 Live from San Francisco, celebrating 10 years of high-tech coverage, it's theCUBE. Covering VMworld 2019. Brought to you by VMware and its ecosystem partners. It is 10 years and going strong for theCUBE coverage here at VMworld, VMworld 2019. We were here 10 years back and looking forward to the next 10 or more. We're at Moscone Center North San Francisco, theCUBE with Dave Vellante, John Walls. We're joined now by Tom Barsi, who's the Senior Vice President of Business Development at Carbon Black and Tom, kind of a quiet couple of weeks for you, not much really going on in all seriousness. Just a little bit. Yeah, I mean, big purchase VMware, I'm sure you're aware, picking up Carbon Black, making that announcement official this week. You were at the center of that discussion, so if you would kind of give us a little behind-the-scenes peek behind the curtain of how those talks developed and really maybe back to your relationship with VMware to begin with, because this goes back for a while. So needless to say, a super exciting week and a culmination of a lot of work amongst an army of people to get us to where we are. And obviously the announcement last week around the acquisition of Carbon Black was huge, but I think the announcement this week, in terms of going into more detail that Sanjay and Pat went into in terms of combining the best-of-breed infrastructure management with our best-of-breed, cloud-native, modern security platform with analytics, combine that together. I think there is really an opportunity to transform the industry. And candidly, we've been working with VMware for well over two years. So two years ago, VMworld, we announced an exclusive partnership with VMware. We integrated with VMware's newly announced app defense product, which is really around securing cloud workloads. And obviously they're in a unique position to secure workloads because of where they sit, leveraging the infrastructure and knowing what's good and what should be running within those workloads. So they've leveraged that and build app defense. And for the first time, we built that integration, exclusive integration, and for the first time, a security operation center has been able to have visibility into the hypervisor. So that's where we started to see the potential and the opportunity. And it also gave us an opportunity to really start to work closely with the VMware team, understand their culture, understand their community, understand their leadership, their commitment to winning, understanding their commitment to really sort of transforming security. And it just became, we dated and it became just obvious that there was so much synergy between our leadership and theirs and so much synergy in terms of our vision of securing the world, making them safe from cyber attacks. And so it just made so much sense. So in Pat's words, sure, it de-risked the acquisition over a period of time, but it also allowed us to really work closely together, know what we're getting into, and really getting super excited. So I can tell you that the response from our employees has been overwhelming, and then the response here at VMworld has been just amazing in terms of the traffic and partners and customers and all that. I asked Pat Gelsinger five years ago on theCUBE, is security broken? And he said, yeah, it's broken. And I was like, well, what are you going to do about it? He said, stay tuned. Well, I've been tuned. I did an analysis and this may, well, first of all, Patrick is going to take over as a run VMware's cloud security business. So when Pat has stated, Patrick Morley, CEO of Carbon Black, and Pat Gelsinger has said, we want to be the cloud security company. Okay, so I love when he lays down aspirations like that. Now, this may not be fair to you because- We've been in the security. Well, but there's a portfolio there you may not be as familiar with, but I'll ask you anyway, because you're going to have to become familiar with it soon. So I did an analysis of the Carbon Black acquisition, obviously app defense was in there, but if you look at the VMware security portfolio, NSX has a micro segmentation use case. Yeah, obviously AirWatch with, you know- Workspace One. Computing with Workspace One. Absolutely. Cloud Corio, E8, security bracket, Intrinsic is another tuck in acquisition that VMware did. So wow, they're building up this portfolio. Can you help us understand how that's shaping out and where Carbon Black fits? Yeah, absolutely. So let's talk about first the opportunity here. The opportunity is to leverage the infrastructure management and security portfolio that VMware has, and then sprinkling the Carbon Black capabilities across that infrastructure. So, you know, embedding it in NSX for network to endpoint visibility and control, embedding it in Workspace One, which we've already done, embedding it with integrating with app defense, which we've already done. The ability to do agent lists within vSphere, super, super powerful. Post-close will be working on things like that. So, basically by integrating across that portfolio, you really have the ability to transform the entire security space. And I'll talk about that in a second. But what that means is, basically by embedding security across that infrastructure management and eliminating a lot of the complexity and the overhead and the bloat, you're coming up with basically intrinsic security. And what, you know, the best thing from a human perspective to increase your immune system, you know, is, staying healthy is boosting your immune system. And the best way, reason we're doing this, the best, best way to secure an enterprise is to integrate, embed security into the actual infrastructure and take the benefits of infrastructure management with security combined and eliminate all that complexity. So, let's talk just a second about being broken. It's hard from a security guy coming in saying the industry's broken. I will tell you that. But the truth is, it needs to be transformed. There's just no question about it. So, let's talk about just from an endpoint perspective and then we'll get into the whole opportunity to extend that capability. But you look at the endpoint, from an enterprise customer perspective, it's well documented that, you know, legacy AV was built 20 years ago and not built for the modern attack vector. So, it's well documented. Yes, customers still have legacy AV. It's not, you know, it's 35% effective. So, what have customers done? They've gone and deployed EDR, End Point Detection and Response, which is what Carbon Black Historically has been a market leader, hands down market leader in this space, in terms of adding EDR, yet another sensor. Then you want to have the ability to say, look, we got workloads and there's another sensor for that. Then you want to talk about, hey, vulnerabilities are coming out and we want to be able to query across the fleet to understand what vulnerabilities are in your environment. Tainium like, right? There's a sensor for that. So, you know, about two and a half years ago, our customers came back to us and said, look, we love you guys, what you guys are doing, but there's too many sensors on the endpoint bloating and slowing my systems and my security team's getting fatigued with all these point tools. They said, we need an integrated approach. In comes the Carbon Black Cloud. And that's where we have the ability to integrate multiple services. NG, Next Gen Antivirus, EDR, LiveOps, the ability to query across. We've integrated AppD for Cloud Workload. All those are shipping today. All those services on a single soft lightweight sensor and a modern cloud native SaaS back in with analytics. So it's just super powerful. And so now you're consolidating on that. You're getting more efficient. You're limiting overhead. And you're making the security operations team that much more effective. Now, imagine taking that approach to the broken network and workload and et cetera and extending that capability across the entire infrastructure. And that really is what we're talking about in terms of teaming with VMware, embedding our security capabilities across the infrastructure, across the NSX, into vSphere, into work AppD, into workspace one, which we're already doing. And again, eliminating a lot of that bloat and making our customers more secure and much more efficient. So there's another dimension to this acquisition which I like, which is your SaaS business. So I think it's about 38% of your revenue. I call it roughly 40% of your revenue, but growing very, very rapidly. Probably growing at 70% a year. Exactly. VMware has said that this acquisition, along with Pivotal is going to add a billion dollars in basically mostly are all subscription revenue next year, three billion in year two. And it's going to be in a creative and cashflow positive acquisition in by year two. So all very VMware executes well, generally on acquisitions. And so notwithstanding some weird stuff in the economy that they usually hit their targets. You know, they tend to be conservative. So I really liked that. That's clearly the direction you're moving. The other thing about this, a lot of people on Wall Street said, wow, this may be overpaid for the stock but I want to get your opinion because you're out competing every day. And CrowdStrike is obviously the comparison they use. Okay, this is a company that has a $16, $17 billion valuation. Your valuation was 2.7 billion. You look at CrowdStrike's post IPO stock chart, it looks like a bathtub. You know, it kind of goes like this like this and then goes like that because people start to realize, wow, this asset actually has, you know, a lot of intrinsic value, no pun intended. So in comparing CrowdStrike with Carbon Black in terms of feature, functure, capabilities, you know, execution, ethos, technology, is there really that much of a difference? 16 billion at 2.7 billion? You know, I can't really comment on CrowdStrike's market cap. Obviously I respect them as a competitor. Don't have to like them but I respect them as a competitor, no question. In terms of the function and the capability, you're all competing with them every day. In terms of the functionality, look, we have significantly closed the gap and adding Cloud Workload capability with AppD, adding the query capability with LiveOps and extending that capability. So from a feature functionality, look at VMware as technology driven, they kick tires and they do their diligence on technology, that's the strength of VMware. So they look deep and what they came away with was we have a super competitive platform. You're seeing it in our wins at our growth rate, you're seeing it with our wins and large customers that I can't really name. So from a feature functionality perspective, we're at par in many ways, we think we're better. And now, if you look at where this market's going, look, CrowdStrike's going to be a great point product solution for Endpoint. But we believe, and they're going to do phenomenally well, but we believe there's an opportunity here to, again, to integrate infrastructure management that VMware has in our security capability and deliver an end-to-end platform and truly transform across the entire infrastructure of an enterprise. So that's really where we see the opportunity and the opportunity for growth. And then when you want to look at our growth rate, I mean, to your point, VMware does an incredible, incredible job and you start to talk about the reach of VMware and then you talk about the reach of Dell EMC and it's super exciting. Yeah, the VMware brain trust is very capable, both from a strategy standpoint and a technical, very strong engineering culture. And you saw this with AirWatch. So AirWatch, when VMware acquired AirWatch, VMware was struggling in what was then the VDI business and AirWatch wasn't number one in the marketplace, but VMware now crushes Citrix in that space. People are making similar analogies with regard to Carbon Black. Do you think that's fair? I mean, you think you can repeat that sort of momentum? Yeah, I've obviously been very, very close to this relationship and I've been sort of the number one fan and cheerleader of this partnership because I just believe in my soul that it's going to be transformative. It really is. So to that point, I think, and I've talked about it internally what they've done with NICERU, what they've done with AirWatch, now Workspace One, and the ability to take a business from either no revenues or a couple hundred million and take it into two billion, I absolutely believe that we will see the same, it's going to take a lot of work, but we're going to see the same trajectory. I mean, they're maniacally focused on, if there are gaps, they're going to resource it in terms of product gaps or anything to accelerate the roadmap to allow us to win and then you're going to talk about the triple acceleration with VMware and EM Dell EMC. So to answer, along with an answer to say, I truly, truly believe that we can take our position as number two and really be number one. And transformative in a significant way, a significant word to use. What's that in product going to be then that makes you look at it from this visionary standpoint and think, yeah, this is a perfect marriage. This is a fantastic opportunity, because you're not, you're selling hard. Yeah, well, it's a platform, really. Look, it's a platform and at the end of the day, what we're focused on here is customers. We're talking about, how do we protect our customers? And the best way to protect those customers is to embed the capability. When we did many years back with Carbon Black, we exposed our data and many of our partners that sometimes we compete with, whether it be Palo Alto or Cisco or FireEye or a number of other players, because customers demand the end-to-end visibility from network to endpoint. And can you imagine the kind of telemetry when you integrate Carbon Black in our modern cloud and platform and our analytics and the ability to pull data from the hypervisor, the ability to pull data from NSX, the ability to pull data from workspace one into a common console and then understand exactly what's happening from an attack perspective. And then let's talk about, okay, so now you have this visibility, this 360 degree view of what's happening in your network. And now you want to talk about the ability to orchestrate and remediate, like solve the problem. Well, historically, it's been the security operation center over here and you got IT over there. And there's been this friction because the SecOps guys are saying, take it down, take the server down, there's a problem. And the IT ops guys are saying, hey, I got runtime, I got to keep it up. So now you have the opportunity, again, to leverage that management to identify a threat and then the ability to just seamlessly leverage VMware's infrastructure management tools to instantly remediate and orchestrate a problem without the conflict with IT and security operations. So we actually see an opportunity to eliminate that friction and create collaboration between those two. Yeah, and security is broken. It is a do-over. And we talked to SecOps teams and they'll tell you, yeah, we're fighting every day where bombs are dropping. We have to succeed every day. The bad guy only has to succeed once. And so yeah, they bring in all these tools and a lot of times they don't work together and it's just, they have a very hard time trying to figure out, okay, what do we prioritize on? And obviously analytics is helping that, but you see the stats after you get infiltrated, it takes whatever, 300 days, 250 days to even identify that you've been infiltrated and it's just a very complex environment. So the do-over is a platform that gives you end visibility and doesn't force you to learn different point tools and has a comprehensive view of your infrastructure. That's right. And I also want to point out, it doesn't mean that we're going to create this platform that's closed. A lot of competitors like to build closed platforms and go into end. And Carbon Black has always been API-driven, open. And the whole point of this openness is to we collect this powerful endpoint data and we want to expose that data across the infrastructure. So we're exposing it to the network security guys, whether it be Vectra or Palo Alto Networks or FireEye Mandiant, depending on who it is. We're exposing the data to Splunk and IBM Q-Radar and IBM Resilient. And we're going to continue to do that. We're going to leverage this platform and all this powerful telemetry and we're going to continue to have this open platform and continue to work across the industry to make sure it's not just our platform, this end-to-end, but it's just across the ecosystem. Well, it's something always, VMware's always been strong. If there's heterogeneity, they help balance the scorecard. So, yeah. It's been a, well, that'd be an understatement to say, it's been an exciting week for you. It's been a great two years, it sounds like. And we wish you success. Not only this week, but you know, on down the road, like you said, a lot of hard work is still ahead of you. Absolutely. So congratulations on 10 years. I look forward to being here in year 20. All right. That's awesome. That's what Michael said. We'll be right back, we'll be right back. Just a bit, taking a break here on theCUBE. We're at VMworld 2019, Moscone Center, San Francisco.