(light music) >> Hi everybody. Welcome to this Cube Conversation. I'm really pleased to announce a collaboration with Rob Strechay. He's a guest cube analyst, and we'll be working together to extract the signal from the noise. Rob is a long-time product pro, working at a number of firms including AWS, HP, HPE, NetApp, Snowplow. I did a stint as an analyst at Enterprise Strategy Group. Rob, good to see you. Thanks for coming into our Marlboro Studios. >> Well, thank you for having me. It's always great to be here. >> I'm really excited about working with you. We've known each other for a long time. You've been in the Cube a bunch. You know, you're in between gigs, and I think we can have a lot of fun together. Covering events, covering trends. So. let's get into it. What's happening out there? We're sort of exited the isolation economy. Things were booming. Now, everybody's tapping the brakes. From your standpoint, what are you seeing out there? >> Yeah. I'm seeing that people are really looking how to get more out of their data. How they're bringing things together, how they're looking at the costs of Cloud, and understanding how are they building out their SaaS applications. And understanding that when they go in and actually start to use Cloud, it's not only just using the base services anymore. They're looking at, how do I use these platforms as a service? Some are easier than others, and they're trying to understand, how do I get more value out of that relationship with the Cloud? They're also consolidating the number of Clouds that they have, I would say to try to better optimize their spend, and getting better pricing for that matter. >> Are you seeing people unhook Clouds, or just reduce maybe certain Cloud activities and going maybe instead of 60/40 going 90/10? >> Correct. It's more like the 90/10 type of rule where they're starting to say, Hey I'm not going to get rid of Azure or AWS or Google. I'm going to move a portion of this over that I was using on this one service. Maybe I got a great two-year contract to start with on this platform as a service or a database as a service. I'm going to unhook from that and maybe go with an independent. Maybe with something like a Snowflake or a Databricks on top of another Cloud, so that I can consolidate down. But it also gives them more flexibility as well. >> In our last breaking analysis, Rob, we identified six factors that were reducing Cloud consumption. There were factors and customer tactics. And I want to get your take on this. So, some of the factors really, you got fewer mortgage originations. FinTech, obviously big Cloud user. Crypto, not as much activity there. Lower ad spending means less Cloud. And then one of 'em, which you kind of disagreed with was less, less analytics, you know, fewer... Less frequency of calculations. I'll come back to that. But then optimizing compute using Graviton or AMD instances moving to cheaper storage tiers. That of course makes sense. And then optimize pricing plans. Maybe going from On Demand, you know, to, you know, instead of pay by the drink, buy in volume. Okay. So, first of all, do those make sense to you with the exception? We'll come back and talk about the analytics piece. Is that what you're seeing from customers? >> Yeah, I think so. I think that was pretty much dead on with what I'm seeing from customers and the ones that I go out and talk to. A lot of times they're trying to really monetize their, you know, understand how their business utilizes these Clouds. And, where their spend is going in those Clouds. Can they use, you know, lower tiers of storage? Do they really need the best processors? Do they need to be using Intel or can they get away with AMD or Graviton 2 or 3? Or do they need to move in? And, I think when you look at all of these Clouds, they always have pricing curves that are arcs from the newest to the oldest stuff. And you can play games with that. And understanding how you can actually lower your costs by looking at maybe some of the older generation. Maybe your application was written 10 years ago. You don't necessarily have to be on the best, newest processor for that application per se. >> So last, I want to come back to this whole analytics piece. Last June, I think it was June, Dev Ittycheria, who's the-- I call him Dev. Spelled Dev, pronounced Dave. (chuckles softly) Same pronunciation, different spelling. Dev Ittycheria, CEO of Mongo, on the earnings call. He was getting, you know, hit. Things were starting to get a little less visible in terms of, you know, the outlook. And people were pushing him like... Because you're in the Cloud, is it easier to dial down? And he said, because we're the document database, we support transaction applications. We're less discretionary than say, analytics. Well on the Snowflake earnings call, that same month or the month after, they were all over Slootman and Scarpelli. Oh, the Mongo CEO said that they're less discretionary than analytics. And Snowflake was an interesting comment. They basically said, look, we're the Cloud. You can dial it up, you can dial it down, but the area under the curve over a period of time is going to be the same, because they get their customers to commit. What do you say? You disagreed with the notion that people are running their calculations less frequently. Is that because they're trying to do a better job of targeting customers in near real time? What are you seeing out there? >> Yeah, I think they're moving away from using people and more expensive marketing. Or, they're trying to figure out what's my Google ad spend, what's my Meta ad spend? And what they're trying to do is optimize that spend. So, what is the return on advertising, or the ROAS as they would say. And what they're looking to do is understand, okay, I have to collect these analytics that better understand where are these people coming from? How do they get to my site, to my store, to my whatever? And when they're using it, how do they they better move through that? What you're also seeing is that analytics is not only just for kind of the retail or financial services or things like that, but then they're also, you know, using that to make offers in those categories. When you move back to more, you know, take other companies that are building products and SaaS delivered products. They may actually go and use this analytics for making the product better. And one of the big reasons for that is maybe they're dialing back how many product managers they have. And they're looking to be more data driven about how they actually go and build the product out or enhance the product. So maybe they're, you know, an online video service and they want to understand why people are either using or not using the whiteboard inside the product. And they're collecting a lot of that product analytics in a big way so that they can go through that. And they're doing it in a constant manner. This first party type tracking within applications is growing rapidly by customers. >> So, let's talk about who wins in that. So, obviously the Cloud guys, AWS, Google and Azure. I want to come back and unpack that a little bit. Databricks and Snowflake, we reported on our last breaking analysis, it kind of on a collision course. You know, a couple years ago we were thinking, okay, AWS, Snowflake and Databricks, like perfect sandwich. And then of course they started to become more competitive. My sense is they still, you know, compliment each other in the field, right? But, you know, publicly, they've got bigger aspirations, they get big TAMs that they're going after. But it's interesting, the data shows that-- So, Snowflake was off the charts in terms of spending momentum and our EPR surveys. Our partner down in New York, they kind of came into line. They're both growing in terms of market presence. Databricks couldn't get to IPO. So, we don't have as much, you know, visibility on their financials. You know, Snowflake obviously highly transparent cause they're a public company. And then you got AWS, Google and Azure. And it seems like AWS appears to be more partner friendly. Microsoft, you know, depends on what market you're in. And Google wants to sell BigQuery. >> Yeah. >> So, what are you seeing in the public Cloud from a data platform perspective? >> Yeah. I think that was pretty astute in what you were talking about there, because I think of the three, Google is definitely I think a little bit behind in how they go to market with their partners. Azure's done a fantastic job of partnering with these companies to understand and even though they may have Synapse as their go-to and where they want people to go to do AI and ML. What they're looking at is, Hey, we're going to also be friendly with Snowflake. We're also going to be friendly with a Databricks. And I think that, Amazon has always been there because that's where the market has been for these developers. So, many, like Databricks' and the Snowflake's have gone there first because, you know, Databricks' case, they built out on top of S3 first. And going and using somebody's object layer other than AWS, was not as simple as you would think it would be. Moving between those. >> So, one of the financial meetups I said meetup, but the... It was either the CEO or the CFO. It was either Slootman or Scarpelli talking at, I don't know, Merrill Lynch or one of the other financial conferences said, I think it was probably their Q3 call. Snowflake said 80% of our business goes through Amazon. And he said to this audience, the next day we got a call from Microsoft. Hey, we got to do more. And, we know just from reading the financial statements that Snowflake is getting concessions from Amazon, they're buying in volume, they're renegotiating their contracts. Amazon gets it. You know, lower the price, people buy more. Long term, we're all going to make more money. Microsoft obviously wants to get into that game with Snowflake. They understand the momentum. They said Google, not so much. And I've had customers tell me that they wanted to use Google's AI with Snowflake, but they can't, they got to go to to BigQuery. So, honestly, I haven't like vetted that so. But, I think it's true. But nonetheless, it seems like Google's a little less friendly with the data platform providers. What do you think? >> Yeah, I would say so. I think this is a place that Google looks and wants to own. Is that now, are they doing the right things long term? I mean again, you know, you look at Google Analytics being you know, basically outlawed in five countries in the EU because of GDPR concerns, and compliance and governance of data. And I think people are looking at Google and BigQuery in general and saying, is it the best place for me to go? Is it going to be in the right places where I need it? Still, it's still one of the largest used databases out there just because it underpins a number of the Google services. So you almost get, like you were saying, forced into BigQuery sometimes, if you want to use the tech on top. >> You do strategy. >> Yeah. >> Right? You do strategy, you do messaging. Is it the right call by Google? I mean, it's not a-- I criticize Google sometimes. But, I'm not sure it's the wrong call to say, Hey, this is our ace in the hole. >> Yeah. >> We got to get people into BigQuery. Cause, first of all, BigQuery is a solid product. I mean it's Cloud native and it's, you know, by all, it gets high marks. So, why give the competition an advantage? Let's try to force people essentially into what is we think a great product and it is a great product. The flip side of that is, they're giving up some potential partner TAM and not treating the ecosystem as well as one of their major competitors. What do you do if you're in that position? >> Yeah, I think that that's a fantastic question. And the question I pose back to the companies I've worked with and worked for is, are you really looking to have vendor lock-in as your key differentiator to your service? And I think when you start to look at these companies that are moving away from BigQuery, moving to even, Databricks on top of GCS in Google, they're looking to say, okay, I can go there if I have to evacuate from GCP and go to another Cloud, I can stay on Databricks as a platform, for instance. So I think it's, people are looking at what platform as a service, database as a service they go and use. Because from a strategic perspective, they don't want that vendor locking. >> That's where Supercloud becomes interesting, right? Because, if I can run on Snowflake or Databricks, you know, across Clouds. Even Oracle, you know, they're getting into business with Microsoft. Let's talk about some of the Cloud players. So, the big three have reported. >> Right. >> We saw AWSs Cloud growth decelerated down to 20%, which is I think the lowest growth rate since they started to disclose public numbers. And they said they exited, sorry, they said January they grew at 15%. >> Yeah. >> Year on year. Now, they had some pretty tough compares. But nonetheless, 15%, wow. Azure, kind of mid thirties, and then Google, we had kind of low thirties. But, well behind in terms of size. And Google's losing probably almost $3 billion annually. But, that's not necessarily a bad thing by advocating and investing. What's happening with the Cloud? Is AWS just running into the law, large numbers? Do you think we can actually see a re-acceleration like we have in the past with AWS Cloud? Azure, we predicted is going to be 75% of AWS IAS revenues. You know, we try to estimate IAS. >> Yeah. >> Even though they don't share that with us. That's a huge milestone. You'd think-- There's some people who have, I think, Bob Evans predicted a while ago that Microsoft would surpass AWS in terms of size. You know, what do you think? >> Yeah, I think that Azure's going to keep to-- Keep growing at a pretty good clip. I think that for Azure, they still have really great account control, even though people like to hate Microsoft. The Microsoft sellers that are out there making those companies successful day after day have really done a good job of being in those accounts and helping people. I was recently over in the UK. And the UK market between AWS and Azure is pretty amazing, how much Azure there is. And it's growing within Europe in general. In the states, it's, you know, I think it's growing well. I think it's still growing, probably not as fast as it is outside the U.S. But, you go down to someplace like Australia, it's also Azure. You hear about Azure all the time. >> Why? Is that just because of the Microsoft's software state? It's just so convenient. >> I think it has to do with, you know, and you can go with the reasoning they don't break out, you know, Office 365 and all of that out of their numbers is because they have-- They're in all of these accounts because the office suite is so pervasive in there. So, they always have reasons to go back in and, oh by the way, you're on these old SQL licenses. Let us move you up here and we'll be able to-- We'll support you on the old version, you know, with security and all of these things. And be able to move you forward. So, they have a lot of, I guess you could say, levers to stay in those accounts and be interesting. At least as part of the Cloud estate. I think Amazon, you know, is hitting, you know, the large number. Laws of large numbers. But I think that they're also going through, and I think this was seen in the layoffs that they were making, that they're looking to understand and have profitability in more of those services that they have. You know, over 350 odd services that they have. And you know, as somebody who went there and helped to start yet a new one, while I was there. And finally, it went to beta back in September, you start to look at the fact that, that number of services, people, their own sellers don't even know all of their services. It's impossible to comprehend and sell that many things. So, I think what they're going through is really looking to rationalize a lot of what they're doing from a services perspective going forward. They're looking to focus on more profitable services and bringing those in. Because right now it's built like a layer cake where you have, you know, S3 EBS and EC2 on the bottom of the layer cake. And then maybe you have, you're using IAM, the authorization and authentication in there and you have all these different services. And then they call it EMR on top. And so, EMR has to pay for that entire layer cake just to go and compete against somebody like Mongo or something like that. So, you start to unwind the costs of that. Whereas Azure, went and they build basically ground up services for the most part. And Google kind of falls somewhere in between in how they build their-- They're a sort of layer cake type effect, but not as many layers I guess you could say. >> I feel like, you know, Amazon's trying to be a platform for the ecosystem. Yes, they have their own products and they're going to sell. And that's going to drive their profitability cause they don't have to split the pie. But, they're taking a piece of-- They're spinning the meter, as Ziyas Caravalo likes to say on every time Snowflake or Databricks or Mongo or Atlas is, you know, running on their system. They take a piece of the action. Now, Microsoft does that as well. But, you look at Microsoft and security, head-to-head competitors, for example, with a CrowdStrike or an Okta in identity. Whereas, it seems like at least for now, AWS is a more friendly place for the ecosystem. At the same time, you do a lot of business in Microsoft. >> Yeah. And I think that a lot of companies have always feared that Amazon would just throw, you know, bodies at it. And I think that people have come to the realization that a two pizza team, as Amazon would call it, is eight people. I think that's, you know, two slices per person. I'm a little bit fat, so I don't know if that's enough. But, you start to look at it and go, okay, if they're going to start out with eight engineers, if I'm a startup and they're part of my ecosystem, do I really fear them or should I really embrace them and try to partner closer with them? And I think the smart people and the smart companies are partnering with them because they're realizing, Amazon, unless they can see it to, you know, a hundred million, $500 million market, they're not going to throw eight to 16 people at a problem. I think when, you know, you could say, you could look at the elastic with OpenSearch and what they did there. And the licensing terms and the battle they went through. But they knew that Elastic had a huge market. Also, you had a number of ecosystem companies building on top of now OpenSearch, that are now domain on top of Amazon as well. So, I think Amazon's being pretty strategic in how they're doing it. I think some of the-- It'll be interesting. I think this year is a payout year for the cuts that they're making to some of the services internally to kind of, you know, how do we take the fat off some of those services that-- You know, you look at Alexa. I don't know how much revenue Alexa really generates for them. But it's a means to an end for a number of different other services and partners. >> What do you make of this ChatGPT? I mean, Microsoft obviously is playing that card. You want to, you want ChatGPT in the Cloud, come to Azure. Seems like AWS has to respond. And we know Google is, you know, sharpening its knives to come up with its response. >> Yeah, I mean Google just went and talked about Bard for the first time this week and they're in private preview or I guess they call it beta, but. Right at the moment to select, select AI users, which I have no idea what that means. But that's a very interesting way that they're marketing it out there. But, I think that Amazon will have to respond. I think they'll be more measured than say, what Google's doing with Bard and just throwing it out there to, hey, we're going into beta now. I think they'll look at it and see where do we go and how do we actually integrate this in? Because they do have a lot of components of AI and ML underneath the hood that other services use. And I think that, you know, they've learned from that. And I think that they've already done a good job. Especially for media and entertainment when you start to look at some of the ways that they use it for helping do graphics and helping to do drones. I think part of their buy of iRobot was the fact that iRobot was a big user of RoboMaker, which is using different models to train those robots to go around objects and things like that, so. >> Quick touch on Kubernetes, the whole DevOps World we just covered. The Cloud Native Foundation Security, CNCF. The security conference up in Seattle last week. First time they spun that out kind of like reinforced, you know, AWS spins out, reinforced from reinvent. Amsterdam's coming up soon, the CubeCon. What should we expect? What's hot in Cubeland? >> Yeah, I think, you know, Kubes, you're going to be looking at how OpenShift keeps growing and I think to that respect you get to see the momentum with people like Red Hat. You see others coming up and realizing how OpenShift has gone to market as being, like you were saying, partnering with those Clouds and really making it simple. I think the simplicity and the manageability of Kubernetes is going to be at the forefront. I think a lot of the investment is still going into, how do I bring observability and DevOps and AIOps and MLOps all together. And I think that's going to be a big place where people are going to be looking to see what comes out of CubeCon in Amsterdam. I think it's that manageability ease of use. >> Well Rob, I look forward to working with you on behalf of the whole Cube team. We're going to do more of these and go out to some shows extract the signal from the noise. Really appreciate you coming into our studio. >> Well, thank you for having me on. Really appreciate it. >> You're really welcome. All right, keep it right there, or thanks for watching. This is Dave Vellante for the Cube. And we'll see you next time. (light music)

(lively music) >> Good afternoon and welcome back to beautiful Las Vegas, Nevada, where we're here live from the show floor, all four days of AWS re:Invent. I'm Savannah Peterson, joined with my co-host Dave Vellante. Dave, how you doing? >> Good. Beautiful and chilly Las Vegas. Can't wait to get back to New England where it's warm. >> Balmy, New England this time of year in December. Wow, Dave, that's a bold statement. I am super excited about the conversation that we're going to be having next. And, you know, I'm not even going to tee it up. I just want to bring Dilip on. Dilip, thank you so much for being here. How you doing? >> Savannah, Dave, thank you so much. >> Hey, Dilip. >> Excited to be here. >> It's joy to have you. So, you have been working at Amazon for about 20 years. >> Almost. Almost. >> Yes. >> Feels like 20, 19 1/2. >> Which is very exciting. You've had a lot of roles. I'm going to touch on some of them, but you just came over to AWS from the physical retail side. Talk to me about that. >> Yup, so I've been to Amazon for 19 1/2 years. Done pricing, supply chain. I was Jeff Bezos technical advisor for a couple years. >> Casual name drop. >> Casual name drop. >> Savannah: But a couple people here for that name before. >> Humble brag, hashtag. And then I, for the last several years, I was leading our physical retail initiatives. We just walk out Amazon One, bringing convenience to physical spaces. And then in August, with like as those things were getting a lot of traction and we were selling to third parties, we felt that it would be better suited in AWS. And, but along with that, there was also another trend that's been brewing, which is, you know, companies have loved building on AWS. They love the infrastructure services, but increasingly, they're also asking us to build applications that are higher up in the stack. Solving key, turnkey business problems. Just walk out Amazon One or examples of that, Amazon Connect. We just recently announced supply chain, so now there's a bevy interesting services all coming together, higher up in the stack for customers. So it's an exciting time. >> It was interesting that you're able to, you know, transfer from that retail. I mean, normally, in historically, if you're within an industry, retail, manufacturing, automotive whatever. You were kind as locked in a little bit. >> Dilip: Siloed a little bit. Yeah, yeah, yeah. >> Because they had their own, your own value chain. And I guess, data has changed that maybe, that you can traverse now. >> Yeah, if you think about the things that we did, even when we were in retail, the tenants was less about the industries and more about how can we bring convenience to physical spaces? The fact that you don't like to wait in line is no more like likely, you know, five years from now than it is today. So, it's a very durable tenant, but it's equally applicable whether you're in a grocery store, a convenience store, a stadium, an airport. So it actually transcends any, and like supply chain, think of supply chain. Supply chain isn't, you know, targeted to any one particular industry. It has broad applicability. So these things are very, you know, horizontally applicable. >> Anything that makes my life easier, I'm down. >> Savannah: We're all here for the easy button. We've been talking about it a bit this week. I'm in. And the retail store, I mean, I'm in San Francisco. I've had the experience of going through. Very interesting and seamless journey, honestly. It's very exciting. So tell us a little bit more about the applications group at AWS. >> Yup. So as I said, you know, we are, the applications group is a combination of several services. You know, we have communication developer services, which is the ability to add simple email service or video and embed video, voice chat using a chime SDK. In a higher up in the stack, we are taking care of things that IT administrators have to deal with where you can provision an entire desktop with the workspaces or provide a femoral access to it. And then as you go up even higher up in the stack, you have productivity applications like AWS Wicker, which we just did GA, you know, last week in AWS Clean Rooms which we announced as a service in preview. And then you have, you know, Connect, which is our cloud contact center, AWS supply chain. Just walk out Amazon One, it just feels like we're getting started. >> Just a couple things going on. >> So, clean rooms. Part of the governance play, part of data sharing. Can you explain, you know, we were talking offline, but I remember back in the disk drive days. We were in a clean room, they'd show you the clean room, you couldn't go near it unless you had a hazmat suit on. So now you're applying that to data. Explain that concept. >> Yeah, so the companies across, you know, financial services or healthcare, advertising, they all want to be able to combine and pull together data`sets with their partners in order to get these collaborative insights. The problem is either the data's fragmented, it's siloed or you have, you know, data governance issues that's preventing them from sharing. And the key requirement is that they want to be able to share this data without exposing any of the underlying data. Clean rooms are always emerged as a solution to that, but the problem with that is that they're hard to maintain. They're expensive. You have to write complex privacy queries. And if you make a mistake, you risk exposing the same data that you've been, you know, studiously trying to protect. >> Trying to protect. >> You know, take advertising as an industry, as an example. You know, advertisers care about, is my ad effective? But it turns out that if you're an advertiser and let's say you're a Nike or some other advertiser and your pop, you know, you place an ad on the website. Well, you want to stop showing the ad to people who have already purchased the product. However, people who purchased the product,- >> Savannah: It happens all the time. >> that purchasing data is not accessible to them easily. But if you could combine those insights, you know, the publishers benefit, advertisers benefits. So AWS Clean Rooms is that service that allows you very easily to be able to collaborate with a group of folks and then be able to gain these collaborative insights. >> And the consumers benefit. I mean, how many times you bought, you search it. >> It happens all the time. >> They know. And like, I just bought that guys, you know? >> Yeah, no, exactly. >> Four weeks. >> And I'm like, you don't need to serve me that, you know? And we understand the marketing backend. And it's just a waste of money and energy and resources. I mean, we're talking about sustainability as well. I don't think supply chain has ever had a hotter moment than it's had the last two and a half years. Tell me more about the announcement. >> Yup, so super excited about this. As you know, as you said, supply chains have always been very critical and very core for companies. The pandemic exacerbated it. So, ours way of sort of thinking about supply chains is to say that, you know, companies have taken, over the years many, like dozens, like millions and millions of dollars of investment in building their own supply chains. But the problem with supply chains is that the reason that they're not as functional as they could be is because of the lack of visibility. Because they're strung together very many disparate systems, that lack of visibility affects agility. And so, our approach in it was to say that, well, if we could have folks use their existing supply chain what can we do to improve the investment on the ROI of what they're getting? By creating a layer on top of it, that provides them that insights, connects all of these disparate data and then provides them insights to say, well, you know, here's where you overstock, here's where you under stock. You know, this is the, you know, the carbon emission impact of being able to transfer something. So like rather without requiring people to re-platform, what's the way that we can add value in it? And then also build upon Amazon's, you know, years of supply chain experience, to be able to build these predictive analytics for customers. >> So, that's a good, I like that you started with the why. >> Yes. >> Right now, what is it? It's an abstraction layer and then you're connecting into different data points. >> Yes, that's correct. >> Injecting ML. >> Feel like you can pick in, like if you think about supply chain, you can have warehouse management systems, order management systems. It could be in disparate things. We use ML to be able to bring all of this disparate data in and create our unified data lake. Once you have that unified data lake, you can then run an insights layer on top of it to be able to say, so that as the data changes, supply chain is not a static thing. Data's constantly changing. As the data's changing, the data lake now reflects the most up-to-date information. You can have alerts and insights set up on it to say that, what are the kinds of things that you're interested in? And then more importantly, supply chain and agility is about communication. In order to be able to make certain things happen, you need to be able to communicate, you need to make sure that everyone's on the same page. And we allow for a lot of the communication and collaboration tools to be built within this platform so that you're not necessarily leaving to go and toggle from one place to the other to solve your problems. >> And in the pie chart of how people spend their time, they're spending a lot less time communicating and being proactive. >> That's correct. >> And getting ahead of the curve. They're spending more time trying to figure out actually what's going on. >> Yes. >> And that's the problem that you're going to solve. >> Well, and it ensures that the customer at the other end of that supply chain experience is going to have their expectations managed in terms of when their good might get there or whatever's going to happen. >> Exactly. >> I feel like that expectation management has been such a big part of it. Okay, I just have to ask because I'm very curious. What was it like advising Jeff? >> Quite possibly the best job that I've ever had. You know, he's a fascinating individual. >> Did he pay you to say that? >> Nope. But I would've, like, I would've done it for like, it's remarkable seeing how he thinks and his approach to problem solving. It is, you know, you could be really tactical and go very deep. You could be extremely strategic. And to be able to sort of move effortlessly between those two is a unique skill. I learned a lot. >> Yeah, absolutely. So what made you want to evolve your career at Amazon after that? 'Cause I see on your LinkedIn, you say, it was the best job you ever had. With curiosity? >> Yeah, so one of the things, so the role is designed for you to be able to transition to something new. >> Savannah: Oh, cool. >> So after I finished that role, we were just getting into our foray with physical stores. And the idea between physical stores is that, you and I as consumers, we all have a lot of choices for physical stores. You know, there's a lot of options, there's a lot of formats. And so the last thing we wanted to do is come up with another me too offering. So, our approach was that what can we do to improve convenience in physical stores? That's what resulted in just walk out to Amazon Go. That's what resulted in Amazon One, which is another in a fast, convenient, contactless way to pay using the power of your palm. And now, what started in Amazon retail is now expanded to several third parties in, you know, stadiums, convention centers, airports. >> Airport, I just had, was in the Houston airport and got to do a humanless checkout. >> Dilip: Exactly. >> And actually in Honolulu a couple weeks ago as well too. Yeah, so we're going to see more and more of this. >> Yes. >> So what Amazon, I think has over a million employees. A lot of those are warehouse employees. But what advice would you give to somebody who's somewhere inside of Amazon, maybe they're on AWS, maybe they're Amazon. What advice would you give somebody inside that's maybe, you know, hey, I've been at this job for five, six years, three, four years, whatever it is. I want to do something else. And there's so much opportunity inside Amazon, right? What would you advise them? >> My single advice, which is actually transferable and I use it for myself is choose something that makes you a little uncomfortable. >> Dave: Get out of your comfort zone. >> It's like, you got to do that. It's like, it's not the easiest thing to hear, but it's also the most satisfying. Because almost every single time that I've done it for myself, it's resulted in like, you don't really know what the answer is. You don't really know exactly where you're going to end up, but the process and the journey through it, if you experience a little bit of discomfort constantly, it makes you non complacent. It makes you sort of not take the job, sort of in a stride. You have to be on it to do it. So that's the advice that I would give anyone. >> Yeah, that's good. So something that's maybe adjacent and maybe not completely foreign to you, but also something that, you know, you got to go dig a little bit and learn. >> You're planning a career change over here, Dave? >> No, I know a lot of people in Amazon are like, hey, I'm trying to figure out what I want to do next. I mean, I love it here. I live by the LPS, you know, but, and there's so much to choose from. >> It is, you know, when I joined in 2003, there were so many things that we were sort of doing today. None of those existed. It's a fascinating company. And the evolution, you could be in 20 different places and the breadth of the kinds of things that, you know, the Amazon experience provides is timeless. It's fascinating. >> And, you know, you look at a company like Amazon, and, you know, it's so amazing. You look at this ecosystem. I've been around- >> Even a show floor. >> I've been around a lot of time. And the show floor says it all. But I've seen a lot of, you know, waves. And each subsequent wave, you know, we always talk about how many companies were in the Fortune 1000 and aren't anymore. And, but the leaders, you know, survive and they thrive. And I think it's fascinating to try to better understand the culture that enables that. You know, you look at a company like Microsoft that was irrelevant and then came back. You know, even IBM was on death store for a while and they come back and so they. And so, but Amazon just feels, you know, at the moment you feel like, "Oh wow, nothing can stop this machine." 'Cause everybody's trying to disrupt Amazon and then, you know, only the paranoid survive, all that stuff. But it's not like, past is not prologue, all right? So that's why I asked these questions. And you just said that a lot of the services today that although the ideas didn't even exist, I mean, walkout. I mean, that's just amazing. >> I think one of the things that Amazon does really well culturally is that they create the single threaded leadership. They give people focus. If you have to get something done, you have to give people focus. You can't distract them with like seven different things and then say that, oh, by the way, your eighth job is to innovate. It just doesn't work that way. It's like it's hard. Like it can be- >> And where were the energy come from that? >> Exactly. And so giving people that single threaded focus is super important. >> Frank Slootman, the CEO of Snowflake, has a great quote. He wrote on his book. He said, "If you got 14 priorities, you got none." And he asks,- >> Well said. >> he challenges people. If you had to give up everything and do only one thing for the next 365 days, what would that be? It's a really hard question to answer. >> I feel like as we're around New Year's resolution times. I mean when we thinking about that, maybe we can all share our one thing. So, Dilip, you've been with the the applications team for five months. What's coming up next? >> Well, as I said, you know, it feels like it's still day one for applications. If you think about the things, the news that we introduced and the several services that we introduced, it has applicability across a variety of horizontal industries. But then we're also feeling that there's considerable vertical applications that can be built for specific things. Like, it could be in advertising, it could be in financial services, it could be in manufacturing. The opportunities are endless. I think the notion of people wanting applications higher up in the stack and a little more turnkey solutions is also, it's not new for us, but it's also new and creative too. You know, AWS has traditionally been doing. >> So again, this relates to what we were sort of talking about before. And maybe, this came from Jazzy or maybe it came from Bezos. But you hear a lot, it's okay to be misunderstood or if we were misunderstood for a long time. So when people hear up the stack, they think, when you think about apps, you know, in the last 10 years it was taking on-prem and bringing it into the cloud. Okay, you saw that with CREM, email, CRM, service management, you know, data warehouses, et cetera. Amazon is thinking about this in a different way. It's like you're looking at the world saying, okay, how can we improve whatever? Workflows, people's lives, doing something that's not been done before? And that seems to be the kind of applications that you guys are thinking about building. >> Yeah. >> And that's unique. It's not just, okay, we're going to take something on-prem put it in the cloud. Been there, done that. That S-curve is sort of flattening now. But there's a new S-curve which is completely new workflows and innovations and processes that we really haven't thought about yet. Or you're thinking about, I presume. >> Yeah. Having said that, I'd also like to sort of remind folks that when you consider the, you know, the entire spend, the portion of workloads that are running in the cloud is a teeny tiny fraction. It's like less than 5%, like 4% or something like that. So it's a very, there's still plenty of things that can sort of move to the cloud. But you're right that there is another trend of where in the stack and the types of applications that you can provide as well. >> Yeah, new innovation that haven't well thought of yet. >> So, Dilip, we have a new tradition here on theCUBE at re:Invent. Where we're looking for your 30 minute Instagram reel, your hot take, biggest key theme, either for you, your team, or just general vibe from the show. >> General vibe from the show. Well, 19 1/2 years at Amazon, this is actually my first re:Invent, believe it or not. This is my, as a AWS employee now, as re:Invent with like launching services. So that's the first. I've been to re:Invent before, but as an attendee rather than as a person who's, you know, a contributing number of the workforce. >> Working actually? >> If you will. >> Actually doing your job. >> And so I'm just amazed at the energy and the breadth. And the, you know, from the partners to the customers to the diversity of people who are coming here from everywhere. I had meetings from people in New Zealand. Like, you know, the UK, like customers are coming at us from like very many different places. And it's fascinating for me to see. It's new for me as well given, you know, some of my past experience. But this is a, it's been a blast. >> People are pumped. >> People are pumped. >> They can't believe the booth traffic. Not only that quality. >> Right. All of our guests have talked about that. >> Like, yeah, you know, we're going to throw half of these leads away, but they're saying no, I'm having like really substantive conversations with business people. This is, I think, my 10th re:Invent. And the first one was mostly developers. And I'm like, what are you talking about? And, you know, so. Now it's a lot more business people, a lot of developers too. >> Yeah. >> It's just. >> The community really makes it. Dilip, thank you so much for joining us today on theCube. >> Thank you for having me. >> You're fantastic. I could ask you a million questions. Be sure and tell Jeff that we said hi. >> Will do. >> Savannah: Next time you guys are hanging out. And thank all of you. >> You want to go into space? >> Yeah. Yes, yes, absolutely. I'm perhaps the most space obsessed on the show. And with that, we will continue our out of this world coverage shortly from fabulous Las Vegas where we are at AWS re:Invent. It is day four with Dave Vellante. I'm Savannah Peterson and you're watching theCUBE, the leader in high tech coverage. (lively music)

(upbeat music) >> Hello, welcome back to theCUBE's AWS RE:Invent 2022 Coverage. I'm John Furrier, host of theCUBE. Got a great lineup here, Itamar Ankorion SVP Technology Alliance at Qlik and Peter McDonald, vice President, cloud partnerships and business development Snowflake. We're going to talk about bringing SAP data to life, for joint Snowflake, Qlik and AWS Solution. Gentlemen, thanks for coming on theCUBE Really appreciate it. >> Thank you. >> Thank you, great meeting you John. >> Just to get started, introduce yourselves to the audience, then going to jump into what you guys are doing together, unique relationship here, really compelling solution in cloud. Big story about applications and scale this year. Let's introduce yourselves. Peter, we'll start with you. >> Great. I'm Peter MacDonald. I am vice president of Cloud Partners and business development here at Snowflake. On the Cloud Partner side, that means I manage AWS relationship along with Microsoft and Google Cloud. What we do together in terms of complimentary products, GTM, co-selling, things like that. Importantly, working with other third parties like Qlik for joint solutions. On business development, it's negotiating custom commercial partnerships, large companies like Salesforce and Dell, smaller companies at most for our venture portfolio. >> Thanks Peter and hi John. It's great to be back here. So I'm Itamar Ankorion and I'm the senior vice president responsible for technology alliances here at Qlik. With that, own strategic alliances, including our key partners in the cloud, including Snowflake and AWS. I've been in the data and analytics enterprise software market for 20 plus years, and my main focus is product management, marketing, alliances, and business development. I joined Qlik about three and a half years ago through the acquisition of Attunity, which is now the foundation for Qlik data integration. So again, we focus in my team on creating joint solution alignment with our key partners to provide more value to our customers. >> Great to have both you guys, senior executives in the industry on theCUBE here, talking about data, obviously bringing SAP data to life is the theme of this segment, but this reinvent, it's all about the data, big data end-to-end story, a lot about data being intrinsic as the CEO says on stage around in the organizations in all aspects. Take a minute to explain what you guys are doing as from a company standpoint. Snowflake and Qlik and the solutions, why here at AWS? Peter, we'll start with you at Snowflake, what you guys do as a company, your mission, your focus. >> That was great, John. Yeah, so here at Snowflake, we focus on the data platform and until recently, data platforms required expensive on-prem hardware appliances. And despite all that expense, customers had capacity constraints, inexpensive maintenance, and had limited functionality that all impeded these organizations from reaching their goals. Snowflake is a cloud native SaaS platform, and we've become so successful because we've addressed these pain points and have other new special features. For example, securely sharing data across both the organization and the value chain without copying the data, support for new data types such as JSON and structured data, and also advance in database data governance. Snowflake integrates with complimentary AWS services and other partner products. So we can enable holistic solutions that include, for example, here, both Qlik and AWS SageMaker, and comprehend and bring those to joint customers. Our customers want to convert data into insights along with advanced analytics platforms in AI. That is how they make holistic data-driven solutions that will give them competitive advantage. With Snowflake, our approach is to focus on customer solutions that leverage data from existing systems such as SAP, wherever they are in the cloud or on-premise. And to do this, we leverage partners like Qlik native US to help customers transform their businesses. We provide customers with a premier data analytics platform as a result. Itamar, why don't you talk about Qlik a little bit and then we can dive into the specific SAP solution here and some trends >> Sounds great, Peter. So Qlik provides modern data integration and analytics software used by over 38,000 customers worldwide. Our focus is to help our customers turn data into value and help them close the gap between data all the way through insight and action. We offer click data integration and click data analytics. Click data integration helps to automate the data pipelines to deliver data to where they want to use them in real-time and make the data ready for analytics and then Qlik data analytics is a robust platform for analytics and business intelligence has been a leader in the Gartner Magic Quadrant for over 11 years now in the market. And both of these come together into what we call Qlik Cloud, which is our SaaS based platform. So providing a more seamless way to consume all these services and accelerate time to value with customer solutions. In terms of partnerships, both Snowflake and AWS are very strategic to us here at Qlik, so we have very comprehensive investment to ensure strong joint value proposition to we can bring to our mutual customers, everything from aligning our roadmaps through optimizing and validating integrations, collaborating on best practices, packaging joint solutions like the one we'll talk about today. And with that investment, we are an elite level, top level partner with Snowflake. We fly that our technology is Snowflake-ready across the entire product set and we have hundreds of joint customers together and with AWS we've also partnered for a long time. We're here to reinvent. We've been here with the first reinvent since the inaugural one, so it kind of gives you an idea for how long we've been working with AWS. We provide very comprehensive integration with AWS data analytics services, and we have several competencies ranging from data analytics to migration and modernization. So that's our focus and again, we're excited about working with Snowflake and AWS to bring solutions together to market. >> Well, I'm looking forward to unpacking the solutions specifically, and congratulations on the continued success of both your companies. We've been following them obviously for a very long time and seeing the platform evolve beyond just SaaS and a lot more going on in cloud these days, kind of next generation emerging. You know, we're seeing a lot of macro trends that are going to be powering some of the things we're going to get into real quickly. But before we get into the solution, what are some of those power dynamics in the industry that you're seeing in trends specifically that are impacting your customers that are taking us down this road of getting more out of the data and specifically the SAP, but in general trends and dynamics. What are you hearing from your customers? Why do they care? Why are they going down this road? Peter, we'll start with you. >> Yeah, I'll go ahead and start. Thanks. Yeah, I'd say we continue to see customers being, being very eager to transform their businesses and they know they need to leverage technology and data to do so. They're also increasingly depending upon the cloud to bring that agility, that elasticity, new functionality necessary to react in real-time to every evolving customer needs. You look at what's happened over the last three years, and boy, the macro environment customers, it's all changing so fast. With our partnerships with AWS and Qlik, we've been able to bring to market innovative solutions like the one we're announcing today that spans all three companies. It provides a holistic solution and an integrated solution for our customer. >> Itamar let's get into it, you've been with theCUBE, you've seen the journey, you have your own journey, many, many years, you've seen the waves. What's going on now? I mean, what's the big wave? What's the dynamic powering this trend? >> Yeah, in a nutshell I'll call it, it's all about time. You know, it's time to value and it's about real-time data. I'll kind of talk about that a bit. So, I mean, you hear a lot about the data being the new oil, but it's definitely, we see more and more customers seeing data as their critical enabler for innovation and digital transformation. They look for ways to monetize data. They look as the data as the way in which they can innovate and bring different value to the customers. So we see customers want to use more data so to get more value from data. We definitely see them wanting to do it faster, right, than before. And we definitely see them looking for agility and automation as ways to accelerate time to value, and also reduce overall costs. I did mention real-time data, so we definitely see more and more customers, they want to be able to act and make decisions based on fresh data. So yesterday's data is just not good enough. >> John: Yeah. >> It's got to be down to the hour, down to the minutes and sometimes even lower than that. And then I think we're also seeing customers look to their core business systems where they have a lot of value, like the SAP, like mainframe and thinking, okay, our core data is there, how can we get more value from this data? So that's key things we see all the time with customers. >> Yeah, we did a big editorial segment this year on, we called data as code. Data as code is kind of a riff on infrastructure as code and you start to see data becoming proliferating into all aspects, fresh data. It's not just where you store it, it's how you share it, it's how you turn it into an application intrinsically involved in all aspects. This is the big theme this year and that's driving all the conversations here at RE:Invent. And I'm guaranteeing you, it's going to happen for another five and 10 years. It's not stopping. So I got to get into the solution, you guys mentioned SAP and you've announced the solution by Qlik, Snowflake and AWS for your customers using SAP. Can you share more about this solution? What's unique about it? Why is it important and why now? Peter, Itamar, we'll start with you first. >> Let me jump in, this is really, I'll jump because I'm excited. We're very excited about this solution and it's also a solution by the way and again, we've seen proven customer success with it. So to your point, it's ready to scale, it's starting, I think we're going to see a lot of companies doing this over the next few years. But before we jump to the solution, let me maybe take a few minutes just to clarify the need, why we're seeing, why we're seeing customers jump to do this. So customers that use SAP, they use it to manage the core of their business. So think order processing, management, finance, inventory, supply chain, and so much more. So if you're running SAP in your company, that data creates a great opportunity for you to drive innovation and modernization. So what we see customers want to do, they want to do more with their data and more means they want to take SAP with non-SAP data and use it together to drive new insights. They want to use real-time data to drive real-time analytics, which they couldn't do to date. They want to bring together descriptive with predictive analytics. So adding machine learning in AI to drive more value from the data. And naturally they want to do it faster. So find ways to iterate faster on their solutions, have freedom with the data and agility. And I think this is really where cloud data platforms like Snowflake and AWS, you know, bring that value to be able to drive that. Now to do that you need to unlock the SAP data, which is a lot of also where Qlik comes in because typical challenges these customers run into is the complexity, inherent in SAP data. Tens of thousands of tables, proprietary formats, complex data models, licensing restrictions, and more than, you have performance issues, they usually run into how do we handle the throughput, the volumes while maintaining lower latency and impact. Where do we find knowledge to really understand how to get all this done? So these are the things we've looked at when we came together to create a solution and make it unique. So when you think about its uniqueness, because we put together a lot, and I'll go through three, four key things that come together to make this unique. First is about data delivery. How do you have the SAP data delivery? So how do you get it from ECC, from HANA from S/4HANA, how do you deliver the data and the metadata and how that integration well into Snowflake. And what we've done is we've focused a lot on optimizing that process and the continuous ingestion, so the real-time ingestion of the data in a way that works really well with the Snowflake system, data cloud. Second thing is we looked at SAP data transformation, so once the data arrives at Snowflake, how do we turn it into being analytics ready? So that's where data transformation and data worth automation come in. And these are all elements of this solution. So creating derivative datasets, creating data marts, and all of that is done by again, creating an optimized integration that pushes down SQL based transformations, so they can be processed inside Snowflake, leveraging its powerful engine. And then the third element is bringing together data visualization analytics that can also take all the data now that in organizing inside Snowflake, bring other data in, bring machine learning from SageMaker, and then you go to create a seamless integration to bring analytic applications to life. So these are all things we put together in the solution. And maybe the last point is we actually took the next step with this and we created something we refer to as solution accelerators, which we're really, really keen about. Think about this as prepackaged templates for common business analytic needs like order to cash, finance, inventory. And we can either dig into that a little more later, but this gets the next level of value to the customers all built into this joint solution. >> Yeah, I want to get to the accelerators, but real quick, Peter, your reaction to the solution, what's unique about it? And obviously Snowflake, we've been seeing the progression data applications, more developers developing on top of Snowflake, data as code kind of implies developer ecosystem. This is kind of interesting. I mean, you got partnering with Qlik and AWS, it's kind of a developer-like thinking real solution. What's unique about this SAP solution that's, that's different than what customers can get anywhere else or not? >> Yeah, well listen, I think first of all, you have to start with the idea of the solution. This are three companies coming together to build a holistic solution that is all about, you know, creating a great opportunity to turn SAP data into value this is Itamar was talking about, that's really what we're talking about here and there's a lot of technology underneath it. I'll talk more about the Snowflake technology, what's involved here, and then cover some of the AWS pieces as well. But you know, we're focusing on getting that value out and accelerating time to value for our joint customers. As Itamar was saying, you know, there's a lot of complexity with the SAP data and a lot of value there. How can we manage that in a prepackaged way, bringing together best of breed solutions with proven capabilities and bringing this to market quickly for our joint customers. You know, Snowflake and AWS have been strong partners for a number of years now, and that's not only on how Snowflake runs on top of AWS, but also how we integrate with their complementary analytics and then all products. And so, you know, we want to be able to leverage those in addition to what Qlik is bringing in terms of the data transformations, bringing data out of SAP in the visualization as well. All very critical. And then we want to bring in the predictive analytics, AWS brings and what Sage brings. We'll talk about that a little bit later on. Some of the technologies that we're leveraging are some of our latest cutting edge technologies that really make things easier for both our partners and our customers. For example, Qlik leverages Snowflakes recently released Snowpark for Python functionality to push down those data transformations from clicking the Snowflake that Itamar's mentioning. And while we also leverage Snowpark for integrations with Amazon SageMaker, but there's a lot of great new technology that just makes this easy and compelling for customers. >> I think that's the big word, easy button here for what may look like a complex kind of integration, kind of turnkey, really, really compelling example of the modern era we're living in, as we always say in theCUBE. You mentioned accelerators, SAP accelerators. Can you give an example of how that works with the technology from the third party providers to deliver this business value Itamar, 'cause that was an interesting comment. What's the example? Give an example of this acceleration. >> Yes, certainly. I think this is something that really makes this truly, truly unique in the industry and again, a great opportunity for customers. So we kind talked earlier about there's a lot of things that need to be done with SP data to turn it to value. And these accelerator, as the name suggests, are designed to do just that, to kind of jumpstart the process and reduce the time and the risk involved in such project. So again, these are pre-packaged templates. We basically took a lot of knowledge, and a lot of configurations, best practices about to get things done and we put 'em together. So think about all the steps, it includes things like data extraction, so already knowing which tables, all the relevant tables that you need to get data from in the contexts of the solution you're looking for, say like order to cash, we'll get back to that one. How do you continuously deliver that data into Snowflake in an in efficient manner, handling things like data type mappings, metadata naming conventions and transformations. The data models you build all the way to data mart definitions and all the transformations that the data needs to go through moving through steps until it's fully analytics ready. And then on top of that, even adding a library of comprehensive analytic dashboards and integrations through machine learning and AI and put all of that in a way that's in pre-integrated and tested to work with Snowflake and AWS. So this is where again, you get this entire recipe that's ready. So take for example, I think I mentioned order to cash. So again, all these things I just talked about, I mean, for those who are not familiar, I mean order to cash is a critical business process for every organization. So especially if you're in retail, manufacturing, enterprise, it's a big... This is where, you know, starting with booking a sales order, following by fulfilling the order, billing the customer, then managing the accounts receivable when the customer actually pays, right? So this all process, you got sales order fulfillment and the billing impacts customer satisfaction, you got receivable payments, you know, the impact's working capital, cash liquidity. So again, as a result this order to cash process is a lifeblood for many businesses and it's critical to optimize and understand. So the solution accelerator we created specifically for order to cash takes care of understanding all these aspects and the data that needs to come with it. So everything we outline before to make the data available in Snowflake in a way that's really useful for downstream analytics, along with dashboards that are already common for that, for that use case. So again, this enables customers to gain real-time visibility into their sales orders, fulfillment, accounts receivable performance. That's what the Excel's are all about. And very similarly, we have another one for example, for finance analytics, right? So this will optimize financial data reporting, helps customers get insights into P&L, financial risk of stability or inventory analytics that helps with, you know, improve planning and inventory management, utilization, increased efficiencies, you know, so in supply chain. So again, these accelerators really help customers get a jumpstart and move faster with their solutions. >> Peter, this is the easy button we just talked about, getting things going, you know, get the ball rolling, get some acceleration. Big part of this are the three companies coming together doing this. >> Yeah, and to build on what Itamar just said that the SAP data obviously has tremendous value. Those sales orders, distribution data, financial data, bringing that into Snowflake makes it easily accessible, but also it enables it to be combined with other data too, is one of the things that Snowflake does so well. So you can get a full view of the end-to-end process and the business overall. You know, for example, I'll just take one, you know, one example that, that may not come to mind right away, but you know, looking at the impact of weather conditions on supply chain logistics is relevant and material and have interest to our customers. How do you bring those different data sets together in an easy way, bringing the data out of SAP, bringing maybe other data out of other systems through Qlik or through Snowflake, directly bringing data in from our data marketplace and bring that all together to make it work. You know, fundamentally organizational silos and the data fragmentation exist otherwise make it really difficult to drive modern analytics projects. And that in turn limits the value that our customers are getting from SAP data and these other data sets. We want to enable that and unleash. >> Yeah, time for value. This is great stuff. Itamar final question, you know, what are customers using this? What do you have? I'm sure you have customers examples already using the solution. Can you share kind of what these examples look like in the use cases and the value? >> Oh yeah, absolutely. Thank you. Happy to. We have customers across different, different sectors. You see manufacturing, retail, energy, oil and gas, CPG. So again, customers in those segments, typically sectors typically have SAP. So we have customers in all of them. A great example is like Siemens Energy. Siemens Energy is a global provider of gas par services. You know, over what, 28 billion, 30 billion in revenue. 90,000 employees. They operate globally in over 90 countries. So they've used SAP HANA as a core system, so it's running on premises, multiple locations around the world. And what they were looking for is a way to bring all these data together so they can innovate with it. And the thing is, Peter mentioned earlier, not just the SAP data, but also bring other data from other systems to bring it together for more value. That includes finance data, these logistics data, these customer CRM data. So they bring data from over 20 different SAP systems. Okay, with Qlik data integration, feeding that into Snowflake in under 20 minutes, 24/7, 365, you know, days a year. Okay, they get data from over 20,000 tables, you know, over million, hundreds of millions of records daily going in. So it is a great example of the type of scale, scalability, agility and speed that they can get to drive these kind of innovation. So that's a great example with Siemens. You know, another one comes to mind is a global manufacturer. Very similar scenario, but you know, they're using it for real-time executive reporting. So it's more like feasibility to the production data as well as for financial analytics. So think, think, think about everything from audit to texts to innovate financial intelligence because all the data's coming from SAP. >> It's a great time to be in the data business again. It keeps getting better and better. There's more data coming. It's not stopping, you know, it's growing so fast, it keeps coming. Every year, it's the same story, Peter. It's like, doesn't stop coming. As we wrap up here, let's just get customers some information on how to get started. I mean, obviously you're starting to see the accelerators, it's a great program there. What a great partnership between the two companies and AWS. How can customers get started to learn about the solution and take advantage of it, getting more out of their SAP data, Peter? >> Yeah, I think the first place to go to is talk to Snowflake, talk to AWS, talk to our account executives that are assigned to your account. Reach out to them and they will be able to educate you on the solution. We have packages up very nicely and can be deployed very, very quickly. >> Well gentlemen, thank you so much for coming on. Appreciate the conversation. Great overview of the partnership between, you know, Snowflake and Qlik and AWS on a joint solution. You know, getting more out of the SAP data. It's really kind of a key, key solution, bringing SAP data to life. Thanks for coming on theCUBE. Appreciate it. >> Thank you. >> Thank you John. >> Okay, this is theCUBE coverage here at RE:Invent 2022. I'm John Furrier, your host of theCUBE. Thanks for watching. (upbeat music)

(upbeat music) >> Hello, welcome back to theCUBE's AWS RE:Invent 2022 Coverage. I'm John Furrier, host of theCUBE. Got a great lineup here, Itamar Ankorion SVP Technology Alliance at Qlik and Peter McDonald, vice President, cloud partnerships and business development Snowflake. We're going to talk about bringing SAP data to life, for joint Snowflake, Qlik and AWS Solution. Gentlemen, thanks for coming on theCUBE Really appreciate it. >> Thank you. >> Thank you, great meeting you John. >> Just to get started, introduce yourselves to the audience, then going to jump into what you guys are doing together, unique relationship here, really compelling solution in cloud. Big story about applications and scale this year. Let's introduce yourselves. Peter, we'll start with you. >> Great. I'm Peter MacDonald. I am vice president of Cloud Partners and business development here at Snowflake. On the Cloud Partner side, that means I manage AWS relationship along with Microsoft and Google Cloud. What we do together in terms of complimentary products, GTM, co-selling, things like that. Importantly, working with other third parties like Qlik for joint solutions. On business development, it's negotiating custom commercial partnerships, large companies like Salesforce and Dell, smaller companies at most for our venture portfolio. >> Thanks Peter and hi John. It's great to be back here. So I'm Itamar Ankorion and I'm the senior vice president responsible for technology alliances here at Qlik. With that, own strategic alliances, including our key partners in the cloud, including Snowflake and AWS. I've been in the data and analytics enterprise software market for 20 plus years, and my main focus is product management, marketing, alliances, and business development. I joined Qlik about three and a half years ago through the acquisition of Attunity, which is now the foundation for Qlik data integration. So again, we focus in my team on creating joint solution alignment with our key partners to provide more value to our customers. >> Great to have both you guys, senior executives in the industry on theCUBE here, talking about data, obviously bringing SAP data to life is the theme of this segment, but this reinvent, it's all about the data, big data end-to-end story, a lot about data being intrinsic as the CEO says on stage around in the organizations in all aspects. Take a minute to explain what you guys are doing as from a company standpoint. Snowflake and Qlik and the solutions, why here at AWS? Peter, we'll start with you at Snowflake, what you guys do as a company, your mission, your focus. >> That was great, John. Yeah, so here at Snowflake, we focus on the data platform and until recently, data platforms required expensive on-prem hardware appliances. And despite all that expense, customers had capacity constraints, inexpensive maintenance, and had limited functionality that all impeded these organizations from reaching their goals. Snowflake is a cloud native SaaS platform, and we've become so successful because we've addressed these pain points and have other new special features. For example, securely sharing data across both the organization and the value chain without copying the data, support for new data types such as JSON and structured data, and also advance in database data governance. Snowflake integrates with complimentary AWS services and other partner products. So we can enable holistic solutions that include, for example, here, both Qlik and AWS SageMaker, and comprehend and bring those to joint customers. Our customers want to convert data into insights along with advanced analytics platforms in AI. That is how they make holistic data-driven solutions that will give them competitive advantage. With Snowflake, our approach is to focus on customer solutions that leverage data from existing systems such as SAP, wherever they are in the cloud or on-premise. And to do this, we leverage partners like Qlik native US to help customers transform their businesses. We provide customers with a premier data analytics platform as a result. Itamar, why don't you talk about Qlik a little bit and then we can dive into the specific SAP solution here and some trends >> Sounds great, Peter. So Qlik provides modern data integration and analytics software used by over 38,000 customers worldwide. Our focus is to help our customers turn data into value and help them close the gap between data all the way through insight and action. We offer click data integration and click data analytics. Click data integration helps to automate the data pipelines to deliver data to where they want to use them in real-time and make the data ready for analytics and then Qlik data analytics is a robust platform for analytics and business intelligence has been a leader in the Gartner Magic Quadrant for over 11 years now in the market. And both of these come together into what we call Qlik Cloud, which is our SaaS based platform. So providing a more seamless way to consume all these services and accelerate time to value with customer solutions. In terms of partnerships, both Snowflake and AWS are very strategic to us here at Qlik, so we have very comprehensive investment to ensure strong joint value proposition to we can bring to our mutual customers, everything from aligning our roadmaps through optimizing and validating integrations, collaborating on best practices, packaging joint solutions like the one we'll talk about today. And with that investment, we are an elite level, top level partner with Snowflake. We fly that our technology is Snowflake-ready across the entire product set and we have hundreds of joint customers together and with AWS we've also partnered for a long time. We're here to reinvent. We've been here with the first reinvent since the inaugural one, so it kind of gives you an idea for how long we've been working with AWS. We provide very comprehensive integration with AWS data analytics services, and we have several competencies ranging from data analytics to migration and modernization. So that's our focus and again, we're excited about working with Snowflake and AWS to bring solutions together to market. >> Well, I'm looking forward to unpacking the solutions specifically, and congratulations on the continued success of both your companies. We've been following them obviously for a very long time and seeing the platform evolve beyond just SaaS and a lot more going on in cloud these days, kind of next generation emerging. You know, we're seeing a lot of macro trends that are going to be powering some of the things we're going to get into real quickly. But before we get into the solution, what are some of those power dynamics in the industry that you're seeing in trends specifically that are impacting your customers that are taking us down this road of getting more out of the data and specifically the SAP, but in general trends and dynamics. What are you hearing from your customers? Why do they care? Why are they going down this road? Peter, we'll start with you. >> Yeah, I'll go ahead and start. Thanks. Yeah, I'd say we continue to see customers being, being very eager to transform their businesses and they know they need to leverage technology and data to do so. They're also increasingly depending upon the cloud to bring that agility, that elasticity, new functionality necessary to react in real-time to every evolving customer needs. You look at what's happened over the last three years, and boy, the macro environment customers, it's all changing so fast. With our partnerships with AWS and Qlik, we've been able to bring to market innovative solutions like the one we're announcing today that spans all three companies. It provides a holistic solution and an integrated solution for our customer. >> Itamar let's get into it, you've been with theCUBE, you've seen the journey, you have your own journey, many, many years, you've seen the waves. What's going on now? I mean, what's the big wave? What's the dynamic powering this trend? >> Yeah, in a nutshell I'll call it, it's all about time. You know, it's time to value and it's about real-time data. I'll kind of talk about that a bit. So, I mean, you hear a lot about the data being the new oil, but it's definitely, we see more and more customers seeing data as their critical enabler for innovation and digital transformation. They look for ways to monetize data. They look as the data as the way in which they can innovate and bring different value to the customers. So we see customers want to use more data so to get more value from data. We definitely see them wanting to do it faster, right, than before. And we definitely see them looking for agility and automation as ways to accelerate time to value, and also reduce overall costs. I did mention real-time data, so we definitely see more and more customers, they want to be able to act and make decisions based on fresh data. So yesterday's data is just not good enough. >> John: Yeah. >> It's got to be down to the hour, down to the minutes and sometimes even lower than that. And then I think we're also seeing customers look to their core business systems where they have a lot of value, like the SAP, like mainframe and thinking, okay, our core data is there, how can we get more value from this data? So that's key things we see all the time with customers. >> Yeah, we did a big editorial segment this year on, we called data as code. Data as code is kind of a riff on infrastructure as code and you start to see data becoming proliferating into all aspects, fresh data. It's not just where you store it, it's how you share it, it's how you turn it into an application intrinsically involved in all aspects. This is the big theme this year and that's driving all the conversations here at RE:Invent. And I'm guaranteeing you, it's going to happen for another five and 10 years. It's not stopping. So I got to get into the solution, you guys mentioned SAP and you've announced the solution by Qlik, Snowflake and AWS for your customers using SAP. Can you share more about this solution? What's unique about it? Why is it important and why now? Peter, Itamar, we'll start with you first. >> Let me jump in, this is really, I'll jump because I'm excited. We're very excited about this solution and it's also a solution by the way and again, we've seen proven customer success with it. So to your point, it's ready to scale, it's starting, I think we're going to see a lot of companies doing this over the next few years. But before we jump to the solution, let me maybe take a few minutes just to clarify the need, why we're seeing, why we're seeing customers jump to do this. So customers that use SAP, they use it to manage the core of their business. So think order processing, management, finance, inventory, supply chain, and so much more. So if you're running SAP in your company, that data creates a great opportunity for you to drive innovation and modernization. So what we see customers want to do, they want to do more with their data and more means they want to take SAP with non-SAP data and use it together to drive new insights. They want to use real-time data to drive real-time analytics, which they couldn't do to date. They want to bring together descriptive with predictive analytics. So adding machine learning in AI to drive more value from the data. And naturally they want to do it faster. So find ways to iterate faster on their solutions, have freedom with the data and agility. And I think this is really where cloud data platforms like Snowflake and AWS, you know, bring that value to be able to drive that. Now to do that you need to unlock the SAP data, which is a lot of also where Qlik comes in because typical challenges these customers run into is the complexity, inherent in SAP data. Tens of thousands of tables, proprietary formats, complex data models, licensing restrictions, and more than, you have performance issues, they usually run into how do we handle the throughput, the volumes while maintaining lower latency and impact. Where do we find knowledge to really understand how to get all this done? So these are the things we've looked at when we came together to create a solution and make it unique. So when you think about its uniqueness, because we put together a lot, and I'll go through three, four key things that come together to make this unique. First is about data delivery. How do you have the SAP data delivery? So how do you get it from ECC, from HANA from S/4HANA, how do you deliver the data and the metadata and how that integration well into Snowflake. And what we've done is we've focused a lot on optimizing that process and the continuous ingestion, so the real-time ingestion of the data in a way that works really well with the Snowflake system, data cloud. Second thing is we looked at SAP data transformation, so once the data arrives at Snowflake, how do we turn it into being analytics ready? So that's where data transformation and data worth automation come in. And these are all elements of this solution. So creating derivative datasets, creating data marts, and all of that is done by again, creating an optimized integration that pushes down SQL based transformations, so they can be processed inside Snowflake, leveraging its powerful engine. And then the third element is bringing together data visualization analytics that can also take all the data now that in organizing inside Snowflake, bring other data in, bring machine learning from SageMaker, and then you go to create a seamless integration to bring analytic applications to life. So these are all things we put together in the solution. And maybe the last point is we actually took the next step with this and we created something we refer to as solution accelerators, which we're really, really keen about. Think about this as prepackaged templates for common business analytic needs like order to cash, finance, inventory. And we can either dig into that a little more later, but this gets the next level of value to the customers all built into this joint solution. >> Yeah, I want to get to the accelerators, but real quick, Peter, your reaction to the solution, what's unique about it? And obviously Snowflake, we've been seeing the progression data applications, more developers developing on top of Snowflake, data as code kind of implies developer ecosystem. This is kind of interesting. I mean, you got partnering with Qlik and AWS, it's kind of a developer-like thinking real solution. What's unique about this SAP solution that's, that's different than what customers can get anywhere else or not? >> Yeah, well listen, I think first of all, you have to start with the idea of the solution. This are three companies coming together to build a holistic solution that is all about, you know, creating a great opportunity to turn SAP data into value this is Itamar was talking about, that's really what we're talking about here and there's a lot of technology underneath it. I'll talk more about the Snowflake technology, what's involved here, and then cover some of the AWS pieces as well. But you know, we're focusing on getting that value out and accelerating time to value for our joint customers. As Itamar was saying, you know, there's a lot of complexity with the SAP data and a lot of value there. How can we manage that in a prepackaged way, bringing together best of breed solutions with proven capabilities and bringing this to market quickly for our joint customers. You know, Snowflake and AWS have been strong partners for a number of years now, and that's not only on how Snowflake runs on top of AWS, but also how we integrate with their complementary analytics and then all products. And so, you know, we want to be able to leverage those in addition to what Qlik is bringing in terms of the data transformations, bringing data out of SAP in the visualization as well. All very critical. And then we want to bring in the predictive analytics, AWS brings and what Sage brings. We'll talk about that a little bit later on. Some of the technologies that we're leveraging are some of our latest cutting edge technologies that really make things easier for both our partners and our customers. For example, Qlik leverages Snowflakes recently released Snowpark for Python functionality to push down those data transformations from clicking the Snowflake that Itamar's mentioning. And while we also leverage Snowpark for integrations with Amazon SageMaker, but there's a lot of great new technology that just makes this easy and compelling for customers. >> I think that's the big word, easy button here for what may look like a complex kind of integration, kind of turnkey, really, really compelling example of the modern era we're living in, as we always say in theCUBE. You mentioned accelerators, SAP accelerators. Can you give an example of how that works with the technology from the third party providers to deliver this business value Itamar, 'cause that was an interesting comment. What's the example? Give an example of this acceleration. >> Yes, certainly. I think this is something that really makes this truly, truly unique in the industry and again, a great opportunity for customers. So we kind talked earlier about there's a lot of things that need to be done with SP data to turn it to value. And these accelerator, as the name suggests, are designed to do just that, to kind of jumpstart the process and reduce the time and the risk involved in such project. So again, these are pre-packaged templates. We basically took a lot of knowledge, and a lot of configurations, best practices about to get things done and we put 'em together. So think about all the steps, it includes things like data extraction, so already knowing which tables, all the relevant tables that you need to get data from in the contexts of the solution you're looking for, say like order to cash, we'll get back to that one. How do you continuously deliver that data into Snowflake in an in efficient manner, handling things like data type mappings, metadata naming conventions and transformations. The data models you build all the way to data mart definitions and all the transformations that the data needs to go through moving through steps until it's fully analytics ready. And then on top of that, even adding a library of comprehensive analytic dashboards and integrations through machine learning and AI and put all of that in a way that's in pre-integrated and tested to work with Snowflake and AWS. So this is where again, you get this entire recipe that's ready. So take for example, I think I mentioned order to cash. So again, all these things I just talked about, I mean, for those who are not familiar, I mean order to cash is a critical business process for every organization. So especially if you're in retail, manufacturing, enterprise, it's a big... This is where, you know, starting with booking a sales order, following by fulfilling the order, billing the customer, then managing the accounts receivable when the customer actually pays, right? So this all process, you got sales order fulfillment and the billing impacts customer satisfaction, you got receivable payments, you know, the impact's working capital, cash liquidity. So again, as a result this order to cash process is a lifeblood for many businesses and it's critical to optimize and understand. So the solution accelerator we created specifically for order to cash takes care of understanding all these aspects and the data that needs to come with it. So everything we outline before to make the data available in Snowflake in a way that's really useful for downstream analytics, along with dashboards that are already common for that, for that use case. So again, this enables customers to gain real-time visibility into their sales orders, fulfillment, accounts receivable performance. That's what the Excel's are all about. And very similarly, we have another one for example, for finance analytics, right? So this will optimize financial data reporting, helps customers get insights into P&L, financial risk of stability or inventory analytics that helps with, you know, improve planning and inventory management, utilization, increased efficiencies, you know, so in supply chain. So again, these accelerators really help customers get a jumpstart and move faster with their solutions. >> Peter, this is the easy button we just talked about, getting things going, you know, get the ball rolling, get some acceleration. Big part of this are the three companies coming together doing this. >> Yeah, and to build on what Itamar just said that the SAP data obviously has tremendous value. Those sales orders, distribution data, financial data, bringing that into Snowflake makes it easily accessible, but also it enables it to be combined with other data too, is one of the things that Snowflake does so well. So you can get a full view of the end-to-end process and the business overall. You know, for example, I'll just take one, you know, one example that, that may not come to mind right away, but you know, looking at the impact of weather conditions on supply chain logistics is relevant and material and have interest to our customers. How do you bring those different data sets together in an easy way, bringing the data out of SAP, bringing maybe other data out of other systems through Qlik or through Snowflake, directly bringing data in from our data marketplace and bring that all together to make it work. You know, fundamentally organizational silos and the data fragmentation exist otherwise make it really difficult to drive modern analytics projects. And that in turn limits the value that our customers are getting from SAP data and these other data sets. We want to enable that and unleash. >> Yeah, time for value. This is great stuff. Itamar final question, you know, what are customers using this? What do you have? I'm sure you have customers examples already using the solution. Can you share kind of what these examples look like in the use cases and the value? >> Oh yeah, absolutely. Thank you. Happy to. We have customers across different, different sectors. You see manufacturing, retail, energy, oil and gas, CPG. So again, customers in those segments, typically sectors typically have SAP. So we have customers in all of them. A great example is like Siemens Energy. Siemens Energy is a global provider of gas par services. You know, over what, 28 billion, 30 billion in revenue. 90,000 employees. They operate globally in over 90 countries. So they've used SAP HANA as a core system, so it's running on premises, multiple locations around the world. And what they were looking for is a way to bring all these data together so they can innovate with it. And the thing is, Peter mentioned earlier, not just the SAP data, but also bring other data from other systems to bring it together for more value. That includes finance data, these logistics data, these customer CRM data. So they bring data from over 20 different SAP systems. Okay, with Qlik data integration, feeding that into Snowflake in under 20 minutes, 24/7, 365, you know, days a year. Okay, they get data from over 20,000 tables, you know, over million, hundreds of millions of records daily going in. So it is a great example of the type of scale, scalability, agility and speed that they can get to drive these kind of innovation. So that's a great example with Siemens. You know, another one comes to mind is a global manufacturer. Very similar scenario, but you know, they're using it for real-time executive reporting. So it's more like feasibility to the production data as well as for financial analytics. So think, think, think about everything from audit to texts to innovate financial intelligence because all the data's coming from SAP. >> It's a great time to be in the data business again. It keeps getting better and better. There's more data coming. It's not stopping, you know, it's growing so fast, it keeps coming. Every year, it's the same story, Peter. It's like, doesn't stop coming. As we wrap up here, let's just get customers some information on how to get started. I mean, obviously you're starting to see the accelerators, it's a great program there. What a great partnership between the two companies and AWS. How can customers get started to learn about the solution and take advantage of it, getting more out of their SAP data, Peter? >> Yeah, I think the first place to go to is talk to Snowflake, talk to AWS, talk to our account executives that are assigned to your account. Reach out to them and they will be able to educate you on the solution. We have packages up very nicely and can be deployed very, very quickly. >> Well gentlemen, thank you so much for coming on. Appreciate the conversation. Great overview of the partnership between, you know, Snowflake and Qlik and AWS on a joint solution. You know, getting more out of the SAP data. It's really kind of a key, key solution, bringing SAP data to life. Thanks for coming on theCUBE. Appreciate it. >> Thank you. >> Thank you John. >> Okay, this is theCUBE coverage here at RE:Invent 2022. I'm John Furrier, your host of theCUBE. Thanks for watching. (upbeat music)

>> From theCUBE Studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> This past week we saw two of the Big 3 cloud providers present the latest update on their respective cloud visions, their business progress, their announcements and innovations. The content at these events had many overlapping themes, including modern cloud infrastructure at global scale, applying advanced machine intelligence, AKA AI, end-to-end data platforms, collaboration software. They talked a lot about the future of work automation. And they gave us a little taste, each company of the Metaverse Web 3.0 and much more. Despite these striking similarities, the differences between these two cloud platforms and that of AWS remains significant. With Microsoft leveraging its massive application software footprint to dominate virtually all markets and Google doing everything in its power to keep up with the frenetic pace of today's cloud innovation, which was set into motion a decade and a half ago by AWS. Hello and welcome to this week's Wikibon CUBE Insights, powered by ETR. In this Breaking Analysis, we unpack the immense amount of content presented by the CEOs of Microsoft and Google Cloud at Microsoft Ignite and Google Cloud Next. We'll also quantify with ETR survey data the relative position of these two cloud giants in four key sectors: cloud IaaS, BI analytics, data platforms and collaboration software. Now one thing was clear this past week, hybrid events are the thing. Google Cloud Next took place live over a 24-hour period in six cities around the world, with the main gathering in New York City. Microsoft Ignite, which normally is attended by 30,000 people, had a smaller event in Seattle, in person with a virtual audience around the world. AWS re:Invent, of course, is much different. Yes, there's a virtual component at re:Invent, but it's all about a big live audience gathering the week after Thanksgiving, in the first week of December in Las Vegas. Regardless, Satya Nadella keynote address was prerecorded. It was highly produced and substantive. It was visionary, energetic with a strong message that Azure was a platform to allow customers to build their digital businesses. Doing more with less, which was a key theme of his. Nadella covered a lot of ground, starting with infrastructure from the compute, highlighting a collaboration with Arm-based, Ampere processors. New block storage, 60 regions, 175,000 miles of fiber cables around the world. He presented a meaningful multi-cloud message with Azure Arc to support on-prem and edge workloads, as well as of course the public cloud. And talked about confidential computing at the infrastructure level, a theme we hear from all cloud vendors. He then went deeper into the end-to-end data platform that Microsoft is building from the core data stores to analytics, to governance and the myriad tooling Microsoft offers. AI was next with a big focus on automation, AI, training models. He showed demos of machines coding and fixing code and machines automatically creating designs for creative workers and how Power Automate, Microsoft's RPA tooling, would combine with Microsoft Syntex to understand documents and provide standard ways for organizations to communicate with those documents. There was of course a big focus on Azure as developer cloud platform with GitHub Copilot as a linchpin using AI to assist coders in low-code and no-code innovations that are coming down the pipe. And another giant theme was a workforce transformation and how Microsoft is using its heritage and collaboration and productivity software to move beyond what Nadella called productivity paranoia, i.e., are remote workers doing their jobs? In a world where collaboration is built into intelligent workflows, and he even showed a glimpse of the future with AI-powered avatars and partnerships with Meta and Cisco with Teams of all firms. And finally, security with a bevy of tools from identity, endpoint, governance, et cetera, stressing a suite of tools from a single provider, i.e., Microsoft. So a couple points here. One, Microsoft is following in the footsteps of AWS with silicon advancements and didn't really emphasize that trend much except for the Ampere announcement. But it's building out cloud infrastructure at a massive scale, there is no debate about that. Its plan on data is to try and provide a somewhat more abstracted and simplified solutions, which differs a little bit from AWS's approach of the right database tool, for example, for the right job. Microsoft's automation play appears to provide simple individual productivity tools, kind of a ground up approach and make it really easy for users to drive these bottoms up initiatives. We heard from UiPath that forward five last month, a little bit of a different approach of horizontal automation, end-to-end across platforms. So quite a different play there. Microsoft's angle on workforce transformation is visionary and will continue to solidify in our view its dominant position with Teams and Microsoft 365, and it will drive cloud infrastructure consumption by default. On security as well as a cloud player, it has to have world-class security, and Azure does. There's not a lot of debate about that, but the knock on Microsoft is Patch Tuesday becomes Hack Wednesday because Microsoft releases so many patches, it's got so much Swiss cheese in its legacy estate and patching frequently, it becomes a roadmap and a trigger for hackers. Hey, patch Tuesday, these are all the exploits that you can go after so you can act before the patches are implemented. And so it's really become a problem for users. As well Microsoft is competing with many of the best-of-breed platforms like CrowdStrike and Okta, which have market momentum and appear to be more attractive horizontal plays for customers outside of just the Microsoft cloud. But again, it's Microsoft. They make it easy and very inexpensive to adopt. Now, despite the outstanding presentation by Satya Nadella, there are a couple of statements that should raise eyebrows. Here are two of them. First, as he said, Azure is the only cloud that supports all organizations and all workloads from enterprises to startups, to highly regulated industries. I had a conversation with Sarbjeet Johal about this, to make sure I wasn't just missing something and we were both surprised, somewhat, by this claim. I mean most certainly AWS supports more certifications for example, and we would think it has a reasonable case to dispute that claim. And the other statement, Nadella made, Azure is the only cloud provider enabling highly regulated industries to bring their most sensitive applications to the cloud. Now, reasonable people can debate whether AWS is there yet, but very clearly Oracle and IBM would have something to say about that statement. Now maybe it's not just, would say, "Oh, they're not real clouds, you know, they're just going to hosting in the cloud if you will." But still, when it comes to mission-critical applications, you would think Oracle is really the the leader there. Oh, and Satya also mentioned the claim that the Edge browser, the Microsoft Edge browser, no questions asked, he said, is the best browser for business. And we could see some people having some questions about that. Like isn't Edge based on Chrome? Anyway, so we just had to question these statements and challenge Microsoft to defend them because to us it's a little bit of BS and makes one wonder what else in such as awesome keynote and it was awesome, it was hyperbole. Okay, moving on to Google Cloud Next. The keynote started with Sundar Pichai doing a virtual session, he was remote, stressing the importance of Google Cloud. He mentioned that Google Cloud from its Q2 earnings was on a $25-billion annual run rate. What he didn't mention is that it's also on a 3.6 billion annual operating loss run rate based on its first half performance. Just saying. And we'll dig into that issue a little bit more later in this episode. He also stressed that the investments that Google has made to support its core business and search, like its global network of 22 subsea cables to support things like, YouTube video, great performance obviously that we all rely on, those innovations there. Innovations in BigQuery to support its search business and its threat analysis that it's always had and its AI, it's always been an AI-first company, he's stressed, that they're all leveraged by the Google Cloud Platform, GCP. This is all true by the way. Google has absolutely awesome tech and the talk, as well as his talk, Pichai, but also Kurian's was forward thinking and laid out a vision of the future. But it didn't address in our view, and I talked to Sarbjeet Johal about this as well, today's challenges to the degree that Microsoft did and we expect AWS will at re:Invent this year, it was more out there, more forward thinking, what's possible in the future, somewhat less about today's problem, so I think it's resonates less with today's enterprise players. Thomas Kurian then took over from Sundar Pichai and did a really good job of highlighting customers, and I think he has to, right? He has to say, "Look, we are in this game. We have customers, 9 out of the top 10 media firms use Google Cloud. 8 out of the top 10 manufacturers. 9 out of the top 10 retailers. Same for telecom, same for healthcare. 8 out of the top 10 retail banks." He and Sundar specifically referenced a number of companies, customers, including Avery Dennison, Groupe Renault, H&M, John Hopkins, Prudential, Minna Bank out of Japan, ANZ bank and many, many others during the session. So you know, they had some proof points and you got to give 'em props for that. Now like Microsoft, Google talked about infrastructure, they referenced training processors and regions and compute optionality and storage and how new workloads were emerging, particularly data-driven workloads in AI that required new infrastructure. He explicitly highlighted partnerships within Nvidia and Intel. I didn't see anything on Arm, which somewhat surprised me 'cause I believe Google's working on that or at least has come following in AWS's suit if you will, but maybe that's why they're not mentioning it or maybe I got to do more research there, but let's park that for a minute. But again, as we've extensively discussed in Breaking Analysis in our view when it comes to compute, AWS via its Annapurna acquisition is well ahead of the pack in this area. Arm is making its way into the enterprise, but all three companies are heavily investing in infrastructure, which is great news for customers and the ecosystem. We'll come back to that. Data and AI go hand in hand, and there was no shortage of data talk. Google didn't mention Snowflake or Databricks specifically, but it did mention, by the way, it mentioned Mongo a couple of times, but it did mention Google's, quote, Open Data cloud. Now maybe Google has used that term before, but Snowflake has been marketing the data cloud concept for a couple of years now. So that struck as a shot across the bow to one of its partners and obviously competitor, Snowflake. At BigQuery is a main centerpiece of Google's data strategy. Kurian talked about how they can take any data from any source in any format from any cloud provider with BigQuery Omni and aggregate and understand it. And with the support of Apache Iceberg and Delta and Hudi coming in the future and its open Data Cloud Alliance, they talked a lot about that. So without specifically mentioning Snowflake or Databricks, Kurian co-opted a lot of messaging from these two players, such as life and tech. Kurian also talked about Google Workspace and how it's now at 8 million users up from 6 million just two years ago. There's a lot of discussion on developer optionality and several details on tools supported and the open mantra of Google. And finally on security, Google brought out Kevin Mandian, he's a CUBE alum, extremely impressive individual who's CEO of Mandiant, a leading security service provider and consultancy that Google recently acquired for around 5.3 billion. They talked about moving from a shared responsibility model to a shared fate model, which is again, it's kind of a shot across AWS's bow, kind of shared responsibility model. It's unclear that Google will pay the same penalty if a customer doesn't live up to its portion of the shared responsibility, but we can probably assume that the customer is still going to bear the brunt of the pain, nonetheless. Mandiant is really interesting because it's a services play and Google has stated that it is not a services company, it's going to give partners in the channel plenty of room to play. So we'll see what it does with Mandiant. But Mandiant is a very strong enterprise capability and in the single most important area security. So interesting acquisition by Google. Now as well, unlike Microsoft, Google is not competing with security leaders like Okta and CrowdStrike. Rather, it's partnering aggressively with those firms and prominently putting them forth. All right. Let's get into the ETR survey data and see how Microsoft and Google are positioned in four key markets that we've mentioned before, IaaS, BI analytics, database data platforms and collaboration software. First, let's look at the IaaS cloud. ETR is just about to release its October survey, so I cannot share the that data yet. I can only show July data, but we're going to give you some directional hints throughout this conversation. This chart shows net score or spending momentum on the vertical axis and overlap or presence in the data, i.e., how pervasive the platform is. That's on the horizontal axis. And we've inserted the Wikibon estimates of IaaS revenue for the companies, the Big 3. Actually the Big 4, we included Alibaba. So a couple of points in this somewhat busy data chart. First, Microsoft and AWS as always are dominant on both axes. The red dotted line there at 40% on the vertical axis. That represents a highly elevated spending velocity and all of the Big 3 are above the line. Now at the same time, GCP is well behind the two leaders on the horizontal axis and you can see that in the table insert as well in our revenue estimates. Now why is Azure bigger in the ETR survey when AWS is larger according to the Wikibon revenue estimates? And the answer is because Microsoft with products like 365 and Teams will often be considered by respondents in the survey as cloud by customers, so they fit into that ETR category. But in the insert data we're stripping out applications and SaaS from Microsoft and Google and we're only isolating on IaaS. The other point is when you take a look at the early October returns, you see downward pressure as signified by those dotted arrows on every name. The only exception was Dell, or Dell and IBM, which showing slightly improved momentum. So the survey data generally confirms what we know that AWS and Azure have a massive lead and strong momentum in the marketplace. But the real story is below the line. Unlike Google Cloud, which is on pace to lose well over 3 billion on an operating basis this year, AWS's operating profit is around $20 billion annually. Microsoft's Intelligent Cloud generated more than $30 billion in operating income last fiscal year. Let that sink in for a moment. Now again, that's not to say Google doesn't have traction, it does and Kurian gave some nice proof points and customer examples in his keynote presentation, but the data underscores the lead that Microsoft and AWS have on Google in cloud. And here's a breakdown of ETR's proprietary net score methodology, that vertical axis that we showed you in the previous chart. It asks customers, are you adopting the platform new? That's that lime green. Are you spending 6% or more? That's the forest green. Is you're spending flat? That's the gray. Is you're spending down 6% or worse? That's the pinkest color. Or are you replacing the platform, defecting? That's the bright red. You subtract the reds from the greens and you get a net score. Now one caveat here, which actually is really favorable from Microsoft, the Microsoft data that we're showing here is across the entire Microsoft portfolio. The other point is, this is July data, we'll have an update for you once ETR releases its October results. But we're talking about meaningful samples here, the ends. 620 for AWS over a thousand from Microsoft in more than 450 respondents in the survey for Google. So the real tell is replacements, that bright red. There is virtually no churn for AWS and Microsoft, but Google's churn is 5x, those two in the survey. Now 5% churn is not high, but you'd like to see three things for Google given it's smaller size. One is less churn, two is much, much higher adoption rates in the lime green. Three is a higher percentage of those spending more, the forest green. And four is a lower percentage of those spending less. And none of these conditions really applies here for Google. GCP is still not growing fast enough in our opinion, and doesn't have nearly the traction of the two leaders and that shows up in the survey data. All right, let's look at the next sector, BI analytics. Here we have that same XY dimension. Again, Microsoft dominating the picture. AWS very strong also in both axes. Tableau, very popular and respectable of course acquired by Salesforce on the vertical axis, still looking pretty good there. And again on the horizontal axis, big presence there for Tableau. And Google with Looker and its other platforms is also respectable, but it again, has some work to do. Now notice Streamlit, that's a recent Snowflake acquisition. It's strong in the vertical axis and because of Snowflake's go-to-market (indistinct), it's likely going to move to the right overtime. Grafana is also prominent in the Y axis, but a glimpse at the most recent survey data shows them slightly declining while Looker actually improves a bit. As does Cloudera, which we'll move up slightly. Again, Microsoft just blows you away, doesn't it? All right, now let's get into database and data platform. Same X Y dimensions, but now database and data warehouse. Snowflake as usual takes the top spot on the vertical axis and it is actually keeps moving to the right as well with again, Microsoft and AWS is dominant in the market, as is Oracle on the X axis, albeit it's got less spending velocity, but of course it's the database king. Google is well behind on the X axis but solidly above the 40% line on the vertical axis. Note that virtually all platforms will see pressure in the next survey due to the macro environment. Microsoft might even dip below the 40% line for the first time in a while. Lastly, let's look at the collaboration and productivity software market. This is such an important area for both Microsoft and Google. And just look at Microsoft with 365 and Teams up into the right. I mean just so impressive in ubiquitous. And we've highlighted Google. It's in the pack. It certainly is a nice base with 174 N, which I can tell you that N will rise in the next survey, which is an indication that more people are adopting. But given the investment and the tech behind it and all the AI and Google's resources, you'd really like to see Google in this space above the 40% line, given the importance of this market, of this collaboration area to Google's success and the degree to which they emphasize it in their pitch. And look, this brings up something that we've talked about before on Breaking Analysis. Google doesn't have a tech problem. This is a go-to-market and marketing challenge that Google faces and it's up against two go-to-market champs and Microsoft and AWS. And Google doesn't have the enterprise sales culture. It's trying, it's making progress, but it's like that racehorse that has all the potential in the world, but it's just missing some kind of key ingredient to put it over at the top. It's always coming in third, (chuckles) but we're watching and Google's obviously, making some investments as we shared with earlier. All right. Some final thoughts on what we learned this week and in this research: customers and partners should be thrilled that both Microsoft and Google along with AWS are spending so much money on innovation and building out global platforms. This is a gift to the industry and we should be thankful frankly because it's good for business, it's good for competitiveness and future innovation as a platform that can be built upon. Now we didn't talk much about multi-cloud, we haven't even mentioned supercloud, but both Microsoft and Google have a story that resonates with customers in cross cloud capabilities, unlike AWS at this time. But we never say never when it comes to AWS. They sometimes and oftentimes surprise you. One of the other things that Sarbjeet Johal and John Furrier and I have discussed is that each of the Big 3 is positioning to their respective strengths. AWS is the best IaaS. Microsoft is building out the kind of, quote, we-make-it-easy-for-you cloud, and Google is trying to be the open data cloud with its open-source chops and excellent tech. And that puts added pressure on Snowflake, doesn't it? You know, Thomas Kurian made some comments according to CRN, something to the effect that, we are the only company that can do the data cloud thing across clouds, which again, if I'm being honest is not really accurate. Now I haven't clarified these statements with Google and often things get misquoted, but there's little question that, as AWS has done in the past with Redshift, Google is taking a page out of Snowflake, Databricks as well. A big difference in the Big 3 is that AWS doesn't have this big emphasis on the up-the-stack collaboration software that both Microsoft and Google have, and that for Microsoft and Google will drive captive IaaS consumption. AWS obviously does some of that in database, a lot of that in database, but ISVs that compete with Microsoft and Google should have a greater affinity, one would think, to AWS for competitive reasons. and the same thing could be said in security, we would think because, as I mentioned before, Microsoft competes very directly with CrowdStrike and Okta and others. One of the big thing that Sarbjeet mentioned that I want to call out here, I'd love to have your opinion. AWS specifically, but also Microsoft with Azure have successfully created what Sarbjeet calls brand distance. AWS from the Amazon Retail, and even though AWS all the time talks about Amazon X and Amazon Y is in their product portfolio, but you don't really consider it part of the retail organization 'cause it's not. Azure, same thing, has created its own identity. And it seems that Google still struggles to do that. It's still very highly linked to the sort of core of Google. Now, maybe that's by design, but for enterprise customers, there's still some potential confusion with Google, what's its intentions? How long will they continue to lose money and invest? Are they going to pull the plug like they do on so many other tools? So you know, maybe some rethinking of the marketing there and the positioning. Now we didn't talk much about ecosystem, but it's vital for any cloud player, and Google again has some work to do relative to the leaders. Which brings us to supercloud. The ecosystem and end customers are now in a position this decade to digitally transform. And we're talking here about building out their own clouds, not by putting in and building data centers and installing racks of servers and storage devices, no. Rather to build value on top of the hyperscaler gift that has been presented. And that is a mega trend that we're watching closely in theCUBE community. While there's debate about the supercloud name and so forth, there little question in our minds that the next decade of cloud will not be like the last. All right, we're going to leave it there today. Many thanks to Sarbjeet Johal, and my business partner, John Furrier, for their input to today's episode. Thanks to Alex Myerson who's on production and manages the podcast and Ken Schiffman as well. Kristen Martin and Cheryl Knight helped get the word out on social media and in our newsletters. And Rob Hof is our editor in chief over at SiliconANGLE, who does some wonderful editing. And check out SiliconANGLE, a lot of coverage on Google Cloud Next and Microsoft Ignite. Remember, all these episodes are available as podcast wherever you listen. Just search Breaking Analysis podcast. I publish each week on wikibon.com and siliconangle.com. And you can always get in touch with me via email, david.vellante@siliconangle.com or you can DM me at dvellante or comment on my LinkedIn posts. And please do check out etr.ai, the best survey data in the enterprise tech business. This is Dave Vellante for the CUBE Insights, powered by ETR. Thanks for watching and we'll see you next time on Breaking Analysis. (gentle music)

>> All right, we'll be back in a moment. We'll have Stephen Manly, the CTO, and Anjan Srinivas, the GM and VP of Product Management will join me. You're watching theCUBE, the leader in high tech enterprise coverage. >> Ransomware is top of mind for everyone. The attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability scans, patches and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released. After an attack, recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the Druva data resiliency cloud on your side. The Druva platform functions completely in the cloud with no hardware, software, operating system, or complex configurations. Which means there are none of the weaknesses that ransomware commonly uses to attack backups. Our software is a service model delivers 24/7 365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches and upgrades for you. Druva also makes zero trust security easy with built in multi-factor authentication, single sign on and roll based access controls. In the event of an attack, Druva helps you stop the spread of ransomware and quickly understand what went wrong with built in access insights and anomaly detection. Then you can use industry first tools and services to automate the recovery of clean unencrypted data from the entire timeframe of the attack. Cyber attacks are a major threat, but you can make protection and recovery easy with Druva. (upbeat music) >> Welcome back everyone to theCUBE special presentation with Druva on Why Ransomware Isn't Your Only Problem. I'm John Furrier, host of theCUBE. Our next guest are Stephen Manly's, Chief Technology Officer of Druva and Anjan Srinivas, who is the general manager and Vice President of Product Management at Druva. Gentleman, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic the IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment, I really appreciate it. Thanks for coming on. >> Great to be here John. >> So what's your thoughts on the survey's conclusion, obviously, the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems. Disruption, I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is on the one hand everybody who sees the survey, who reads it's is going to say, well, that's obvious. Of course, ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into. But one of the things that I hear on a daily basis from the customers is it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping it ideally from all the tooling that needed to do. A lot of people are even still wondering when that happens next time what do I even do? So clearly not very surprising. Clearly I think it's here to stay. And I think as long as people don't retool for a modern era of data management, this is going to stay this way. >> Yeah, I mean, I hear this whole time in our CUBE conversations with practitioners. It's kind of like the security program, give me more tools I'll buy anything that comes in the market, I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side because people claim that they have tools at fine points of recovery opportunities but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? Because I think this is where the rubber meets the road with ransomware 'cause it is a moving train, it's always changing but it doesn't seem as confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first and Stephen can add to it. What happens is I think this is a panic buying and they have accumulated this tooling now just because somebody said it could solve your problem. But they haven't had a chance to take a relook from a ground up perspective to see where are the bottlenecks, where are the vulnerabilities and which tooling set needs to lie where, where does the logic need to reside. And what at Druva of we are watching people do and people do it successfully, is that as they have adopted Druva technology which is ground up built for the cloud, and really built in a way which is driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware. And then there is a whole plethora of ecosystem players that kind of combine to really really finish the story so to say, right? So I think this has been a panic buying situation. This is like, get me any help you can give me. And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> I was going to say I mean, one of the really interesting things in this survey for me and for a moment, little more than a moment it made me think was the large number of respondents who said, I've got a really efficient well run back up environment. Who then on basically the next question said, and I have no confidence that I can recover from a ransomware attack. And you scratch your head and you think, well, if your backup environment is so good, why do you have such low confidence? And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture and let's face it, the disbase architecture has been around for almost two decades now in terms of disbased backup. You can have that tune to the help, that can be running as efficiently as you want it. But it was built before the ransomware attacks, before all these cyber issues really started hitting companies. And so I have this really well run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, I'm doing the best I can, but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Well, that's a great point. And before we get into the customer side I want to get to in second. I interviewed Jaspreet, the founded and CEO many years ago even before the pandemic and you mentioned modern. You guys have always had the cloud with Druva, this is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? Because that's a great point. A lot of stuff was built kind of back up and recovery bolted on, not really kind of designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now is a huge issue. >> I think to me there's three things that come up over and over and over again as we talk to people in terms of being built in cloud, being cloud native, why isn't an advantage? The first one is security and ransomware. And we can go deeper but the most obvious one that always comes up is every single backup you do with Druva is air gapped, offsite, managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. I think the second advantage is the scalability. And this certainly plays into account as your business grows or in some cases as you shrink or repurpose workloads you're only paying for what you use. But it also plays a big role again when you start thinking of ransomware recoveries because we can scale your recovery in cloud on premises as much or as little as you want. And then I think the third one is we're seeing basically things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being SaaS service in the cloud is you're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, wow, I need it six months in the lab before I upgrade it and it's an 18 month, 24 month cycle before the functionality releases. You're getting it every two weeks and it's backed by Druva to make sure it works. >> That says it. Anjan, you got the product side, it's a challenging job 'cause you have so many customers asking for things probably on the roadmap you probably go hour for that one. But I want to get your thoughts on what you're hearing and seeing from customers. we just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated probably on the feature request, but also structurally as as ransomware continues to evolve. What are you hearing, what's the key customer need? How are you guys responding? >> Yeah, actually I have two things that I hear very clearly when I talk to customers. One, I think after listening to their security problems and their vulnerability challenges because we see customers and help customers who are getting challenged by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now, where we come in as Druva is that we are providing them the cloud operating model and a data protection operating model combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate. Because this is just not about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate we're in the middle of the war so to say, right? The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at 100 miles per hour while they're just trying to live one day at a time. And unless they really develop this overall security operating model helped by cloud native technologies like Druva that is really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure not just beyond backups, beyond just the data protection that we all know of into this kind of this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS. And we are going to be continuing to evolve that to further many services that public cloud software 'cause our customers are really kind of consuming them at breakneck speed. >> So the new workloads, the new security capabilities. Love that, good call out there. Stephen there's still the issue of the disruption side of it. You guys have a guarantee, there's a cost to ownership as you get more tools. Can you talk about that angle of it? Because you got new workloads, you got the new security needs, what's the disruption impact? Because you won't avoid that, how much is it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, again, we're willing to put our money where our mouth is and that's a big deal, right? That we're willing to back this with the guarantee. But then the second part and this is the part that I think reflects that sort of model that Anjan was talking about. We sort of look at this and we say, the goal of Druva is to do the job of protecting and securing your data for you. So that you as a customer don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks all with SLAs. So everything from your data is going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course, for it to be recoverable we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally. And we're guaranteeing the long term durability of the data so that if you back up with us today and you need to recover it 30 years from now, that data is going to be recovered. So we wanted to really attack the end to end risks that affect our customers. Cybersecurity is a big deal but it is not the only problem out there. And the only way for this to work is to have a service that can provide you SLAs across all of the risks because that means, again, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great point. Ransomware isn't the only problem, that's the title of this presentation. But it's a big one and people concerned about it so great stuff. And the last five minutes guys if you don't mind, I'd love to have you share what's on the horizon for Druva. You mentioned the new workloads Anjan, you mentioned this new security hearing shift left, DevOps is now the developer model, they're running IT. Yet data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching and how are you guys putting that together to stay ahead in the marketplace and the competition? >> I think listening to our customers, what we realize is they need help with the public cloud number one. I think that's a big wave of consumption. People are consolidating their data centers moving to the public cloud. They need help in expanding data protection which becomes the basis of a lot of the security operating model that I talked about. They need that first from Druva before they can start to get into much more advanced level of insights and analytics on that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer which I think is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor. And look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need what kind of protection and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build all the way from a feature level where we have things like recycle bin that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it. But also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights and security. And that's where my focus is to go and get those features delivered. And Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure. So John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds if not thousands of SaaS applications. And a lot of those SaaS applications have data. So there's the obvious things like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce. Because if you think about it, if someone deletes some really important records in Salesforce, that's actually kind of the record of your business. And so we're looking at one more SaaS application protection and really getting deep in that application awareness. It's not just about backup and recovery. When you look at something like a Salesforce or something like a Microsoft 365, you do want to look into sandboxing, you want to look into long term archival. Because this is the new record of the business, what used to be in your on-premises databases that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. And I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous. So that customers, again, I want to do the job for them, we'll do all the tuning, we'll do all the management for them. To be able to better detect ransomware attacks, better respond to ransomware attacks because we're seeing across the globe. And then of course, being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed when that attack happens. So we want to be able to again, cover those SaaS applications in addition to the public cloud. And then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers. Not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff, Anjan. >> And remember John, I think all this while keeping things really easy to consume, consumer grade UI, APIs. And during the power of SaaS as a service simplicity to kind of continue on amongst kind of keeping these complex technologies together. >> Anjan, that's a great call out. I was going to mention ease of use and self-service, big part of the developer and IT experience expected it's a table stakes, love the analytic angle. I think that brings the scale to the table and faster time to value to get to learn best practices. But at the end of the day, automation, cross cloud protection and security to protect and recover. This is huge and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of the product. Thanks for coming on, appreciate it. >> Thank you very much. >> Okay, there it is. You got the experts talk about the hood, the product, the value, the future of what's going on with Druva and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Allante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. >> As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth, infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The Druva data resiliency cloud is the only 100% SaaS data resiliency platform that provides centralized, secure air gapped and immutable backup and recovery. With Druva, your data is safe with multiple layers of protection and is ready for fast recovery from cyber attacks, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds and your business critical SaaS applications. Druva is the only 100% SaaS vendor that can manage, govern, and protect data across multiple clouds and business critical SaaS applications. It supports not just backup up and recovery, but also data resiliency across high value use cases such as e-discovery, sensitive data governance, ransomware and security. No other vendor can match Druva for customer experience, infinite scale, storage optimization, data immutability and ransomware protection. The Druva data resiliency cloud, your data always safe, always ready. Visit druva.com today to schedule a free demo. (upbeat music) >> One of the big takeaways from today's program is that in the scramble to keep business flowing over the past two plus years, a lot of good technology practices have been put into place. But there's much more work to be done, specifically because the frequency of attacks is on the rise and the severity of lost, stolen or inaccessible data is so much higher today. Business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a systems view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed/accuracy of recovery. We hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you got to do is go to thecube.net and you'll see all the content. Or you can go to druva.com. There are tons of resources available including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching Why Ransomware Isn't Your Only Problem made possible by Druva. A collaboration with IDC and presented by theCUBE, your leader in enterprise and emerging tech coverage. (upbeat music)

>> The past 2 1/2 years have seen a dramatic change in the security posture of virtually all organizations. By accelerating the digital business mandate, the isolation economy catalyzed a move toward cloud computing to support remote workers. This we know. This had several ripple effects on CSO and CIO strategies that were highly visible at the Board of Directors' level. Now, the first major change was to recognize that the perimeter had suddenly been vaporized. Protection, as a result, moved away from things like perimeter-based firewalls toward more distributed endpoints, cloud security, and modern identity management. The second major change was a heightened awareness of the realities of ransomware. Ransomware as a service, for example, emerged as a major threat where virtually anyone with access to critical data and criminal intentions could monetize corporate security exposures. The third major change was a much more acute understanding of how data protection needed to become a fundamental component of cybersecurity strategies, and more specifically, CIOs quickly realized that their business resilience strategies were too narrowly DR-focused, that their DR approach was not cost efficient and needed to be modernized, and that new approaches to operational resilience were needed to reflect the architectural and business realities of this new environment. Hello, and welcome to "Why Ransomware isn't Your Only Problem," a service of theCUBE made possible by Druva, and in collaboration with IDC. I'm your host, Dave Vellante, and today, we're presenting a three-part program. We'll start with the data. IDC recently conducted a global survey of 500 business technology practitioners across 20 industries to understand the degree to which organizations are aware of and prepared for the threats they face in today's new world. IDC Research Vice President Phil Goodwin is here to share the highlights of the study and to summarize the findings from a recent research report on the topic. After that, we're going to hear from Curtis Preston, who's the Chief Technical Evangelist at Druva. I've known Curtis for decades. He's one of the world's foremost experts on backup and recovery, specifically, and data protection, generally. Curtis will help us understand how the survey data presented by IDC aligns with the real world findings from the field from his point of view. And he'll discuss why so many organizations have failed to successfully recover from an attack without major pains and big costs, and how to avoid such operational disruptions and disasters. And then finally, we'll hear from the technical experts at Druva, Stephen Manley and Anjan Srinivas. Stephen is a 10-time CUBE alum and Chief Technology Officer at Druva, and Anjan is Vice President and General Manager of Product Management at the company. And these individuals will specifically address how Druva is closing the gaps presented in the IDC survey through their product innovation. But right now I'm going to toss it to Lisa Martin, another one of the hosts for today's program. Lisa, over to you. (upbeat music) >> Bill Goodwin joins me next, the VP of Research at IDC. We're going to be breaking down what's going on in the threat landscape. Phil, welcome to the program. It's great to have you back on theCUBE. >> Hey, Lisa, it's great to be here with you. >> So talk to me about the state of the global IT landscape as we see cyberattacks massively increasing, the threat landscape changing so much. What is IDC seeing? >> You know, you really hit the top topic that we find from IT organizations as well as business organizations. And really, it's that digital resilience, that ransomware that has everybody's attention, and it has the attention, not just of the IT people, but of the business people alike, because it really does have profound effects across the organization. The other thing that we're seeing, Lisa, is really a move towards cloud. And I think part of that is driven by the economics of cloud, which fundamentally changed the way that we can approach disaster recovery, but also has accelerated during the pandemic for all the reasons that people have talked about in terms of work from home and so on. And then really the third thing is the economic uncertainty, and this is relatively new for 2022, but within IDC we've been doing a lot of research around what are those impacts going to be? And what we find people doing is they want greater flexibility, they want more cost certainty, and they really want to be able to leverage those cloud economics to have the scale up or scale down on demand nature of cloud. So those are, in a nutshell, kind of the three things that people are looking at. >> You mentioned ransomware. It's a topic we've been talking about a lot. It's a household word these days. It's now, Phil, no longer if we're going to get attacked, it's when, it's how often, it's the severity. Talk about ransomware as a priority all the way up the stack to the C-suite, and what are they trying to do to become resilient against it? >> Well, what some of the research that we did is we found that about 77% of organizations have digital resilience as a top priority within their organization. And so what you're seeing is organizations trying to leverage things to become more resilient, more digitally resilient, and to be able to really hone in on those kinds of issues that are keeping them awake at night, quite honestly. If you think about digital resilience, it really is foundational to the organization, whether it's through digital transformation or whether it's simply data availability, whatever it might happen to be. Digital resilience is really a large umbrella term that we use to describe that function that is aimed at avoiding data loss, assuring data availability, and helping the organization to extract value from their data. >> And digital resilience, data resilience, as every company these days has to be a data company to be competitive. Digital resilience, data resilience, are you using those terms interchangeably or is data resilience defined as something a little bit different? >> Well, sometimes yeah, we do get caught using them when one is the other. But data resilience is really a part of digital resilience, if you think about the data itself in the context of IT computing. So it really is a subset of that, but it is foundational to IT resilience. You can't have IT resilience without data resilience. So that's where we're coming from on it. >> Inextricably linked, and it's becoming a corporate initiative, but there's some factors that can complicate digital resilience, data resilience for organizations. What are some of those complications that organizations need to be aware of? >> Well, one of the biggest is what you mentioned at the top of the segment, and that is the area of ransomware. The research that we found is about 46% of organizations have been hit within the last three years. You know, it's kind of interesting how it's changed over the years. Originally, being hit by ransomware had a real stigma attached to it. Organizations didn't want to admit it, and they really avoided confronting that. Nowadays, so many people have been hit by it that that stigma has gone. And so really it is becoming more of a community kind of effort as people try to defend against these ransomers. The other thing about it is it's really a lot like Whac-A-Mole, you know. They attack us in one area and we defend against it so they attack us in another area, and we defend against it. And in fact, I had an individual come up to me at a show not long ago and said, "You know, one of these days we're going to get pretty well defended against ransomware and it's going to go away." And I responded I don't think so because we're constantly introducing new systems, new software, and introducing new vulnerabilities. And the fact is ransomware is so profitable, the bad guys aren't going to just fade into the night without giving it a a lot of fight. So I really think that ransomware is one of those things that is here for the long term and something that we have to address and have to get proactive about. >> You mentioned some stats there, and recently IDC and Druva did a white paper together that really revealed some quite shocking results. Talk to me about some of the things. Let's talk a little bit about the demographics of the survey and then talk about what was the biggest finding there, especially where it's concerning ransomware? >> Yeah, this was a worldwide study. It was sponsored by Druva and conducted by IDC as an independent study. And what we did, we surveyed 500, it was a little over 500 different individuals across the globe in North America, select countries in Western Europe, as well as several in Asia Pacific. And we did it across industries there were 20 different industries represented, they're all evenly represented. We had surveys that included IT practitioners, primarily CIOs, CTOs, VP of infrastructure, you know, managers of data centers, things like that. And the biggest finding that we had in this, Lisa, was really finding that there is a huge disconnect, I believe, between how people think they are ready and what the actual results are when they get attacked. Some of the statistics that we learned from this, Lisa, include 83% of organizations believe, or told us that they have a playbook that they have for ransomware. I think 93% said that they have a high degree, or a high or very high degree of confidence in their recovery tools and are fully automated. And yet, when you look at the actual results, you know, I told you a moment ago, 46% have been attacked successfully. I can also tell you that in separate research, fewer than 1/3 of organizations were able to fully recover their data without paying the ransom, and some 2/3 actually had to pay the ransom. And even when they did, they didn't necessarily achieve their full recovery. You know, the bad guys aren't necessarily to be trusted, and so the software that they provide sometimes is fully recovered, sometimes it's not. So you look at that and you go, wow. On the one hand, people think they're really, really prepared, and on the other hand, the results are absolutely horrible. You know, 2/3 of people having to pay the ransom. So you start to ask yourself, well, what's going on there? And I believe that a lot of it comes down to, kind of reminds me of the old quote from Mike Tyson. "Everybody has a plan until they get punched in the mouth." And I think that's kind of what happens with ransomware. You think you know what you're doing. You think you're ready, based on the information you have. And these people are smart people, and they're professionals, but oftentimes, you don't know what you don't know. And like I said, the bad guys are always dreaming up new ways to attack us. And so, I think, for that reason, a lot of these have been successful. So that was kind of the key finding to me and kind of the aha moment really in this whole thing, Lisa. >> That's a massive disconnect with the vast majority saying, "We have a cyber recovery playbook," yet nearly 1/2 being the victims of ransomware in the last three years, and then 1/2 of them experiencing data loss. What is it then that organizations in this situation across any industry can do to truly enable cyber resilience, data resilience? As we said, this is a matter of this is going to happen, just a matter of when and how often. >> It is a matter, yeah, as you said, it's not if, when, or how often, it's really how badly. So I think what organizations are really doing now is starting to turn more to cloud-based services, you know, finding professionals who know what they're doing, who have that breadth of experience and who have seen the kinds of necessary steps that it takes to do a recovery. And the fact of the matter is a disaster recovery and a cyber recovery are really not the same thing. And so organizations need to be able to plan the kinds of recovery associated with cyber recovery in terms of forensics, in terms of scanning, in terms of analysis, and so forth. So they're turning to professionals in the cloud much more, in order to get that breadth of experience, and to take advantage of cloud-based services that are out there. >> Talk to me about some of the key advantages of cloud-based services for data resilience versus traditional legacy on-prem equipment. What are some of the advantages? Why is IDC seeing this big shift to cloud where data resilience is concerned? >> Well, the first and foremost is the economics of it. You know, you can have on-demand resources. In the old days, when we had disaster recoveries where we had two different data centers and a failover and so forth, you know, you had double the infrastructure. If you're financial services, it might even be triple the infrastructure. It was very complicated, very difficult. By going to the cloud, organizations can subscribe to disaster recovery as a service. And increasingly what we see is a new market of cyber recovery as a service. So being able to leverage those resources, to be able to have the forensic analysis available to them, to be able to have the other resources available that are on demand, and to have that plan in place to have those resources in place. I think what happens in a number of situations, Lisa, is that organizations think they're ready, but then all of a sudden they get hit, and all of a sudden they have to engage with outside consultants, or they have to bring in other experts, and that extends the time to recover that they have and it also complicates it. So if they have those resources in place, then they can simply turn them on, engage them, and get that recovery going as quickly as possible. >> So what do you think the big issue here is? Is it that these IPT practitioners, over 500 that you surveyed across 20 industries, this a global survey, do they they not know what they don't know? What's the overlying issue here? >> Yeah, I think that's right. You don't know what you don't know, and until you get into a specific attack, you know, there are so many different ways that organizations can be attacked. And, in fact, from this research that we found is that, in many cases, data exfiltration exceeds data corruption by about 50%. But when you think about that, the issue is, once I have your data, what are you going to do? I mean, there's no amount of recovery that is going to help. So organizations are either faced with paying the ransom to keep the data from perhaps being used on the dark web, or whatever, or simply saying no, and taking their chances. So best practice things like encryption, immutability, things like that that organizations can put into place. Certainly air gaps, having a solid backup foundation to where data is, you have a high recovery, high probability of recovery, things like that. Those are the kinds of things that organizations have to put into place, really as a baseline to assure that they can recover as fast as possible and not lose data in the event of a ransomware attack. >> Given some of the disconnect that you articulated, the stats that show so many think we are prepared, we've got a playbook, yet so many are being attacked, the vulnerabilities as the landscape, threat landscape, just gets more and more amorphous. What do you recommend organizations do? You talked to the IT practitioners, but does this go all the way up to the board level in terms of, hey guys, across every industry, we are vulnerable, this is going to happen. We've got to make sure that we are truly resilient and proactive? >> Yes, and in fact, what we found from this research is in more than 1/2 of cases, the CEO is directly involved in the recovery. So this is very much a C-suite issue. And if you look at the consequences of ransomware, it's not just the ransom, it's the lost productivity, it's the loss of revenue. It's the loss of customer faith and goodwill, and organizations that have been attacked have suffered those consequences, and many of them are permanent. So people at the board level, whether it's the CEO, the CFO, the CIO, the CSO, you know, whoever it is, they're extremely concerned about these. And I can tell you, they are fully engaged in addressing those issues within their organization. >> So all the way at the top, and critically important, business critical for any industry. I imagine some industries may be a little bit more vulnerable than others, financial services, healthcare, education. We've just seen a big attack in Los Angeles County. But in terms of establishing data resilience, you mentioned ransomware isn't going anywhere, it's a big business, it's very profitable. But what is IDC's prediction where ransomware is concerned? Do you think that organizations, if they truly adopt cloud and SaaS-based technologies, can they get to a place where the C-suite doesn't have to be involved to the point where they really actually have a functioning playbook? >> I don't know if we'll ever get to the point where the C-suite is not involved. It's probably very important to have that level of executive sponsorship. But what we are seeing is, in fact, we predict that by 2025, 55% of organizations will have shifted to a cloud-centric strategy for their data resilience. And the reason we say that is, you know, workloads on premises aren't going away. So that's the core. We have an increasing number of workloads in the cloud and at the edge, and that's really where the growth is. So being able to take that cloud-centric model and take advantage of cloud resources like immutable storage, being able to move data from region to region inexpensively and easily, and to be able to take that cloud-centric perspective and apply it on premises as well as in the cloud and at the edge is really where we believe that organizations are shifting their focus. >> Got it, we're just cracking the surface here, Phil. I wish we had more time, but I had a chance to read the Druva-sponsored IDC white paper. Fascinating finds. I encourage all of you to download that, take a read. You're going to learn some very interesting statistics and recommendations for how you can really truly deploy data resilience in your organization. Phil, it's been a pleasure to have you on the program. Thank you for joining me. >> No problem. Thank you, Lisa. >> In a moment, John Furrier will be here with his next guest. For right now, I'm Lisa Martin, and you are watching theCUBE, the leader in live tech coverage. >> We live in a world of infinite data. Sprawling, dispersed, valuable, but also vulnerable. So how do organizations achieve data resiliency when faced with ever expanding workloads, increasing security threats, and intensified regulations? Unfortunately, the answer often boils down to what flavor of complexity do you like best? The common patchwork approaches are expensive, convoluted, and difficult to manage. There's multiple software and hardware vendors to worry about, different deployments for workloads running on-premises or in the cloud. And an inconsistent security framework resulting in enterprises maintaining four to five copies of the same data, increasing costs and risk, building to an incoherent mess of complications. Now, imagine a world free from these complexities. Welcome to the the Druva Data Resiliency Cloud, where full data protection and beautiful simplicity converge. No hardware, no upgrades, no management, just total data resilience. With just a few clicks, you can get started integrating all of your data resiliency workflows in minutes. Through a true cloud experience built on Amazon Web Services, the Druva platform automates and manages critical daily tasks, giving you time to focus on your business. In other words, get simplicity, scalability, and security instantly. With the Druva Data Resiliency Cloud, your data isn't just backed up, it's ready to be used 24/7 to meet compliance needs and to extract critical insights. You can archive data for long-term retention, be protected against device failure and natural disasters, and recover from ransomware lightning fast. Druva is trusted with billions of backups annually by thousands of enterprises, including more than 60 of the Fortune 500, costing up to 50% less than the convoluted hardware, software, and appliance solutions. As data grows and becomes more critical to your business advantage, a data resiliency plan is vital, but it shouldn't be complicated. Druva makes it simple. (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE and the Druva special presentation of "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. We're here with W Curtis Preston, Curtis Preston, as he's known in the industry, Chief Technical Evangelist at Druva. Curtis, great to see you. We're here at "Why Ransomware isn't Your Only Problem." Great to see you, thanks for coming on. >> Happy to be here. >> So we always see each other at events now events are back. So it's great to have you here for this special presentation. The white paper from IDC really talks about this in detail. I'd like to get your thoughts, and I'd like you to reflect on the analysis that we've been covering here in this survey data, how it lines up with the real world that you're seeing out there. >> Yeah, I think it's, the survey results really, I'd like to say, I'd like to say that they surprised me, but unfortunately, they didn't. The data protection world has been this way for a while where there's this difference in belief, or difference between the belief and the reality. And what we see is that there are a number of organizations that have been hit, successfully hit by ransomware, paid the ransom and/or lost data, and yet the same people that were surveyed, they had high degrees of confidence in their backup system. And, you know, I could probably go on for an hour as to the various reasons why that would be the case, but I think that this long running problem that as long as I've been associated with backups, which, you know, has been a while, it's that problem of, you know, nobody wants to be the backup person. And people often just, they don't want to have anything to do with the backup system, and so it sort of exists in this vacuum. And so then management is like, "Oh, the backup system's great," because the backup person often, you know, might say that it's great because maybe it's their job to say so. But the reality has always been very, very different. >> It's funny, you know. "We're good, boss, we got this covered." >> Yeah, it's all good, it's all good. >> And the fingers crossed, right? So again, this is the reality, and as it becomes backup and recovery, which we've talked about many times on theCUBE, certainly we have with you before, but now with ransomware, also, the other thing is people get ransomware hit multiple times. So it's not only like they get hit once, so, you know, this is a constant chasing the tail on some ends, but there are some tools out there, You guys have a solution, and so let's get into that. You know, you have had hands-on backup experience. What are the points that surprise you the most about what's going on in this world and the realities of how people should be going forward? What's your take? >> Well, I would say that the one part in the survey that surprised me the most was people that had a huge, you know, there was a huge percentage of people that said that they had, you know, a ransomware response, you know, and readiness program. And you look at that, and how could you be, you know, that high a percentage of people be comfortable with their ransomware readiness program, which includes a number of things, right? There's the cyberattack aspect of responding to a ransomware attack, and then there's the recovery aspect. And so you believe that your company was ready for that, and then you go, and I think it was 67% of the people in the survey paid the ransom, which as a person who, you know, has spent my entire career trying to help people successfully recover their data, that number, I think, just hurt me the most is that because, you talked about re-infections. The surest way to guarantee that you get re-attacked and reinfected is to pay the ransom. This goes back all the way to ransom since the beginning of time, right? Everyone knows if you pay the blackmail, all you're telling people is that you pay blackmail. >> You're in business, you're a good customer >> Yeah, yeah, exactly. >> for ransomware. >> Yeah, so the fact that, you know, 60, what, 2/3 of the people that were attacked by ransomware paid the ransom. That one statistic just hurt my heart. >> Yeah, and I think this is the reality. I mean, we go back, and even the psychology of the practitioners was, you know, it's super important to get backup and recovery, and that's been around for a long time, but now that's an attack vector, okay? And there's dollars involved, like I said, I'm joking, but there's recurring revenue for the bad guys if they know you're paying up and if you're stupid enough not to change your tooling. So again, it works both ways. So I got to ask you, why do you think so many owners are unable to successfully respond after an attack? Is it because, they know it's coming, I mean, they're not that dumb. I mean, they have to know it's coming. Why aren't they responding successfully to this? >> I think it's a litany of things, starting with that aspect that I mentioned before, that nobody wants to have anything to do with the backup system, right? So nobody wants to be the one to raise their hand because if you're the one that raises their hand, "You know, that's a good idea, Curtis, why don't you look into that?" Nobody wants to be- >> Where's that guy now? He doesn't work here anymore. Yeah, I hear where you coming from. >> Exactly. >> It's psychology (indistinct) >> Yeah, so there's that. But then the second is that because of that, no one's looking at the fact that backups are the attack vector. They become the attack vector. And so because they're the attack vector, they have to be protected as much, if not more than the rest of the environment. The rest of the environment can live off of Active Directory and, you know, and things like Okta, so that you can have SSO and things like that. The backup environment has to be segregated in a very special way. Backups have to be stored completely separate from your environment. The login and authentication and authorization system needs to be completely separate from your typical environment. Why? Because if that production environment is compromised, now knowing that the attacks or that the backup systems are a significant portion of the attack vector, then if the production system is compromised, then the backup system is compromised. So you've got to segregate all of that. And I just don't think that people are thinking about that. You know, and they're using the same backup techniques that they've used for many, many years. >> So what you're saying is that the attack vectors and the attackers are getting smarter. They're saying, "Hey, we'll just take out the backup first so they can't backup. So we got the ransomware." It makes sense. >> Yeah, exactly. The largest ransomware group out there, the Conti ransomware group, they are specifically targeting specific backup vendors. They know how to recognize the backup servers. They know how to recognize where the backups are stored, and they are exfiltrating the backups first, and then deleting them, and then letting you know you have ransom. >> Okay, so you guys have a lot of customers. They all kind of have the same problem. What's the patterns that you're seeing? How are they evolving? What are some of the things that they're implementing? What is the best practice? >> Well, again, you've got to fully segregate that data, and everything about how that data is stored and everything about how that data's created and accessed, there are ways to do that with other, you know, with other commercial products. You can take a standard product and put a number of layers of defense on top of it, or you can switch to the way Druva does things, which is a SaaS offering that stores your data completely in the cloud in our account, right? So your account could be completely compromised. That has nothing to do with our account. It's a completely different authentication and authorization system. You've got multiple layers of defense between your computing environment and where we store your backups. So basically, what you get by default with the way Druva stores your backups is the best you can get after doing many, many layers of defense on the other side and having to do all that work. With us, you just log in and you get all of that. >> I guess, how do you break the laws of physics? I guess that's the question here. >> Well, because that's the other thing is that by storing the data in the cloud, and I've said this a few times, you get to break the laws of physics, and the only way to do that is time travel. (both laughing) So yes, so Druva has time travel. And this is a Curtisism, by the way, I don't think this is our official position, but the idea is that the only way to restore data as fast as possible is to restore it before you actually need it, and that's kind of what I mean by time travel, in that you, basically, you configure your DR, your disaster recovery environment in Druva one time, and then we are pre-restoring your data as often as you tell us to do, to bring your DR environment up to the, you know, the current environment as quickly as we can so that in a disaster recovery scenario, which is part of your ransomware response, right? Again, there are many different parts, but when you get to actually restoring the data, you should be able to just push a button and go. The data should already be restored. And that's the way that you break the laws of physics is you break the laws of time. >> (laughs) Well, all right, everyone wants to know the next question, and this is a real big question is, are you from the future? >> (laughs) Yeah. Very much the future. >> What's it like in the future, backup, recovery? How does it restore? Is it air gapping everything? >> Yeah, well, it's a world where people don't have to worry about their backups. I like to use the phrase get out of the backup business, just get into the restore business. You know, I'm a grandfather now, and I love having a granddaughter, and I often make the joke that if I'd have known how great grandkids were, I would've skipped straight to them, right? Not possible. Just like this. Recoveries are great. Backups are really hard. So in the future, if you use a SaaS data protection system and data resiliency system, you can just do recoveries and not have to worry about backups. >> Yeah, and what's great about your background is you've got a lot of historical perspective. You've seen that, the waves of innovation. Now it really is about the recovery and real time. So a lot of good stuff going on. And got to think automated, things got to be rocking and rolling. >> Absolutely. Yeah. I do remember, again, having worked so hard with many clients over the years, back then, we worked so hard just to get the backup done. There was very little time to work on the recovery. And I really, I kid you not, that our customers don't have to do all of those things that all of our competitors have to do to, you know, to break, to try to break the laws of physics, I've been fighting the laws of physics my entire career, to get the backup done in the first place, then to secure all the data, and to air gap it and make sure that a ransomware attack isn't going to attack it. Our customers get to get straight to a fully automated disaster recovery environment that they get to test as often as possible and they get to do a full test by simply pressing a single button. And you know, I wish everybody had that ability. >> Yeah, I mean, security's a big part of it. Data's in the middle of it all. This is now mainstream, front lines, great stuff. Curtis, great to have you on, bring that perspective, and thanks for the insight. Really appreciate it. >> Always happy to talk about my favorite subject. >> All right, we'll be back in a moment. We'll have Stephen Manley, the CTO, and Anjan Srinivas, the GM and VP of Product Management will join me. You're watching theCUBE, the leader in high tech enterprise coverage. >> Ransomware is top of mind for everyone. Attacks are becoming more frequent and more sophisticated. It's a problem you can't solve alone anymore. Ransomware is built to exploit weaknesses in your backup solution, destroying data, and your last line of defense. With many vendors, it can take a lot of effort and configuration to ensure your backup environment is secure. Criminals also know that it's easy to fall behind on best practices like vulnerability scans, patches, and updates. In fact, 42% of vulnerabilities are exploited after a patch has been released. After an attack, recovery can be a long and manual process that still may not restore clean or complete data. The good news is that you can keep your data safe and recover faster with the Druva Data Resiliency Cloud on your side. The Druva platform functions completely in the cloud with no hardware, software, operating system, or complex configurations, which means there are none of the weaknesses that ransomware commonly uses to attack backups. Our software as a service model delivers 24/7/365 fully managed security operations for your backup environment. We handle all the vulnerability scans, patches, and upgrades for you. Druva also makes zero trust security easy with built-in multifactor authentication, single sign-on, and role-based access controls. In the event of an attack, Druva helps you stop the spread of ransomware and quickly understand what went wrong with built-in access insights and anomaly detection. Then you can use industry first tools and services to automate the recovery of clean, unencrypted data from the entire timeframe of the attack. Cyberattacks are a major threat, but you can make protection and recovery easy with Druva. (electronic music) (upbeat music) (mouse clicks) >> Welcome back, everyone, to theCUBE's special presentation with Druva on "Why Ransomware isn't Your Only Problem." I'm John Furrier, host of theCUBE. Our next guests are Stephen Manley, Chief Technology Officer of Druva, and Anjan Srinivas, who is the General Manager and Vice President of Product Management at Druva. Gentlemen, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic. The IDC white paper that you guys put together with IDC really kind of nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >> Great to be here, John. >> So what's your thoughts on the survey's conclusion? Obviously, the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems, disruption. I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is, on the one hand, everybody who sees the survey and reads it is going to say, "Well, that's obvious." Of course, ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into, but one of the things that I hear on a daily basis from the customers is, it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping IT away from all the tooling that they needed to do. A lot of people are even still wondering, when that happens next time, what do I even do? So clearly not very surprising. Clearly, I think it's here to stay, and I think as long as people don't retool for a modern era of data management, this is going to to stay this way. >> Yeah, I hear this all the time in our CUBE conversations with practitioners. It's kind of like the security pro, give me more tools, I'll buy anything that comes in the market, I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on in the product side? Because, you know, people claim that they have tools at crime points of recovery opportunities, but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? 'cause I think this is where the rubber meets the road with ransomware 'cause it is a moving train, it's always changing, but it doesn't seem there's confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first, and Stephen can add to it. What happens is, I think this is a panic buying and they have accumulated this tooling now just because somebody said they could solve your problem, but they haven't had a chance to take a real look from a ground up perspective to see where are the bottlenecks? Where are the vulnerabilities? And which tooling set needs to lie where? Where does the logic need to reside? And what, in Druva, we are watching people do and people do it successfully, is that as they have adopted Druva technology, which is ground up built for the cloud, and really built in a way which is, you know, driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware, and then there's a whole plethora of ecosystem players that kind of combine to really finish the story, so to say, right? So I think this has been a panic buying situation. This is like, "Get me any help you can give me." And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva, and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> Yes, Stephen? >> I was going to say, I mean, one of the the really interesting things in the survey for me, and for a moment, a little more than a moment, it made me think was that the large number of respondents who said, "I've got a really efficient, well-run back environment," who, then, on basically the next question said, "And I have no confidence that I can recover from a ransomware attack." And you scratch your head and you think, "Well, if your backup environment is so good, why do you have such low confidence?" And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture, and let's face it, the disk-based architecture's been around for almost two decades now, in terms of disk-based backup, you can have that tuned to the hilt. That can be running as efficiently as you want it, but it was built before the ransomware attacks, before all these cyber issues, you know, really start hitting companies. And so I have this really well-run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, "I'm doing the best I can," but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Yeah, great point. >> And so, yeah. >> Well, that's a great point. Before we get into the customer side I want to get to in second, you know, I interviewed Jaspreet, the founder and CEO many years ago, even before the pandemic, and you mentioned modern. You guys have always had the cloud with Druva. This is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? 'Cause that's a great point. A lot of stuff was built kind of backup and recovery bolted on, not really kind of designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now. It's a huge issue. >> I think, to me there's three things that come up over and over and over again as we talk to people in terms of, you know, being built in cloud, being cloud native, why is it an advantage? The first one is security and ransomware. And we can go deeper, but the most obvious one that always comes up is every single backup you do with Druva is air gapped, offsite, managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. The second advantage is the scalability. And you know, this certainly plays into account as your business grows, or, in some cases, as you shrink or repurpose workloads, you're only paying for what you use. But it also plays a big role, again, when you start thinking of ransomware recoveries because we can scale your recovery in cloud, on premises as much or as little as you want. And then I think the third one is we're seeing, basically, things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SaaS service in the cloud is we're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, "Wow, I needed six months in the lab before I upgrade it and it's an 18-month, 24-month cycle before the functionality releases. You're getting it every two weeks, and it's backed by Druva to make sure it works. >> Anjan, you know, you got the product side, you know, it's a challenging job 'cause you have so many customers asking for things, probably on the roadmap, you probably can go an hour for that one, but I want to get your thoughts on what you're hearing and seeing from customers. We just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated, probably on the feature requests, but also structurally as ransomware continues to evolve. What are you hearing? What's the key customer need? How are you guys responding? >> Yeah, actually, I have two things that I hear very clearly when I talk to customers. One, I think, after listening to their security problems and their vulnerability challenges, because we see customers and help customers who are getting challenged by ransomware on a weekly basis. And what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in, as Druva, is that we are providing them the cloud operating model and a data protection operating model, combined with a data insights operating model which all fit into their overall security operating model that they are really owning and they need to manage and operate, because this is not just about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate in the middle of the war, so to say. The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming, not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at 100 miles per hour, while they're just trying to live one day at a time. And unless they really develop this overall security operating model, helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS, and we are going to be continuing to evolve that to further the many services that public cloud software 'cause our customers are really kind of consuming them at breakneck speed. >> So new workloads, new security capabilities. Love that. Good call out there. Stephen, there's still the issue of the disruption side of it. You guys have a guarantee. There's a cost of ownership as you get more tools. Can you talk about that angle of it? You got new workloads, you got the new security needs, what's the disruption impact? 'Cause you want to avoid that. How much is it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, you know, again, we're willing to put our money where our mouth is, and that's a big deal, right? That we're willing to back this with the guarantee. But then the second part, and this is the part that I think reflects that sort of model that Anjan was talking about. We sort of look at this and we say the goal of Druva is to do the job of protecting and securing your data for you so that you, as a customer, don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks, all with SLAs. So everything from your data's going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course, for it to be recoverable, we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally, and we're guaranteeing the long-term durability of the data so that if you backup with us today and you need to recover 30 years from now, that data's going to be recovered. So we wanted to really attack the end-to-end risks that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there, and the only way for this to work is to have a service that can provide you SLAs across all of the risks, because that means, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great. Great point. Ransomware isn't the only problem. That's the title of this presentation, but it's a big one. (laughs) People are concerned about it, so great stuff. In the last five minutes, guys, if you don't mind, I'd love to have you share what's on the horizon for Druva? You mentioned the new workloads, Anjan. You mentioned this new security. You're going to shift left. DevOps is now the developer model. They're running IT. Get data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching, and how are you guys putting that together to stay ahead in the marketplace and the competition? >> Yeah, I think, listening to our customers, what we realize is they need help with the public cloud, number one. I think that's a big wave of consumption. People are consolidating their data centers, moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first, from Druva, before they can start to get into much more advanced level of insights and analytics around that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which, I think, is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor, and look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build, all the way from a feature level where we have things like (audio distorts) that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights, and security, and that's where my focus is, to go and get those features delivered, and Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure, so, yeah, so John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds, if not thousands of SaaS applications, and a lot of those SaaS applications have data. So there's the obvious things, like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce because, if you think about it, if someone you know deletes some really important records in Salesforce, that's actually kind of the record of your business. And so, we're looking at more and more SaaS application protection, and really getting deep in that application awareness. It's not just about backup and recovery when you look at something like a Salesforce, or something like Microsoft 365. You do want to look into sandboxing, you want to look into long-term archival, because this is the new record of the business. What used to be in your on-premises databases, that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them. We'll do all the tuning, we'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks, because we're seeing across the globe. And then, of course, being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because, let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed when that attack happens. So we want to be able to, again, cover those SaaS applications in addition to the public cloud, and then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers. Not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff. >> And remember, John, I think all this while keeping things really easy to consume, consumer grade UI, APIs, and then really the power of SaaS as a service, simplicity to kind of continue on, amongst kind of keeping these complex technologies together. >> Anjan, that's a great callout. I was going to mention ease of use and self-service. Big part of the developer and IT experience. Expected. It's the table stakes. Love the analytic angle, I think that brings the scale to the table, and faster time to value to get to learn best practices. But at the end of the day, automation, cross-cloud protection and security to protect and recover. This is huge, and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of the product. Thanks for coming on, appreciate it. >> Thank you very much. >> Okay, there it is. You have the experts talk about under the hood, the product, the value, the future of what's going on with Druva, and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Vellante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. >> As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl, and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth, infrastructure, and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The Druva Data Resiliency Cloud is the only 100% SaaS data resiliency platform that provides centralized, secure, air gapped, and immutable backup and recovery. With Druva, your data is safe with multiple layers of protection and is ready for fast recovery from cyberattacks, data corruption, or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale, across public clouds, and your business critical SaaS applications. Druva is the only 100% SaaS vendor that can manage, govern, and protect data across multiple clouds and business critical SaaS applications. It supports not just backup and recovery, but also data resiliency across high value use cases, such as e-discovery, sensitive data governance, ransomware, and security. No other vendor can match Druva for customer experience, infinite scale, storage optimization, data immutability, and ransomware protection. The Druva Data Resiliency Cloud, your data, always safe, always ready. Visit druva.com today to schedule a free demo. (upbeat music) >> One of the big takeaways from today's program is that in the scramble to keep business flowing over the past 2+ years, a lot of good technology practices have been put into place, but there's much more work to be done, specifically, because the frequency of attacks is on the rise and the severity of lost, stolen, or inaccessible data is so much higher today, business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a system's view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed slash accuracy of recovery. Here we hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you got to do is go to thecube.net, and you'll see all the content, or you can go to druva.com. There are tons of resources available, including analyst reports, customer stories. There's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching "Why Ransomware isn't Your Only Problem," made possible by Druva, in collaboration with IDC and presented by theCUBE, your leader in enterprise and emerging tech coverage. (upbeat music)

(upbeat music) >> TheCUBE presents UiPath Forward 5. Brought to you by UiPath. >> Hello and welcome back to TheCUBE's coverage of UiPath Forward 5. We're here in Las Vegas at the Venetian Convention Center. This is day two. We're wrapping up Dave Nicholson and Dave Vellante. This is the fourth time theCUBE has been at UiPath Forward. And we've seen the transformation of the company from, essentially, what was a really interesting and easy to adopt point product to now one through acquisitions, IPO, has made a number of enhancements to its platform. David Cardenas is here. Deputy Director of Operations for County of Los Angeles, the Department of Public Health. David, good to see you. Thanks for coming on theCUBE. >> Thanks for having me on guys. Appreciate it. >> So what is your role? What does it have to do with automation? >> So I had been, actually started off in the IT space within the public health. Had served as a CIO previously, but now been moving into broader operations. And I basically manage all of the back office operations for the department, HR, IT, finance, all that. >> So you've had a wild ride in the last couple of years. >> Yeah, I think, like I've been talking earlier, it's just been, the last two years have just been horrendous. It's been a really difficult experience for us. >> Yeah, and I mean, the scars are there, and maybe permanently. But it also had major effects on organizations, on operations that, again, seem to be permanent. How would you describe the situation in your organization? >> So I think it, the urgency that came along with the pandemic response, kind of required us to look at things, you know, differently. We had to be, realize we had to be a lot more nimble than when we were and try to figure out how to enhance our operations. But really look at the core of what we're doing and figure out how it is to be more efficient. So I think we've kind of seen it as an opportunity to really examine ourselves a little bit more deeply and see what things we need to do to kind of, to fix our operations and get things on a better path. >> You know, I think a lot of organizations we talked to say that. But I want to understand how you handle this is, you didn't have time to sit back in the middle of the pandemic. >> Yeah. >> And then as you exit, what I call the isolation economy, people are so burned out, you know? So how do you deal with that organizational trauma? Say, okay now, let's sit back and think about this. Do people, are they eager to do so? Do they have the appetite for it? What's that dynamic like? >> So I think certainly there's a level of exhaustion inside the organization. I can't say that there isn't because it's just been, you know, two years of 24/7/365 kind of work. And that's tough on any organization. But I think what we realize is that there's, you know, we need to move into action quickly 'cause we don't know what's going to come next, right? And we're expecting that this is just a sign of what's to come and that we're just at the start of that stage of, we're just going to see a lot more outbreaks, we're going to see a lot more conditions kind of hitting us. And if we're not prepared for that, we're not going to be able to respond for the, and preserve the health and safety of our citizens, right? So I think we're taking a very active, like, look at these opportunities and see what we've done and say how do we now make the changes that we made in response to the pandemic permanent so that the next time this comes at us, we won't have to be struggling the way that we were to try to figure things out because we'll have such a better foundation in place to be able to move things forward. >> I mean, I've never served in the military, but I imagine that when you're in the military, you're always prepared for some kind of, you know, in your world, code red, right? >> Yeah. >> So it's like this code red culture. And that seems to have carried through, right? People are, you know, constantly aware that, wow. We got caught off guard and we don't want that to happen again. Because that was a big part of the trauma was just the unknown- >> Right. >> and the lack of preparedness. So thinking about technology and its role in helping you to prepare for that type of uncertainty. Can you describe how you're applying technology to prepare for the next unknown? >> So I think, so that first part of what you said, I think the difficulty we've always had in the public health side is that there's the, generally the approach to healthcare is very reactionary, right? Your first interface with the healthcare system is, "I'm going to go see my doctor; I'm going to go to the hospital." The work that we do in public health is to try to do everything we can to keep you out of that, right? So it's broad-based messaging, social media now is going to put us out there. But also, to be able to surveil disease in a different way. And so the holy grail for us in healthcare has always been, at least on the public health side, has been to try to see how can we tap in more actively that when you go see the doctor or when you go to the hospital, how can I get access to that information very, very quickly so that I know, and can see, and surveil my entire county in my jurisdiction and know, oh, there's an outbreak of disease happening in this section of the county. We're 10 million people with, you know, hundreds of square miles inside of LA. There are places where we can see very, you know, specific targets that we know we have to hit. But the data's a little stale and we find out several months after. We need to figure out a way to do that more actively. Technology's going to be our path to be able to capture that information more actively and come up on something a little bit, so we can track things faster and be able to respond more quickly. So that's our focus for all our technology implementations, automation like UiPath has offered us and other things, is around how to gather that information more quickly and put that into action so we can do quick interventions. >> People have notoriously short memories. Please tell me (chuckles) any of the friction that you may have experienced in years past before the pandemic. That those friction points where people are thinking, "Eh, what are the odds?" >> Yeah. "Eh, I've got finite budget, I think I'm going to spend it on this thing over here." Do you, are you able to still ride sort of the wave of mind share at this point when putting programs together for the future? >> So whatever friction was there during the pandemic wiped away. I mean, we had amazing collaboration with the medical provider community, our hospital partners. The healthcare system in LA was working very closely with us to make sure that we were responding. And there is that wave that we are trying to make sure that we use this as an opportunity to kind of ride it so that we can implement all the things that we want. 'Cause we don't know how long that's going to last us. The last time that I saw anything this large was after the anthrax attacks and the bioterrorism attacks that we had after 9/11. >> How interesting. >> Public health was really in lens at that point. And we had a huge infusion of funding, a lot of support from stakeholders, both politically and within the healthcare system. And we were able to make some large steps in movement at that point. This feels the same but in a larger scale because now it touched every part of the infrastructure. And we saw how society really had to react to what was going on in a different way than anyone has ever prepared for. And so now is we think is a time where we know that people are making more investments. And our success is going to be their success in the longterm. >> And you have to know that expectations are now set- >> Extremely high. >> at a completely different level, right? >> Yes, absolutely. >> There is no, "Oh, we don't have enough PPE." >> Correct. >> Right? >> David: Correct. >> The the expectation level is, hey, you should have learned from all of- >> We should have it; we can deliver it, We'll have it at the ready when we need to provide it. Yes, absolutely. >> Okay, so I sort of mentioned, we're, David cubed on theCUBE (all laughing). So three Daves. You spoke today at the conference? >> Actually I'm speaking later actually in the session in an hour or so. >> Oh Okay. My understanding is that you've got this concept of putting humans at the center of the automation. What does that mean? Why is that important? Help us understand that. >> So I think what we found in the crisis is that the high demand for information was something we hadn't seen before, right? We're one of the largest media markets in the United States. And what we really had trouble with is trying to figure out how to serve the residents, to provide them the information that we needed to provide to them. And so what we had traditionally done is press releases, you know, just general marketing campaigns, billboards, trying to send our message out. And when you're talking about a pandemic where on a daily basis, hour-by-hour people wanted to know what was going on in their local communities. Like, we had to change the way that we focused on. So we started thinking about, what is the information that the residents of our county need? And how can we set up an infrastructure to sustain the feeding of that? Because if we can provide more information, people will make their own personal decisions around their personal risk, their personal safety measures they need to take, and do so more actively. More so than, you know, one of us going on camera to say, "This is what you should do." They can look for themselves and look at the data that's in front of them and be able to make those choices for themselves, right? And so we needed to make sure that everything that we were doing wasn't built around feeding it to our political stakeholders, which are important stakeholders. We needed to make sure that they're aware and are messaging out, and our leadership are aware. But it's what could we give the public to be able to make them have access to information that we were collecting on an every single day basis to be able to make the decisions for their lives. And so the automation was key to that. We were at the beginning of the pandemic just had tons and tons of resources that we were throwing at the problem that was, our systems were slow, we didn't have good ability to move data back and forth between our systems, and we needed a stop-gap solution to really fill that need and be able to make the data cycles to meet the data cycles. We had basically every day had to deliver reports and analytics and dashboards by like 10 o'clock in the morning because we knew that the 12 an hour and the five-hour news cycles were going to hit and the press were going to then take those and message out. And the public started to kind of come in at that same time and look at 10 and 11 o'clock and 12 o'clock. >> Yeah. >> We could see it from how many hits were hitting our website, looking for that information. So when we failed and had a cycle where that data cycle didn't work and we couldn't deliver, the public would let us know, the press would let us know, the stakeholders would let us know. We had never experienced anything like that before, right. Where people had like this voracious appetite for the information. So we needed to have a very bulletproof process to make sure that every single 24 hours we were delivering that data, making it available at the ready. >> Software robots enabled that. >> Exactly. >> Okay. And so how were you able to implement that so quickly within such a traumatic environment? >> So I think, I guess necessity is always the mother of invention. It kind of drove us to go real quickly to look at what we had. We had data entry operations set up where we had dozens and dozens of people whose sole job in life on a 24-hour cycle was to receive medical reports that we we're getting, interview data that's coming from our case interviews, hospitalization data that was coming in through all these different channels. And it was all coming in in various forms. And they were entering that into our systems of record. And that's what we were using, extracts from that system of record, what was using to generate the data analyses in our systems and our dashboards. And so we couldn't rely on those after a while because the data was coming in at such high volume. There wasn't enough data entry staff to be able to fit the need, right? And so we needed to replace those humans and take them out of that data entry cycle, pop in the bots. And so what we started to look at is, let's pick off the, where it is that that data entry cycle starts and see what we could do to kind of replace that cycle. And we started off with a very discreet workload that was focused on some of our case interview data that was being turned into PDFs that somebody was using to enter into our systems. And we said, "Well before you do that," since we can't import into the systems 'cause it wasn't working, the import utilities weren't working. We got 'em into simple Excel spreadsheets, mapped those to the fields in our systems and let the bots do that over and over again. And we just started off with that one-use case and just tuned it and went cycle after cycle. The bots just got better and better to the point where we had almost like 95% success rates on each submission of data transactions that we did every day. >> Okay, and you applied that automation, I don't know, how many bots was it roughly? >> We're now at like 30; we started with about five. >> Okay, oh, interesting. So you started with five and you applied 'em to this specific use case to handle the velocity and volume of data- >> Correct. >> that was coming in. But that's obviously dynamic and it's changed. >> Absolutely. >> I presume it's shifted to other areas now. So how did you take what you learned there and then apply it to other use cases in other parts of the organization? >> So, fortunately for us, the process that was being used to capture the information to generate the dashboards and the analyses for the case interview data, which is what we started with- >> Yeah. >> Was essentially being used the same for the hospitalization data that we were getting and for tracking deaths as they were coming in as well. And so the bots essentially were just, we just took one process, take the same bots, copy them over essentially, and had them follow the very same process. We didn't try to introduce any different workflow than what was being done for the first one so we could replicate quickly. So I think it was lucky for us a lot- >> Dave V.: I was going to say, was that luck or by design? >> It was the same people doing the same analyses, right? So in the end they were thinking about how to be efficient themselves. So they kind of had coalesced around a similar process. And so it was kind of like fortunate, but it was by design in terms of how they- >> Dave V.: It was logical to them. >> Logical to them to make it. >> Interesting. >> So for us to be able to insert the bots became pretty easy on the front end. It's just now as we're trying to now expand to other areas that were now encountering like unique processes that we just can't replicate that quickly. We're having to like now dig into. >> So how are you handling that? First of all, how are you determining which processes? Is it sort of process driven? Is it data driven? How do you determine that? >> So obviously right now the focus still is COVID. So the the priorities scale that we've set internally for analyzing those opportunities really is centered around, you know, which things are really going to help our pandemic response, right? We're expecting another surge that's going to happen probably in the next couple of weeks. That'll probably take us through December. Hopefully, at that point, things start to calm down. But that means high-data volume again; these same process. So we're looking at optimizing the processes that we have, what can we do to make those cycles better, faster, you know, what else can we add? The data teams haven't stopped to try to figure out how else can they turn out new data reports, new data analysis, to give us a different perspective on the new variants and the new different outbreaks and hotspots that are popping up. And so we also have to kind of keep up with where they're going on these data dashboards. So they're adding more data into these reports so we know we have to optimize that. And then there's these kind of tangential work. So for example, COVID brought about, unfortunately, a lot of domestic violence reports. And so we have a lot of domestic violence agencies that we work with and that we have interactions with and to monitor their work, we have certain processes. So that's kind of like COVID-adjacent. But it's because it's such a very critical task, we're looking at how we can kind of help in those processes and areas. Same thing in like in our substance abuse area. We have substance use disorder treatment services that we provide. And we're delivering those at a higher rate because COVID kind of created more of a crisis than we would've liked. And so that's how we're prioritizing. It's really about what is the social need, what does the community need, and how can we put the technology work in those areas? >> So how do you envision the future of automation in your organization and the future of your organization? What does that look like? Paint a picture for us. >> So I'm hoping that it really does, you know, so we're going to take everything that's COVID related in the disease control areas, both in terms of our laboratory operations, in terms of our clinic operations, the way we respond, vaccination campaigns, things of that nature. And we're going to look at it to see what can efficiencies can we do there because it's a natural outgrowth of everything we've done on COVID up to this point. So, you know, it's almost like it's as simple as you're just replicating it with another disease. The disease might have different characteristics, but the work process that we follow is very similar. It's not like we're going to change everything and do something completely different for a respiratory condition as we would for some other type of foodborne condition or something else that might happen. So we certainly see very easy opportunities to just to grow out what we've already done in terms of the processes is to do that. So that's wave one, is really focus on that grow out. The second piece I think is to look at these kind of other general kind of community-based type of operations and see what operations we can do there to kind of implement some improvements there. And then I'm certainly in my new role of, in Deputy Director of Operation, I'm a CIO before. Now that I'm in this operations role, I have access to the full administrative apparatus for the department. And believe me, there's enough to keep me busy there. (Dave V. Laughing) And so that's going to be kind of my third prong is to kind of look at the implement there. >> Awesome. Go ahead, Dave. >> Yeah, so, this is going to be taking a step back, kind of a higher level view. If we could direct the same level of rigor and attention towards some other thing that we've directed towards COVID, if you could snap your fingers and make that happen, what would that thing be in the arena of public health in LA County in particular, or if you want California, United States. What is something that you feel maybe needs more attention that it's getting right now? >> So I think I touched on it a little bit earlier, but I think it's the thing we've been always been trying to get to is how to really become just very intentional about how we share data more actively, right? I don't have to know everything about you, but there are certain things I care about when you go to the doctor for that doctor and that physician to tell me. Our physicians, our healthcare system as you know, is always under a lot of pressure. Doctors don't have the time to sit down and write a form out for me and tell me everything that's going on. During COVID they did because they were, they cared about their patients so much and knew, I need to know what's going on at every single moment. And if I don't tell you what's going on in my office, you'll never know and can't tell us what's going on in the community. So they had a vested interest in telling us. But on a normal day-to-day, they don't have the time for that. I got to replace that. We got to make sure that when we get to, not me only, but everyone in this public health community has to be focused and working with our healthcare partners to automate the dissemination and the distribution of information so that I have the information at my fingers, that I can then tell you, "Here's what's going on in your local community," down to your neighborhood, down to your zip code, your census tracked, down to your neighbors' homes. We'll be able to tell you, "This is your risk. Here are the things that are going on. This is what you have to watch out for." And the more that we can be more that focused and laser-focused on meeting that goal, we will be able to do our job more effectively. >> And you can do that while preserving people's privacy. >> Privacy, absolutely. >> Yeah, absolutely. But if people are informed then they can make their own decisions. >> Correct. >> And they're not frustrated at the systems. David, we got to wrap. >> Sure. >> But maybe you can help us. What's your impression of the, first of all, is this your first Forward? You've been to others? >> This is my first time. >> Okay. >> My first time. >> What's your sort of takeaway when you go back to the office or home and people say, "Hey, how was the show? What, what'd you learn?" What are you going to say? >> Well, from just seeing all the partners here and kind of seeing all the different events I've been able to go to and the sessions there's, you don't know many times I've gone to and say, "We've got to be doing that." And so there's certainly these opportunities for, you know, more AI, more automation opportunities that we have not, we just haven't even touched on really. I think that we really need to do that. I have to be able to, as a public institution at some point our budgets get capped. We only have so much that we're going to receive. Even riding this wave, there's only so much we're going to be able to get. So we have to be very efficient and use our resources more. There's a lot more that we can do with AI, a lot more with the tools that we saw, some of the work product that are coming out at this conference that we think we can directly apply to kind of take the humans out of that, their traditional roles, get them doing higher level work so I can get the most out of them and have this other more mundane type of work, just have the systems just do it. I don't need anybody doing that necessarily, that work. I need to be able to leverage them for other higher level capabilities. >> Well thank you for that. Thanks for coming on theCUBE and really appreciate. Dave- >> It's been great talking to you guys, thank you. >> Dave, you know, I love software shows because the business impact is so enormous and I especially love cool software shows. You know, this first of all, the venue. 3,500 people here. Very cool venue. I like the fact that it's not like booth in your face, booth competition. I mean I love VMware, VMworld, VMware Explore. But it's like, "My booth is bigger than your booth." This is really nice and clean, and it's all about the experience. >> A lot of steak, not as much sizzle. >> Yeah, definitely. >> A lot of steak. >> And the customer content at the UiPath events is always outstanding. But we are entering a new era for UiPath, and we're talking. We heard a lot about the Enterprise platform. You know, the big thing is this company's been in this quarterly shock-lock since last April when it went public. And it hasn't all been pretty. And so new co-CEO comes in, they've got, you know, resetting priorities around financials, go to market, they've got to have profitable growth. So watching that that closely. But also product innovation so the co-CEOs will be able to split that up, split their duties up. Daniel Dines the product visionary, product guru. Rob Enslin, you know- making the operations work. >> Operations execution business, yeah. >> We heard that Carl Eschenbach did the introduction. Carl's a major operator, wanted that DNA into the company. 'Cause they got to keep product innovation. And I want to, I want to see R&D spending, stay relatively high. >> Product innovation, but under the heading of platform. And that's the key thing is just not being that tool set. The positioning has been, I think, accurate that, you know, over history, we started with these RPA tools and now we've moved into business process automation and now we're moving into new frontiers where, where truly, AI and ML are being leveraged. I love the re-infer story about going in and using natural national (chuckles) national, natural language processing. I can't even say it, to go through messaging. That's sort of a next-level of intelligence to be able to automate things that couldn't be automated before. So that whole platform story is key. And they seem to have made a pretty good case for their journey into platform as far as I'm concerned. >> Well, yeah, to me again. So it's always about the customers, want to come to an event like this, you listen to what they say in the keynotes and then you listen to what the customers say. And there's a very strong alignment in the UiPath community between, you know, the marketing and the actual implementation. You know, marketing's always going to be ahead. But, we saw this a couple of years ago with platform. And now we're seeing it, you know, throughout the customer base, 10,000+ customers. I think this company could have, you know, easily double, tripled, maybe even 10x that. All right, we got to wrap. Dave Nicholson, thank you. Two weeks in a row. Good job. And let's see. Check out siliconangle.com for all the news. Check out thecube.net; wikibon.com has the research. We'll be on the road as usual. theCUBE, you can follow us. UiPath Forward 5, Dave Vellante for Dave Nicholson. We're out and we'll see you next time. Thanks for watching. (gentle music)

(upbeat electronic music) >> Welcome back to everyone, to "theCUBE's" coverage here in Seattle, Washington for Amazon Web Services Partner Marketplace Seller Conference, combining their partner network with Marketplace forming a new organization called AWS Partner Organization. This is "theCUBE" coverage. I'm John Furrier, your host. We've got great "Cube" alumni here from Zscaler, a very successful cloud company doing great work. Stelio D'Alo, senior director of cloud business development and Raveesh Chugh, VP of Public Cloud Partnerships at Zscaler. Welcome back to "theCUBE." Good to see you guys. Thanks for coming on. >> Thank you. >> Thanks having us, John. >> So we've been doing a lot of coverage of Zscaler, what a great success story. I mean, the numbers are great. The business performance, it's in the top two, three, one, two, three in all metrics on public companies, SaaS. So you guys, check. Good job. >> Yes, thank you. >> So you guys have done a good job. Now you're here, selling through the Marketplace. You guys are a world class performing company in cloud SaaS, so you're in the front lines doing well. Now, Marketplace is a procurement front end opportunity for people to buy. Hey, self-service, buy and put things together. Sounds novel, what a great concept. Great cloud life. >> Yes. >> You guys are participating and now sellers are coming together. The merger of the public, the partner network with Marketplace. It feels like this is a second act for AWS to go to the next level. They got their training wheels done with partners. Now they're going to the next level. What do you guys think about this? >> Well, I think you're right, John. I think it is very much something that is in keeping with the way AWS does business. Very Amazonian, they're working back from the customer. What we're seeing is, our customers and in general, the market is gravitating towards purchase mechanisms and route to market that just are lower friction. So in the same way that companies are going through their digital transformations now, really modernizing the way they host applications and they reach the internet. They're also modernizing on the purchasing side, which is super exciting, because we're all motivated to help customers with that agility. >> You know, it's fun to watch and again I'm being really candid and props to you guys as a company. Now, everyone else is kind of following that. Okay, lift and shift, check, doing some things. Now they go, whoa, I can really build on this. People are building their own apps for their companies. Going to build their own stuff. They're going to use piece parts. They're going to put it together in a really scalable way. That's the new normal. Okay, so now they go okay, I'm going to just buy through the market, I get purchasing power. So you guys have been a real leader with AWS. Can you share what you guys are doing in the Marketplace? I think you guys are a nice example of how to execute the Marketplace. Take us through. What are you guys offering there? What's the contract look like? Is it multi-pronged? What's the approach? What do customers get if they go to the marketplace for Zscaler? >> Yeah, so it's been a very exciting story and been a very pleasing one for us with AWS marketplace. We see a huge growth potentially. There are more than 350,000 customers that are actively buying through Marketplace today. We expect that number to grow to around a million customers by the next, I would say, five to ten years and we want to be part of this wave. We see AWS Marketplace to be a channel where not only our resalers or our channel partners can come and transact, but also our GSIs like Accenture want to transact through this channel. We are doing a lot, in terms of bringing new customers through Marketplace, who want to not only close their deals, but close it in the next few hours. That's the beauty of Marketplace, the agility, the flexibility in terms of pricing that it provides to ISVs like us. If a customer wants to delay their payments by a couple of quarters, Marketplace supports that. If a customer wants to do monthly payments, Marketplace supports that. We are seeing lot of customers, big customers, that have signed EDPs, enterprise discount plans with AWS. These are multi-year cloud commits coming to us and saying we can retire our EDPs with AWS if we transact your solution through AWS Marketplace. So what we have done, as of today, we have all of our production services enabled through AWS Marketplace. What that means for customers, they can now retire their EDPs by buying Zscaler products through AWS Marketplace and in return get the full benefit of maximizing their EDP commits with AWS. >> So you guys are fully committed, no toe on the water, as we heard. You guys are all in. >> Absolutely, that's exactly the way to put it. We're all in, all of our solutions are available in the marketplace. As you mentioned, we're a SaaS provider. So we're one of the vendors in the Marketplace that have SaaS solutions. So unlike a lot of customers and even the market in general, associate the Marketplace for historical reasons, the way it started with a lot of monthly subscriptions and just dipping your toe in it from a consumer perspective. Whereas we're doing multimillion dollar, multi-year SaaS contracts. So the most complicated kinds of transactions you'd normally associate with enterprise software, we're doing in very low friction ways. >> On the Zscaler side going in low friction. >> Yep, yeah, that's right. >> How about the customer experience? >> So it is primarily the the customer that experiences. >> Driving it? >> Yeah, they're driving it and it's because rather than traditional methods of going through paperwork, purchase orders- >> What are some of the things that customers are saying about this, bcause I see two benefits, I'll say that. The friction, it's a channel, okay, for Zscaler. Let's be clear, but now you have a customer who's got a lot of Amazon. They're a trusted partner too. So why wouldn't they want to have one point of contact to use their purchasing power and you guys are okay with that. >> We're absolutely okay with it. The reason being, we're still doing the transaction and we can do the transaction with our... We're a channel first company, so that's another important distinction of how people tend to think of the Marketplace. We go through channel. A lot of our transactions are with traditional channel partners and you'd be surprised the kinds of, even the Telcos, carrier providers, are starting to embrace Marketplace. So from a customer perspective, it's less paperwork, less legal work. >> Yeah, I'd love to get your reaction to something, because I think this highlights to me what we've been reporting on with "theCUBE" with super cloud and other trends that are different in a good way. Taking it to the next level and that is that if you look at Zscaler, SaaS, SaaS is self-service, the scale, there's efficiencies. Marketplace first started out as a self-service catalog, a website, you know, click and choose, but now it's a different. He calls it a supply chain, like the CICD pipeline of buying software. He mentions that, there's also services. He put the Channel partners can come in. The GSIs, global system integrators can come in. So it's more than just a catalog now. It's kind of self-service procurement more than it is just a catalog of buy stuff. >> Yes, so yeah, I feel CEOs, CSOs of today should understand what Marketplace brings to the bear in terms of different kinds of services or Zscaler solutions that they can acquire through Marketplace and other ISV solutions, for that matter. I feel like we are at a point, after the pandemic, where there'll be a lot of digital exploration and companies can do more in terms of not just Marketplace, but also including the channel partners as part of deals. So you talked about channel conflict. AWS addressed this by bringing a program called CPPO in the picture, Channel Partner Private Offers. What that does is, we are not only bringing all our channel partners into deals. For renewals as well, they're the partner of record and they get paid alongside with the customer. So AWS does all the heavy lifting, in terms of disbursements of payments to us, to the channel partner, so it's a win-win situation for all. >> I mean, private offers and co-sale has been very popular. >> It has been, and that is our bread and butter in the Marketplace. Again, we do primarily three year contracts and so private offers work super well. A nice thing for us as a vendor is it provides a great amount of flexibility. Private Offer gives you a lot of optionality, in terms of how the constructs of the deal and whether or not you're working with a partner, how the partner is utilizing as well to resell to the end user. So, we've always talked about AWS giving IT agility. This gives purchasing and finance business agility. >> Yeah, and I think this comes up a lot. I just noticed this happening a lot more, where you see dedicated sessions, not just on DevOps and all the goodies of the cloud, financial strategy. >> Yeah. >> Seeing a lot more conversation around how to operationalize the business transactions in the cloud. >> Absolutely. >> This is the new, I mean it's not new, it's been thrown around, but not at a tech conference. You don't see that. So I got to ask you guys, what's the message to the CISOs and executives watching the business people about Zscaler in the Marketplace? What should they be looking at? What is the pitch for Zscaler for the Marketplace buyer? >> So I would say that we are a cloud-delivered network security service. We have been in this game for more than a decade. We have years of early head start with lots of features and functionality versus our competitors. If customers were to move into AWS Cloud, they can get rid of their next-gen firewalls and just have all the traffic routed through our Zscaler internet access and use Zscaler private access for accessing their private applications. We feel we have done everything in our capacity, in terms of enabling customers through Marketplace and will continue to participate in more features and functionality that Marketplace has to offer. We would like these customers to take advantage of their EDPs as well as their retirement and spend for the multi-commit through AWS Marketplace. Learn about what we have to offer and how we can really expedite the motion for them, if they want to procure our solutions through Marketplace >> You know, we're seeing an ability for them to get more creative, more progressive in terms of the purchasing. We're also doing, we're really excited about the ability to serve multiple markets. So we've had an immense amount of success in commercial. We also are seeing increasing amount of public sector, US federal government agencies that want to procure this way as well for the same reasons. So there's a lot of innovation going on. >> So you have the FedRAMP going on, you got all those certifications. >> Exactly right. So we are the first cloud-native solution to provide IL5 ATO, as well as FedRAMP pie and we make that all available, GSA schedule pricing through the AWS Marketplace, again through FSIs and other resellers. >> Public private partnerships have been a big factor, having that span of capability. I got to ask you about, this is a cool conversation, because now you're like, okay, I'm selling through the Marketplace. Companies themselves are changing how they operate. They don't just buy software that we used to use. So general purpose, bundled stuff. Oh yeah, I'm buying this product, because this has got a great solution and I have to get forced to use this firewall, because I bought this over here. That's not how companies are architecting and developing their businesses. It's no longer buying IT. They're building their company digitally. They have to be the application. So they're not sitting around, saying hey, can I get a solution? They're building and architecting their solution. This is kind of like the new enterprise that no one's talking about. They kind of, got to do their own work. >> Yes. >> There's no general purpose solution that maps every company. So they got to pick the best piece parts and integrate them. >> Yes and I feel- >> Do you guys agree with that? >> Yeah, I agree with that and customers don't want to go for point solutions anymore. They want to go with a platform approach. They want go with a vendor that can not only cut down their vendors from multi-dozens to maybe a dozen or less and that's where, you know, we kind of have pivoted to the platform-centric approach, where we not only help customers with Cloud Network Security, but we also help customers with Cloud Native Application Protection Platform that we just recently launched. It's going by the name of the different elements, including Cloud Security Posture Management, Cloud Identity Event Management and so we are continuously doing more and more on the configuration and vulnerability side space. So if a customer has an AWS S3 bucket that is opened it can be detected and can be remediated. So all of those proactive steps we are taking, in terms of enhancing our portfolio, but we have come a long way as a company, as a platform that we have evolved in the Marketplace. >> What's the hottest product? >> The hottest product? >> In Marketplace right now. >> Well, the fastest growing products include our digital experience products and we have new Cloud Protection. So we've got Posture and Workload Protection as well and those are the fastest growing. For AWS customers a strong affinity also for ZPA, which provides you zero trust access to your workloads on AWS. So those are all the most popular in Marketplace. >> Yeah. >> So I would like to add that we recently launched and this has been a few years, a couple of years. We launched a product called Zscaler Digital X, the ZDX. >> Mm-hmm. >> What that product does is, let's say you're making a Zoom call and your WiFi network is laggy or it's a Zoom server that's laggy. It kind of detects where is the problem and it further tells the IT department you need to fix either the server on which Zoom is running, or fix your home network. So that is the beauty of the product. So I think we are seeing massive growth with some of our new editions in the portfolio, which is a long time coming. >> Yeah and certainly a lot of growth opportunities for you guys, as you come in. Where do you see Zscaler's big growth coming from product-wise? What's the big push? Actually, this is great upside for you here. >> Yeah. >> On the go to market side. Where's the big growth for Zscaler right now? So I think we are focused as a company on zero trust architecture. We want to securely connect users to apps, apps to apps, workloads to workloads and machines to machines. We want to give customers an experience where they have direct access to the apps that's hidden from the outside world and they can securely connect to the apps in a very succinct fashion. The user experience is second to none. A lot of customers use us on the Microsoft Office 365 side, where they see a lag in connecting to Microsoft Office 365 directly. They use the IE service to securely connect. >> Yeah, latency kills. >> Microsoft Office 365. >> Latency kills, as we always say, you know and security, you got to look at the pattern, you want to see that data. >> Yeah, and emerging use cases, there is an immense amount of white space and upside for us as well in emerging use cases, like OT, 5G, IOT. >> Yeah. >> Federal government, DOD. >> Oh god, tactical edge government. >> Security at the edge, absolutely, yeah. >> Where's the big edge? What's the edge challenge right now, if you have to put your finger on the edge, because right now that's the hot area, we're watching that. It's going to be highly contested. It's not yet clear, I mean certainly hybrid is the operating model, cloud, distributing, computing, but edge has got unique things that you can't really point to on premises that's the same. It's highly dynamic, you need high bandwidth, low latency, compute at the edge. The data has to be processed right there. What's the big thing at the edge right now? >> Well, so that's probably an emerging answer. I mean, we're working with our customers, they're inventing and they're kind of finding the use cases for those edge, but one of the good things about Zscaler is that we are able to, we've got low latency at the edge. We're able to work as a computer at the edge. We work on Outpost, Snowball, Snowcone, the Snow devices. So we can be wherever our customers need us. Mobile devices, there are a lot of applications where we've got to be either on embedded devices, on tractors, providing security for those IOT devices. So we're pretty comfortable with where we are being the- >> So that's why you guys are financially doing so well, performance wise. I got to ask you though, because I think that brings up the great point. If this is why I like the Marketplace, if I'm a customer, the edge is highly dynamic. It's changing all the time. I don't want to wait to buy something. If I got my solution architects on a product, I need to know I'm going to have zero trust built in and I need to push the button on Zscaler. I don't want to wait. So how does the procurement side impact? What have you guys seen? Share your thoughts on how Marketplace is working from the procurement standpoint, because it seems to me to be fast. Is that right, or is it still slow on their side? On the buyer side, because this to me would be a benefit to developers, if we say, hey, the procurement can just go really fast. I don't want to go through a bunch of PO approvals or slow meetings. >> It can be, that manifests itself in several ways, John. It can be, for instance, somebody wants to do a POC and traditionally you could take any amount of time to get budget approval, take it through. What if you had a pre-approved cloud budget and that was spent primarily through AWS Marketplace, because it's consolidated data on your AWS invoice. The ability to purchase a POC on the Marketplace could be done literally within minutes of the decision being made to go forward with it. So that's kind of a front end, you know, early stage use case. We've got examples we didn't talk about on our recent earnings call of how we have helped customers bring in their procurement with large million dollar, multimillion dollar deals. Even when a resaler's been involved, one of our resaler partners. Being able to accelerate deals, because there's so much less legal work and traditional bureaucratic effort. >> Agility. >> That agility purchasing process has allowed our customers to pull into the quarter, or the end of month, or end of quarter for them, deals that would've otherwise not been able to be done. >> So this is a great example of where you can set policy and kind of create some guard rails around innovation and integration deals, knowing if it's something that the edge is happening, say okay, here's some budget. We approved it, or Amazon gives credits and partnership going on. Then I'd say, hey, well green light this, not to exceed a million dollars, or whatever number in their range and then let people have the freedom to execute. >> You're absolutely right, so from the purchasing side, it does give them that agility. It eliminates a lot of the processes that would push out a purchase in actual execution past when the business decision is made and quite frankly, to be honest, AWS has been very accommodative. They're a great partner. They've invested a lot in Marketplace, Marketplace programs, to help customers do the right thing and do it more quickly as well as vendors like us to help our customers make the decisions they need to. >> Rising tide, a rising tide floats all boats and you guys are a great example of an independent company. Highly successful on your own. >> Yep. >> Certainly the numbers are clear. Wall Street loves Zscaler and economics are great. >> Our customer CSAT numbers are off the scale as well. >> Customers are great and now you've got the Marketplace. This is again, a new normal. A new kind of ecosystem is developing where it's not like the old monolithic ecosystems. The value creation and extraction is happening differently now. It's kind of interesting. >> Yes and I feel we have a long way to go, but what I can tell you is that Zscaler is in this for the long run. We are seeing some of the competitors erupt in the space as well, but they have a long way to go. What we have built requires years worth of R&D and features and thousands of customer's use cases which kind of lead to something what Zscaler has come up with today. What we have is very unique and is going to continuously be an innovation in the market in the years to come. In terms of being more cloud-savvy or more cloud-focused or more cloud-native than what the market has seen so far in the form of next-gen firewalls. >> I know you guys have got a lot of AI work. We've had many conversations with Howie over there. Great stuff and really appreciate you guys participating in our super cloud event we had and we'll see more of that where we're talking about the next generation clouds, really enabling that new disruptive, open-spanning capabilities across multiple environments to run cloud-native modern applications at scale and secure. Appreciate your time to come on "theCUBE". >> Thank you. >> Thank you very much. >> Thanks for having us. >> Thanks, I totally appreciate it. Zscaler, leading company here on "theCUBE" talking about their relationship with Marketplace as they continue to grow and succeed as technology goes to the next level in the cloud. Of course "theCUBE's" covering it here in Seattle. I'm John Furrier, your host. Thanks for watching. (peaceful electronic music)

(upbeat music) >> Welcome back everyone to theCUBE special presentation with Druva on why ransomware isn't your only problem. I'm John Furrier, your host of theCUBE. Our next guest are Stephen Manly, Chief Technology Officer of Druva. And Anjan Srinivas, who is the general manager and vice president of product management in Druva. Gentleman, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic, the IDC White Paper that you guys put together with IDC. Really nails it out. I want to get into it right away. Welcome to this segment. I really appreciate it. Thanks for coming on. >> Anjan: Great to be here John. >> So what's your thoughts on the survey's conclusion? Obviously the resilience is huge. Ransomware continues to thunder away at businesses and causes a lot of problems, disruption. I mean, it's endless ransomware problems. What's your thoughts on the conclusion? >> So I'll say the thing that pops out to me is on the one hand, everybody who sees the survey, who reads, it's going to say, well that's obvious. Of course ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper and there's a lot of subtleties to look into, but one of the things that I hear on a daily basis from the customers is it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done. Because the threat keeps evolving, it remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. >> And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on was keeping IT away from all the tooling that needed to do. A lot of people are even still wondering when that happens next time, what do I even do? So clearly not very surprising. Clearly I think it's here to stay and I think as long as people don't retool for a modern era of data management, this is going to stay this way. >> Yeah, I mean I hear this all the time in our CUBE conversations with practitioners It's like the security product. Give me more tools. I'll buy anything that comes in the market. I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share your insights into what's going on in the product side? Because people claim that they have tools at fine points of recovery opportunities, but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? 'Cause I think this is where the rubber meets the road with ransomware 'cause it is a moving train. It's always changing, but it doesn't seem this confidence. Can you guys talk about that? What's your reaction? >> Yeah, let me jump in first and Stephen can add to it. What happens is I think this is a panic buying and they have accumulated this tooling now just because somebody said could solve your problem but they haven't had a chance to take a relook from a ground up perspective to see where are the bottlenecks, where are the vulnerabilities, and which tooling set needs to lie where, where does the logic need to reside? And what a Druva, we are watching people do and people do it successfully is that as they have adopted Druva technology, which is ground up built for the cloud and really built in a way which is driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really mitigating this ransomware. And then there is a whole plethora of ecosystem players that combine really, really finish the story so to say. So I think this has been a panic buying situation. This is like, get me any help you can give me. And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism, they need to think really ground up. They will start to really see the value of technologies like Druva and try to identify the right set of ecosystem to really bring together to solve it meaningfully. >> John: Yes, Stephen. >> I was going to say, one of the really interesting things in the survey for me and for a moment, little more than a moment, it made me think was that the large number of respondents who said I've got a really efficient well-run backup environment who then on basically the next question said, and I have no confidence that I can recover from a ransomware attack. And you scratch your head and you think, well if your backup environment is so good, why do you have such low confidence? And I think that's the moment when we dug deeper and we realized, if you've got a traditional architecture and let's face it, the disk-based architecture's been around for almost two decades now in terms of disk-based backup, you can have that tune to the health. That can be running as efficiently as you want it, but it was built before the ransomware attacks, before all these cyber issues really start hitting companies. And so I have this really well-run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, I'm doing the best I can, but as Anjan pointed out, the architecture, the tooling isn't there to support what problems I need to solve today. >> Yeah, great point. >> And so yeah. >> Well, that's a great point. Before we get into the customer side, I want to get to in second, I interviewed Jaspreet, the founder and CEO, many years ago even before the pandemic. You mentioned modern. You guys have always had the cloud with Druva. This is huge. Now that you're past the pandemic, what is that modern cloud edge that you guys have? 'Cause that's a great point. A lot of stuff was built, backup and recovery bolted on, not really designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now is a huge issue. >> I think, to me, there's three things that come up over and over and over again as we talk to people in terms of being built in cloud, being cloud native, why is it an advantage? The first one is, is security and ransomware. And we can go deeper, but the most obvious one that always comes up is every single backup you do with Druva is air gap, offsite, managed under a separate administrative domain so that you're not retrofitting any air gap network and buying another appliance or setting up your own cloud environment to manage this. Every backup is ransomware protected, guaranteed. I think the second advantage is the scalability. And this certainly plays into account as your business grows or in some cases as you shrink or repurpose workloads. You're only paying for what you use. But it also plays a big role, again, when you start thinking of ransomware recoveries because we can scale your recovery in cloud, on-premises as much or as little as you want. And then I think the third one is, we're seeing basically things evolving, new workloads, data sprawl, new threat vectors. And one of the nice parts of being a SaaS service in the cloud is you're able to roll out new functionality every two weeks and there's no upgrade cycle, there's no waiting. The customer doesn't have to say, wow, I need it six months in the lab before I upgrade it and it's an 18-month, 24-month cycle before the functionality releases. You're getting it every two weeks and it's backed by Druva to make sure it works. >> Anjan, you got the product side. It's challenging job 'cause you have so many customers asking for things probably on the roadmap. You probably go hour for that one. But I want to get your thoughts on what you're hearing and seeing from customers. We just reviewed the IDC with Phil. How are you guys responding to your customer's needs? Because it seems that it's highly accelerated probably on the feature request, but also structurally as as ransomware continues to evolve. What are you hearing? What's the key customer need? How are you guys responding? >> Yeah, actually, I have two things that I hear very clearly when I talk to customers. One, I think after listening to their security problems and their vulnerability challenges, because we see customers and help customers who are getting challenge by ransomware on a weekly basis, and what I find that this problem is not just a technology problem, it's an operating model problem. So in order to really secure themselves, they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in as Druva is that we are providing them the cloud operating model and a data protection operating model combined with a data insights operating model, which all fit into that overall security operating model that they are really owning and they need to manage and operate because this is just not about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on, but innovating faster with less. And that has been this age old problem, do more with less. But in this whole, they're like trying to innovate when the middle of the war so to say. The war is happening, they're getting attacked, but there's also net new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming, not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at a hundred miles per hour while they're just trying to live one day at a time. And unless they really develop this overall security operating model helped by cloud native technologies like Druva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure. Not just beyond backups, beyond just the data protection that we all know of into this mindset of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Druva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS and we are going to be continuing to evolve that to further many services that public cloud software 'cause our customers are really consuming them at breakneck speed. >> So the new workloads, the new security capabilities, love that. Good call out there. Stephen, there's still the issue of the disruption side of it. You guys have a guarantee. There's a cost of ownership as you get more tools. Can you talk about that angle of it? Because this is, you got new workloads, you got the new security needs, what's the disruption impact? 'Cause we won't avoid that. How much it going to cost you? And you guys have this guarantee, can you explain that? >> Yeah, absolutely. So Druva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that, again, we're willing to put our money where our mouth is and that's a big deal. That we're willing to back this with the guarantee. But then the second part, and this is the part that I think reflects that model that Anjan was talking about. We look at this and we say, the goal of Druva is to do the job of protecting and securing your data for you so that you as a customer don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks all with SLAs. So everything from, your data's going to be recoverable in the case of a ransomware attack. Okay, that's good. Of course for it to be recoverable, we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally. And we're guaranteeing the long term durability of the data so that if you back up with us today and you need to recover 30 years from now, that data's going to be recovered. So we wanted to really attack the end-to-end risks that affect our customers. Cybersecurity is a big deal, but it is not the only problem out there and the only way for this to work is to have a service that can provide you SLAs across all of the risks because that means, again, as a SaaS vendor, we're doing the job for you so you're buying results as opposed to technology. >> That's great. Great point. Ransomware isn't the only problem. That's the title of this presentation, but it's a big one. People concerned about it. So great stuff. In the last five minutes guys, if you don't mind, I'd love to have you share what's on the horizon for Druva. You mentioned the new workloads Anjan. You mentioned this new security hearing shift left. DevOps is now the developer model. They're running IT, yet data and security teams now stepping in and trying to be as high velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching, and how are you guys putting that together to stay ahead in the marketplace in the competition? >> Yeah, I think listening to our customers, what we realize is they need help with the public cloud, number one. I think that's a big wave of consumption. People are consolidating their data centers moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first from Druva before they can start to get into much more advanced level of insights and analytics on that data to protect themselves and secure themselves and do interesting things with that data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which I think is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor and look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need, what kind of protection, and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are going to build all the way from a feature level where we have things like recycled bin that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it, but also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox, which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming, but the key themes are public cloud, data insights, and security and that's where my focus is to go and get those features delivered. And Stephen can add a few more things around services that Stephen is looking to build and launch. >> Sure. So John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important, but there are more and more organizations that are running hundreds, if not thousands of SaaS applications and a lot of those SaaS applications have data. So there's the obvious things like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce because if you think about it, if someone deletes some really important records in Salesforce, that's actually the record of your business. And so we're looking at more and more SaaS application protection and really getting deep in that application awareness. It's not just about backup and recovery when you look at something like a Salesforce or something like a Microsoft 365, you do want to look into sandboxing, you want to look into long-term archival because, and this is the new record of the business. What used to be in your on-premises databases, that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one, just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. And I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I want to do the job for them. We'll do all the tuning. We'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks because we're seeing across the globe. And then of course being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because let's face it, if you can set your data up more cleanly, you're going to be a lot less worried and a lot less exposed from when attack happens. So we want to be able to, again, cover those SaaS applications in addition to the public cloud. And then we want to be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers, not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. >> That's great stuff. >> And remember John, I think all this while keeping things really easy to consume, consumer grade UI, APIs, and really, the power of SaaS as a service, simplicity to continue on amongst keeping these complex technologies together. >> Anjan that's a great call out. I was going to mention ease of use and self-service. Big part of the developer and IT experience, expected, it's the table stakes. Love the analytic angle. I think that brings the scale to the table and faster time to value to get to learn best practices. But at the end of the day, automation, cross cloud protection, and security to protect and recover. This is huge and this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment. Really under the hood and really the value of the product. Thanks for coming on. Appreciate it. >> Thank you very much. >> Okay, there it is. You got the experts talking about under the hood, the product, the value, the future of what's going on with Druva and the future of cloud native protecting and recovering. This is what it's all about. It's not just ransomware they have to worry about. In a moment, Dave Vellante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high tech enterprise coverage. (gentle music)

(upbeat electronic music) >> Welcome back to everyone, to "theCUBE's" coverage here in Seattle, Washington for Amazon Web Services Partner Marketplace Seller Conference, combining their partner network with Marketplace forming a new organization called AWS Partner Organization. This is "theCUBE" coverage. I'm John Furrier, your host. We've got great "Cube" alumni here from Zscaler, a very successful cloud company doing great work. Stelio D'Alo, senior director of cloud business development and Raveesh Chugh, VP of Public Cloud Partnerships at Zscaler. Welcome back to "theCUBE." Good to see you guys. Thanks for coming on. >> Thank you. >> Thanks having us, John. >> So we've been doing a lot of coverage of Zscaler, what a great success story. I mean, the numbers are great. The business performance, it's in the top two, three, one, two, three in all metrics on public companies, SaaS. So you guys, check. Good job. >> Yes, thank you. >> So you guys have done a good job. Now you're here, selling through the Marketplace. You guys are a world class performing company in cloud SaaS, so you're in the front lines doing well. Now, Marketplace is a procurement front end opportunity for people to buy. Hey, self-service, buy and put things together. Sounds novel, what a great concept. Great cloud life. >> Yes. >> You guys are participating and now sellers are coming together. The merger of the public, the partner network with Marketplace. It feels like this is a second act for AWS to go to the next level. They got their training wheels done with partners. Now they're going to the next level. What do you guys think about this? >> Well, I think you're right, John. I think it is very much something that is in keeping with the way AWS does business. Very Amazonian, they're working back from the customer. What we're seeing is, our customers and in general, the market is gravitating towards purchase mechanisms and route to market that just are lower friction. So in the same way that companies are going through their digital transformations now, really modernizing the way they host applications and they reach the internet. They're also modernizing on the purchasing side, which is super exciting, because we're all motivated to help customers with that agility. >> You know, it's fun to watch and again I'm being really candid and props to you guys as a company. Now, everyone else is kind of following that. Okay, lift and shift, check, doing some things. Now they go, whoa, I can really build on this. People are building their own apps for their companies. Going to build their own stuff. They're going to use piece parts. They're going to put it together in a really scalable way. That's the new normal. Okay, so now they go okay, I'm going to just buy through the market, I get purchasing power. So you guys have been a real leader with AWS. Can you share what you guys are doing in the Marketplace? I think you guys are a nice example of how to execute the Marketplace. Take us through. What are you guys offering there? What's the contract look like? Is it multi-pronged? What's the approach? What do customers get if they go to the marketplace for Zscaler? >> Yeah, so it's been a very exciting story and been a very pleasing one for us with AWS marketplace. We see a huge growth potentially. There are more than 350,000 customers that are actively buying through Marketplace today. We expect that number to grow to around a million customers by the next, I would say, five to ten years and we want to be part of this wave. We see AWS Marketplace to be a channel where not only our resalers or our channel partners can come and transact, but also our GSIs like Accenture want to transact through this channel. We are doing a lot, in terms of bringing new customers through Marketplace, who want to not only close their deals, but close it in the next few hours. That's the beauty of Marketplace, the agility, the flexibility in terms of pricing that it provides to ISVs like us. If a customer wants to delay their payments by a couple of quarters, Marketplace supports that. If a customer wants to do monthly payments, Marketplace supports that. We are seeing lot of customers, big customers, that have signed EDPs, enterprise discount plans with AWS. These are multi-year cloud commits coming to us and saying we can retire our EDPs with AWS if we transact your solution through AWS Marketplace. So what we have done, as of today, we have all of our production services enabled through AWS Marketplace. What that means for customers, they can now retire their EDPs by buying Zscaler products through AWS Marketplace and in return get the full benefit of maximizing their EDP commits with AWS. >> So you guys are fully committed, no toe on the water, as we heard. You guys are all in. >> Absolutely, that's exactly the way to put it. We're all in, all of our solutions are available in the marketplace. As you mentioned, we're a SaaS provider. So we're one of the vendors in the Marketplace that have SaaS solutions. So unlike a lot of customers and even the market in general, associate the Marketplace for historical reasons, the way it started with a lot of monthly subscriptions and just dipping your toe in it from a consumer perspective. Whereas we're doing multimillion dollar, multi-year SaaS contracts. So the most complicated kinds of transactions you'd normally associate with enterprise software, we're doing in very low friction ways. >> On the Zscaler side going in low friction. >> Yep, yeah, that's right. >> How about the customer experience? >> So it is primarily the the customer that experiences. >> Driving it? >> Yeah, they're driving it and it's because rather than traditional methods of going through paperwork, purchase orders- >> What are some of the things that customers are saying about this, bcause I see two benefits, I'll say that. The friction, it's a channel, okay, for Zscaler. Let's be clear, but now you have a customer who's got a lot of Amazon. They're a trusted partner too. So why wouldn't they want to have one point of contact to use their purchasing power and you guys are okay with that. >> We're absolutely okay with it. The reason being, we're still doing the transaction and we can do the transaction with our... We're a channel first company, so that's another important distinction of how people tend to think of the Marketplace. We go through channel. A lot of our transactions are with traditional channel partners and you'd be surprised the kinds of, even the Telcos, carrier providers, are starting to embrace Marketplace. So from a customer perspective, it's less paperwork, less legal work. >> Yeah, I'd love to get your reaction to something, because I think this highlights to me what we've been reporting on with "theCUBE" with super cloud and other trends that are different in a good way. Taking it to the next level and that is that if you look at Zscaler, SaaS, SaaS is self-service, the scale, there's efficiencies. Marketplace first started out as a self-service catalog, a website, you know, click and choose, but now it's a different. He calls it a supply chain, like the CICD pipeline of buying software. He mentions that, there's also services. He put the Channel partners can come in. The GSIs, global system integrators can come in. So it's more than just a catalog now. It's kind of self-service procurement more than it is just a catalog of buy stuff. >> Yes, so yeah, I feel CEOs, CSOs of today should understand what Marketplace brings to the bear in terms of different kinds of services or Zscaler solutions that they can acquire through Marketplace and other ISV solutions, for that matter. I feel like we are at a point, after the pandemic, where there'll be a lot of digital exploration and companies can do more in terms of not just Marketplace, but also including the channel partners as part of deals. So you talked about channel conflict. AWS addressed this by bringing a program called CPPO in the picture, Channel Partner Private Offers. What that does is, we are not only bringing all our channel partners into deals. For renewals as well, they're the partner of record and they get paid alongside with the customer. So AWS does all the heavy lifting, in terms of disbursements of payments to us, to the channel partner, so it's a win-win situation for all. >> I mean, private offers and co-sale has been very popular. >> It has been, and that is our bread and butter in the Marketplace. Again, we do primarily three year contracts and so private offers work super well. A nice thing for us as a vendor is it provides a great amount of flexibility. Private Offer gives you a lot of optionality, in terms of how the constructs of the deal and whether or not you're working with a partner, how the partner is utilizing as well to resell to the end user. So, we've always talked about AWS giving IT agility. This gives purchasing and finance business agility. >> Yeah, and I think this comes up a lot. I just noticed this happening a lot more, where you see dedicated sessions, not just on DevOps and all the goodies of the cloud, financial strategy. >> Yeah. >> Seeing a lot more conversation around how to operationalize the business transactions in the cloud. >> Absolutely. >> This is the new, I mean it's not new, it's been thrown around, but not at a tech conference. You don't see that. So I got to ask you guys, what's the message to the CISOs and executives watching the business people about Zscaler in the Marketplace? What should they be looking at? What is the pitch for Zscaler for the Marketplace buyer? >> So I would say that we are a cloud-delivered network security service. We have been in this game for more than a decade. We have years of early head start with lots of features and functionality versus our competitors. If customers were to move into AWS Cloud, they can get rid of their next-gen firewalls and just have all the traffic routed through our Zscaler internet access and use Zscaler private access for accessing their private applications. We feel we have done everything in our capacity, in terms of enabling customers through Marketplace and will continue to participate in more features and functionality that Marketplace has to offer. We would like these customers to take advantage of their EDPs as well as their retirement and spend for the multi-commit through AWS Marketplace. Learn about what we have to offer and how we can really expedite the motion for them, if they want to procure our solutions through Marketplace >> You know, we're seeing an ability for them to get more creative, more progressive in terms of the purchasing. We're also doing, we're really excited about the ability to serve multiple markets. So we've had an immense amount of success in commercial. We also are seeing increasing amount of public sector, US federal government agencies that want to procure this way as well for the same reasons. So there's a lot of innovation going on. >> So you have the FedRAMP going on, you got all those certifications. >> Exactly right. So we are the first cloud-native solution to provide IL5 ATO, as well as FedRAMP pie and we make that all available, GSA schedule pricing through the AWS Marketplace, again through FSIs and other resellers. >> Public private partnerships have been a big factor, having that span of capability. I got to ask you about, this is a cool conversation, because now you're like, okay, I'm selling through the Marketplace. Companies themselves are changing how they operate. They don't just buy software that we used to use. So general purpose, bundled stuff. Oh yeah, I'm buying this product, because this has got a great solution and I have to get forced to use this firewall, because I bought this over here. That's not how companies are architecting and developing their businesses. It's no longer buying IT. They're building their company digitally. They have to be the application. So they're not sitting around, saying hey, can I get a solution? They're building and architecting their solution. This is kind of like the new enterprise that no one's talking about. They kind of, got to do their own work. >> Yes. >> There's no general purpose solution that maps every company. So they got to pick the best piece parts and integrate them. >> Yes and I feel- >> Do you guys agree with that? >> Yeah, I agree with that and customers don't want to go for point solutions anymore. They want to go with a platform approach. They want go with a vendor that can not only cut down their vendors from multi-dozens to maybe a dozen or less and that's where, you know, we kind of have pivoted to the platform-centric approach, where we not only help customers with Cloud Network Security, but we also help customers with Cloud Native Application Protection Platform that we just recently launched. It's going by the name of the different elements, including Cloud Security Posture Management, Cloud Identity Event Management and so we are continuously doing more and more on the configuration and vulnerability side space. So if a customer has an AWS S3 bucket that is opened it can be detected and can be remediated. So all of those proactive steps we are taking, in terms of enhancing our portfolio, but we have come a long way as a company, as a platform that we have evolved in the Marketplace. >> What's the hottest product? >> The hottest product? >> In Marketplace right now. >> Well, the fastest growing products include our digital experience products and we have new Cloud Protection. So we've got Posture and Workload Protection as well and those are the fastest growing. For AWS customers a strong affinity also for ZPA, which provides you zero trust access to your workloads on AWS. So those are all the most popular in Marketplace. >> Yeah. >> So I would like to add that we recently launched and this has been a few years, a couple of years. We launched a product called Zscaler Digital X, the ZDX. >> Mm-hmm. >> What that product does is, let's say you're making a Zoom call and your WiFi network is laggy or it's a Zoom server that's laggy. It kind of detects where is the problem and it further tells the IT department you need to fix either the server on which Zoom is running, or fix your home network. So that is the beauty of the product. So I think we are seeing massive growth with some of our new editions in the portfolio, which is a long time coming. >> Yeah and certainly a lot of growth opportunities for you guys, as you come in. Where do you see Zscaler's big growth coming from product-wise? What's the big push? Actually, this is great upside for you here. >> Yeah. >> On the go to market side. Where's the big growth for Zscaler right now? So I think we are focused as a company on zero trust architecture. We want to securely connect users to apps, apps to apps, workloads to workloads and machines to machines. We want to give customers an experience where they have direct access to the apps that's hidden from the outside world and they can securely connect to the apps in a very succinct fashion. The user experience is second to none. A lot of customers use us on the Microsoft Office 365 side, where they see a lag in connecting to Microsoft Office 365 directly. They use the IE service to securely connect. >> Yeah, latency kills. >> Microsoft Office 365. >> Latency kills, as we always say, you know and security, you got to look at the pattern, you want to see that data. >> Yeah, and emerging use cases, there is an immense amount of white space and upside for us as well in emerging use cases, like OT, 5G, IOT. >> Yeah. >> Federal government, DOD. >> Oh god, tactical edge government. >> Security at the edge, absolutely, yeah. >> Where's the big edge? What's the edge challenge right now, if you have to put your finger on the edge, because right now that's the hot area, we're watching that. It's going to be highly contested. It's not yet clear, I mean certainly hybrid is the operating model, cloud, distributing, computing, but edge has got unique things that you can't really point to on premises that's the same. It's highly dynamic, you need high bandwidth, low latency, compute at the edge. The data has to be processed right there. What's the big thing at the edge right now? >> Well, so that's probably an emerging answer. I mean, we're working with our customers, they're inventing and they're kind of finding the use cases for those edge, but one of the good things about Zscaler is that we are able to, we've got low latency at the edge. We're able to work as a computer at the edge. We work on Outpost, Snowball, Snowcone, the Snow devices. So we can be wherever our customers need us. Mobile devices, there are a lot of applications where we've got to be either on embedded devices, on tractors, providing security for those IOT devices. So we're pretty comfortable with where we are being the- >> So that's why you guys are financially doing so well, performance wise. I got to ask you though, because I think that brings up the great point. If this is why I like the Marketplace, if I'm a customer, the edge is highly dynamic. It's changing all the time. I don't want to wait to buy something. If I got my solution architects on a product, I need to know I'm going to have zero trust built in and I need to push the button on Zscaler. I don't want to wait. So how does the procurement side impact? What have you guys seen? Share your thoughts on how Marketplace is working from the procurement standpoint, because it seems to me to be fast. Is that right, or is it still slow on their side? On the buyer side, because this to me would be a benefit to developers, if we say, hey, the procurement can just go really fast. I don't want to go through a bunch of PO approvals or slow meetings. >> It can be, that manifests itself in several ways, John. It can be, for instance, somebody wants to do a POC and traditionally you could take any amount of time to get budget approval, take it through. What if you had a pre-approved cloud budget and that was spent primarily through AWS Marketplace, because it's consolidated data on your AWS invoice. The ability to purchase a POC on the Marketplace could be done literally within minutes of the decision being made to go forward with it. So that's kind of a front end, you know, early stage use case. We've got examples we didn't talk about on our recent earnings call of how we have helped customers bring in their procurement with large million dollar, multimillion dollar deals. Even when a resaler's been involved, one of our resaler partners. Being able to accelerate deals, because there's so much less legal work and traditional bureaucratic effort. >> Agility. >> That agility purchasing process has allowed our customers to pull into the quarter, or the end of month, or end of quarter for them, deals that would've otherwise not been able to be done. >> So this is a great example of where you can set policy and kind of create some guard rails around innovation and integration deals, knowing if it's something that the edge is happening, say okay, here's some budget. We approved it, or Amazon gives credits and partnership going on. Then I'd say, hey, well green light this, not to exceed a million dollars, or whatever number in their range and then let people have the freedom to execute. >> You're absolutely right, so from the purchasing side, it does give them that agility. It eliminates a lot of the processes that would push out a purchase in actual execution past when the business decision is made and quite frankly, to be honest, AWS has been very accommodative. They're a great partner. They've invested a lot in Marketplace, Marketplace programs, to help customers do the right thing and do it more quickly as well as vendors like us to help our customers make the decisions they need to. >> Rising tide, a rising tide floats all boats and you guys are a great example of an independent company. Highly successful on your own. >> Yep. >> Certainly the numbers are clear. Wall Street loves Zscaler and economics are great. >> Our customer CSAT numbers are off the scale as well. >> Customers are great and now you've got the Marketplace. This is again, a new normal. A new kind of ecosystem is developing where it's not like the old monolithic ecosystems. The value creation and extraction is happening differently now. It's kind of interesting. >> Yes and I feel we have a long way to go, but what I can tell you is that Zscaler is in this for the long run. We are seeing some of the competitors erupt in the space as well, but they have a long way to go. What we have built requires years worth of R&D and features and thousands of customer's use cases which kind of lead to something what Zscaler has come up with today. What we have is very unique and is going to continuously be an innovation in the market in the years to come. In terms of being more cloud-savvy or more cloud-focused or more cloud-native than what the market has seen so far in the form of next-gen firewalls. >> I know you guys have got a lot of AI work. We've had many conversations with Howie over there. Great stuff and really appreciate you guys participating in our super cloud event we had and we'll see more of that where we're talking about the next generation clouds, really enabling that new disruptive, open-spanning capabilities across multiple environments to run cloud-native modern applications at scale and secure. Appreciate your time to come on "theCUBE". >> Thank you. >> Thank you very much. >> Thanks for having us. >> Thanks, I totally appreciate it. Zscaler, leading company here on "theCUBE" talking about their relationship with Marketplace as they continue to grow and succeed as technology goes to the next level in the cloud. Of course "theCUBE's" covering it here in Seattle. I'm John Furrier, your host. Thanks for watching. (peaceful electronic music)

(upbeat music) >> Hey, welcome back, everyone, to Supercloud22. I'm John Furrier, host of "theCUBE." We're here all day talking about the future of cloud, where it's all going, making it super. Multicloud's around the corner, and public cloud is winning. Got the private cloud on premise and edge. Got a great guest here, Bhaskar Gorti, CEO of Platform9, just on the panel on Kubernetes, an enabler or blocker. Welcome back. Great to have you on. >> Good to see you again. >> So Kubernetes is a blocker or enabler with a question mark I put on. That panel was really to discuss the role of Kubernetes. Now, great conversation, operations it's impacted. What's interesting about what you guys are doing at Platform9 is your role there as CEO and the company's position, kind of like the world spun into the direction of Platform9 while you were at the helm. >> Right, absolutely. In fact, things are moving very well, and since they came to us. (John chuckling) It was an insight to call ourselves a platform company eight years ago, right, so absolutely, whether you are doing it in public clouds or private clouds, you know, the application world is moving very fast in trying to become digital and cloud native. There are many options for you to run infrastructure. The biggest blocking factor now is having a unified platform, and that's what area we come into. >> Bhaskar, we were talking before we came on stage here about your background, and we were kind of talking about the glory days of 2000, 2001, when the first ASPs, application service providers, came out, kind of a SaaS vibe, but that was kind of all, kind of cloud-like. >> It was! >> And web services started then too, so you saw that whole growth. Now fast-forward 20 years later, 22 years later, where we are now, when you look back then to here and all the different cycles. >> In fact, you know, as we were talking offline, you know, I was in one of those ASPs in the year 2000, where it was a novel concept of saying we are providing a software and a capability as a service, right. You sign up and start using it. I think a lot has changed since then, the tooling, the tools, the technology has really skyrocketed. The app development environment has really taken off exceptionally well. There are many, many choices of infrastructure now, right, so I think things are in a way the same, but also extremely different, but more importantly, now, for any company, regardless of size, to be a digital native, to become a digital company, is extremely mission-critical. It's no longer a nice to have. Everybody's in the journey somewhere. >> Everyone is going digital transformation. Here, even on a so-called downturn, recession that's upcoming, inflation's here, it's interesting. This is the first downturn in the history of the world where the hyperscaled clouds, they're been pumping on all cylinders, as an economic input, and if you look at the tech trends, GDP's down, but not tech. >> Nope. >> 'Cause the pandemic showed everyone, digital transformation is here, and more spend and more growth is coming even in tech. So this is a unique factor, which proves that that digital transformation's happening, and every company will need a supercloud. >> Everyone, every company regardless of size, regardless of location, has to become modernized in infrastructure, and modernizing infrastructure is not just some new servers and new application tools. It's your approach, how you're serving your customers, how you're bringing agility in your organization. I think that is becoming a necessity for every enterprise to survive. >> I want to get your thoughts on supercloud because one of the things Dave Vellante and I wanted to do with supercloud and calling it that was, I personally, and I know Dave as well. He can speak for himself. We didn't like multicloud, I mean, not because Amazon said, "Don't call things multicloud." It just didn't feel right. I mean, everyone has multiple clouds by default. If you're running productivity software, you have Azure and Office 365, but it wasn't truly distributed. It wasn't truly decentralized. It wasn't truly cloud-enabled. It felt like they're not ready for a market yet, yet public cloud's booming. On premise, private cloud and edge is much more, you know, more dynamic, more real. >> Yeah, I think the reason why we think supercloud is a better term than multicloud, multicloud are more than one cloud, but they're disconnected, okay. You have a productivity cloud. You have a Salesforce cloud. Everyone has an internal cloud, right, but they are not connected, so you can say, "Okay, it's more than one cloud, so it's multicloud," but supercloud is where you are actually trying to look at this holistically, whether it is on prem, whether it is public, whether it's at the edge, it's at store, at the branch, you are looking at this as one unit, and that's where we see the term supercloud is more applicable because what are the qualities that you require if you're in a supercloud, right? You need choice of infrastructure, but at the same time, you need a single platform for you to build your innovations on regardless of which cloud you're doing it on, right, so I think supercloud is actually a more tightly integrated, orchestrated management philosophy, we think. >> So let's get into some of the supercloud-type trends that we've been reporting on. Again, the purpose of this event is as the pilots, get the conversations flowing with the influencers like yourselves who are running companies and building products and the builders. Amazon and Azure are doing extremely well. Google's coming up in third. Cloudworks in public cloud, we see the use cases, on premises use cases. (arm thudding) Kubernetes has been an interesting phenomenon because it's been coming from the developer side a little bit, but a lot of ops people love Kubernetes. It's really more of an ops thing. You mentioned OpenStack earlier. Kubernetes kind of came out of that OpenStack. We need an orchestration, and then containers had a good shot with Docker. They repivoted the company. Now, they're all in an open source, so you got containers booming and Kubernetes as a new layer there. What's the take on that? What does that really mean? Is that a new de facto enabler? >> It is here. It's for here for sure. Every enterprise, somewhere in the journey's going on, and you know, most companies, or 70-plus percent of them, have one, two, three container-based, Kubernetes-based applications now being rolled out, so it's very much here. It is in production at scale by many customers, and the beauty of it is yes, open source, but the biggest gating factor is the skillset, and that's where we have a phenomenal engineering team, right, so it's one thing to buy a tool, and another one- >> And just to be clear, you're a managed service for Kubernetes. >> We provide a software platform for cloud acceleration as a service, and it can run anywhere. It can run on public, private. We have customers who do it in truly multicloud environments. It runs on the edge. It runs in stores. There are thousands of stores and retailer. So we provide that, and also for specific segments where data sovereignty and data residency are key regulatory reasons. We also run on prem as an air gap version. >> Can you give an example on how you guys are deploying your platform to enable a supercloud experience for your customer? >> Right. I'll give you two different examples. One is a very large networking company, public networking company. They have, I don't know, hundreds of products, hundreds of foreign lead teams that are building different products, and if you look a few years back, each one was doing it on a different platform, but they really needed to bring the agility, and they worked with us now over three years, where we are their build test dev platform where all their products are built on, right, and it has dramatically increased their agility to release new products. Number two, it actually is a light-sort operation. In fact, the customer says, like the Maytag service person, 'cause we provide it as a service, and it barely takes one or two people to maintain it for them. So it's kind of like an instant revibe, one person managing a large- >> 4,000 engineers building infrastructure. >> On their tools, whatever they want to do. >> On their tools. They're using whatever app development tools they use, but they use our platform as a service. >> And what benefits are they seeing? Are they seeing speed? >> Speed definitely. >> Okay. >> Definitely, they're seeing speed. Uniformity, because now, they're able to build. So their customers, who are using product A and product B, are seeing a similar set of tools that are being used. >> So a big problem that's coming out of this supercloud event that we're seeing, and we've heard it all here, ops and security teams 'cause they're kind of part of one team, but ops and security specifically need to catch up speed-wise. Are you delivering that value to ops and security? >> Right, so we work with ops and security teams and infrastructure teams, and we layer on top of that. We have like a platform team. If you think about it, depending on where you have data centers, where you have infrastructure, you'll have multiple teams, okay, but you need a unified platform. >> Who's your buyer? >> Our buyer is usually, you know, the product divisions of companies that are looking at, or the CTO would be a buyer for us functionally, CIO definitely. So it's somewhere in the DevOps to infrastructure, but the ideal one we are beginning to see now, many large corporations are really looking at it as a platform and saying, "We have a platform group on which any app can be developed, and it is run on any infrastructure," so the platform engineering teams- >> So you work on two sides of that coin. You've got the dev side and then? >> And the infrastructure. >> On the upside, okay. >> Another customer, and I'll give you an example, which I would say is kind of the edge or the store, so they have thousands of stores. >> Retail. >> Retail, you know, food retailer, right. They have thousands of stores around the globe, 50,000; 60,000, and they really want to enhance the customer experience that happens when you either order the product or go into the store and pick up your product or buy or browse or sit there. There are applications that were done in the '90s, and then they have very modern AI/ML applications today. They want something that will not have to send an IT person to install a rack in the store, or they can't move everything to the cloud because the store operations has to be local. They menu changes based on- >> It's the classic edge. >> It's classic edge, right. >> Yeah. >> They can't send IT people to go install racks of servers. Then they can't send software people to go install the software, and any change you want to put through that. There are truckloads, so they've been working with us where all they do is they ship, depending on the size of the store, one or two or three little servers with instructions that- >> You say little servers. Like how big? >> One, you know. >> Like a Netgear box? >> It's a box. >> Like small little light box. >> Yeah, it's a box. >> And all the person in the store has to do, like what you and I do at home, and we get a, you know, a router, is connect the power, connect the internet, and turn the switch on, and from there, we pick it up, we provide the operating system, everything, and then the applications are put on it, and so that dramatically brings the velocity for them. They manage thousands like that. >> True plug and play. >> True plug and play, thousands of stores. They manage it centrally. We do it for them, right, so that's another example where on the edge. Then we have some customers who have both a large private presence and one of the public clouds, okay, but they want to have the same platform layer of orchestration and management that they can use regardless of the location. >> So you guys got some success. Congratulations. Got some traction there. That's awesome. The question I want to ask you that's come up is what is truly cloud native? 'Cause there's lift and shift to the cloud. >> That's not cloud native. >> Then there's cloud native. Cloud native seems to be the driver for the super cloud. How do you talk to customers? How do you explain when someone says, "What's cloud native? What isn't cloud native?" >> Right, look, I think, first of all, the best place to look at what is the definition, and what are the attributes and characteristics of what is truly a cloud native, a CNC foundation. I mean, I think it's very well-documented, very well- >> KubeCon, of course, in Detroit's coming out. >> So it's already there, right. So we follow that very closely, right. I think just lifting and shifting your 20-year-old application onto a data center somewhere is not cloud native, okay. You can't port to cloud native. You have to rewrite and redevelop your application and business logic using modern tools, hopefully more open source, and I think that's what cloud native is, and we are seeing a lot of our customers in that journey. Now, everybody wants to be cloud native, but it's not that easy, okay, because I think it's, first of all, skillset is very important, uniformity of tools. There's so many tools. There are thousands and thousands of tools. You could spend your time figuring out which tool to use. (John laughing) Okay, so I think the complexity's there, but the business benefits of agility and uniformity and customer experience are truly being done, and I'll give you an example. I don't know how cloud native they are, right, and they're not a customer of ours, but you order pizzas. You do, right? If you just watch the pizza industry, how Domino's actually increase their share, and mine share and wallet share was not because they were making better pizzas or not. I don't know anything about that, but the whole experience of how you order, and how you watch what's happening, how it's delivered, they were the pioneer in it. To me, those are the kinds of customer experiences that cloud native can provide. >> Being agility and having that flow to the application changes what the expectations are for the customer. >> Customer, the customer's expectations change, right. Once you get used to a better customer experience, you will not. >> Bhaskar, to wrap it up, I want to just get your perspective again. One of the benefits of chatting with you here and having you a part of the Supercloud22 is you've seen many cycles. You have a lot of insights. I want to ask you, given your career, where you've been, and what you've done, and now, the CEO of Platform9, how would you compare what's happening now with other inflection points in the industry? And you've been, again, you've been an entrepreneur. You sold your company to Oracle. You've been seeing the big companies. You're seeing the different waves. What's going on right now? Put it into context, this moment in time, all right, supercloud. >> Sure. I think, as you said, a lot of battle scars. Being in an ASP, being in a realtime software company, being in large enterprise software houses in a transformation. I've been on the outside. I did the infrastructure, right, and then tried to build our own platforms. I've gone through all of this myself with a lot of lessons learned in there. I think this is an event which is happening now for companies to become cloud native and digitalized, if I were to look back and look at some parallels of the tsunami (chuckles) that's going on, couple of parallels come to me. One is, think of it which is forced on us, like Y2K. Everybody around the world had to have a plan, a strategy, and an execution for Y2K. I would say the next big thing was ecommerce. I think ecommerce has been pervasive, right, across all industries. >> And disruptive. >> And disruptive, extremely disruptive. If you did not adapt and adapt and accelerate your ecommerce initiative, it was an existence question. I think we are at that pivotal moment now in companies trying to become digital and cloud native. That is what I see happening now. >> I think that ecommerce is interesting, and I think, just to riff with you on that, is that it's disrupting and refactoring the business models. I think that is something that's coming out of this is that it's not just completely changing the game. It's just changing how you operate. >> How you think and how you operate, see, if you think about the early days of ecommerce, just putting up a shopping cart didn't make you an ecommerce or an eretailer or an ecustomer, right. So I think it's the same thing now, is I think this is a fundamental shift on how you're thinking about your business, how you would operate, how you want to service your customers. I think it requires that just lift and shift is not going to work. >> Bhaskar, thank you for coming on, spending the time to come in and share with our community and being part of Supercloud22. We really appreciate it. We're going to keep this open. We're going to keep this conversation going even after the event to open up and look at the structural changes happening now and continue to look at it in the open, in the community, and we're going to keep this going for a long, long time as we get answers to the problems that customers are looking for with cloud, cloud computing. I'm John Furrier with Supercloud22 and "theCUBE." Thanks for watching. (upbeat music)

(upbeat music) >> Hello and welcome to theCUBE's presentation of the AWS Startup Showcase. This is season two, episode four of the ongoing series covering the exciting hot startups from the AWS ecosystem. Here we're talking about cybersecurity in this episode. I'm your host, John Furrier here we're excited to have CUBE alumni who's back Snehal Antani who's the CEO and co-founder of Horizon3.ai talking about exploitable weaknesses and vulnerabilities with autonomous pen testing. Snehal, it's great to see you. Thanks for coming back. >> Likewise, John. I think it's been about five years since you and I were on the stage together. And I've missed it, but I'm glad to see you again. >> Well, before we get into the showcase about your new startup, that's extremely successful, amazing margins, great product. You have a unique journey. We talked about this prior to you doing the journey, but you have a great story. You left the startup world to go into the startup, like world of self defense, public defense, NSA. What group did you go to in the public sector became a private partner. >> My background, I'm a software engineer by education and trade. I started my career at IBM. I was a CIO at GE Capital, and I think we met once when I was there and I became the CTO of Splunk. And we spent a lot of time together when I was at Splunk. And at the end of 2017, I decided to take a break from industry and really kind of solve problems that I cared deeply about and solve problems that mattered. So I left industry and joined the US Special Operations Community and spent about four years in US Special Operations, where I grew more personally and professionally than in anything I'd ever done in my career. And exited that time, met my co-founder in special ops. And then as he retired from the air force, we started Horizon3. >> So there's really, I want to bring that up one, 'cause it's fascinating that not a lot of people in Silicon Valley and tech would do that. So thanks for the service. And I know everyone who's out there in the public sector knows that this is a really important time for the tactical edge in our military, a lot of things going on around the world. So thanks for the service and a great journey. But there's a storyline with the company you're running now that you started. I know you get the jacket on there. I noticed get a little military vibe to it. Cybersecurity, I mean, every company's on their own now. They have to build their own militia. There is no government supporting companies anymore. There's no militia. No one's on the shores of our country defending the citizens and the companies, they got to offend for themselves. So every company has to have their own military. >> In many ways, you don't see anti-aircraft rocket launchers on top of the JP Morgan building in New York City because they rely on the government for air defense. But in cyber it's very different. Every company is on their own to defend for themselves. And what's interesting is this blend. If you look at the Ukraine, Russia war, as an example, a thousand companies have decided to withdraw from the Russian economy and those thousand companies we should expect to be in the ire of the Russian government and their proxies at some point. And so it's not just those companies, but their suppliers, their distributors. And it's no longer about cyber attack for extortion through ransomware, but rather cyber attack for punishment and retaliation for leaving. Those companies are on their own to defend themselves. There's no government that is dedicated to supporting them. So yeah, the reality is that cybersecurity, it's the burden of the organization. And also your attack surface has expanded to not just be your footprint, but if an adversary wants to punish you for leaving their economy, they can get, if you're in agriculture, they could disrupt your ability to farm or they could get all your fruit to spoil at the border 'cause they disrupted your distributors and so on. So I think the entire world is going to change over the next 18 to 24 months. And I think this idea of cybersecurity is going to become truly a national problem and a problem that breaks down any corporate barriers that we see in previously. >> What are some of the things that inspired you to start this company? And I loved your approach of thinking about the customer, your customer, as defending themselves in context to threats, really leaning into it, being ready and able to defend. Horizon3 has a lot of that kind of military thinking for the good of the company. What's the motivation? Why this company? Why now? What's the value proposition? >> So there's two parts to why the company and why now. The first part was what my observation, when I left industry realm or my military background is watching "Jack Ryan" and "Tropic Thunder" and I didn't come from the military world. And so when I entered the special operations community, step one was to keep my mouth shut, learn, listen, and really observe and understand what made that community so impressive. And obviously the people and it's not about them being fast runners or great shooters or awesome swimmers, but rather there are learn-it-alls that can solve any problem as a team under pressure, which is the exact culture you want to have in any startup, early stage companies are learn-it-alls that can solve any problem under pressure as a team. So I had this immediate advantage when we started Horizon3, where a third of Horizon3 employees came from that special operations community. So one is this awesome talent. But the second part that, I remember this quote from a special operations commander that said we use live rounds in training because if we used fake rounds or rubber bullets, everyone would act like metal of honor winners. And the whole idea there is you train like you fight, you build that muscle memory for crisis and response and so on upfront. So when you're in the thick of it, you already know how to react. And this aligns to a pain I had in industry. I had no idea I was secure until the bad guy showed up. I had no idea if I was fixing the right vulnerabilities, logging the right data in Splunk, or if my CrowdStrike EDR platform was configured correctly, I had to wait for the bad guys to show up. I didn't know if my people knew how to respond to an incident. So what I wanted to do was proactively verify my security posture, proactively harden my systems. I needed to do that by continuously pen testing myself or continuously testing my security posture. And there just wasn't any way to do that where an IT admin or a network engineer could in three clicks have the power of a 20 year pen testing expert. And that was really what we set out to do, not build a autonomous pen testing platform for security people, build it so that anybody can quickly test their security posture and then use the output to fix problems that truly matter. >> So the value preposition, if I get this right is, there's a lot of companies out there doing pen tests. And I know I hate pen tests. They're like, cause you do DevOps, it changes you got to do another pen test. So it makes sense to do autonomous pen testing. So congratulations on seeing that that's obvious to that, but a lot of other have consulting tied to it. Which seems like you need to train someone and you guys taking a different approach. >> Yeah, we actually, as a company have zero consulting, zero professional services. And the whole idea is that build a true software as a service offering where an intern, in fact, we've got a video of a nine year old that in three clicks can run pen tests against themselves. And because of that, you can wire pen tests into your DevOps tool chain. You can run multiple pen tests today. In fact, I've got customers running 40, 50 pen tests a month against their organization. And that what that does is completely lowers the barrier of entry for being able to verify your posture. If you have consulting on average, when I was a CIO, it was at least a three month lead time to schedule consultants to show up and then they'd show up, they'd embarrass the security team, they'd make everyone look bad, 'cause they're going to get in, leave behind a report. And that report was almost identical to what they found last year because the older that report, the one the date itself gets stale, the context changes and so on. And then eventually you just don't even bother fixing it. Or if you fix a problem, you don't have the skills to verify that has been fixed. So I think that consulting led model was acceptable when you viewed security as a compliance checkbox, where once a year was sufficient to meet your like PCI requirements. But if you're really operating with a wartime mindset and you actually need to harden and secure your environment, you've got to be running pen test regularly against your organization from different perspectives, inside, outside, from the cloud, from work, from home environments and everything in between. >> So for the CISOs out there, for the CSOs and the CXOs, what's the pitch to them because I see your jacket that says Horizon3 AI, trust but verify. But this trust is, but is canceled out, just as verify. What's the product that you guys are offering the service. Describe what it is and why they should look at it. >> Yeah, sure. So one, when I back when I was the CIO, don't tell me we're secure in PowerPoint. Show me we're secure right now. Show me we're secure again tomorrow. And then show me we're secure again next week because my environment is constantly changing and the adversary always has a vote and they're always evolving. And this whole idea of show me we're secure. Don't trust that your security tools are working, verify that they can detect and respond and stifle an attack and then verify tomorrow, verify next week. That's the big mind shift. Now what we do is-- >> John: How do they respond to that by the way? Like they don't believe you at first or what's the story. >> I think, there's actually a very bifurcated response. There are still a decent chunk of CIOs and CSOs that have a security is a compliance checkbox mindset. So my attitude with them is I'm not going to convince you. You believe it's a checkbox. I'll just wait for you to get breached and sell to your replacement, 'cause you'll get fired. And in the meantime, I spend all my energy with those that actually care about proactively securing and hardening their environments. >> That's true. People do get fired. Can you give an example of what you're saying about this environment being ready, proving that you're secure today, tomorrow and a few weeks out. Give me an example. >> Of, yeah, I'll give you actually a customer example. There was a healthcare organization and they had about 5,000 hosts in their environment and they did everything right. They had Fortinet as their EDR platform. They had user behavior analytics in place that they had purchased and tuned. And when they ran a pen test self-service, our product node zero immediately started to discover every host on the network. It then fingerprinted all those hosts and found it was able to get code execution on three machines. So it got code execution, dumped credentials, laterally maneuvered, and became a domain administrator, which in IT, if an attacker becomes a domain admin, they've got keys to the kingdom. So at first the question was, how did the node zero pen test become domain admin? How'd they get code execution, Fortinet should have detected and stopped it. Well, it turned out Fortinet was misconfigured on three boxes out of 5,000. And these guys had no idea and it's just automation that went wrong and so on. And now they would've only known they had misconfigured their EDR platform on three hosts if the attacker had showed up. The second question though was, why didn't they catch the lateral movement? Which all their marketing brochures say they're supposed to catch. And it turned out that that customer purchased the wrong Fortinet modules. One again, they had no idea. They thought they were doing the right thing. So don't trust just installing your tools is good enough. You've got to exercise and verify them. We've got tons of stories from patches that didn't actually apply to being able to find the AWS admin credentials on a local file system. And then using that to log in and take over the cloud. In fact, I gave this talk at Black Hat on war stories from running 10,000 pen tests. And that's just the reality is, you don't know that these tools and processes are working for you until the bad guys have shown. >> The velocities there. You can accelerate through logs, you know from the days you've been there. This is now the threat. Being, I won't say lazy, but just not careful or just not thinking. >> Well, I'll do an example. We have a lot of customers that are Horizon3 customers and Splunk customers. And what you'll see their behavior is, is they'll have Horizon3 up on one screen. And every single attacker command executed with its timestamp is up on that screen. And then look at Splunk and say, hey, we were able to dump vCenter credentials from VMware products at this time on this host, what did Splunk see or what didn't they see? Why were no logs generated? And it turns out that they had some logging blind spots. So what they'll actually do is run us to almost like stimulate the defensive tools and then see what did the tools catch? What did they miss? What are those blind spots and how do they fix it. >> So your price called node zero. You mentioned that. Is that specifically a suite, a tool, a platform. How do people consume and engage with you guys? >> So the way that we work, the whole product is designed to be self-service. So once again, while we have a sales team, the whole intent is you don't need to have to talk to a sales rep to start using the product, you can log in right now, go to Horizon3.ai, you can run a trial log in with your Google ID, your LinkedIn ID, start running pen test against your home or against your network against this organization right now, without talking to anybody. The whole idea is self-service, run a pen test in three clicks and give you the power of that 20 year pen testing expert. And then what'll happen is node zero will execute and then it'll provide to you a full report of here are all of the different paths or attack paths or sequences where we are able to become an admin in your environment. And then for every attack path, here is the path or the kill chain, the proof of exploitation for every step along the way. Here's exactly what you've got to do to fix it. And then once you've fixed it, here's how you verify that you've truly fixed the problem. And this whole aha moment is run us to find problems. You fix them, rerun us to verify that the problem has been fixed. >> Talk about the company, how many people do you have and get some stats? >> Yeah, so we started writing code in January of 2020, right before the pandemic hit. And then about 10 months later at the end of 2020, we launched the first version of the product. We've been in the market for now about two and a half years total from start of the company till present. We've got 130 employees. We've got more customers than we do employees, which is really cool. And instead our customers shift from running one pen test a year to 40, 50 pen test. >> John: And it's full SaaS. >> The whole product is full SaaS. So no consulting, no pro serve. You run as often as you-- >> Who's downloading, who's buying the product. >> What's amazing is, we have customers in almost every section or sector now. So we're not overly rotated towards like healthcare or financial services. We've got state and local education or K through 12 education, state and local government, a number of healthcare companies, financial services, manufacturing. We've got organizations that large enterprises. >> John: Security's diverse. >> It's very diverse. >> I mean, ransomware must be a big driver. I mean, is that something that you're seeing a lot. >> It is. And the thing about ransomware is, if you peel back the outcome of ransomware, which is extortion, at the end of the day, what ransomware organizations or criminals or APTs will do is they'll find out who all your employees are online. They will then figure out if you've got 7,000 employees, all it takes is one of them to have a bad password. And then attackers are going to credential spray to find that one person with a bad password or whose Netflix password that's on the dark web is also their same password to log in here, 'cause most people reuse. And then from there they're going to most likely in your organization, the domain user, when you log in, like you probably have local admin on your laptop. If you're a windows machine and I've got local admin on your laptop, I'm going to be able to dump credentials, get the admin credentials and then start to laterally maneuver. Attackers don't have to hack in using zero days like you see in the movies, often they're logging in with valid user IDs and passwords that they've found and collected from somewhere else. And then they make that, they maneuver by making a low plus a low equal a high. And the other thing in financial services, we spend all of our time fixing critical vulnerabilities, attackers know that. So they've adapted to finding ways to chain together, low priority vulnerabilities and misconfigurations and dangerous defaults to become admin. So while we've over rotated towards just fixing the highs and the criticals attackers have adapted. And once again they have a vote, they're always evolving their tactics. >> And how do you prevent that from happening? >> So we actually apply those same tactics. Rarely do we actually need a CVE to compromise your environment. We will harvest credentials, just like an attacker. We will find misconfigurations and dangerous defaults, just like an attacker. We will combine those together. We'll make use of exploitable vulnerabilities as appropriate and use that to compromise your environment. So the tactics that, in many ways we've built a digital weapon and the tactics we apply are the exact same tactics that are applied by the adversary. >> So you guys basically simulate hacking. >> We actually do the hacking. Simulate means there's a fakeness to it. >> So you guys do hack. >> We actually compromise. >> Like sneakers the movie, those sneakers movie for the old folks like me. >> And in fact that was my inspiration. I've had this idea for over a decade now, which is I want to be able to look at anything that laptop, this Wi-Fi network, gear in hospital or a truck driving by and know, I can figure out how to gain initial access, rip that environment apart and be able to opponent. >> Okay, Chuck, he's not allowed in the studio anymore. (laughs) No, seriously. Some people are exposed. I mean, some companies don't have anything. But there's always passwords or so most people have that argument. Well, there's nothing to protect here. Not a lot of sensitive data. How do you respond to that? Do you see that being kind of putting the head in the sand or? >> Yeah, it's actually, it's less, there's not sensitive data, but more we've installed or applied multifactor authentication, attackers can't get in now. Well MFA only applies or does not apply to lower level protocols. So I can find a user ID password, log in through SMB, which isn't protected by multifactor authentication and still upon your environment. So unfortunately I think as a security industry, we've become very good at giving a false sense of security to organizations. >> John: Compliance drives that behavior. >> Compliance drives that. And what we need. Back to don't tell me we're secure, show me, we've got to, I think, change that to a trust but verify, but get rid of the trust piece of it, just to verify. >> Okay, we got a lot of CISOs and CSOs watching this showcase, looking at the hot startups, what's the message to the executives there. Do they want to become more leaning in more hawkish if you will, to use the military term on security? I mean, I heard one CISO say, security first then compliance 'cause compliance can make you complacent and then you're unsecure at that point. >> I actually say that. I agree. One definitely security is different and more important than being compliant. I think there's another emerging concept, which is I'd rather be defensible than secure. What I mean by that is security is a point in time state. I am secure right now. I may not be secure tomorrow 'cause something's changed. But if I'm defensible, then what I have is that muscle memory to detect, respondent and stifle an attack. And that's what's more important. Can I detect you? How long did it take me to detect you? Can I stifle you from achieving your objective? How long did it take me to stifle you? What did you use to get in to gain access? How long did that sit in my environment? How long did it take me to fix it? So on and so forth. But I think it's being defensible and being able to rapidly adapt to changing tactics by the adversary is more important. >> This is the evolution of how the red line never moved. You got the adversaries in our networks and our banks. Now they hang out and they wait. So everyone thinks they're secure. But when they start getting hacked, they're not really in a position to defend, the alarms go off. Where's the playbook. Team springs into action. I mean, you kind of get the visual there, but this is really the issue being defensible means having your own essentially military for your company. >> Being defensible, I think has two pieces. One is you've got to have this culture and process in place of training like you fight because you want to build that incident response muscle memory ahead of time. You don't want to have to learn how to respond to an incident in the middle of the incident. So that is that proactively verifying your posture and continuous pen testing is critical there. The second part is the actual fundamentals in place so you can detect and stifle as appropriate. And also being able to do that. When you are continuously verifying your posture, you need to verify your entire posture, not just your test systems, which is what most people do. But you have to be able to safely pen test your production systems, your cloud environments, your perimeter. You've got to assume that the bad guys are going to get in, once they're in, what can they do? So don't just say that my perimeter's secure and I'm good to go. It's the soft squishy center that attackers are going to get into. And from there, can you detect them and can you stop them? >> Snehal, take me through the use. You got to be sold on this, I love this topic. Alright, pen test. Is it, what am I buying? Just pen test as a service. You mentioned dark web. Are you actually buying credentials online on behalf of the customer? What is the product? What am I buying if I'm the CISO from Horizon3? What's the service? What's the product, be specific. >> So very specifically and one just principles. The first principle is when I was a buyer, I hated being nickled and dimed buyer vendors, which was, I had to buy 15 different modules in order to achieve an objective. Just give me one line item, make it super easy to buy and don't nickel and dime me. Because I've spent time as a buyer that very much has permeated throughout the company. So there is a single skew from Horizon3. It is an annual subscription based on how big your environment is. And it is inclusive of on-prem internal pen tests, external pen tests, cloud attacks, work from home attacks, our ability to harvest credentials from the dark web and from open source sources. Being able to crack those credentials, compromise. All of that is included as a singles skew. All you get as a CISO is a singles skew, annual subscription, and you can run as many pen tests as you want. Some customers still stick to, maybe one pen test a quarter, but most customers shift when they realize there's no limit, we don't nickel and dime. They can run 10, 20, 30, 40 a month. >> Well, it's not nickel and dime in the sense that, it's more like dollars and hundreds because they know what to expect if it's classic cloud consumption. They kind of know what their environment, can people try it. Let's just say I have a huge environment, I have a cloud, I have an on-premise private cloud. Can I dabble and set parameters around pricing? >> Yes you can. So one is you can dabble and set perimeter around scope, which is like manufacturing does this, do not touch the production line that's on at the moment. We've got a hospital that says every time they run a pen test, any machine that's actually connected to a patient must be excluded. So you can actually set the parameters for what's in scope and what's out of scope up front, most again we're designed to be safe to run against production so you can set the parameters for scope. You can set the parameters for cost if you want. But our recommendation is I'd rather figure out what you can afford and let you test everything in your environment than try to squeeze every penny from you by only making you buy what can afford as a smaller-- >> So the variable ratio, if you will is, how much they spend is the size of their environment and usage. >> Just size of the environment. >> So it could be a big ticket item for a CISO then. >> It could, if you're really large, but for the most part-- >> What's large? >> I mean, if you were Walmart, well, let me back up. What I heard is global 10 companies spend anywhere from 50 to a hundred million dollars a year on security testing. So they're already spending a ton of money, but they're spending it on consultants that show up maybe a couple of times a year. They don't have, humans can't scale to test a million hosts in your environment. And so you're already spending that money, spend a fraction of that and use us and run as much as you want. And that's really what it comes down to. >> John: All right. So what's the response from customers? >> What's really interesting is there are three use cases. The first is that SOC manager that is using us to verify that their security tools are actually working. So their Splunk environment is logging the right data. It's integrating properly with CrowdStrike, it's integrating properly with their active directory services and their password policies. So the SOC manager is using us to verify the effectiveness of their security controls. The second use case is the IT director that is using us to proactively harden their systems. Did they install VMware correctly? Did they install their Cisco gear correctly? Are they patching right? And then the third are for the companies that are lucky to have their own internal pen test and red teams where they use us like a force multiplier. So if you've got 10 people on your red team and you still have a million IPs or hosts in your environment, you still don't have enough people for that coverage. So they'll use us to do recon at scale and attack at scale and let the humans focus on the really juicy hard stuff that humans are successful at. >> Love the product. Again, I'm trying to think about how I engage on the test. Is there pilots? Is there a demo version? >> There's a free trials. So we do 30 day free trials. The output can actually be used to meet your SOC 2 requirements. So in many ways you can just use us to get a free SOC 2 pen test report right now, if you want. Go to the website, log in for a free trial, you can log into your Google ID or your LinkedIn ID, run a pen test against your organization and use that to answer your PCI segmentation test requirements, your SOC 2 requirements, but you will be hooked. You will want to run us more often. And you'll get a Horizon3 tattoo. >> The first hits free as they say in the drug business. >> Yeah. >> I mean, so you're seeing that kind of response then, trial converts. >> It's exactly. In fact, we have a very well defined aha moment, which is you run us to find, you fix, you run us to verify, we have 100% technical win rate when our customers hit a find, fix, verify cycle, then it's about budget and urgency. But 100% technical win rate because of that aha moment, 'cause people realize, holy crap, I don't have to wait six months to verify that my problems have actually been fixed. I can just come in, click, verify, rerun the entire pen test or rerun a very specific part of it on what I just patched my environment. >> Congratulations, great stuff. You're here part of the AWS Startup Showcase. So I have to ask, what's the relationship with AWS, you're on their cloud. What kind of actions going on there? Is there secret sauce on there? What's going on? >> So one is we are AWS customers ourselves, our brains command and control infrastructure. All of our analytics are all running on AWS. It's amazing, when we run a pen test, we are able to use AWS and we'll spin up a virtual private cloud just for that pen test. It's completely ephemeral, it's all Lambda functions and graph analytics and other techniques. When the pen test ends, you can delete, there's a single use Docker container that gets deleted from your environment so you have nothing on-prem to deal with and the entire virtual private cloud tears itself down. So at any given moment, if we're running 50 pen tests or a hundred pen tests, self-service, there's a hundred virtual private clouds being managed in AWS that are spinning up, running and tearing down. It's an absolutely amazing underlying platform for us to make use of. Two is that many customers that have hybrid environments. So they've got a cloud infrastructure, an Office 365 infrastructure and an on-prem infrastructure. We are a single attack platform that can test all of that together. No one else can do it. And so the AWS customers that are especially AWS hybrid customers are the ones that we do really well targeting. >> Got it. And that's awesome. And that's the benefit of cloud? >> Absolutely. And the AWS marketplace. What's absolutely amazing is the competitive advantage being part of the marketplace has for us, because the simple thing is my customers, if they already have dedicated cloud spend, they can use their approved cloud spend to pay for Horizon3 through the marketplace. So you don't have to, if you already have that budget dedicated, you can use that through the marketplace. The other is you've already got the vendor processes in place, you can purchase through your existing AWS account. So what I love about the AWS company is one, the infrastructure we use for our own pen test, two, the marketplace, and then three, the customers that span that hybrid cloud environment. That's right in our strike zone. >> Awesome. Well, congratulations. And thanks for being part of the showcase and I'm sure your product is going to do very, very well. It's very built for what people want. Self-service get in, get the value quickly. >> No agents to install, no consultants to hire. safe to run against production. It's what I wanted. >> Great to see you and congratulations and what a great story. And we're going to keep following you. Thanks for coming on. >> Snehal: Phenomenal. Thank you, John. >> This is the AWS Startup Showcase. I'm John John Furrier, your host. This is season two, episode four on cybersecurity. Thanks for watching. (upbeat music)

(upbeat music) >> Welcome back, everyone to CUBE Supercloud 22. I'm John Furrier, your host. Got a great influencer, Cloud Cloud RRT segment with Sarbjeet Johal, Cloud influencer, Cloud economist, Cloud consultant, Cloud advisor. Sarbjeet, welcome back, CUBE alumni. Good to see you. >> Thanks John and nice to be here. >> Now, what's your title? Cloud consultant? Analyst? >> Consultant, actually. Yeah, I'm launching my own business right now formally, soon. It's in stealth mode right now, we'll be (inaudible) >> Well, I'll just call you a Cloud guru, Cloud influencer. You've been great, friend of theCUBE. Really powerful on social. You share a lot of content. You're digging into all the trends. Supercloud is a thing, it's getting a lot of traction. We introduced that concept last reinvent. We were riffing before that. As we kind of were seeing the structural change that is now Supercloud, it really is kind of the destination or outcome of what we're seeing with hybrid cloud as a steady state into the what's now, they call multicloud, which is kind of awkward. It feels like it's default. Like multicloud, multi-vendor, but Supercloud has much more of a comprehensive abstraction around it. What's your thoughts? >> As you said, as Dave says that too, the Supercloud has that abstraction built into it. It's built on top of cloud, right? So it's being built on top of the CapEx which is being spent by likes of AWS and Azure and Google Cloud, and many others, right? So it's leveraging that infrastructure and building software stack on top of that, which is a platform. I see that as a platform being built on top of infrastructure as code. It's another platform which is not native to the cloud providers. So it's like a kind of cross-Cloud platform. That's what I said. >> Yeah, VMware calls it that cloud-cross cloud. I'm not a big fan of the name but I get what you're saying. We had a segment on earlier with Adrian Cockcroft, Laurie McVety and Chris Wolf, all part of the Cloud RRT like ourselves, and you've involved in Cloud from day one. Remember the OpenStack days Early Cloud, AWS, when they started we saw the trajectory and we saw the change. And I think the OpenStack in those early days were tell signs because you saw the movement of API first but Amazon just grew so fast. And then Azure now is catching up, their CapEx is so large that companies like Snowflake's like, "Why should I build my own? "I just sit on top of AWS, "move fast on one native cloud, then figure it out." Seems to be one of the playbooks of the Supercloud. >> Yeah, that is true. And there are reasons behind that. And I think number one reason is the skills gravity. What I call it, the developers and/or operators are trained on one set of APIs. And I've said that many times, to out compete your competition you have to out educate the market. And we know which cloud has done that. We know what traditional vendor has done that, in '90s it was Microsoft, they had VBS number one language and they were winning. So in the cloud era, it's AWS, their marketing efforts, their go-to market strategy, the micro nature of the releasing the micro sort of features, if you will, almost every week there's a new feature. So they have got it. And other two are trying to mimic that and they're having low trouble light. >> Yeah and I think GCP has been struggling compared to the three and native cloud on native as you're right, completely successful. As you're caught up and you see the Microsoft, I think is a a great selling point around multiple clouds. And the question that's on the table here is do you stay with the native cloud or you jump right to multicloud? Now multicloud by default is kind of what I see happening. We've been debating this, I'd love to get your thoughts because, Microsoft has a huge install base. They've converted to Office 365. They even throw SQL databases in there to kind of give it a little extra bump on the earnings but I've been super critical on their numbers. I think their shares are, there's clearly overstating their share, in my opinion, compared to AWS is a need of cloud, Azure though is catching up. So you have customers that are happy with Microsoft, that are going to run their apps on Azure. So if a customer has Azure and Microsoft that's technically multiple clouds. >> Yeah, true. >> And it's not a strategy, it's just an outcome. >> Yeah, I see Microsoft cloud as friendly to the internal developers. Internal developers of enterprises. but AWS is a lot more ISV friendly which is the software shops friendly. So that's what they do. They just build software and give it to somebody else. But if you're in-house developer and you have been a Microsoft shop for a long time, which enterprise haven't been that, right? So Microsoft is well entrenched into the enterprise. We know that, right? >> Yeah. >> For a long time. >> Yeah and the old joke was developers love code and just go with a lock in and then ops people don't want lock in because they want choice. So you have the DevOps movement that's been successful and they get DevSecOps. The real focus to me, I think, is the operating teams because the ops side is really with the pressure vis-a-vis. I want to get your reaction because we're seeing kind of the script flip. DevOps worked, infrastructure's code has worked. We don't yet see security as code yet. And you have things like cloud native services which is all developer, goodness. So I think the developers are doing fine. Give 'em a thumbs up and open source's booming. So they're shifting left, CI/CD pipeline. You have some issues around repo, monolithic repos, but devs are doing fine. It's the ops that are now have to level up because that seems to be a hotspot. What's your take? What's your reaction to that? Do you agree? And if you say you agree, why? >> Yeah, I think devs are doing fine because some of the devs are going into ops. Like the whole movement behind DevOps culture is that devs and ops is one team. The people who are building that application they're also operating that as well. But that's very foreign and few in enterprise space. We know that, right? Big companies like Google, Microsoft, Amazon, Twitter, those guys can do that. They're very tech savvy shops. But when it comes to, if you go down from there to the second tier of enterprises, they are having hard time with that. Once you create software, I've said that, I sound like a broken record here. So once you create piece of software, you want to operate it. You're not always creating it. Especially when it's inhouse software development. It's not your core sort of competency to. You're not giving that software to somebody else or they're not multiple tenants of that software. You are the only user of that software as a company, or maybe maximum to your employees and partners. But that's where it stops. So there are those differences and when it comes to ops, we have to still differentiate the ops of the big companies, which are tech companies, pure tech companies and ops of the traditional enterprise. And you are right, the ops of the traditional enterprise are having tough time to cope up with the changing nature of things. And because they have to run the old traditional stacks whatever they happen to have, SAP, Oracle, financial, whatnot, right? Thousands of applications, they have to run that. And they have to learn on top of that, new scripting languages to operate the new stack, if you will. >> So for ops teams do they have to spin up operating teams for every cloud specialized tooling, there's consequences to that. >> Yeah. There's economics involved, the process, if you are learning three cloud APIs and most probably you will end up spending a lot more time and money on that. Number one, number two, there are a lot more problems which can arise from that, because of the differences in how the APIs work. The rule says if you pick one primary cloud and then you're focused on that, and most of your workloads are there, and then you go to the secondary cloud number two or three on as need basis. I think that's the right approach. >> Well, I want to get your take on something that I'm observing. And again, maybe it's because I'm old school, been around the IT block for a while. I'm observing the multi-vendors kind of as Dave calls the calisthenics, they're out in the market, trying to push their wears and convincing everyone to run their workloads on their infrastructure. multicloud to me sounds like multi-vendor. And I think there might not be a problem yet today so I want to get your reaction to my thoughts. I see the vendors pushing hard on multicloud because they don't have a native cloud. I mean, IBM ultimately will probably end up being a SaaS application on top of one of the CapEx hyperscale, some say, but I think the playbook today for customers is to stay on one native cloud, run cloud native hybrid go in on OneCloud and go fast. Then get success and then go multiple clouds. versus having a multicloud set of services out of the gate. Because if you're VMware you'd love to have cross cloud abstraction layer but that's lock in too. So what's your lock in? Success in the marketplace or vendor access? >> It's tricky actually. I've said that many times, that you don't wake up in the morning and say like, we're going to do multicloud. Nobody does that by choice. So it falls into your lab because of mostly because of what MNA is. And sometimes because of the price to performance ratio is better somewhere else for certain kind of workloads. That's like foreign few, to be honest with you. That's part of my read is, that being a developer an operator of many sort of systems, if you will. And the third tier which we talked about during the VMworld, I think 2019 that you want vendor diversity, just in case one vendor goes down or it's broken up by feds or something, and you want another vendor, maybe for price negotiation tactics, or- >> That's an op mentality. >> Yeah, yeah. >> And that's true, they want choice. They want to get locked in. >> You want choice because, and also like things can go wrong with the provider. We know that, we focus on top three cloud providers and we sort of assume that they'll be there for next 10 years or so at least. >> And what's also true is not everyone can do everything. >> Yeah, exactly. So you have to pick the provider based on all these sort of three sets of high level criteria, if you will. And I think the multicloud should be your last choice. Like you should not be gearing up for that by default but it should be by design, as Chuck said. >> Okay, so I need to ask you what does Supercloud in my opinion, look like five, 10 years out? What's the outcome of a good Supercloud structure? What's it look like? Where did it come from? How did it get there? What's your take? >> I think Supercloud is getting born in the absence of having standards around cloud. That's what it is. Because we don't have standards, we long, or we want the services at different cloud providers, Which have same APIs and there's less learning curve or almost zero learning curve for our developers and operators to learn that stuff. Snowflake is one example and VMware Stack is available at different cloud providers. That's sort of infrastructure as a service example if you will. And snowflake is a sort of data warehouse example and they're going down the stack. Well, they're trying to expand. So there are many examples like that. What was the question again? >> Is Supercloud 10 years out? What does it look like? What's the components? >> Yeah, I think the Supercloud 10 years out will expand because we will expand the software stack faster than the hardware stack and hardware stack will be expanding of course, with the custom chips and all that. There was the huge event yesterday was happening from AWS. >> Yeah, the Silicon. >> Silicon Day. And that's an eyeopening sort of movement and the whole technology consumption, if you will. >> And yeah, the differentiation with the chips with supply chain kind of herding right now, we think it's going to be a forcing function for more cloud adoption. Because if you can't buy networking gear you going to go to the cloud. >> Yeah, so Supercloud to me in 10 years, it will be bigger, better in the likes of HashiCorp. Actually, I think we need likes of HashiCorp on the infrastructure as a service side. I think they will be part of the Supercloud. They are kind of sitting on the side right now kind of a good vendor lost in transition kind of thing. That sort of thing. >> It's like Kubernetes, we'll just close out here. We'll make a statement. Is Kubernetes a developer thing or an infrastructure thing? It's an ops thing. I mean, people are coming out and saying Kubernetes is not a developer issue. >> It's ops thing. >> It's an ops thing. It's in operation, it's under the hood. So you, again, this infrastructure's a service integrating this super pass layer as Dave Vellante and Wikibon call it. >> Yeah, it's ops thing, actually, which enables developers to get that the Azure service, like you can deploy your software in sort of different format containers, and then you don't care like what VMs are those? And, but Serverless is the sort of arising as well. It was hard for a while now it's like the lull state, but I think Serverless will be better in next three to five years on. >> Well, certainly the hyperscale is like AWS and Azure and others have had great CapEx and investments. They need to stay ahead, in your opinion, final question, how do they stay ahead? 'Cause, AWS is not going to stand still nor will Azure, they're pedaling as fast as they can. Google's trying to figure out where they fit in. Are they going to be a real cloud or a software stack? Same with Oracle. To me, it's really, the big race is now with AWS and Azure's nipping at their heels. Hyperscale, what do they need to do to differentiate going forward? >> I think they are in a limbo. They, on one side, they don't want to compete with their customers who are sitting on top of them, likes of Snowflake and others, right? And VMware as well. But at the same time, they have to keep expanding and keep innovating. And they're debating within their themselves. Like, should we compete with these guys? Should we launch similar sort of features and functionality? Or should we keep it open? And what I have heard as of now that internally at AWS, especially, they're thinking about keeping it open and letting people sort of (inaudible)- >> And you see them buying some the Cerner with Oracle that bought Cerner, Amazon bought a healthcare company. I think the likes of MongoDB, Snowflake, Databricks, are perfect examples of what we'll see I think on the AWS side. Azure, I'm not so sure, they like to have a little bit more control at the top of the stack with the SaaS, but I think Databricks has been so successful open source, Snowflake, a little bit more proprietary and closed than Databricks. They're doing well is on top of data, and MongoDB has got great success. All of these things compete with AWS higher level services. So, that advantage of those companies not having the CapEx investment and then going multiple clouds on other ecosystems that's a path of customers. Stay one, go fast, get traction, then go. >> That's huge. Actually the last sort comment I want to make is that, Also, that you guys include this in the definition of Supercloud, the likes of Capital One and Soner sort of vendors, right? So they are verticals, Capital One is in this financial vertical, and then Soner which Oracle bar they are in this healthcare vertical. And remember in the beginning of the cloud and when the cloud was just getting born. We used to say that we will have the community clouds which will be serving different verticals. >> Specialty clouds. >> Specialty clouds, community clouds. And actually that is happening now at very sort of small level. But I think it will start happening at a bigger level. The Goldman Sachs and others are trying to build these services on the financial front risk management and whatnot. I think that will be- >> Well, what's interesting, which you're bringing up a great discussion. We were having discussions around these vertical clouds like Goldman Sachs Capital One, Liberty Mutual. They're going all in on one native cloud then going into multiple clouds after, but then there's also the specialty clouds around functionality, app identity, data security. So you have multiple 3D dimensional clouds here. You can have a specialty cloud just on identity. I mean, identity on Amazon is different than Azure. Huge issue. >> Yeah, I think at some point we have to distinguish these things, which are being built on top of these infrastructure as a service, in past with a platform, a service, which is very close to infrastructure service, like the lines are blurred, we have to distinguish these two things from these Superclouds. Actually, what we are calling Supercloud maybe there'll be better term, better name, but we are all industry path actually, including myself and you or everybody else. Like we tend to mix these things up. I think we have to separate these things a little bit to make things (inaudible) >> Yeah, I think that's what the super path thing's about because you think about the next generation SaaS has to be solved by innovations of the infrastructure services, to your point about HashiCorp and others. So it's not as clear as infrastructure platform, SaaS. There's going to be a lot of interplay between this levels of services. >> Yeah, we are in this flasker situation a lot of developers are lost. A lot of operators are lost in this transition and it's just like our economies right now. Like I was reading at CNBC today, and here's sort of headline that people are having hard time understanding what state the economy is in. And so same is true with our technology economy. Like we don't know what state we are in. It's kind of it's in the transition phase right now. >> Well we're definitely in a bad economy relative to the consumer market. I've said on theCUBE publicly, Dave has as well, not as aggressive. I think the tech is still in a boom. I don't think there's tech bubble at all that's bursting, I think, the digital transformation from post COVID is going to continue. And this is the first recession downturn where the hyperscalers have been in market, delivering the economic value, almost like they're pumping on all cylinders and going to the next level. Go back to 2008, Amazon web services, where were they? They were just emerging out. So the cloud economic impact has not been factored into the global GDP relationship. I think all the firms that are looking at GDP growth and tech spend as a correlation, are completely missing the boat on the fact that cloud economics and digital transformation is a big part of the new economics. So refactoring business models this is continuing and it's just the early days. >> Yeah, I have said that many times that cloud works good in the bad economy and cloud works great in the good economy. Do you know why? Because there are different type of workloads in the good economy. A lot of experimentation, innovative solutions go into the cloud. You can do experimentation that you have extra money now, but in the bad economy you don't want to spend the CapEx because don't have money. Money is expensive at that point. And then you want to keep working and you don't need (inaudible) >> I think inflation's a big factor too right now. Well, Sarbjeet, great to see you. Thanks for coming into our studio for our stage performance for Supercloud 22, this is a pilot episode that we're going to get a consortium of experts Cloud RRT like yourselves, in the conversation to discuss what the architecture is. What is a taxonomy? What are the key building blocks and what things need to be in place for Supercloud capability? Because it's clear that if without standards, without defacto standards, we're at this tipping point where if it all comes together, not all one company can do everything. Customers want choice, but they also want to go fast too. So DevOps is working. It's going the next level. We see this as Supercloud. So thank you so much for your participation. >> Thanks for having me. And I'm looking forward to listen to the other sessions (inaudible) >> We're going to take it on A stickers. We'll take it on the internet. I'm John Furrier, stay tuned for more Supercloud 22 coverage, here at the Palo Alto studios in one minute. (bright music)

(upbeat music) >> Welcome back everyone to Supercloud22, I'm John Furrier, host of theCUBE here in Palo Alto. For this next ecosystem's segment we have Muddu Sudhakar, who is the co-founder and CEO of Aisera, a friend of theCUBE, Cube alumni, serial entrepreneur, multiple exits, been on multiple times with great commentary. Muddu, thank you for coming on, and supporting our- >> Also thank you for having me, John. >> Yeah, thank you. Great handshake there, I love to do it. One, I wanted you here because, two reasons, one is, congratulations on your new funding. >> Thank you. >> For $90 million, Series D funding. >> Series D funding. >> So, huge validation in this market. >> It is. >> You have been experienced software so, it's a real testament to your team. But also, you're kind of in the Supercloud vortex. This new wave that Supercloud is part of is, I call it the pretext to what's coming with multi-clouds. It is the next level. >> I see. >> Structural change and we have been reporting on it, Dave and I, and we are being challenged. So, we decided to open it up. >> Very good, I would love it. >> And have a conversation rather than waiting eight months to prove that we are right. Which, we are right, but that is a long story. >> You're always right. (both laughs) >> What do you think of Supercloud, that's going on? What is the big trend? Because its public cloud is great, so there is no conflict there. >> Right. >> It's got great business, it's integrated, IaaS, to SaaS, PaaS, all in the beginning, or the middle. All that is called good. Now you have on-premise high rate cloud. >> Right. >> Edge is right around the corner. Exploding in new capabilities. So, complexity is still here. >> That's right, I think, you nailed it. We talk about hybrid cloud, and multi cloud. Supercloud is kind of elevates the message even better. Because you still have to leave for some of our clouds, public clouds. There will be some of our clouds, still running on the Edge. That's where, the Edge cloud comes in. Some will still be on-prem. So, the Supercloud as a concept is beyond hybrid and multi cloud. To me, I will run some of our cloud on Amazon. Some could be on Aisera, some could be running only on Edge, right? >> Mm hm >> And we still have, what we call remote executors. Some leaders of service now. You have, what we call the mid-server, is what I think it was called. Where you put in a small code and run it. >> Yeah. >> So, I think all those things will be running on-prem environment and VMware cloud, et cetera. >> And if you look back at, I think it has been five years now, maybe four or five years since Andy Jassy at reInvent announced Outposts. Think that was the moment in time that Dave and I took this pause back and said "Okay, that's Amazon." who listens to their customers. Acknowledging Hybrid. >> Right. >> Then we saw the rise of Snowflakes, the Databricks, specialty clouds. You start to see people who are building on top of AWS. But at MongoDB, it is a database, now they are a full blown, large scale data platform. These companies took advantage of the public cloud to build, as Jerry Chen calls it, "Castles in the cloud." >> Right. >> That seems to be happening in all areas. What do you think about that? >> Right, so what is driving the cloud? To me, we talk about machine learning in AI, right? Versus clouded options. We used to call it lift and shift. The outposts and lift and shift. Initially this was to get the data into the cloud. I think if you see, the vendor that I like the most, is, I'm not picking any favorite but, Microsoft Azure, they're thinking like your Supercloud, right? Amazon is other things, but Azure is a lot more because they run on-prem. They are also on Azure CloudFront, Amazon CloudFront. So I think, Azure and Amazon are doing a lot more in the area of Supercloud. What is really helping is the machine learning environment, needs Superclouds. Because I will be running some on the Edge, some compute, some will be running on the public cloud, some could be running on my data center. So, I think the Supercloud is really suited for AI and automation really well. >> Yeah, it is a good point about Microsoft, too. And I think Microsoft's existing install base saved Azure. >> Okay. >> They brought Office 365, Sequel Server, cause their customers weren't leaving Microsoft. They had the productivity thing nailed down as well as the ability to catch up >> That's right. >> To AWS. So, natural extension to on-premise with Microsoft. >> I think... >> Tell us- >> Your Supercloud is what Microsoft did. Right? Azure. If you think of, like, they had an Office 365, their SharePoint, their Dynamics, taking all of those properties, running on the Azure. And still giving the migration path into a data center. Is Supercloud. So, the early days Supercloud came from Azure. >> Well, that's a good point, we will certainly debate that. I will also say that Snowflake built on AWS. >> That's right. >> Okay, and became a super powerhouse with the data business. As did Databricks. >> That's right. >> Then went to Azure >> That's right. >> So, you're seeing kind of the Playbook. >> Right. >> Go fast on Cloud Native, the native cloud. Get that fly wheel going, then get going, somewhere else. >> It is, and to that point I think you and me are talking, right? If you are to start at one cloud and go to another cloud, the amount of work as a vendor for us to use for implement. Today, like we use all three clouds, including the Gov Cloud. It's a lot of work. So, what will happen, the next toolkit we use? Even services like Elastic. People will not, the word commoditize, is not the word, but people will create an abstraction layer, even for S3. >> Explain that, explain that in detail. So, elastic? What do you mean by that? >> Yeah, so what that means is today, Elasticsearch, if you do an Elasticsearch on Amazon, if I go to Azure, I don't want enter another Elasticsearch layer. Ideally I want us to write an abstracted search layer. So, that when I move my services into a different cloud I don't want to re-compute and re-calculate everything. That's a lot of work. Particularly once you have a production customer, if I were to shift the workloads, even to the point of infrastructure, take S3, if I read infrastructure to S3 and tomorrow I go to Azure. Azure will have its own objects store. I don't want to re-validate that. So what will happen is digital component, Kubernetes is already there, we want storage, we want network layer, we want VPM services, elastic as well as all fundamental stuff, including MongoDB, should be abstracted to run. On the Superclouds. >> Okay, well that is a little bit of a unicorn fantasy. But let's break that down. >> Sure. >> Do you think that's possible? >> It is. Because I think, if I am on MongoDB, I should be able to give a horizontal layer to MongoDB that is optimized for all three of them. I don't want MongoDB. >> First of all, everyone will buy that. >> Sure. >> I'm skeptical that that's possible. Given where we are at right now. So, you're saying that a vendor will provide an abstraction layer. >> No, I'm saying that either MongoDB, itself will do it, or a third party layer will come as a service which will abstract all this layer so that we will write to an AP layer. >> So what do you guys doing? How do you handle multiple clouds? You guys are taking that burden on, because it makes sense, you should build the abstraction layer. Not rely on a third party vendor right? >> We are doing it because there is no third party available offer it. But if you offer a third party tomorrow, I will use that as a Supercloud service. >> If they're 100% reliable? >> That's right. That's exactly it. >> They have to do the work. >> They have to do the work because if today I am doing it because no one else is offering it- >> Okay so what people might not know is that you are an angel investor as well as an entrepreneur been very successful, so you're rich, you have a lot of money. If I were a startup and I said, Muddu, I want to build this abstraction layer. What would be funding advice that you would give me as an entrepreneur? As a company to do that? >> I would do it like an Apigee that Google acquired, you should create an Apigee-like layer, for infrastructure upfront services, I think that is a very good option. >> And you think that is viable? >> It is very much viable. >> Would that be part of Supercloud architecture, in your opinion? >> It is. Right? And that will abstract all the clouds to some level. Like it is like Kubernetes abstract, so that if I am running on Kubernetes I can transfer to any cloud. >> Yeah >> But that should go from computer into other infrastructures. >> It's seems to me, Muddu, and I want to get your thoughts about this whole Supercloud defacto standard opportunity. It feels like we are waiting for a moment where there is some sort of defacto unification, whether it is in the distraction layer, or a standards body. There is no W3C here going on. I mean, W3C was for web consortium, for world wide web. The Supercloud seems to be having the same impact the web had. Transformative, disruptive, re-factoring business operations. Is there a standardized body or an opportunity for a defacto? Like Kubernetes was a great example of a unification around something for orchestration. Is there a better version in the Supercloud model where we need a standard? >> Yes and no. The reason is because by the time you come to standard, take time to look what happened. First, we started with VMs, then became Docker and Containers then we came to Kubernetes. So it goes through a journey. I think the next few years will be stood on SuperCloud let's make customers happy, let's make enough services going, and then the standards will come. Standards will be almost 2-3 years later. So I don't think standards should happen right now. Right now, all we need is, we need enough start ups to create the super layer abstraction, with the goal in mind of AI automation. The reason, AI is because AI needs to be able to run that. Automated because running a work flow is, I can either run a workflow in the cloud services, I can run it on on-prem, I can run it on database, so you have two good applications, take AI and automation with Supercloud and make enough enough noise on that make enough applications, then the standards will come. >> On this project we have been with SuperCloud these past day we have heard a lot of people talking. The themes that developers are okay, they are doing great. Open source is booming. >> Yes >> Cloud Native's got major traction. Developers are going fast and they love it, shifting left, all these great things. They're putting a lot of data, DevOps and the security teams, they're the ones who are leveling up. We are hearing a lot of conversations around how they can be faster. What is your view on this as relative to that Supercloud nirvana getting there? How are DevOps and security teams leveling up to devs? >> A couple of things. I think that in the world of DevSecOps and security ops. The reason security is important, right? Given what is going on, but you don't need to do security the manual way. I think that whole new operation that you and me talked about, AI ops should happen. Where the AI ops is for service operation, for performance, for incident or for security. Nobody thinks of AI security. So, the DevOps people should think more world of AI ops, so that I can predict, prevent things before they happen. Then the security will be much better. So AI ops with Supercloud will probably be that nirvana. But that is what should happen. >> In the AI side of things, what you guys are doing, what are you learning, on scale, relative to data? Is there, you said machine learning needs data, it needs scale operation. What's your view on the automation piece of all this? >> I think to me, the data is the single, underrated, unsung kind of hero in the whole machine learning. Everyone talks about AI and machine learning algorithms. Algorithms are as important, but even more important is data. Lack of data I can't do algorithms. So my advice to customers is don't lose your data. That is why I see, Frank, my old boss, setting everything up into the data cloud, in Snowflake. Data is so important, store the data, analyze the data. Data is the new AI. You and me talk so many times- >> Yeah >> It's underrated, people are not anticipating how important it is. But the data is coming from logs, events, whether there is knowledge documents, any data in any form. I think keep the data, analyze the data, data patterns, and then things like SuperCloud can really take advantage of that. >> So, in the Supercloud equation one of the things that has come up is that the native clouds do great. Their IaaS to SaaS is interactions that solve a lot of problems. There is integration that is good. >> Right. >> Now when you go off cloud, you get regions, get latency issues- >> Right >> You have more complexity. So what's the trade off in the Supercloud journey, if you had to guess? And just thinking out loud here, what would be some of the architectural trade offs of how you do it, what's the sequence? What's the order of operations to get Superclouding going? >> Yeah, very good questions here. I think once you start going from the public cloud, the clouds there scale to lets say, even a regional data center onto an Edge, latency will kick in. The lack of computer function will kick in. So there I think everything should become asynchronous, right? You will run the application in a limited environment. You should anticipate for small memories, small compute, long latencies, but still following should happen. So some operations should become the old-school following, like, it's like the email. I send an email, it's an asynchronous thing, I made a sponsor, I think most of message passing should go back to the old-school architectures They should become asynchronous where thing can rely. I think, as long as algorithms can take that into Edge, I think that Superclouds can really bridge between the public cloud to the edge. >> Muddu, thanks for coming, we really appreciate your insights here. You've always been a great friend, great commentator. If you weren't the CEO and a famous angel investor, we would certainly love to have you as a theCUBE analyst, here on theCUBE. >> I am always available for you. (John laughs) >> When you retire, you can come back. Final point, we've got time left. We'll give you a chance to talk about the company. I'm really intrigued by the success of your ninety million dollar financing realm because we are in a climate where people aren't getting those kinds of investments. It's usually down-rounds. >> Okay >> 409 adjustments, people are struggling. You got an up-round and you got a big number. Why the success? What is going on with the company? Why are you guys getting such great validation? Goldman Sachs, Thoma Bravo, Zoom, these are big names, these are the next gen winners. >> It is. >> Why are they picking you? Why are they investing in you? >> I think it is not one thing, it is many things. First all, I think it is a four-year journey for us where we are right now. So, the company started late 2017. It is getting the right customers, partners, employees, team members. So it is a lot hard work went in. So a lot of thanks to the Aisera community for where we are. Why customers and where we are? Look, fundamentally there is a problem to solve. Like, what Aisera is trying to solve is can we automate customer service? Whether internal employees, external customer support. Do it for IT, HR, sales, marketing, all the way to ops. Like you talk about DevSecOps, I don't want thousands of tune ups for ops. If I can make that job better, >> Yeah >> I want to, any job I want to automate. I call it, elevate the human, right? >> Yeah. >> And that's the reason- >> 'Cause you're saying people have to learn specialty tools, and there are consequences to that. >> Right, and to me, people should focus on more important tasks and use AI as a tool to automate those things right? It's like thinking of offering Apple City as Alexa as a service, that is how we are trying to offer customer service, like, right? And if it can do that consistently, and reduce costs, cost is a big reason why customers like us a lot, we have eliminated the cost in this down economy, I will amplify our message even more, right? I am going to take a bite out of their expense. Whether it is tool expense, it's on resources. Second, is user productivity And finally, experience. People want experience. >> Final question, folks out there, first of all, what do you think about Supercloud? And if someone asks you what is this Supercloud thing? How would you answer? >> Supercloud, is, to me, beyond multi cloud and hybrid cloud. It is to bridge applications that are build in Supercloud can run on all clouds seamlessly. You don't need to compile them, re-clear them. Supercloud is one place to build, develop, and deploy. >> Great, Muddu. Thank you for coming on. Supercloud22 here breaking it down with the ecosystem commentary, we have a lot of people coming to the small group of experts in our network, bringing you in open conversation around the future of cloud computing and applications globally. And again, it is all about the next generation cloud. This is theCUBE, thanks for watching. (upbeat music)

welcome back to thecube's live coverage coming to you from the big apple in new york city we're talking all things aws summit but right now i've got two powerhouses you know them you love them john furrier dave vellante going to be talking about super cloud guys we've been talking a lot about this there's a big event coming up on the cube august 9th and i gotta start dave with you because we talk about it pretty much in every interview where it's relevant why super cloud yeah so john furrier years ago started a tradition lisa prior to aws which was to lay down the expectation for our audiences what they should be looking for at aws reinvent okay john when did that start 2012 2013. actually 2013 was our first but 2015 was the first time when we get access to andy jassy who wasn't doing any briefings and we realized that the whole industry started looking at amazon web services as a structural forcing function of massive change uh some say inflection point we were saying complete redefinition so you wrote the trillion dollar baby yeah right which actually turns into probably multi-trillion dollars we got it right on that one surprisingly it was pretty obvious so every year since then john has published the seminal article prior to reinvent so this year we were talking we're coming out of the isolation economy and john hedwig also also adam silevski was the new ceo so we had a one-on-one with adam that's right and then that's where the convergence between andy jassy and adam celebski kicked in which is essentially those guys work together even though they he went off and boomerang back in as they say in aws but what's interesting was is that adam zluski's point of view piggyback jassy but he had a different twist yeah some so you know low you know people who didn't have really a lot of thought into it said oh he's copying microsoft moving up the stack we're like no no no no no something structural is happening again and so john wrote the piece and he started sharing it we're collaborating he said hey dave take a take a look add your perspectives and then jerry chen had just written castles in the cloud and he talked about sub-markets and we were sort of noodling and one of the other things was in 2018 2019 around that time at aws re invent there was this friction between like snowflake and aws because redshift separated compute from storage which was snowflake's whole thing now fast forward to 2021 after we're leaving you know the covert economy by the way everyone was complaining they are asking jassy are you competing with your ecosystem the classic right trope and then in in remember jason used to use cloudera as the example i would like to maybe pick a better example snowflake became that example and what the transition was it went from hey we're kind of competitive for sure there's a lot of examples but it went from we're competitive they're stealing our stuff to you know what we're making so much money building on top of aws specifically but also the clouds and cross clouds so we said there's something new happening in the ecosystem and then just it popped up this term super cloud came up to connote a layer that floats above the hyperscale capex not is it's not pass it's not sas it's the combination of the of those things on top of a new digital infrastructure and we chose the term super cloud we liked it better than multi-cloud because multiplayer at least one other point too i think four or five years earlier dave and i across not just aws reinvent all of our other events we were speculating that there might be a tier two cloud service provider models and we've talked with intel about this and others just kind of like evaluating it staring at it and we met by tier two like maybe competing against amazon but what happened was it wasn't a tier two cloud it was a super cloud built on the capex of aws which means initially was a company didn't have to build aws to be like aws and everybody wanted to be like aws so we saw the emergence of the smart companies saying hey let's refactor our business model in the category or industry scope and to dominate with cloud scale and they did it that then continued that was the premise of chen's post which was kind of rift on the cube initially which is you can have a moat in a castle in the cloud and have a competitive advantage and a sustainable differentiation model and that's exactly what's happening and then you introduce the edge and hybrid you now have a cloud operating model that that super cloud extends as a substrate across all environments so it's not multi-cloud which sounds broken and like put it distance jointed joint barriers hybrid cloud which is the hybrid operating model at scale and you don't have to be amazon to take advantage of all the value creation since they took care of the capex now they win too on the other side because because they're selling ec2 and storage and ml and ai and this is new and this is information that people don't might not know about internally at aws there was a debate dave okay i heard this from sources do we go all in and compete and just own the whole category or open the ecosystem and coexist with [ __ ] why do we have these other companies or snowflake and guess what the decision was let's make it open ecosystem and let's have our own offerings as well and let the winner take off smart because they can't hire enough people and we just had aws and snowflake on the cube a few weeks ago talking about the partnership the co-op petition the value in it but what's been driving it is the voice of the customer but i want to ask you paint the picture for the audience of the critical key components of super cloud what are those yeah so i think first and foremost super cloud as john was saying it's not multi-cloud chuck whitten had a great phrase at dell tech world he said multi-cloud by default right versus multi-cloud by design and multi-cloud has been by default it's been this sort of i run in aws and i run my stack in azure or i run my stack in gcp and it works or i wrap my stack in a container and host it in the cloud that's what multi-cloud has been so the first sort of concept is it's a layer that that abstracts the underlying complexity of all the clouds all the primitives uh it takes advantage of maybe graviton or microsoft tooling hides all that and builds new value on top of that the other piece of of super cloud is it's ecosystem driven really interesting story you just told because literally amazon can't hire everybody right so they have to rely on the ecosystem for feature acceleration so it's it also includes a path layer a super pass layer we call it because you need to develop applications that are specific to the problem that the super cloud is solving so it's not a generic path like openshift it's specific to whether it's snowflake or [ __ ] or aviatrix so that developers can actually build on top of and not have to worry about that underlying and also there's some people that are criticizing um what we're doing in a good way because we want to have an open concept sure but here's the thing that a lot of people don't understand they're criticizing or trying to kind of shoot holes in our new structural change that we're identifying to comparing it to old that's like saying mainframe and mini computers it's like saying well the mainframe does it this way therefore there's no way that's going to be legitimate so the old thinking dave is from people that have no real foresight in the new model right and so they don't really get it right so what i'm saying is that we look at structural change structural change is structural change it either happens or it doesn't so what we're observing is the fact that a snowflake didn't design their solution to be multi-cloud they did it all on aws and then said hey why would we why are we going to stop there let's go to azure because microsoft's got a boatload of customers because they have a vertically stacking integration for their install base so if i'm snowflake why wouldn't i be on azure and the same for gcp and the same for other things so this idea that you can get the value of an amp what amazon did leverage and all that value without paying for it up front is a huge dynamic and that's not just saying oh that's cloud that's saying i have a cloud-like scale cloud-like value proposition which which will look like an ecosystem so to me the acid test is if i build on top of say [ __ ] or say snowflake or super cloud by default i'm either a category leader i own the data at scale or i'm sharing data at scale and i have an ecosystem people are building on top of me so that's a platform so that's really difficult so what's happening is these ecosystem partners are taking advantage as john said of all the hyperscale capex and they're building out their version of a distributed global system and then the other attribute of super cloud is it's got metadata management capability in other words it knows if i'm optimizing for latency where in the super cloud to get the data or how to protect privacy or sovereignty or how many copies to make to have the proper data protection or where the air gap should be for ransomware so these are examples of very specific purpose-built super clouds that are filling gaps that the hyperscalers aren't going after what's a good example of a specific super cloud that you think really articulates what you guys are talking about i think there are a lot of them i think snowflake is a really good example i think vmware is building a multi-cloud management system i think aviatrix and virtual you know private cloud networking and for high performance networking i think to a certain extent what oracle is doing with azure is is is definitely looks like a super cloud i think what capital one is doing by building on to taking their own tools and and and moving that to snowflake now that they're not cross-cloud yet but i predict that they will be of i think uh what veeam is doing in data protection uh dell what they showed at dell tech world with project alpine these are all early examples of super well here's an indicator here's how you look at the example so to me if you're just lifting and shifting that was the first gen cloud that's not changing the business model so i think the number one thing to look at is is the company whether they're in a vertical like insurance or fintech or financial are they refactoring their spend not as an i.t cost but as a refactoring of their business model yes like what snowflake did dave or they say okay i'm gonna change how i operate not change my business model per se or not my business identity if i'm gonna provide financial services i don't have to spend capex it's operating expenses i get the capex leverage i redefine i get the data at scale and now i become a service provider to everybody else because scale will determine the power law of who wins in the verticals and in the industry so we believe that snowflake is a data warehouse in the cloud they call it a data cloud now i don't think snowflake would like that dave i call them a data warehouse no a super data cloud but but so the other key here is you know the old saying that andreessen came up with i guess with every company's a software company well what does that mean it means every company software company every company is going digital well how are they going to do that they're going to do that by taking their business their data their tooling their proprietary you know moat and moving that to the cloud so they can compete at scale every company should be if they're not thinking about doing a super cloud well walmart i think i think andreessen's wrong i think i would revise and say that andreessen and the brain trust at andreas and horowitz is that that's no longer irrelevant every company isn't a software company the software industry is called open source everybody is an open source company and every company will be at super cloud that survives yeah to me to me if you're not looking at super cloud as a strategy to get value and refactor your business model take advantage of what you're paying it for but you're paying now in a new way you're building out value so that's you're either going to be a super cloud or get services from a super cloud so if you're not it's like the old joke dave if you're at the table and you don't know who the sucker is it's probably you right so if you're looking at the marketplace you're saying if i'm not a super cloud i'm probably gonna have to work with one because they're gonna have the data they're gonna have the insights they're gonna have the scale they're going to have the castle in the cloud and they will be called a super cloud so in customer conversations helping customers identify workloads to move to the cloud what are the ideal workloads and services to run in super cloud so i honestly think virtually any workload could be a candidate and i think that it's really the business that they're in that's going to define the workload i'll say what i mean so there's certain businesses where low latency high performance transactions are going to matter that's you know kind of the oracle's business there's certain businesses like snowflake where data sharing is the objective how do i share data in a governed way in a secure way in any location across the world that i can monetize so that's their objective you take a data protection company like veeam their objective is to protect data so they have very specific objectives that ultimately dictate what the workload looks like couchbase is another one they they in my opinion are doing some of the most interesting things at the edge because this is where when you when you really push companies in the cloud including the hyperscalers when they get out to the far edge it starts to get a little squishy couchbase actually is developing capabilities to do that and that's to me that's the big wild card john i think you described it accurately the cloud is expanding you've got public clouds no longer just remote services you're including on-prem and now expanding out to the near edge and the deep what do you call it deep edge or far edge lower sousa called the tiny edge right deep edge well i mean look at look at amazon's outpost announcement to me hp e is opportunity dell has opportunities the hardware box guys companies they have an opportunity to be that gear to be an outpost to be their own output they get better stacks they have better gear they just got to run cloud on it yeah right that's an edge node right so so that's that would be part of the super cloud so this is where i think people that are looking at the old models like operating systems or systems mindsets from the 80s they look they're not understanding the new architecture what i would say to them is yeah i hear what you're saying but the structural change is the nodes on the network distributed computing if you will is going to run hybrid cloud all the way across the fact that it's multiple clouds is just coincidence on who's got the best capex value that people build on for their super cloud capability so why wouldn't i be on azure if microsoft's going to give me all their customers that are running office 365 and teams great if i want to be on amazon's kind of sweet which is their ecosystem why wouldn't i want to tap into that so again you can patch it all together in the super cloud so i think the future will be distributed computing cloud architecture end to end and and we felt that was different from multi-cloud you know if you want to call it multi-cloud 2.0 that's fine but you know frankly you know sometimes we get criticized for not defining it tightly enough but we continue to evolve that definition i've never really seen a great definition from multi-cloud i think multi-cloud by default was the definition i run in multiple clouds you know it works in azure it's not a strategy it's a broken name it's a symptom right it's a symptom of multi-vendor is really what multi-cloud has been and so we felt like it was a new term of examples look what we're talking about snowflake data bricks databricks another good one these are these are examples goldman sachs and we felt like the term immediately connotes something bigger something that sits above the clouds and is part of a digital platform you know the people poo poo the metaverse because it's really you know not well defined but every 15 or 20 years this industry goes through dave let me ask you a question so uh lisa you too if i'm in the insurance vertical uh and i'm a i'm an insurance company i have competitors my customers can go there and and do business with that company and you know and they all know that they go to the same conferences but in that sector now you have new dynamics your i.t spend isn't going to keep the lights on and make your apps work your back-end systems and your mobile app to get your whatever now it's like i have cloud scale so what if i refactored my business model become a super cloud and become the major primary service provider to all the competitors and the people that are the the the channel partners of the of the ecosystem that means that company could change the category totally okay and become the dominant category leader literally in two three years if i'm geico okay i i got business in the cloud because i got the app and i'm doing transactions on geico but with all the data that they're collecting there's adjacent businesses that they can get into maybe they're in the safety business maybe they can sell data to governments maybe they can inform logistics and highway you know patterns roll up all the people that don't have the same scale they have and service them with that data and they get subscription revenue and they can build on top of the geico super insurance cloud right yes it's it's unlimited opportunity that's why it's but the multi-trillion dollar baby so talk to us you've done an amazing job of talking which i know you would of why super cloud what it is the critical components the key workloads great examples talk to us in our last few minutes about the event the cube on super cloud august 9th what's the audience going to who are they going to hear from what are they going to learn yeah so august 9th live out of our palo alto studio we're going to have a program that's going to run from 9 a.m to 1 p.m and we're going to have a number of industry luminaries in there uh kit colbert from from vmware is going to talk about you know their strategy uh benoit de javille uh from snowflake is going to is going to be there of g written house of sky-high security um i i i don't want to give it away but i think steve mullaney is going to come on adrian uh cockroft is coming on the panel keith townsend sanjeev mohan will be on so we'll be running that live and also we'll be bringing in pre-recorded interviews that we'll have prior to the show that will run post the live event it's really a pilot virtual event we want to do a physical event we're thinking but the pilot is to bring our trusted friends together they're credible that have industry experience to try to understand the scope of what we're talking about and open it up and help flesh out the definition make it an open model where we can it's not just our opinion we're observing identifying the structural changes but bringing in smart people our smart friends and companies are saying yeah we get behind this because it has it has legs for a reason so we're gonna zoom out and let people participate and let the conversation and the community drive the content and that is super important to the cube as you know dave but i think that's what's going on lisa is that it's a pilot if it has legs we'll do a physical event certainly we're getting phones to bring it off the hook for sponsors so we don't want to go and go all in on sponsorships right now because it's not about money making it's about getting that super cloud clarity around to help companies yeah we want to evolve the concept and and bring in outside perspectives well the community is one of the best places to do that absolutely organic it's an organic community where i mean people want to find out what's going on with the best practices of how to transform a business and right now digital transformation is not just getting digitized it's taking advantage of the technology to leapfrog the competition so all the successful people we talked to at least have the same common theme i'm changing my game but not changing my game to the customer i'm just going to do it differently better faster cheaper more efficient and have higher margins and beat the competition that's the company doesn't want to beat the competition go to thecube.net if you're not all they're all ready to register for the cube on supercloud august 9th 9am pacific you won't want to miss it for john furrier and dave vellante i'm lisa martin we're all coming at you from new york city at aws summit 22. i'll be right back with our next guest [Music] you