 Good afternoon, friends. My name is Savannah Peterson here in theCUBE Studios, live from Detroit, Michigan, where we're at KubeCon and CloudNative Foundation, CloudNativeCon, all week. Our last interview of the day served me a real treat, and one that I wasn't expecting. It turns out that I am in the presence of two caddies. It's a literal episode of Caddy Shack up here on theCUBE. John Furrier, I don't think the audience knows that you were a caddy. Tell us about your caddy days. I used to caddy when I was a kid at the local country club every weekend. This is amazing. Double loops every weekend. Make some bang, two bags on each shoulder. Caddying for the members. Where you're going? What you guys showed is really impressive, then. Now I'm caddying for theCUBE, where I caddy all this great content out to the audience. He's carrying the story of emerging brands and established companies on their cloud journey. I love it, John. Well played. I don't want to waste any more of this really wonderful individual's time, but since we now have a new trend of talking about everyone's Twitter handle here on theCUBE, this may be my favorite one of the day, if not Q4 so far. Drew Not Reply, aka Drew Nielsen, excuse me there, is here with us from teleport. Drew, thanks so much for being here. Oh, thanks for having me. It's great to be here. And so you were a caddy on a whole different level. Can you tell us about that? Yeah, so I was in university and I got tired after two years and didn't have a car in LA and met a pro-golf or a golf course and took two years off and traveled around cadding for him and tried to get him through Q-School. This is fantastic. So if you're in school and your parents are telling you to continue going to school, know that you can drop out and be a caddy and still be a very successful television personality like both of these gentlemen at some point. Well, I never said my parents liked that. But we'll keep our day jobs. Yeah, exactly. And one of them is cloud native security, the hottest topic here at the show. I want to get into it. You guys are doing some really cool things. We are. We hear Zero Trust, you know, ransomware, Kubernetes. And I even talked with the CEO of Docker's point about container security issues. There's a lot going on. So you guys are in the middle of a teleport. You guys have a unique solution. Tell us what you guys got going on. What do you guys do? What's the solution and what's the problem you solve? So teleport is the first and only identity native infrastructure access solution in the market. So breaking that down, what that really means is identity native being the combination of secret less, getting rid of passwords, PAM vaults, key vaults, passwords written down, basically the number one source of breach and 50 to 80% of breaches, depending on whose numbers you want to believe are how organizations get hacked. But it's not password 123 isn't protecting Cisco right now? Well, if you think about when you're securing infrastructure and the second component being Zero Trust, which assumes the network is completely insecure, but everything is validated. Resource to resource security is validated. You know, it assumes work from anywhere. It assumes the security comes back to that resource. And we take the combination of those two into identity native access, where we cryptographically validate identity. But more importantly, we make an absolutely frictionless experience so engineers can access infrastructure from anywhere at any time. I'm just flashing on my roommates checking their little code changing, log in, dongle essentially. And how frustrating that always was. I mean, talk about interrupting workflow with something that's obviously necessary. Well, I mean, talk about frustration if I'm an engineer. Yeah, back in the day, when you had these three tier monolithic applications, it was kind of simple. But now, as you've gotten modern application development environments, multi cloud, hybrid cloud, whatever marketing term around and how you talk about this expanding sort of disparate infrastructure, engineers are sitting there going from system to system to machine to database to application. I mean, not even a conversation on Kubernetes yet. And it's just, you know, every time you pull an engineer or a developer to go to a vault to pull something out, you're pulling them out for 10 minutes. Now applications today have hundreds of systems, hundreds of microservices. I mean, 30 of these a day and nine minutes, 270 minutes times 60, I mean, do the math. Well, there's not only that, there's also the breach from manual error. I forgot to change the password. What is that password? I left it open. I left it cognitive low. It's the manual piece, but even think about it. Security has to be transparent and engineers are really smart people. And I've talked to a number of organizations who are like, yeah, we've tried to implement security solutions and they fail. Why? They're too disruptive. They're not transparent and engineers will work their way around them. They'll write it down, they'll do a workaround, they'll backdoor it, something. All right, so talk about how it works. I mean, I'm getting the big picture here. I love this, breaking down the silos, making engineers life easier, more productive, clearly the theme everyone, they want, they think they need, whoever does that will win it all. How does it work? Are you deploying something? Is it code? Is it in line? So it's two binaries that you download and really it starts with the coding, the identity, native access proxy. So that proxy, I mean, if you look at like the zero trust principles, it all starts with a proxy, everything connects into that proxy where all the access is gated, it's validated. And from there, we have an authorization engine. So we will be the single source of truth for all access across your entire infrastructure. So we bring machines, engineers, databases, applications, Kubernetes, Linux, Windows, we don't care. And we basically take that into a single architecture and single access platform that essentially secures your entire infrastructure, but more importantly, you can do audit. So for all of the organizations that are dealing with FedRAMP, PCI, HIPAA, we have a complete audit trail down to a YouTube style playback. That's a huge thing, we're Californians, DCPA. GDPRs, take a pic. It's a whole shebang. So I love, and John, maybe you've heard this term a lot more than I have, but identity native is relatively new to me as a term. And I suspect you have a very distinct way of defining identity. How do you guys define identity internally? So identity is something that is cryptographically validated. It is something you have. So it's not enough. If you look at credentials today, everyone's like, oh, I log into my computer. Well, that's my identity. No, it's not. Those are attributes. Those are something that is secret for a period of time until you write it down, but I can't change my fingerprints. And now with, well no, perfect case in point with Touch ID on your Mac there. It's like when we deliver that cryptographically validated identity, we use these secure modules in like modern laptops or servers to store that identity so that even if you're sitting in front of your computer, you can't get to it, but more importantly, if somebody were to take that and try to be you and try to log in with your fingerprint, it's not you. I'm not going to lie. I love the Apple finger thing. You know, it's like, you know, space recognition, like it's really awesome. I love all of it. I mean, even when you go through customs and they do the face scan now, it actually knows who you are, which is pretty wild. The last time you went abroad was, but it just shifted over like maybe three months ago. Well, as long as no one chops your finger off, like they do in the James Bond movies. I mean, we try and keep it light and fluffier on the cube, but you know, if you want to do a finger via team, we can talk about that too, Kali. I was thinking more minority report, but you know. Yeah, yeah, yeah, that's exactly what I think of. Swipe, hit that one out of bounds. So I got to ask, because you said you're targeting engineers, not IT departments. What's, is that because in your mind, IT is now the engineers, or what's the, is there always a solution more targeted? Well, if you really look at who's dealing with infrastructure on a day-to-day basis, those are DevOps individuals, those are infrastructure teams, those are site reliability engineering. And they're the ones who are not only managing the infrastructure, but they're also dealing with the code on it and everything else. And for us, that is who is our primary customer, and that's who's doing it. What's the biggest problem that you're solving in this use case? Because you guys are nailing it. What's the problem that your identity native solution solves? You know, right out of the backs, we remove the number one source of breach. And that is taking passwords, secrets and keys off the board. That deals with most of the problem right there, but there are really two problems that organizations face. One is scaling. So as you scale, you get more secrets, you get more keys, you get all these things. That is all increasing your attack vector in real time. And we tell you- Oh yeah, cross teams, locations, I can't even- Take your pick. Yeah. So cross clouds. On-prem. Doesn't help. Yeah, any of it. And we allow you to scale, but do it securely. And the security is transparent and your engineers will absolutely love it. That's the most important thing about this product. Engineers absolutely love what we do. What are they saying? What are some of these examples? Anecdotally, pull some quotes out from engineers. We should have invented this ourselves. Or, you know, we have run into a lot of customers who have tried to homebrew this. And they're like, you know, we spent an inordinate amount of hours on it. Boy, they got legacy from like Microsoft or other solutions. Sure. Yeah, any, but a lot of them is just like, I wish I had done it myself, or, you know, this is what security should be. It makes so much sense. And it gives the team such a peace of mind. I mean, you never know when a breach is going to come, especially- It's peace of mind, but I think for engineers a lot of times, it deals with the security problem. Yeah. They're not at the table so they can do their jobs with zero friction. Yeah. And, you know, it's all about speed. It's all about velocity. You know, go fast, go fast, go fast. And that's what we enable engineers to do. I think the benefit to them is they can get to save time, focus more on tasks that they need to work on. Exactly. And get the job done. And on top of it, they answer the auditing compliance mail every time it comes. Yeah, why are people doing this? Because, I mean, identity is just such a hard nut to crack. Everyone's got their silos, vendors have them, clouds have them. Identity is the most fragmented thing on the planet. And it has been fragmented ever since my first RSA conference. I know. So, will we ever get this do-over? Is there a driver? Is there a market force? Is this the time? I think the move to modern applications and to multi-cloud is driving this. Because as those application stacks get more verticalized, you just, you cannot deal with the productivity here. And of course, the next big thing is super cloud. And that's coming fast, Savannah. You know, you know, that's- Take your pick. John is going to be the thought leader and keyword leader of the word, super cloud. Super cloud is enabling super services as the cloud cast, Brian Graceley pointed out on his Sunday podcast. Of which, if that happens, super cloud will enable super apps in a new architectural list. Please don't. And it will be super. Just don't. Okay. All right, so what are you guys up to next? What's the big hot spot for the company? What are you guys doing? What are you guys? What's that thing that's hiring? Put the plug in. You know, right now we are focused on delivering the best identity native access platform that we can. And we will continue to support our customers that want to use Kubernetes, that want to use any different type of infrastructure, whether that's Linux, Windows, applications or databases, wherever they are. Are your customers all of a similar DNA or are you? No, they're all over the map. They range everything from tech companies to financial services, to fractional property things. You seem like someone everyone would need. Absolutely. And I'm not just saying that to be a really clean endorsement from theCUBE. If you are doing DevOps and any type of forward leaning shift left engineering, you need us. Because we are basically making security as code a reality across your entire infrastructure. Love this. What about the team DNA? Are you in a scale growth stage right now? What's going on? Absolutely. Sounds, I was going to say, but I feel like it would have to be. Yeah, we're doing, we have a very positive outlook. And you know, even though the economic time is what it is, we're doing very well. How's the location? Where's the location of the headquarters? Now with remote work, it's pretty much virtual, probably. We're based in downtown Oakland, California. Bay Area representing on this stage right now. Yeah, we have a beautiful office right in downtown Oakland. And yeah, it's been great. Awesome. Love that. And are you hiring right now? I bet people might be. I feel like some of our CUBE watchers are here waiting to figure out their next big play. So, love to hear that. Absolutely love to hear that. Besides, do not reply. If people want to join your team or say hello to you and tell you how brilliant you looked up here or ask about your caddy days and maybe venture a guest to who that golfer may have been that you were caddying for, what are the best ways for them to get in touch with you? You can find me on LinkedIn. Great. Fantastic. John, anything else for me? I mean, I just think security is paramount. This is just another example of where the innovation has to kind of break through without good identity, everything could cripple. Then you start getting into silos and you can start getting into tracking it. You got user errors. You got one of the biggest security risks is people just leave systems open. They don't even know it's there. Identity is the critical linchpin to solve insecurity. For me, that's- I totally agree. We even have a lot of customers who use us just to access basic cloud consoles. So I was actually just going to drive there a little bit because I think that I'm curious. It feels like a solution for obviously complex systems and stacks. But given the utility and what sounds like an extreme ease of use, I would imagine people use this for day-to-day stuff within their architecture. We have customers who use it to access their AWS consoles. We have customers who use it to access Grafana dashboards. Since we're sitting here at KubeCon, accessing Lens, Rancher, all of the amazing DevOps tools that are out there. Well, I mean, Drew, I mean, think about all the reasons why people don't adopt this new federated approach is because the IT guys did it. In the world we're moving into, the developers are in charge. And so we're seeing the trend where developers are taking the DevOps and the data and the security teams are now starting to reset the guard rails. What's your reaction to that? You know, I would say- Dead over the top? I would say that, you know, your DevOps teams and your infrastructure teams and your engineers, they are the new kingmakers. Yeah. Straight up full stop. You heard it first, folks. That's a headline right there. That is a headline. They are the new kingmakers. But they are being forced to do it as securely as possible. And our job is really to make that as easy and as frictionless as possible. Awesome. And it sounds like you're absolutely nailing it, Drew. Thank you so much for being on the show with us today. This has been an absolute pleasure drawing, as usual, a joy. And thank all of you for tuning in to the Kube. Live here at KubeCon from Detroit, Michigan. We look forward to catching you for day two tomorrow.