>> The rapid rise of ransomware attacks has added yet another challenge that business technology executives have to worry about these days, cloud storage, immutability, and air gaps have become a must have arrows in the quiver of organization's data protection strategies. But the important reality that practitioners have embraced is data protection, it can't be an afterthought or a bolt on it, has to be designed into the operational workflow of technology systems. The problem is, oftentimes, data protection is complicated with a variety of different products, services, software components, and storage formats, this is why object storage is moving to the forefront of data protection use cases because it's simpler and less expensive. The put data get data syntax has always been alluring, but object storage, historically, was seen as this low-cost niche solution that couldn't offer the performance required for demanding workloads, forcing customers to make hard tradeoffs between cost and performance. That has changed, the ascendancy of cloud storage generally in the S3 format specifically has catapulted object storage to become a first class citizen in a mainstream technology. Moreover, innovative companies have invested to bring object storage performance to parity with other storage formats, but cloud costs are often a barrier for many companies as the monthly cloud bill and egress fees in particular steadily climb. Welcome to Secure Storage Hot Takes, my name is Dave Vellante, and I'll be your host of the program today, where we introduce our community to Wasabi, a company that is purpose-built to solve this specific problem with what it claims to be the most cost effective and secure solution on the market. We have three segments today to dig into these issues, first up is David Friend, the well known entrepreneur who co-founded Carbonite and now Wasabi will then dig into the product with Drew Schlussel of Wasabi, and then we'll bring in the customer perspective with Kevin Warenda of the Hotchkiss School, let's get right into it. We're here with David Friend, the President and CEO and Co-founder of Wasabi, the hot storage company, David, welcome to theCUBE. >> Thanks Dave, nice to be here. >> Great to have you, so look, you hit a home run with Carbonite back when building a unicorn was a lot more rare than it has been in the last few years, why did you start Wasabi? >> Well, when I was still CEO of Wasabi, my genius co-founder Jeff Flowers and our chief architect came to me and said, you know, when we started this company, a state of the art disk drive was probably 500 gigabytes and now we're looking at eight terabyte, 16 terabyte, 20 terabyte, even 100 terabyte drives coming down the road and, you know, sooner or later the old architectures that were designed around these much smaller disk drives is going to run out of steam because, even though the capacities are getting bigger and bigger, the speed with which you can get data on and off of a hard drive isn't really changing all that much. And Jeff foresaw a day when the architectures sort of legacy storage like Amazon S3 and so forth was going to become very inefficient and slow. And so he came up with a new, highly parallelized architecture, and he said, I want to go off and see if I can make this work. So I said, you know, good luck go to it and they went off and spent about a year and a half in the lab, designing and testing this new storage architecture and when they got it working, I looked at the economics of this and I said, holy cow, we can sell cloud storage for a fraction of the price of Amazon, still make very good gross margins and it will be faster. So this is a whole new generation of object storage that you guys have invented. So I recruited a new CEO for Carbonite and left to found Wasabi because the market for cloud storage is almost infinite. You know, when you look at all the world's data, you know, IDC has these crazy numbers, 120 zetabytes or something like that and if you look at that as you know, the potential market size during that data, we're talking trillions of dollars, not billions and so I said, look, this is a great opportunity, if you look back 10 years, all the world's data was on-prem, if you look forward 10 years, most people agree that most of the world's data is going to live in the cloud, we're at the beginning of this migration, we've got an opportunity here to build an enormous company. >> That's very exciting. I mean, you've always been a trend spotter, and I want to get your perspectives on data protection and how it's changed. It's obviously on people's minds with all the ransomware attacks and security breaches, but thinking about your experiences and past observations, what's changed in data protection and what's driving the current very high interest in the topic? >> Well, I think, you know, from a data protection standpoint, immutability, the equivalent of the old worm tapes, but applied to cloud storage is, you know, become core to the backup strategies and disaster recovery strategies for most companies. And if you look at our partners who make backup software like Veeam, Convo, Veritas, Arcserve, and so forth, most of them are really taking advantage of mutable cloud storage as a way to protect customer data, customers backups from ransomware. So the ransomware guys are pretty clever and they, you know, they discovered early on that if someone could do a full restore from their backups, they're never going to pay a ransom. So, once they penetrate your system, they get pretty good at sort of watching how you do your backups and before they encrypt your primary data, they figure out some way to destroy or encrypt your backups as well, so that you can't do a full restore from your backups. And that's where immutability comes in. You know, in the old days you, you wrote what was called a worm tape, you know, write once read many, and those could not be overwritten or modified once they were written. And so we said, let's come up with an equivalent of that for the cloud, and it's very tricky software, you know, it involves all kinds of encryption algorithms and blockchain and this kind of stuff but, you know, the net result is if you store your backups in immutable buckets, in a product like Wasabi, you can't alter it or delete it for some period of time, so you could put a timer on it, say a year or six months or something like that, once that data is written, you know, there's no way you can go in and change it, modify it, or anything like that, including even Wasabi's engineers. >> So, David, I want to ask you about data sovereignty. It's obviously a big deal, I mean, especially for companies with the presence overseas, but what's really is any digital business these days, how should companies think about approaching data sovereignty? Is it just large firms that should be worried about this? Or should everybody be concerned? What's your point of view? >> Well, all around the world countries are imposing data sovereignty laws and if you're in the storage business, like we are, if you don't have physical data storage in-country, you're probably not going to get most of the business. You know, since Christmas we've built data centers in Toronto, London, Frankfurt, Paris, Sydney, Singapore, and I've probably forgotten one or two, but the reason we do that is twofold; one is, you know, if you're closer to the customer, you're going to get better response time, lower latency, and that's just a speed of light issue. But the bigger issue is, if you've got financial data, if you have healthcare data, if you have data relating to security, like surveillance videos, and things of that sort, most countries are saying that data has to be stored in-country, so, you can't send it across borders to some other place. And if your business operates in multiple countries, you know, dealing with data sovereignty is going to become an increasingly important problem. >> So in May of 2018, that's when the fines associated with violating GDPR went into effect and GDPR was like this main spring of privacy and data protection laws and we've seen it spawn other public policy things like the CCPA and think it continues to evolve, we see judgments in Europe against big tech and this tech lash that's in the news in the U.S. and the elimination of third party cookies, what does this all mean for data protection in the 2020s? >> Well, you know, every region and every country, you know, has their own idea about privacy, about security, about the use of even the use of metadata surrounding, you know, customer data and things of this sort. So, you know, it's getting to be increasingly complicated because GDPR, for example, imposes different standards from the kind of privacy standards that we have here in the U.S., Canada has a somewhat different set of data sovereignty issues and privacy issues so it's getting to be an increasingly complex, you know, mosaic of rules and regulations around the world and this makes it even more difficult for enterprises to run their own, you know, infrastructure because companies like Wasabi, where we have physical data centers in all kinds of different markets around the world and we've already dealt with the business of how to meet the requirements of GDPR and how to meet the requirements of some of the countries in Asia and so forth, you know, rather than an enterprise doing that just for themselves, if you running your applications or keeping your data in the cloud, you know, now a company like Wasabi with, you know, 34,000 customers, we can go to all the trouble of meeting these local requirements on behalf of our entire customer base and that's a lot more efficient and a lot more cost effective than if each individual country has to go deal with the local regulatory authorities. >> Yeah, it's compliance by design, not by chance. Okay, let's zoom out for the final question, David, thinking about the discussion that we've had around ransomware and data protection and regulations, what does it mean for a business's operational strategy and how do you think organizations will need to adapt in the coming years? >> Well, you know, I think there are a lot of forces driving companies to the cloud and, you know, and I do believe that if you come back five or 10 years from now, you're going to see majority of the world's data is going to be living in the cloud and I think storage, data storage is going to be a commodity much like electricity or bandwidth, and it's going to be done right, it will comply with the local regulations, it'll be fast, it'll be local, and there will be no strategic advantage that I can think of for somebody to stand up and run their own storage, especially considering the cost differential, you know, the most analysts think that the full, all in costs of running your own storage is in the 20 to 40 terabytes per month range, whereas, you know, if you migrate your data to the cloud, like Wasabi, you're talking probably $6 a month and so I think people are learning how to deal with the idea of an architecture that involves storing your data in the cloud, as opposed to, you know, storing your data locally. >> Wow, that's like a six X more expensive in the clouds, more than six X, all right, thank you, David,-- >> In addition to which, you know, just finding the people to babysit this kind of equipment has become nearly impossible today. >> Well, and with a focus on digital business, you don't want to be wasting your time with that kind of heavy lifting. David, thanks so much for coming in theCUBE, a great Boston entrepreneur, we've followed your career for a long time and looking forward to the future. >> Thank you. >> Okay, in a moment, Drew Schlussel will join me and we're going to dig more into product, you're watching theCUBE, the leader in enterprise and emerging tech coverage, keep it right there. ♪ Whoa ♪ ♪ Brenda in sales got an email ♪ ♪ Click here for a trip to Bombay ♪ ♪ It's not even called Bombay anymore ♪ ♪ But you clicked it anyway ♪ ♪ And now our data's been held hostage ♪ ♪ And now we're on sinking ship ♪ ♪ And a hacker's in our system ♪ ♪ Just 'cause Brenda wanted a trip ♪ ♪ She clicked on something stupid ♪ ♪ And our data's out of our control ♪ ♪ Into the hands of a hacker's ♪ ♪ And he's a giant asshole. ♪ ♪ He encrypted it in his basement ♪ ♪ He wants a million bucks for the key ♪ ♪ And I'm pretty sure he's 15 ♪ ♪ And still going through puberty ♪ ♪ I know you didn't mean to do us wrong ♪ ♪ But now I'm dealing with this all week long ♪ ♪ To make you all aware ♪ ♪ Of all this ransomware ♪ ♪ That is why I'm singing you this song ♪ ♪ C'mon ♪ ♪ Take it from me ♪ ♪ The director of IT ♪ ♪ Don't click on that email from a prince Nairobi ♪ ♪ 'Cuz he's not really a prince ♪ ♪ Now our data's locked up on our screen ♪ ♪ Controlled by a kid who's just fifteen ♪ ♪ And he's using our money to buy a Ferrari ♪ (gentle music) >> Joining me now is Drew Schlussel, who is the Senior Director of Product Marketing at Wasabi, hey Drew, good to see you again, thanks for coming back in theCUBE. >> Dave, great to be here, great to see you. >> All right, let's get into it. You know, Drew, prior to the pandemic, Zero Trust, just like kind of like digital transformation was sort of a buzzword and now it's become a real thing, almost a mandate, what's Wasabi's take on Zero Trust. >> So, absolutely right, it's been around a while and now people are paying attention, Wasabi's take is Zero Trust is a good thing. You know, there are too many places, right, where the bad guys are getting in. And, you know, I think of Zero Trust as kind of smashing laziness, right? It takes a little work, it takes some planning, but you know, done properly and using the right technologies, using the right vendors, the rewards are, of course tremendous, right? You can put to rest the fears of ransomware and having your systems compromised. >> Well, and we're going to talk about this, but there's a lot of process and thinking involved and, you know, design and your Zero Trust and you don't want to be wasting time messing with infrastructure, so we're going to talk about that, there's a lot of discussion in the industry, Drew, about immutability and air gaps, I'd like you to share Wasabi's point of view on these topics, how do you approach it and what makes Wasabi different? >> So, in terms of air gap and immutability, right, the beautiful thing about object storage, which is what we do all the time is that it makes it that much easier, right, to have a secure immutable copy of your data someplace that's easy to access and doesn't cost you an arm and a leg to get your data back. You know, we're working with some of the best, you know, partners in the industry, you know, we're working with folks like, you know, Veeam, Commvault, Arc, Marquee, MSP360, all folks who understand that you need to have multiple copies of your data, you need to have a copy stored offsite, and that copy needs to be immutable and we can talk a little bit about what immutability is and what it really means. >> You know, I wonder if you could talk a little bit more about Wasabi's solution because, sometimes people don't understand, you actually are a cloud, you're not building on other people's public clouds and this storage is the one use case where it actually makes sense to do that, tell us a little bit more about Wasabi's approach and your solution. >> Yeah, I appreciate that, so there's definitely some misconception, we are our own cloud storage service, we don't run on top of anybody else, right, it's our systems, it's our software deployed globally and we interoperate because we adhere to the S3 standard, we interoperate with practically hundreds of applications, primarily in this case, right, we're talking about backup and recovery applications and it's such a simple process, right? I mean, just about everybody who's anybody in this business protecting data has the ability now to access cloud storage and so we've made it really simple, in many cases, you'll see Wasabi as you know, listed in the primary set of available vendors and, you know, put in your private keys, make sure that your account is locked down properly using, let's say multifactor authentication, and you've got a great place to store copies of your data securely. >> I mean, we just heard from David Friend, if I did my math right, he was talking about, you know, 1/6 the cost per terabyte per month, maybe even a little better than that, how are you able to achieve such attractive economics? >> Yeah, so, you know, I can't remember how to translate my fractions into percentages, but I think we talk a lot about being 80%, right, less expensive than the hyperscalers. And you know, we talked about this at Vermont, right? There's some secret sauce there and you know, we take a different approach to how we utilize the raw capacity to the effective capacity and the fact is we're also not having to run, you know, a few hundred other services, right? We do storage, plain and simple, all day, all the time, so we don't have to worry about overhead to support, you know, up and coming other services that are perhaps, you know, going to be a loss leader, right? Customers love it, right, they see the fact that their data is growing 40, 80% year over year, they know they need to have some place to keep it secure, and, you know, folks are flocking to us in droves, in fact, we're seeing a tremendous amount of migration actually right now, multiple petabytes being brought to Wasabi because folks have figured out that they can't afford to keep going with their current hyperscaler vendor. >> And immutability is a feature of your product, right? What the feature called? Can you double-click on that a little bit? >> Yeah, absolutely. So, the term in S3 is Object Lock and what that means is your application will write an object to cloud storage, and it will define a retention period, let's say a week. And for that period, that object is immutable, untouchable, cannot be altered in any way, shape, or form, the application can't change it, the system administration can't change it, Wasabi can't change it, okay, it is truly carved in stone. And this is something that it's been around for a while, but you're seeing a huge uptick, right, in adoption and support for that feature by all the major vendors and I named off a few earlier and the best part is that with immutability comes some sense of, well, it comes with not just a sense of security, it is security. Right, when you have data that cannot be altered by anybody, even if the bad guys compromise your account, they steal your credentials, right, they can't take away the data and that's a beautiful thing, a beautiful, beautiful thing. >> And you look like an S3 bucket, is that right? >> Yeah, I mean, we're fully compatible with the S3 API, so if you're using S3 API based applications today, it's a very simple matter of just kind of redirecting where you want to store your data, beautiful thing about backup and recovery, right, that's probably the simplest application, simple being a relative term, as far as lift and shift, right? Because that just means for your next full, right, point that at Wasabi, retain your other fulls, you know, for whatever 30, 60, 90 days, and then once you've kind of made that transition from vine to vine, you know, you're often running with Wasabi. >> I talked to my open about the allure of object storage historically, you know, the simplicity of the get put syntax, but what about performance? Are you able to deliver performance that's comparable to other storage formats? >> Oh yeah, absolutely, and we've got the performance numbers on the site to back that up, but I forgot to answer something earlier, right, you said that immutability is a feature and I want to make it very clear that it is a feature but it's an API request. Okay, so when you're talking about gets and puts and so forth, you know, the comment you made earlier about being 80% more cost effective or 80% less expensive, you know, that API call, right, is typically something that the other folks charge for, right, and I think we used the metaphor earlier about the refrigerator, but I'll use a different metaphor today, right? You can think of cloud storage as a magical coffee cup, right? It gets as big as you want to store as much coffee as you want and the coffee's always warm, right? And when you want to take a sip, there's no charge, you want to, you know, pop the lid and see how much coffee is in there, no charge, and that's an important thing, because when you're talking about millions or billions of objects, and you want to get a list of those objects, or you want to get the status of the immutable settings for those objects, anywhere else it's going to cost you money to look at your data, with Wasabi, no additional charge and that's part of the thing that sets us apart. >> Excellent, so thank you for that. So, you mentioned some partners before, how do partners fit into the Wasabi story? Where do you stop? Where do they pick up? You know, what do they bring? Can you give us maybe, a paint a picture for us example, or two? >> Sure, so, again, we just do storage, right, that is our sole purpose in life is to, you know, to safely and securely store our customer's data. And so they're working with their application vendors, whether it's, you know, active archive, backup and recovery, IOT, surveillance, media and entertainment workflows, right, those systems already know how to manage the data, manage the metadata, they just need some place to keep the data that is being worked on, being stored and so forth. Right, so just like, you know, plugging in a flash drive on your laptop, right, you literally can plug in Wasabi as long as your applications support the API, getting started is incredibly easy, right, we offer a 30-day trial, one terabyte, and most folks find that within, you know, probably a few hours of their POC, right, it's giving them everything they need in terms of performance, in terms of accessibility, in terms of sovereignty, I'm guessing you talked to, you know, Dave Friend earlier about data sovereignty, right? We're global company, right, so there's got to be probably, you know, wherever you are in the world some place that will satisfy your sovereignty requirements, as well as your compliance requirements. >> Yeah, we did talk about sovereignty, Drew, this is really, what's interesting to me, I'm a bit of a industry historian, when I look back to the early days of cloud, I remember the large storage companies, you know, their CEOs would say, we're going to have an answer for the cloud and they would go out, and for instance, I know one bought competitor of Carbonite, and then couldn't figure out what to do with it, they couldn't figure out how to compete with the cloud in part, because they were afraid it was going to cannibalize their existing business, I think another part is because they just didn't have that imagination to develop an architecture that in a business model that could scale to see that you guys have done that is I love it because it brings competition, it brings innovation and it helps lower clients cost and solve really nagging problems. Like, you know, ransomware, of mutability and recovery, I'll give you the last word, Drew. >> Yeah, you're absolutely right. You know, the on-prem vendors, they're not going to go away anytime soon, right, there's always going to be a need for, you know, incredibly low latency, high bandwidth, you know, but, you know, not all data's hot all the time and by hot, I mean, you know, extremely hot, you know, let's take, you know, real time analytics for, maybe facial recognition, right, that requires sub-millisecond type of processing. But once you've done that work, right, you want to store that data for a long, long time, and you're going to want to also tap back into it later, so, you know, other folks are telling you that, you know, you can go to these like, you know, cold glacial type of tiered storage, yeah, don't believe the hype, you're still going to pay way more for that than you would with just a Wasabi-like hot cloud storage system. And, you know, we don't compete with our partners, right? We compliment, you know, what they're bringing to market in terms of the software vendors, in terms of the hardware vendors, right, we're a beautiful component for that hybrid cloud architecture. And I think folks are gravitating towards that, I think the cloud is kind of hitting a new gear if you will, in terms of adoption and recognition for the security that they can achieve with it. >> All right, Drew, thank you for that, definitely we see the momentum, in a moment, Drew and I will be back to get the customer perspective with Kevin Warenda, who's the Director of Information technology services at The Hotchkiss School, keep it right there. >> Hey, I'm Nate, and we wrote this song about ransomware to educate people, people like Brenda. >> Oh, God, I'm so sorry. We know you are, but Brenda, you're not alone, this hasn't just happened to you. >> No! ♪ Colonial Oil Pipeline had a guy ♪ ♪ who didn't change his password ♪ ♪ That sucks ♪ ♪ His password leaked, the data was breached ♪ ♪ And it cost his company 4 million bucks ♪ ♪ A fake update was sent to people ♪ ♪ Working for the meat company JBS ♪ ♪ That's pretty clever ♪ ♪ Instead of getting new features, they got hacked ♪ ♪ And had to pay the largest crypto ransom ever ♪ ♪ And 20 billion dollars, billion with a b ♪ ♪ Have been paid by companies in healthcare ♪ ♪ If you wonder buy your premium keeps going ♪ ♪ Up, up, up, up, up ♪ ♪ Now you're aware ♪ ♪ And now the hackers they are gettin' cocky ♪ ♪ When they lock your data ♪ ♪ You know, it has gotten so bad ♪ ♪ That they demand all of your money and it gets worse ♪ ♪ They go and the trouble with the Facebook ad ♪ ♪ Next time, something seems too good to be true ♪ ♪ Like a free trip to Asia! ♪ ♪ Just check first and I'll help before you ♪ ♪ Think before you click ♪ ♪ Don't get fooled by this ♪ ♪ Who isn't old enough to drive to school ♪ ♪ Take it from me, the director of IT ♪ ♪ Don't click on that email from a prince in Nairobi ♪ ♪ Because he's not really a prince ♪ ♪ Now our data's locked up on our screen ♪ ♪ Controlled by a kid who's just fifteen ♪ ♪ And he's using our money to buy a Ferrari ♪ >> It's a pretty sweet car. ♪ A kid without facial hair, who lives with his mom ♪ ♪ To learn more about this go to wasabi.com ♪ >> Hey, don't do that. ♪ Cause if we had Wasabi's immutability ♪ >> You going to ruin this for me! ♪ This fifteen-year-old wouldn't have on me ♪ (gentle music) >> Drew and I are pleased to welcome Kevin Warenda, who's the Director of Information Technology Services at The Hotchkiss School, a very prestigious and well respected boarding school in the beautiful Northwest corner of Connecticut, hello, Kevin. >> Hello, it's nice to be here, thanks for having me. >> Yeah, you bet. Hey, tell us a little bit more about The Hotchkiss School and your role. >> Sure, The Hotchkiss School is an independent boarding school, grades nine through 12, as you said, very prestigious and in an absolutely beautiful location on the deepest freshwater lake in Connecticut, we have 500 acre main campus and a 200 acre farm down the street. My role as the Director of Information Technology Services, essentially to oversee all of the technology that supports the school operations, academics, sports, everything we do on campus. >> Yeah, and you've had a very strong history in the educational field, you know, from that lens, what's the unique, you know, or if not unique, but the pressing security challenge that's top of mind for you? >> I think that it's clear that educational institutions are a target these days, especially for ransomware. We have a lot of data that can be used by threat actors and schools are often underfunded in the area of IT security, IT in general sometimes, so, I think threat actors often see us as easy targets or at least worthwhile to try to get into. >> Because specifically you are potentially spread thin, underfunded, you got students, you got teachers, so there really are some, are there any specific data privacy concerns as well around student privacy or regulations that you can speak to? >> Certainly, because of the fact that we're an independent boarding school, we operate things like even a health center, so, data privacy regulations across the board in terms of just student data rights and FERPA, some of our students are under 18, so, data privacy laws such as COPPA apply, HIPAA can apply, we have PCI regulations with many of our financial transactions, whether it be fundraising through alumni development, or even just accepting the revenue for tuition so, it's a unique place to be, again, we operate very much like a college would, right, we have all the trappings of a private college in terms of all the operations we do and that's what I love most about working in education is that it's all the industries combined in many ways. >> Very cool. So let's talk about some of the defense strategies from a practitioner point of view, then I want to bring in Drew to the conversation so what are the best practice and the right strategies from your standpoint of defending your data? >> Well, we take a defense in-depth approach, so we layer multiple technologies on top of each other to make sure that no single failure is a key to getting beyond those defenses, we also keep it simple, you know, I think there's some core things that all organizations need to do these days in including, you know, vulnerability scanning, patching , using multifactor authentication, and having really excellent backups in case something does happen. >> Drew, are you seeing any similar patterns across other industries or customers? I mean, I know we're talking about some uniqueness in the education market, but what can we learn from other adjacent industries? >> Yeah, you know, Kevin is spot on and I love hearing what he's doing, going back to our prior conversation about Zero Trust, right, that defense in-depth approach is beautifully aligned, right, with the Zero Trust approach, especially things like multifactor authentication, always shocked at how few folks are applying that very, very simple technology and across the board, right? I mean, Kevin is referring to, you know, financial industry, healthcare industry, even, you know, the security and police, right, they need to make sure that the data that they're keeping, evidence, right, is secure and immutable, right, because that's evidence. >> Well, Kevin, paint a picture for us, if you would. So, you were primarily on-prem looking at potentially, you know, using more cloud, you were a VMware shop, but tell us, paint a picture of your environment, kind of the applications that you support and the kind of, I want to get to the before and the after Wasabi, but start with kind of where you came from. >> Sure, well, I came to The Hotchkiss School about seven years ago and I had come most recently from public K12 and municipal, so again, not a lot of funding for IT in general, security, or infrastructure in general, so Nutanix was actually a hyperconverged solution that I implemented at my previous position. So when I came to Hotchkiss and found mostly on-prem workloads, everything from the student information system to the card access system that students would use, financial systems, they were almost all on premise, but there were some new SaaS solutions coming in play, we had also taken some time to do some business continuity, planning, you know, in the event of some kind of issue, I don't think we were thinking about the pandemic at the time, but certainly it helped prepare us for that, so, as different workloads were moved off to hosted or cloud-based, we didn't really need as much of the on-premise compute and storage as we had, and it was time to retire that cluster. And so I brought the experience I had with Nutanix with me, and we consolidated all that into a hyper-converged platform, running Nutanix AHV, which allowed us to get rid of all the cost of the VMware licensing as well and it is an easier platform to manage, especially for small IT shops like ours. >> Yeah, AHV is the Acropolis hypervisor and so you migrated off of VMware avoiding the VTax avoidance, that's a common theme among Nutanix customers and now, did you consider moving into AWS? You know, what was the catalyst to consider Wasabi as part of your defense strategy? >> We were looking at cloud storage options and they were just all so expensive, especially in egress fees to get data back out, Wasabi became across our desks and it was such a low barrier to entry to sign up for a trial and get, you know, terabyte for a month and then it was, you know, $6 a month for terabyte. After that, I said, we can try this out in a very low stakes way to see how this works for us. And there was a couple things we were trying to solve at the time, it wasn't just a place to put backup, but we also needed a place to have some files that might serve to some degree as a content delivery network, you know, some of our software applications that are deployed through our mobile device management needed a place that was accessible on the internet that they could be stored as well. So we were testing it for a couple different scenarios and it worked great, you know, performance wise, fast, security wise, it has all the features of S3 compliance that works with Nutanix and anyone who's familiar with S3 permissions can apply them very easily and then there was no egress fees, we can pull data down, put data up at will, and it's not costing as any extra, which is excellent because especially in education, we need fixed costs, we need to know what we're going to spend over a year before we spend it and not be hit with, you know, bills for egress or because our workload or our data storage footprint grew tremendously, we need that, we can't have the variability that the cloud providers would give us. >> So Kevin, you explained you're hypersensitive about security and privacy for obvious reasons that we discussed, were you concerned about doing business with a company with a funny name? Was it the trial that got you through that knothole? How did you address those concerns as an IT practitioner? >> Yeah, anytime we adopt anything, we go through a risk review. So we did our homework and we checked the funny name really means nothing, there's lots of companies with funny names, I think we don't go based on the name necessarily, but we did go based on the history, understanding, you know, who started the company, where it came from, and really looking into the technology and understanding that the value proposition, the ability to provide that lower cost is based specifically on the technology in which it lays down data. So, having a legitimate, reasonable, you know, excuse as to why it's cheap, we weren't thinking, well, you know, you get what you pay for, it may be less expensive than alternatives, but it's not cheap, you know, it's reliable, and that was really our concern. So we did our homework for sure before even starting the trial, but then the trial certainly confirmed everything that we had learned. >> Yeah, thank you for that. Drew, explain the whole egress charge, we hear a lot about that, what do people need to know? >> First of all, it's not a funny name, it's a memorable name, Dave, just like theCUBE, let's be very clear about that, second of all, egress charges, so, you know, other storage providers charge you for every API call, right? Every get, every put, every list, everything, okay, it's part of their process, it's part of how they make money, it's part of how they cover the cost of all their other services, we don't do that. And I think, you know, as Kevin has pointed out, right, that's a huge differentiator because you're talking about a significant amount of money above and beyond what is the list price. In fact, I would tell you that most of the other storage providers, hyperscalers, you know, their list price, first of all, is, you know, far exceeding anything else in the industry, especially what we offer and then, right, their additional cost, the egress costs, the API requests can be two, three, 400% more on top of what you're paying per terabyte. >> So, you used a little coffee analogy earlier in our conversation, so here's what I'm imagining, like I have a lot of stuff, right? And I had to clear up my bar and I put some stuff in storage, you know, right down the street and I pay them monthly, I can't imagine having to pay them to go get my stuff, that's kind of the same thing here. >> Oh, that's a great metaphor, right? That storage locker, right? You know, can you imagine every time you want to open the door to that storage locker and look inside having to pay a fee? >> No, that would be annoying. >> Or, every time you pull into the yard and you want to put something in that storage locker, you have to pay an access fee to get to the yard, you have to pay a door opening fee, right, and then if you want to look and get an inventory of everything in there, you have to pay, and it's ridiculous, it's your data, it's your storage, it's your locker, you've already paid the annual fee, probably, 'cause they gave you a discount on that, so why shouldn't you have unfettered access to your data? That's what Wasabi does and I think as Kevin pointed out, right, that's what sets us completely apart from everybody else. >> Okay, good, that's helpful, it helps us understand how Wasabi's different. Kevin, I'm always interested when I talk to practitioners like yourself in learning what you do, you know, outside of the technology, what are you doing in terms of educating your community and making them more cyber aware? Do you have training for students and faculty to learn about security and ransomware protection, for example? >> Yes, cyber security awareness training is definitely one of the required things everyone should be doing in their organizations. And we do have a program that we use and we try to make it fun and engaging too, right, this is often the checking the box kind of activity, insurance companies require it, but we want to make it something that people want to do and want to engage with so, even last year, I think we did one around the holidays and kind of pointed out the kinds of scams they may expect in their personal life about, you know, shipping of orders and time for the holidays and things like that, so it wasn't just about protecting our school data, it's about the fact that, you know, protecting their information is something do in all aspects of your life, especially now that the folks are working hybrid often working from home with equipment from the school, the stakes are much higher and people have a lot of our data at home and so knowing how to protect that is important, so we definitely run those programs in a way that we want to be engaging and fun and memorable so that when they do encounter those things, especially email threats, they know how to handle them. >> So when you say fun, it's like you come up with an example that we can laugh at until, of course, we click on that bad link, but I'm sure you can come up with a lot of interesting and engaging examples, is that what you're talking about, about having fun? >> Yeah, I mean, sometimes they are kind of choose your own adventure type stories, you know, they stop as they run, so they're telling a story and they stop and you have to answer questions along the way to keep going, so, you're not just watching a video, you're engaged with the story of the topic, yeah, and that's what I think is memorable about it, but it's also, that's what makes it fun, you're not just watching some talking head saying, you know, to avoid shortened URLs or to check, to make sure you know the sender of the email, no, you're engaged in a real life scenario story that you're kind of following and making choices along the way and finding out was that the right choice to make or maybe not? So, that's where I think the learning comes in. >> Excellent. Okay, gentlemen, thanks so much, appreciate your time, Kevin, Drew, awesome having you in theCUBE. >> My pleasure, thank you. >> Yeah, great to be here, thanks. >> Okay, in a moment, I'll give you some closing thoughts on the changing world of data protection and the evolution of cloud object storage, you're watching theCUBE, the leader in high tech enterprise coverage. >> Announcer: Some things just don't make sense, like showing up a little too early for the big game. >> How early are we? >> Couple months. Popcorn? >> Announcer: On and off season, the Red Sox cover their bases with affordable, best in class cloud storage. >> These are pretty good seats. >> Hey, have you guys seen the line from the bathroom? >> Announcer: Wasabi Hot Cloud Storage, it just makes sense. >> You don't think they make these in left hand, do you? >> We learned today how a serial entrepreneur, along with his co-founder saw the opportunity to tap into the virtually limitless scale of the cloud and dramatically reduce the cost of storing data while at the same time, protecting against ransomware attacks and other data exposures with simple, fast storage, immutability, air gaps, and solid operational processes, let's not forget about that, okay? People and processes are critical and if you can point your people at more strategic initiatives and tasks rather than wrestling with infrastructure, you can accelerate your process redesign and support of digital transformations. Now, if you want to learn more about immutability and Object Block, click on the Wasabi resource button on this page, or go to wasabi.com/objectblock. Thanks for watching Secure Storage Hot Takes made possible by Wasabi. This is Dave Vellante for theCUBE, the leader in enterprise and emerging tech coverage, well, see you next time. (gentle upbeat music)

(upbeat music) >> Today's organizations are overwhelmed by the number of different assets connected to their networks, which now include not only IT devices and assets, but also a lot of unmanaged assets, like cloud, IoT, building management systems, industrial control systems, medical devices, and more. That's not just it, there's more. We're seeing massive volume of threats, and a surge of severe vulnerabilities that put these assets at risk. This is happening every day. And many, including me, think it's only going to get worse. The scale of the problem will accelerate. Security and IT teams are struggling to manage all these vulnerabilities at scale. With the time it takes to exploit a new vulnerability, combined with the lack of visibility into the asset attack surface area, companies are having a hard time addressing the vulnerabilities as quickly as they need. This is today's special CUBE program, where we're going to talk about these problems and how they're solved. Hello, everyone. I'm John Furrier, host of theCUBE. This is a special program called Managing Risk Across Your Extended Attack Surface Area with Armis, new asset intelligence platform. To start things off, let's bring in the co-founder and CTO of Armis, Nadir Izrael. Nadir, great to have you on the program. >> Yeah, thanks for having me. >> Great success with Armis. I want to just roll back and just zoom out and look at, what's the big picture? What are you guys focused on? What's the holy grail? What's the secret sauce? >> So Armis' mission, if you will, is to solve to your point literally one of the holy grails of security teams for the past decade or so, which is, what if you could actually have a complete, unified, authoritative asset inventory of everything, and stressing that word, everything. IT, OT, IoT, everything on kind of the physical space of things, data centers, virtualization, applications, cloud. What if you could have everything mapped out for you so that you can actually operate your organization on top of essentially a map? I like to equate this in a way to organizations and security teams everywhere seem to be running, basically running the battlefield, if you will, of their organization, without an actual map of what's going on, with charts and graphs. So we are here to provide that map in every aspect of the environment, and be able to build on top of that business processes, products, and features that would assist security teams in managing that battlefield. >> So this category, basically, is a cyber asset attack surface management kind of focus, but it really is defined by this extended asset attack surface area. What is that? Can you explain that? >> Yeah, it's a mouthful. I think the CAASM, for short, and Gartner do love their acronyms there, but CAASM, in short, is a way to describe a bit of what I mentioned before, or a slice out of it. It's the whole part around a unified view of the attack surface, where I think where we see things, and kind of where Armis extends to that is really with the extended attack surface. That basically means that idea of, what if you could have it all? What if you could have both a unified view of your environment, but also of every single thing that you have, with a strong emphasis on the completeness of that picture? If I take the map analogy slightly more to the extreme, a map of some of your environment isn't nearly as useful as a map of everything. If you had to, in your own kind of map application, you know, chart a path from New York to whichever your favorite surrounding city, but it only takes you so far, and then you sort of need to do the rest of it on your own, not nearly as effective, and in security terms, I think it really boils down into you can't secure what you can't see. And so from an Armis perspective, it's about seeing everything in order to protect everything. And not only do we discover every connected asset that you have, we provide a risk rating to every single one of them, we provide a criticality rating, and the ability to take action on top of these things. >> Having a map is huge. Everyone wants to know what's in their inventory, right, from a risk management standpoint, also from a vulnerability perspective. So I totally see that, and I can see that being the holy grail, but on the vulnerability side, you got to see everything, and you guys have new stuff around vulnerability management. What's this all about? What kind of gaps are you seeing that you're filling in the vulnerability side, because, okay, I can see everything. Now I got to watch out for threat vectors. >> Yeah, and I'd say a different way of asking this is, okay, vulnerability management has been around for a while. What the hell are you bringing into the mix that's so new and novel and great? So I would say that vulnerability scanners of different sorts have existed for over a decade. And I think that ultimately what Armis brings into the mix today is how do we fill in the gaps in a world where critical infrastructure is in danger of being attacked by nation states these days, where ransomware is an everyday occurrence, and where I think credible, up-to-the-minute, and contextualize vulnerability and risk information is essential. Scanners, or how we've been doing things for the last decade, just aren't enough. I think the three things that Armis excels at and completes the security staff today on the vulnerability management side are scale, reach, and context. Scale, meaning ultimately, and I think this is of no news to any enterprise, environments are huge. They are beyond huge. When most of the solutions that enterprises use today were built, they were built for thousands, or tens of thousands of assets. These days, we measure enterprises in the billions, billions of different assets, especially if you include how applications are structured, containers, cloud, all that, billions and billions of different assets, and I think that, ultimately, when the latest and greatest in catastrophic new vulnerabilities come out, and sadly, that's a monthly occurrence these days. You can't just now wait around for things to kind of scan through the environment, and figure out what's going on there. Real time images of vulnerabilities, real time understanding of what the risk is across that entire massive footprint is essential to be able to do things, and if you don't, then lots and lots of teams of people are tasked with doing this day in, day out, in order to accomplish the task. The second thing, I think, is the reach. Scanners can't go everywhere. They don't really deal well with environments that are a mixed IT/OT, for instance, like some of our clients deal with. They can't really deal with areas that aren't classic IT. And in general, these days over 70% of assets are in fact of the unmanaged variety, if you will. So combining different approaches from an Armis standpoint of both passive and active, we reach a tremendous scale, I think, within the environment, and ability to provide or reach that is complete. What if you could have vulnerability management, cover a hundred percent of your environment, and in a very effective manner, and in a very scalable manner? And the last thing really is context. And that's a big deal here. I think that most vulnerability management programs hinge on asset context, on the ability to understand, what are the assets I'm dealing with? And more importantly, what is the criticality of these assets, so I can better prioritize and manage the entire process along the way? So with these things in mind, that's what Armis has basically pulled out is a vulnerability management process. What if we could collect all the vulnerability information from your entire environment, and give you a map of that, on top of that map of assets? Connect every single vulnerability and finding to the relevant assets, and give you a real way to manage that automatically, and in a way that prevents teams of people from having to do a lot of grunt work in the process. >> Yeah, it's like building a search engine, almost. You got the behavioral, contextual. You got to understand what's going on in the environment, and then you got to have the context to what it means relative to the environment. And this is the criticality piece you mentioned, this is a huge differentiator in my mind. I want to unpack that. Understanding what's going on, and then what to pay attention to, it's a data problem. You got that kind of search and cataloging of the assets, and then you got the contextualization of it, but then what alarms do I pay attention to? What is the vulnerability? This is the context. This is a huge deal, because your businesses, your operation's going to have some important pieces, but also it changes on agility. So how do you guys do that? That's, I think, a key piece. >> Yeah, that's a really good question. So asset criticality is a key piece in being able to prioritize the operation. The reason is really simple, and I'll take an example we're all very, very familiar with, and it's been beaten to death, but it's still a good example, which is Log4j, or Log4Shell. When that came out, hundreds of people in large organizations started mapping the entire environment on which applications have what aspect of Log4j. Now, one of the key things there is that when you're doing that exercise for the first time, there are literally millions of systems in a typical enterprise that have Log4j in them, but asset criticality and the application and business context are key here, because some of these different assets that have Log4j are part of your critical business function and your critical business applications, and they deserve immediate attention. Some of them, or some Git server of some developer somewhere, don't warrant quite the same attention or criticality as others. Armis helps by providing the underlying asset map as a built-in aspect of the process. It maps the relationships and dependencies for you. It pulls together and clusters together. What applications does each asset serve? So I might be looking at a server and saying, okay, this server, it supports my ERP system. It supports my production applications to be able to serve my customers. It serves maybe my .com website. Understanding what applications each asset serves and every dependency along the way, meaning that endpoint, that server, but also the load balancers are supported, and the firewalls, and every aspect along the way, that's the bread and butter of the relationship mapping that Armis puts into place to be able to do that, and we also allow users to tweak, add information, connect us with their CMDB or anywhere else where they put this in, but once the information is in, that can serve vulnerability management. It can serve other security functions as well. But in the context of vulnerability management, it creates a much more streamlined process for being able to do the basics. Some critical applications, I want to know exactly what all the critical vulnerabilities that apply to them are. Some business applications, I just want to be able to put SLAs on, that this must be solved within a week, this must be solved within a month, and be able to actually automatically track all of these in a world that is very, very complex inside of an operation or an enterprise. >> We're going to hear from some of your customers later, but I want to just get your thoughts on, anecdotally, what do you hear from? You're the CTO, co-founder, you're actually going into the big accounts. When you roll this out, what are they saying to you? What are some of the comments? Oh my God, this is amazing. Thank you so much. >> Well, of course. Of course. >> Share some of the comments. >> Well, first of all, of course, that's what they're saying. They're saying we're great. Of course, always, but more specifically, I think this solves a huge gap for them. They are used to tools coming in and discovering vulnerabilities for them, but really close to nothing being able to streamline the truly complex and scalable process of being able to manage vulnerabilities within the environment. Not only that, the integration-led, designer-led deployment and the fact that we are a completely agent-less SaaS platform are extremely important for them. These are times where if something isn't easily deployable for an enterprise, its value is next to nothing. I think that enterprises have come to realize that if something isn't a one click deployment across the environment, it's almost not worth the effort these days, because environments are so complex that you can't fully realize the value any other way. So from an Armis standpoint, the fact that we can deploy with a few clicks, the fact that we immediately provide that value, the fact that we're agent-less, in the sense that we don't need to go around installing a footprint within the environment, and for clients who already have Armis, the fact that it's a flip of a switch, just turn it on, are extreme. I think that the fact, in particular, that Armis can be deployed. the vulnerability management can be deployed on top of the existing vulnerability scanner with a simple one-click integration is huge for them. And I think all of these together are what contribute to them saying how great this is. But yeah, that's it. >> The agent listing is huge. What's the alternative? What does it look like if they're going to go the other route, slow to deploy, have meetings, launch it in the environment? What's it look like? >> I think anything these days that touches an endpoint with an agent goes through a huge round of approvals before anything goes into an environment. Same goes, by the way, for additional scanners. No one wants to hear about additional scanners. They've already gone through the effort with some of the biggest tools out there to punch holes through firewalls, to install scanners in different ways. They don't want yet another scanner, or yet another agent. Armis rides on top of the existing infrastructure, the existing agents, the existing scanners. You don't need to do a thing. It just deploys on top of it, and that's really what makes this so easy and seamless. >> Talk about Armis research. Can you talk about, what's that about? What's going on there? What are you guys doing? How do you guys stay relevant for your customers? >> For sure. So one of the, I've made a lot of bold claims throughout, I think, the entire Q and A here, but one of the biggest magic components, if you will, to Armis that kind of help explain what all these magic components are, are really something that we call our collective asset knowledge base. And it's really the source of our power. Think of it as a giant collective intelligent that keeps learning from all of the different environments combined that Armis is deployed at. Essentially, if we see something in one environment, we can translate it immediately into all environments. So anyone who joins this or uses the product joins this collective intelligence in essence. What does that mean? It means that Armis learns about vulnerabilities from other environments. A new Log4j comes out, for instance. It's enough that, in some environments, Armis is able to see it from scanners, or from agents, or from SBOMs, or anything that basically provides information about Log4j, and Armis immediately infers or creates enrichment rules that act across the entire tenant base, or the entire client base of Armis. So very quick response to industry events, whenever something comes out, again, the results are immediate, very up to the minute, very up to the hour, but also I'd say that Armis does its own proactive asset research. We have a huge data set at our disposal, a lot of willing and able clients, and also a lot of partners within the industry that Armis leverages, but our own research is into interesting aspects within the environment. We do our own proactive research into things like TLStorm, which is kind of a bit of a bridging research and vulnerabilities between cyber physical aspect. So on the one hand, the cyber space and kind of virtual environments, but on the other hand, the actual physical space, vulnerabilities, and things like UPSs, or industrial equipment, or things like that. But I will say that also, Armis targets its research along different paths that we feel are underserved. We started a few years back research into firmwares, different types of real time operating systems. We came out with things like URGENT/11, which was research into, on the one hand, operating systems that run on two billion different devices worldwide, on the other hand, in the 40 years it existed, only 13 vulnerabilities were ever exposed or revealed about that operating system. Either it's the most secure operating system in the world, or it's just not gone through enough rigor and enough research in doing this. The type of active research we do is to complement a lot of the research going on in the industry, serve our clients better, but also provide kind of inroads, I think, for the industry to be better at what they do. >> Awesome, Nadir, thanks for sharing the insights. Great to see the research. You got to be at the cutting edge. You got to investigate, be ready for a moment's notice on all aspects of the operating environment, down to the hardware, down to the packet level, down to the any vulnerability, be ready for it. Great job. Thanks for sharing. Appreciate it. >> Absolutely. >> In a moment, Tim Everson's going to join us. He's the CSO of Kalahari Resorts and Conventions. He'll be joining me next. You're watching theCUBE, the leader in high tech coverage. I'm John Furrier. Thanks for watching. (upbeat music)

(upbeat music) >> Today's organizations are overwhelmed by the number of different assets connected to their networks, which now include not only IT devices and assets, but also a lot of unmanaged assets, like cloud, IoT, building management systems, industrial control systems, medical devices, and more. That's not just it, there's more. We're seeing massive volume of threats, and a surge of severe vulnerabilities that put these assets at risk. This is happening every day. And many, including me, think it's only going to get worse. The scale of the problem will accelerate. Security and IT teams are struggling to manage all these vulnerabilities at scale. With the time it takes to exploit a new vulnerability, combined with the lack of visibility into the asset attack surface area, companies are having a hard time addressing the vulnerabilities as quickly as they need. This is today's special CUBE program, where we're going to talk about these problems and how they're solved. Hello, everyone. I'm John Furrier, host of theCUBE. This is a special program called Managing Risk Across Your Extended Attack Surface Area with Armis, new asset intelligence platform. To start things off, let's bring in the co-founder and CTO of Armis, Nadir Izrael. Nadir, great to have you on the program. >> Yeah, thanks for having me. >> Great success with Armis. I want to just roll back and just zoom out and look at, what's the big picture? What are you guys focused on? What's the holy grail? What's the secret sauce? >> So Armis' mission, if you will, is to solve to your point literally one of the holy grails of security teams for the past decade or so, which is, what if you could actually have a complete, unified, authoritative asset inventory of everything, and stressing that word, everything. IT, OT, IoT, everything on kind of the physical space of things, data centers, virtualization, applications, cloud. What if you could have everything mapped out for you so that you can actually operate your organization on top of essentially a map? I like to equate this in a way to organizations and security teams everywhere seem to be running, basically running the battlefield, if you will, of their organization, without an actual map of what's going on, with charts and graphs. So we are here to provide that map in every aspect of the environment, and be able to build on top of that business processes, products, and features that would assist security teams in managing that battlefield. >> So this category, basically, is a cyber asset attack surface management kind of focus, but it really is defined by this extended asset attack surface area. What is that? Can you explain that? >> Yeah, it's a mouthful. I think the CAASM, for short, and Gartner do love their acronyms there, but CAASM, in short, is a way to describe a bit of what I mentioned before, or a slice out of it. It's the whole part around a unified view of the attack surface, where I think where we see things, and kind of where Armis extends to that is really with the extended attack surface. That basically means that idea of, what if you could have it all? What if you could have both a unified view of your environment, but also of every single thing that you have, with a strong emphasis on the completeness of that picture? If I take the map analogy slightly more to the extreme, a map of some of your environment isn't nearly as useful as a map of everything. If you had to, in your own kind of map application, you know, chart a path from New York to whichever your favorite surrounding city, but it only takes you so far, and then you sort of need to do the rest of it on your own, not nearly as effective, and in security terms, I think it really boils down into you can't secure what you can't see. And so from an Armis perspective, it's about seeing everything in order to protect everything. And not only do we discover every connected asset that you have, we provide a risk rating to every single one of them, we provide a criticality rating, and the ability to take action on top of these things. >> Having a map is huge. Everyone wants to know what's in their inventory, right, from a risk management standpoint, also from a vulnerability perspective. So I totally see that, and I can see that being the holy grail, but on the vulnerability side, you got to see everything, and you guys have new stuff around vulnerability management. What's this all about? What kind of gaps are you seeing that you're filling in the vulnerability side, because, okay, I can see everything. Now I got to watch out for threat vectors. >> Yeah, and I'd say a different way of asking this is, okay, vulnerability management has been around for a while. What the hell are you bringing into the mix that's so new and novel and great? So I would say that vulnerability scanners of different sorts have existed for over a decade. And I think that ultimately what Armis brings into the mix today is how do we fill in the gaps in a world where critical infrastructure is in danger of being attacked by nation states these days, where ransomware is an everyday occurrence, and where I think credible, up-to-the-minute, and contextualize vulnerability and risk information is essential. Scanners, or how we've been doing things for the last decade, just aren't enough. I think the three things that Armis excels at and completes the security staff today on the vulnerability management side are scale, reach, and context. Scale, meaning ultimately, and I think this is of no news to any enterprise, environments are huge. They are beyond huge. When most of the solutions that enterprises use today were built, they were built for thousands, or tens of thousands of assets. These days, we measure enterprises in the billions, billions of different assets, especially if you include how applications are structured, containers, cloud, all that, billions and billions of different assets, and I think that, ultimately, when the latest and greatest in catastrophic new vulnerabilities come out, and sadly, that's a monthly occurrence these days. You can't just now wait around for things to kind of scan through the environment, and figure out what's going on there. Real time images of vulnerabilities, real time understanding of what the risk is across that entire massive footprint is essential to be able to do things, and if you don't, then lots and lots of teams of people are tasked with doing this day in, day out, in order to accomplish the task. The second thing, I think, is the reach. Scanners can't go everywhere. They don't really deal well with environments that are a mixed IT/OT, for instance, like some of our clients deal with. They can't really deal with areas that aren't classic IT. And in general, these days over 70% of assets are in fact of the unmanaged variety, if you will. So combining different approaches from an Armis standpoint of both passive and active, we reach a tremendous scale, I think, within the environment, and ability to provide or reach that is complete. What if you could have vulnerability management, cover a hundred percent of your environment, and in a very effective manner, and in a very scalable manner? And the last thing really is context. And that's a big deal here. I think that most vulnerability management programs hinge on asset context, on the ability to understand, what are the assets I'm dealing with? And more importantly, what is the criticality of these assets, so I can better prioritize and manage the entire process along the way? So with these things in mind, that's what Armis has basically pulled out is a vulnerability management process. What if we could collect all the vulnerability information from your entire environment, and give you a map of that, on top of that map of assets? Connect every single vulnerability and finding to the relevant assets, and give you a real way to manage that automatically, and in a way that prevents teams of people from having to do a lot of grunt work in the process. >> Yeah, it's like building a search engine, almost. You got the behavioral, contextual. You got to understand what's going on in the environment, and then you got to have the context to what it means relative to the environment. And this is the criticality piece you mentioned, this is a huge differentiator in my mind. I want to unpack that. Understanding what's going on, and then what to pay attention to, it's a data problem. You got that kind of search and cataloging of the assets, and then you got the contextualization of it, but then what alarms do I pay attention to? What is the vulnerability? This is the context. This is a huge deal, because your businesses, your operation's going to have some important pieces, but also it changes on agility. So how do you guys do that? That's, I think, a key piece. >> Yeah, that's a really good question. So asset criticality is a key piece in being able to prioritize the operation. The reason is really simple, and I'll take an example we're all very, very familiar with, and it's been beaten to death, but it's still a good example, which is Log4j, or Log4Shell. When that came out, hundreds of people in large organizations started mapping the entire environment on which applications have what aspect of Log4j. Now, one of the key things there is that when you're doing that exercise for the first time, there are literally millions of systems in a typical enterprise that have Log4j in them, but asset criticality and the application and business context are key here, because some of these different assets that have Log4j are part of your critical business function and your critical business applications, and they deserve immediate attention. Some of them, or some Git server of some developer somewhere, don't warrant quite the same attention or criticality as others. Armis helps by providing the underlying asset map as a built-in aspect of the process. It maps the relationships and dependencies for you. It pulls together and clusters together. What applications does each asset serve? So I might be looking at a server and saying, okay, this server, it supports my ERP system. It supports my production applications to be able to serve my customers. It serves maybe my .com website. Understanding what applications each asset serves and every dependency along the way, meaning that endpoint, that server, but also the load balancers are supported, and the firewalls, and every aspect along the way, that's the bread and butter of the relationship mapping that Armis puts into place to be able to do that, and we also allow users to tweak, add information, connect us with their CMDB or anywhere else where they put this in, but once the information is in, that can serve vulnerability management. It can serve other security functions as well. But in the context of vulnerability management, it creates a much more streamlined process for being able to do the basics. Some critical applications, I want to know exactly what all the critical vulnerabilities that apply to them are. Some business applications, I just want to be able to put SLAs on, that this must be solved within a week, this must be solved within a month, and be able to actually automatically track all of these in a world that is very, very complex inside of an operation or an enterprise. >> We're going to hear from some of your customers later, but I want to just get your thoughts on, anecdotally, what do you hear from? You're the CTO, co-founder, you're actually going into the big accounts. When you roll this out, what are they saying to you? What are some of the comments? Oh my God, this is amazing. Thank you so much. >> Well, of course. Of course. >> Share some of the comments. >> Well, first of all, of course, that's what they're saying. They're saying we're great. Of course, always, but more specifically, I think this solves a huge gap for them. They are used to tools coming in and discovering vulnerabilities for them, but really close to nothing being able to streamline the truly complex and scalable process of being able to manage vulnerabilities within the environment. Not only that, the integration-led, designer-led deployment and the fact that we are a completely agent-less SaaS platform are extremely important for them. These are times where if something isn't easily deployable for an enterprise, its value is next to nothing. I think that enterprises have come to realize that if something isn't a one click deployment across the environment, it's almost not worth the effort these days, because environments are so complex that you can't fully realize the value any other way. So from an Armis standpoint, the fact that we can deploy with a few clicks, the fact that we immediately provide that value, the fact that we're agent-less, in the sense that we don't need to go around installing a footprint within the environment, and for clients who already have Armis, the fact that it's a flip of a switch, just turn it on, are extreme. I think that the fact, in particular, that Armis can be deployed. the vulnerability management can be deployed on top of the existing vulnerability scanner with a simple one-click integration is huge for them. And I think all of these together are what contribute to them saying how great this is. But yeah, that's it. >> The agent listing is huge. What's the alternative? What does it look like if they're going to go the other route, slow to deploy, have meetings, launch it in the environment? What's it look like? >> I think anything these days that touches an endpoint with an agent goes through a huge round of approvals before anything goes into an environment. Same goes, by the way, for additional scanners. No one wants to hear about additional scanners. They've already gone through the effort with some of the biggest tools out there to punch holes through firewalls, to install scanners in different ways. They don't want yet another scanner, or yet another agent. Armis rides on top of the existing infrastructure, the existing agents, the existing scanners. You don't need to do a thing. It just deploys on top of it, and that's really what makes this so easy and seamless. >> Talk about Armis research. Can you talk about, what's that about? What's going on there? What are you guys doing? How do you guys stay relevant for your customers? >> For sure. So one of the, I've made a lot of bold claims throughout, I think, the entire Q and A here, but one of the biggest magic components, if you will, to Armis that kind of help explain what all these magic components are, are really something that we call our collective asset knowledge base. And it's really the source of our power. Think of it as a giant collective intelligent that keeps learning from all of the different environments combined that Armis is deployed at. Essentially, if we see something in one environment, we can translate it immediately into all environments. So anyone who joins this or uses the product joins this collective intelligence in essence. What does that mean? It means that Armis learns about vulnerabilities from other environments. A new Log4j comes out, for instance. It's enough that, in some environments, Armis is able to see it from scanners, or from agents, or from SBOMs, or anything that basically provides information about Log4j, and Armis immediately infers or creates enrichment rules that act across the entire tenant base, or the entire client base of Armis. So very quick response to industry events, whenever something comes out, again, the results are immediate, very up to the minute, very up to the hour, but also I'd say that Armis does its own proactive asset research. We have a huge data set at our disposal, a lot of willing and able clients, and also a lot of partners within the industry that Armis leverages, but our own research is into interesting aspects within the environment. We do our own proactive research into things like TLStorm, which is kind of a bit of a bridging research and vulnerabilities between cyber physical aspect. So on the one hand, the cyber space and kind of virtual environments, but on the other hand, the actual physical space, vulnerabilities, and things like UPSs, or industrial equipment, or things like that. But I will say that also, Armis targets its research along different paths that we feel are underserved. We started a few years back research into firmwares, different types of real time operating systems. We came out with things like URGENT/11, which was research into, on the one hand, operating systems that run on two billion different devices worldwide, on the other hand, in the 40 years it existed, only 13 vulnerabilities were ever exposed or revealed about that operating system. Either it's the most secure operating system in the world, or it's just not gone through enough rigor and enough research in doing this. The type of active research we do is to complement a lot of the research going on in the industry, serve our clients better, but also provide kind of inroads, I think, for the industry to be better at what they do. >> Awesome, Nadir, thanks for sharing the insights. Great to see the research. You got to be at the cutting edge. You got to investigate, be ready for a moment's notice on all aspects of the operating environment, down to the hardware, down to the packet level, down to the any vulnerability, be ready for it. Great job. Thanks for sharing. Appreciate it. >> Absolutely. >> In a moment, Tim Everson's going to join us. He's the CSO of Kalahari Resorts and Conventions. He'll be joining me next. You're watching theCUBE, the leader in high tech coverage. I'm John Furrier. Thanks for watching. (upbeat music)

>>law from Las Vegas. It's the Q covering a ws re invent 2019. Brought to you by Amazon Web service is and Intel along with its ecosystem partners. >>Welcome back to the Sands. We continue our coverage here on the Cube of Day, one of a W s ram in 2019 show. Bigger and better than ever. Tough to say, because last year was awesome. This year if they think you're gonna have a little bit higher on the knots. Justin Warren, I'm John Walls were joined by Brandon Walsh, who is the s creepy apartment relations at the 1901 group. Good to see you, sir. >>Thank you. Thank you for having me. >>Right now. I can't imagine anything intact dating back to 1901 So I'm trying to think What What was the origination of? Of the company? First off, tell us a little bit about what you do, but what's the name all about? >>Well, real quick for the name are our CEO. So new Singh came up with this idea for automation of I t routine. I t management in 1901 was the year the assembly line was invented, so a gentleman named Ransom E. Olds from the famed Oldsmobile gets credit for that. So so new named the company after that automation breakthrough of an assembly line model. And we have built an assembly line concept what we call an I T factory for a cloud migration factory into our operations center. And that's part of our managed service is offering that we sell, promote, provide to our customers. >>And, of course, you're doing that with the help of a company called Cohee City. Find Data Management Solutions provider. So let's talk a little bit about cohesively as well. And your relationship, how that works and what you're I guess, of deriving are extracted from their service is that you find that great value in that >>absolutely were. Maybe this is a little different for today in the show. We actually are a customer of Cohee City. We consume cohesive. So in our managed service offering portfolio, one of the things that we've been using Holy City four is helping our customers set, create or start up. Disaster recovery or backup service is capability. In 1901 group has been packaging marketing, selling that D R. As a service and that bur back up as a service to our federal state, local customers. >>A longtime fan of the Toyota production system, I am very pleased that you are turning an assembly line concept. You know, I think it's vastly overdue. So it's great to hear you focus a lot on the public sector is my understanding absolutely. Tell me a little bit more about what the public sector is. A very complicated based is a >>complicated is putting it politely. >>So walk us through how you're using cohesive toe help. Public sector organizations transform themselves to use this kind of as a service back up and disaster recovery. >>You hit on a really good point. It's sort of two points. One is the term is I t modernization. So in order to modernize a very large complex, I T Environment Assets Systems Service is multi locations, various data centers, multiple data classifications that that complexity with the cohesive product. What has allowed us to do is to start incrementally by doing a disaster recovery or a backup on premise that gives the agency since a confidence we get to show success and progress and that sort of a win win for everyone involved, where the growth with a future and how those agencies will modernize is once you start getting the data backed up properly, prepped for disaster, recover properly. You can also start migrating data toward Native Cloud. And particularly we've been working with AWS aws govcloud in particular, but also a WC commercial clout. >>I like how you mentioned that building trust part with the agencies to begin with. It's not so much about the technology, but about the human part of the process. Way heard that came out this morning with Andy Jesse talking about how data transfer transformation happens, and it's a lot to do with the humans. It's not all about technology. >>At the the organizational change, management is important as the technology change management and incremental shift toward the cloud and migration toward the cloud allows for both time and and reallocation of resource is both by the agency's contractors supporting the agencies and manage service providers like us, who are really providing more as a service. Models meaning way generally consumed the technology for the client, which is a little bit different of a model from the past, but that is the trend of the future. >>It's not purely incremental, though, because you're not. You have to change the way that you're doing things, to be using it as a service, as this thing from the way that you would have done it is purely on premises type infrastructure. Explain a little bit about how you helped these agencies to change the way they think to be able to use this as a service >>approach. Well, one of the one of the reasons we selected Cohesive E is because of their ability to scale out and their pricing model that allows us to better forecast costs and because we're managed service provider price to the government. So the scale out capability that Callie City provides allows us to buy technology capacity nodes as we need them so we don't have a large capital expenditure up front as orders come in. As agencies purchase as we grow, we can add to that capacity incrementally. That's lower risk for us. Lower risk for the client. So again it's a it's a win win in their pricing model. Their licensing model allows us to work with our agency customers and predict costing and pricing for next year, two years out, three years out, which, in the federal budget cycle appropriations are not appropriated. It is a pretty important thing >>got on a wire in the business. Frankly, it's such a, you know, just pull your hair out. I'm sure they're wonderful. This roast ready to say the least, but way heard a lot about a pretty big major theme, this transformation versus transition and in terms of government users, how do you get them into the transformation mindset when you have those obstacles you just talked about that you have a number of times, cycles and our funding cycles and development cycles. And so regulatory psychic, I mean and you write those concerns whatever they will throws their way, states what they throw their way. I think that would be just looking at it from the outside. Tough to get into a transformer mode when you are almost are constantly transitioning. It seems >>you bring up a good point. A. If I can make a comment about eight of us, AWS has been investing in in what's called Fed Ramp that's a federal accreditation program that insurers that that cloud systems and in the case of AWS have their security controls documented, properly documented to a standard and then enforced, so continuously monitored and reported on the investments AWS have been making. And and that speed of investment has been increasing over the last few years has really helped manage service providers. And I t providers like like 1901 group help the agency's understand how to transition and transform. But it's definitely a step. It's a step across. It's incremental in nature, but I congratulate AWS on that investment of time and resource is for Fed Ramp Way also are federally authorized way. We're going into our fifth year so we were early on and being able to watch A W s grow expand helps us helps our competition, but helps the agencies and helps. In the end, all citizens of the United States. So missions air getting better. Theodore Option is speeding up. I think a ws for that investment >>tell us a little bit more about how these federal agencies are using both AWS and Cohee City to work together because you mentioned that your business is built built on Cohee City. So where does that go? Where's coming >>s so So way started out using Cohee City in on premise environment to support federal civilian agencies. That model has been growing, so that was a single tenant, meaning we had one customer. On a single instance. We've expanded to a multi tenant instance. And now we're expanding into a AWS Cloud native instance, so being able to work with a complex environment, a complex data management environment being able to go from on prim to cloud of being will go from AWS back and forth, being able to manage that seamlessly, ensuring there's encryption of data at rest and in motion. That just makes our job that much easier. >>Now we know that Cohee City is a software data management company. It's not just about backup on D are so cohesive is making some inroads into other secondary data management service is, and some other things they're So what are you looking at to expand into what what a customer is asking you to do for them now that you've already proven yourself with with some of the D. R and back up type ability? Yeah, >>I mean, it really varies. It does very agency to agency smaller, independent agencies really may be looking at a cohesive technology to manage fragmented data. Larger agencies and groups and programs within agencies have different. Different asks different requirements. It's really hard to say a single what is the thing? I would say that the flexibility cohesive he gives us is the ability to go hybrid. So depending on what the customers asking feature wise functionality, wise architecture wise way think that Cally city is very flexible >>and about the public sector market. Then if you if you could put your headlight on that for the next 23 years, he was talked about some cycles of that far out. What do you think it would be? A. I guess shift is the right word. What would be a useful or valuable shift in terms of the public sector in terms of their acceptance or adoption in your world? >>Well, so as applications are lifted and shifted or migrated re factored rewritten into cloud environments, you're gonna we're going to see you're going to see mission applications at the agency level moved to cloud reside in the cloud, so data for performance reasons is gonna have to be right next to that application. So the data management, whether it's for production or test Dev Kohli City's got emerging capability for for Dev Test. I think it's a test of but deaf task. So all these pieces sort of go together as a CZ, you said, going from transitioning to transforming and you start looking to three years out. I do believe the agencies have a lot of momentum. There are some really interesting activities being done in the federal state local realm, around artificial intelligence machine learning. So being able to do the compute storage, the networking and security all within a A W s cloud, it's just going to speed things up and make cost and performance more manageable and transparent. >>Thank you for the time. We appreciate that. We find out earlier that Brendan is a Washington Redskins fan and a D. C. Resident, as am I. And I thought 90 No. One was the last time we had a playoff tape. It was quite that far back, but it certainly seems like it, doesn't it? Hang in there, Thank you very much. Enjoy that. Brenda Walsh joining us from the 1901 group back lot with more live here from AWS reinvent with just a warning. I'm John Walls and you are watching the Cube

>> Announcer: Live from San Diego, California it's the Cube covering Cisco Live US 2019. Brought to you by Cisco and it's ecosystem partners. >> Welcome back to the Cube, Lisa Martin with Stu Miniman rounding out day one of our coverage of Cisco live! in San Diego. We're pleased to welcome Tera Sumner, the senior manager of Global Product Management at CenturyLink. Tera welcome to the Cube. >> Thank you, thank you both for having me. >> So we've had a number of folks from CenturyLink on the Cube over the years, I know that you guys are a big US communications provider. >> Tera: We are. >> You've got customers in over 60 countries but this is no longer your grandfather's CenturyLink. >> That's right. >> Lisa: Tell us more about it. >> So we are focused in the next roll out of the next phase of CenturyLink. We're moving from a telecommunications company to a technology company and the division that I work in for UC&C the unified communications that's where it's at. That's where it's all going to take place and having a partnership with Cisco is key for us to get from that telecoms base to the technologies base for sure. >> So bring us inside a little bit, Unified communication and collaboration, you know, Cisco obviously a strong presence in that space. Lot's of people have used Webex and understand the various, you know, VOIP phones and everything that they do there. What particularly brings Cisco and CenturyLink together? Is it engineering work, field, go to market, you know where are the pieces? >> Sure and it's all of those, right. It's all of those, what's been very nice is that Cisco has embraced the idea of being a platform and not a siloed individual product line. And so for a service provider like CenturyLink, for us to be able to embrace that same philosophy of the platform of services, what that means is that our engineering and field ops folks, our operations teams do all the hard work on the back end to make sure that we have established all of the right security, the right network, the reliability, the global scaleability of our specific platform of services and being that leader in telecommunications. And then we're able to lay that Cisco platform on top of it and what happens then from a product management level is once you've established that foundation, it's really plug and play. The customer calls and says "I need calling, I need meetings, I need" you know whatever it is they need and we build that solution and very quickly can put those components into play and get them to use the service right away. >> So we were all at Enterprise Connect. We were all just talking about that, Stu and I hosted the Cube there just, what a couple of months ago I guess. And it's such an interesting, it was an interesting event because everything is centered around communication. You can't have a great customer experience without having a phenomenal and very connected communications platform within an organization. >> Correct. >> You can't have great satisfied employees if they don't have the connectivity that they need so really looking at enterprise communication and collaboration tools as table stakes, >> Tera: Absolutely. >> For any organization because without it you're, in any industry, there's a competitor right on your coattails ready to swoop in if you're going to be making any mistakes. >> Tera: Absolutely. >> And now as we look at the waves of change with respect to connectivity, the explosion and expansion of 5G, the proliferation of the amount of mobile data that's going to be video traversing that works, massive demand placed on any organization to be able to deliver communications extremely quickly and extremely securely. Talk to us about some of the waves that you're going to be riding in helping customers to mitigate with respect to these new demands for high density, high performance connectivity. >> Sure, so if we talk to customers, as you know, today one of the biggest things is, it's all about security. We have a massive and really super intelligent security department at CenturyLink and it's kind of cool watching all of the various projects that they get into because they're so passionate. And not only are they passionate about it, they're adamant that we make as much of a connection secure, meetings, any kind of information secure that we possibly can and we've mitigated any risk possible. And then you take that and you have to communicate that information but you have to also be able to showcase the various solutions that you have, all of the Cisco platforms that you have. So what we have also done is we've taken that platform of services from Cisco and we've put it in the hands of our operations folks, our sales folks, our field techs, our executives, our middle management group and every one of them knows then how to quickly use the teams application from their desktop, they all have it on their, and I don't have my phone with me, they'll have it on their mobile device. So it's very familiar, it's very quick and it's always on, right so they're connected all the time, which I know we all say "I hate that, I hate that." the minute you don't have it, it drives people crazy. So it's a very valuable tool for us from a product management perspective to put these tools in the hands of our internal users who are the voice to that customer, so when the customer calls and goes "Oh my gosh, I don't know what's going on", "Ah, I've been there before, let me help you out and let me do that very quickly." >> So want you to help us understand, how are you helping customers keep up with just the rapid pace of change that's going on here. As Lisa mentioned Enterprise Connect, the themes I was hearing, very similar to what we're hearing here at the show. You know cloud drastically changing architectures, AI and ML infusing itself into all the environments there. It feels like from a customer standpoint every time they go do a role, it's like "Oh wait, hold on, didn't you hear about the new thing and the new thing and the new thing." And, >> And don't use that, use this. >> That tendency to, like oh wait, I thought I was down the path yet I constantly need hear about yet another thing. >> Absolutely, so yes, you're right it's a constant game of catch up if you will. Have you tried the new app, do you have the latest version of X, Y and Z? What we're trying to do is also bridge that gap because we have tremendously intelligent and savvy customers where it used to be if you build it, they will come and now it's no, no, no, don't even build it. Let them tell you what your market needs to drive, the customers have the most unique uses for the technology these days and we have to keep up with that. So we let those customers help drive where we go from a product standpoint but at the same time I've got traditional customers who are saying "Okay, somebody told me I need to get to the cloud." "Okay, I can help you with that." We have a very unique perspective on how we bring customers onboard, on how we get customers to adopt the technology and truly, the way that we do that is with the human touch right. We concentrate completely on our customer experience from end to end, so if you give us a call and you say "Here's a problem I need to solve and here are the components I have sitting in there today." We design the solution that you need for your business needs and then we walk you through that step by step and when we're all implemented and ready to go we're still going to answer that phone. We're still going to answer your emails and take your calls and say "What else can I do for you? How can I help? How do we want to expand?" So it's really that customer service on top of the focus of customer experience that makes CenturyLink I think still very unique in the industry because we care that what we are putting in your hands as a customer is something that not only you will use but you'll talk about in a very positive light. >> So given that everything you talked about, you know connectivity, and when we don't have connectivity you feel like you've lost a limb or you've lost sight or hearing. It's that disconnect that is just, these days it feels so strange but customers need to have definitely, and that was a theme I think that we hear at every event. We also heard it at Enterprise Connect, it's not just AI it's humans and AI but speed is essential for any industry especially those that are undergoing any sort of transformation because they've got to stay ahead of their competition. So how do you balance that, how does CenturyLink balance that need for speed and also deliver a customer experience that's unique as you say, that has that personalized element that it sounds like I'm hearing. How are you leveraging tools like automation and AI machine learning to help CenturyLink deliver that customer experience but quickly? >> Well, we're doing lots of things, some of the things that we're doing is that automation from the first time they click on the website to say "What's going on at CenturyLink? Oh, they've got UC&C." You click a button and you read a little bit about what the products are and you can order it right then and there and then you get it turned around very quickly to put it in your hands. And oh by the way, if you need some help we've got the training videos, we've got you know, a phone number for you to call if you really need some human explanation of "Okay, I just can't figure this out, I can't get that." So the automation is key for sure. When you're talking about speed, as you know if anyone has teenagers around and they're using gaming systems or you're watching Netflix or whatever it is that you're doing all day, you are eating a ton of bandwidth. And so what's nice about working for CenturyLink is that well, we're the provider of the bandwidth, so we get to see the trending of what products are consuming the most of that bandwidth and we very quickly can prioritize and say "this content delivery network needs more" or "Holy Cow, what is U&C doing in Latin America or APAC or EMEA? They're consuming a ton of bandwidth, we need to allocate more and put a priority on that." And so that's different than other competitors who aren't also service providers because then they have to go back and negotiate. "No, no, no, my services really do need more bandwidth and I really do need some priority and be nice to me and I'll take care of it." Right, so we have that ability at CenturyLink to do that very quickly. >> So Tera, CenturyLink's had a long partnership with Cisco, a very deep relationship, Cisco's been talking a lot about their transformation. Remember a year ago, it was when you think about, you know Cisco 2030, it's not as a networking company it's a software company. Give us your assessment as a partner, what you've been seeing in Cisco and also bring us in a little as to how CenturyLink is, as we said at the beginning, a different CenturyLink that we might have thought of in a previous generation? >> Sure and it's a good question, it's for me I've been at CenturyLink for, you know as I mentioned, about 15 years and I've got to witness and be a part of the initial relationship with Cisco that we had, up unto today when I help manage that relationship and it really has transformed from a relationship to a partnership. And it's no longer just they give you something and you go and implement it, now it's truly the give and take. Right, you have these conversations, but we also have the relationships with several of the employees of Cisco to say "Okay, I understand you're putting this into the network, tell me a little bit more about that, how is that unique to a service provider versus an enterprise? How can I make that a better value proposition for my customer base because of CenturyLink?" And we get the reciprocal communication back and forth, whereas years ago it was "Here you go, here's what we're giving you, go ahead and put that into the network." So it's really been exciting for us at CenturyLink and certainly, I think, for our Cisco folks because it's easy now, we know each other very well, we know so many of the employees at both companies that when I pick up the phone its "Hey, how's it going?" Instead of "Oh, I need to speak to the Vice President of X, Y, Z." Right, so it's truly been a great transformation in a partnership from that relationship to that true partnership where there's give and take. And if we have a question or we think "You know I've got this amazing customer who has this bizarrely intelligent ask." I want to help them with that. I have no hesitation to pick up the phone to call my partner and say "You're going to love this. Help me figure out how to get us there." And it's really been working quite well over the last few years. I'm kind of excited to see how far it goes in the next few. >> So it sounds like it's evolved into a much more strategic partnership. >> Tera: Absolutely. >> Is that an accelerator or facilitator of CenturyLink's transformation to a technology company? >> It's both of those things, it's a complete accelerator but it just makes sense when you have partners who have that very similar vision that you do from a strategic company, you look at that and think "Okay, you know what, this is going to fit very nicely into my strategy, my mission statement" and it's going to be a much easier transition for all of my colleagues as a result because then they can see "Oh, that's exactly what we need to do." We need to take these steps to move into that technology mode and now you're showing me how to do that with your strategic partnership with Cisco. It's very fun. >> Fun is good, Tera thank you so much for joining Stu and me on the Cube this afternoon. >> Absolutely. - We're going to keep our eye on CenturyLink, we appreciate your time. >> Absolutely, come and visit us any chance you get. >> All right, for Stu Miniman, I'm Lisa Martin, you're watching the Cube, day one of our coverage of Cisco Live has just come to an end. We want to thank you so much for watching and catch us starting tomorrow morning, day two from San Diego. Thanks for watching.

>> Live from Las Vegas, it's the Cube, covering AWS re:Invent 2018! Brought to you by Amazon Web Services, Intel, and their ecosystem partners. >> Okay, welcome back, everyone. It's the Cube's live coverage here in Las Vegas, at AWS re:Invent 2018. I'm John Furrier, here with Lauren Cooney. Host of the Cube: Amazon web services. There are maybe 2,000 people here at their event, re:Invent annual conference, breaking it all down. Storage, computer networking, part of the main infrastructures involving changing very rapidly and spawning new use cases, new value propositions, it's creating a great ecosystem dynamic. We're here with Erik Kaulburg, who is the vice president of Infinidat, Cube alumni, great to see you again. >> Nice to see you as well. >> Been on the Cube multiple times. I think last time it was at VMWorld, or a studio? >> At, actually, our product launch for the cloud storage solution, as well. >> So, you guys got a great reputation. Take a minute, just, for the folks who might now know Infinidad, explain what you guys do, and your disruptive innovation. >> So, for Infinidad, we're all about tier-one environments, and it's the data piece of that environment, today, although that may not be forever. And, it's consumed through a couple of different modalities, so one of our big pieces of news earlier this year was that we were going beyond just the InfiniBox solution, which we shipped over four exabytes of to enterprises all around the world today, and broadening that to address the secondary storage market with InfiniGuard and Neutrix Cloud, which is a way to consume our capabilities completely as an iAd service in conjunction with other public clouds. >> Let's get that in a second, I want to get to the product in a second, but I want to first get your take on the market conditions, cloud storage, you're seeing pure storage had a big announcement of now they're doing a device, now doing software on premise, Amazon's going to have a device on premise, it's up for the cloud. Like, what the hell is going on? Storage is certainly growing like crazy. What does the market look like? Obviously, API, microservices, these are important things. Data still is the number one opportunity, but still a challenge. You guys are the center of it, what's the market look like to you? >> Absolutely, I couldn't agree more with the idea that data is at the middle of everything, and the lines are getting blurry between on-prem and public cloud environments as well. So, what I'm seeing in general is that companies which used to sell boxes, or primarily sell boxes today, are trying to figure out ways to play in the public cloud environments, and they're taking one of two paths. One is to develop a solution that's kind of leveraging the built-in infrastructure from the major public clouds, and the other is to build alongside it and enable those major public clouds, and potentially do so in a slightly less captive manner. So, that's what I'm kind of seeing across the industry, with regards to the public cloud. >> What's the role of storage here at re:Invent, because, like I said, Holy Trinity is of infrastructures, computer storage, and networking, and as that evolves, with each one having its new capabilities with Cloudify, is enabling new opportunities. What is the storage role now in the modern era of cloud as it is today? What's your view on that? >> Well, part of it is just providing excellent data services that are at the core of so many of these emerging environments. Like, we were listening to Monday Night Live yesterday, and one of the distinguished folks on there from the machine learning team was talking about the importance of getting more training data, so that you can run these more advanced machine learning workflows, and get things done quicker. We use less PHP type resources to get a problem solved, so I think that category of solutions, where you're using more storage capabilities as an enabler for more business value, or more value in the end application, is a trend that's going to absolutely continue for quite a while. >> What's the hottest area in Amazon cloud native world for storage that you see a lot of customers gravitating to? What's the number one? >> Well, I think, in general if you look at the adoption patterns of their block, file, and objects storage offerings, object is still dominating the vast majority of those kinds of use cases, and it comes from the perspective of applications that were written with cloud native services in mind. However, we think, I think, that there's a whole opportunity there, outside of the traditional, traditional cloud native object architectures, in the block and file arena, which has largely been untapped by the data and storage services, and that's an area where we and others in the industry are looking to augment. >> What is the competition? What's, like, NetApp doing? Let me ask, everyone's got to be on mobile clouds. Amazon, clearly the leader. They're making the market, so unless, say Kubernetes doesn't intermediate their services, for the most part, that's the market leader, but you got to play on a lot of clouds, because customers aren't going to have one cloud, they're going to certainly be hybrid on premises and cloud, but certainly be on multiple clouds. What's, like, NetApp and these guys doing? What's the competition doing? >> So, what I see NetApp doing is taking that kind of cloud captive approach, to be honest, what I see is they've got tied immigration, which is very impressive, with several major public cloud vendors. However, the challenge is, when you want cross those silos, you have a little bit more complexity that arises with that approach. >> Like what? >> So, you may have to spin up a separate set of data in Azure. Let's say, if you want to have an application cross the boundaries between AWS and Azure. >> Okay, let's get back to your storage solution. Neutrix Cloud, what is this about? Explain the product at a high level, we drill into it. >> So on a fundamental level, we believe in flexibility of Infinidad, and that's extended through all sorts of aspects of our product portfolio, but specifically, with regards to cloud storage, Neutrix delivers flexibility of having an outside set of infrastructure that's still tightly integrated with the major public clouds, including AWS, of course, and it delivers high resiliency, the five nines SLA, which we've talked about, which we believe is best in class, as well as enterprise-grade capabilities that previously you really had to look to an on-prem array to be able to achieve. Large-scale snapshot operations, asynchronous and synchronous replication natively built in, all these kinds of things, which make it easier to take tier one applications from an on-prem environment and bring those to the public cloud environments. >> And what's the core problem that you solved with this product? >> It's, you can't get tier one cloud storage today. What we would argue, anyway, and our customers are telling us that the features and capabilities, and even business guarantees provisions around the cloud storage offerings in the market today simply don't exist to the level that they need to be to support the last, let's say, 30% of applications that have not yet moved on to the public clouds. So, that's what we're addressing, making it easier for storage to accomplish that. >> You guys always have impressive customers, always see the big names, give some examples of some use cases. >> So, our customers have fallen into two categories, with regards to Neutrix Cloud adoption. The easy case, and the most natural for many of them, since they are buying our on-prem infrastructure at a large scale today, is, well, let's start replicating that infrastructure to the Neutrix cloud environment, maybe do it as a disaster-recovery target, things like that, and we think that there's value there. There's lots of companies which do DR as a service, to be honest, we don't see that as necessarily the core competency, but it's a stepping stone to the second use case, which is cloud adoption for these tier one applications, and bringing them the flexibility of potentially having multiple cloud platforms addressing the same data. >> We talked about the cloud guys, so we don't want to put you on the spot here, because this is the same patterns happening. Old world storage was stack up the storage, and provision the storage, stuff goes on there, block, file, that good stuff. Now, with the cloud, and Amazon, this is where I want to get the Amazon tie-in with you guys, because storage is not necessarily just a magic, quadrant-like thing. Oh, back-up and recovery, this and that, you're starting to see much more of a platform approach. And successful platforms enable things to be successful. It's not like I built it for this, purpose-built kind of storage. Do you guys see yourselves as a data platform, and if so, what does that mean, and what are those key value points that you're creating off that platform? >> I think you said it, actually, better than I did, that ultimately, we want customers to be able to consume our differentiated data services in whatever modality they prefer. So, if that's an on-prem infrastructure piece, if that's a back-up optimizing environment, if that's a public cloud service, we offer all those today, and customers can take their data from one to the other or even view it as a single, kind of, data architecture that crosses all of those traditional silos. >> So, were you looking at, you know, kind of one of the things that I'm listening to you guys chat, and one of the things that I'm thinking of is, how hard is it for a customer to actually adopt your technology and deliver it, you know, utilize it, across multiple environments? >> So, many of the traditional on-prem infrastructure players have great barriers associated with their public cloud services. We're not one of them. We took an intentionally different approach, and learned from companies like AWS on how you can get clients easily onto the solution, how they can pay for it easily, and how, ultimately, they can deploy it in a large scale public cloud environment very easily. That's a huge part of the investment that we put into developing the Neutrix Cloud service. >> Right. >> So we can have clients up and running in less than a day, from initial contact to large scale adoption, and it could be even faster than that as well. >> Now onto your relations with Amazon. What's it like, what's the details of it, what's the value, what's the connection point? >> I think we all agree that tier one applications are the last major bastion for public cloud adoption. These are things which you would have had on legacy big iron infrastructure, and so, to the extent Neutrix Cloud enables those tier one applications to move to the public cloud, to move to AWS, there's a lot of synergy there in the relationship, so we're absolutely an Amazon technology partner. We enjoy great working relationship with them, there are certainly areas where we overlap, but if we all agree on the end goal, we've been able to make some impressive business strategies. >> So, who are you competitors that you're most, kind of, focused on? Well, you shouldn't be focused on your competitors, you should be focused on what you're doing, but who are the competitors that kind of keep you up a little bit at night? >> I would say others that people would lump in this space, include NetApp Solutions in the public cloud environments, we see a couple of small start-ups, like Zadara, for example, from time to time, but to be honest, the biggest competitive kind of scenario that we see is just using the native public cloud services. And customers have to think about, well, I'm planning on replatforming my application, how am I going to design it from a storage perspective and often they don't even think that there are alternatives beyond the native offerings that could potentially add more value to their environments. So, that's when we come into the conversation, and from that point forward, generally, if we have a good enterprise type workload, the value proposition is instant and obvious. >> You know, when you guys came out, we've been following you guys since your founding, Gabe and I would always talk about Infinidat. You got good pedigree of a team. Classic storage. You have a good storage market. You guys take a different approach with this start-up. Founders did this time. How do you describe the key differentiator for you guys? What's the, you mentioned earlier, it's the tier one storage, but what's the secret sauce, what's the culture like? People want to peek inside Infinidad. What are they buying? What are they really getting, besides the product performance? What's the culture like, what's the company's view on the future world, serious insight. >> I think there's several elements to that, of course, but a lot of it comes from that founding DNA. So, Moshe Yanai, who basically defined the enterprise storage category overall back in EMC, had a succession of teams that he's built over the years, and he's really brought all of those key elements together. Three generations of storage expertise. >> Successful, by the way, three generations of exits, >> Absolutely, yeah. Building an organic business, selling a business, and now this is the business that he wants to leave to his grandchildren at some point. >> How's it going so far, how's business in general? >> Well, you know, we're private, so I can't say specifics, but I'd say we're definitely heading in the right direction. Growth has been phenomenal, the adoption of our portfolio solutions, in addition to just the core product, has really put us in a position of a very strong, long-term independence. >> Portfolios in terms of product capabilities or industries you're serving, or both? >> It's, actually, on both fronts. I was referring to the product portfolio but we've definitely broadened from our initial base in the financial services sector, which is a hard nut to crack in general, as a, you know, into a lot of different use cases, because it turns out that industries have a high demand for data across virtually every sector. So, we go where the data is. >> What's next? What's the next milestone for you guys? What're you lookin' to do next? >> Well, we did just have a major product release, so I'm glad that we've that, you know, out there, we're getting customers in the cloud space. I think the end of this year is going to be very, very strong for us from a business perspective and then next year, lots of great product announcements, and then ultimately, you know, we'll say some more on the business momentum there as well. >> All right, Erik, thanks for coming on the Cube show, thanks for the update. Infinidad, check them out, successful exit, multiple ties in the entrepreneurial team there, growing, doing great, storage has been going away, neither is networking, and neither is computing, it's only going to get better, stronger, as the cloud brings in more capabilities with machine learning and more use cases, new work loads, new capabilities. The Cube bringing it down with two sets here in Las Vegas. I'm John Furrier and Lauren Cooney, on set one. Stay with us for more coverage after this short break. (electronic music)

Right, welcome to the studios here in Palo Alto. I'm John Three cohost in the queue. We here for Special News Conversation with Prakash, dodgy general manager of the flash array business at pure storage, some exciting cloud news for pure storage. Great to see you prakash. Thanks for coming in. Thanks for having us. So you guys got some big news. So I'm excited by this because I've been ranting and raving about how cloud native has been impacting the enterprise. It's pretty well documented that everyone's going going cloud operations. You guys are announcing a kind of a historic milestone for pure storage in that you guys had been doing great on the storage side within covering new since inception, but now as you guys continue to grow, you now have a new offering that's in the cloud. This is new for you guys. Talk about this announcement. What does it mean? You're an on premises storage, has done great to grow. Has Been Amazing gun public that now with the cloud growth you have a cloud offering. What's going on? Well, interestingly people were looking at storage for performance, cost and reliability reasons. That's kind of the three holy grails that you know, everyone expects out of storage. We added a fourth dimension in simplicity. Storage didn't need to be hard, and that's kind of the brand of pier and as we took a look, there was a fifth dimension that we realized was somewhat missing. While we made things simple. We didn't have the agility that public cloud offered. So as we were taking a liquid like, okay, public cloud brings to this instant available capacity, agility model, but do you have to trade off on the other dimensions? Performance costs for liability or simplicity, and our goal to bring customer value was to avoid tradeoffs. So why would you have to trade off on any of those dimensions? And then the second piece was why do you have to choose? Why do you have to choose between on premises or public cloud? And if you make the wrong choice, how do you have freedom to move? So the problem set that we were trying to address was that unification across all those dimensions, the onboarding of agility and frankly the ability to avoid people having to choose between them and use the best of what's available. Where know, I think you nailed something important that I want to get into the why you guys are doing this little bit deeper, but this notion of tradeoffs is an old it kind of philosophy. I got to trade this off to get that. Whether it's, you know, I want compute and stability or flexibility, agility, but with cloud and cloud operations, the operating model now is you choose, as you said, so this cloud operations on premises and cloud has to look the same. This is what we're hearing from Ceos and practitioners, cloud architects, they're re architecting their enterprises now because you know, the, the three main of it, storage, networking and compute never go away. It's just changing. This is a critical, fundamental piece of the architecture of it operations. Why now? Why cloud was the customer demand? Was it a natural progression for you guys? Explain. Explaining the why now. Well, I'll start with not the storage computer networking, but what they're used for and fundamentally the world's using those three dimensions for long, one of two sites, either building applications or building automation. That's kind of the two major trends in the industry. Now if we take a look, if you are running an application, primarily you would choose am I running it on premises or in the public cloud and as as the journeys emerged like public cloud probably introduction of as around 15 years ago, but initially there was this enamored. Everything's going there and then people settled down to some things will go here and some things will go here, but we believe that's a middle state where people are actually trying to do is deliver applications that solve problems and we believe that future is a hybrid application. Now, what is a hybrid application today? If you've got an on premises finance system, should you be able to use ai algorithms from Google's cloud? They book journal Entries for month end close. Let me, because it's now not a choice of am I using pads for the. That doesn't mean the whole application needs to sit in platform as a service. You should be able to use the best capabilities of what's available, where the same way today, anyone who is selling anything and using salesforce crm needs to ensure that what you've sold is booked in a finance system. That could be an sap finance system on premises, so what is the APP? It's an APP without borders now and these are modern day hybrid applications now coming and bringing that down to compute storage and networking. Trying to bring that together and actually deliver that in a consistent and operational way is difficult. It's a difficult across your application architectures. There are different. It's different across your management, even your consumption and how you bill cap ex versus Opex, but the big difference is that the storage layer, because the application architecture on premises relies on your storage for your reliability, but in the cloud they've actually moved that reliability characteristic to the middle tier. You're sharding and doing scaleout distributed application because you can't rely on the same characteristics out of your storage and we found this as an opportunity to bring these two worlds together. We call it the cloud divide. Talk about the cloud device. I think that's important because one of the things we talked with a lot of the end user customers, your customers and others, their challenges again, to focus on the outcomes that they want, the application that's going to drive their and and the value, not so much what the infrastructure, they have them create an infrastructure to enable that. What is this cloud divide when it comes to storage? In your mind, what did you guys discover? What were the key pain points? What were the, what was the customer's telling you around what and what is the cloud divide? No. Uh, the cloud divided, coming back to it is how you deal with applications, how you deal with management and how you deal with storage different between the enterprise in the cloud. We like to say the enterprise is not very cloudy, meaning you don't have instant available capacity in the cloud is not very enterprisey. Now what does that mean? What do we call enterprise? And there's a how it works with the rest of my landscape, what the API is our, uh, what the reliability characteristics, our performance and cost characteristics are also different. So if you want to adopt public cloud, you have to go ahead and say, I got to do a hard left, right? Because you're kind of going down this way and you got to choose a different path. And if you choose that hard left, you're now stuck on that road. It's a one way road. And we're trying to do is say, you know what, what if we could bridge these environments, like let's dig into the application architecture on the cloud divide. Pretty much people are using scale up or scale out as application architectures and then they're deciding, you know, vms or containers yet a, that those are common application development paradigms. What if you could use either one anywhere, right? Those technologies. Now, if you look at what vm ware is doing with Vm ware cloud and you look at what kubernetes is doing across on premise and cloud, there is now a unification happening at application architecture across management. What if you could have a seamless api in a seamless pane of glass around how you manage your applications? That's emerging, but as we looked around, no one was unifying the storage paradigm and actually that was the hardest we we thought that to unify the hardware or the storage paradigm, you have to build a data centric architecture and that's what we've been focused on doing. We've introduced our concept of data centric architecture a year ago and we're now extending that concept to the public cloud. What I like about what you guys are doing here, and I want to get your thoughts on this because this is. I think the trend that's really big in here is that you guys have been great storage provider since again, since inception can been following you guys and you have hardware and hardware has been a rack and stack kind of enterprise paradigm enterprises. We've got gear, we protected, we secure, but now with public cloud becoming more secure and more mainstream and with the Dev ops application environment developing. You mentioned the ems, the containers and Guth Coobernetti's. You're now having an operating model that's changing. You guys are doing software, so it's not a boxer. You're not shipped boxes to Amazon. They have stores. You got s three right out of the services. You're now extending the software component of your business. I want you to take a minute to explain for the people that might not know the extent of the software business at pure and specifically the cloud component software piece. It's not hardware and software, but it works with on premises. Talk about that dynamic of software in the cloud and the impact of the on premise piece of it. Well, I'll rewind a little back intel. What peers been known for peers been known as kind of this all flash company, but if you unwind that. When I took a look at it as I've joined pier actually about six months ago, what I realized is the unique skill that peer has is software engineering. To get the best out of any infrastructure that you give it. The medium happened to be flash initially, so what we've built with our direct flash and NBME and a lot of the advancements in our software has been to deal with the flash medium, but the core skill in Ip we have is software development to get the best out of a medium. What we've introduced is another medium. This medium is infrastructure as a service. We treat that as another medium and we believe that we're uniquely qualified to get the most out of that medium, which is the cloud. Alright, so I want to get into the infrastructure piece. You guys are well known for being a cloud, a data infrastructure component or data infrastructure. You mentioned the history of flash storage has been a great place to store data on premises. When you get into the cloud, you guys call this cloud data services and I'm going to get in another video on that, on the details of that, but when you hear about cloud data services, but pops in my mind is more is coming. You need to store it somewhere. You have to manage that data for applications, hybrid applications. You need to store the protect that data. You need to make that data available. They'll be able to recover all the same things that get done with data in the past on storage has to happen at a whole nother level. Describe what is cloud data services mean? What does that mean to you guys at pure and what does it mean to your customers? If you back up a little bit where we started and where a lot of our initial customers were at where sas customers and what we delivered to them was what we called cloud data infrastructure. That cloud data infrastructure allowed some of the largest sas companies, either consumer or enterprise to go ahead and use peer to build their sass applications. Companies like service now workday, those types of companies, but what was missing was how do you get that same value on infrastructure as a service environments, aws, Azure and GCP. So what we realized was the consistency model was not the same. The apis were not the same and you had to choose or not. And so our cloud data services are a set of services that give you, for example, the same block storage that you had on premises in the public cloud, gives you the same Api. And from a management and operations standpoint, we have pure one which is a cloud data management solution where all of your data, wherever it sits, because as you said, data is growing. You can see all of your Ras. It was interesting as we built the software, uh, when we first built it internally, we realized that hey, we went into pier one and we see all these storage volumes, but we didn't know which ones were on premises or cloud because our software is the same. We actually had to do some engineering to make it look different. Like, Hey, let's color the cloud volumes different. Or we had to actually think about that because we started from the place of driving consistency. And then we've extended the cloud data services dead. Go ahead and say not only can we allow you to run in either place, but how do you extend that to data protection? Because today, as you mentioned earlier on premises, people have workflows for backup and data protection and initially those workflows could have been disk to disk to tape to truck and we see that there's now a more modern way where you can do flash to flash to cloud where you can have your primary mission critical applications and flash and if you want one hop for backup, people looked at backup as an insurance policy. What happens if something goes wrong, but what's really important is when something goes wrong, how quickly can you recover? So providing flash in that second medium and then third, extending the step for cost optimization by leveraging public cloud in s three allows us to drive a consistency model and we can drive that same workflow on premises or in the public cloud. So the consistency to me, I should maybe put you on the spot here. So and consistency. Are we talking about if I'm a pure customer and I'm running pure on premises and I'm using, I'm using all the management something pure one, all this other great stuff and I want to use cloud. Does my job change at all? Does it look the same? So as a dashboard into the storage and the data because I want, I want, I want persistent data, I want ai and I want analytics now. Now I've got cloud going on. There's a lot of things out there, sage maker, tensorflow on the AI side. Lot of things. Goodness out there. What changes for me or does it change and how do you guys solve that problem? Because what I don't want is I don't want to have to hire developers to go do an integration with Amazon and Azure and Google cloud. I want to have a single consistent environment. Do you guys provide that from a data standpoint? We do. So this is a journey because when you start, you need to ensure that your data consistency and management across all of those environments, aws, azure and Google and on premises is the same. So we're introducing our solution cloud data services on Amazon first, but we are planning on extending that to the azure and Google environments in the cloud standpoint. So let's take Amazon. So I said, hey, I want to use some of that cloud. I just go to Amazon. It's extensible, fully extensible as if I'm using pure cloud formation template on Amazon. You just go in, it's there, you can pick it up, you could choose it, use it, and then what really is the difference is your platform services at a higher layer, maybe a little bit different because some of the things you mentioned and the pads are Amazon specific. Yeah. So if you start using pads services, it could impact your application development architecture, but the good news is if your goal is to drive the ability to use, what's the best thing that's available where as you take a look at evolutions in Vm ware, cloud and Coobernetti's combined with our cloud data services, you're now able to put together a use. Best of what available wherever you guys. I mean that's the. That's the application side. So you guys are providing a consistent layer for the data and the storage. Absolutely. That's going to. If I'm building an Amazon as a developer, I'm going to use those anyway. So it's not like it's a dependency per se, it's just you're going to allow for those hybrid apps to run across premises and in cloud and all the data takes care of itself. Right? It's like they get that, right? Yeah, and what's great about it is we've learned some things along the way. For example, we've been trying to get the best out of the flash medium in the past by enhancing performance characteristics or efficiency characteristics for cost optimization. We can bring some of those same value props to the Amazon world. So if you need to aggregate iops, we can do that. If you need to go ahead and drive efficiency, we have techniques to drive efficiency around thin provisioning. Those types of opens up more use cases for the customer to add more policy based things to their application. It makes data programmable. Well, it's interesting. There was one customer that we were speaking to a as part of our alpha usage and it's a online education company. They do curriculum development and that type of thing and they brought this use case to us. They have their APP that they've built for their curriculum on Amazon and then they want to take a lot of snapshots. So what they. One of the technologies, we have his space saving snapshots so they're like, oh, that'd be great if I could use your cloud block store data service on Amazon that way. But then they thought about it and they're like, well, every time we develop a new curriculum we have to send a snapshot out to a different location and site and what we could do is set up a your hardware in a direct attached way to Amazon because your software is the same. And we have active synchronous replication technology where we can now synchronously replicated between the public cloud and this private hosted direct attached diversion. And then they can do work here or even take snapshots from here. And the reason they were doing it was go ahead and say, use that space saving snapshot to reduce their overall cost profile on exports. That's a great example of cloudifying being cloudified, but more options. This brings up the question about competition. How do you guys compare to the competition? So you guys are. It's the first move for you guys in the cloud, within this operating model, which is consistent, you know, pure on premises and the cloud, get the consistency, loved the agility of the ability for applications and get all that goodness. What about the competition? How do you guys stand versus the competition? Well, when we take a look at what was going on, I think a lot of people wanted to check the box on cloud. So let's throw something out there and you know, see how people use. As we've done this market introduction, we've been very careful about that because peer has a certain brand reputation around when we say we're going to deliver some of these characteristics, we deliver and deliver those characteristics. And we didn't want to lose the value proposition of simplicity and agility. So as we launched this, we didn't just say let's throw it out there and see what happens. We did it with the deliberate intent of saying we want to provide agility is a characteristic that people could use and we want to deliver that agility with the same simplicity that they've come to know and love with peer. So those are the principles that we're focused on and as we take a look at the competition, you know, they've thrown their software out there but we don't see that it's been broadly adopted and then they're still the tradeoffs of should I go on premises or public cloud so they're stuck in the divide and that they're in the storage or the cloud, divide on premise, different operating models. And our goal is to really enable that replicates those guys are stuck on the divide. Yeah, and if you think about these hybrid applications that we see the world moving to think about it this way, the world's evolving where you're going to have more application to application integration. Gone is the days where you're going to have one monolithic application doing everything. So what's evolved is the application to application integration is exponentially growing. Now, if you assume that if you need to do a production to Dev test copy, do you need to do it for one app or for that entire set of apps that you treat as one monolithic entity because now they're all connected. He otherwise you have to decide, okay, I'm snapshotting this one and then I got to choose this one and I got to choose that one. So you, there's now a need to go ahead and consolidate a lot of application workloads and treat the management and operations of that as a unique entity. So hybrid apps are actually making you rethink how you deal with management of compute networking and storage. Yeah, I think that's a great example. I think application to application integration and totally agree with you is going to be happening at a much accelerated rate, but it changed the role of data. The role of data is central to that because as you mentioned, that other example, if you're doing a financial app and you want to use some ai from a cloud over here, the best tool for the job needs to be integrated in seamlessly and storage. Should they be part of that conversation? It should just be stored somewhere. That's what you guys are doing with this announcement and you guys are bringing that to the table. Um, so I got to get. I guess I'll ask you the final question here because it's exciting news. You guys are cloudified it made it. He bridged the divide on the storage cloud storage divide. What's the bottom line for this announcement? As you look at this impact to customers, what's the impact to pure customers and what does it mean for prospects that aren't yet your customers? What's the bottom line? This announcement? Well, I'll give it to you. For me, each perspective for our existing customers, this adds the agility tool set to their bag of tricks they've got and it does it in a way where they can start, get that instant available capacity and if they want, they can go ahead and now start benchmarking across both environments without having to re architect because the kpis are the same and for net new customers and prospects. It's interesting. As we speak to customers, we find that people are on a different educated education journey in the public cloud. Some are already using the public cloud and as we've been discussing this with them, they're like, hey, this could improve on some of these characteristics. Either I have performance challenges, cost challenges, reliability or manageability challenges. So we find that the customers or the prospects that are most educated or the ones that have already leaped, right? They've jumped in the pool and now they realize, hey, you know what? The water's cold and I need something, and there's another set of customers that are still haven't jumped in that pool. And what we're saying is for those customers, you have to make a choice. Right now you have to decide between multiple public clouds, you have to decide between on premise and what we're doing is we're de-risking that choice by allowing them to get the best of what's available where and most importantly ensuring that if they've chosen, if they've chosen something but one of the other choices evolves or matures to be a better option for them, they have the ability to move and I think also the focus we hear from the practitioners that they are investing more and more of their time and energy on building applications, hybrid applications as you're calling them, ones that are going to be a in the cloud or on premises, but solving a problem. They want to shift their resources and attention from mundane storage admin like maintenance problems and make the storage invisible to them. So the developer that they said, I know my thing's working great in the cloud. One of my apps are productive. My developers are programming and the storage resources are invisible and it's never a headache. That's kind of what you guys are getting at here. You're making storage pervasive and important to the developers and the it so that it kind of goes away in their mind, isn't it the sleep better at night, Kinda well, take Kubernetes, for example, um, a lot of application developers using it, but storage is not necessarily transparent. We, six months ago we introduced a pure service orchestrator that made storage transparent, so you have a block file object interface you, you just call and use storage, spin it up, use it as you need and let go, but you should not have to worry about, let me go phone someone creative volume decider either. So you need that transparent and elasticity and we've been focused on delivering that and now few modernize were kind of application development is going, we can provide that. It's always on. It always works. It's globally consistent, it shared, and it's easy to manage from wherever you're saying progress. Thanks for coming in and sharing the news on the new hybrid cloud applications that are hitting the market. Of course, having the right solutions and having the cloud data services available from pure storage. I'm here percussion, just general manager of the flash of rapists and pure storage. This is a special cube conversation. I'm John Furrier. Thanks for watching.

>> Announcer: Live from Las Vegas, Nevada, it's theCUBE, covering Knowledge15. Brought to you by ServiceNow. (electronic music) >> We're on, welcome to theCUBE special presentation, here live at the ServiceNow Know15, it's theCUBE. It's our flagship program, we go out to the events and as you can see from the noise, I'm John Furrier with SiliconANGLE co-host Dave Vellante of WikiBon.org And our special guest, John Cleese, distinguished Professor at Cornell, we just learned, no-one knows that. But apparently that's true. Writer, comedian, thought-leader, I got told that. >> And a Doctor. I'm a Doctor, Doctor of Laws. >> Doctor. >> And, what else am I? I was offered a Peerage but I turned it down because I had to be in England during the winter and go and vote in the House of Lords, so I said no to that. And I also turned down a CBE, but I would love to have an OBE. But not an Order of the British Empire, I'd like to have an Out of Body Experience. (laughs) >> But you're not a thought leader anymore, you're a futurist, that's the new trend. The futurist is the buzzword. >> No, I'm not. I'm very much living in the past. I don't like the future. And I don't think much of the present. (laughs) >> Well you're here speaking at the CIO Decisions. What do you think of all the CIOs and all the geeks here at ServiceNow? What's your? >> Well I like geeks because they all like Monty Python. (laughs) You know? I'm about, three-quarters of the speeches I do are to software people, and I usually tease them. You know, I ask em how many Star Trek episodes they can name, whether they've got a tee-shirt with Moore's Equation on it, and all this kind of, whether they wear a black backpack to formal occasions. So I got a whole lot of geek jokes. But they all like Python, cos they're extremely smart, and as you know, people who like Python are astonishingly smart. (laughs) >> So how to you tell smart people from people who aren't smart? How about people who are not smart? >> Well as you've said, you like Monty Python. >> I love Monty Python. (imitates extreme gibberish) >> You think, he doesn't like it. Doesn't get the jokes. >> So you've talked to a lot of software people. In Vegas? Do you like Vegas? Enjoy Vegas? >> Vegas? >> Las Vegas. (laughs) You see a show while you're out here? >> I can't get over this place. (laughs) Why people spend a lot of money to come here, so that they can lose what money they still have left. I really don't get it. Do they come here, because they think that the casino owners are so rich because they won a lot of money gambling at other people's casinos? (laughs) The only good thing about it is the food. >> Did you bring your wife with you? >> Which one? (laughs) No I didn't. She wasn't feeling well, said she's going to join me in New York, cos I'm going onto New York. And this weekend we are at the Tribeca Film Festival, Robert De Niro's, and we are having a Monty Python retrospective, for really smart people. >> What's been the weirdest thing that has happened to you, in the tech community here in ServiceNow. Any highlights? >> Not this visit, but the last visit when I arrived at the hotel, I can't think which one it was, Venetian I think, and the guy at the counter recognized me and said, are you listening? >> John F: Yes, I'm Tweeting away. >> No you're not. I tweet. >> I'm Tweeting away. >> He's kind of rude that way. >> What are you on your fucking keyboard for? I'm telling you a joke. (laughs) >> Tweeting away. >> Welcome to the future. >> Do you have a Twitter handle? >> Now, shall I start it again? (laughs) I was coming here to Las Vegas, right, I was staying at the Venetian hotel. Got any phone calls you need to answer or anything? >> Hold on, let me check. (laughs) >> I arrived there at reception and the guy said to me, "Mr Cleese, I really like your shows Monty Python, Fawlty Towers and all of that. Could I have your autograph?" So I said, sure, I write him an autograph. Then he says, could I have your credit card for extra expenses, and I gave it to him, and he said, "I'm sorry to ask you this, but do you have any identification?" (laughs) It's true. >> So are you Tweeting, and live-streaming? >> John C: Am I what? >> Tweeting, using your Twitter account? >> Am I, Am I? Can we get a handkerchief. >> Do you have a Facebook page? >> Facebook? I've heard of Facebook. That's for people who aren't important enough to get in the gossip columns and newspapers, right? (laughs) >> So we have some Facebook questions from the crowd. Do you mind if we ask you some of those? Somebody wants to know, what the air speed velocity is of an unladen swallow? >> Oh, I used to know this. I used to know this, in 1971 I could have answered that. Pass. (laughs) >> Dave: You're lucky. >> Are you back with us again? >> I'm back, I'm just going through the questions. So the question on my Facebook page is, what about this Cornell study about the double curse of incompetence? >> The double what? >> John F: Curse of incompetence. >> The double what you say? >> Dave: Curse. Double curse. >> Of incompetence. I don't know. >> Good question. >> Oh, now I know what you're talking about. There's a great guy there, a Professor called David Dunning, and he's one of the most amusing and entertaining guys I've ever met. And he's spent his career studying how good people are at knowing how good they are at things. What he calls Self Assessment. And what he's discovered, which I absolutely love, is that in order to know how good you are at something, it requires almost exactly the abilities that it does to be good at that thing in the first place. So if you're absolutely no good at something, you lack exactly the abilities that you need to know that you're no fucking good at it. And that explains the planet, better than anything else that I've ever come across. Is that there's a whole lot of people out there, who have no idea what they're doing, but they have absolutely no idea that they have no idea what they're doing. And those are the ones with the confidence and stupidity, who finish up in power. That's why the planet doesn't work. (laughs) >> So, honestly they don't know about Monty Python. >> They're not smart enough. >> What do you mean they don't know about Monty Python? This is a very smart man, David Dunning. (laughs) He's very smart, he's also shown, oh it doesn't matter. >> What did you talk about, the CIOs, when you out talking to the CIOs- >> John C: C-I-Os? >> John F: The Chief Information Officers. >> Geeks, well, what was interesting was that they were quite receptive to what I was saying, which is so counter-cultural. You see, I think we're living in the nadir of our civilization. I think as you wake up in the morning, that sound you can hear is our civilization cracking. And it's because of technology, because nobody talks to anyone anymore. They all go in restaurants and then they do this. I mean, we all know this, I'm not making a clever observation, but it's insanity, you know? When my daughter was 16, she would get together with all her friends but instead of talking to each other they'd be emailing or texting everyone who wasn't there yet. Do you see what I mean? They never actually- >> Texting selfies. What do they do when they get together? Just continue to talk to each other on their phones? >> It's completely vacuous, vacuous civilization. With the celebrity culture at the heart of its rottenness. >> Hollywood. >> So what effect do you think that has on the human brain, creativity, thinks like that? >> Well people are on technological devices all the time. They think now that the kids have less good social skills. And the point about human beings is we've always been good at technology, you know? In the 13th century when we were in the Holy Land, slaughtering Muslims, we were still able to build beautiful cathedrals. You see what I mean? So we can build things, and put men on the Moon. The only thing is we can't get on well together. So, which is more important? The answer is getting on well together, so we're now giving kids all the things that stop them from acquiring social skills. It's beyond mad, but people are after money, and so they will always do things, and always come up with excuses why what they're doing is actually good for the world, when it's all about that. >> What about the Hollywood situation. You mentioned in your speech about, when you were creative, when you were younger, and the process you went through, what's the state in your mind, of the Hollywood culture. I mean, they do a movie about Korea, and then Sony gets hacked. >> It's all a bit crazy, but I wrote two film scripts about ten years ago cos I thought to myself, can I make a living writing film scripts. And I did an adaptation of a children's book by Roald Dahl, called 'The Twits.', and I wrote something for Jeffrey Katzenberg about cavemen as an animation- who are you talking to? >> John F: He's saying we only have one minute. >> That's Greg Stewart. >> Oh okay. I can't be bothered to go on talking for one minute. (laughs) Though I have so many fascinating things to say, that I'm afraid (speaking off mic) >> Thanks, thanks for that. >> Thanks Greg, you're fired. (laughs) Greg's fired. >> The guy's going to lose their job if you walk off the set. >> John C: Good. >> Good, >> you're fired. (mic thumps on the desk) (laughs) >> Thank you very much. (laughs) You don't see that everyday. >> Okay, that's an out. That's a wrap. Say goodbye. (upbeat music)