 Okay. Okay, great. So, thanks, everyone, for attending the last talk of the last day. Appreciate it. So, my name is Anthony Bettini. I'm the CEO and founder of Flauchek, and we'll talk about protection of hybrid clouds. So, just a bit of background on myself. So, I've been in security since 1996, all technical roles, and specifically, my background is actually in vulnerability exploitation, writing detection logic, managing teams that write detection logic, worked at Intel McAfee nine years, all that kind of thing. So, you know, what is the hybrid cloud? I'll go through this stuff fairly quickly. But, you know, the mixture of public and private cloud, the trend we see, of course, is enterprises moving their data from traditionally private clouds, you know, their data center, leveraging public clouds more effectively for cost reasons. And this is actually some survey data from Intel. It was kind of interesting. They were trying to get into the details of why our enterprise is even talking about hybrid cloud, and ultimately what that means is why our large financial institutions and companies like that moving what they think of as sensitive data to the public cloud. And what came out on top, flexibility of hosting, cost, faster response times, all of these things ultimately are actually just different ways to say cost. And the reason for that is flexibility in hosting really means it's cheaper and it's faster and it's easier. In faster response times, ultimately it's cheaper relative to their own private cloud environments. But inside the enterprise, kind of the reality of how they're using public cloud is that they're actually sending their least sensitive data there. And why that's kind of important to think about and to realize is if you imagine you're a large financial institution or you have a lot of HIPAA compliant health data, you're not sending that data typically to organizations like Amazon Web Services. You're hosting that inside your data center today. And so on the enterprise side, all the enterprises we talked to, there's a strong degree of risk aversion for moving sensitive data to the public cloud. Regarding the public cloud, what we see that everyone wants though is ultimately enterprises would love the public cloud to have ever lower and lower cost, but they would like to trust it more. And if those two things were actually achieved, they would send more and more data, more and more workloads and more and more things to the public cloud. And on the cloud service provider side, ultimately what they're looking for like everyone else is more revenue. And so for cloud service providers, why this is a backdrop to protection of private cloud, hybrid cloud environments is as the public cloud becomes used more and more and used by larger and larger enterprises, these trends like open stack containers really affect business goals, business drivers like cost. And so on the cloud service provider side, we see every cloud service provider we have talked to has either already deployed containers or has container pilot projects. And when we talk to them about why that is, it always comes down to they're trying to lower cost and they see containers on open stack as providing lower cost or they're trying to increase security and they believe isolation associated with containers can do that or they're trying to do both. And this was kind of fairly recent. Yeah, I think some of this is a little rhetorical, but it was from HeadVig, it was kind of interesting. Their prediction for open stack in 2016, one of them was the Docker's, the number two open stack hypervisor. But about running containers in production, there's lots of great research on this. This is actually the Red Hat commissioned forester. The backdrop would be every enterprise we've ever talked to, Docker already has 100% market share, 100%. But it's in dev teams, it's in tiny deployments, it's not used in production. And there's a big struggle with the development teams and large financial institutions to actually get that code running in production and to keep it in dockerized containers. And so Forester did all this enterprise research and found that the number one concern holding enterprises back from containers was security. Cluster HQ a few months after that actually redid the same survey, slightly different question. Security again came out as the number one concern holding containers back from production, this time over 60%. But security is a huge topic. So why is security holding containers back? So we did our own survey asking one level deeper, why are people not running containers in production? What is the security concern? And the top concern we found from our customer base when we were serving them was that actually 42% were concerned about the vulnerabilities and malware problem. What's kind of interesting about that is actually isolation came out as 16%, the third most important issue. But for companies like Intel, CoreOS, Docker, isolation is the thing they spend the time on. Frankly, if isolation isn't there, there's no reason to even run containers. So it makes a lot of sense that they would spend time on that. But if you talk to the average enterprise, that is not the top concern. The top concern is actually application security and how would they protect applications and containerized workloads. From our perspective, actually, there's a large degree of correct metaphors and analogies to physical containers and digital containers. So in the case of vulnerabilities, that would be much similar to the graph, the picture on the left, where you have a ship not properly tied down. It's a mistake. It's not a bomb. But should have checked for that. And not checking for it led to a problem. In the case of malware showing up in digital containers, you're much more similar to the issue of Customs and Border Patrol checking for drugs or bombs or illicit weapons inside containers. And why this actually shows up in the real world on the internet in digital containers, Docker containers, CoreOS containers, et cetera, is vulnerabilities like the Heartbleed issue. So OpenSSL had a vulnerability. OpenSSL is linked against NGINX and all sorts of applications all across the data center. Putting that in containers, scaling it up dynamically with orchestration systems, it start gets a lot more unclear where the vulnerable code is or isn't. And it starts being a lot harder for enterprises to manage. And for malware in containers, we haven't seen a lot of that yet, but you certainly like to expect to in the future. This is actually a case of a Linux botnet with Elf malware that took over security cameras. And we've heard a lot of actually kind of interesting things from our customer base using containers relating to security. Some have actually said while containers are ephemeral, they live and die in much shorter time periods than virtual machines. Maybe the security problem dies as fast as the container dies. We even talked to some who are actually effectively spinning down workloads and spinning up workloads as fast as they possibly can, thinking that that makes them safer. That's really interesting from a security perspective because you can compromise a host in milliseconds. So the whole ephemeral nature is fairly irrelevant. This is actually the first breach we're aware of. This is actually Ben Hall from Oslo at Opera. He was actually speaking at a conference and talked about how he had actually turned on an elastic search container inside Docker. It had an internet facing IP and that was actually compromised and actually became part of a botnet. He didn't actually go into the details on how this all happened, but best we can tell this is actually the first publicly announced breach affecting container environments. So InterflopCheck, what we built, we have effectively a network function virtualization technology. We've applied this to containers, specifically the inspection problem, and so we can analyze millions of containers. We're doing vulnerability detection and malware detection on containers, and then we plug that insertion point both into the software development life cycle. So we're the last step in the SDLC. We check for vulnerabilities and malware before containers reach production environments, and then we hook into the orchestration layer. As containers get turned on or scaled up, we're checking them for policy. Effectively, are there vulnerabilities in containers? What's the CVSS or risk score of the container, risk score of the vulnerability that could be in the container? Is it a network facing vulnerability or not? Is there malware in the container? All of these things you can then write policy against. And so we ultimately we tear apart containers. And I think what's kind of interesting about this is if you look at Google Play at launch in 2008, if you look at Docker Hub launched in 2014, there's quite a few history lessons that could be learned. So in the case of Android, we ultimately see malware show up in the news pretty much constantly at this point. Google started by not doing any app analysis. So new Android apps were posted to the Android market at the time. They didn't do any analysis of that. Ultimately fast forward a few years, malware shows up all the time. They hire an entire team. They build static and dynamic analysis tools. And ultimately they're trying to catch malware with software. They haven't largely succeeded at that, but it's something they're still trying to do. So fast forward to Docker Hub. There was actually some research recently put out that something like 30% of containers have vulnerabilities as a consulting team. They did a random sampling of Docker containers. Using our own analysis technology, we've actually sampled actually just the Docker official images. So what's interesting about that is like if you go get MySQL from Docker, that has a blue ribbon seal of approval, it's an official image and it comes with a whole bunch of vulnerabilities. And so if you go deploy that, you deploy it in production, you know, could potentially be compromised. And we'll be producing a container security report later this quarter that will outline all the details and all the vulnerabilities. But generally speaking, the enterprises we talked to have effectively found this in smaller scale themselves. And so what happens is, imagine you're a large financial institution, perhaps you even invested in Docker, you download containers from Docker Hub, you know, you don't know who built them. You know, maybe it says like the Nginx development team built them. But you know, there's a question of like who's on that team. And that's what healthcare companies, that's what large financial institutions ask when they're downloading code off the internet. And so ultimately, they have their own security analysis tools to check all of that. Particularly that's how they would do it for web applications and, you know, software from third parties. But none of those tools today work with containers. And so we've built all this for containers. The software will run inside a Docker container, outside a Docker container. It runs on open stack environments today. Because it's working so well with containers, a bunch of people have asked us to add support for analyzing open stack images. So we're going to be doing that this quarter. But today, it's a container solution. So circling this back to like protecting hybrid cloud environments. From our perspective, we're mainly working with cloud service providers and enterprises. So the security problems we see that effectively bubble up to the top is the largest security issues. One is certainly the isolation problem. But there's a whole bunch of, you know, great companies working on that today and effectively all the past providers work on that all the operating system vendors, Intel has clear containers. And that's likely to show up in much more places. But when you actually talk to the average enterprise, what we see is they're typically concerned either about vulnerabilities or malware. And there aren't many vendors working on that. We have a solution today would certainly suggest you try it. And then ultimately, there's the policy compliance issue. So that's that's a bit about what we're up to a bit about containers. I'd like to open up for a kind of a longer period of questions. We spend all our time on effectively container security, vulnerability detection, malware detection, all of these kinds of things, and working with customers on scale issues. That's all I had. Yeah. Oh, yeah, great question. Both in the case of malware detection and vulnerability detection, we have our own engines. In the case of malware detection, what we have is file format parsers, and we're detecting privilege escalation vulnerabilities that are being exploited in files inside containers. In the case of vulnerabilities, mainly we're looking today for Linux vulnerabilities likely to show up in containers. So that could be like bash vulnerabilities, glibc vulnerabilities, open SSL, things that are likely to show up in Linux applications in containers. Any other questions? Well, that's all I had. Anyone who had any follow up questions, happy to send an email, certainly would suggest you'd sign up for a trial. Anyone concerned about malware or vulnerability detection in container environments? It's available today in OpenStack image analysis and things like that that's coming later in the quarter and would love to hear from you. Thanks.