(bright upbeat music) >> Hello, everyone. Welcome to SiliconANGLE News breaking story here. Amazon Web Services expanding their relationship with Hugging Face, breaking news here on SiliconANGLE. I'm John Furrier, SiliconANGLE reporter, founder, and also co-host of theCUBE. And I have with me, Swami, from Amazon Web Services, vice president of database, analytics, machine learning with AWS. Swami, great to have you on for this breaking news segment on AWS's big news. Thanks for coming on and taking the time. >> Hey, John, pleasure to be here. >> You know- >> Looking forward to it. >> We've had many conversations on theCUBE over the years, we've watched Amazon really move fast into the large data modeling, SageMaker became a very smashing success, obviously you've been on this for a while. Now with ChatGPT OpenAI, a lot of buzz going mainstream, takes it from behind the curtain inside the ropes, if you will, in the industry to a mainstream. And so this is a big moment, I think, in the industry, I want to get your perspective, because your news with Hugging Face, I think is another tell sign that we're about to tip over into a new accelerated growth around making AI now application aware, application centric, more programmable, more API access. What's the big news about, with AWS Hugging Face, you know, what's going on with this announcement? >> Yeah. First of all, they're very excited to announce our expanded collaboration with Hugging Face, because with this partnership, our goal, as you all know, I mean, Hugging Face, I consider them like the GitHub for machine learning. And with this partnership, Hugging Face and AWS, we'll be able to democratize AI for a broad range of developers, not just specific deep AI startups. And now with this, we can accelerate the training, fine tuning and deployment of these large language models, and vision models from Hugging Face in the cloud. And the broader context, when you step back and see what customer problem we are trying to solve with this announcement, essentially if you see these foundational models, are used to now create like a huge number of applications, suggest like tech summarization, question answering, or search image generation, creative, other things. And these are all stuff we are seeing in the likes of these ChatGPT style applications. But there is a broad range of enterprise use cases that we don't even talk about. And it's because these kind of transformative, generative AI capabilities and models are not available to, I mean, millions of developers. And because either training these elements from scratch can be very expensive or time consuming and need deep expertise, or more importantly, they don't need these generic models, they need them to be fine tuned for the specific use cases. And one of the biggest complaints we hear is that these models, when they try to use it for real production use cases, they are incredibly expensive to train and incredibly expensive to run inference on, to use it at a production scale. So, and unlike web search style applications, where the margins can be really huge, here in production use cases and enterprises, you want efficiency at scale. That's where Hugging Face and AWS share our mission. And by integrating with Trainium and Inferentia, we're able to handle the cost efficient training and inference at scale, I'll deep dive on it. And by teaming up on the SageMaker front, now the time it takes to build these models and fine tune them is also coming down. So that's what makes this partnership very unique as well. So I'm very excited. >> I want to get into the time savings and the cost savings as well on the training and inference, it's a huge issue, but before we get into that, just how long have you guys been working with Hugging Face? I know there's a previous relationship, this is an expansion of that relationship, can you comment on what's different about what's happened before and then now? >> Yeah. So, Hugging Face, we have had a great relationship in the past few years as well, where they have actually made their models available to run on AWS, you know, fashion. Even in fact, their Bloom Project was something many of our customers even used. Bloom Project, for context, is their open source project which builds a GPT-3 style model. And now with this expanded collaboration, now Hugging Face selected AWS for that next generation office generative AI model, building on their highly successful Bloom Project as well. And the nice thing is, now, by direct integration with Trainium and Inferentia, where you get cost savings in a really significant way, now, for instance, Trn1 can provide up to 50% cost to train savings, and Inferentia can deliver up to 60% better costs, and four x more higher throughput than (indistinct). Now, these models, especially as they train that next generation generative AI models, it is going to be, not only more accessible to all the developers, who use it in open, so it'll be a lot cheaper as well. And that's what makes this moment really exciting, because we can't democratize AI unless we make it broadly accessible and cost efficient and easy to program and use as well. >> Yeah. >> So very exciting. >> I'll get into the SageMaker and CodeWhisperer angle in a second, but you hit on some good points there. One, accessibility, which is, I call the democratization, which is getting this in the hands of developers, and/or AI to develop, we'll get into that in a second. So, access to coding and Git reasoning is a whole nother wave. But the three things I know you've been working on, I want to put in the buckets here and comment, one, I know you've, over the years, been working on saving time to train, that's a big point, you mentioned some of those stats, also cost, 'cause now cost is an equation on, you know, bundling whether you're uncoupling with hardware and software, that's a big issue. Where do I find the GPUs? Where's the horsepower cost? And then also sustainability. You've mentioned that in the past, is there a sustainability angle here? Can you talk about those three things, time, cost, and sustainability? >> Certainly. So if you look at it from the AWS perspective, we have been supporting customers doing machine learning for the past years. Just for broader context, Amazon has been doing ML the past two decades right from the early days of ML powered recommendation to actually also supporting all kinds of generative AI applications. If you look at even generative AI application within Amazon, Amazon search, when you go search for a product and so forth, we have a team called MFi within Amazon search that helps bring these large language models into creating highly accurate search results. And these are created with models, really large models with tens of billions of parameters, scales to thousands of training jobs every month and trained on large model of hardware. And this is an example of a really good large language foundation model application running at production scale, and also, of course, Alexa, which uses a large generator model as well. And they actually even had a research paper that showed that they are more, and do better in accuracy than other systems like GPT-3 and whatnot. So, and we also touched on things like CodeWhisperer, which uses generative AI to improve developer productivity, but in a responsible manner, because 40% of some of the studies show 40% of this generated code had serious security flaws in it. This is where we didn't just do generative AI, we combined with automated reasoning capabilities, which is a very, very useful technique to identify these issues and couple them so that it produces highly secure code as well. Now, all these learnings taught us few things, and which is what you put in these three buckets. And yeah, like more than 100,000 customers using ML and AI services, including leading startups in the generative AI space, like stability AI, AI21 Labs, or Hugging Face, or even Alexa, for that matter. They care about, I put them in three dimension, one is around cost, which we touched on with Trainium and Inferentia, where we actually, the Trainium, you provide to 50% better cost savings, but the other aspect is, Trainium is a lot more power efficient as well compared to traditional one. And Inferentia is also better in terms of throughput, when it comes to what it is capable of. Like it is able to deliver up to three x higher compute performance and four x higher throughput, compared to it's previous generation, and it is extremely cost efficient and power efficient as well. >> Well. >> Now, the second element that really is important is in a day, developers deeply value the time it takes to build these models, and they don't want to build models from scratch. And this is where SageMaker, which is, even going to Kaggle uses, this is what it is, number one, enterprise ML platform. What it did to traditional machine learning, where tens of thousands of customers use StageMaker today, including the ones I mentioned, is that what used to take like months to build these models have dropped down to now a matter of days, if not less. Now, a generative AI, the cost of building these models, if you look at the landscape, the model parameter size had jumped by more than thousand X in the past three years, thousand x. And that means the training is like a really big distributed systems problem. How do you actually scale these model training? How do you actually ensure that you utilize these efficiently? Because these machines are very expensive, let alone they consume a lot of power. So, this is where SageMaker capability to build, automatically train, tune, and deploy models really concern this, especially with this distributor training infrastructure, and those are some of the reasons why some of the leading generative AI startups are actually leveraging it, because they do not want a giant infrastructure team, which is constantly tuning and fine tuning, and keeping these clusters alive. >> It sounds like a lot like what startups are doing with the cloud early days, no data center, you move to the cloud. So, this is the trend we're seeing, right? You guys are making it easier for developers with Hugging Face, I get that. I love that GitHub for machine learning, large language models are complex and expensive to build, but not anymore, you got Trainium and Inferentia, developers can get faster time to value, but then you got the transformers data sets, token libraries, all that optimized for generator. This is a perfect storm for startups. Jon Turow, a former AWS person, who used to work, I think for you, is now a VC at Madrona Venture, he and I were talking about the generator AI landscape, it's exploding with startups. Every alpha entrepreneur out there is seeing this as the next frontier, that's the 20 mile stairs, next 10 years is going to be huge. What is the big thing that's happened? 'Cause some people were saying, the founder of Yquem said, "Oh, the start ups won't be real, because they don't all have AI experience." John Markoff, former New York Times writer told me that, AI, there's so much work done, this is going to explode, accelerate really fast, because it's almost like it's been waiting for this moment. What's your reaction? >> I actually think there is going to be an explosion of startups, not because they need to be AI startups, but now finally AI is really accessible or going to be accessible, so that they can create remarkable applications, either for enterprises or for disrupting actually how customer service is being done or how creative tools are being built. And I mean, this is going to change in many ways. When we think about generative AI, we always like to think of how it generates like school homework or arts or music or whatnot, but when you look at it on the practical side, generative AI is being actually used across various industries. I'll give an example of like Autodesk. Autodesk is a customer who runs an AWS and SageMaker. They already have an offering that enables generated design, where designers can generate many structural designs for products, whereby you give a specific set of constraints and they actually can generate a structure accordingly. And we see similar kind of trend across various industries, where it can be around creative media editing or various others. I have the strong sense that literally, in the next few years, just like now, conventional machine learning is embedded in every application, every mobile app that we see, it is pervasive, and we don't even think twice about it, same way, like almost all apps are built on cloud. Generative AI is going to be part of every startup, and they are going to create remarkable experiences without needing actually, these deep generative AI scientists. But you won't get that until you actually make these models accessible. And I also don't think one model is going to rule the world, then you want these developers to have access to broad range of models. Just like, go back to the early days of deep learning. Everybody thought it is going to be one framework that will rule the world, and it has been changing, from Caffe to TensorFlow to PyTorch to various other things. And I have a suspicion, we had to enable developers where they are, so. >> You know, Dave Vellante and I have been riffing on this concept called super cloud, and a lot of people have co-opted to be multicloud, but we really were getting at this whole next layer on top of say, AWS. You guys are the most comprehensive cloud, you guys are a super cloud, and even Adam and I are talking about ISVs evolving to ecosystem partners. I mean, your top customers have ecosystems building on top of it. This feels like a whole nother AWS. How are you guys leveraging the history of AWS, which by the way, had the same trajectory, startups came in, they didn't want to provision a data center, the heavy lifting, all the things that have made Amazon successful culturally. And day one thinking is, provide the heavy lifting, undifferentiated heavy lifting, and make it faster for developers to program code. AI's got the same thing. How are you guys taking this to the next level, because now, this is an opportunity for the competition to change the game and take it over? This is, I'm sure, a conversation, you guys have a lot of things going on in AWS that makes you unique. What's the internal and external positioning around how you take it to the next level? >> I mean, so I agree with you that generative AI has a very, very strong potential in terms of what it can enable in terms of next generation application. But this is where Amazon's experience and expertise in putting these foundation models to work internally really has helped us quite a bit. If you look at it, like amazon.com search is like a very, very important application in terms of what is the customer impact on number of customers who use that application openly, and the amount of dollar impact it does for an organization. And we have been doing it silently for a while now. And the same thing is true for like Alexa too, which actually not only uses it for natural language understanding other city, even national leverages is set for creating stories and various other examples. And now, our approach to it from AWS is we actually look at it as in terms of the same three tiers like we did in machine learning, because when you look at generative AI, we genuinely see three sets of customers. One is, like really deep technical expert practitioner startups. These are the startups that are creating the next generation models like the likes of stability AIs or Hugging Face with Bloom or AI21. And they generally want to build their own models, and they want the best price performance of their infrastructure for training and inference. That's where our investments in silicon and hardware and networking innovations, where Trainium and Inferentia really plays a big role. And we can nearly do that, and that is one. The second middle tier is where I do think developers don't want to spend time building their own models, let alone, they actually want the model to be useful to that data. They don't need their models to create like high school homeworks or various other things. What they generally want is, hey, I had this data from my enterprises that I want to fine tune and make it really work only for this, and make it work remarkable, can be for tech summarization, to generate a report, or it can be for better Q&A, and so forth. This is where we are. Our investments in the middle tier with SageMaker, and our partnership with Hugging Face and AI21 and co here are all going to very meaningful. And you'll see us investing, I mean, you already talked about CodeWhisperer, which is an open preview, but we are also partnering with a whole lot of top ISVs, and you'll see more on this front to enable the next wave of generated AI apps too, because this is an area where we do think lot of innovation is yet to be done. It's like day one for us in this space, and we want to enable that huge ecosystem to flourish. >> You know, one of the things Dave Vellante and I were talking about in our first podcast we just did on Friday, we're going to do weekly, is we highlighted the AI ChatGPT example as a horizontal use case, because everyone loves it, people are using it in all their different verticals, and horizontal scalable cloud plays perfectly into it. So I have to ask you, as you look at what AWS is going to bring to the table, a lot's changed over the past 13 years with AWS, a lot more services are available, how should someone rebuild or re-platform and refactor their application of business with AI, with AWS? What are some of the tools that you see and recommend? Is it Serverless, is it SageMaker, CodeWhisperer? What do you think's going to shine brightly within the AWS stack, if you will, or service list, that's going to be part of this? As you mentioned, CodeWhisperer and SageMaker, what else should people be looking at as they start tinkering and getting all these benefits, and scale up their ups? >> You know, if we were a startup, first, I would really work backwards from the customer problem I try to solve, and pick and choose, bar, I don't need to deal with the undifferentiated heavy lifting, so. And that's where the answer is going to change. If you look at it then, the answer is not going to be like a one size fits all, so you need a very strong, I mean, granted on the compute front, if you can actually completely accurate it, so unless, I will always recommend it, instead of running compute for running your ups, because it takes care of all the undifferentiated heavy lifting, but on the data, and that's where we provide a whole variety of databases, right from like relational data, or non-relational, or dynamo, and so forth. And of course, we also have a deep analytical stack, where data directly flows from our relational databases into data lakes and data virus. And you can get value along with partnership with various analytical providers. The area where I do think fundamentally things are changing on what people can do is like, with CodeWhisperer, I was literally trying to actually program a code on sending a message through Twilio, and I was going to pull up to read a documentation, and in my ID, I was actually saying like, let's try sending a message to Twilio, or let's actually update a Route 53 error code. All I had to do was type in just a comment, and it actually started generating the sub-routine. And it is going to be a huge time saver, if I were a developer. And the goal is for us not to actually do it just for AWS developers, and not to just generate the code, but make sure the code is actually highly secure and follows the best practices. So, it's not always about machine learning, it's augmenting with automated reasoning as well. And generative AI is going to be changing, and not just in how people write code, but also how it actually gets built and used as well. You'll see a lot more stuff coming on this front. >> Swami, thank you for your time. I know you're super busy. Thank you for sharing on the news and giving commentary. Again, I think this is a AWS moment and industry moment, heavy lifting, accelerated value, agility. AIOps is going to be probably redefined here. Thanks for sharing your commentary. And we'll see you next time, I'm looking forward to doing more follow up on this. It's going to be a big wave. Thanks. >> Okay. Thanks again, John, always a pleasure. >> Okay. This is SiliconANGLE's breaking news commentary. I'm John Furrier with SiliconANGLE News, as well as host of theCUBE. Swami, who's a leader in AWS, has been on theCUBE multiple times. We've been tracking the growth of how Amazon's journey has just been exploding past five years, in particular, past three. You heard the numbers, great performance, great reviews. This is a watershed moment, I think, for the industry, and it's going to be a lot of fun for the next 10 years. Thanks for watching. (bright music)

(upbeat music) >> Announcer: TheCUBE presents Ignite '22 brought to you by Palo Alto Networks. >> Welcome back to Las Vegas guys and girls. Lisa Martin here with Dave Vellante. This is day one of the cube's two day coverage of Palo Alto Networks Ignite at the MGM Grand. Dave, we've been having some great conversations today, we have a great two day lineup execs from Palo Alto, it's partner network, customers, et cetera. Going to be talking about infrastructure as code. We talk about that a lot, how Palo is partnering with its partner ecosystem to really help customers deliver security across the organization. >> We do a predictions post every year. Hopefully you can hear me. So we do this predictions post every year. I've done it for a number of years, and I want to say it was either 2018 or 2019, we predicted that HashiCorp was one of these companies to watch. And then last August, on August 9th, we had supercloud event in Palo Alto. We had David McJannet in, who is the CEO of HashiCorp. And we really see Hashi as a key player in terms of affecting multicloud consistency. Sometimes we call it supercloud, you building on top of the hyperscale cloud. So super excited to have HashiCorp on. >> Really an important conversation. We've got an alumni back with us. Asvin Ramesh is here the senior director of Alliances at HashiCorp. Welcome back. >> Yeah, thank you. Good to be back. >> Great to have you. Talk to us a little bit about what's going on at HashiCorp, your relationship with Palo Alto Networks, and what's in it for customers. >> Yeah, no, no, great question. So, Palo Alto has been a fantastic partner of ours for many years now. We started way back in 2018, 2019 focusing on the basics, putting integrations in place that customers can be using together. And so it's been a great journey. Both are very synergistic. Palo Alto is focused on multicloud, so are we, we focus on cloud infrastructure automation, and ensuring that customers are able to bring in agility, reliability, security, and be able to deliver to their business. And then Palo Alto brings in great security components to that multicloud story. So it's a great story altogether. >> Some of the challenges that organizations have been facing. Palo Alto just released a survey, I think this morning if I can find it here what's next in cyber organizations facing massive headwinds ransomware becoming a household word, business email compromise being a challenge. But also in the last couple of years the massive shift to multi-club or organizations are living an operating need to do so securely. It's no longer nice to have anymore. It's absolutely table stakes for survival, and being able to thrive and grow for any business. >> Yeah, no, I think it's almost a sort of rethinking of how you would build your infrastructure up. So the more times you do it right the better you are built to scale. That's been one of the bedrocks of how we've been working with Palo Alto, which is rethinking how should IT be building their infrastructure in a multicloud world. And I think the market timing is right for both of us in terms of the progress that we've been able to make. >> So, I mean Terraform has really become sort of a key ingredient to the cloud operating model, especially across clouds. Kind of describe how partners, and customers are are implementing that cross-cloud capability. What's that journey look like? What's the level of maturity today? >> Yeah, great question, Dave. So we sort of see customers in three buckets. The first bucket is when customers are in the initial phases of their cloud journey. So they have disparate teams in their business units try out clouds themselves. Typically there is some event that occurs either some sort of a security scare or a a cloud cost event that triggers a rethinking of how they should be thinking about this in a scalable way. So that leads to where the cloud operating model which is a framework that HashiCorp has. And we use that successfully with customers to talk them through how they should be thinking about their process, about how they should be standardizing how people operate, and then the products they should be including, but then you come to that stage, and you start to think about a centralized platform team that is putting in golden workflows, that is putting in as a service mindset for their business units thinking through policies at a corporate level. And then that is a second stage. And then, but this is also in some customers more around public clouds. But then the third stage that we see is when they start embracing their private cloud or the on-prem data center, and have the same principles address across both public clouds, and the on-prem data center, and then Terraform scale for any infrastructure. So, once you start to put these practices in place not just from a technology standpoint, but from a process, and product standpoint, you're easily able to scale with that central platform organization. >> So, it's all about that consistency across your estate irrespective of whether it's on-prem in AWS, Azure, Google, the Edge, maybe. I mean, that's starting, right? >> Asvin: Yes. >> And so when you talk about the... Break it down a little bit process and product, where do you and Palo Alto sort of partner and add value? What's that experience like? >> Yeah, so, I think as I mentioned earlier the bedrock is having ways in which customers are able to use our products together, right? And then being able to evangelize the usage of that product. So one example I'll give you is with Prisma Cloud, and Terraform Cloud to your point about Terraform earlier. So customers can be using Prisma Cloud with Terraform Cloud in a way that you can get security context telemetry during an infrastructure run, and then use policies that you have in Prisma Cloud to be able to get or run or to implement or run or make sure essentially it is adhering to your security policy or any other audits that you want to create or any other cost that you want to be able to control. >> Where are your customer conversations these days? We know that security is a board level conversation. Interestingly, in that same survey that Palo Alto released this morning that I mentioned they found that there's a big lack of alignment between the board and the C-suite staff, the executive suite in terms of security. Where are your conversations, and how are you maybe facilitating that alignment that needs to be there? Because security it's not a nice to have. >> Yeah, I think in our experience, the alignment is there. I think especially with the macro environment it's more about where where do you allocate those resources. I think those are conversations that we're just starting to see happen, but I think it's the natural progression of how the environment is moving, and maybe another quarter or two, I think we'll see greater alignment there. >> So, and I saw some data that said I guess it was a study you guys did 90% of customer say multicloud is working for them. That surprised me 'cause you hear all this negativity around multicloud, I've been kind of negative about multicloud to be honest. Like that's a symptom of MNA, and a or multi-vendor. But how do you interpret that? When they say multicloud is working? How so? >> Yeah, I think the maturity of customers are varied as I mentioned through the stages, right? So, there are customers who even in the initial phases of their journey where they have different business units using different clouds, and from a C standpoint that might still look like multicloud, right? Though the way we think about it is you should be really in stage two, and stage three to real leverage the real power of multicloud. But I think it's that initial hump that you need to go through, and being able to get oriented towards it, have the right set of skillsets, the thought process, the product, the process in place. And once you have that then you'll start reaping the benefits over a period of time, especially when some other environments events happen, and you're able to easily adjust to that because you're leveraging this multicloud environment, and you have a clear policy of where you'll use which cloud. >> So I interpreted that data as, okay, multicloud is working from the standpoint of we are multicloud, okay? So, and our business is working, but when I talk to customers, they want more to your point, they want that consistent experience. And so it's been by, to use somebody else's term, by default. Chuck Whitten I think came up with that term versus by design. And now I think they have an objective of, okay, let's make multicloud work even better. Maybe I can say that. And so what does that experience look like? That means a common experience all the way through my stack, my infrastructure stack, which is that's going to be interesting to see how that goes down 'cause you got three separate clouds, and are doing their own APIs. But certainly from a security standpoint, the PaaS layer, even as I go up the stack, how do you see that outcome, and say the next two to five years? >> Yeah, so, we go back to our customers, and they're very successful ones who've used the cloud operating model. And for us the cloud operating model for us includes four layers. So on the infrastructure layer, we have Terraform and Packer, on the security layer we have Vault and Boundary, on the networking layer we have Consul, and then on applications we have Nomad and Waypoint. But then you really look at, from a people process, and product standpoint, for people it's how do you standardize the workflows that they're able to use, right? So if you have a central platform team in place that is looking at common use cases that multiple business units are using. and then creates a golden workflow, for example, right? For these various business units to be able to use or creates what we call a system of record for cloud adoption it helps multiple business units then latch onto this work that this central platform team is doing. And they need to have a product mindset, right? So not like a project that you just start and end with. You have this continuous improvement mindset within that platform team. And they build these processes, they build these golden workflows, they build these policies in place, and then they offer that as a service to the business units to be able to use. So that increases the adoption of multicloud. And also more importantly, you can then allow that multicloud usage to be governed in the way that aligns with your overall corporate objectives. And obviously in self-interest, you'd use Terraform or Vault because you can then use it across multiple clouds. >> Well, let's say I buy into that. Okay, great. So I want that common experience 'cause so when you talk about infrastructure, take us through an example. So when I hear infrastructure, I say, okay if I'm using an S3 bucket over here an Azure blob over there, they got different APIs, they got different primitives. I want you to abstract that away. Is that what you do? >> Yeah, so I think we've seen different use cases being used across different clouds too. So I don't think it's sort of as simple as, hey, should I use this or that? It is ensuring that the common tool that you use to be able to leverage safer provisioning, right? Is Terraform. So the central team is then trained in not only just usage of Terraform open source, but their Terraform cloud, which is our managed service, and Terraform enterprise which is the self-managed, but on-prem product, it's them being qualified to be able to build these consistent workflows using whatever tool that they have or whatever skew that they have from Terraform. And then applying business logic on top of that to your point about, hey, we'd like to use AWS for these kind of workloads. We'd like to use GCP, for example, on data or use Microsoft Azure for some other type of- >> Collaboration >> Right? But the common tooling, right? Remains around the usage of Terraform, and they've trained their teams there's a standard workflow, there's standard process around it. >> Asvin, I was looking at that survey the HashiCorp state of cloud strategy survey, and it talked about skill shortages as being the number one barrier to multicloud. We talk about the cyber skills gap all the time. It's huge. It's obviously a huge issue. I saw some numbers just the other day that there's 26 million developers but there's less than 3 million cybersecurity professionals. How does HashiCorp and Palo Alto Networks, how do you help customers address that skills gap so that they that they can leverage multicloud as a driver of the business? >> Yeah, another great question. So I think I'd say in two or three different ways. One is be able to provide greater documentation for our customers to be able to self use the product so that with the existing people, for example, you build out a known example, right? You're trying to achieve this goal here is how you use our products together. And so they'll be able to self-service, right? So that's one. Second is obviously both of us have great services partners, so we are always working with these services partners to get their teams trained and scaled up around these skill gaps. And I think I'd say the third which is where we see a lot of adoption is around usage of the managed services that we have. If you take Palo Alto's example in this Palo Alto will speak better to it, but they have SOC services, right? That you can consume. So, they're performing that service for you. Similarly, on our side we have a HashiCorp Cloud Platform, HCP, where you can consume Vault as a service, you can consume Consul as a service. Terraform cloud is a managed service, so you don't need as many people to be able to run that service. And we abstract all the complexity associated with that by ourselves, right? So I'd say these are the three ways that we address it. >> So Zero Trust across big buzzword. We heard this in this morning keynotes, AWS is always saying, well, we'll talk about it too, but, okay, customers are starting to talk about Zero Trust. You talk to CISOs, they're like, yes, we're adopting this mentality of unless you're trusted, we don't trust you. So, okay, cool. So you think about the cloud you've got the shared responsibility model, and then you've got the application developers are being asked to do more, secure the code. You got the CISO now has to deal with not only the shared responsibility model, but shared responsibility models across clouds, and got to bring his or her security ethos to the app dev team, and then you got to audit kind of making sure they're like the last line of defense. So my question is when you think about code security and Zero Trust in that new environment the problem with a lot of the clouds is they don't make the CISOs life any easier. So I got to believe that your objective with Palo Alto is to actually make the organization's lives easier. So, how do you deal with all that complexity in specifically in a Zero Trust multicloud environment? >> Yeah, so I'll give you a specific example. So, on code to cloud security which is one of Palo Alto's sort of key focus area is that Prisma Cloud and Terraform Cloud example that I gave, right? Where you'd be able to use what we call run tasks essentially, web hook integrations to be able to get a run or provide some telemetry back to Prisma Cloud for customers to be able to make a decision. On the Zero Trust side, we partner both on the Prisma Cloud side, and the Cortex XSOAR side around our products of Vault and and Consul. So what Vault does is it allows you to control secrets, it allows you to store secrets. So a Prisma Cloud or a Cortex customer can be using secrets from Vault familiarly for that particular transaction or workflow itself, right? Rather than, and so it's based on identity, and not on the basis of just the secret sort of lying around. Same thing with console helps you with discovery, and management of services. So, Cortex and you can automate, a lot of this work can get automated using the product that I talked about from Zero Trust. I think the key thing for Zero Trust in our view is it is a end destination, right? So it'll take certain time, depends on the enterprise, depends on where things are. It's a question of specifically focusing on value that Palo Alto and HashiCorp's products bring to solve specific use cases within that Zero Trust bucket, and solve one problem at a time rather than try to say that, hey, only Palo Alto, and only HashiCorp or whatever will solve everything in Zero Trust, right? Because that is not going to be- >> And to your point, it's never going to end, right? I mean you're talk about Cortex bringing a lot of automation. You guys bring a lot of automation now Palo Alto just bought Cider Security. Now we're getting into supply chain. I mean it going to hit it at the edge and IoT, the people don't want another IoT stove pipe. >> Lisa: No. >> Right? They want that to be part of the whole picture. So, you're never done. >> Yeah, no, but it is this continuous journey, right? And again, different companies are different parts of that journey, and then you go and rinse and repeat, you maybe acquire another company, and then they have a different maturity, so you get them on board on this. And so we see this as a multi-generational shift as Dave like to call it. And we're happy to be in the middle of it with Palo Alto Networks. >> It's definitely a multi-generational shift. Asvin, it's been great having you back on theCUBE. Thank you for giving us the update on what Hashi and Palo Alto are doing, the value in it for customers, the cloud operating model. And we should mention that HashiCorp yesterday just won a Technology Partner of the Year award. Congratulations. Yes. >> We're very, very thrilled with the recognition from Palo Alto Networks for the Technology Partner of the Year. >> Congrats. >> Thank you Keep up the great partnership. Thank you so much. We appreciate your insights. >> Thank you so much. >> For our guest, and for Dave Vellante, I'm Lisa Martin, live in Las Vegas. You watching theCUBE, the leader in live enterprise and emerging tech coverage. (upbeat music)

>>the Cube presents H P E discovered 2022. Brought to you by H P E. >>Hi, buddy Dave Balon and Jon Ferrier Wrapping up the cubes. Coverage of day two, hp Discover 2022. We're live from Las Vegas. Vishal Lall is here. He's the senior vice president and general manager for HP ES Green Lake Cloud Services Solutions. Michelle, good to see you again. >>Likewise. David, good to see you. It was about a year ago that we met here. Or maybe nine months >>ago. That's right. Uh, September of last year. A new role >>for you. Is that right? I was starting that new role when I last met you. Yeah, but it's been nine months. Three quarters? What have you learned so far? I mean, it's been quite a right, right? I mean, when I was starting off, I had, you know, about three priorities we've executed on on all of them. So, I mean, if you remember back then they we talked about, you know, improving a cloud experience. We talked about data and analytics being a focus area and then building on the marketplace. I think you heard a lot of that over the last couple of days here. Right? So we've enhanced our cloud experience. We added a private cloud, which was the big announcement yesterday or day before yesterday that Antonio made so that's been I mean, we've been testing that with customers. Great feedback so far. Right? And we're super excited about that. And, uh, you know, uh, down there, the test drive section people are testing that. So we're getting really, really good feedback. Really good acceptance from customers on the data and Analytics side. We you know, we launched the S three connector. We also had the analytics platform. And then we launched data fabric as a service a couple of days ago, right, which is kind of like back into that hybrid world. And then on the marketplace side, we've added a tonne of partners going deep with them about 80 plus partners now different SVS. So again, I think, uh, great. I think we've accomplished a lot over the last three quarters or so lot more to be done. Though >>the marketplace is really interesting to us because it's a hallmark of cloud. You've got to have a market price. Talk about how that's evolving and what your vision is for market. Yes, >>you're exactly right. I mean, having a broad marketplace provides a full for the platform, right? It's a chicken and egg. You need both. You need a good platform on which a good marketplace can set, but the vice versa as well. And what we're doing two things there, Right? One Is we expanding coverage of the marketplace. So we're adding more SVS into the marketplace. But at the same time, we're adding more capabilities into the marketplace. So, for example, we just demoed earlier today quickly deploy capabilities, right? So we have an I S p in the marketplace, they're tested. They are, uh, the work with the solution. But now you can you can collect to deploy directly on our infrastructure over time, the lad, commerce capabilities, licencing capabilities, etcetera. But again, we are super excited about that capability because I think it's important from a customer perspective. >>I want to ask you about that, because that's again the marketplace will be the ultimate arbiter of value creation, ecosystem and marketplace. Go hand in hand. What's your vision for what a successful ecosystem looks like? What's your expectation now that Green Lake is up and running. I stay up and running, but like we've been following the announcement, it just gets better. It's up to the right. So we're anticipating an ecosystem surge. Yeah. What are you expecting? And what's your vision for? How the ecosystem is going to develop out? Yeah. I >>mean, I've been meeting with a lot of our partners over the last couple of days, and you're right, right? I mean, I think of them in three or four buckets right there. I s V s and the I S P is coming to two forms right there. Bigger solutions, right? I think of being Nutanix, right, Home wall, big, bigger solutions. And then they are smaller software packages. I think Mom would think about open source, right? So again, one of them is targeted to developers, the other to the I t. Tops. But that's kind of one bucket, right? I s P s, uh, the second is around the channel partners who take this to market and they're asking us, Hey, this is fantastic. Help us understand how we can help you take this to market. And I think the other bucket system indicators right. I met with a few today and they're all excited about. They're like, Hey, we have some tooling. We have the manage services capabilities. How can we take your cloud? Because they build great practise around extent around. Sorry. Aws around? Uh, sure. So they're like, how can we build a similar practise around Green Lake? So again, those are the big buckets. I would say. Yeah, >>that's a great answer. Great commentary. I want to just follow up on that real quick. You don't mind? So a couple things we're seeing observing I want to get your reaction to is with a i machine learning. And the promise of that vertical specialisation is creating unique opportunities on with these platforms. And the other one is the rise of the managed service provider because expertise are hard to come by. You want kubernetes? Good luck finding talent. So managed services seem to be exploding. How does that fit into the buckets? Or is it all three buckets or you guys enable that? How do you see that coming? And then the vertical piece? >>A really good question. What we're doing is through our software, we're trying to abstract a lot of the complexity of take communities, right? So we are actually off. We have actually automated a whole bunch of communities functionality in our software, and then we provide managed services around it with very little. I would say human labour associated with it is is software manage? But at the same time we are. What we are trying to do is make sure that we enable that same functionality to our partners. So a lot of it is software automation, but then they can wrap their services around it, and that way we can scale the business right. So again, our first principle is automated as much as we can to software right abstract complexity and then as needed, uh, at the Manus Services. >>So you get some functionality for HP to have it and then encourage the ecosystem to fill it in or replicated >>or replicated, right? I mean, I don't think it's either or it should be both right. We can provide many services or we should have our our partners provide manage services. That's how we scale the business. We are the end of the day. We are product and product company, right, and it can manifest itself and services. That discussion was consumed, but it's still I p based. So >>let's quantify, you know, some of that momentum. I think the last time you call your over $800 million now in a are are you gotta You're growing at triple digits. Uh, you got a big backlog. Forget the exact number. Uh, give us a I >>mean, the momentum is fantastic Day. Right. So we have about $7 billion in total contract value, Right? Significant. We have 1600 customers now. Unique customers are running Green Lake. We have, um, your triple dip growth year over year. So the last quarter, we had 100% growth year over year. So again, fantastic momentum. I mean, the other couple, like one other metric I would like to talk about is the, um the stickiness factor associated tension in our retention, right? As renewal's is running in, like, high nineties, right? So if you think about it, that's a reflection of the value proposition of, like, >>that's that's kind of on a unit basis, if you will. That's the number >>on the revenue basis on >>revenue basis. Okay? >>And the 1600 customers. He's talking about the size and actually big numbers. Must be large companies that are. They're >>both right. So I'll give you some examples, right? So I mean, there are large companies. They come from different industries. Different geography is we're seeing, like, the momentum across every single geo, every single industry. I mean, just to take some examples. BMW, for example. Uh, I mean, they're running the entire electrical electric car fleet data collection on data fabric on Green Lake, right? Texas Children's Health on the on the healthcare side. Right On the public sector side, I was with with Carl Hunt yesterday. He's the CEO of County of Essex, New Jersey. So they are running the entire operations on Green Lake. So just if you look at it, Barclays the financial sector, right? I mean, they're running 100,000 workloads of three legs. So if you just look at the scale large companies, small companies, public sector in India, we have Steel Authority of India, which is the largest steel producer there. So, you know, we're seeing it across multiple industries. Multiple geography is great. Great uptake. >>Yeah. We were talking yesterday on our wrap up kind of dissecting through the news. I want to ask you the question that we were riffing on and see if we can get some clarity on it. If I'm a customer, CI or C so or buyer HP have been working with you or your team for for years. What's the value proposition? Finish this sentence. I work with HPV because blank because green like, brings new value proposition. What is that? Fill in that blank for >>me. So I mean, as we, uh, talked with us speaking with customers, customers are looking at alternatives at all times, right? Sometimes there's other providers on premises, sometimes as public cloud. And, uh, as we look at it, uh, I mean, we have value propositions across both. Right. So from a public cloud perspective, some of the challenges that our customers cr around latency around, uh, post predictability, right? That variability cost is really kind of like a challenge. It's around compliance, right? Uh, things of that nature is not open systems, right? I mean, sometimes, you know, they feel locked into a cloud provider, especially when they're using proprietary services. So those are some of the things that we have solved for them as compared to kind of like, you know, the other on premises vendors. I would say the marketplace that we spoke about earlier is huge differentiator. We have this huge marketplace. Now that's developing. Uh, we have high levels of automation that we have built, right, which is, uh, you know, which tells you about the TCO that we can drive for the customers. What? The other thing that is really cool that be introduced in the public in the private cloud is fungible itty across infrastructure. Right? So basically on the same infrastructure you can run. Um, virtual machines, containers, bare metals, any application he wants, you can decommission and commission the infrastructure on the fly. So what it does, is it no matter where it is? Uh, on premises, right? Yeah, earlier. I mean, if you think about it, the infrastructure was dedicated for a certain application. Now we're basically we have basically made it compose herbal, right? And that way, what? Really? Uh, that doesnt increases utilisation so you can get increased utilisation. High automation. What drives lower tco. So you've got a >>horizontal basically platform now that handle a variety of work and >>and these were close. Can sit anywhere to your point, right? I mean, we could have a four node workload out in a manufacturing setting multiple racks in a data centre, and it's all run by the same cloud prints, same software train. So it's really extensive. >>And you can call on the resources that you need for that particular workload. >>Exactly what you need them exactly. Right. >>Excellent. Give you the last word kind of takeaways from Discover. And where when we talk, when we sit down and talk next year, it's about where do you want to be? >>I mean, you know, I think, as you probably saw from discovered, this is, like, very different. Antonio did a live demo of our product, right? Uh, visual school, right? I mean, we haven't done that in a while, so I mean, you started. It >>didn't die like Bill Gates and demos. No, >>no, no, no. I think, uh, so I think you'll see more of that from us. I mean, I'm focused on three things, right? I'm focused on the cloud experience we spoke about. So what we are doing now is making sure that we increase the time for that, uh, make it very, you know, um, attractive to different industries to certifications like HIPAA, etcetera. So that's kind of one focus. So I just drive harder at that adoption of that of the private out, right across different industries and different customer segments. The second is more on the data and analytics I spoke about. You will have more and more analytic capabilities that you'll see, um, building upon data fabric as a service. And this is a marketplace. So that's like it's very specific is the three focus areas were driving hard. All right, we'll be watching >>number two. Instrumentation is really keen >>in the marketplace to I mean, you mentioned Mongo. Some other data platforms that we're going to see here. That's going to be, I think. Critical for Monetisation on the on on Green Lake. Absolutely. Uh, Michelle, thanks so much for coming back in the Cube. >>Thank you. Thanks for coming. All >>right, keep it right. There will be John, and I'll be back up to wrap up the day with a couple of heavies from I d. C. You're watching the cube. Mhm. Mm mm. Mhm.

>>When AWS introduced the modern cloud in 2006, many people didn't realize the impact that it would have on the industry, but some did see the future of an as a service economy coming. I mean, SAS offerings came out several years before. And the idea of applying some of these concepts to infrastructure and simplifying deployment and management, you know, kinda looked enticing to a lot of customers and a subscription model, or, but yet a consumption model was seen as a valuable proposition by many customers. Why not apply it to infrastructure? And why should the hyperscalers have all the fun welcome to at your storage service? My name is Dave ante. And as an analyst at the time, I was excited about the, as a service trend early on. And one of the companies that caught my attention back in the beginning of last decade was pure storage. >>Pure not only was delivering cloud- simplicity, but it's no forklift approach to infrastructure was ahead of its time. And that's why we're here today to dig into what's happening with the, as a service trends that we see popping up all over the world today, we're gonna dig into three sessions with noted experts in the field. First pre Darie is the general manager of the digital experience business unit at pure storage. He's gonna join us. And then we bring in Steve McDowell, Steve's a senior analyst for data and storage at more insights and strategy, a well known consultancy and analyst firm. And finally, we close with Amil sta Emil is the chief commercial officer and chief marketing officer at open line, open lines, a managed service provider. They serve the mid-market and Emil's got a very wide observation space. He's gonna share what he's seeing with customers. So sit back and enjoy the show. >>The cloud has popularized many useful concepts in the past decade, working backwards from the customer two pizza teams, a DevOps mindset, the shared responsibility model in security. And of course the shift from CapEx to OPEX and as a service consumption models. The last item is what we're here to talk about today. Pay for consumption is attractive because you're not over provisioning. At least not the way you used to you'd have to buy for peak capacity events, but there are always two sides to every story and well pay for use more closely ties. It consumption to business value procurement teams. Don't always love the uncertainty of the cloud bill each month, but consumption pricing. And as a service models are here to stay in software and hardware. Hello, I'm Dave ante and welcome to at your storage service made possible by pure storage. And with me is Pash DJI. Who's the general manager of the digital experience business unit at pure Pash. Welcome to the program. >>Thanks Dave. Thanks for having me. >>You bet. Okay. We've seen this shift to, as a service, the, as a service economy, subscription models, and this as a service movement have gained real momentum. It's it's clear over the past several years, what's driving this shift. Is it pressure from investors and technology companies that are chasing the all important ARR, their annual recurring revenue stream? Is it customer driven? Give us your insights. >>Well, look, um, I think we'll do some definitional stuff first. I think we often mix the definition of a subscription and a service, but, you know, subscription is, Hey, I can go for pay up front or pay as I go. Service is more about how do I not buy something just by the outcome. So, you know, the concept of delivering storage as a service means, what do you want in storage performance, capacity availability? Like that's what you want. Well, how do you get that without having to worry about the labor of planning capacity management, those labor elements are what's driving it. So I think in the world where you have to do more with less and in a world where security becomes increasingly important, where standardization will allow you to secure your landscape against ransomware and those types of things, those trends are driving the ation of storage and the only way to deliver that is storage as a service. >>So that's, that's good. You maybe thinking about it differently than some of the other companies that I talked to, but so you, you, you've made inroads here pretty big inroads actually, and changed the thinking in enterprise data storage with a huge emphasis on simplicity. That's really pures rayon Detra. How does storage as a service fit into your innovation agenda overall? >>Well, our innovation agenda started, as you mentioned with the simplicity, you know, a decade ago with the evergreen architecture, that architecture was beyond the box. How do you go ahead and say, I can improve performance or capacity as I need it? Well, that's a foundational element to deliver a service because once you have that technology, you can say, oh, you know what? You've subscribed to this performance level. You want to raise your performance level and yes, that'll be a higher dollar per gig or dollar per terabyte. But how do you do that without a data migration? How do you do that with a non disruptive service change? How do you do that with a delivery via a software update, those elements of non disruptive updates. When you think SAS, Salesforce, you don't know when Salesforce doesn't update, you don't know when they're increasing something, adding a new capability just shows up. It's not a disruptive event. So to drive that standardization and sation and service delivery, you need to keep that simplicity of delivery first and foremost, and you can't allow, like, if the goal was, I want to change from this service tier to that service tier and a person needed to show up and do a day data migration, that's kind of useless. You've broken the experience of flexibility for a customer. >>Okay. So I like the Salesforce analogy, but I wanna jump out, do a little side for a second. So I I've gotta, I've gotta make some commitment to pure, right. Some baseline commitment. And if I do, then I can dial up and pay for what I use and I can dial it down. Correct? Correct. Okay. I can't do that with Salesforce. <laugh> right. I could dial up, but then I'm stuck with those licenses. So you have a better model in Salesforce. I would argue. Okay. Yeah, >>I would, I would agree with that. >>Okay. So, and I gotta pay for everything up front anyway. Um, let's go back. I was kind of pushing at you a little bit at my upfront, you know, about, you know, the ARR model, the, the all important, you know, financial metric, but let's talk from the customers standpoint. What are the benefits of consuming storage as a service from your customer's perspective? >>Well, one is when you start your storage journey, do you really know what you need? And I would argue most of the time people are guessing, right? It's like, well, I think I need this. This is the performance I think I need. Or this is the capacity I think I need. And, you know, with the scientific method, you actually deploy something and you're like, do I need more? Do I need less? You find out as you're deploying. So in a storage as a service world, when you have the ability to move up performance levels or move out capacity levels, and you have that flexibility, then you have the ability to just to meet demand as you deploy. And that's the most important element of meeting business needs today. The applications you deploy are not in your control when you're providing storage to your end consumers. >>Yeah. They're gonna want different levels of storage. They're gonna want different performance thresholds. That's kind of a pay, you know, pay for performance type culture, right? You can use HR analogies for it. You pay for performance. You want top talent, you pay for it. You want top storage performance, you pay for it. Um, you don't, you can pay less and you can actually get lower performance, tiers, not everything is a tier one application. And you need the ability to deploy it. But when you start, how do you know the way your end customers are gonna be consuming? Or do you need a dictated upfront? Cause that's infrastructure dictating business inflexibility, and you never want to be in that position. >>I, I got another analogy for you. It's like, you know, we do a lot of hosting at our home and you know, like Thanksgiving, right? And you go to the liquor store and say, okay, what should I get? Should we get red wine? We gotta go white wine. We gotta get some beer. Should I get bubbles? Yeah, I get some bubbles. Cause you don't know what people are gonna have. And so you over provision everything <laugh> and then there's a run on bubbles and you're like, ah, we run outta bubbles. So you just over buy, but there's a liquor store that actually will take it back. So I gotta do business with those guys every time. Cuz it's way more flexible. I can dial up capacity or can dial up performance and dial it back down if I don't use it >>Or you or you're gonna be drinking a lot more the next few weeks. >>Yeah, exactly. Which is the last thing you want. Okay. So let's talk about how pure kind of meets this as a service demand. You've touched upon your, your differentiators from others in the market. Um, you know, love to hear about the momentum. What, what are you seeing out there? >>Yeah. Look, our business is growing well, largely built on, you know, what customers need. Um, specifically where the market is at today is there's a set of folks that are interested in the financial transformation of CapEx to OPEX, where like that definitely exists in the industry around how do I get a pay use model? The next kind of more advanced customer is interested in how do I go ahead and remove labor to deliver storage? And a service gets you there on top of a subscription. The most sophisticated customer says, how do I separate storage production with consumption and production of storage. Being a storage producer should be about standardization. So I could do policy based management. Why is that important? You know, coming back to some of the things I said earlier in the world where ransomware attacks are common, you need the standardized security policies. >>Linux has new vulnerabilities every, every other day, like find 2, 2, 3 critical vulnerabilities a week. How do you stay on top of it? The complexity of staying on top of it should be, look, let's standardize and make it a vendor problem. And assume the vendor's gonna deliver this to me. So that standardization allows you to have business policies that allow you to stay current and modern. I would argue in, you know, the traditional storage and appliance world, you buy something and the day a, the day after you buy it, it's worthless. It's like driving a car off a lot, right? The very next day, the car's not worth what it was when you bought it. Storage is the same way. So how do you ensure that your storage stays current? How do you ensure that it gets like a fine line that gets better, better with age? Well, if you're not buying storage and you're buying a performance SLA, it's up to the vendor to meet that SLA. So it actually never gets worse over time. This is the way you modernize technology and avoid technology debt as a customer. >>Yeah. I mean, just even though words you're using in the way you're thinking about this precaution, I think are, are, are different. Uh, and I love the concept of essentially taking my labor cost and transferring them to pures R and D I mean, that's essentially what you're talking about here. Um, so let's, let's, let's stick with the, the, the tech for a minute. What do you see as new or emerging technologies that are helping accelerate this shift toward the, as a service economy? >>Well, the first thing is I always tell people, you can't deliver a service without monitoring, because if you can't monitor something, how you're gonna know what your, whether you're meeting your service level obligation, right? So everything starts with data monitoring. The next step layering on the technology. Differentiation is if you need to deliver a service level, OB obligation on top of that data monitoring, you need the ability to flexibly, meet whatever performance obligations you have in a tight time window. So supply chain and being able to deliver anywhere becomes important. So if you use the analogy today of how Tesla works or a IOT system works, you have a SaaS management that actually provides instructions that push pushes those instructions and policies to the edge. In Tesla's case, that happens to be the car it'll push software updates to the car. It'll push new map updates to the car, but the car is running independently. >>It's not like if the car becomes disconnected from the internet, it's gonna crash and drive you off the road in the same way. What if you think about storage as something that needs to be wherever your application is? So people think about cloud as a destination. I think that's a fallacy. You have to think about the world in the world in the view of an application, an application needs data, and that data needs to sit in storage wherever that application sits. So for us, the storage system is just an edge device. It can be sitting in your data center, it can be sitting in a Equinix. It can be sitting in hosted, an MSP can run. It can, can even be sitting in the public cloud, but how do you have central monitoring and central management where you can push policies to update all those devices? >>Very similar to an I IOT system. So the technology advantage of doing that means that you can operate anywhere and ensure you have a consistent set of policies, a consistent set of protection, a consistent set of, you know, prevention against ransomware attack, regardless of your application, regardless of, uh, you know, where it sits, regardless of what content in you're on that approach is very similar to the way the T industry has been updating and monitoring edge devices, nest, thermostats, you know, Tesla cars, those types of things. That's the thinking that needs to come to. And that's the foundation on which we built PI as a service. >>So that implies, or at least I infer that you've obviously got control of the experience on Preem, but you're extending that, uh, into AWS, Google Azure, which suggests to me that you have to hide the underlying complexity of the primitives and APIs in that world. And then eventually, actually today, cuz you're treating everything like the edge out to the edge, you know, maybe, maybe mini pure at some point in time. But so I call that super cloud that abstraction layer that floats above all the clouds on-prem and adds that layer of value. And is this singular experience? What you're talking about pushing, you know, policy throughout, is that the right way to think about it and how does this impact the ability to deliver true storage as a service? >>Oh, uh, that's absolutely the right way of thinking about it. The things that you think about from a, an abstraction kind of fall in three buckets, first, you need management. So how do you ensure a consistent management experience creating volumes, deleting volumes, creating buckets, creating files, creating directories, like management of objects and create a consistent API across the entire landscape. The second one is monitoring, how do you measure utilization and performance obligations or capacity obligations or uh, you know, policy violations, wherever you're at. And then the third one is more of a business one, which is procurement because you can't do it independent of procurement. Meaning what happens when you run out, you need to increase your reserve commits. Do you want to go on demand? How do you integrate it into company's procurement models, such that you can say, I can use what I need and any, it's not like every change order is a request of procurement. That's gonna break an as a service delivery model. So to get embedded in a customer's landscape where they don't have to worry about storage, you have to provide that consistency on management, monitoring and procurement across the tech. And yes, this is deep technology problems, whether it's running our storage on AWS or Azure or running it on prem or, you know, at some point in the future, maybe even, um, you know, pure mini at the edge. Right. <laugh> so, you know, tho all of those things are tied to our pure, a service delivery. >>Yeah, technically non-trivial but uh, Hey, you guys are on it. Well, we gotta leave it there. Pash. Thank you. Great stuff. Really appreciate your time. >>All right. Thanks for having me, man. >>You're very welcome. Okay. In a moment, Steve McDowell from more insights and strategies, it's gonna give us the analyst perspective on, as a service, you're watching the cube, the leader in high tech enterprise coverage. >>Why are customers making the change to pure as a service >>Other vendors, offering flexible consumption models will promise you the world on the surface. It's just what you need. But then you notice the asterisk that dreaded fine print. That turns just what you need into long-term commitments, disruptive upgrades and unpredictable costs, pure storage, launched pure as a service to provide the flexibility to respond to your ever changing needs. With clear per unit costs, no large upfront purchases and no asterisks. A usage based model should be simple, innovative, and adapt with the changing market. Unlike other vendors, pure is offering exactly that with options, for service tiers and short term contracts in a single unified subscription that allows you to improve your discounts over time. Pure makes sure you can grow and upgrade without ever taking your environment offline and without the constant worry of hidden costs with complete billing, transparency, unlike any other, you only pay for what you use and pure one helps track and predict demand from day to day, making sure you never outgrow your storage. So why are customers making the change to pure as a service convenient solutions with unlimited potential without the dreaded fine print? It's as simple as that, >>We're back with Steve McDowell, the principal analyst for data and storage at more insights and strategy. Hey Steve, great to have you on, tell us a little bit about yourself. You got a really interesting background and kind of a blend of engineering and strategy and what's your research focus? >>Yeah, so my research, my focus area is data and storage and all the things around that, right? Whether it's OnPrim or cloud or, or, or, you know, software as a service. Uh, my background, as you said, is a blend, right? I grew up as an engineer. I started off as an OS developer at IBM. Uh, came up through the ranks and, and shifted over into corporate strategy and product marketing and product management. Uh, and I've been doing, uh, working as an industry analyst now for about five years, more insights and strategy. >>Steve, how do you see this playing out in the next three to five years? I mean, cloud got it all started. It's gonna snowballing, you know, however you look at it, percent of spending on storage that you think is gonna land in as a service. How, how do you see the evolution here? >>I think it buyers are looking at as a service, a consumption based is, is, uh, uh, you know, a natural model. It extends the data center, brings all of the flexibility, all of the goodness that I get from public cloud, but without all of the downside and uncertainty around cost and security and things like that, right. That also come with a public cloud and it's delivered by technology providers that I trust and that I know, and that I've worked with, you know, for, in some cases, decades. So I don't know that we have hard data on how much, uh, adoption there is of the model, but we do know that it's trending up, uh, you know, and every infrastructure provider at this point has some flavor of offering in the space. So it's, it's clearly popular with CIOs and, and it practitioners alike. >>So Steve organizations are at a they're different levels of maturity in their, their transformation journeys. And of course, as a result, they're gonna have different storage needs that are aligned with their bottom line business objectives. From an it buyer perspective, you may have data on this, even if it's anecdotal, where does storage as a service actually fit in and can it be a growth lever >>Can absolutely be, uh, a growth leader. Uh, it, it gives me the flexibility as, as an it architect to scale my business over time, without worrying about how much money I have to invest in, in storage hardware. Right? So I, I get kind of, again, that cloudlike flexibility in terms of procurement and deployment. Uh, but it gives me that control by oftentimes being on site within my permit. And I manage it like a storage array that I own. Uh, so you know, it, it's, it's beautiful for, for organizations that are scaling and, and it's equally nice for organizations that just wanna manage and control cost over time. Um, so it's, it's a model that makes a lot of sense and fits and, and certainly growing in adoption and popularity. >>How about from a technology vendor perspective you've worked for in the, in the tech industry mm-hmm <affirmative> for, for companies? What do you think is gonna define the winners and losers in this space? If you were running strategy for, uh, storage company, what would you say? >>I, I think the days of, of a storage administrator managing, you know, rate levels and recovering and things of that sort are over, right, what would, what these organizations like pure delivering, but they're offerings is, is simplicity. It's a push button approach to deploying storage to the applications and workloads that need it, right. It becomes storage as a utility. So it's not just the, you know, the consumption based economic model of, of, uh, as a service. Uh, it, it's also the manageability that comes with that, or the flexibility of management that comes with that. I can push a button, deploy bites to, to, uh, you know, a workload that needs it. Um, and it just becomes very simple, right. For the storage administrator in a way that, you know, kind of old school OnPrim storage can't really deliver. >>You know, I wanna, I wanna ask you, I mean, I've been thinking about this because again, a lot of companies are, are, you know, moving, hopping on the, as a service bandwagon, I feel like, okay, in and of itself, that's not where the innovation lives, the innovation is gonna come from making that singular experience from on-prem to the clouds across clouds, maybe eventually out to the edge. Um, do you, do you, where do you see the innovation in as a service? >>Well, there there's two levels of innovation, right? One, one is business model innovation, right? I, I now have an organizational flexibility to build the infrastructure, to support my digital transformation efforts. Um, but on the product side and the offering side, it really is, as you said, it's about the integration of experience. Every enterprise today touches a cloud in some way, shape or form, right. I have data spread, not just in my data center, but at the edge, uh, oftentimes in a public cloud, maybe a private cloud, I don't know where my data is and it really lands on the storage providers to help me manage that and deliver that, uh, uh, manageability experience, uh, to, to the it administrators. So when I look at innovation in this space, you know, it's not just a storage array and rack that I'm leasing, right? This is not another lease model. It's really fully integrated, you know, end to end management of my data and, and, you know, and all of the things around that. >>Yeah. So you, to your point about a lease model is if you're doing a lease, you know, yeah. You can shift CapEx to OPEX, but you're still committed to, to, you have to over provision, whereas here, and I wanted to ask you about that. It's, it's, it's, it's an interesting model, right? Cuz you gotta read the fine print. Of course the fine print says you gotta commit to some level typically. And then if, you know, if you go over you, you charge for what you use and you can scale that back down and that's, that's gotta be very attractive for folks. I, I wonder if you will ever see like true cloud-like consumption pricing, that is two edges to it. Right. You see consumption based pricing in some of the software models and you know yeah. People like it, the lines of business maybe cuz they pay in by the drink, but then procurement hates it cuz they don't have predictability. How do you see the pricing models? Do you see that maturing or do you think we're sort of locked in on, on where we're at? >>No, I, I do. I do see that maturing. Right? And, and when you work with a company like pure to understand their consumption based and as a service offerings, uh, it, it really is sitting down and understanding where your data needs are going to scale, right? You, you buy in at a certain level, uh, you have capacity planning. You can expand if you need to, you can shrink if you need to. So it really does put more control in the hands of the it buyer than uh, well certainly then traditional CapEx based on-prem but also more control than you would get, you know, working with an Amazon or an Azure. >>Okay. Thanks Steve. We'll leave it there for now. I'd love to have you back. Keep it right there at your storage service continues in a moment. >>Some things are meant to last your storage should be one of them say hello to the evergreen storage program, say goodbye to refreshes and rebates. Forget planned downtime, performance impact and data migrations. Forget forklift upgrades. Evergreen storage starts with your agile storage architecture and covers the entire life cycle of the array from first purchase to ongoing use. And whenever it's time to modernize and grow, your satisfaction is covered with an evergreen subscription. You can get a full refund within 30 days for any reason, >>Our right size guarantee lets you buy just the storage you need never too much. Never not enough. Your array software is all inclusive. Even future releases and features maintenance and support costs remain constant throughout the life of your array. Proactive expert support is a true white glove experience. Evergreen maintenance ensures availability of any replacement components. Meet the demands of your business and protect your investment. Evergreen gold includes controller upgrades every three years. And if something unplanned comes up, evergreen gold provides upgrade flex the leading anytime upgrade feature to upgrade controllers whenever you need it. As you expand evergreen gold provides credits to consolidate storage with denser more modern flash. Evergreen is your subscription to continuous innovation for storage that lasts 10 years or more. Some things are meant to last make your storage. One of them >>We're back at your storage service. Emil Stan is here. He's the chief commercial officer and chief marketing officer of open line. Thank you Emil for coming on the cube. Appreciate your time. >>Thank you, David. Nice. Uh, glad to be here. >>Yes. Yeah. So tell us about open line. You're a managed service provider. What's your focus? >>Yeah, we're actually a cloud managed service provider and I do put cloud in front of the managed services because it's not just only the spheres that we manage. We have to manage the clouds as well nowadays. And then unfortunately, everybody only thinks there's one cloud, but it's always multiple layers in the cloud. So we have a lot of work in integrating it. We're a cloud manages provider in the Netherlands, focusing on, uh, companies who have head office in the Netherlands, mainly in the, uh, healthcare local government, social housing logistics department. And then in the midst size companies between say 250 to 10,000 office employees. Uh, and that's what we do. We provide 'em with excellent cloud managed services, uh, as it should be >>Interesting, you know, a lot early on in the cloud days, highly regulated industries like healthcare government were somewhat afraid of the cloud. So I'm sure that's one of the ways in which you provide value to your customers is helping them become cloud proficient. Maybe you could talk a little bit more about the value prop to customers. Why do they do business with you? >>And I think, uh, there are a number of reasons why they do business with us or choose to choose for our manage services provider that first of course are looking for stability and continuity. Uh, and, and from a cost perspective, predict predictable costs. But nowadays you also have a shortage in personnel and knowledge. So, and it's not always very easy for them to access, uh, those skill sets because most it, people just want to have, uh, a great variety in work, what they are doing, uh, towards, towards the local government, uh, healthcare, social housing. They actually, uh, a sector that, uh, that are really in between embracing the public cloud, but also have a lot of legacy and, and bringing together best of all, worlds is what we do. So we also bring them comfort. We do understand what legacy, uh, needs from a manager's perspective. We also know how to leverage the benefits in the public cloud. Uh, and, uh, I'd say from a marketing perspective, actually we focus on using an ideal cloud, being a mix of traditional and future based cloud. >>Thank you. I, you know, I'd like to get your perspective on this idea of as a service and the, as a service economy that we often talk about on the cube. I mean, you work with a lot of different companies. We talked about some of the industries and, and increasingly it seems like organizations are focused more on outcomes, continuous value delivery via, you know, suites of services and, and they're leaning into platforms versus one off product offerings, you know, do you see that? How do you see your customers reacting to this as a service trend? >>Yeah. Uh, to be honest, sometimes it makes it more complex because services like, look at your Android or iPhone, you can buy apps, uh, and download apps the way you want to. So they have a lot of apps about how do you integrate it into one excellent workflow, something that works for you, David or works for me. Uh, so the difficulty, some sometimes lies in, uh, the easy accessibility that you have to those solutions, but nobody takes into account that they're all part of a chain, a workflow supply chain, uh, and, and, uh, they're being hyped as well. So what we also have a lot of time in, in, in, in managing our customers is that the tremendous feature push feature push that there is from technology providers, SaaS providers. Whereas if you provide 10 features, you only need one or two, uh, but the other eight are very distracting from your prime core business. Uh, so there's a natural way in that people are embracing, uh, SA solutions, embracing cloud solutions. Uh, but what's not taken into account as much is that we love to see it is the way that you integrate all those solutions toward something that's workable for the person that's actually using them. And it's seldomly that somebody is only using one solution. There's always a chain of solutions. Um, so yeah, there are a lot of opportunities, but also a lot of challenges for us, but also for our customers, >>You see that trend toward, as a service continuing, or do you actually see based on what you're just saying that pendulum, you know, swinging back and forth, somebody comes out with a new sort of feature product and that, you know, changes the dynamic or do you see as a service really having legs? >>Ah, I, I think that's very, very good question, David, because that's something that's keeping our busy all the time. We do see a trend in a service looking at, uh, talk about pure later on. We also use pure as a service more or less. Yeah. And that really helps us. Uh, but you see, uh, um, that sometimes people make a step too, too fast, too quick, not well thought of, and then you see what they call sort of cloud repatriation, tend that people go back to what they're doing and then they stop innovating or stop leveraging. The possibilities are actually there. Uh, so from our consultancy, our guidance and architecture point of view, we try to help them as much as possible to think in a SA thought, but just don't use the, cloud's just another data center. Uh, and so it's all about managing the maturity on our side, but on our customer side as well. >>So I'm interested in how your sort of your philosophy and, and as relates, I think in, in, in terms of how you work with pure, but how do you stay tightly in lockstep with your customers so that you don't over rotate so that you don't and send them to over rotate, but then you're not also, you don't wanna be too late to the game. How, how do you manage all that? >>Oh, there's, there's, there's a world of interactions between us and our customers. And so I think a well known, uh, uh, thing that people is customer intimacy. That's very important for us to get to know our customers and get to predict which way they're moving. But the, the thing that we add to it is also the ecosystem intimacy. So no, the application and services landscape, our customers know the primary providers and work with them, uh, to, to, to create something that, that really fits the customers. They just not looked at from our own silo where a cloud managed service provider that we actually work in the ecosystem with, with, with, with the primary providers. And we have, I think with the average customers, I think we have, uh, uh, in a month we have so much interactions on our operational level and technical levels, strategic level. >>We do bring together our customers also, and to jointly think about what we can do together, what we independently can never reach. Uh, but we also involve our customers in, uh, defining our own strategy. So we have something we call a customer involvement board. So we present a strategy and say, does it make sense? Eh, this is actually what you need also. So we take a lot of our efforts into our customers and we do also, uh, understand the significant moments of truth. We are now in this, in this broadcast, David there. So you can imagine that at this moment, not thinking go wrong. Yeah. If, if, if the internet stops that we have a problem. And now, so we, we actually know that this broadcast is going on for our customers and we manage that. It's always on, uh, uh, where in the other moments in the week, we might have a little less attention, but this moment we should be there. And these moments of truth that we really embrace, we got them well described. Everybody working out line knows what the moment of truth is for our customers. Uh, uh, so we have a big logistics provider. For instance, you does not have to ask us to, uh, have, uh, a higher availability on black Friday or cyber Monday. We know that's the most important part in the year for him or her. Does it answer your question, David? >>Yes. We know as well. You know, when these big, the big game moments you have to be on your top, uh, top of your game, uh, you know, the other thing Emil about this as a service approach that I really like is, is it's a lot of it is consumption based and the data doesn't lie, you can see adoption, you know, daily, weekly, monthly. And so I wonder how you're leveraging pure as a service specifically in what kind of patterns you're seeing in, in, in the adoption. >>Uh, yeah, pure as a service for our customers is mainly never visible. Uh, we provide storage services to provide storage solutions, storage over is part of a bigger thing of a server of application. Uh, so the real benefits, to be honest, of course, towards our customer, it's all flash, uh, uh, and they have the fastest, fastest storage is available. But for ourself, we, uh, we use less resources to manage our storage. We have far more that we have a near to maintenance free storage solution now because we have it as a service and we work closely together with pure. Uh, so, uh, actually the way we treat our customers is that way pure treats us as well. And that's why there's a used click. So the real benefits, uh, uh, how we leverage is it normally we had a bunch of guys managing our storage. Now we only have one and knowing that's a shortage of it, personnel, the other persons can well be, uh, involved in other parts of our services or in other parts of an innovation. So, uh, that's simply great. >>You know, um, my takeaway the meal is that you've made infrastructure, at least, least the storage infrastructure, invisible to your customers, which is the way it should be. You didn't have to worry about it. And you've, you've also attacked the, the labor problem. You're not, you know, provisioning lungs anymore, or, you know, tuning the storage, you know, with, with arms and legs. So that's huge. So that gets me into the next topic, which is business transformation. That, that means that I can now start to attack the operational model. So I've got a different it model. Now I'm not managing infrastructure same way. So I have to shift those resources. And I'm presuming that it's a bus now becomes a business transformation discussion. How are you seeing your customers shift those resources and focus more on their business as a result of this sort of as a service trend? >>I think I do not know if they, they transform their business. Thanks to us. I think that they can more leverage their own business. They have less problems, less maintenance, et cetera, cetera, but we also add new, uh, certainties to it, like, uh, uh, the, the latest service we we released was imutable storage being the first in the Netherlands offering this thanks to, uh, thanks to the pure technology, but for customers, it takes them to give them a good night rest because, you know, we have some, uh, geopolitical issues in the world. Uh, there's a lot of hacking. People have a lot of ransomware attacks and, and we just give them a good night rest. So from a business transformation, does it transform their business? I think that gives them a comfort in running your business, knowing that certain things are well arranged. You don't have to worry about that. We will do that. We'll take it out of your hands and you just go ahead and run your business. Um, so to me, it's not really a transformation is just using the right opportunities at the right moment. >>The imutable piece is interesting because, because, but speaking of as a service, you know, anybody can go on the dark web and buy ransomware as a service. I mean, as it's seeing the, as a service economy hit, hit everywhere, the good and the, and the not so good. Um, and so I presume that your customers are, are looking at, I imutability as another service capability of the service offering and really rethinking, maybe because of the recent, you know, ransomware attacks, rethinking how they, they approach, uh, business continuance, business resilience, disaster recovery. Do you see that? >>Yep, definitely. Definitely. I tell not all of them yet. Imutable storage. So it's like an insurance as well, which you have when you have imutable storage and you have been, you have a ransomware attack at least have you part of data, which never, if data is corrupted, you cannot restore it. If your hardware is broken, you can order new hardware. Every data is corrupted. You cannot order new data. Now we got that safe and well. And so we offer them the possibility to, to do the forensics and free up their, uh, the data without tremendous loss of time. Uh, but you also see that you raise the new, uh, how do you say, uh, the new baseline for other providers as well? Eh, so there's security of the corporate information security officer, the CIO, they're all very happy with that. And they, they, they raise the baseline for us as well. So they can look at other security topics and look from say, security operation center. Cuz now we can really focus on our prime business risks because from a technical perspective, we got it covered. How can we manage the business risk, uh, which is a combination of people, processes and technology. >>Right. Makes sense. Okay. I'll give you the last word. Uh, talk about your relationship with pure, where you wanna see that that going in the future. >>Uh, I hope we've be working together for a long time. Uh, I, I ex experienced them very involved. Uh, it's not, we have done the sell and now it's all up to you now. We were closely working together. I know if I talk to my prime architect, Marcel height is very happy and it looks a little more or less if we work with pure, like we're working with colleagues, not with a supplier and a customer, uh, and uh, the whole pure concept is fascinating. Uh, I, uh, I had the opportunity to visit San Francisco head office and they told me to fish in how they launched, uh, pure being, if you want to implement it, it had to be on one credit card. The, the, the menu had to be on one credit card. Just a simple thought of put that as your big area, audacious goal to make the simplest, uh, implementable storage available. But for us, uh, it gives me the expectation that there will be a lot of more surprises with pur in the near future. Uh, and for us as a provider, what we, uh, literally really look forward to is that, that for us, these new developments will not be new migrations. It will be a gradual growth of our services or storage services. Uh, so that's what I expect. And that was what I, and we look forward to. >>Yeah, that's great. Uh, thank you so much, Emil, for coming on the, the cube and, and sharing your thoughts and best of luck to you in the future. >>Thank you. You're welcome. Thanks for having me. >>You're very welcome. Okay. In a moment, I'll be back to give you some closing thoughts on at your storage service. You're watching the cube, the leader in high tech enterprise coverage. >>Welcome to evergreen, a place where organizations grow and thrive rooted in the modern data experience in evergreen people find a seamless, simple way to leverage data through market leading sustainable technology, financial flexibility, and effortless management, allowing everyone to innovate with data confidently. Welcome to pure storage. >>Now, if you're interested in hearing more about Pure's growing portfolio of technology and services and how they're transforming the enterprise data experience, be sure to register for pure accelerate tech Fest. 22 digital event is also taking place as an in-person event. On June 8th, you can register at pure storage.com/accelerate, pure storage.com/accelerate. You're watching the cue, the leader in enterprise and emerging tech coverage.

(soft intro music) >> Welcome back to theCUBE's coverage of VeeamON 2022. Dave Vellante with David Nicholson. Brian Schwarz is here. We're going to stay on cloud. He's the director of product management at Google Cloud. The world's biggest cloud, I contend. Brian, thanks for coming on theCUBE. >> Thanks for having me. Super excited to be here. >> Long time infrastructure as a service background, worked at Pure, worked at Cisco, Silicon Valley guy, techie. So we're going to get into it here. >> I love it. >> I was saying before, off camera. We used to go to Google Cloud Next every year. It was an awesome show. Guys built a big set for us. You joined, right as the pandemic hit. So we've been out of touch a little bit. It's hard to... You know, you got one eye on the virtual event, but give us the update on Google Cloud. What's happening generally and specifically within storage? >> Yeah. So obviously the Cloud got a big boost during the pandemic because a lot of work went online. You know, more things kind of being digitally transformed as people keep trying to innovate. So obviously the growth of Google Cloud, has got a big tailwind to it. So business has been really good, lots of R&D investment. We obviously have an incredible set of technology already but still huge investments in new technologies that we've been bringing out over the past couple of years. It's great to get back out to events to talk to people about 'em. Been a little hard the last couple of years to give people some of the insights. When I think about storage, huge investments, one of the things that some people know but I think it's probably underappreciated is we use the same infrastructure for Google Cloud that is used for Google consumer products. So Search and Photos and all the public kind of things that most people are familiar with, Maps, et cetera. Same infrastructure at the same time is also used for Google Cloud. So we just have this tremendous capability of infrastructure. Google's got nine products that have a billion users most of which many people know. So we're pretty good at storage pretty good at compute, pretty good at networking. Obviously a lot of that kind of shines through on Google Cloud for enterprises to bring their applications, lift and shift and/or modernize, build new stuff in the Cloud with containers and things like that. >> Yeah, hence my contention that Google has the biggest cloud in the world, like I said before. Doesn't have the most IS revenue 'cause that's a different business. You can't comment, but I've got Google Cloud running at $12 billion a year run rate. So a lot of times people go, "Oh yeah, Google they're third place going for the bronze." But that is a huge business. There aren't a lot of 10, $12 billion infrastructure companies. >> In a rapidly growing market. >> And if you do some back of napkin math, whatever, give me 10, 15, let's call it 15% of that, to storage. You've got a big storage business. I know you can't tell us how big, but it's big. And if you add in all the stuff that's not in GCP, you do a lot of storage. So you know storage, you understand the technology. So what is the state of technology? You have a background in Cisco, nearly a networking company, they used to do some storage stuff sort of on the side. We used to say they're going to buy NetApp, of course that never happened. That would've made no sense. Pure Storage, obviously knows storage, but they were a disk array company essentially. Cloud storage, what's different about it? What's different in the technology? How does Google think about it? >> You know, I always like to tell people there's some things that are the same and familiar to you, and there's some things that are different. If I start with some of the differences, object storage in the Cloud, like just fundamentally different. Object storage on-prem, it's been around for a while, often used as kind of like a third tier of storage, maybe a backup target, compliance, something like that. In the cloud, object storage is Tier one storage. Public reference for us, Spotify, okay, use object storage for all the songs out there. And increasingly we see a lot of growth in-- >> Well, how are you defining Tier one storage in that regard? Again, are you thinking streaming service? Okay. Fine. Transactional? >> Spotify goes down and I'm pissed. >> Yeah. This is true. (Dave laughing) >> Not just you, maybe a few million other people too. One is importance, business importance. Tier one applications like critical to the business, like business down type stuff. But even if you look at it for performance, for capabilities, object storage in the cloud, it's a different thing than it was. >> Because of the architecture that you're deploying? >> Yeah. And the applications that we see running on it. Obviously, a huge growth in our business in AI and analytics. Obviously, Google's pretty well known in both spaces, BigQuery, obviously on the analytics side, big massive data warehouses and obviously-- >> Gets very high marks from customers. >> Yeah, very well regarded, super successful, super popular with our customers in Google Cloud. And then obviously AI as well. A lot of AI is about getting structure from unstructured data. Autonomous vehicles getting pictures and videos around the world. Speech recognition, audio is a fundamentally analog signal. You're trying to train computers to basically deal with analog things and it's all stored in object storage, machine learning on top of it, creating all the insights, and frankly things that computers can deal with. Getting structure out of the unstructured data. So you just see performance capabilities, importance as it's really a Tier one storage, much like file and block is where have kind of always been. >> Depending on, right, the importance. Because I mean, it's a fair question, right? Because we're used to thinking, "Oh, you're running your Oracle transaction database on block storage." That's Tier one. But Spotify's pretty important business. And again, on BigQuery, it is a cloud-native born in the cloud database, a lot of the cloud databases aren't, right? And that's one of the reasons why BigQuery is-- >> Google's really had a lot of success taking technologies that were built for some of the consumer services that we build and turning them into cloud-native Google Cloud. Like HDFS, who we were talking about, open source technologies came originally from the Google file system. Now we have a new version of it that we run internally called Colossus, incredible technologies that are cloud scale technologies that you can use to build things like Google Cloud storage. >> I remember one of the early Hadoop worlds, I was talking to a Google engineer and saying, "Well, wow, that's so cool that Hadoop came. You guys were the main spring of that." He goes, "Oh, we're way past Hadoop now." So this is early days of Hadoop (laughs) >> It's funny whenever Google says consumer services, usually consumer indicates just for me. But no, a consumer service for Google is at a scale that almost no business needs at a point in time. So you're not taking something and scaling it up-- >> Yeah. They're Tier one services-- for sure. >> Exactly. You're more often pairing it down so that a fortune 10 company can (laughs) leverage it. >> So let's dig into data protection in the Cloud, disaster recovery in the Cloud, Ransomware protection and then let's get into why Google. Maybe you could give us the trends that you're seeing, how you guys approach it, and why Google. >> Yeah. One of the things I always tell people, there's certain best practices and principles from on-prem that are just still applicable in the Cloud. And one of 'em is just fundamentals around recovery point objective and recovery time objective. You should know, for your apps, what you need, you should tier your apps, get best practice around them and think about those in the Cloud as well. The concept of RPO and RTO don't just magically go away just 'cause you're running in the Cloud. You should think about these things. And it's one of the reasons we're here at the VeeamON event. It's important, obviously, they have a tremendous skill in technology, but helping customers implement the right RPO and RTO for their different applications. And they also help do that in Google Cloud. So we have a great partnership with them, two main offerings that they offer in Google. One is integration for their on-prem things to use, basically Google as a backup target or DR target and then cloud-native backups they have some technologies, Veeam backup for Google. And obviously they also bought Kasten a while ago. 'Cause they also got excited about the container trend and obviously great technologies for those customers to use those in Google Cloud as well. >> So RPO and RTO is kind of IT terms, right? But we think of them as sort of the business requirement. Here's the business language. How much data are you willing to lose? And the business person says, "What? I don't want to lose any data." Oh, how big's your budget, right? Oh, okay. That's RPO. RTO is how fast you want to get it back? "How fast do you want to get it back if there's an outage?" "Instantly." "How much money do you want to spend on that?" "Oh." Okay. And then your application value will determine that. Okay. So that's what RPO and RTO is for those who you may not know that. Sometimes we get into the acronym too much. Okay. Why Google Cloud? >> Yeah. When I think about some of the infrastructure Google has and like why does it matter to a customer of Google Cloud? The first couple things I usually talk about is networking and storage. Compute's awesome, we can talk about containers and Kubernetes in a little bit, but if you just think about core infrastructure, networking, Google's got one of the biggest networks in the world, obviously to service all these consumer applications. Two things that I often tell people about the Google network, one, just tremendous backbone bandwidth across the regions. One of the things to think about with data protection, it's a large data set. When you're going to do recoveries, you're pushing lots of terabytes often and big pipes matter. Like it helps you hit the right recovery time objective 'cause you, "I want to do a restore across the country." You need good networks. And obviously Google has a tremendous network. I think we have like 20 subsea cables that we've built underneath the the world's oceans to connect the world on the internet. >> Awesome. >> The other thing that I think is really underappreciated about the Google network is how quickly you get into it. One of the reasons all the consumer apps have such good response time is there's a local access point to get into the Google network somewhere close to you almost anywhere in the world. I'm sure you can find some obscure place where we don't have an access point, but look Search and Photos and Maps and Workspace, they all work so well because you get in the Google network fast, local access points and then we can control the quality of service. And that underlying substrate is the same substrate we have in Google Cloud. So the network is number one. Second one in storage, we have some really incredible capabilities in cloud storage, particularly around our dual region and multi-region buckets. The multi-region bucket, the way I describe it to people, it's a continent sized bucket. Single bucket name, strongly consistent that basically spans a continent. It's in some senses a little bit of the Nirvana of storage. No more DR failover, right? In a lot of places, traditionally on-prem but even other clouds, two buckets, failover, right? Orchestration, set up. Whenever you do orchestration, the DR is a lot more complicated. You got to do more fire drills, make sure it works. We have this capability to have a single name space that spans regions and it has strong read after write consistency, everything you drop into it you can read back immediately. >> Say I'm on the west coast and I have a little bit of an on-premises data center still and I'm using Veeam to back something up and I'm using storage within GCP. Trace out exactly what you mean by that in terms of a continent sized bucket. Updates going to the recovery volume, for lack of a better term, in GCP. Where is that physically? If I'm on the west coast, what does that look like? >> Two main options. It depends again on what your business goals are. First option is you pick a regional bucket, multiple zones in a Google Cloud region are going to store your data. It's resilient 'cause there's three zones in the region but it's all in one region. And then your second option is this multi-region bucket, where we're basically taking a set of the Google Cloud regions from around North America and storing your data basically in the continent, multiple copies of your data. And that's great because if you want to protect yourself from a regional outage, right? Earthquake, natural disaster of some sort, this multi-region, it basically gives you this DR protection for free and it's... Well, it's not free 'cause you have to pay for it of course, but it's a free from a failover perspective. Single name space, your app doesn't need to know. You restart the app on the east coast, same bucket name. >> Right. That's good. >> Read and write instantly out of the bucket. >> Cool. What are you doing with Veeam? >> So we have this great partnership, obviously for data protection and DR. And I really often segment the conversation into two pieces. One is for traditional on-prem customers who essentially want to use the Cloud as either a backup or a DR target. Traditional Veeam backup and replication supports Google Cloud targets. You can write to cloud storage. Some of these advantages I mentioned. Our archive storage, really cheap. We just actually lowered the price for archive storage quite significantly, roughly a third of what you find in some of the other competitive clouds if you look at the capabilities. Our archive class storage, fast recovery time, right? Fast latency, no hours to kind of rehydrate. >> Good. Storage in the cloud is overpriced. >> Yeah. >> It is. It is historically overpriced despite all the rhetoric. Good. I didn't know that. I'm glad to hear. >> Yeah. So the archive class store, so you essentially read and write into this bucket and restore. So it's often one of the things I joke with people about. I live in Silicon Valley, I still see the tape truck driving around. I really think people can really modernize these environments and use the cloud as a backup target. You get a copy of your data off-prem. >> Don't you guys use tape? >> Well, we don't talk a lot about-- >> No comment. Just checking. >> And just to be clear, when he says cloud storage is overpriced, he thinks that a postage stamp is overpriced, right? >> No. >> If I give you 50 cents, are you going to deliver a letter cross country? No. Cloud storage, it's not overpriced. >> Okay. (David laughing) We're going to have that conversation. I think it's historically overpriced. I think it could be more attractive, relative to the cost of the underlying technology. So good for you guys pushing prices. >> Yeah. So this archive class storage, is one great area. The second area we really work with Veeam is protecting cloud-native workloads. So increasingly customers are running workloads in the Cloud, they run VMware in the Cloud, they run normal VMs, they run containers. Veeam has two offerings in Google that essentially help customers protect that data, hit their RPO, RTO objectives. Another thing that is not different in the Cloud is the need to meet your compliance regulations, right? So having a product like Veeam that is easy to show back to your auditor, to your regulator to make sure that you have copies of your data, that you can hit an appropriate recovery time objective if you're in finance or healthcare, energy. So there's some really good Veeam technologies that work in Google Cloud to protect applications that actually run in Google Cloud all in. >> To your point about the tape truck I was kind of tongue in cheek, but I know you guys use tape. But the point is you shouldn't have to call the tape truck, right, you should go to Google and say, "Okay. I need my data back." Now having said that sometimes the highest bandwidth in the world is putting all this stuff on the truck. Is there an option for that? >> Again, it gets back to this networking capability that I mentioned. Yes. People do like to joke about, okay, trucks and trains and things can have a lot of bandwidth, big networks can push a lot of data around, obviously. >> And you got a big network. >> We got a huge network. So if you want to push... I've seen statistics. You can do terabits a second to a single Google Cloud storage bucket, super computing type performance inside Google Cloud, which from a scale perspective, whether it be network compute, these are things scale. If there's one thing that Google's really, really good at, it's really high scale. >> If your's companies can't afford to. >> Yeah, if you're that sensitive, avoid moving the data altogether. If you're that sensitive, have your recovery capability be in GCP. >> Yeah. Well, and again-- >> So that when you're recovering you're not having to move data. >> It's approximate to, yeah. That's the point. >> Recovering GCV, fail over your VMware cluster. >> Exactly. >> And use the cloud as a DR target. >> We got very little time but can you just give us a rundown of your portfolio in storage? >> Yeah. So storage, cloud storage for object storage got a bunch of regional options and classes of storage, like I mentioned, archive storage. Our first party offerings in the file area, our file store, basic enterprise and high scale, which is really for highly concurrent paralyzed applications. Persistent disk is our block storage offering. We also have a very high performance cash block storage offering and local SSDs. So that's the main kind of food groups of storage, block file object, increasingly doing a lot of work in data protection and in transfer and distributed cloud environments where the edge of the cloud is pushing outside the cloud regions themselves. But those are our products. Also, we spend a lot of time with our partners 'cause Google's really good at building and open sourcing and partnering at the same time hence with Veeam, obviously with file. We partner with NetApp and Dell and a bunch of folks. So there's a lot of partnerships we have that are important to us as well. >> Yeah. You know, we didn't get into Kubernetes, a great example of open source, Istio, Anthos, we didn't talk about the on-prem stuff. So Brian we'll have to have you back and chat about those things. >> I look forward to it. >> To quote my friend Matt baker, it's not a zero sum game out there and it's great to see Google pushing the technology. Thanks so much for coming on. All right. And thank you for watching. Keep it right there. Our next guest will be up shortly. This is Dave Vellante for Dave Nicholson. We're live at VeeamON 2022 and we'll be right back. (soft beats music)

>> From theCUBE Studios in Palo Alto and Boston, bringing you data driven insights from theCUBE in ETR, this is Breaking Analysis with Dave Vellante. >> The introduction in socialization of data mesh has caused practitioners, business technology executives, and technologists to pause, and ask some probing questions about the organization of their data teams, their data strategies, future investments, and their current architectural approaches. Some in the technology community have embraced the concept, others have twisted the definition, while still others remain oblivious to the momentum building around data mesh. Here we are in the early days of data mesh adoption. Organizations that have taken the plunge will tell you that aligning stakeholders is a non-trivial effort, but necessary to break through the limitations that monolithic data architectures and highly specialized teams have imposed over frustrated business and domain leaders. However, practical data mesh examples often lie in the eyes of the implementer, and may not strictly adhere to the principles of data mesh. Now, part of the problem is lack of open technologies and standards that can accelerate adoption and reduce friction, and that's what we're going to talk about today. Some of the key technology and architecture questions around data mesh. Hello, and welcome to this week's Wikibon CUBE Insights powered by ETR, and in this Breaking Analysis, we welcome back the founder of data mesh and director of Emerging Technologies at Thoughtworks, Zhamak Dehghani. Hello, Zhamak. Thanks for being here today. >> Hi Dave, thank you for having me back. It's always a delight to connect and have a conversation. Thank you. >> Great, looking forward to it. Okay, so before we get into it in the technology details, I just want to quickly share some data from our friends at ETR. You know, despite the importance of data initiative since the pandemic, CIOs and IT organizations have had to juggle of course, a few other priorities, this is why in the survey data, cyber and cloud computing are rated as two most important priorities. Analytics and machine learning, and AI, which are kind of data topics, still make the top of the list, well ahead of many other categories. And look, a sound data architecture and strategy is fundamental to digital transformations, and much of the past two years, as we've often said, has been like a forced march into digital. So while organizations are moving forward, they really have to think hard about the data architecture decisions that they make, because it's going to impact them, Zhamak, for years to come, isn't it? >> Yes, absolutely. I mean, we are moving really from, slowly moving from reason based logical algorithmic to model based computation and decision making, where we exploit the patterns and signals within the data. So data becomes a very important ingredient, of not only decision making, and analytics and discovering trends, but also the features and applications that we build for the future. So we can't really ignore it, and as we see, some of the existing challenges around getting value from data is not necessarily that no longer is access to computation, is actually access to trustworthy, reliable data at scale. >> Yeah, and you see these domains coming together with the cloud and obviously it has to be secure and trusted, and that's why we're here today talking about data mesh. So let's get into it. Zhamak, first, your new book is out, 'Data Mesh: Delivering Data-Driven Value at Scale' just recently published, so congratulations on getting that done, awesome. Now in a recent presentation, you pulled excerpts from the book and we're going to talk through some of the technology and architectural considerations. Just quickly for the audience, four principles of data mesh. Domain driven ownership, data as product, self-served data platform and federated computational governance. So I want to start with self-serve platform and some of the data that you shared recently. You say that, "Data mesh serves autonomous domain oriented teams versus existing platforms, which serve a centralized team." Can you elaborate? >> Sure. I mean the role of the platform is to lower the cognitive load for domain teams, for people who are focusing on the business outcomes, the technologies that are building the applications, to really lower the cognitive load for them, to be able to work with data. Whether they are building analytics, automated decision making, intelligent modeling. They need to be able to get access to data and use it. So the role of the platform, I guess, just stepping back for a moment is to empower and enable these teams. Data mesh by definition is a scale out model. It's a decentralized model that wants to give autonomy to cross-functional teams. So it is core requires a set of tools that work really well in that decentralized model. When we look at the existing platforms, they try to achieve this similar outcome, right? Lower the cognitive load, give the tools to data practitioners, to manage data at scale because today centralized teams, really their job, the centralized data teams, their job isn't really directly aligned with a one or two or different, you know, business units and business outcomes in terms of getting value from data. Their job is manage the data and make the data available for then those cross-functional teams or business units to use the data. So the platforms they've been given are really centralized around or tuned to work with this structure as a team, structure of centralized team. Although on the surface, it seems that why not? Why can't I use my, you know, cloud storage or computation or data warehouse in a decentralized way? You should be able to, but some changes need to happen to those online platforms. As an example, some cloud providers simply have hard limits on the number of like account storage, storage accounts that you can have. Because they never envisaged you have hundreds of lakes. They envisage one or two, maybe 10 lakes, right. They envisage really centralizing data, not decentralizing data. So I think we see a shift in thinking about enabling autonomous independent teams versus a centralized team. >> So just a follow up if I may, we could be here for a while. But so this assumes that you've sorted out the organizational considerations? That you've defined all the, what a data product is and a sub product. And people will say, of course we use the term monolithic as a pejorative, let's face it. But the data warehouse crowd will say, "Well, that's what data march did. So we got that covered." But Europe... The primest of data mesh, if I understand it is whether it's a data march or a data mart or a data warehouse, or a data lake or whatever, a snowflake warehouse, it's a node on the mesh. Okay. So don't build your organization around the technology, let the technology serve the organization is that-- >> That's a perfect way of putting it, exactly. I mean, for a very long time, when we look at decomposition of complexity, we've looked at decomposition of complexity around technology, right? So we have technology and that's maybe a good segue to actually the next item on that list that we looked at. Oh, I need to decompose based on whether I want to have access to raw data and put it on the lake. Whether I want to have access to model data and put it on the warehouse. You know I need to have a team in the middle to move the data around. And then try to figure organization into that model. So data mesh really inverses that, and as you said, is look at the organizational structure first. Then scale boundaries around which your organization and operation can scale. And then the second layer look at the technology and how you decompose it. >> Okay. So let's go to that next point and talk about how you serve and manage autonomous interoperable data products. Where code, data policy you say is treated as one unit. Whereas your contention is existing platforms of course have independent management and dashboards for catalogs or storage, et cetera. Maybe we double click on that a bit. >> Yeah. So if you think about that functional, or technical decomposition, right? Of concerns, that's one way, that's a very valid way of decomposing, complexity and concerns. And then build solutions, independent solutions to address them. That's what we see in the technology landscape today. We will see technologies that are taking care of your management of data, bring your data under some sort of a control and modeling. You'll see technology that moves that data around, will perform various transformations and computations on it. And then you see technology that tries to overlay some level of meaning. Metadata, understandability, discovery was the end policy, right? So that's where your data processing kind of pipeline technologies versus data warehouse, storage, lake technologies, and then the governance come to play. And over time, we decomposed and we compose, right? Deconstruct and reconstruct back this together. But, right now that's where we stand. I think for data mesh really to become a reality, as in independent sources of data and teams can responsibly share data in a way that can be understood right then and there can impose policies, right then when the data gets accessed in that source and in a resilient manner, like in a way that data changes structure of the data or changes to the scheme of the data, doesn't have those downstream down times. We've got to think about this new nucleus or new units of data sharing. And we need to really bring back transformation and governing data and the data itself together around these decentralized nodes on the mesh. So that's another, I guess, deconstruction and reconstruction that needs to happen around the technology to formulate ourselves around the domains. And again the data and the logic of the data itself, the meaning of the data itself. >> Great. Got it. And we're going to talk more about the importance of data sharing and the implications. But the third point deals with how operational, analytical technologies are constructed. You've got an app DevStack, you've got a data stack. You've made the point many times actually that we've contextualized our operational systems, but not our data systems, they remain separate. Maybe you could elaborate on this point. >> Yes. I think this is, again, has a historical background and beginning. For a really long time, applications have dealt with features and the logic of running the business and encapsulating the data and the state that they need to run that feature or run that business function. And then we had for anything analytical driven, which required access data across these applications and across the longer dimension of time around different subjects within the organization. This analytical data, we had made a decision that, "Okay, let's leave those applications aside. Let's leave those databases aside. We'll extract the data out and we'll load it, or we'll transform it and put it under the analytical kind of a data stack and then downstream from it, we will have analytical data users, the data analysts, the data sciences and the, you know, the portfolio of users that are growing use that data stack. And that led to this really separation of dual stack with point to point integration. So applications went down the path of transactional databases or urban document store, but using APIs for communicating and then we've gone to, you know, lake storage or data warehouse on the other side. If we are moving and that again, enforces the silo of data versus app, right? So if we are moving to the world that our missions that are ambitions around making applications, more intelligent. Making them data driven. These two worlds need to come closer. As in ML Analytics gets embedded into those app applications themselves. And the data sharing, as a very essential ingredient of that, gets embedded and gets closer, becomes closer to those applications. So, if you are looking at this now cross-functional, app data, based team, right? Business team, then the technology stacks can't be so segregated, right? There has to be a continuum of experience from app delivery, to sharing of the data, to using that data, to embed models back into those applications. And that continuum of experience requires well integrated technologies. I'll give you an example, which actually in some sense, we are somewhat moving to that direction. But if we are talking about data sharing or data modeling and applications use one set of APIs, you know, HTTP compliant, GraQL or RAC APIs. And on the other hand, you have proprietary SQL, like connect to my database and run SQL. Like those are very two different models of representing and accessing data. So we kind of have to harmonize or integrate those two worlds a bit more closely to achieve that domain oriented cross-functional teams. >> Yeah. We are going to talk about some of the gaps later and actually you look at them as opportunities, more than barriers. But they are barriers, but they're opportunities for more innovation. Let's go on to the fourth one. The next point, it deals with the roles that the platform serves. Data mesh proposes that domain experts own the data and take responsibility for it end to end and are served by the technology. Kind of, we referenced that before. Whereas your contention is that today, data systems are really designed for specialists. I think you use the term hyper specialists a lot. I love that term. And the generalist are kind of passive bystanders waiting in line for the technical teams to serve them. >> Yes. I mean, if you think about the, again, the intention behind data mesh was creating a responsible data sharing model that scales out. And I challenge any organization that has a scaled ambitions around data or usage of data that relies on small pockets of very expensive specialists resources, right? So we have no choice, but upscaling cross-scaling. The majority population of our technologists, we often call them generalists, right? That's a short hand for people that can really move from one technology to another technology. Sometimes we call them pandric people sometimes we call them T-shaped people. But regardless, like we need to have ability to really mobilize our generalists. And we had to do that at Thoughtworks. We serve a lot of our clients and like many other organizations, we are also challenged with hiring specialists. So we have tested the model of having a few specialists, really conveying and translating the knowledge to generalists and bring them forward. And of course, platform is a big enabler of that. Like what is the language of using the technology? What are the APIs that delight that generalist experience? This doesn't mean no code, low code. We have to throw away in to good engineering practices. And I think good software engineering practices remain to exist. Of course, they get adopted to the world of data to build resilient you know, sustainable solutions, but specialty, especially around kind of proprietary technology is going to be a hard one to scale. >> Okay. I'm definitely going to come back and pick your brain on that one. And, you know, your point about scale out in the examples, the practical examples of companies that have implemented data mesh that I've talked to. I think in all cases, you know, there's only a handful that I've really gone deep with, but it was their hadoop instances, their clusters wouldn't scale, they couldn't scale the business and around it. So that's really a key point of a common pattern that we've seen now. I think in all cases, they went to like the data lake model and AWS. And so that maybe has some violation of the principles, but we'll come back to that. But so let me go on to the next one. Of course, data mesh leans heavily, toward this concept of decentralization, to support domain ownership over the centralized approaches. And we certainly see this, the public cloud players, database companies as key actors here with very large install bases, pushing a centralized approach. So I guess my question is, how realistic is this next point where you have decentralized technologies ruling the roost? >> I think if you look at the history of places, in our industry where decentralization has succeeded, they heavily relied on standardization of connectivity with, you know, across different components of technology. And I think right now you are right. The way we get value from data relies on collection. At the end of the day, collection of data. Whether you have a deep learning machinery model that you're training, or you have, you know, reports to generate. Regardless, the model is bring your data to a place that you can collect it, so that we can use it. And that leads to a naturally set of technologies that try to operate as a full stack integrated proprietary with no intention of, you know, opening, data for sharing. Now, conversely, if you think about internet itself, web itself, microservices, even at the enterprise level, not at the planetary level, they succeeded as decentralized technologies to a large degree because of their emphasis on open net and openness and sharing, right. API sharing. We don't talk about, in the API worlds, like we don't say, you know, "I will build a platform to manage your logical applications." Maybe to a degree but we actually moved away from that. We say, "I'll build a platform that opens around applications to manage your APIs, manage your interfaces." Right? Give you access to API. So I think the shift needs to... That definition of decentralized there means really composable, open pieces of the technology that can play nicely with each other, rather than a full stack, all have control of your data yet being somewhat decentralized within the boundary of my platform. That's just simply not going to scale if data needs to come from different platforms, different locations, different geographical locations, it needs to rethink. >> Okay, thank you. And then the final point is, is data mesh favors technologies that are domain agnostic versus those that are domain aware. And I wonder if you could help me square the circle cause it's nuanced and I'm kind of a 100 level student of your work. But you have said for example, that the data teams lack context of the domain and so help us understand what you mean here in this case. >> Sure. Absolutely. So as you said, we want to take... Data mesh tries to give autonomy and decision making power and responsibility to people that have the context of those domains, right? The people that are really familiar with different business domains and naturally the data that that domain needs, or that naturally the data that domains shares. So if the intention of the platform is really to give the power to people with most relevant and timely context, the platform itself naturally becomes as a shared component, becomes domain agnostic to a large degree. Of course those domains can still... The platform is a (chuckles) fairly overloaded world. As in, if you think about it as a set of technology that abstracts complexity and allows building the next level solutions on top, those domains may have their own set of platforms that are very much doing agnostic. But as a generalized shareable set of technologies or tools that allows us share data. So that piece of technology needs to relinquish the knowledge of the context to the domain teams and actually becomes domain agnostic. >> Got it. Okay. Makes sense. All right. Let's shift gears here. Talk about some of the gaps and some of the standards that are needed. You and I have talked about this a little bit before, but this digs deeper. What types of standards are needed? Maybe you could walk us through this graphic, please. >> Sure. So what I'm trying to depict here is that if we imagine a world that data can be shared from many different locations, for a variety of analytical use cases, naturally the boundary of what we call a node on the mesh will encapsulates internally a fair few pieces. It's not just the boundary of that, not on the mesh, is the data itself that it's controlling and updating and maintaining. It's of course a computation and the code that's responsible for that data. And then the policies that continue to govern that data as long as that data exists. So if that's the boundary, then if we shift that focus from implementation details, that we can leave that for later, what becomes really important is the scene or the APIs and interfaces that this node exposes. And I think that's where the work that needs to be done and the standards that are missing. And we want the scene and those interfaces be open because that allows, you know, different organizations with different boundaries of trust to share data. Not only to share data to kind of move that data to yes, another location, to share the data in a way that distributed workloads, distributed analytics, distributed machine learning model can happen on the data where it is. So if you follow that line of thinking around the centralization and connection of data versus collection of data, I think the very, very important piece of it that needs really deep thinking, and I don't claim that I have done that, is how do we share data responsibly and sustainably, right? That is not brittle. If you think about it today, the ways we share data, one of the very common ways is around, I'll give you a JDC endpoint, or I give you an endpoint to your, you know, database of choice. And now as technology, whereas a user actually, you can now have access to the schema of the underlying data and then run various queries or SQL queries on it. That's very simple and easy to get started with. That's why SQL is an evergreen, you know, standard or semi standard, pseudo standard that we all use. But it's also very brittle, because we are dependent on a underlying schema and formatting of the data that's been designed to tell the computer how to store and manage the data. So I think that the data sharing APIs of the future really need to think about removing this brittle dependencies, think about sharing, not only the data, but what we call metadata, I suppose. Additional set of characteristics that is always shared along with data to make the data usage, I suppose ethical and also friendly for the users and also, I think we have to... That data sharing API, the other element of it, is to allow kind of computation to run where the data exists. So if you think about SQL again, as a simple primitive example of computation, when we select and when we filter and when we join, the computation is happening on that data. So maybe there is a next level of articulating, distributed computational data that simply trains models, right? Your language primitives change in a way to allow sophisticated analytical workloads run on the data more responsibly with policies and access control and force. So I think that output port that I mentioned simply is about next generation data sharing, responsible data sharing APIs. Suitable for decentralized analytical workloads. >> So I'm not trying to bait you here, but I have a follow up as well. So you schema, for all its good creates constraints. No schema on right, that didn't work, cause it was just a free for all and it created the data swamps. But now you have technology companies trying to solve that problem. Take Snowflake for example, you know, enabling, data sharing. But it is within its proprietary environment. Certainly Databricks doing something, you know, trying to come at it from its angle, bringing some of the best to data warehouse, with the data science. Is your contention that those remain sort of proprietary and defacto standards? And then what we need is more open standards? Maybe you could comment. >> Sure. I think the two points one is, as you mentioned. Open standards that allow... Actually make the underlying platform invisible. I mean my litmus test for a technology provider to say, "I'm a data mesh," (laughs) kind of compliant is, "Is your platform invisible?" As in, can I replace it with another and yet get the similar data sharing experience that I need? So part of it is that. Part of it is open standards, they're not really proprietary. The other angle for kind of sharing data across different platforms so that you know, we don't get stuck with one technology or another is around APIs. It is around code that is protecting that internal schema. So where we are on the curve of evolution of technology, right now we are exposing the internal structure of the data. That is designed to optimize certain modes of access. We're exposing that to the end client and application APIs, right? So the APIs that use the data today are very much aware that this database was optimized for machine learning workloads. Hence you will deal with a columnar storage of the file versus this other API is optimized for a very different, report type access, relational access and is optimized around roles. I think that should become irrelevant in the API sharing of the future. Because as a user, I shouldn't care how this data is internally optimized, right? The language primitive that I'm using should be really agnostic to the machine optimization underneath that. And if we did that, perhaps this war between warehouse or lake or the other will become actually irrelevant. So we're optimizing for that human best human experience, as opposed to the best machine experience. We still have to do that but we have to make that invisible. Make that an implementation concern. So that's another angle of what should... If we daydream together, the best experience and resilient experience in terms of data usage than these APIs with diagnostics to the internal storage structure. >> Great, thank you for that. We've wrapped our ankles now on the controversy, so we might as well wade all the way in, I can't let you go without addressing some of this. Which you've catalyzed, which I, by the way, I see as a sign of progress. So this gentleman, Paul Andrew is an architect and he gave a presentation I think last night. And he teased it as quote, "The theory from Zhamak Dehghani versus the practical experience of a technical architect, AKA me," meaning him. And Zhamak, you were quick to shoot back that data mesh is not theory, it's based on practice. And some practices are experimental. Some are more baked and data mesh really avoids by design, the specificity of vendor or technology. Perhaps you intend to frame your post as a technology or vendor specific, specific implementation. So touche, that was excellent. (Zhamak laughs) Now you don't need me to defend you, but I will anyway. You spent 14 plus years as a software engineer and the better part of a decade consulting with some of the most technically advanced companies in the world. But I'm going to push you a little bit here and say, some of this tension is of your own making because you purposefully don't talk about technologies and vendors. Sometimes doing so it's instructive for us neophytes. So, why don't you ever like use specific examples of technology for frames of reference? >> Yes. My role is pushes to the next level. So, you know everybody picks their fights, pick their battles. My role in this battle is to push us to think beyond what's available today. Of course, that's my public persona. On a day to day basis, actually I work with clients and existing technology and I think at Thoughtworks we have given the talk we gave a case study talk with a colleague of mine and I intentionally got him to talk about (indistinct) I want to talk about the technology that we use to implement data mesh. And the reason I haven't really embraced, in my conversations, the specific technology. One is, I feel the technology solutions we're using today are still not ready for the vision. I mean, we have to be in this transitional step, no matter what we have to be pragmatic, of course, and practical, I suppose. And use the existing vendors that exist and I wholeheartedly embrace that, but that's just not my role, to show that. I've gone through this transformation once before in my life. When microservices happened, we were building microservices like architectures with technology that wasn't ready for it. Big application, web application servers that were designed to run these giant monolithic applications. And now we're trying to run little microservices onto them. And the tail was riding the dock, the environmental complexity of running these services was consuming so much of our effort that we couldn't really pay attention to that business logic, the business value. And that's where we are today. The complexity of integrating existing technologies is really overwhelmingly, capturing a lot of our attention and cost and effort, money and effort as opposed to really focusing on the data product themselves. So it's just that's the role I have, but it doesn't mean that, you know, we have to rebuild the world. We've got to do with what we have in this transitional phase until the new generation, I guess, technologies come around and reshape our landscape of tools. >> Well, impressive public discipline. Your point about microservice is interesting because a lot of those early microservices, weren't so micro and for the naysayers look past this, not prologue, but Thoughtworks was really early on in the whole concept of microservices. So be very excited to see how this plays out. But now there was some other good comments. There was one from a gentleman who said the most interesting aspects of data mesh are organizational. And that's how my colleague Sanji Mohan frames data mesh versus data fabric. You know, I'm not sure, I think we've sort of scratched the surface today that data today, data mesh is more. And I still think data fabric is what NetApp defined as software defined storage infrastructure that can serve on-prem and public cloud workloads back whatever, 2016. But the point you make in the thread that we're showing you here is that you're warning, and you referenced this earlier, that the segregating different modes of access will lead to fragmentation. And we don't want to repeat the mistakes of the past. >> Yes, there are comments around. Again going back to that original conversation that we have got this at a macro level. We've got this tendency to decompose complexity based on technical solutions. And, you know, the conversation could be, "Oh, I do batch or you do a stream and we are different."' They create these bifurcations in our decisions based on the technology where I do events and you do tables, right? So that sort of segregation of modes of access causes accidental complexity that we keep dealing with. Because every time in this tree, you create a new branch, you create new kind of new set of tools and then somehow need to be point to point integrated. You create new specialization around that. So the least number of branches that we have, and think about really about the continuum of experiences that we need to create and technologies that simplify, that continuum experience. So one of the things, for example, give you a past experience. I was really excited around the papers and the work that came around on Apache Beam, and generally flow based programming and stream processing. Because basically they were saying whether you are doing batch or whether you're doing streaming, it's all one stream. And sometimes the window of time, narrows and sometimes the window of time over which you're computing, widens and at the end of today, is you are just getting... Doing the stream processing. So it is those sort of notions that simplify and create continuum of experience. I think resonate with me personally, more than creating these tribal fights of this type versus that mode of access. So that's why data mesh naturally selects kind of this multimodal access to support end users, right? The persona of end users. >> Okay. So the last topic I want to hit, this whole discussion, the topic of data mesh it's highly nuanced, it's new, and people are going to shoehorn data mesh into their respective views of the world. And we talked about lake houses and there's three buckets. And of course, the gentleman from LinkedIn with Azure, Microsoft has a data mesh community. See you're going to have to enlist some serious army of enforcers to adjudicate. And I wrote some of the stuff down. I mean, it's interesting. Monte Carlo has a data mesh calculator. Starburst is leaning in, chaos. Search sees themselves as an enabler. Oracle and Snowflake both use the term data mesh. And then of course you've got big practitioners J-P-M-C, we've talked to Intuit, Orlando, HelloFresh has been on, Netflix has this event based sort of streaming implementation. So my question is, how realistic is it that the clarity of your vision can be implemented and not polluted by really rich technology companies and others? (Zhamak laughs) >> Is it even possible, right? Is it even possible? That's a yes. That's why I practice then. This is why I should practice things. Cause I think, it's going to be hard. What I'm hopeful, is that the socio-technical, Leveling Data mentioned that this is a socio-technical concern or solution, not just a technology solution. Hopefully always brings us back to, you know, the reality that vendors try to sell you safe oil that solves all of your problems. (chuckles) All of your data mesh problems. It's just going to cause more problem down the track. So we'll see, time will tell Dave and I count on you as one of those members of, (laughs) you know, folks that will continue to share their platform. To go back to the roots, as why in the first place? I mean, I dedicated a whole part of the book to 'Why?' Because we get, as you said, we get carried away with vendors and technology solution try to ride a wave. And in that story, we forget the reason for which we even making this change and we are going to spend all of this resources. So hopefully we can always come back to that. >> Yeah. And I think we can. I think you have really given this some deep thought and as we pointed out, this was based on practical knowledge and experience. And look, we've been trying to solve this data problem for a long, long time. You've not only articulated it well, but you've come up with solutions. So Zhamak, thank you so much. We're going to leave it there and I'd love to have you back. >> Thank you for the conversation. I really enjoyed it. And thank you for sharing your platform to talk about data mesh. >> Yeah, you bet. All right. And I want to thank my colleague, Stephanie Chan, who helps research topics for us. Alex Myerson is on production and Kristen Martin, Cheryl Knight and Rob Hoff on editorial. Remember all these episodes are available as podcasts, wherever you listen. And all you got to do is search Breaking Analysis Podcast. Check out ETR's website at etr.ai for all the data. And we publish a full report every week on wikibon.com, siliconangle.com. You can reach me by email david.vellante@siliconangle.com or DM me @dvellante. Hit us up on our LinkedIn post. This is Dave Vellante for theCUBE Insights powered by ETR. Have a great week, stay safe, be well. And we'll see you next time. (bright music)

>>Welcoming into the cubes presentation of AWS startup showcase open cloud innovations. This is season two episode one of the ongoing series covering exciting hot startups from the AWS ecosystem. Today's episode. One of season two theme is open source community and the open cloud innovations. I'm your host, John farrier of the cube. And today we're excited to be joined by Loris Dajani who is the C T O chief technology officer and founder of cystic found that in his backyard with some wine and beer. Great to see you. We're here to talk about Falco finding cloud threats in real time. Thank you for joining us, Laura. Thanks. Good to see you >>Love that your company was founded in your backyard. Classic startup story. You have been growing very, very fast. And the key point of the showcase is to talk about the startups that are making a difference and, and that are winning and doing well. You guys have done extremely well with your business. Congratulations, but thank you. The big theme is security and as organizations have moved their business critical applications to the cloud, the attackers have followed. This is Billy important in the industry. You guys are in the middle of this. What's your view on this? What's your take? What's your reaction? >>Yeah. As we, as a end ecosystem are moving to the cloud as more and more, we are developing cloud native applications. We relying on CACD. We are relying on orchestrations in containers. Security is becoming more and more important. And I would say more and more complex. I mean, we're reading every day in the news about attacks about data leaks and so on. There's rarely a day when there's nothing major happening and that we can see the press from this point of view. And definitely things are evolving. Things are changing in the cloud. In for example, Cisco just released a cloud native security and usage report a few days ago. And the mundane things that we found among our user base, for example, 60, 66% of containers are running as rude. So still many organizations adopting a relatively relaxed way to deploy their applications. Not because they like doing it, but because it tends to be, you know, easier and a little bit with a little bit less ration. >>We also found that that 27% of users unnecessary route access in the 73% of the cloud accounts, public has three buckets. This is all stuff that is all good, but can generate consequences when you make a mistake, like typically, you know, your data leaks, no, because of super sophisticated attacks, but because somebody in your organization forgets maybe some data on it on a public history bucket, or because some credentials that are not restrictive enough, maybe are leaked to another team member or, or, or a Gita, you know, repository or something like that. So is infrastructures and the software becomes a let's a more sophisticated and more automated. There's also at the same time, more risks and opportunities for misconfigurations that then tend to be, you know, very often the sewers of, of issues in the cloud. >>Yeah, those self-inflicted wounds definitely come up. We've seen people leaving S3 buckets open, you know, it's user error, but, you know, w w those are small little things that get taken care of pretty quickly. That's just hygiene. It's just discipline. You know, most of the sophisticated enterprises are moving way past that, but now they're adopting more cloud native, right. And as they get into the critical apps, securing them has been challenging. We've talked to many CEOs and CSOs, and they say that to us. Yeah. It's very challenging, but we're on it. I have to ask you, what should people worry about when secure in the cloud, because they know is challenging, then they'll have the opportunity on the other side, what are they worried about? What do you see people scared of or addressing, or what should I be worried about when securing the cloud? >>Yeah, definitely. Sometimes when I'm talking about the security, I like to compare, you know, the old data center in that the old monolithic applications to a castle, you know, in middle aged castle. So what, what did you do to protect your castle? You used to build very thick walls around it, and then a small entrance and be very careful about the entrance, you know, protect the entrance very well. So what we used to doing that, that data center was protect everything, you know, the, the whole perimeter in a very aggressive way with firewalls and making sure that there was only a very narrow entrance to our data center. And, you know, as much as possible, like active security there, like firewalls or this kind of stuff. Now we're in the cloud. Now, it's everything. Everything is much more diffused, right? Our users, our customers are coming from all over the planet, every country, every geography, every time, but also our internal team is coming from everywhere because they're all accessing a cloud environment. >>You know, they often from home for different offices, again, from every different geography, every different country. So in this configuration, the metaphor data that they like to use is an amusement park, right? You have a big area with many important things inside in the users and operators that are coming from different dangerous is that you cannot really block, you know, you need to let everything come in and in operate together in these kinds of environment, the traditional protection is not really effective. It's overwhelming. And it doesn't really serve the purpose that we need. We cannot build a giant water under our amusement park. We need people to come in. So what we're finding is that understanding, getting visibility and doing, if you Rheodyne is much more important. So it's more like we need to replace the big walls with a granular network of security cameras that allow us to see what's happening in the, in the different areas of our amusement park. And we need to be able to do that in a way that is real time and allows us to react in a smart way as things happen because in the modern world of cloud five minutes of delay in understanding that something is wrong, mean that you're ready being, you know, attacked and your data's already being >>Well. I also love the analogy of the amusement park. And of course, certain rides, you need to be a certain height to ride the rollercoaster that I guess, that's it credentials or security credentials, as we say, but in all seriousness, the perimeter is dead. We all know that also moats were relied upon as well in the old days, you know, you secure the firewall, nothing comes in, goes out, and then once you're in, you don't know what's going on. Now that's flipped. There's no walls, there's no moats everyone's in. And so you're saying this kind of security camera kind of model is key. So again, this topic here is securing real time. Yeah. How do you do that? Because it's happening so fast. It's moving. There's a lot of movement. It's not at rest there's data moving around fast. What's the secret sauce to making real identifying real-time threats in an enterprise. >>Yeah. And in, in our opinion, there are some key ingredients. One is a granularity, right? You cannot really understand the threats in your amusement park. If you're just watching these from, from a satellite picture. So you need to be there. You need to be granular. You need to be located in the, in the areas where stuff happens. This means, for example, in, in security for the clowning in runtime, security is important to whoever your sensors that are distributed, that are able to observe every single end point. Not only that, but you also need to look at the infrastructure, right? From this point of view, cloud providers like Amazon, for example, offer nice facilities. Like for example, there's CloudTrail in AWS that collects in a nice opinionated consistent way, the data that is coming from multiple cloud services. So it's important from one point of view, to go deep into, into the endpoint, into the processes, into what's executing, but also collect his information like the cultural information and being able to correlate it to there's no full security without covering all of the basics. >>So a security is a matter of both granularity and being able to go deep and understanding what every single item does, but also being able to go abroad and collect the right data, the right data sources and correlated. And then the real time is really critical. So decisions need to be taken as the data comes in. So the streaming nature of security engines is becoming more and more important. So the step one of course, security, especially cost security, posture management was very much let's ball. Once in a while, let's, let's involve the API and see what's happening. This is still important. Of course, you know, you need to have the basics covered, but more and more, the paradigm needs to change to, okay, the data is coming in second by second, instead of asking for the data manually, once in a while, second by second, there's the moment it arrives. You need to be able to detect, correlate, take decisions. And so, you know, machine learning is very important. Automation is very important. The rules that are coming from the community on a daily basis are, are very important. >>Let me ask you a question, cause I love this topic because it's a data problem at the same time. There's some network action going on. I love this idea of no perimeter. You're going to be monitoring anything, but there's been trade offs in the past, overhead involved, whether you're monitoring or putting probes in the network or the different, there's all kinds of different approaches. How does the new technology with cloud and machine learning change the dynamics of the kinds of approaches? Because it's kind of not old tech, but you the same similar concepts to network management, other things, what what's going on now that's different and what makes this possible today? >>Yeah, I think from the friction point of view, which is one very important topic here. So this needs to be deployed efficiently and easily in this transparency, transparent as possible, everywhere, everywhere to avoid blind spots and making sure that everything is scheduled in front. His point of view, it's very important to integrate with the orchestration is very important to make use of all of the facilities that Amazon provides in the it's very important to have a system that is deployed automatically and not manually. That is in particular, the only to avoid blind spots because it's manual deployment is employed. Somebody would forget, you know, to deploy where somewhere where it's important. And then from the performance point of view, very much, for example, with Falco, you know, our open source front-end security engine, we really took key design decisions at the beginning to make sure that the engine would be able to support in Paris, millions of events per second, with minimal overhead. >>You know, they're barely measure measurable overhead. When you want to design something like that, you know, that you need to accept some kind of trade-offs. You need to know that you need to maybe limit a little bit this expressiveness, you know, or what can be done, but ease of deployment and performance were more important goals here. And you know, it's not uncommon for us is Dave to have users of Farco or commercial customers that they have tens of thousands, hundreds of thousands of machines. You know, I said two machines and sometimes millions of containers. And in these environments, lightweight is key. You want death, but you want overhead to be really meaningful and >>Okay, so a amusement park, a lot of diverse applications. So integration, I get that orchestration brings back the Kubernetes angle a little bit and Falco and per overhead and performance cloud scale. So all these things are working in favor. If I get that right, is that, am I getting that right? You get the cloud scale, you get the integration and open. >>Yeah, exactly. Any like ingredients over SEP, you know, and that, and with these ingredients, it's possible to bake a, a recipe to, to have a plate better, can be more usable, more effective and more efficient. That may be the place that we're doing in the previous direction. >>Oh, so I've got to ask you about Falco because it's come up a lot. We talked about it on our cube conversations already on the internet. Check that out. And a great conversation there. You guys have close to 40 million plus million downloads of, of this. You have also 80 was far gate integration, so six, some significant traction. What does this mean? I mean, what is it telling us? Why is this successful? What are people doing with Falco? I see this as a leading indicator, and I know you guys were sponsoring the project, so congratulations and propelled your business, but there's something going on here. What does this as a leading indicator of? >>Yeah. And for, for the audience, Falco is the runtime security tool of the cloud native generation such. And so when we, the Falco, we were inspired by previous generation, for example, network intrusion detection, system tools, and a post protection tools and so on. But we created essentially a unique tool that would really be designed for the modern paradigm of containers, cloud CIC, and salt and Falco essentially is able to collect a bunch of brainer information from your applications that are running in the cloud and is a religion that is based on policies that are driven by the community, essentially that allow you to detect misconfigurations attacks and normals conditions in your cloud, in your cloud applications. Recently, we announced that the extension of Falco to support a cloud infrastructure and time security by parsing cloud logs, like cloud trail and so on. So now Falba can be used at the same time to protect the workloads that are running in virtual machines or containers. >>And also the cloud infrastructure to give the audience a couple of examples, focused, able to detect if somebody is running a shelf in a radius container, or if somebody is downloading a sensitive by, from an S3 bucket, all of these in real time with Falco, we decided to go really with CR study. This is Degas was one of the team members that started it, but we decided to go to the community right away, because this is one other ingredient. We are talking about the ingredients before, and there's not a successful modern security tool without being able to leverage the community and empower the community to contribute to it, to use it, to validate and so on. And that's also why we contributed Falco to the cloud native computing foundation. So that Falco is a CNCF tool and is blessed by many organizations. We are also partnering with many companies, including Amazon. Last year, we released that far gate support for Falco. And that was done is a project that was done in cooperation with Amazon, so that we could have strong runtime security for the containers that are running in. >>Well, I've got to say, first of all, congratulations. And I think that's a bold move to donate or not donate contribute to the open source community because you're enabling a lot of people to do great things. And some people might be scared. They think they might be foreclosing and beneficial in the future, but in the reality, that is the new business model open source. So I think that's worth calling out and congratulations. This is the new commercial open source paradigm. And it kind of leads into my last question, which is why is security well-positioned to benefit from open source besides the fact that the new model of getting people enabled and getting scale and getting standards like you're doing, makes everybody win. And again, that's a community model. That's not a proprietary approach. So again, source again, big part of this. Why was security benefit from opensource? >>I am a strong believer. I mean, we are in a better, we could say we are in a war, right? The good guys versus the bad guys. The internet is full of bad guys. And these bad guys are coordinated, are motivated, are sometimes we'll find it. And we'll equip. We win only if we fight this war as a community. So the old paradigm of vendors building their own Eva towers, you know, their own self-contained ecosystems and that the us as users as, as, as customers, every many different, you know, environments that don't communicate with each other, just doesn't take advantage of our capabilities. Our strength is as a community. So we are much stronger against the big guys and we have a much better chance doing when this war, if we adopt a paradigm that allows us to work together. Think only about for example, I don't know, companies any to train, you know, the workforce on the security best practices on the security tools. >>It's much better to standardize on something, build the stack that is accepted by everybody and tell it can focus on learning the stack and becoming a master of the steak rounded rather than every single organization naming the different tool. And, and then B it's very hard to attract talent and to have the right, you know, people that can help you with, with your issues in, in, in, in, in, with your goals. So the future of security is going to be open source. I'm a strong believer in that, and we'll see more and more examples like Falco of initiatives that really start with, with the community and for the community. >>Like we always say an open, open winds, always turn the lights on, put the code out there. And I think, I think the community model is winning. Congratulations, Loris Dajani CTO and founder of SIS dig congratulatory success. And thank you for coming on the cube for the ADB startup showcase open cloud innovations. Thanks for coming on. Okay. Is the cube stay with us all day long every day with the cube, check us out the cube.net. I'm John furrier. Thanks for watching.

>>Hello, welcome to the special cube conversation. I'm John for your host of the queue here in Palo Alto, California. We're still remoting in getting great guests in events are coming back. Next few weeks, we'll be at a bunch of different events and you'll see the cube everywhere, but this conversation's about network challenges in a distributed hybrid workforce era. We've got a team say he principal, product manager, edge networking solutions, a Dell technologies and Rob McBride channel and partner sales engineer at versa networks. Gentlemen, thanks for coming on this cube conversation, >>John. Thank you, John. >>So first of all, obviously with the pandemic and now we're moving out of the pandemic, even with Omnichron out there, we still see visibility into kind of back to work and events and it's, but it's clearly hybrid environment cloud hybrid work. This has been a huge opening of everyone's eyes around network security provisioning, you know, unexpected disruptions around everyone being worked at home. Nobody really forecasted that. The fact that the whole workforce would be remote coming in. So again, put a lot of pressure on the network challenges over over the past two years. How is it coming out of this different what's your guys' take on this. >>Yeah, to then when we start looking at it, let's kind of focus a little bit on challenges, you know, you know, when this all kind of started off, obviously, as you stated, right, everyone was kind of taken by surprise in a way, right? What do we do? We don't know what to do at this moment. And you know, I go back and I remember a customer giving me a call, you know, when they were at first looking at, you know, your traditional land transformation and one of the changed their branches to do something from an SD perspective. And then the pandemic hit. And their question to me was Rob, what do I do? Or what do I need to start thinking about now, all of a sudden to your point, right? Everyone now is no longer in the office and how do I get them to connect. >>And more importantly, now that I can maybe figure out a way to connect them, how do I actually see what they're doing and be able to control what they're actually now accessing? Because I no longer have that level of control as of them coming into the office. And so a lot of customers, you know, we're, we're beginning to develop kind of homegrown solutions, look at various different things to kind of quick hot patches, if you will, to address the remote workers coming in and things of that nature. And we'll be seeing kind of progression through all this as a, as, as opposed to just solving, getting a user, to connect into the, into an environment that it can provide, you know, continuity for. They started coming up with other challenges to the point of security. They started, you know, I have other customers calling me up and saying, you know, I I've now got a ransomware problem, right? >>So, you know, what do I do about that? And what are the things I need to kind of consider with respect to now I'm much more vulnerable because my, my, my branch has state has basically become much more diversified and solutions and things that they're looking for, regardless, obviously around security connectivity, there they've been challenged with addressing how do they unify their levels of visibility without over encumbering themselves and how they actually manage now this kind of much more kind of distributed kind of network if you will. Right? So things around, you know, looking at, you know, acronyms around from like a Z TNA or, you know, cloud security and all this fun stuff starts coming into play. But what it, what it points to is that the biggest challenge ideas, how does, how do they converge networking and security together and provide equitable and uniform policy architecture to identify their users, to connect and access the applications that are relevant to the business and be able to have that uniformity between whether it's the branch for them being remote. And that's part of what we've kind of seen as this progression to the last two years and kind of solutions that they're looking for to kind of help them address that. It's almost like >>It's a good thing in a way. It actually opens up the kimono and say, Hey, this is the real world we've got to prepare for this next generation a TIF. I want to get your take because, you know, remember the old days we were like, oh yeah, we've got to prepare for these scenarios where maybe 30% will be dialing on the V land or remotely, you know, it's not 30%. It was like 100%. So budgets aren't out of whack and yet they want more resiliency at the edge. Right. So, so one, I didn't budget for it. They didn't predict it and it's gotta be better, faster, cheaper, more skier. >>Yeah. Yeah. So, so, so John, the difference is, is that, you know, Dell, for instance, as already was already working towards this distributed model, right? The pandemic just accelerated that transformation. So, so when customers came to us and said, oh, we've got a problem with our workforce and our users being so geographically suddenly dispersed, you know, we had some insight that we could immediately lean on. We had already started working on solutions and building those platforms that can help them address those, those problems. Right. Because we'd already done studies before this, right. We had done studies and we'd come back on this whole work from home or remote office scenario. And, and the results were pretty unanimous in that customers were, all users were always complaining about, you know, application performance issues and, and, you know, connectivity issues and, and things like that. So we, we, we kinda knew about this. And so we were able to proactively start building solutions. And so, you know, so when a customer comes, there's like Rob was talking about, you know, their infrastructure, wasn't set up for everybody to suddenly move on day one and start accessing all the corporate resources where the majority of the organization is accessing corporate resources from away from campus. Right? So we, we, we have solutions, we've been building solutions and we have guidance to offer these customers as they try to modernize that network and address these problems. >>Well, that's a great segue to the next topic. Talk track is, you know, what is a network? What is network monetization? Right. So let's, let's define that if you don't mind, well, I got you guys here. You're both pros get that sound bite, but then let's get into the benefits of the outcomes from what that enables. So if you guys want to take a stab at defining what is network modernization mean? >>I think there's a lot of definitions, or it kind of depends on your point, your point of view of where you're, where you're responsible for, from a network or within the stack, you know, are from a take obviously is, you know, working, working from a vendor. And with solutions that we provide modernization is really around solutions that begin to look at more software defined architectures and definitions to begin a level of decoupling between, you know, points of control, hardware and software, and other kinds of points of visibility and automation to the point where, where things are let's, let's kind of put an air quotes in a sense of being more digitized. And in the sense, like even how we're looking at things from a consumerization perspective, but looking at things a much more, more cloud aware cloud specific cloud native in built automation, as well as inbuilt kind of analytics where things are much more in a, in a broader SDN, kind of a construct would be a form of a definition from a, from a, from a, from a monetization perspective. >>Now, do the other element of your, kind of a question in regards to, it's kind of the benefits that come as a result of this. So as customers have been in the last 24 months, looking at different solutions to address part of what we've been talking about, part of it is you want, when you're looking at, whether it's like you're using a word like sassy to kind of define, you know, how are enterprises looking for ZTE and they based solutions or cloud security to augment their, their overall needs. The benefits that they're finding are simplicity of management, because they're now looking for more uniform solutions that can address secure access for remote workers, in addition to their own kind of traditional access, as it relates to their offices to better visibility. Because as this uniformity of this kind of architecture, the now able to actually really see the level of context, right? >>I can see you, John, as far as where you're coming in and access and what applications on what devices. And now I have a means to actually apply a policy to that matters to me as the business, from an IP perspective, to protect me as the business, but also to ensure that you're actually authorized and accessing things that I have from an it regular reg regulations perspective. So benefits and the summary are kind of like Mo in bill automation, better, you know, things get done faster, things repair on their own in a different way, as a result of automation, greater visibility. Now they have much more greater insights into what we are doing as users of the overall it infrastructure and better overall control. That's been ultimately simplified as result of consolidation and unification. >>That's awesome. Insight. I T what's your take on the benefits of ma network modernization? >>So I'd like to sort of double down on, on, you know, something Rob said, right? So the visibility, right? So enhanced visibility in layman's terms, that just means more insight, more insight means the ability to implement best practices around application usage, application performance, more insights means control that it departments are, are meeting. They need that to manage and address security threats, right? To be able to identify an abnormal traffic pattern or unauthorized data movement, to be able to push updates and, and patches quickly. So, so it's really about, you know, that, that manageability, that that level of control gives them the ability to offer a resilient and secure underlying networking infrastructure. And then, you know, finally one of the key benefits is cost savings of, you know, everybody is trying to be more efficient. And so from, from our perspective, it's, it's really about building an open platform. >>You know, we've built a platform or an x86 based platform. We've we chose that because we wanted to tap into a mature ecosystem that, you know, customers can leverage as they, as they build their build towards their modernizing modernization goals. And so we're like tech leveraging technologies, like UCPs so universal customer premise equipments. And so that's really just an open hardware platform, but what you get by consolidating your network functions like routing and firewall, and when optimization you, and when you consolidate it all onto a single device, you get hardware savings, cost savings. You, you get operational savings as well, right? So you've it, common hardware infrastructure means a common deployment model means a streamlined operations means fewer truck rolls, right? So, so there's a tremendous amount of, of, of benefit from the cost standpoint as well, because from our perspective, it's really that what customers are looking for, they need enterprise grade solutions that can scale in a cost-effective manner. >>That's awesome. You guys mentioned sassy earlier. I'm like, first of all, software as a service is very sassy, big modern application movements. Always get my hair sassy. I think, you know, a kind of a term around SAS software as a service, but for you guys, it's talking about secure access service edge, which is a huge category growth right now where, you know, per security and networking, it's a huge discussion SD win fits into that somehow, because it used to be campus networking before now. It's everyone's world is the same. Now it's connected. So sassy is huge. How does that fit into SD when it's in the trend of the SAS at the same? What's the difference? Cause wan has been booming for the past decade as well in terms of trends. How are you guys seeing those converging in what's the difference? >>You know, I like to also agree with you, this thing has been booming the last couple of years, right. You know, kind of, kind of bread and butter part of what we've been doing, but, you know, to your question in regards to kind of its linkage relative to sassy, right. You know, as you articulated, right. It's the sassy secure access service edge from a definition of the acronym. So it's authority is first kind of good to kind of define a little bit, maybe for some of those that may not be overly familiar with it. And I like to kind of dumb it down a little bit into the point of sassy is really an architecture that is around, you know, the convergence of networking and security being put together in a uniform platform or service that is delivered from both the cloud, as well as addressing, you know, their, their kind of traditional land requirements. >>Now digging in sassy is broken to two little buckets, right? It's broken into a network layer and the six security layer and by its definition, right, by, by a particular analyst, the network component, a big portion of that is SD wan. And so SD wan providing that value associated to what does, you know, dynamic lanes, steering automation, application attachments, so on and so forth is a core element of the foundation of the network layer associates, associate sassy. And then the other element of zesty is around the security bit. And so they're very much intrinsically linked, whether, you know, for example, like versus just the kind of mentioned this here, the, the, the sassy cloud that we built for our customers to leverage for private access, public access, you know, secure internet CASBY, DLP type of services is built upon SQM. In addition to our customers that are using Guesty Lampard or traditional land are using SD wan to connect to that cloud. >>So it's very, very much linked and they kind of go hand in hand, depending on your approach to the broader architecture. And, you know, another point I'll bring into that. What, what it also highlights is that whether it's around sassy or not, when we, when in pertinent to everything we'd been other kind of been talking about, the other thing that's coming with sun intrinsically and natively is really the concept of security it's around, whether it's security at the branch, or whether it's around some form of, you know, identity management or a point of improving posture for the, for the enterprise to, you know, obviously the spec traffic at the branch where remotely, but what we're seeing at a trend wise, which, you know, part by customer adoption from our own platform, if you will, is basically security and SD Wang coming together, whether for your traditional land transformation, or as a result of sassy services for a hybrid needs of connectivity, right? Remote workers, hybrid workforce, going into the cloud for, for their connectivity needs and optimizations. In addition to obviously the, the enterprises branch transformations, >>I like that native aspect of it. We used to joke and call SD way in St. Cloud because it's, we're all using cloud technologies. Talk about the security impact real quick. If you don't mind, I want to just double click them what you mentioned there, because I think the cloud effication plus the security piece seems to be a key part of this dynamic. Is that true? Or did they get that right? What's what's this all mean with cloud vacation? Yeah, >>And I, I would, I, I, I agree with, I guess kind of where you're leading into that is, you know, review all of us you're right now. Exactly. In talking with you right now, right. John is, as you stated at the beginning, we're all remote. And so from a business perspective, right, we are accessing, or from an engagement we're accessing a cloud service. Now what's critical for us, as you know, obviously enterprise employees is that our means of accessing this cloud service needs to have some level of hardening. We need to protect, right. Not only our own asset that we're using, right. Our laptops or other machinery that you use to connect to the network, but in addition to protect our company, right? So our company also needs to protect them. So how can we do that? Right? How can we do that in a very fast and distributed way? >>Sure. We can put security endpoints at every location with every user and every home. And that's one means of, of a particular solution. So your point about cloud is now take all of that and bring it to the cloud where you'd have a much more distributed means, right? And much more dynamically, scalable approach to actually doing that level of inspection, posture and, and enforcement. And so that's kind of where the rubber meets the road, right, is for us to access those cloud applications. The cloud that we're using as a conduit for security, as well as network also is now even connected and optimized paths to applications like what we're using right now, right. To, to, to do this conversation. So that's kind of where it meets together. And the security element is because we're so diverse, we just need, we, we, we need to ensure, right. We're all much, we're much more vulnerable. Right? My home network is, you know, maybe arguably maybe not as secure as when I go into an office. Right? >>So most people, because you have worked for virtual networks, >>I can make that argument. Yes. Right. But you know, the average, most of us, remote workers, you know, our homes aren't as hard. And so we point a point of risk, right? And so, as we, as we go to cloud apps, we're more connected to the internet. Right. You know, the, the, the point of being able to do this enforcement from a sassy concept helps provide that improved posture for enterprises to secure their traffic and get visibility into that. >>All my network engineer, friends are secure, as you read about. And I always joked to the malware, you missed, missed the wrong network engineer. If I go after them, their house, spear fishing. And you're trying to get into your network. I'd say, if I want to bring this back, because what we're bringing up here is cloud is actually enabling more on premises because you're working at home. That's a premise, right? So you're also edge is a premise edge and cloud. And a cloud kind of eliminates all this notion of what is cloud and edge, but at the end of the day is where you are. Right. So having the performance and the security and the partnership that same with Dell, I know you guys have been on this for a while because I've been covering it, but the notion of edge completely changes now, because what does that even mean? Home's edge is the camp of data centers and edge the, the cars and edge, the telco monopoles and edge. This is a big deal. This is the unit about the unification. This is all about making it all work. What's your, what's your take on this from the Dell perspective. >>Yeah. And I think, I mean, it that's, I mean, you, you kind of summarize it, right. I mean, what does edge mean to you? Right. It's and then, so every time I have a conversation with, with somebody, I always start with, let's define what your edge is. And so, you know, from, from our perspective, from the Dell perspective is, you know, we believe that we want to provide enterprise grade infrastructure. We want to give our customers the right tools. And we're seeing that with this trend of a hybrid workforce, a geographically dispersed user base, we're seeing a tremendous need for, you know, from it departments for tools, for solutions that can give them the control that they can sort of push out into their networks to ensure a safe and secure external access to corporate resources. Right. And so that's what we're committed to is making sure that, that, that management layer by either developing the solutions, in-house bringing the right partners to the table and just ensuring that our customers have the right tools because this sort of trend, or this, this, this new normal is not going away. And so we have to adapt. >>So thanks for coming on, Rob, we'll give you the final word. What's changed the most, in your opinion, with customers, environments, around how they're handling their networks as we come out of the pandemic, which has proven kind of which projects are working, which ones aren't where to double down on what was screwed up. I mean, come on. This is, we're kind of seeing it all play out. What's your, what's your take on as we come through the pandemic and people come out of this, what's the big learning. Okay. >>Well that you need partners. Right. Okay. So it's not even from a vendor perspective. What I mean by partners is what we're finding and what I think a lot of other customers I've engaged with and others is this ain't easy for even as much as we can within the technology vendor market, right. It's to make things easier to do. There's a lot of technology and the enterprise, it is recognized. They need a lot of these building blocks, right. To, to accomplish a lot of different things, whether it's around automation, to, in other tools as, as auto was leading into. And so we're finding that, you know, a lot of our, our base or our interactions are really trying to identify an appropriate partner that can help not only talk to the technology, but help them actually understand all the various different, you know, multi-colored legal blocks, they've got to put together, but also help help them actually put that into a realization. >>Right. And, you know, and then be able to then give the keys to them so they can eventually drive the car. Right. And so the learning that we're seeing here is this is a lot of tech, there's a lot of new tech, new approaches to existing technology of things that they've actually done. And they're, they're, they're looking for help. Right. And so they're looking for kind of, let's call it like trusted advisor kind of status of people that can help explain the technology to them and then help them understand how do they put it together. So they can then ultimately accomplish our overall kind of, you know, other kinds of objectives from an it perspective. And the other learning that I'll just say, and then I'll, then I'll stop. Here is SD wan isn't dead, right? Yes. The man is actually still driving. And it's actually an impetus for a lot of other things that enterprise is actually doing, whether it's around, you know, sassy, oriented services, remote access, private access, and other things of that nature. >>I totally agree. I think the networking, stuff's still going to be so much innovation going on with the edge exploding as well. That the really great, amazing stuff happening. Thanks for coming on this cube conversation, great conversation, taking it to the edge network challenges in the distributed hybrid workforce era is about moving things around the internet, making them secure. I'm John for your host. Thanks for watching.

hello and welcome to this special cube conversation i'm dave nicholson and this is part of our continuing coverage of google cloud next 2021 i have two very special guests with me and we are going to talk about the topic of security uh i have sunil potti who is vice president and general manager of google cloud security uh who in a previous life had senior leadership roles at nutanix and citrix along with lior div who is the ceo and co-founder of cyber reason lior was formerly a commander in the much famed unit 8200 uh part of the israeli defense forces uh where he was actually a medal of honor recipient uh very uh honored to have him here this morning sunil and lior welcome to the cube sunil welcome back to the cube yeah great to be here david and and to be in the presence of a medal of honor recipient by the way a good friend of mine leor so be here well good to have both of you here so uh i'm the kind of person who likes my dessert before my uh before my entree so why don't we just get right to it you're the two of you are here to announce something very very significant uh in the field of security uh sunil do you want to start us out what are we here to talk about yeah i mean i think maybe uh you know just to set this context um as as many of you know about a decade ago a nation's sponsored attack you know actually got into google plus a whole bunch of tech companies you know the project aurora was quite uh you know infamous for a certain period of time and actually google realized almost a decade ago that look you know security can't just be a side thing it has to be the primary thing including one of the co-founders becoming for lack of a better word the chief security officer for a while but one of the key takeaways from that whole incident was that look you have to be able to detect everything and trust nothing and and the underpinning for at least one of them led to this whole zero trust architectures that everybody now knows about but the other part which is not as popular at least in industry vernacular but in many ways equally important and some ways more important is the fact that you need to be able to detect everything so that you can actually respond and that led to the formation of you know a project internal to google to actually say that look let's democratize uh storage and make sure that nobody has to pay for capturing security events and that led to the formation of this uh new industry concept called a security data lake in chronicle was born and then as we started evolving that over into the enterprise segment partnering with you know cyber reason on one hand created a one plus one equals three synergy between say the presence around what do you detect from the end point but also generally just so happens that as lior will tell you the cyber reason technology happens to start with endpoint but it's actually the core tech is around detecting events but doing it in a smart way to actually respond to them in much more of a contextual manner but beyond just that you know synergy between uh you know a world-class planet scale you know security data like forming the foundation and integrating you know in a much more cohesive way with uh cyber reasons detection response offering the spirit was actually that this is the first step of a long journey to really hit the reset button in terms of going from reactive mode of security to a proactive mode of security especially in a nation-state-sponsored attack vector so maybe leo you can speak a few minutes on that as well absolutely so um as you said i'm coming from a background of uh nation state hacking so for us at cyberism it's uh not is foreign uh what the chinese are doing uh on a daily basis and the growing uh ransomware cartel that's happening right now in russia um when we looked at it we said then uh cyberism is very famous by our endpoint detection and response capability but when we establish cyber reason we establish the cyberism on a core or almost fundamental idea of finding malicious operation we call it the male idea so basically instead of looking for alerts or instead of looking for just pieces of data we want to find the hackers we want to find the attack we want to be able to tell basically the full story of what's going on uh in order to do that we build the inside cyberism basically from day one the ability to analyze any data in real time in order to stitch it into the story of the male the malicious operation but what we realize very quickly that while our solution can process more than 27 trillion events a week we cannot feed it fast enough just from end point and we are kind of blind when it comes to the rest of the attack surface so we were looking uh to be honest quite a while for the best technology that can feed this engine and to as sunil said the one plus one equal three or four or five to be able to fight against those hackers so in this journey uh we we found basically chronicle and the combination of the scale that chronicle bringing the ability to feed the engine and together basically to be able to find those hackers in real time and real time is very very important and then to response to those type of attack so basically what is uh exciting here we created a solution that is five times faster than any solution that exists right now in the market and most importantly it enables us to reverse the atmospheric advantage and basically to find them and to push them out so we're moving from hey just to tell you a story to actually prevent hackers to being in your environment so leor can you i want to double click on that just just a little bit um can you give give us a kind of a concrete example of this difference between simply receiving alerts and uh and actually um you know taking taking uh uh correlating creating correlations and uh and actually creating actionable proactive intelligence can you give us an example of that working in in the real world yeah absolutely we can start from a simple example of ransomware by the time that i will tell you that there is a ransomware your environment and i will send an alert uh it will be five computers that are encrypted and by the time that you gonna look at the alert it's gonna be five thousand uh basically machines that are encrypted and by the time that you will do something it's going to be already too little too late and this is just a simple example so preventing that thing from happening this is critical and very timely manner in order to prevent the damage of ransomware but if you go aside from ransomware and you look for example of the attack like solarwind basically the purpose of this attack was not to create damage it was espionage the russian wanted to collect data on our government and this is kind of uh the main purpose that they did this attack so the ability to be able to say hey right now there is a penetration this is the step that they are doing and there is five ways to push them out of the environment and actually doing it this is something that today it's done manually and with the power of chronicle and cyberism we can do it automatically and that's the massive difference sunil are there specific industries that should be really interested in this or is this a is this a broad set of folks that should be impacted no you know in some ways uh you know the the the saying these days to learn's point on ransomware is that you know if if a customer or an enterprise has a reasonable top-line revenue you're a target you know you're a target to some extent so in that sense especially given that this has moved from pure espionage or you know whether it be you know government oriented or industrial espionage to a financial fraud then at that point in time it applies to pretty much a wide gamut of industries not just financial services or you know critical infrastructure companies like oil and gas pipeline or whatever it could be like any company that has any sort of ip that they feel drives their top line business is now a target for such attacks so when you talk about the idea of partnership and creating something out of a collaboration what's the meat behind this what what what do you what are you guys doing beyond saying you know hey sunil lior these guys really like each other and they respect what the other is doing what's going on behind the scenes what are you actually implementing here moving forward so every partnership is starting with love so it's good [Laughter] but then it need to translate to to really kind of pure value to our customers and pure value coming from a deep integration when it's come to the product so basically uh what will happen is every piece of data that we can collect at cyber is in uh from endpoint any piece of data that the chronicle can collect from any log that exists in the world so basically this is kind of covering the whole attack surface so first we have access to every piece of information across the full attack surface then the main question is okay once you collect all this data what you're gonna do with it and most of companies or all the companies today they don't have an answer they're saying oh we're gonna issue an alert and we hope that there is a smart person behind the keyboard that can understand what just happened and make a decision and with this partnership and with this integration basically we're not asking and outsourcing the question what to do to the user we're giving them the answer we're telling them hey this is the story of the attack this is all the pieces that's going on right now and in most cases we're gonna say hey and by the way we just stopped it so you can prevent it from the future when will people be able to leverage this capability in an integrated way and and and by the way restate how this is going to market as an integrated solution what is what is the what is what are we going to call this moving forward so basically this is the cyber reason xdr uh powered by chronicle and we are very very um uh happy about it yeah and i think just to add to that i would say look the the meta strategy here and the way it'll manifest is in this offering that comes out in early 2022 um is that if you think about it today you know a classical quote-unquote security pipeline is to detect you know analyze and then respond obviously you know just just doing those three in a good way is hard doing it in real time at scale is even harder so just that itself was where cyber reason and chronicle would add real value where we are able to collect a lot of events react in real time but a couple of things that i think that you know to your original point of why this is probably going to be a little for game changer in the years to come is we're trying to change that from detect analyze respond to detect understand and anticipate so because ultimately that's really how we can change you know the profile from being reactive in a world of ransomware or anything else to being proactive against a nation sponsored or nation's influenced attacks because they're not going to stop right so the only way to do this is to rather than just go back up the hatches is just really you know change change the profile of how you'll actually anticipate what they were probably going to do in 6 months or 12 months and so the the graph technology that powers the heart of you know cyber reason is going to be intricately woven in with the contextual information that chronicle can get so that the intermediate step is not just about analysis but it's about truly understanding the overall strategy that has been employed in the past to predict what could happen in the future so therefore then actions could be taken downstream that you can now say hey most likely this these five buckets have this kind of personal information data there's a reasonable chance that you know if they're exposed to the internet then as you create more such buckets in that project you're going to be susceptible to more ransomware attacks or some other attacks right and that's the the the kind of thinking or the transformation that we're trying to bring out with this joint office so lior uh this this concept of uh of mallops and uh cyber reason itself you weren't just born yesterday you've been you've been uh you have thousands of customers around the globe he does look like he was born i i know i know i know well you you know it used to be that the ideal candidate for ceo of a startup company was someone who dropped out of stanford i think it's getting to the point where it's people who refused admission to stanford so uh the the dawn of the 14 year old ceo it's just it's just around the corner but uh but lior do you get frustrated when you see um you know when you become aware of circumstances that would not have happened had they implemented your technology as it exists today yeah we have a for this year it was a really frustrating year that starting with solarwind if you analyze the code of solarwind and we did it but other did it as well basically the russians were checking if cyberism is installed on the machine and if we were installed on the machine they decided to stop the attack this is something that first it was a great compliment for us from you know our not friend from the other side that decided to stop the attack but on a serious note it's like we were pissed because if people were using this technology we know that they are not going to be attacked when we analyze it we realize that we have three different ways to find the solar wind hackers in a three different way so this is just one example and then the next example in the colonial pipeline hack we were the one that found darkseid as a group that we were hacking we were the first one that released a research on them and we showed how we can prevent the basically what they are doing with our technology so when you see kind of those type of just two examples and we have many of them on a daily basis we just know that we have the technology in order to do that now when we're combining uh the chronicle technology into the the technology that we already have we basically can reverse the adversary advantage this is something that you're not doing in a single day but this is something that really give power to the defenders to the communities of siso that exist kind of across the us um and i believe that if we're going to join forces and lean into this community and and basically push the solution out the ability for us to fight against those cartels specifically the ransomware cartels is going to be massive sunil this time next year when we are in uh google cloud next 2022 um are you guys going to come back on and offer up the we told you so awards because once this is actually out there and readily available the combination of chronicle and cyber reasons technology um it's going to be hard for some csos to have an excuse uh it may be it may be a uncomfortable to know that uh they could have kept the door secure uh but didn't yeah where's that bad business is that bad business to uh hand out awards for doing dumb things i don't know about uh you know a version of darwin awards probably don't make sense but but but generally speaking so i do think uh you know we're all like as citizens in this right because you know we talk about customers i mean you know alphabet and google is a customer in some ways cyber reason is a customer the cube is a customer right so i think i think the robot hitting the road a year from now will be we should we should do this where i don't know if the cube does more than two folks at the same time david but we should i mean i'm sure we'll have enough to have at least a half a dozen in in the room to kind of talk about the solution because i think the the you know as you can imagine this thing didn't materialize i mean it's been being cooked for a while between your team and our team and in fact it was inspired by feedback from some joint customers out in the market and all that good stuff so so a year from now i think the best thing would be not just having customers to talk about the solution but to really talk about that transformation from respond to anticipate and do they feel better on their security posture in a world that they know like and leo should probably spend a few minutes on this is i think we're on the tip of the sphere of this nation-state era and what we've just seen in the last few years is what maybe the nation-states have seen over two decades ago and they're going to run those playbooks on the enterprise for the next decade or so yeah leor talk about that for a minute yeah it's it's really you know just to continue the sunil thought it's it's really about finding the unknown because what's happening on the other side it's like specifically china and russia and lately we saw iran starting to gain uh power um basically their job is to become better and better and to basically innovate and create a new type of attack on a daily basis as technology has evolved so basically there is a very simple equation as we're using more technology and relying more on technology the other side is going to exploit it in order to gain more power espionage and create financial damage but it's important to say that this evolution it's not going to stop this is just the beginning and a lot of the data that was belong just to government against government fight basically linked in the past few years now criminals starting to use it as well so in a sense if you think about it what's happening right now there is basically a cold war that nobody is talking about it between kind of the giant that everybody is hacking everybody and in the crossfire we see all of those enterprises across the world it was not a surprise that um you know after the biden and putin uh meeting suddenly it was a quiet it was no ransomware for six weeks and after something changing the politics suddenly we can see a a groin kind of attack when it's come to ransomware that we know that was directed from russia in order to create pressure on the u.s economy sunil wrap us up what are your f what are what are your final thoughts and uh what's what's the what's the big takeaway here no i think you know i i think the key thing for everyone to know is look i think we are going into an era of state-sponsored uh not espionage as much as threat vectors that affect every business and so in many ways the chiefs the chief information security officer the chief risk officer in many ways the ceo and the board now have to pay attention to this topic much like they paid attention to mobile 15 years ago as a transformation thing or maybe cloud 10 years ago i think cyber has been one of those it's sort of like the wireless error david like it existed in the 90s but didn't really break around until iphone hit or the world of consumerization really took off right and i think we're at the tip of the spear of that cyber really becoming like the era of mobile for 15 years ago and so i think that's the if there's like a big takeaway i think yes there's lots of solutions the good news is great innovations are coming through companies like cyber reason working with you know proven providers like google and so forth and so there's a lot of like support in the ecosystem but i think if there was one takeaway that was that everybody should just be ready internalized we don't have to be paranoid about it but we anticipate that this is going to be a long game that we'll have to play together well with that uh taking off my journalist hat for a moment and putting on my citizen hat uh it's reassuring to know that we have really smart people working on this uh because when we talk about critical infrastructure control systems and things like that being under threat um that's more significant than simply having your social security number stolen in a in a data breach so um with that uh i'd like to thank you sunil leor thank you so much for joining us on this special cube conversation this is dave nicholson signing off from our continuing coverage of google cloud next 2021 [Music] you

>>Okay, welcome back everyone. To the cubes coverage here, coop con cloud native con 2021 in person. The Cuba's here. I'm John farrier hosted the queue with Dave Nicholson, my cohost and cloud analyst, man. It's great to be back, uh, in person. We also have a hybrid event. We've got two great guests here, the founders of deep fence, sham, Krista Swami, C co-founder and CTO, and said deep line founder. It's great to have you on. This is a super important topic. As cloud native is crossed over. Everyone's talking about it mainstream, blah, blah, blah. But security is driving the agenda. You guys are in the middle of it. Cutting edge approach and news >>Like, like we were talking about John, we had operating at the intersection of the awesome desk, right? Open source security and cloud cloud native, essentially. Absolutely. And today's a super exciting day for us. We're launching something called track pepper, Apache V2, completely open source. Think of it as an x-ray or MRI scan for your cloud scan, you know, visualize this cloud at scale, all of the modalities, essentially, we look at cloud as a continuum. It's not a single modality it's containers. It's communities, it's William to settle we'll list all of them. Co-exist side by side. That's how we look at it and threat map. It essentially allows you to visualize all of this in real time, think of fed map, but as something that you, that, that takes over the Baton from the CIS unit, when the lift shift left gets over, that's when the threat pepper comes into picture. So yeah, super excited. >>It's like really gives that developer and the teams ops teams visibility into kind of health statistics of the cloud. But also, as you said, it's not just software mechanisms. The cloud is evolving, new sources being turned on and off. No one even knows what's going on. Sometimes this is a really hidden problem, right? Yeah, >>Absolutely. The basic problem is, I mean, I would just talk to, you know, a gentleman 70 of this morning is two 70 billion. Plus public cloud spent John two 70 billion plus even 3 billion, 30 billion they're saying right. Uh, projected revenue. And there is not even a single community tool to visualize all the clouds and all the cloud modalities at scale, let's start there. That's what we sort of decided, you know what, let's start with utilizing everything else there. And then look for known badness, which is the vulnerabilities, which still remains the biggest attack vector. >>Sure. Tell us about some of the hood. How does this all work cloud scale? Is it a cloud service managed service it's code? Take us out, take us through product. Absolutely. >>So, so, but before that, right, there's one small point that Sandeep mentioned. And Richard, I'd like to elaborate here, right? He spoke about the whole cloud spending such a large volume, right? If you look at the way people look at applications today, it's not just single clone anymore. It's multicloud multi regions across diverse plants, right? What does the solution to look at what my interests are to this point? That is a missing piece here. And that is what we're trying to tackle. And that is where we are going as open source. Coming back to your question, right? How does this whole thing work? So we have a completely on-prem model, right? Where customers can download the code today, install it. It can bill, we give binary stool and Shockley just as the exciting announcement that came out today, you're going to see somewhat exciting entrepreneurs. That's going to make a lot more easy for folks out there all day. Yeah, that's fine. >>So how does this, how does this all fit into security as a micro service and your, your vision of that? >>Absolutely. Absolutely. You know, I'll tell you, this has to do with the one of the continual conferences I would sort of when I was trying to get an idea, trying to shape the whole vision really? Right. Hey, what about syncretism? Microservice? I would go and ask people. They mentioned that sounds, that makes sense. Everything is becoming a microservice. Really. So what you're saying is you're going to deploy one more microservice, just like I deploy all of my other microservices. And that's going to look after my microservices. That compute back makes logical sense, essentially. That was the Genesis of that terminology. So defense essentially is deployed as a microservice. You go to scale, it's deployed, operated just like you to your microservices. So no code changes, no other tool chain changes. It just is yet another microservice. That's going to look after you talk about >>The, >>So there's one point I would like to add here, which is something very interesting, right? The whole concept of microservice came from, if you remember the memo from Jeff Bezos, that everybody's going to go, Microsoft would be fired. That gave rise to a very conventional unconditionally of thinking about their applications. Our deep friends, we believe that security should be. Now. You should bring the same unconventional way of thinking to security. Your security is all bottom up. No, it has to start popping up. So your applications on microservice, your security should also be a micro. >>So you need a microservice for a microservice security for the security. You're starting to get into a paradigm shift where you starting to see the API economy that bayzos and Amazon philosophy and their approach go Beanstream. So when I got to ask you, because this is a trend we've been watching and reporting on the actual application development processes, changing from the old school, you know, life cycle, software defined life cycle to now you've got machine learning and bots. You have AI. Now you have people are building apps differently. And the speed of which they want to code is high. And then other teams are slowing them down. So I've heard security teams just screw people over a couple of days. Oh my God, I can wait five days. No, it used to be five weeks. Now it's five days. They think that's progress. They want five minutes, the developers in real time. So this is a real deal optimum. >>Well, you know what? Shift left was a good thing. Instill a good thing. It helps you sort of figure out the issues early on in the development life cycle, essentially. Right? And so you started weaving in security early on and it stays with you. The problem is we are hydrating. So frequently you end up with a few hundred vulnerabilities every time you scan oftentimes few thousand and then you go to runtime and you can't really fix all these thousand one. You know? So this is where, so there is a little bit of a gap there. If you're saying, if look at the CIC cycle, the in financial cycle that they show you, right. You've got the far left, which is where you have the SAS tools, snake and all of that. And then you've got the center where, which is where you hand off this to ops. >>And then on the right side, you've got tech ops defense essentially starts in the middle and says, look, I know you've had thousand one abilities. Okay. But at run time, I see only one of those packages is loaded in memory. And only that is getting traffic. You go and fix that one because that's going to heart. You see what I'm saying? So that gap is what we're doing. So you start with the left, we come in in the middle and stay with you throughout, you know, till the whole, uh, she asks me. Yeah, well that >>Th that, that touches on a subject. What are the, what are the changes that we're seeing? What are the new threats that are associated with containerization and kind of coupled with that, look back on traditional security methods and how are our traditional security methods failing us with those new requirements that come out of the microservices and containerized world. And so, >>So having, having been at FireEye, I'll tell you I've worked on their windows products and Juniper, >>And very, very deeply involved in. >>And in fact, you know what I mean, at the company, we even sold a product to Palo Alto. So having been around the space, really, I think it's, it's, it's a, it's a foregone conclusion to say that attackers have become more sophisticated. Of course they have. Yeah. It's not a single attack vector, which gets you down anymore. It's not a script getting somewhere shooting who just sending one malicious HTP request exploiting, no, these are multi-vector multi-stage attacks. They, they evolve over time in space, you know? And then what happens is I could have shot a revolving with time and space, one notable cause of piling up. Right? And on the other side, you've got the infrastructure, which is getting fragmented. What I mean by fragmented is it's not one data center where everything would look and feel and smell similar it's containers and tuberosities and several lessons. All of that stuff is hackable, right? So you've got that big shift happening there. You've got attackers, how do you build visibility? So, in fact, initially we used to, we would go and speak with, uh, DevSecOps practitioner say, Hey, what is the coalition? Is it that you don't have enough scanners to scan? Is it that at runtime? What is the main problem? It's the lack of visibility, lack of observability throughout the life cycle, as well as through outage, it was an issue with allegation. >>And the fact that the attackers know that too, they're exploiting the fact that they can't see they're blind. And it's like, you know what? Trying to land a plane that flew yesterday and you think it's landing tomorrow. It's all like lagging. Right? Exactly. So I got to ask you, because this has comes up a lot, because remember when we're in our 11th season with the cube, and I remember conversations going back to 2010, a cloud's not secure. You know, this is before everyone realized shit, the club's better than on premises if you have it. Right. So a trend is emerged. I want to get your thoughts on this. What percentage of the hacks are because the attackers are lazier than the more sophisticated ones, because you see two buckets I'm going to get, I'm going to work hard to get this, or I'm going to go for the easy low-hanging fruit. Most people have just a setup that's just low hanging fruit for the hackers versus some sort of complex or thought through programmatic cloud system, because now is actually better if you do it. Right. So the more sophisticated the environment, the harder it is for the hackers, AK Bob wire, whatever you wanna call it, what level do we cross over? >>When does it go from the script periods to the, the, >>Katie's kind of like, okay, I want to go get the S3 bucket or whatever. There's like levels of like laziness. Yeah. Okay. I, yeah. Versus I'm really going to orchestrate Spearfish social engineer, the more sophisticated economy driven ones. Yeah. >>I think, you know what, this attackers, the hacks aren't being conducted the way they worked in the 10, five years ago, isn't saying that they been outsourced, there are sophisticated teams for building exploiters. This is the whole industry up there. Even the nation, it's an economy really. Right. So, um, the known badness or the known attacks, I think we have had tools. We have had their own tools, signature based tools, which would know, look for certain payloads and say, this is that I know it. Right. You get the stuff really starts sort of, uh, getting out of control when you have so many sort of different modalities running side by side. So much, so much moving attack surfaces, they will evolve. And you never know that you've scanned enough because you never happened because we just pushed the code. >>Yeah. So we've been covering the iron debt. Kim retired general, Keith Alexander, his company. They have this iron dome concept where there's more collective sharing. Um, how do you see that trend? Because I can almost imagine that the open-source man is going to love what you guys got. You're going to probably feed on it, like it's nobody's business, but then you start thinking, okay, we're going to be open. And you have a platform approach, not so much a tool based approach. So just give me tools. We all know that when does it, we cross over to the Nirvana of like real security sharing. Real-time telemetry data. >>And I want to answer this in two parts. The first part is really a lot of this wisdom is only in the community. It's a tribal knowledge. It's their informal feeds in from get up tickets. And you know, a lot of these things, what we're really doing with threat map, but as we are consolidating that and giving it out as a sort of platform that you can use, I like to go for free. This is the part you will never go to monetize this. And we are certain about disaster. What we are monetizing instead is you have, like I said, the x-ray or MRI scan of the cloud, which tells you what the pain points are. This is feel free. This is public collective good. This is a Patrick reader. This is for free. It's shocking. >>I took this long to get to that point, by the way, in this discussion. >>Yeah, >>This is this timing's perfect. >>Security is collective good. Right? And if you're doing open source, community-based, you know, programs like this is for the collector group. What we do look, this whole other set map is going to be open source. We going to make it a platform and our commercial version, which is called fetch Stryker, which is where we have our core IP, which is basically think about this way, right? If you figured out all the pain points and using tech map, or this was a free, and now you wanted the remedy for that pain feed to target a defense, we targeted quarantining of those statin workloads and all that stuff. And that's what our IP is. What we really do there is we said, look, you figured out the attack surface using tech fabric. Now I'm going to use threat Stryker to protect their attacks and stress >>Free. Not free to, or is that going to be Fort bang? >>Oh, that's for, okay. >>That's awesome. So you bring the goodness to the party, the goods to the party, again, share that collective, see where that goes. And the Stryker on top is how you guys monetize. >>And that's where we do some uniquely normal things. I would want to talk about that. If, if, if, if you know public probably for 30 seconds or so unique things we do in industry, which is basically being able to monitor what comes in, what goes out and what changes across time and space, because look, most of the modern attacks evolve over time and space, right? So you go to be able to see things like this. Here's a party structure, which has a vulnerability threats. Mapper told you that to strike. And what it does is it tells you a bunch of stress has a vulnerable again, know that somebody is sending a Melissa's HTP request, which has a malicious payload. And you know what, tomorrow there's a file system change. And there is outbound connection going to some funny place. That is the part that we're wanting this. >>Yeah. And you give away the tool to identify the threats and sell the hammer. >>That's giving you protection. >>Yeah. Yeah. Awesome. I love you guys love this product. I love how you're doing it. I got to ask you to define what is security as a microservice. >>So security is a microservice is a deployment modality for us. So defense, what defense has is one console. So defense is currently self posted by the customers within the infrastructure going forward. We'll also be launching a SAS version, the cloud version of it. But what happens as part of this deployment is they're running the management console, which is the gooey, and then a tiny sensor, which is collecting telemetric that is deployed as a microservice is what I'm saying. So you've got 10 containers running defenses level of container. That's, that's an eight or the Microsoft risk. And it utilizes, uh, EDP F you know, for tracing and all that stuff. Yeah. >>Awesome. Well, I think this is the beginning of a shift in the industry. You start to see dev ops and cloud native technologies become the operating model, not just dev dev ops are now in play and infrastructure as code, which is the ethos of a cloud generation is security is code. That's true. That's what you guys are doing. Thanks for coming on. Really appreciate it. Absolutely breaking news here in the queue, obviously great stuff. Open source continues to grow and win in the new model. Collaboration is the cube bringing you all the cover day one, the three days. I'm Jennifer, your host with Dave Nicholson. Thanks for watching.

(upbeat music) >> Welcome to theCUBE's coverage of VMworld 2021. I'm Lisa Martin. I've got a CUBE alum with me next. Ajay Patel is here, the SVP and GM of Modern Apps and Management at VMware. Ajay, welcome back to the program, it's great to see you. >> Well thank you for having me. It's always great to be here. >> Glad that you're doing well. I want to dig into your role as SVP and GM with Modern Apps and Management. Talk to me about some of the dynamics of your role and then we'll get into the vision and the strategy that VMware has. >> Makes sense. VMware has created a business group called Modern Apps and Management, with the single mission of helping our customers accelerate their digital transformation through software. And we're finding them leveraging both the edge and the multiple clouds they deploy on. So our mission here is helping, them be the cloud diagnostic manager for application development and management through our portfolio of Tazu and VRealize solutions allowing customers to both build and operate applications at speed across these edge data center and cloud deployments And the big thing we hear is all the day two challenges, right of managing costs, risks, security, performance. That's really the essence of what the business group is about. How do we speed idea to production and allow you to operate at scale. >> When we think of speed, we can't help, but think of the acceleration that we've seen in the last 18 months, businesses transforming digitally to first survive the dynamics of the market. But talk to me about how the, the pandemic has influenced catalyzed VMware's vision here. >> You can see in every industry, this need for speed has really accelerated. What used to be weeks and months of planning and execution has materialized into getting something out in production in days. One of great example I can remember is one of my financial services customer that was responsible for getting all the COVID payments out to the small businesses and being able to get that application from idea to production matter of 10 days, it was just truly impressive to see the teams come together, to come up with the idea, put the software together and getting production so that we could start delivering the financial funds the companies needed, to keep them viable. So great social impact and great results in matter of days. >> And again, that acceleration that we've seen there, there's been a lot of silver linings, I think, but I want to get in next to some of the industry trends that are influencing app modernization. What are you seeing in the customer environment? What are some of those key trends that are driving adoption? >> I mean, this move to cloud is here to stay and most of customers have a cloud first strategy, and we rebranded this from VMware the cloud smart strategy, but it's not just about one particular flavor of cloud. We're putting the best workload on the best cloud. But the reality is when I speak to many of the customers is they're way behind on the bar of digital plats. And it's, that's because the simple idea of, you know, lift and shift or completely rewrite. So there's no one fits all and they're struggling with hardware capability, their the development teams, their IT assets, the applications are modernized across these three things. So we see modernization kind of fall in three categories, infrastructure modernization, the practice of development or devops modernization, and the application transform itself. And we are starting to find out that customers are struggling with all three. Well, they want to leverage the best of cloud. They just don't have the skills or the expertise to do that effectively. >> And how does VMware help address that skills gap. >> Yeah, so the way we've looked at it is we put a lot of effort around education. So on the everyone knows containers and Kubernetes is the future. They're looking to build these modern microservices, architectures and applications. A lot of investment in just kind of putting the effort to help customers learn these new tools, techniques, and create best practices. So theCUBE academy and the effort and the investment putting in just enabling the ecosystem now with the skills and capabilities is one big effort that VMware is putting. But more importantly, on the product side, we're delivering solutions that help customers both build design, deliver and operate these applications on Kubernetes across the cloud of choice. I'm most excited about our announcement around this product. We're just launching called Tanzu application platform. It is what we call an application aware platform. It's about making it easy for developers to take the ideas and get into production. It kind of bridging that gap that exists between development and operations. We hear a lot about dev ops, as you know, how do you bring that to life? How do you make that real? That's what Tanzu application platform is about. >> I'm curious of your customer conversations, how they've changed in the last year or so in terms of, app modernization, things like security being board level conversations, are you noticing that that is rising up the chain that app modernization is now a business critical initiative for our businesses? >> So it's what I'm finding is it's the means. It's not that if you think about the board level conversations about digital transformation you know, I'm a financial services company. I need to provide mobile FinTech. I'm competing with this new age application and you're delivering the same service that they offered digitally now, right. Like from a retail bank. I can't go to the store, the retail branch anymore, right. I need to provide the same capability for payments processing all online through my mobile phone. So it's really the digitalization of the traditional processes that we're finding most exciting. In order to do that, we're finding that no applications are in cloud right. They had to take the existing financial applications and put a mobile frontend to it, or put some new business logic or drive some transformation there. So it's really a transformation around existing application to deliver a business outcome. And we're focusing it through our Tanzu lab services, our capabilities of Tanzu application platform, all the way to the operations and management of getting these products in production or these applications in production. So it's the full life cycle from idea to production is what customers are looking for. They're looking to compress the cycle time as you and I spoke about, through this agility they're looking for. >> Right, definitely a compressed cycle time. Talk to me about some of the other announcements that are being made at VMworld with respect to Tanzu and helping customers on the app modernization front, and that aligned to the vision and mission that you talked about. >> Wonderful, I would say they're kind of, I put them in three buckets. One is what are we doing to help developers get access to the new technology. Back to the skills learning part of it, most excited about Tanzu of community edition and Tanzu mission control starter pack. This is really about getting Kubernetes stood up in your favorite deployment of choice and get started building your application very quickly. We're also announcing Tanzu application platform that I spoke about, we're going to beta 2 for that platform, which makes it really easy for developers to get access to Kubernetes capability. It makes development easy. We're also announcing marketplace enhancements, allowing us to take the best of breed IC solutions and making them available to help you build applications faster. So one set of announcements around building applications, delivering value, getting them down to market very quickly. On the management side, we're really excited about the broad portfolio management we've assembled. We're probably in the customer's a way to build a cloud operating model. And in the cloud operating model, it's about how do I do VMs and containers? How do I provide a consistent management control plane so I can deliver applications on the cloud of my choice? How do I provide intrinsic observability, intrinsic security so I can operate at scale. So this combination of development tooling, platform operations, and day two operations, along with enhancements in our cost management solution with CloudHealth or being able to take our universal capabilities for consumption, driving insight and observity that really makes it a powerful story for customers, either on the build or develop or deploy side of the equation. >> You mentioned a couple of things are interesting. Consistency being key from a management perspective, especially given this accelerated time in which we're living, but also you mentioned security. We've seen so much movement on the security front in the last year and a half with the massive rise in ransomware attacks, ransomware now becoming a household word. Talk to me about the security factor and how you're helping customers from a risk mitigation perspective, because now it's not, if we get attacked, it's when. >> And I think it's really starts with, we have this notion of a secure software supply chain. We think of software as a production factory from idea to production. And if you don't start with known good hard attacks to start with, trying to wire in security after attack is just too difficult. So we started with secure content, curated images content catalogs that customers are setting up as best practices. We started with application accelerators. These are best practice that codifies with the right guard rails in place. And then we automate that supply chain so that you have checks in every process, every step of the way, whether it's in the build process and the deploy process or in runtime production. And you had to do this at the application layer because there is no kind of firewall or edge you can protect the application is highly distributed. So things like application security and API security, another area we announced a new offering at VM world around API security, but everything starts with an API endpoint when you have a security. So security is kind of woven in into the design build, deploy and in the runtime operation. And we're kind of wire this in intrinsically to the platform with best of breed security partners now extending in evolving their solution on top of us. >> What's been some of the customer feedback from some of the new technologies that you announced. I'm curious, I imagine knowing how VMware is very customer centric, customers were essential in the development and iteration of the technologies, but just give me some of the idea on customer feedback of this direction that you're going. >> Yeah, there's a great, exciting example where we're working with the army to create a software factory. you would've never imagined right, The US army being a software digital enterprise, we're partnering with what we call the US army futures command in a joint effort to help them build the first ever software development factory where army personnel are actually becoming true cloud native developers, where you're putting the soldiers to do cloud native development, everything in the terms of practice of building software, but also using the Tanzu portfolio in delivering best-in-class capability. This is going to rival some of the top tech companies in Silicon valley. This is a five-year prototype project in which we're picking cohorts of soldiers, making them software developers and helping them build great capability through both combination of classroom based training, but also strong technical foundation and expertise provided by our lab. So this is an example where, you know, the industry is working with the customer to co-innovate, how we build software, but also driving the expertise of these personnel hierarchs. As a soldier, you know, what you need, what if you could start delivering solutions for rest of your members in a productive way. So very exciting, It's an example where we've leapfrogging and delivering the kind of the Silicon valley type innovation to our standard practice. It's traditionally been a procurement driven model. We're trying to speed that and drive it into a more agile delivery factory concept as well. So one of the most exciting projects that I've run into the last six months. >> The army software factory, I love that my dad was an army medic and combat medic in Vietnam. And I'm sure probably wouldn't have been apt to become a software developer. But tell me a little bit about, it's a very cool project and so essential. Talk to me a little bit about the impetus of the army software factory. How did that come about? >> You know, this came back with strong sponsorship from the top. I had an opportunity to be at the opening of the campus in partnership with the local Austin college. And as General Milley and team spoke about it, they just said the next battleground is going to be a digital backup power hub. It's something we're going to have to put our troops in place and have modernized, not just the army, but modernize the way we deliver it through software. It's it speaks so much to the digital transformation we're talking about right. At the very heart of it is about using software to enable whether it's medics, whether it's supplies, either in a real time intelligence on the battlefield to know what's happening. And we're starting to see user technology is going to drive dramatically hopefully the next war, we don't have to fight it more of a defensive mode, but that capability alone is going to be significant. So it's really exciting to see how technology has become pervasive in all aspects, in every format including the US army. And this partnership is a great example of thought leadership from the army command to deliver software as the innovation factory, for the army itself. >> Right, and for the army to rival Silicon valley tech companies, that's pretty impressive. >> Pretty ambitious right. In partnership with one of the local colleges. So that's also starting to show in terms of how to bring new talent out, that shortage of skills we talked about. It's a critical way to kind of invest in the future in our people, right? As we, as we build out this capability. >> That's excellent that investment in the future and helping fill those skills gaps across industries is so needed. Talk to me about some of the things that you're excited about this year's VMworld is again virtual, but what are some of the things that you think are really fantastic for customers and prospects to learn? >> I think as Raghu said, we're in the third act of VM-ware, but more interestingly, but the third act of where the cloud is, the cloud has matured cloud 2.0 was really about shifting and using a public cloud for the IS capabilities. Cloud 3.0 is about to use the cloud of choice for the best application. We are going to increasingly see this distributed nature of application. I asked most customers, where does your application run? It's hard to answer that, right? It's on your mobile device, it's in your storefront, it's in your data center, it's in a particular cloud. And so an application is a collection of services. So what I'm most excited about is all business capables being published as an API, had an opportunity to be part of a company called Sonos and then Apogee. And we talked about API management years ago. I see increasingly this need for being able to expose a business capability as an API, being able to compose these new applications rapidly, being able to secure them, being able to observe what's going on in production and then adjust and automate, you can scale up scale down or deploy the application where it's most needed in minutes. That's a dynamic future that we see, and we're excited that VM was right at the heart of it. Where that in our cloud agnostic software player, that can help you, whether it's your development challenges, your deployment challenges, or your management challenges, in the future of multi-cloud, that's what I'm most excited about, we're set up to help our customers on this cloud journey, regardless of where they're going and what solution they're looking to build. >> Ajay, what are some of the key business outcomes that the cloud is going to deliver across industries as things progress forward? >> I think we're finding the consistent message I hear from our customers is leverage the power of cloud to transform my business. So it's about business outcomes. It's less about technology. It's what outcomes we're driving. Second it's about speed and agility. How do I respond, adjust kind of dynamic contiuness. How do I innovate continuously? How do I adjust to what the business needs? And third thing we're seeing more and more is I need to be able to management costs and I get some predictability and able to optimize how I run my business. what they're finding with the cloud is the costs are running out of control, they need a way, a better way of knowing the value that they're getting and using the best cloud for the right technology. Whether may be a private cloud in some cases, a public cloud or an edge cloud. So they want to able to going to select and move and have that portability. Being able to make those choices optimization is something they're demanding from us. And so we're most excited about this need to have a flexible infrastructure and a cloud agnostic infrastructure that helps them deliver these kinds of business outcomes. >> You mentioned a couple of customer examples and financial services. You mentioned the army software factory. In terms of looking at where we are in 2021. Are there any industries in particular, maybe essential services that you think are really prime targets for the technologies, the new announcements that you're making at VM world. >> You know, what we are trying to see is this is a broad change that's happening. If you're in retail, you know, you're kind of running a hybrid world of digital and physical. So we're seeing this blending of physical and digital reality coming together. You know, FedEx is a great customer of ours and you see them as spoken as example of it, you know, they're continue to both drive operational change in terms of being delivering the packages to you on time at a lower cost, but on the other side, they're also competing with their primary partners and retailers and in some cases, right, from a distribution perspective for Amazon, with Amazon prime. So in every industry, you're starting to see the lines are blurring between traditional partners and competitors. And in doing so, they're looking for a way to innovate, innovate at speed and leverage technology. So I don't think there is a specific industry that's not being disrupted whether it's FinTech, whether it's retail, whether it's transportation logistics, or healthcare telemedicine, right? The way you do pharmaceutical, how you deliver medicine, it's all changing. It's all being driven by data. And so we see a broad application of our technology, but financial services, healthcare, telco, government tend to be a kind of traditional industries that are with us but I think the reaches are pretty broad. >> Yeah, it is all changing. Everything is becoming more and more data-driven and many businesses are becoming data companies or if they're not, they need to otherwise their competition, as you mentioned, is going to be right in the rear view mirror, ready to take their place. But that's something that we see that isn't being talked about. I don't think enough, as some of the great innovations coming as a result of the situation that we're in. We're seeing big transformations in industries where we're all benefiting. I think we need to get that, that word out there a little bit more so we can start showing more of those silver linings. >> Sure. And I think what's happening here is it's about connecting the people to the services at the end of the day, these applications are means for delivering value. And so how do we connect us as consumers or us employees or us as partners to the business to the operator with both digitally and in a physical way. And we bring that in a seamless experience. So we're seeing more and more experience matters, you know, service quality and delivery matter. It's less about the technologies back again to the outcomes. And so very much focused in building that the platform that our customers can use to leverage the best of the cloud, the best of their people, the best of the innovation they have within the organization. >> You're right. It's all about outcomes. Ajay, thank you for joining me today, talking about some of the new things that the mission of your organization, the vision, some of the new products and technologies that are being announced at VM world, we appreciate your time and hopefully next year we'll see you in person. >> Thank you again and look forward to the next VMWorld in person. >> Likewise for Ajay Patel. You're very welcome for Ajay Patel. I'm Lisa Martin, and you're watching theCUBEs coverage of VMWorld of 2021. (soft music)

(upbeat electronic music) >> Hello, everyone. Welcome to theCUBE's presentation of the AWS Startup Showcase. The Next Big Thing in AI, Security, and Life Sciences. In this segment, we feature Orca Security as a notable trend setter within, of course, the security track. I'm your host, Dave Vellante. And today we're joined by Gil Geron. Who's the co-founder and Chief Product Officer at Orca Security. And we're going to discuss how to eliminate cloud security blind spots. Orca has a really novel approach to cybersecurity problems, without using agents. So welcome Gil to today's sessions. Thanks for coming on. >> Thank you for having me. >> You're very welcome. So Gil, you're a disruptor in security and cloud security specifically and you've created an agentless way of securing cloud assets. You call this side scanning. We're going to get into that and probe that a little bit into the how and the why agentless is the future of cloud security. But I want to start at the beginning. What were the main gaps that you saw in cloud security that spawned Orca Security? >> I think that the main gaps that we saw when we started Orca were pretty similar in nature to gaps that we saw in legacy, infrastructures, in more traditional data centers. But when you look at the cloud when you look at the nature of the cloud the ephemeral nature, the technical possibilities and disruptive way of working with a data center, we saw that the usage of traditional approaches like agents in these environments is lacking, it actually not only working as well as it was in the legacy world, it's also, it's providing less value. And in addition, we saw that the friction between the security team and the IT, the engineering, the DevOps in the cloud is much worse or how does that it was, and we wanted to find a way, we want for them to work together to bridge that gap and to actually allow them to leverage the cloud technology as it was intended to gain superior security than what was possible in the on-prem world. >> Excellent, let's talk a little bit more about agentless. I mean, maybe we could talk a little bit about why agentless is so compelling. I mean, it's kind of obvious it's less intrusive. You've got fewer processes to manage, but how did you create your agentless approach to cloud security? >> Yes, so I think the basis of it all is around our mission and what we try to provide. We want to provide seamless security because we believe it will allow the business to grow faster. It will allow the business to adopt technology faster and to be more dynamic and achieve goals faster. And so we've looked on what are the problems or what are the issues that slow you down? And one of them, of course, is the fact that you need to install agents that they cause performance impact, that they are technically segregated from one another, meaning you need to install multiple agents and they need to somehow not interfere with one another. And we saw this friction causes organization to slow down their move to the cloud or slow down the adoption of technology. In the cloud, it's not only having servers, right? You have containers, you have manage services, you have so many different options and opportunities. And so you need a different approach on how to secure that. And so when we understood that this is the challenge, we decided to attack it in three, using three periods; one, trying to provide complete security and complete coverage with no friction, trying to provide comprehensive security, which is taking an holistic approach, a platform approach and combining the data in order to provide you visibility into all of your security assets, and last but not least of course, is context awareness, meaning being able to understand and find these the 1% that matter in the environment. So you can actually improve your security posture and improve your security overall. And to do so, you had to have a technique that does not involve agents. And so what we've done, we've find a way that utilizes the cloud architecture in order to scan the cloud itself, basically when you integrate Orca, you are able within minutes to understand, to read, and to view all of the risks. We are leveraging a technique that we are calling side scanning that uses the API. So it uses the infrastructure of the cloud itself to read the block storage device of every compute instance and every instance, in the environment, and then we can deduce the actual risk of every asset. >> So that's a clever name, side scanning. Tell us a little bit more about that. Maybe you could double click on, on how it works. You've mentioned it's looking into block storage and leveraging the API is a very, very clever actually quite innovative. But help us understand in more detail how it works and why it's better than traditional tools that we might find in this space. >> Yes, so the way that it works is that by reading the block storage device, we are able to actually deduce what is running on your computer, meaning what kind of waste packages applications are running. And then by con combining the context, meaning understanding that what kind of services you have connected to the internet, what is the attack surface for these services? What will be the business impact? Will there be any access to PII or any access to the crown jewels of the organization? You can not only understand the risks. You can also understand the impact and then understand what should be our focus in terms of security of the environment. Different factories, the fact that we are doing it using the infrastructure itself, we are not installing any agents, we are not running any packet. You do not need to change anything in your architecture or design of how you use the cloud in order to utilize Orca Orca is working in a pure SaaS way. And so it means that there is no impact, not on cost and not on performance of your environment while using Orca. And so it reduces any friction that might happen with other parties of the organization when you enjoy the security or improve your security in the cloud. >> Yeah, and no process management intrusion. Now, I presume Gil that you eat your own cooking, meaning you're using your own product. First of all, is that true? And if so, how has your use of Orca as a chief product officer help you scale Orca as a company? >> So it's a great question. I think that something that we understood early on is that there is a, quite a significant difference between the way you architect your security in cloud and also the way that things reach production, meaning there's a difference, that there's a gap between how you imagined, like in everything in life how you imagine things will be and how they are in real life in production. And so, even though we have amazing customers that are extremely proficient in security and have thought of a lot of ways of how to secure the environment. Ans so, we of course, we are trying to secure environment as much as possible. We are using Orca because we understand that no one is perfect. We are not perfect. We might, the engineers might, my engineers might make mistakes like every organization. And so we are using Orca because we want to have complete coverage. We want to understand if we are doing any mistake. And sometimes the gap between the architecture and the hole in the security or the gap that you have in your security could take years to happen. And you need a tool that will constantly monitor your environment. And so that's why we are using Orca all around from day one not to find bugs or to do QA, we're doing it because we need security to our cloud environment that will provide these values. And so we've also passed the compliance auditing like SOC 2 and ISO using Orca and it expedited and allowed us to do these processes extremely fast because of having all of these guardrails and metrics has. >> Yeah, so, okay. So you recognized that you potentially had and did have that same problem as your customer has been. Has it helped you scale as a company obviously but how has it helped you scale as a company? >> So it helped us scale as a company by increasing the trust, the level of trust customer having Orca. It allowed us to adopt technology faster, meaning we need much less diligence or exploration of how to use technology because we have these guardrails. So we can use the richness of the technology that we have in the cloud without the need to stop, to install agents, to try to re architecture the way that we are using the technology. And we simply use it. We simply use the technology that the cloud offer as it is. And so it allows you a rapid scalability. >> Allows you allows you to move at the speed of cloud. Now, so I'm going to ask you as a co-founder, you got to wear many hats first of a co-founder and the leadership component there. And also the chief product officer, you got to go out, you got to get early customers, but but even more importantly you have to keep those customers retention. So maybe you can describe how customers have been using Orca. Did they, what was their aha moment that you've seen customers react to when you showcase the new product? And then how have you been able to keep them as loyal partners? >> So I think that we are very fortunate, we have a lot of, we are blessed with our customers. Many of our customers are vocal customers about what they like about Orca. And I think that something that comes along a lot of times is that this is a solution they have been waiting for. I can't express how many times I hear that I could go on a call and a customer says, "I must say, I must share. "This is a solution I've been looking for." And I think that in that respect, Orca is creating a new standard of what is expected from a security solution because we are transforming the security all in the company from an inhibitor to an enabler. You can use the technology. You can use new tools. You can use the cloud as it was intended. And so (coughs) we have customers like one of these cases is a customer that they have a lot of data and they're all super scared about using S3 buckets. We call over all of these incidents of these three buckets being breached or people connecting to an s3 bucket and downloading the data. So they had a policy saying, "S3 bucket should not be used. "We do not allow any use of S3 bucket." And obviously you do need to use S3 bucket. It's a powerful technology. And so the engineering team in that customer environment, simply installed a VM, installed an FTP server, and very easy to use password to that FTP server. And obviously two years later, someone also put all of the customer databases on that FTP server, open to the internet, open to everyone. And so I think it was for him and for us as well. It was a hard moment. First of all, he planned that no data will be leaked but actually what happened is way worse. The data was open to the to do to the world in a technology that exists for a very long time. And it's probably being scanned by attackers all the time. But after that, he not only allowed them to use S3 bucket because he knew that now he can monitor. Now, you can understand that they are using the technology as intended, now that they are using it securely. It's not open to everyone it's open in the right way. And there was no PII on that S3 bucket. And so I think the way he described it is that, now when he's coming to a meeting about things that needs to be improved, people are waiting for this meeting because he actually knows more than what they know, what they know about the environment. And I see it really so many times where a simple mistake or something that looks benign when you look at the environment in a holistic way, when you are looking on the context, you understand that there is a huge gap. That should be the breech. And another cool example was a case where a customer allowed an access from a third party service that everyone trusts to the crown jewels of the environment. And he did it in a very traditional way. He allowed a certain IP to be open to that environment. So overall it sounds like the correct way to go. You allow only a specific IP to access the environment but what he failed to to notice is that everyone in the world can register for free for this third-party service and access the environment from this IP. And so, even though it looks like you have access from a trusted service, a trusted third party service, when it's a Saas service, it's actually, it can mean that everyone can use it in order to access the environment and using Orca, you saw immediately the access, you saw immediately the risk. And I see it time after time that people are simply using Orca to monitor, to guardrail, to make sure that the environment stays safe throughout time and to communicate better in the organization to explain the risk in a very easy way. And the, I would say the statistics show that within few weeks, more than 85% of the different alerts and risks are being fixed, and think it comes to show how effective it is and how effective it is in improving your posture, because people are taking action. >> Those are two great examples, and of course they have often said that the shared responsibility model is often misunderstood. And those two examples underscore thinking that, "oh I hear all this, see all this press about S3, but it's up to the customer to secure the endpoint components et cetera. Configure it properly is what I'm saying. So what an unintended consequence, but but Orca plays a role in helping the customer with their portion of that shared responsibility. Obviously AWS is taking care of this. Now, as part of this program we ask a little bit of a challenging question to everybody because look it as a startup, you want to do well you want to grow a company. You want to have your employees, you know grow and help your customers. And that's great and grow revenues, et cetera but we feel like there's more. And so we're going to ask you because the theme here is all about cloud scale. What is your defining contribution to the future of cloud at scale, Gil? >> So I think that cloud is allowed the revolution to the data centers, okay? The way that you are building services, the way that you are allowing technology to be more adaptive, dynamic, ephemeral, accurate, and you see that it is being adopted across all vendors all type of industries across the world. I think that Orca is the first company that allows you to use this technology to secure your infrastructure in a way that was not possible in the on-prem world, meaning that when you're using the cloud technology and you're using technologies like Orca, you're actually gaining superior security that what was possible in the pre cloud world. And I think that, to that respect, Orca is going hand in hand with the evolution and actually revolutionizes the way that you expect to consume security, the way that you expect to get value, from security solutions across the world. >> Thank You for that Gil. And so we're at the end of our time, but we'll give you a chance for final wrap up. Bring us home with your summary, please. >> So I think that Orca is building the cloud security solution that actually works with its innovative aid agentless approach to cyber security to gain complete coverage, comprehensive solution and to gain, to understand the complete context of the 1% that matters in your security challenges across your data centers in the cloud. We are bridging the gap between the security teams, the business needs to grow and to do so in the paste of the cloud, I think the approach of being able to install within minutes, a security solution in getting complete understanding of your risk which is goes hand in hand in the way you expect and adopt cloud technology. >> That's great Gil. Thanks so much for coming on. You guys doing awesome work. Really appreciate you participating in the program. >> Thank you very much. >> And thank you for watching this AWS Startup Showcase. We're covering the next big thing in AI, Security, and Life Science on theCUBE. Keep it right there for more great content. (upbeat music)

>>and hello, we're back. I've got my panel and we are doing things real time here. So sorry for the delay a few minutes late. So the way let's talk about things, the reason we're here and we're going around the room and introduce everybody. Got three special guests here. I got my evil or my john and the normal And we're going to talk about get ops I called it future office just because I want to think about what's the next thing for that at the end, we're gonna talk about what our ideas for what's next for getups, right? Um, because we're all starting to just get into get ups now. But of course a lot of us are always thinking about what's next? What's better? How can we make this thing better? So we're going to take your questions. That's the reason we're here, is to take your questions and answer them. Or at least the best we can for the next hour. And all right, so let's go around the room and introduce yourself. My name is Brett. I am streaming from Brett from that. From Brett. From Virginia Beach in Virginia beach, Virginia, United States. Um, and I talk about things on the internet, I sell courses on you, to me that talk about Docker and kubernetes Ive or introduce yourself. >>How's it going? Everyone, I'm a software engineer at axel Springer, currently based in Berlin and I happen to be Brett Brett's teaching assistant. >>All right, that's right. We're in, we're in our courses together almost every day. Mm john >>hey everyone, my name is john Harris, I used to work at Dhaka um, I now work at VM ware is a star field engineer. Um, so yeah, >>and normal >>awesome by the way, you are streaming from Brett Brett, >>I answered from breath to breath. >>Um I'm normal method. I'm a distinguished engineer with booz allen and I'm also a doctor captain and it's good to see either in person and it's good to see you again john it's been a little while. >>It has the pre covid times, right? You're up here in Seattle. >>Yeah. It feels, it feels like an eternity ago. >>Yeah, john shirt looks red and reminds me of the Austin T shirt. So I was like, yeah, so we all, we all have like this old limited edition doctor on E. >>T. That's a, that's a classic. >>Yeah, I scored that one last year. Sometimes with these old conference church, you have to like go into people's closets. I'm not saying I did that. Um, but you know, you have to go steal stuff, you to find ways to get the swag >>post post covid. If you ever come to my place, I'm going to have to lock the closets. That >>that's right, That's right. >>So the second I think it was the second floor of the doctor HQ in SAn Francisco was where they kept all the T shirts, just boxes and boxes and boxes floor to ceiling. So every time I went to HQ you just you just as many as you can fit in your luggage. I think I have about 10 of these. You >>bring an extra piece of luggage just for your your shirt shirt grab. Um All right, so I'm going to start scanning questions uh so that you don't have to you can you help you all are welcome to do that. And I'm going to start us off with the topic. Um So let's just define the parameters. Like we can talk about anything devops and here we can go down and plenty of rabbit holes. But the kind of, the goal here is to talk about get ups and get ups if you haven't heard about it is essentially uh using versioning systems like get like we've all been getting used to as developers to track your infrastructure changes, not just your code changes and then automate that with a bunch of tooling so that the robots take over. And essentially you have get as a central source of truth and then get log as a central source of history and then there's a bunch of magic little bits in the middle and then supposedly everything is wonderful. It's all automatic. The reality is is what it's often quite messy, quite tricky to get everything working. And uh the edges of this are not perfect. Um so it is a relatively new thing. It's probably three, maybe four years old as an official thing from. We've uh so we're gonna get into it and I'll let's go around the room and the same word we did before and um not to push on that, put you on the spot or anything. But what is, what is one of the things you either like or either hate about getups um that you've enjoyed either using it or you know, whatever for me. I really, I really love that I can point people to a repo that basically is hopefully if they look at the log a tracking, simplistic tracking of what might have changed in that part of the world or the environment. I remember many years past where, you know, I've had executive or some mid level manager wants to see what the changes were or someone outside my team went to see what we just changed. It was okay, they need access to this system into that dashboard and that spreadsheet and then this thing and it was always so complicated and now in a world where if we're using get up orbit bucket or whatever where you can just say, hey go look at that repo if there was three commits today, probably three changes happened. That's I love that particular part about it. Of course it's always more complicated than that. But um Ive or I know you've been getting into this stuff recently. So um any thoughts? Yeah, I think >>my favorite part about get ops is >>reproducibility. Um >>you know the ability to just test something and get it up and running >>and then just tear it down. >>Uh not >>being worried that how did I configure it the first time? I think that's my favorite part about >>it. I'm changing your background as we do this. >>I was going to say, did you just do it get ups pushed to like change his >>background, just a dialogue that different for that green screen equals false? Uh Change the background. Yeah, I mean, um and I mean I think last year was really my first year of actually using it on anything significant, like a real project. Um so I'm still, I still feel like I'm very new to john you anything. >>Yeah, it's weird getups is that thing which kind of crystallizes maybe better than anything else, the grizzled veteran life cycle of emotions with the technology because I think it's easy to get super excited about something new. And when I first looked into get up, so I think this is even before it was probably called getups, we were looking at like how to use guest source of truth, like everything sounds great, right? You're like, wait, get everyone knows, get gets the source of truth, There's a load of robust tooling. This just makes a sense. If everything dies, we can just apply the get again, that would be great. Um and then you go through like the trough of despair, right? We're like, oh no, none of this works. The application is super stateless if this doesn't work and what do we do with secrets and how do we do this? Like how do we get people access in the right place and then you realize everything is terrible again and then everything it equalizes and you're kind of, I think, you know, it sounds great on paper and they were absolutely fantastic things about it, but I think just having that measured approach to it, like it's, you know, I think when you put it best in the beginning where you do a and then there's a magic and then you get C. Right, like it's the magic, which is >>the magic is the mystery, >>right? >>Magic can be good and bad and in text so >>very much so yeah, so um concurrence with with john and ever uh in terms of what I like about it is the potential to apply it to moving security to left and getting closer to a more stable infrastructures code with respect to the whole entire environment. Um And uh and that reconciliation loop, it reminds me of what, what is old is new again? Right? Well, quote unquote old um in terms of like chef and puppet and that the reconciliation loop applied in a in a more uh in a cleaner interface and and into the infrastructure that we're kind of used to already, once you start really digging into kubernetes what I don't like and just this is in concurrence with the other Panelist is it's relatively new. It has um, so it has a learning curve and it's still being, you know, it's a very active um environment and community and that means that things are changing and constantly and there's like new ways and new patterns as people are exploring how to use it. And I think that trough of despair is typically figuring out incrementally what it actually is doing for you and what it's not going to solve for you, right, john, so like that's that trough of despair for a bit and then you realize, okay, this is where it fits potentially in my architecture and like anything, you have to make that trade off and you have to make that decision and accept the trade offs for that. But I think it has a lot of promise for, for compliance and security and all that good stuff. >>Yeah. It's like it's like the potentials, there's still a lot more potential than there is uh reality right now. I think it's like I feel like we're very early days and the idea of especially when you start getting into tooling that doesn't appreciate getups like you're using to get up to and use something else and that tool has no awareness of the concept so it doesn't flow well with all of the things you're trying to do and get um uh things that aren't state based and all that. So this is going to lead me to our first question from Camden asking dumb questions by the way. No dumb questions here. Um How is get apps? Not just another name for C. D. Anybody want to take that as an answer as a question. How is get up is not just another name for C. D. I have things but we can talk about it. I >>feel like we need victor foster kids. Yeah, sure you would have opinions. Yeah, >>I think it's a very yeah. One person replied said it's a very specific it's an opinionated version of cd. That's a great that's a great answer like that. Yeah. >>It's like an implement. Its it's an implementation of deployment if you want it if you want to use it for that. All right. I realize now it's kind of hard in terms of a physical panel and a virtual panel to figure out who on the panel is gonna, you know, ready to jump in to answer a question. But I'll take it. So um I'll um I'll do my best inner victor and say, you know, it's it's an implementation of C. D. And it's it's a choice right? It's one can just still do docker build and darker pushes and doctor pulls and that's fine. Or use other technologies to deploy containers and pods and change your, your kubernetes infrastructure. But get apps is a different implementation, a different method of doing that same thing at the end of the day. Yeah, >>I like it. I like >>it and I think that goes back to your point about, you know, it's kind of early days still, I think to me what I like about getups in that respect is it's nice to see kubernetes become a platform where people are experimenting with different ways of doing things, right? And so I think that encourages like lots of different patterns and overall that's going to be a good thing for the community because then more, you know, and not everything needs to settle in terms of only one way of doing things, but a lot of different ways of doing things helps people fit, you know, the tooling to their needs, or helps fit kubernetes to their needs, etcetera. Yeah, >>um I agree with that, the, so I'm gonna, since we're getting a load of good questions, so um one of the, one of the, one of the, I want to add to that real quick that one of the uh from the, we've people themselves, because I've had some on the show and one of things that I look at it is distinguishing is with continuous deployment tools, I sort of think that it's almost like previous generation and uh continuous deployment tools can be anything like we would consider Jenkins cd, right, if you if you had an association to a server and do a doctor pull and you know, dr up or dr composed up rather, or if it did a cube control apply uh from you know inside an ssh tunnel or something like that was considered considered C. D. Well get ops is much more rigid I think in terms of um you you need to apply, you have a specific repo that's all about your deployments and because of what tool you're using and that one your commit to a specific repo or in a specific branch that repo depends on how you're setting it up. That is what kicks off a workflow. And then secondly there's an understanding of state. So a lot of these tools now I have uh reconciliation where they they look at the cluster and if things are changing they will actually go back and to get and the robots will take over and will commit that. Hey this thing has changed um and you maybe you human didn't change it, something else might have changed it. So I think that's where getups is approaching it, is that ah we we need to we need to consider more than just a couple of commands that be runnin in a script. Like there needs to be more than that for a getups repo to happen anyway, that's just kind of the the take back to take away I took from a previous conversation with some people um >>we've I don't think that lost, its the last piece is really important, right? I think like for me, C d like Ci cd, they're more philosophical ideas, write a set of principles, right? Like getting an idea or a code change to environments promoting it. It's very kind of pipeline driven um and it's very imperative driven, right? Like our existing CD tools are a lot of the ways that people think about Cd, it would be triggered by an event, maybe a code push and then these other things are happening in sequence until they either fail or pass, right? And then we're done. Getups is very much sitting on the, you know, the reconciliation side, it's changing to a pull based model of reconciliation, right? Like it's very declarative, it's just looking at the state and it's automatically pulling changes when they happen, rather than this imperative trigger driven model. That's not to say that there aren't city tools which we're doing pull based or you can do pull based or get ups is doing anything creatively revolutionary here, but I think that's one of the main things that the ideas that are being introduced into those, like existing C kind of tools and pipelines, um certainly the pull based model and the reconciliation model, which, you know, has a lot in common with kubernetes and how those kind of controllers work, but I think that's the key idea. Yeah. >>Um This is a pretty specific one Tory asks, does anyone have opinions about get ops in a mono repo this is like this is getting into religion a little bit. How many repos are too many repose? How um any thoughts on that? Anyone before I rant, >>go >>for it, go for it? >>Yeah. How I'm using it right now in a monitor repo uh So I'm using GIT hub. Right, so you have what? The workflow and then inside a workflow? Yeah, mo file, I'll >>track the >>actual changes to the workflow itself, as well as a folder, which is basically some sort of service in Amman Arepa, so if any of those things changes, it'll trigger the actual pipeline to run. So that's like the simplest thing that I could figure out how to, you know, get it set up using um get hubs, uh workflow path future. Yeah. And it's worked for me for writing, you know? That's Yeah. >>Yeah, the a lot of these things too, like the mono repo discussion will, it's very tool specific. Each tool has various levels of support for branch branching and different repos and subdirectories are are looking at the defense and to see if there's changes in that specific directory. Yeah. Sorry, um john you're going to say something, >>I was just going to say, I've never really done it, but I imagine the same kind of downsides of mono repo to multiple report would exist there. I mean, you've got the blast radius issues, you've got, you know, how big is the mono repo? Do we have to pull does the tool have to pull that or cashier every time it needs to determine def so what is the support for being able to just look at directories versus you know, I think we can get way down into a deeper conversation. Maybe we'll save it for later on in the conversation about what we're doing. Get up, how do we structure our get reposed? We have super granular repo per environment, Perper out reaper, per cluster repo per whatever or do we have directories per environment or branches per environment? How how is everything organized? I think it's you know, it's going to be one of those, there's never one size fits all. I'll give the class of consultant like it depends answer. Right? >>Yeah, for sure. It's very similar to the code struggle because it depends. >>Right? >>Uh Yeah, it's similar to the to the code problem of teams trying to figure out how many repose for their code. Should they micro service, should they? Semi micro service, macro service. Like I mean, you know because too many repose means you're doing a bunch of repo management, a bunch of changes on your local system, you're constantly get pulling all these different things and uh but if you have one big repo then it's it's a it's a huge monolithic thing that you usually have to deal with. Path based issues of tools that only need to look at a specific directory and um yeah, it's a it's a culture, I feel like yeah, like I keep going back to this, it's a culture thing. Does your what is your team prefer? What do you like? What um what's painful for everyone and who's what's the loudest pain that you need to deal with? Is it is it repo management? That's the pain um or is it uh you know, is that that everyone's in one place and it's really hard to keep too many cooks out of the kitchen, which is a mono repo problem, you know? Um How do we handle security? So this is a great one from Tory again. Another great question back to back. And that's the first time we've done that um security as it pertains to get up to anyone who can commit can change the infrastructure. Yes. >>Yes. So the tooling that you have for your GIT repo and the authentication, authorization and permissions that you apply to the GIT repo using a get server like GIT hub or get lab or whatever your flavor of the day is is going to be how security is handled with respect to changes in your get ups configuration repository. So um that is completely specific to your implementation of that or ones implementation of of how they're handling that. Get repositories that the get ups tooling is looking at. To reconcile changes with respect to the permissions of the for lack of better term robot itself. Right? They get up tooling like flux or Argosy. D Um one kid would would create a user or a service account or uh other kind of authentication measures to limit the permissions for that service account that the Gaddafi's tooling needs to be able to read the repose and and send commits etcetera. So that is well within the realm of what you have already for your for your get your get um repo. Yeah. >>Yeah. A related question is from a g what they like about get apps if done nicely for a newbie it's you can get stuff done easily if you what they dislike about it is when you have too many get repose it becomes just too complicated and I agree. Um was making a joke with a team the other week that you know the developer used to just make one commit and they would pass pass it on to a QA team that would then eventually emerging in the master. But they made the commits to these feature branches or whatever. But now they make a commit, they make a pR there for their code then they go make a PR in the helm chart to update the thing to do that and then they go make a PR in the get ups repeal for Argo. And so we talked about that they're probably like four or five P. R. Is just to get their code in the production. But we were talking about the negative of that but the reality was It's just five or 4 or five prs like it wasn't five different systems that had five different methodologies and tooling and that. So I looked at it I was like well yeah that's kind of a pain in the get sense but you're also dealing with one type. It's a repetitive action but it's it's the one thing I don't have to go to five different systems with five different ways of doing it. And once in the web and one's on the client wants a command line that I don't remember. Um Yeah so it's got pros and cons I think when you >>I think when you get to the scale where those kind of issues are a problem then you're probably at the scale where you can afford to invest some time into automation into that. Right? Like what I've when I've seen this in larger customers or larger organizations if there ever at that stage where okay apps are coming up all the time. You know, there's a 10 X 100 X developer to operations folks who may be creating get repose setting up permissions then that stuff gets automated, right? Like, you know, maybe ticket based systems or whatever. Developers say I need a new app. It templates things or more often using the same model, right of reconciliation and operators and the horrific abuse of cogs that we're seeing in the communities community right now. Um You know, developers can create a crd which just says, hey, I'm creating a new app is called app A and then a controller will pick up that app a definition. It will go create a get a repo Programmatically it will add the right definitely will look up and held up the developers and the permissions that need to be able to get to that repo it will create and template automatically some name space and the clusters that it needs in the environments that it needs, depending on, you know, some metadata it might read. So I think, you know, those are definite problems and they're definitely like a teething, growing pain thing. But once you get to that scale, you kind of need to step back and say, well look, we just need to invest in time into the operational aspect of this and automating this pain away, I think. Yeah, >>yeah. And that ultimately ends in Yeah. Custom tooling, which it's hard to avoid it at scale. I mean, there's there's two, there's almost two conversations here, right. There is what I call the Solo admin Solo devops, I bought that domain Solo devops dot com because, you know, whenever I'm talking to dr khan in the real world, it's like I asked people to raise hands, I don't know how we can raise hands here, but I would ask people to raise hands and see how many of you here are. The sole person responsible for deploying the app that your team makes and like a quarter of the room would raise their hand. So I call that solo devops like those, that person can't make all the custom tooling in the world. So they really need dr like solutions where it's opinionated, the workflow is sort of built in and they don't have to wrangle things together with a bunch of glue, you know, in other words bash. Um and so this kind of comes to a conversation uh starting this question from lee he's asking how do you combine get ops with ci cd, especially the continuous bit. How do you avoid having a human uh sort of the complaint the team I was working with has, how do you avoid a human editing and get committing for every single deploy? They've settled on customized templates and a script for routine updates. So as a seed for this conference, this question I'm gonna ask you all uh instead of that specific question cause it's a little open ended. Um Tell me whether you agree with this. I I kind of look at the image, the image artifact because the doctor image or container image in general is an artifact that I I view it that way and that thing going into the registry with the right label or right part of the label. Um That tag rather not the label but the tag that to me is like one of the great demarche points of, we're kind of done with Ci and we're now into the deployment phase and it doesn't necessarily mean the tooling is a clear cut there, but that artifact being shipped in a specific way or promoted as we sometimes say. Um what do you think? Does anyone have opinions on that? I don't even know if that's the right opinion to have so mhm. >>So um I think what you're, what you're getting at is that get ups, models can trigger off of different events um to trigger the reconciliation loop. And one way to do that is if the image, if it notices a image change in the registry, the other is if there's a commit event on a specific rebo and branch and it's up to, you are up to the person that's implementing their get ups model, what event to trigger there, that reconciliation loop off of, You can do both, you can do one or the other. It also depends on the Templeton engine that you're using on top of um on top of kubernetes, such as helm or um you know, the other ones that are out there or if you're not even doing that, then, you know straight. Yeah, mo um so it kind of just depends, but those are the typically the two options one has and a combination of of those to trigger that event. You can also just trigger it manually, right? You can go into the command line and force a a, you know, a really like a scan or a new reconciliation loop to occur. So it kind of just, I don't want to say this, but it depends on what you're trying to do and what makes sense in your pipeline. Right? So if you're if you're set up where you are tag, if you're doing it based off of image tags, then you probably want to use get ups in a way that you're using the image tags. Right. And the pattern that you've established there, if you're not really doing that and you're more around, like, different branches are mapped to different environments, then triggered off of the correct branch. And that's where the permissions also come into play. Where if you don't want someone to touch production and you've got your getups for your production cluster based off of like uh you know, a main branch, then whoever can push a change to that main branch has the authority to push that change to production. Right? So that's your authentication and permissions um system same for the registry itself. Right. So >>Yeah. Yeah. Sorry, anyone else have any thoughts on that? I was about to go to the next topic, >>I was going to say. I think certain tools dictate the approach, like, if you're using Argosy d it's I think I'm correct me if I'm wrong, but I think the only way to use it right now is just through image modification. Like, the manifest changes, it looks at a specific directory and anything changes then it will do its thing. And uh Synchronize the cost there with whatever's and get >>Yeah, flux has both. Yeah, and flux has both. So it it kind of depends. I think you can make our go do that too, but uh this is back to what we were saying in the beginning, uh you know, these things are changing, right? So that might be what it is right now in terms of triggering the reconciliation loops and get ups, tooling, but there might be other events in the future that might trigger it, and it's not completely stand alone because you still need you're tooling to do any kind of testing or whatever you have in terms of like the specific pipeline. So oftentimes you're bolting in getups into some other part of broader Cfd solution. That makes sense. Yeah, >>we've got a lot of questions about secrets or people that are asking about secrets. >>So my my tongue and cheek answered the secrets question was, what's the best practices for kubernetes? Secrets? That's the same thing for secrets with good apps? Uh getups is not last time I checked and last time I was running this stuff get ups is not has nothing to do with secrets in that sense. It's just there to get your stuff running on communities. So, um there's probably a really good session on secrets at dr concept. I >>would agree with you, I agree with you. Yeah, I mean, get off stools, I mean every every project of mine handles secrets differently. Uh huh. And I think I'm not sure if it was even when I was talking to but talking to someone recently that I'm very bullish on get up actions, I love get up actions, it's not great for deployments yet, but we do have this new thing and get hub environments, I think it's called. So it allows me at least the store secrets per environment, which it didn't have the concept of that before, which you know, if you if any of you running kubernetes out there, you typically end up when you start running kubernetes, you end up with more than one kubernetes, like you're going to end up with a lot of clusters at some point, at least many multiple, more than two. Um and so if you're trying to store secret somewhere, you do have and there's a discussion happening in chat right now where people are talking about um sealed secrets which if you haven't heard of that, go look that up and just be versed on what sealed secrets is because it's a it's a fantastic concept for how to store secrets in the public. Um I love it because I'm a big P. K. I nerd but um it's not the only way and it doesn't fit all models. So I have clients that use A W. S. Secrets because they're in A W. S. And then they just have to use the kubernetes external secret. But again like like like normal sand, you know, it's that doesn't really affect get ops, get ops is just applying whatever helm charts or jahmal or images that you're, you're you're deploying, get off. It was more about the approach of when the changes happen and whether it's a push or pull model like we're talking about and you know, >>I would say there's a bunch of prerequisites to get ups secrets being one of them because the risk of you putting a secret into your git repo if you haven't figured out your community secrets architecture and start diving into getups is high and removing secrets from get repose is you know, could be its own industry, right. It's >>a thing, >>how do >>I hide this? How do I obscure this commit that's already now on a dozen machines. >>So there are some prerequisites in terms of when you're ready to adopt get up. So I think is the right way of saying the answer to that secrets being one of them. >>I think the secrets was the thing that made me, you know, like two or three years ago made me kind of see the ah ha moment when it came to get ups which, which was that the premier thing that everyone used to say about get up about why it was great. Was its the single source of truth. There's no state anywhere else. You just need to look at git. Um and then secrets may be realized along with a bunch of other things down the line that is not true and will never be true. So as soon as you can lose the dogmatism about everything is going to be and get it's fantastic. As long as you've understood everything is not going to get. There are things which will absolutely never be and get some tools just don't deal with that. They need to earn their own state, especially in communities, some controls on their own state. You know, cuz sealed secrets and and other projects like SOps and I think there are two or three others. That's a great way of dealing with secrets if you want to keep them in get. But you know, projects like vault more kind of like what I would say, production grade secret strategies. Right? And if you're in AWS or a cloud, you're more likely to be using their secrets. Your secret policy is maybe not dictated by you in large organizations might be dictated by CSO or security or Great. Like I think once if you, if you're trying to adopt getups or you're thinking about it, get the dogmatism of get as a single point of truth out of your mind and think about getups more as a philosophy and a set of best practice principles, then you will be in much better stead, >>right? Yeah. >>People are asking more questions in chat like infrastructure as code plus C d essentially get ups or C I rather, um, these are all great questions and a part of the debate, I'm actually just going to throw up on screen. I'm gonna put this in chat, but this is, this is to me the source, Right? So we worked with when they coined the term. We, a lot of us have been trying to get, if we talk about the history for a minute and then tell me if I'm getting this right. Um, a lot of us were trying to automate all these different parts of the puzzle, but a lot of them, they, some things might have been infrastructure as code. Some things weren't, some things were sort of like settings is coded, like you're going to Jenkins and type in secrets and settings or type in a certain thing in the settings of Jenkins and then that it wasn't really in get and so what we was trying to go for was a way to have almost like eventually a two way state understanding where get might change your infrastructure but then your infrastructure might also change and needs to be reflected in the get if the get is trying to be the single source of truth. Um and like you're saying the reality is that you're never gonna have one repo that has all of your infrastructure in it, like you would have to have, you have to have all your terra form, anything else you're spinning up. Right. Um but anyway, I'm gonna put this link in chat. So this guide actually, uh one of things they talk about is what it's not, so it's, it's kind of great to read through the different requirements and like what I was saying well ago um mhm. Having having ci having infrastructure as code and then trying a little bit of continuous deployment out, it's probably a prerequisite. Forget ops so it's hard to just jump into that when you don't already have infrastructure as code because a machine doing stuff on your behalf, it means that you have to have things documented and somewhere and get repo but let me put this in the in the >>chitty chat, I would like to know if the other panelists agree, but I think get apps is a okay. I would say it's a moderate level, it's not a beginner level communities thing, it's like a moderate level advanced, a little bit more advanced level. Um One can start off using it but you definitely have to have some pre recs in place or some understanding of like a pattern in place. Um So what do the other folks think about that opinion? >>I think if you're if you're trying to use get out before, you know what problem you have, you're probably gonna be in trouble. Right. It's like having a solution to it probably don't have yet. Mhm. Right. I mean if if you're just evil or and you're just typing, keep control apply, you're one person right, Get off. It doesn't seem like a big a big jump, like, I mean it doesn't like why would I do that? I'm just, I'm just gonna inside, it's the type of get commit right, I'm typing Q control apply. But I think one of the rules from we've is none of your developers and none of your admins can have cute control access to the cluster because if you can't, if you do have access and you can just apply something, then that's just infrastructure as code. That's just continuous deployment, that's, that's not really get ops um, getups implies that the only way things get into the cluster is through the get up, get automation that you're using with, you know, flux Argo, we haven't talked about, what's the other one that Victor Farsi talks about, by the way people are asking about victor, because victor would love to talk about this stuff, but he's in my next life, so come back in an hour and a half or whatever and victor is going to be talking about sys, admin list with me. Um >>you gotta ask him nothing but get up questions in the next, >>confuse them, confuse them. But anyway, that, that, that's um, it's hard, it's hard to understand and without having tried it, I think conceptually it's a little challenging >>one thing with getups, especially based off the we've works blog post that you just put up on there. It's an opinionated way of doing something. Uh you know, it's an opinionated way of of delivering changes to an environment to your kubernetes environment. So it's opinionated were often not used to seeing things that are very opinionated in this sense, in the in the ecosystem, but get apps is a opinionated thing. It's it's one way of doing it. Um there are ways to change it and like there are options um like what we were talking about in terms of the events that trigger, but the way that it's structured is an opinion opinionated way both from like a tooling perspective, like using get etcetera, but also from a devops cultural perspective, right? Like you were talking about not having anyone access cube control and changing the cluster directly. That's a philosophical opinion that get ups forces you to adopt otherwise. It kind of breaks the model and um I just I want everyone to just understand that. That is very opinion, anything in that sense. Yeah, >>polygamy is another thing. Infrastructure as code. Um someone's mentioning plummy and chat, I just had actually my life show self plug bread that live go there. I'm on Youtube every week. I did the same thing. These these are my friends um and had palami on two weeks ago uh last week, remember uh and it was in the last couple of weeks and we talked about their infrastructure as code solution. Were actually writing code instead of um oh that's an interesting take on uh developer team sort of owning coding the infrastructure through code rather than Yamil as a data language. I don't really have an opinion on it yet because I haven't used it in production or anything in the real real world, but um, I'm not sure how much they are applying trying to go towards the get up stuff. I will do a plug for Solomon hikes. Who has a, the beginning of the day, it's already happened so you can go back and watch it. It's a, it's a, what's it called? Q. Rethinking application delivery with Q. And build kit. So go look this up. This is the found co founder of Dr and former CTO Solomon hikes at the beginning of the day. He has a tool called dagger. I'm not sure why the title of the talk is delivering with Q. And built it, but the tool is showing off in there for an hour is called dagger. And it's, it's an interesting idea on how to apply a lot of this opinionated automated stuff to uh, to deployment and it's get off space and you use Q language. It's a graph language. I watched most of it and it was a really interesting take. I'm excited to see if that takes off and if they try that because it's another way that you can get a little bit more advanced with your you're get deployments and without having to just stick everything in Yemen, which is kind of what we're in today with helm charts and what not. All right. More questions about secrets, I think. I think we're not going to have a whole lot of more, a lot more about secrets basically. Uh put secrets in your cluster to start with and kubernetes in encrypted, you know, thing. And then, you know, as it gets harder, then you have to find another solution when you have five clusters, you don't wanna have to do it five times. That's when you have to go for Walton A W. S secrets and all >>that. Right? I'm gonna post it note. Yeah. Crm into the cluster. Just kidding. >>Yes, there are recordings of this. Yes, they will be later. Uh, because we're that these are all gonna be on youtube later. Um, yeah, detects secrets cushion saying detect secrets or get Guardian are absolute requirements. I think it's in reference to your secrets comment earlier. Um, Camels asking about Cuban is dropping support for Docker that this is not the place to ask for that, but it, it is uh, basically it's a Nonevent Marantz has actually just created that same plug in available in a different repos. So if you want to keep using Docker and kubernetes, you know, you can do it like it's no big deal. Most of us aren't using doctor in our communities anyway, so we're using like container D or whatever is provided to us by our provider. Um yeah, thank you so much for all these comments. These are great people helping each other and chat. I feel like we're just here to make sure the chats available so people can help each other. >>I feel like I want to pick up on something when you mentioned pollux me, I think there's a um we're talking about getups but I think in the original like the origination of that I guess was deploying applications to clusters right, picking up deployment manifest. But I think with the gloomy and I obviously terra form and things have been around a long time, folks are starting to apply this I think I found one earlier which was like um kub stack the Terror Forms get ups framework. Um but also with the advent of things like cluster A. P. I. Um in the Cuban at the space where you can declare actively build the infrastructure for your clusters and build the cluster right? We're not just talking about deploying applications, the cluster A. P. I will talk to a W. S. Spin up, VPc spin up machines, you know, we'll do the same kind of things that terra form does and and those other tools do I think applying getups principles to the infrastructure spin up right, the proper infrastructure as code stuff, constantly applying Terror form um you know, plans and whatever, constantly applying cluster Api resources spinning up stuff in those clouds. That's a super interesting. Um you know, extension of this area, I'd be curious to see if what the folks think about that. >>Yeah, that's why I picked this topic is one of my three. Uh I got I got to pick the topics. I was like the three things that there like the most bleeding edge exciting. Most people haven't, we haven't basically we haven't figured all this out yet. We as an industry, so um it's I think we're gonna see more ideas on it. Um what's the one with the popsicle as the as the icon victor talks about all the time? It's not it's another getups like tool, but it's um it's getups for you use this kubernetes limit and then we have to look it up, >>You're talking about cross plane. >>So >>my >>wife is over here with the sound effects and the first sound effect of the day that she chooses to use is one. >>All right, can we pick it? Let's let's find another question bret >>I'm searching >>so many of them. All right, so uh I think one really quick one is getups only for kubernetes, I think the main to tooling to tools that we're talking about, our Argosy D and flux and they're mostly geared toward kubernetes deployments but there's a, it seems like they're organized in a way that there's a clean abstraction in with respect to the agent that's doing the deployment and the tooling that that can interact with. So I would imagine that in the future and this might be true already right now that get ups could be applied to other types of deployments at some point in the future. But right now it's mostly focused and treats kubernetes as a first class citizen or the tooling on top of kubernetes, let's say something like how as a first class citizen? Yeah, to Brett, >>to me the field, back to you bret the thing I was looking for is cross plane. So that's another tool. Um Victor has been uh sharing a lot about it in Youtube cross plane and that is basically runs inside a kubernetes, but it handles your other infrastructure besides your app. It allows you to like get ops, you're a W. S stuff by using the kubernetes state engine as a, as a way to manage that. And I have not used it yet, but he does some really great demos on Youtube. So people are liking this idea of get off, so they're trying to figure out how do we, how do we manage state? How do we uh because the probably terra form is that, well, there's many problems, but it's always a lot of problems, but in the get outs world it's not quite the right fit yet, It might be, but you still, it's still largely as expected for people to, you know, like type the command, um, and it keeps state locally the ss, clouds and all that. And but the other thing is I'm I'm now realizing that when I saw the demo from Solomon, I'm going back to the Solomon hikes thing. He was using the demo and he was showing it apply deploying something on S three buckets, employing internet wifi and deploying it on google other things beyond kubernetes and saying that it's all getups approach. So I think we're just at the very beginning of seeing because it all started with kubernetes and now there's a swarm one, you can look up swarm, get office and there's a swarm, I can't take the name of it. Swarm sink I think is what's called swarm sink on git hub, which allows you to do swarm based getups like things. And now we're seeing these other tools coming out. They're saying we're going to try to do the get ups concepts, but not for kubernetes specifically and that's I think, you know, infrastructure as code started with certain areas of the world and then now then now we all just assume that you're going to have an infrastructure as code way of doing whatever that is and I think get off is going to have that same approach where pretty soon, you know, we'll have get apps for all the clouds stuff and it won't just be flexor Argo. And then that's the weird thing is will flex and Argo support all those things or will it just be focused on kubernetes apps? You know, community stuff? >>There's also, I think this is what you're alluding to. There is a trend of using um kubernetes and see rDS to provision and control things that are outside of communities like the cloud service providers services as if they were first class entities within kubernetes so that you can use the kubernetes um focus tooling for things that are not communities through the kubernetes interface communities. Yeah, >>yeah, even criticism. >>Yeah, yeah, I'm just going to say that sounds like cross plane. >>Yeah, yeah, I mean, I think that's that's uh there were, you know, for the last couple of years, it's been flux and are going back and forth. Um they're like frenemies, you know, and they've been going back and forth with iterating on these ideas of how do we manage this complicated thing? That is many kubernetes clusters? Um because like Argo, I don't know if the flux V two can do this, but Argo can manage multiple clusters now from one cluster, so your, you can manage other clusters, technically external things from a single entity. Um Originally flux couldn't do that, but I'm going to say that V two can, I don't actually >>know. Um I think all that is gonna, I think that's going to consolidate in the future. All right. In terms of like the common feature set, what Iver and john what do you think? >>I mean, I think it's already begun, right, I think haven't, didn't they collaborate on a common engine? I don't know whether it's finished yet, but I think they're working towards a common getups engine and then they're just going to layer on features on top. But I think, I mean, I think that's interesting, right, because where it runs and where it interacts with, if we're talking about a pull based model, it shouldn't, it's decentralized to a certain extent, right? We need get and we need the agent which is pulling if we're saying there's something else which is orchestrating something that we start to like fuzzy the model even right. Like is this state living somewhere else, then I think that's just interesting as well. I thought flux was completely decentralized, but I know you install our go somewhere like the cargo has a server as well, but it's been a while since I've looked in depth at them. But I think the, you know, does that muddy the agent only pull model? >>I'm reading a >>Yeah, I would say that there's like a process of natural selection going on as as the C. N. C. F. Landscape evolves and grows bigger and a lot of divide and conquer right now. But I think as certain things kind of get more prominent >>and popular, I think >>it starts to trend and it inspires other things and then it starts to aggregate and you know, kind of get back into like a unified kind of like core. Maybe like for instance, cross plane, I feel like it shouldn't even really exist. It should be, it like it's a communities add on, but it should be built in, it should be built into kubernetes, like why doesn't this exist already >>for like controlling a cloud? >>Yeah, like just, you know, having this interface with the cloud provider and be able to Yeah, >>exactly. Yeah, and it kinda, you're right. That kinda happens because you do, I mean when you start talking about storage providers and networking providers was very specific implementations of operators or just individual controllers that do operate and control other resources in the cloud, but certainly not universally right. Not every feature of AWS is available to kubernetes out of the box. Um and you know, it, one of the challenges across plane is you gotta have kubernetes before you can deploy kubernetes. Like there's a chicken and egg issue there where if you're going to use, if you're going to use our cross plane for your other infrastructure, but it's gotta, but it has to run on kubernetes who creates that first kubernetes in order for you to put that on there. And victor talks about one of his videos, the same problem with flux and Argo where like Argo, you can't deploy Argo itself with getups. There has to be that initial, I did a thing with, I'm a human and I typed in some commands on a server and things happened but they don't really have an easy deployment method for getting our go up and running using simply nothing but a get push to an existing system. There's something like that. So it's a it's an interesting problem of day one infrastructure which is again only day one, I think data is way more interesting and hard, but um how can we spend these things up if they're all depending on each other and who is the first one to get started? >>I mean it's true of everything though, I mean at the end of that you need some kind of big bang kind of function too, you know, I started running start everything I >>think without going over that, sorry, without going off on a tangent. I was, I was gonna say there's a, if folks have heard of kind which is kubernetes and Docker, which is a mini kubernetes cluster, you can run in a Docker container or each container will run as a as a node. Um you know, that's been a really good way to spin up things like clusters. KPI because they boot strap a local kind, install the manifests, it will go and spin up a fully sized cluster, it will transfer its resources over there and then it will die itself. Right? So that, that's kind of bootstrapping itself. And I think a couple of folks in the community, Jason to Tiberius, I think he works for Quinyx metal um has, has experimented with like an even more minimal just Api server, so we're really just leveraging the kubernetes ideas of like a reconciliation loop and a controller. We just need something to bootstrap with those C R D s and get something going and then go away again. So I think that's gonna be a pattern that comes up kind of more and more >>Yeah, for sure. Um, and uh, the next, next quick answer to the question, Angel asked what your thoughts on getups being a niche to get or versus others vcs tools? Well, if I knew anyone who is using anything other than get, I would say no, you know, get ops is a horrible name. It should just be CVS office, but that doesn't or vcs ops or whatever like that, but that doesn't roll off the tongue. So someone had to come up with the get ups phrase. Um but absolutely, it's all about version control solutions used for infrastructure, not code. Um might get doctor asks a great question, we're not gonna have time for it, but maybe people can reply and chat with what they think but about infrastructure and code, the lines being blurred and that do develop, how much of infrastructure does developer do developers need to know? Essentially, they're having to know all the things. Um so unfortunately we've had way more questions like every panel here today with all the great community, we've got way more questions we can handle in this time. So we're gonna have to wrap it up and say goodbye. Go to the next live panel. I believe the next one is um on developer, developer specific setups that's gonna be peter running that panel. Something about development in containers and I'm sure it's gonna be great. Just like this one. So let's go around the room where can people find you on the internet? I'm at Brett fisher on twitter. That's where you can usually find me most days you are? >>Yeah, I'm on twitter to um, I'll put it in the chat. It's kind of confusing because the TSR seven. >>Okay. Yeah, that's right. You can't just say it. You can also look at the blow of the video and like our faces are there and if you click on them, it tells you our twitter in Arlington and stuff, john >>John Harris 85, pretty much everywhere. Get hub Twitter slack, etc. >>Yeah >>and normal, normal faults or just, you know, living on Youtube live with Brett. >>Yeah, we're all on the twitter so go check us out there and thank you so much for joining. Uh thank you so much to you all for being here. I really appreciate you taking time in your busy schedule to join me for a little chit chat. Um Yes, all the, all the cheers, yes. >>And I think this kid apps loop has been declarative lee reconciled. >>Yeah, there we go. And with that ladies and gentlemen, uh bid you would do, we will see you in the next, next round coming up next with Peter >>bye.

>>Welcome back to the cubes coverage of dr khan 2021 virtual. I'm john for a host of the cube. Got a great cube segment here at Donnie Bergholz, VP of products at Docker Industry veterans, seeing all the ways of innovation now uh had a product that dr dani great to see you. >>It's great to see you again to john >>hey, great program this year, Dr khan almost pushing the envelope again. Just the world's changed significantly over the past few years in this past year has been pretty crazy last year were virtual at the beginning of the pandemic, the watershed moment. Dr khan 2020 you know, with virtual event and then share action packed keynote track, uh four tracks run share build accelerate, you got a cube track, you've got live hits. Uh, community rooms global, huge growth in the developer community around Docker Kubernetes is now well understood by everyone and the general consensus is everyone's in production with it moving like a fast train cloud natives at the center of the action coupons, very operational operators. Dr khan's very development focus. So this is a key developer event really in the CNC F cloud native world. What's going on the process? Give us the update? >>Yeah. And I think you made a fantastic point there, john which is the developer focus. Uh, I joined dr back in october of last year and one of the first things that I did was make sure that we were going out there listening to our customers, having a lot of fresh conversations with them and using those as the core product strategy as we were talking to customers. What we learned fell into three big buckets around building sharing and running modern applications. So we've used those to create our product strategy which is based on solving problems that our customers and developers using Docker care about rather than lot of product strategies that I've come across as an analyst and as a leader on the enterprise side, which are very much feature factory driven of like here's the thing we can ship it, what kind of shove it in your face and try and sell it to you. So I'm really excited about what we're doing a doctor by delivering things that are developers really care about based on problems that they have told us are really valuable to solve problems that when we win, we went together and so we're focused on helping developers really accelerate their application delivery. So what are we doing? There's so much stuff and you know, if you've seen the keynote already, you'll see more and more of that. We announced for really big things and a lot of smaller things as well, um things like uh doctor verified publisher program which brings more trusted content. Um the doctor deV environments that help teams collaborate more effectively, um dr desktop on apple silicon bringing environments to the latest and greatest of machines that everybody is trying to get ahold of. Especially now that cps are harder to come by. Uh uh as well as uh some of those little things like scoped personal access tokens, which makes it easier for people to use a Ci pipeline without having to give it full right privileges and be concerned that if they get hacked, if the sea acrobatic it's hacked, then they get hacked to we're trying to help them defend against those kinds of cases. >>It's funny you made me think of the eye with the apple silicon comment, the supply chain threats that you've seen in hardware. And even here I'm hearing the word kicked around just in the CTO of doctor used the word supply chain, software supply chain. So again, you bring up this idea of supply chain, you mentioned trust. I can almost see the dots connecting, you know, in real time out in the audience out there saying, okay, you've got trust supply chain hardware, software, containers, there's no perimeter and clouds. You have to have a kind of unit level security. This is kind of a big deal. Can you just unpack this trend? Because this is a security kind of anywhere kind of not going to use a buzzword, but like supply chain actually hits home here. Like talk about that. What? All wise all this means? >>Yeah, I think Doctor is in a really interesting position in terms of how development teams and enterprises are adopting it, because it's been around for long enough that enterprises have come to trust Docker and it's really gotten in there in a way that a lot of brand new technologies have not. And yet we're still pushing the boundaries of innovation at the same time. So when when we think about where dr fits in for developers, we've got dr official images, which are probably adopted the default for anything you're going to do in a container. You go and get a doctor official image and start doing it. But then what Right? You pulling a bunch of those, you start building applications, you start pulling other libraries, you build your own code on top, um, on your DEV environment where you're probably running doctor desktop to do so. And so we've got content coming from a trusted source, we've got dr running on the developer laptop and then we've got everything else like where else does it go from there? Uh, and so there's a ton of um, both problem and opportunity to help bring all that complex kind of spaghetti pipeline mess together and help provide people with the path of they can have confidence in while they're doing so. It's interesting because it's different for developers than it is for option. Security teams very, very different in terms of what they care about. >>So talk about the automation impact because I can see two things happening. One is the trusted environment, more containers everywhere. And then you have more developers coming on board. Right? So actually more people writing code, not just bots, machines and humans. So you have more people flooding in writing code, more containers everywhere that need to be trusted? What's the impact to the environment? What's the but how do you, how does develop experience get easier and simpler when that's happening? >>We see that as you get more and more content, The tail, the long tail continues to extend, right, more and more community generated third party content. People publishing their own applications on Docker hub and all across the Internet. And that makes the importance of being able to discover things that you can trust that you can incorporate without worrying about what might be there all the more important. So we've got dr official images today, we announced the doctor verified publisher program. All these are things that we're doing to try and make it easier for developers to find the good stuff to use it and not worry about it and just move on with their lives. >>What's your vision and what's your, what stalkers take on the collaboration aspect of coding? I think it's one of the key themes here. Where does that fit in? What's the story with collaboration? >>Yeah, we see this as an area that really has been left behind around the adoption of containers, the adoption of kubernetes, the focus has been so much on that pipeline and that path and production and production container orchestration where we watched the generation of kubernetes arise and most of the vendors in the space, we're doing some kind of top down infrastructure deal right selling to the VP of Ops or something along those lines. Um and so the development of those applications really was left by the wayside because that's not a problem that the VP of us cares about, but it's a very interesting problem as we think about dr being focused on developers now to help those teams collaborate because no application is built in a closet. Every single application that is built is built in partnership with other developers, with product managers, with designers, all these people who need to somehow work together to review not only the source code, but the application as a whole. >>What does the product? Um, Evolution looked like as Justin Cormack and I were talking about, you know, developer productivity, the simplification containers as a P. I. S. What is the, what is the priority? How, how do you look at that? Because the securities front and center and a variety of security partners here in the ecosystem. Where's the priorities on the road map? You can, if someone asked you, hey Donnie, what's the bottom line? What's the product strategy? >>Yeah, our priority is the team. First and foremost, it is not optimizing for the single developer, it is optimizing for that team working together effectively. We feel that that is a very underserved audience of that developer team as a unit. Um, if you look at everybody in the container space, like I said, they're all kind of focused on operations, production, cloud environments, not on that team. And so we see that as a great opportunity to solve really important problems that nobody else is doing a great job of solving today. >>I gotta ask you on the team formation is the general consensus. Also in a lot of my interviews here at dr khan and outside in the industry, is that the, the monolithic organization building monolithic applications certainly has been disrupted. Certainly the engineering teams now look like they're going to be into end workloads, full visibility and to end with an s sorry, on the team, everyone kind of built in these teams. We kind of platform engineering flexing in between. So you don't have that kind of like silent organization certainly has been discussed for well, but this seems to be the standard. Now, what's your take on this and is that what you mean by teams that could you share your view on how people are organizing teams? Because certainly get hub and a lot of other leaders are saying, yeah, we see the same way these teams have, you know, threaded leaders and or fully baked team members inside these teams. >>Yeah, we definitely see that team as a cross functional team. It's not, you know, your your old world, we might have been like, you've got the development team here, you've got the QA team here, you've got the operations team there. It's completely not that it's that team is it's got developers on it. If there are dedicated testers or software engineers and test their on it, if they need to have a devops person or an SRE there on it as well, it's all part of the same team and that team is building on top of the platforms that are exposed by other teams. And that's the big shift that I think has been in the works for probably a decade at this point has been that kind of rotation of responsibilities that you used to be, that DEV's owned the DEV environment and DEV test and ops owned Prod and everything about PROd and now it's much more that there are platforms that span every environment and there's a platform team responsible for each one of those components that delivers it in a self service way. And then there are teams that build on top of that that own their application all the way from development through to production, they support it there on call for it. This is how we work internally, our development teams in our product development teams, I should say, because they're cross functional, really take ownership for their applications and it's it's a super powerful imperative. It gives people the ability to iterate much more quickly by taking away a lot of those gatekeepers. And it's it's the same thing as a matter of fact, when I was at an enterprise before I joined dr it's the same thing we did. A big part of our strategy was creating these self service platforms so that product teams could move quickly. >>Remember I interviewed during the QB was awesome. Great concept. Go back to look at that tape. That's not exactly not tape, it's on disk, but Great. Great concept. Let me ask you one more question on that because one of the things that's clear that's coming out even in the university areas Engineering DeVOPS has now brought in much more of a focus of the SRE that used to be an ops role but now becomes becoming developer. I mean it's DEVOPS, as you said, it's been going on for a while over a decade now it's much more clear that this s. R. Re engineering role is key. So with that I've always thought Doctor and containers is a perfect integration tool capability. I mean why not? I mean that's one of the benefits of containers as you allow, you can contain arise things. So if you play out what you just said about the team's integration is huge. Talk about how you see that evolving as a product person. >>Yeah. I think as you say, the integration is huge. Um You know, one way that I look at it is that the application itself or the service itself is defined by either a container or a set of containers. Um And the product development team cares about what's inside of that set of containers up and to that container layer or that group of containers layer. Whether that's the doctor file with its containers. Docker compose those kinds of things and then there might be a platform team responsible for running a great kubernetes environment, whether they're using a cloud platform or in house and they care about everything outside of the containers, up to the containers as that interface. Uh So when we think about those focuses, like Docker is all about that application in words. Um And a lot of the more production oriented containers vendors are container outwards. So it's very different when we think about the kinds of problems we want to solve. It's about making that application definition really easy and portable and enabling a clean handoff to SRE teams who may be responsible for running that Apple product. >>You brought up trusted content, trusted containers, modern applications earlier. What does trusted containers mean to you? I mean that's I mean obviously means security built in but there's a lot of migration there with containers, containers coming in and out of clusters all the time. They're being orchestrated. They're being used with state and state stateless data. What does trusted content mean? >>No. Really, for us, the focus is an interesting one because when we think about building, sharing and running applications for developers, our run means we want to give developers are great interface into the production environment. We don't want to provide the production environment. And so some of those problems are ones we deeply care about where the developers are making sure that they've got a trusted, secure, verifiable path to get the content that they are incorporating into their app all the way to production or to a point of hand off. If there is a point of hand off, once it gets to production, it becomes the problem of different products and different vendors to make it really easy for those same enterprises to effectively secure that application and project. >>What does containers is as an A P. I mean that's just docker reference classic approach or is there a new definition to containers as a piece? Our container ap >>Yeah, I think the question becomes really interesting when you start thinking about what's inside of each one of those containers and how you might be able to use those as building blocks. Even thinking about trends that are on the rise, like Loco Noko development, how could you imagine incorporating containers or a service composed of a group of containers um, into one of those kinds of contexts to do so you have to have a clean ap that you can define and published in support of how a different component would interface with every one of those containers. What are the ports? What are the protocols? What are the formats? Every one of those things is important to creating an API >>So I gotta ask you don? T put you on the spot because you've been on many, many sides of the table, analyst Docker, you've been at an enterprise doing some hardcore devops. If I'm a customer out there and say I'm a classic main street enterprise. Hey Donnie, I'm putting my teams, we're kicking ass. We've been kicking the tires, been in the cloud pandemics, giving us a little lift, we know it to double down on, we feel good about where we're going. Um, but I got a couple clouds out there. I'm all in on one. I got another one going, but I'm going hybrid all the way. I don't even know what multi cloud is yet, but hybrid means edge and ultimately distributed computing. What do I do? What's the doctor Playbook, What do you, what do you say to me? How do you keep me calm and motivated? Yeah, >>I think, you know, the reality is like you say every company is going to be running in multiple different environments. Um It's probably not the same application in multiple environments and different apps and they've gotten to a place maybe accidentally as different business units are different functions started picking different clouds of their choice and getting them there. But in the end of it, like the company as a whole has to figure out how do I support that and how do I make it all work together effectively and deal with all the different, not just levels of expertise in these different environments, but the different levels of performance and latency to expect as you have applications that may need to run across all those, um you know, I used to work in the travel industry and you might have somebody trying to book a flight and that's but you know, bouncing across a cloud to a data center, to a different cloud, to a service provider and on back and you can imagine very quickly, how do you solve for those latency problems that we know are correlated to user experience and in an e commerce kind of context correlated with revenue because people balance if they can't get a good response, it's complicated. The fact is it's just it's a hard problem to solve. Um containers can definitely help solve part of that by providing a consistent platform that lets you take your applications from place to place. That lets you build a consistent set of expertise so that, you know, a container here is like a container, there is like a container over there um And work with those in a fairly consistent way. But there's always going to be differences. I think it's very dangerous to assume that because you have a container in multiple places, it's going to provide the same levels of guarantees. And we had a lot of these conversations back in the early 2010s when private cloud was really starting to pick up steam and we said Oh let's make compatible storage layers. Uh And it was true to a point you could provide api compatibility but you had to run as hard as you could to keep up with the changes and you couldn't provide the same level of resiliency, You couldn't provide the same level of data protection, you couldn't provide the same level of performance and global footprint and all those provide what what does the A. P. I mean to a developer using it. It's all of those things regardless of whether they're in an api spec somewhere. >>That's a great call out looking at the how things are moving so fast and you just got to keep up. It's almost like you want some peace, peace time kind of philosophy. So I gotta ask you as you look at the landscape again, you've got a unique perspective running product over a docker which puts you at the front lines and looking at the whole marketplace as as a whole cloud native. But you also been an analyst. I got to ask you what does success look like because as the world changes that it's not always obvious until you see it. And then you know that success and then some people are trying different approaches. How do you tell the winners from the losers or the better approaches versus the ones that struggle? Is there a pattern that you're seeing emerge from the pandemic as a team is a tech? What's the, what's the pattern of success that you see? Development teams and organizations deploying that's working and what's a sign of bad things? >>Yeah, I think, you know, one of the biggest patterns is the ability to iterate quickly and learn fast. You know, if there's nothing else that you can do, you just think about what are those basic principles that let you be Agile? Not as a development team. Agile is a company getting from those ideas and that customer feedback all the way through the loop. To build that thing, tested with your customers before you ship it, get it out there. Maybe you do some kind of a modern deployment practice to decrease your risk as you're doing so right. It's Canary, it's rolling, releases its blue green, all those things Right? How do you d risk, how do you experiment while you're doing so and how do you stay agile so that you're able to provide customer value as fast as possible? Almost every failure pattern that you see is one that happens because you're not listening to your customers effectively and often enough and you're not iterating quickly enough so you're building in a direction that is not what they wanted or needed, >>you know, looking at Dr khan 2021 this year, look at the calendar, the cube tracks in there, which I'm excited to do a bunch of coverage on. It's always fun. But you got the classic build share run, which is the ethos of Doctor, but you get a new track called accelerate, there is an acceleration coming out of the pandemic more than ever. Um it's been pretty cool. I mean you're seeing a lot more action in all areas but talk about the acceleration with containers and what you what you're seeing on the landscape side of the industry and how that's impacting customers. What specifically is this acceleration really all about? >>Yeah, when I think about what acceleration means to me, it's about how do you avoid building things, avoid finding things that you don't need to spend your time on? How can you pick things up? Incorporate those into your workflows, incorporate those into your applications that you don't have to build it yourself right, you can accelerate every time you want to accelerate. Its because somebody else built something that you can then reuse and build on top of whether its application components, whether that's SAs or apps, developer services, whether that's pre integrated pipelines. So you've already got plug ins and tools that work every one of those things as an accelerator, A lot of them are delivered by all kinds of different vendors all over the map. And so if they don't integrate well together, if there aren't open A. P. S, if there aren't pre integrated offerings, it's not gonna be an accelerator is gonna be exactly the opposite. It's going to be I want to get this thing in, let me bring in five or six different consulting teams to start trying to piece all this stuff together. Big, big slow down. So the pretty integrated solutions, the open A. P. S. Those are the kinds of things that really are going to accelerate people. >>I can't I can't agree with you more on this whole slowdown thing. And one of the hardest things to do is insert new team members are new kind of rules and process into kind of already accelerated momentum, which is hard. This is a hard new kind of a cloud native dynamic, which is scale and speed are critical, right? So it's one of those things that's actually benefit. But if you don't rein it in a little bit, how do you balance that? What's your advice to folks? This is, this is a common problem. I mean, it could get away from you. It's on one hand, but if you slow down too much, it's a gridlock and you, you misfire. What's your thoughts on this? >>Yeah, that, that balance of scale and speed. Um, and it definitely is a balance there. You know, I think there's always a danger of over architect ng for your current state of reality. Um, and you know, one of the things that I've learned over the years is, you've got to, you got to scale your process and scale your architecture to where you're at and where you're going to be soon, if you start Designing for five years, 10 years down the road, um it's going to slow you down in the short term and you might never get to where you thought you were going to be in five or 10 years. You've got to build for where you're at, built for where you're going soon, you're not gonna go for the future. And this is, it ties into these ideas like evolutionary architecture, like how do you build in a way that makes change easy because, you know, things are always going to change. Um, you know, some of the recent trends around things like project product playing so well to this, right? It's not like a project team comes together and builds the solution and then walks away and the solution works untouched for years or decades. Instead, it's it's that agile approach of is a product team there long lived. They own what they're building and they support it and they continue to enhance it, going forward to improve their ability to meet their customers needs over time. >>Yeah, and I think that's a super important point. The magical product team that just scales infinitely by itself while you're sleeping is different. Again, the team formation is an indicator of that. So, I think this whole agility going to the next level really is all about, you know, a series of these teams. Micro micro teams. Microservices, I mean, again, monolithic applications yielded monolithic organizations. >>Microservices >>brings in kind of this open source ethos, this new hate to use the term to Pizza team because it's an Amazonian thing, but it kind of applies here, Right? So you got to have these teams. I had to focus and to end and take ownership of that, whether it's product, platform or project at the end of the day, you're still serving customers. Final question for you on. Well, I got you here. I know end user experience you brought this up earlier. This is a huge important piece. I think last year, you and I talked about this briefly in our interview as developers come to the front lines of the business, some of them all don't have M B A. S and that always, you know, going to business school and some of the best engineers shouldn't go to business school in my opinion, But but you know, they have to learn the vernacular of complex topics, understand quality, get bring craft into the software more and more developers on the front lines closer and closer to the customer as they go direct. This is a huge change from just 5, 10 years ago. What's your thoughts on this? And what do you tell people when when they say hey donnie what how should I ah posture to the customer? What can I do to get better? What do you say to that? >>Yeah it's a great question. Um and it's one that I think a lot of companies are struggling to solve. How do we bring developers closer to the customers? And what does that mean? One of the things that we do regularly at Dr is we bring our developers along on customer interviews. So our product managers are constantly out there, you know kind of beating the virtual street, talking to developers talking to customers. Um and regularly they'll bring developers on the same team along. This is super valuable in helping our developers really build an understanding of the customers are building for, right. It may not even be about that specific thing that they're building on that one day. Um but it's about understanding the customer's needs and really making that something that is internalized in the way they think about how do they solve problems? How do they design solutions? How do they do? So in a way that is much more likely to resonate with the customers. Um Do they have an NBA? No, but where do you start? You gotta start somewhere? You start by bringing people into the conversation, so we don't expect them to lead an interview. We expect them to come along, learn and ask questions. And what happens so often is that people with, you know, the business in other companies might say yeah, developers, they're just these tech people will just like give him a set of requirements and they'll deliver stuff. Um but bring them along for the ride and letting them interact with the customers that are using their product is an amazing and exciting experience for developers. We hear consistently just super excited, treat back. >>It's clearly the trend. I mean one of the best, the best performing teams have the business and developers working together. It's really interesting phenomenon. I think it's going to change the makeup of taking that and to end approach to a whole nother level dani. Great to have you on. Great to see you final question. Um take a minute to put a plug in for the product team over there. What are you working on? What are you most excited about? Give a quick plug? >>You know, I am super excited about what we're doing in both trusted content and around team collaboration. Um I think both of those are just going to be amazing. Amazing opportunities to improve how developers are working on their microservices. It's so fragmented, it's so complicated that helping make that easier is going to be really important and valuable an area for development teams to focus on. >>Uh, Dr khan 2021 Virtual, Donnie Bergholz, VP of products and Dakar, good friend of the CUBA and the industry as well. Dani, thanks for that. Great insight and sharing some gems you drop there. Thanks. >>All right. Thank you. All >>right. Dr khan coverage I'm john for your host of the cube, The Cube track here at Dakar 2021 virtual. Thanks for watching. Mhm.