 Hello fellow cloud nerds and welcome back to AWS re-invent, here in a beautiful Sin City. We are theCUBE, my name is Savannah Peterson, joined by my dear colleague and co-host, Paul Gillin. Paul, last segment of our first re-invent. I'm a good thing too, because I think you're going to lose your voice after this one. We are right on the line. You can literally hear it struggling to come out right now. But that doesn't mean that the conversation we're going to have is not just as important as our first or our middle interview. Very excited to have Ganesh from Uptix with us today. Ganesh, welcome to the show. Savannah and Paul, thank you for having me here. That's a pleasure. I can tell from your smile and your energy, you're like us, you've been having a great time. How has the show been for you so far? Tremendous, two reasons. One, we've had great parties since Monday night. Yes, love that. And the turnout has been fantastic. You know, honestly, you're the first guest to bring up the party side of this, but it is such a, and obviously, there's a self-indulgence component of that. But beyond the hedonism, it is a big part of the networking and the community. And I love that you had a whiskey tasting. Paul and I will definitely be at the next one that you have. In case folks aren't familiar, give us the Uptix pitch. So we are a Boston-based venture. What we provide is cloud infrastructure security. I know if you raise your hand. Hot topic. Yeah, hot topic. Obviously, given where we are. But we have a unique way of providing visibility to workloads from inside the workload, as well as by connecting to the AWS control plane. We cover the entire Gartner acronym soup. They call it as CNAP, which is Cloud Native Application Protection Platform. That's what we do. Now you provide cloud infrastructure security. I thought the cloud providers did that. Cloud providers, they provide elements of it because they can only provide visibility from outside in. And if you were to take AWS as an example, they give you only at an account level. If you want to do things at an organization where you might have a thousand accounts, you're left to fend to yourself. If you want to span other cloud service providers at the same time, then you're left to fend to yourself. That's why technologies like us exist. We can not only span across accounts, but go across cloud and get visibility into your workload. Now we know that the leading cause of data loss in the cloud, or breaches if you'll call them, is misconfiguration. Is that something that you address as well? Yes, if you were to look at the majority of the breaches, they're due to two reasons. One, due to arguably what you can call as vulnerabilities, misconfigurations, and compliance related issues. Or the second part, things related to behavioral nature, which are due to threats, which then result in some kind of data loss. But misconfiguration is a top issue and it's called as Cloud Security Posture Management. There once you scope and assess what's the extent of misconfigurations, maybe there's a chance that you go quickly remediated. So how do you address that? Oh, yeah. How does that work? So if you were to look at AWS and if you were to think of it as an orchestration plane for your workload and services, they provide an API. And this API allows you to get visibility into what's your configuration looking like. And it also allows you to figure out an ongoing basis if there are any changes to your configurations. And usually when you start with a baseline of configuration and as a passage of time, is where misconfigurations come into play. But understanding the full stream of how it's been configured and how changes are occurring, you get the chance to like go remediate any kind of misconfig and hence vulnerabilities from that. That was a great question, Paul. And I'm sure, I mean, people want to do that. 23 billion was invested in cybersecurity in 2021 alone, casual dollar amount. I can imagine cybersecurity is a top priority for all of your customers. Probably most of the people on the show floor. How quickly does that mean your team has to scale and adapt given how smart attacks and various things are getting on the dark side of things? Great question. The biggest bigger problem than what we are solving for scale is the shortage of people. There's a shortage of people who actually know. I was serious about that. So shortage of people who understand how to configure it, let alone people who can secure it like with technology like ours, right? So if you go in that picking order of Tot and Coal, it's people and organizations like us exist such that at scale you can identify these changes and help enable those people to quickly scope and assess what's wrong and potentially help them remediate before it really goes out of control. This is the so-called XTR part of your business, right? Yes, so there are two parts. One is around the notion of auditing and compliance and getting visibility. Like the first question that you asked around misconfiguration. And that's one part what we do from the control plane of the cloud. The second part is more behavioral in nature. It results from having visibility into the actual workload. For example, if there's been a misconfiguration if it's been exploited, you then want to reduce the time, dwell time to figure out like what really is happening in case there's something potentially nefarious and malicious activity going on. That's the part where XTR or CWPP comes into play where it's basically called as detection and response of cloud workload protection. And it's a fairly new concept, XTR. How is the market taking to it? How popular is this with the customer? XTR is extremely popular. So much so that thanks to Gartner and other top analysts, it's become like a catch-all for a whole bunch of things. So its popularity is incredibly on the rise. However, there are elements of XTR, the last two part, detection and response, which are like very crucial. X could stand for whatever it is. It's extended version. As applied to cloud, there's a bunch of things you can do. As applied to laptops, there's a bunch of things you can do. Where we fit into the equation is, especially from an AWS or a cloud-centric perspective, if the crown jewels of software are developed on a laptop and the journey of the software is from the laptop to the cloud, that's the arc that we protect. That's where we provide the visibility. Wow, that's impressive. So I imagine you get to see quite a few different trends working with different customers across the market. What do you think is coming next? How are you and your brilliant team adapting for an ever-changing space? That's a great question. And this is what we're seeing, especially with some of our large Bay Area customers. There's a notion of what's emerging, what's called as security as infrastructure. Unlike security traditionally being like an operational spend, there's a notion investing in that, look, if you're going to be procuring technology from AWS as infrastructure, what else will you do to secure it? And that's the notion that that's really taking off. Nice. You are an advocate of what you call shift up, a shift up approach to security. I haven't heard that term before. What is shift? Shift left and shift right, but what is shift up? Great question. So for us, given the breadth of what's possible and the scale at which one needs to do things, the traditional approach has been shift left where you try to get into the developer side which is what we do. But if you were to look at it from the perspective that the scale at which these changes occur and for you to figure out if there is anything malicious in there, you then need to look across it using observability techniques, which means that you take a step up and look across the complete spectrum from where the software is developed to where it's deployed and that's what we call as shift up security. Taking it up like one level notch and looking at it using a telemetry driven approach. Yeah, go for it. Telemetry driven, so do you integrate with the observability platforms that your customers are using? Yeah, so we've taken a lot of cues and IP from observability techniques, which are traditionally applied to numerical approaches to figuring out if things are changing because there's a number which tells you and we've applied that to state related changes. We use similar approach, but we don't look at numbers. We look at what's changing and then the rate of change and what's actually changing allows us to figure out if there's something malicious and the only way you can do it at scale by getting the telemetry and not doing it on the actual workload. I'm curious, I'm taking, this is maybe your own thought leadership moment, but as we adapt to nefarious things, love your use of the word nefarious, despite folks investing in cybersecurity, I mean the VCs are obviously funding all these startups, but beyond that, it's a huge priority, breaches still happen and they still happen all the time, they happen every day, every second, there's probably multiple breaches happen, I'm sure there are multiple breaches happening right now. Do you think we'll get to a point where things are truly secure and these breaches don't continue to happen? I'd love to say that, the short answer is no. Right. And this is where there are two schools of thought. You can always try to figure out, is there a lead up with a high degree of conviction that you can say there's something malicious? The second part is you figure out, like once you've been breached, how do you reduce the time by like figuring out your dwell time and like mean time to know. Nice. So we have a bit of a challenge. I'm going to put his in the middle of this segment. I feel like spicing it up for our last one, I'm feeling a little zesty. We've been giving everyone a challenge, just to your 30 seconds of thought leadership, your hot take on the most important theme for you, coming out of the show and looking towards 2023. For us, the most important thing coming out of the show is that you need to get visibility across your cloud from two perspectives. One is from your workload, second in terms of protecting your identity. You need to protect your workload and you need to protect your identity and then you need to protect the rest of the services. So identity is probably the next perimeter in conjunction with the workload and that is the most important theme and we see it consistent in our customer conversations out here. Now, when you say identity, you're referring to down to the individual user level? At a cloud level, when you have both bots as well as humans interacting with cloud and bringing up workloads and bringing them down, the potential things which can go wrong due to automated accounts going haywire is really high and if some privileges are leaked which are meant only for automation, get into the hands of people, they could do inflict a lot of damage. So understanding the implications of IAM in the realm of cloud is extremely important. Is this, I thought zero trust was supposed to solve for that, where does zero trust fall short? So zero trust is a bigger thing. It could be in the context of someone trying to access services from their laptop to email exchange or something internal on the intranet. In a similar way, when you use AWS as a provider, you've got a role and then you've got privileges associated with the role. When your identity is asserted, we need to make sure that it's actually indeed you and there's a bunch of analytics that we do today allow us to get that visibility. Talk about the internal culture. I'm going to let you get a little recruiting sound bite out of this interview. What, how big is the team? What's the vibe like? Where are y'all based? So we're based in Boston. These days we are globally distributed. We've got R&D centers in Boston. We've got in two places in India and we've got a distributed workforce across the US. Since pre-pandemic to now, we've like increased 4x or 5x from around 60 employees to 300 plus. And it's a very- Nicely done. We have a very strong ethos and it's very straightforward. We are very engineering product driven when it comes to innovation, engineering driven when it comes to productivity, but we are borderline maniacal about customer experience. And that's what resulted in our success today. Something that you have in common with AWS. I would arguably say so, yes. Thank you for identifying that. I didn't think of it that way, but now that you put it, yes. Yeah, I think I want to think that I've loved about the whole show and I am curious if you felt this way too. So much community first, customer first behavior here. Is that been your take as well? Yes, very much so. And that's reflected in the good fortune of our customer engagement. And if you were to look at our, where has our growth come from despite the prevalent macroeconomic conditions, all our large customers have doubled down on us because of the experience we provide. Ganesh, it has been absolutely fantastic having you on theCUBE. Thank you so much for joining us today. Yes, thank you. And if I may say one last thing. Of course you can. As a venture, we've put together a new program especially for AWS re-invent and it allows people to experience everything that Uptix has to offer up to a thousand end points for a dollar. It's called as the Uptix Secret Menu. Go to UptixSecretMenu.com and you'd be able to avail that until the end of the year. I'm signing up right now. I know what I was going to say. I feel like that's the best deal of re-invent. That's fantastic Ganesh. Again, thank you so much. We look forward to our next conversation. Can't wait to see how many employees you have then as a result of this wonderful recruitment video that we've just- We hope to nominally double. Thank you for having me here. Absolutely. And thank all of you for tuning in to our over 100 interviews here at AWS re-invent. We are in Las Vegas, Nevada, signing off for the last time with Paul Gillan. I'm Savannah Peterson. You're watching theCUBE, the leader in high tech coverage.