can try to build it yourself, or you try to go get consulting companies to tell you what to do. You still have to do the work. So those are your sort of choices, if you will, which is one of the reasons why we're enjoying the growth we are because we're making it easy and productive for for companies to get there faster. >> Aditya, I want to get to you real quick. Obviously AWS partnering, they're also known as APN. You guys see some of the best hot startups. They all kind of have the same pattern like this. They do something that's hard. They make it easier. They go faster, more. Cost-effective what's the pattern in this cloud-scale world as startups. We're going to be featuring, you know, every as much as we can hot startups coming out of your network, there's a pattern here. What would you say? They are? Well as the DevOps obviously cloud native, besides iterate, move faster. What's the pattern you're seeing for the successful companies. >> It's like, like Andy's says, it's figuring out how to continuously reinvent yourself is the key to stay successful in this market. >> Awesome. For Rakesh, real big success. Congratulations on your awards. I got to ask you, we're asking all the, all the companies this question, what is your defining contribution to the future of cloud scale? >> Great question. I think when I think about what can be accomplished in the future, not just in the past, I think cloud is a huge phenomenon that has completely up-ended the architecture for all sorts of things commercial government, you know, consumer and enterprise. If you will, I would think we would be humbly the people who will ensure that lots of B2B companies and government organizations are able to move to the cloud and are able to be secure and compliant because I believe that there'll be more and more of that happening in the cloud. And the more that is available, just like the commercial world is takes advantage of all those features. I feel like public government organizations also can accomplish the same things very quickly because of folks like us, which means you have a larger segment of population that you can support. That's only going to make the planet more successful. I'm a big optimist when it comes to tech. I know there's a lot of folks who would look down upon tech or I'll think about it as not great. I'm a very big optimist around tech improving people's lives. And I think we have our own humble role in enabling that to happen in the security and compliance >> Well, anything, in my opinion I'm really a big fan of your work and your team. Anything that could bring great innovation into the public sector faster and more effective as good win for society. So I think it's a great mission. Thanks for, for sharing and congratulations on your awards and thanks for being part of our 80 best startup showcase. Appreciate it Rakesh thank you >> Thank you. >> Okay. This is the cube coverage of 80 startup showcase. I'm John for your host of the cube. This is the next big thing in security Anitian in the security track. Thanks for watching. (Up beat music)