 Welcome back everyone to theCUBE's special presentation with Druva on why ransomware isn't your only problem. I'm John Furrier, host of theCUBE. Our next guest are Stephen Manley, Chief Technology Officer of Druva and on John Srinivas, who is the General Manager and Vice President of Product Management at Druva. Gentlemen, you got the keys to the kingdom, the technology, ransomware, data resilience. This is the topic, the IDC white paper that you guys put together with IDC. Really kind of nails it out. I want to get into it right away. Welcome to this segment, I really appreciate it. Thanks for coming on. Great to be here, John. So what's your thoughts on the survey's conclusion? Obviously the resilience is huge, ransomware continues to thunder away at businesses and causes a lot of problems, disruption. I mean, it's endless ransomware problems. What's your thoughts on the conclusion? So I'll say the thing that pops out to me on the one hand, everybody who sees the survey who reads it's gonna say, well, that's obvious. Of course, ransomware continues to be a problem. Cyber resilience is an issue that's plaguing everybody. But I think when you dig deeper, and there's a lot of subtleties to look into, but one of the things that I hear on a daily basis from the customers is, it's because the problem keeps evolving. It's not as if the threat was a static thing to just be solved and you're done because the threat keeps evolving. It remains top of mind for everybody because it's so hard to keep up with what's happening in terms of the attacks. And I think the other important thing to note, John, is that people are grappling with this ransomware attack all of a sudden where they were still grappling with a lot of legacy in their own environment. So they were not prepared for the advanced techniques that these ransomware attackers were bringing to market. It's almost like these ransomware attackers had a huge leg up in terms of technology that they had in their favor while keeping the lights on, was keeping IT away from all the tooling that needed to do. A lot of people are even still wondering when that happens next time, what do I even do? So clearly not very surprising. Clearly I think it's here to stay. And I think as long as people don't retool for a modern era of data management, this is going to stay this way. Yeah, I mean, I hear this all the time in our CUBE conversations with practitioners. You know, it's kind of like the security problem. Give me more tools. I'll buy anything that comes on the market. I'm desperate. There's definitely attention, but it doesn't seem like people are satisfied with the tooling that they have. Can you guys share kind of your insights into what's going on on the product side? Because, you know, people claim that they have tools at fine points of recovery opportunities, but they can't get there. So it seems to be that there's a confidence problem here in the market. How do you guys see that? Because I think this is where the rubber meets the road with ransomware because it is a moving train. It's always changing, but it doesn't seem there's confidence. Can you guys talk about that? What's your reaction? Yeah, let me jump in first and Steven can add to it. What happens is, I think this is a panic buying and they have accumulated this tooling now just because somebody said could solve your problem. But they haven't had a chance to take a relook from a ground up perspective to see where are the bottlenecks? Where are the vulnerabilities and which tooling set needs to lie where? Where does the logic need to reside? And what it through of your watching people do and people do it successfully is that as they have adopted through our technology which is ground up built for the cloud and really built in a way which is driven at a data insight level where we have people even monitoring our service for anomalies and activities that are suspicious. We know where we need to play a role in really kind of mitigating this ransomware. And then there is a whole plethora of ecosystem players that kind of combine to really finish the story so to say, right? So I think this has been a panic buying situation. This is like, get me any help you can give me. And I think as this settles down and people really understand that longer term as they really build out a true defense mechanism they need to think really ground up. They will start to really see the value of technologists like Dhruva and try to identify the right set of ecosystem to really bring together to solve it meaningfully. Yeah, I was gonna say, I mean, one of the really interesting things in the survey for me and for a moment, you know, a little more than a moment it made me think was that the large number of respondents who said, I've got a really efficient well run backup environment. Who then on basically the next question said, and I have no confidence that I can recover from a ransomware attack. And you scratch your head and you think, well, if your backup environment is so good why do you have such low confidence? And I think that's the moment when we dug deeper and we realized if you've got a traditional architecture and it's facing the dis-based architecture has been around for almost two decades now in terms of dis-based backup, you can have that tuned to the help that can be running as efficiently as you want it. But it was built before the ransomware attacks before all these cyber issues really start hitting companies. And so I have this really well run traditional backup environment that is not at all built for these modern threat vectors. And so that's really why customers are saying, I'm doing the best I can. But as Anjan pointed out, the architecture of the tooling isn't there to support what problems I need to solve today. Great point. Well, that's a great point. And before we get into the customer side I want to get to in a second. You know, I interviewed Jaspreet, the founder, CEO many years ago, even before the pandemic and you mentioned modern. You guys have always had the cloud which roof. This is huge now that you're past the pandemic. What is that modern cloud edge that you guys have? Cause that's a great point. A lot of stuff was built kind of back in recovery, bolted on, not really kind of designed into the current state of the infrastructure and the cloud native application modern environment we're seeing right now is a huge issue. I think it's to me, there's three things that come up over and over and over again as we talk to people in terms of being built and cloud being cloud native wise and advantage. The first one is security and ransomware and we can go deeper, but the most obvious one that always comes up is every single backup you do with Drova is air gap offsite managed under a separate administrative domain so that you're not retrofitting any sort of air gap network and buying another appliance or setting up your own cloud environment to manage this every backup is ransomware protected, guaranteed. The second advantage is the scalability and this certainly plays into account as your business grows or in some cases as you shrink or repurpose workloads you're only paying for what you use but it also plays a big role again when you start thinking of ransomware recoveries because we can scale your recovery in cloud on premises as much or as little as you want. And then I think the third one is we're seeing basically things evolving new workloads, data sprawl, new threat factors and one of the nice parts of being a SaaS service in the cloud is you're able to roll out new functionality every two weeks and there's no upgrade cycle. There's no waiting, the customer doesn't have to say wow, I need it six months in the lab before I upgrade it and it's an 18 month, 24 month cycle before the functionality releases. You're getting it every two weeks and it's backed by Drova to make sure it works. That says, well, John, you got the product side it's a challenging job because you have so many customers asking for things probably on the roadmap you probably can go hour for that one but I want to get your thoughts on what you're hearing and seeing from customers. You know, we just reviewed the IDC with Phil how are you guys responding to your customer's needs because it seems that it's highly accelerated on the probably on the feature request but also structurally as ransomware continues to evolve what are you hearing? What's the key customer need? How are you guys responding? Yeah, actually I have two things that I hear very clearly when I talk to customers. One, I think after listening to their security problems and their vulnerability challenges because we see customers and help customers who are getting challenged by ransomware on a weekly basis. And what I find that this problem is not just a technology problem it's an operating model problem. So in order to really secure themselves they need a security operating model and a lot of them haven't figured out that security operating model in totality. Now where we come in as Dhruva is that we are providing them the cloud operating model and a data protection operating model combined with a data insights operating model which all fit into that overall security operating model that they are really owning and they need to manage and operate because this is just not about a piece of technology. On top of that, I think our customers are getting challenged by all the same challenges of not just spending time on keeping the lights on but innovating faster with less and that has been this age old problem do more with less but in this whole they're like trying to innovate in the middle of the war so to say, right? The war is happening, they're getting attacked but there's also new shadow IT challenges that's forcing them to make sure that they can manage all the new applications that are getting developed in the cloud. There is thousands of SaaS applications that they're consuming, not knowing which data is critical to their success and which ones to protect and govern and secure. So all of these things are coming at them at 100 miles per hour while they are just trying to live one day at a time and unless they really developed this overall security operating model helped by cloud native technologies like Dhruva that really providing them a true cloud native model of really giving like a touchless and an invisible protection infrastructure not just beyond backups, beyond just the data protection that we all know of into this kind of this mindset of kind of being able to look at where each of those functionalities need to lie. That's where I think they're grappling with. Now Dhruva is clearly helping them with keep up to pace with the public cloud innovations that they need to do and how to protect data. We just launched our EC2 offering to protect EC2 virtual machines back in AWS and we are going to be continuing to evolve that to further the many services that public clouds offer because our customers are really kind of consuming them at break next week. So the new workloads and new security capabilities love that good call out there. Steven, there's still the issue of their disruption side of it. You guys have a guarantee there's a cost to ownership as you get more tools. Can you talk about that angle of it? Because this is you got new workloads you got the new security needs. What's the disruption impact? Because we won't avoid that. How much is it gonna cost you? And you guys have this guarantee. Can you explain that? Yeah, absolutely. So Dhruva launched our $10 million data resiliency guarantee. And for us, there were really two key parts to this. The first obviously is $10 million means that we're willing to put our money where our mouth is. And that's a big deal, right? That we're willing to back this with the guarantee. But then the second part, and this is the part that I think reflects that sort of model that Anjan was talking about. We sort of look at this and we say, the goal of Dhruva is to do the job of protecting and securing your data for you so that you as a customer don't have to do it anymore. And so the guarantee actually protects you against multiple types of risks all with SLAs. So everything from your data is gonna be recoverable in the case of a ransomware attack. Okay, that's good. Of course, for it to be recoverable, we're also guaranteeing your backup success rate. We're also guaranteeing the availability of the service. We're guaranteeing that the data that we're storing for you can't be compromised or leaked externally. And we're guaranteeing the long-term durability of the data so that if you back up with us today and you need to recover 30 years from now, that data is gonna be recovered. So we wanted to really attack the end-to-end risks that affect our customers. Cyber security is a big deal, but it is not the only problem out there. And the only way for this to work is to have a service that can provide you SLAs across all of the risks because that means, again, as a SaaS vendor, we're doing the job for you. So you're buying results as opposed to technology. That's a great point. Ransomware isn't the only problem. That's the title of this presentation, but it's a big one. People are concerned about it. So great stuff. In the last five minutes, guys, if you don't mind, I'd love to have you share, what's on the horizon for Druva? You mentioned the new workloads on John. You mentioned this new security, you're hearing shift left, DevOps is now the developer model. They're running IT, you got data and security teams now stepping in and trying to be as high-velocity as possible for the developers and enterprises. What's on the horizon for Druva? What trends is the company watching and how are you guys putting that together to stay ahead in the marketplace and competition? Yeah, I think listening to our customers, what we realize is they need help with the public cloud number one. I think that's a big wave of consumption. People are consolidating their data centers, moving to the public cloud. They need help in expanding data protection, which becomes the basis of a lot of the security operating model that I talked about. They need that first from Druva before they can start to get into a much more advanced level of insights and analytics on that data to protect themselves and secure themselves and do interesting things with the data. So we are expanding our coverage on multiple fronts there. The second key thing is to really bring together a very insightful presentation layer, which I think is very unique to Druva because only we can look at multiple tenants, multiple customers because we are a SaaS vendor and look at insights and give them best practices and guidances and analytics that nobody else can give. There's no silo anymore because we are able to take a good big vision view and now help our customers with insights that otherwise that information map is completely missing. So we are able to guide them down a path where they can optimize which workloads need, what kind of protection and then how to secure them. So that is the second level of insights and analytics that we are building. And there's a whole plethora of security offerings that we are gonna build all the way from a feature level where we have things like a recycle bin that's already available to our customers today to prevent any anomalous behavior and attacks that would delete their backups and then they still have a way to recover from it. But also things to curate and get back to that point in time where it is safe to recover and help them with a sandbox which they can recover confidently knowing it's not going to jeopardize them again and reinfect the whole environment again. So there's a whole bunch of things coming but the key themes are public cloud data insights and security and that's where my focus is to go and get those features delivered. And Steven can add a few more things around services that Steven is looking to build and launch. Sure, so yeah, so John, I think one of the other areas that we see just an enormous groundswell of interest. So public cloud is important but there are more and more organizations that are running hundreds if not thousands of SaaS applications and a lot of those SaaS applications have data. So there's the obvious things like Microsoft 365, Google Workspace, but we're also seeing a lot of interest in protecting Salesforce because if you think about it, if someone deletes some really important records in Salesforce, that's actually kind of the record of your business. And so we're looking at more and more SaaS application protection and really getting deep in that application awareness. It's not just about backup and recovery when you look at something like a Salesforce or something like Microsoft 365, you do wanna look into sandboxing. You wanna look into long-term archival because this is the new record of the business. What used to be in your on-premises databases, that all lives in cloud and SaaS applications now. So that's a really big area of investment for us. The second one just to echo what Anjan said is, one of the great things of being a SaaS provider is I have metadata that spans across thousands of customers and tens of billions of backups a year. I'm tracking all sorts of interesting information that is going to enable us to do things like make backups more autonomous so that customers, again, I wanna do the job for them. We'll do all the tuning, we'll do all the management for them to be able to better detect ransomware attacks, better respond to ransomware attacks because we're seeing across the globe. And then, of course, being able to give them more insight into what's happening in their data environment so they can get a better security posture before any attack happens. Because let's face it, if you can set your data up more cleanly, you're gonna be a lot less worried and a lot less exposed when that attack happens. So we wanna be able to, again, cover those SaaS applications in addition to the public cloud. And then we wanna be able to use our metadata and use our analytics and use this massive pipeline we've got to deliver value to our customers, not just charts and graphs, but actual services that enable them to focus their attention on other parts of the business. That's great stuff, John. And remember, John, I think all this while keeping things really easy to consume, consumer-grade UI, APIs, and really the power of SaaS as a service, simplicity to kind of continue on amongst kind of keeping these complex technologies together. Andre, that's a great call out. I was gonna mention ease of use and self-service. Big part of the developer and IT experience expected is the table stakes. Love the analytic angle. I think that brings the scale to the table and faster time to value to get to learn best practices. But at the end of the day, automation, cross-cloud protection and security to protect and recover. This is huge. And this is a big part of not only just protecting against ransomware and other things, but really being fast and being agile. So really appreciate the insights. Thanks for sharing on this segment, really under the hood and really kind of the value of the product. Thanks for coming on. Appreciate it. Thank you very much. Okay, there it is. You got the expert talking about under the hood, the product of value, the future of what's going on with Druva and the future of cloud native, protecting and recovering. This is what it's all about. It's not just ransomware. They have to worry about it. In a moment, Dave Vellante will give you some closing thoughts on the subject here. You're watching theCUBE, the leader in high-tech enterprise coverage. As organizations migrate their business processes to multi-cloud environments, they still face numerous threats and risks of data loss. With a growing number of cloud platforms and fragmented applications, it leads to an increase in data silos, sprawl and management complexity. As workloads become more diverse, it's challenging to effectively manage data growth, infrastructure and resource costs across multiple cloud deployments. Using numerous backup vendor solutions for multiple cloud platforms can lead to management complexity. More importantly, the lack of centralized visibility and control can leave you exposed to security vulnerabilities, including ransomware that can cripple your business. The Druva Data Resiliency Cloud is the only 100% SaaS data resiliency platform that provides centralized, secure, air-gapped and immutable backup and recovery. With Druva, your data is safe with multiple layers of protection and is ready for fast recovery from cyber attacks, data corruption or accidental data loss. Through a simple, easy to manage platform, you can seamlessly protect fragmented, diverse data at scale across public clouds and your business-critical SaaS applications. Druva is the only 100% SaaS vendor that can manage, govern and protect data across multiple clouds and business-critical SaaS applications. It supports not just backup and recovery, but also data resiliency across high-value use cases, such as e-discovery, sensitive data governance, ransomware and security. No other vendor can match Druva for customer experience, infinite scale, storage optimization, data immutability and ransomware protection. The Druva Data Resiliency Cloud, your data, always safe, always ready. Visit druva.com today to schedule a free demo. One of the big takeaways from today's program is that in the scramble to keep business flowing over the past two plus years, a lot of good technology practices have been put into place, but there's much more work to be done. Specifically, because the frequency of attacks is on the rise and the severity of lost, stolen or inaccessible data is so much higher today, business resilience must be designed into architectures and solutions from the start. It cannot be an afterthought. Well, actually it can be, but you won't be happy with the results. Now, part of the answer is finding the right partners, of course, but it also means taking a system's view of your business, understanding the vulnerabilities and deploying solutions that can balance cost efficiency with appropriately high levels of protection, flexibility, and speed slash accuracy of recovery. You know, we hope you found today's program useful and informative. Remember, this session is available on demand in both its full format and the individual guest segments. All you got to do is go to thecube.net and you'll see all the content or you can go to druva.com. There are tons of resources available, including analyst reports, customer stories, there's this cool TCO calculator. You can find out what pricing looks like and lots more. Thanks for watching. Why ransomware isn't your only problem made possible by Druva, a collaboration with IDC and presented by theCUBE, your leader in enterprise and emerging tech coverage.