 And we're rolling. Hello and happy Wednesday to everybody out there. My name is Michael. Wait. This is the open shift. Commons briefings operator hours show this week. We are fortunate enough to have with us to really fantastic people from our good friends at set. So we've got Tim Riley, who's the chief executive officer of Zeta set and maximum. Yankovitsky. I hope I got that right. Max close enough. Give him in a for effort. You're the chief technology officer of Zeta set. How are you guys doing today? Great. Thanks for having us. All right. Now you guys are both in the in the in the West Coast out there in California in the Bay area. Are you are you folks safe from all the. All the swarms of locusts and wildfires and everything that's going on out there. I think we're in the downtime where we all prepare waiting for the fall with the fires. And. If you remember the orange sky, we've got it all. I think, uh, any off had a great little Twitter post about the only thing we're missing is Godzilla walking. In downtown San Francisco, they said they said yesterday I was driving home from getting some some food for my chickens at the at the grain store. And I looked at the moon and it was orange and I haven't seen an orange moon probably since the last time there were huge fire. So I guess, I guess the smoke from all these fires is is all the way out here up in the in the stratosphere and making the moon orange. It is crazy. Yeah, the fire season is probably going to start in about a month or so. Yeah, and then, and then, and then you guys will get torrential downpours and then, and then the mudslides, right? Cause everything. So, and then droughts. We have a 25% reduction over here. So it's up and down up and down. Yeah, it's exciting. It's really exciting. But talk about exciting. I'm excited to have you guys on here. You know, Zeta set is 1 of our software partners that we work with on a regular basis. You folks have a really important security play. That's super important for our joint customers who are looking to modernize their IT infrastructure running, you know, OpenShift and Kubernetes to, to, you know, try and get their business apps into multi cloud environments. Tell us a little bit about Zeta set. It, it, it's kind of an interesting name can probably be misinterpreted a little bit based on the name. I think Tim, when we were talking the other day, you were kind of explaining to me some of the some of the rationale behind the name. Why don't you share that with everyone here? Yeah, thanks. Zeta set. When we, in the 1st iteration of Zeta set, we were dealing with Hadoop, another open source and wrapping our security around that. And what we decided was we would show that we can deal with encryption and security around Zeta bytes of data and a data set. So you can see it fused together and we became Zeta set. Not Zeta set. Zeta set. I know some people tend to do that. And I believe that's a trillion gigabytes. So it's a lot of, it's a lot of data. What happens when someone comes out with the next large number after Z? Does it start back over at A? I think it's Yoga byte. Yota byte. I think Lucas might be a little, I can't believe Lucas allowed it to happen because there's going to be something after a Yota byte too. Yeah. Yeah. So what about you? What makes you interesting? Did you get hired there at Zeta set yesterday, Tim? It feels like a blink of an eye, but yesterday became 5, 6, 7 years like that. I came in as more of a COO and was starting to build the infrastructure for the company. And at the time, like I said, we were in one iteration of it. We really pivoted the company about 2 years ago and really started to focus on what we saw as the future, which is DevSecOps where we needed to migrate everyone. And I think that's probably when that whole industry was starting to gain steam. But we also realized there was a legacy that still needed encryption and anyway, we can help rel and that make Lux better. We want to help there as well. So when it comes to Red Hat, we have embraced you guys as great partners. You've been just as supportive to us. We just got partner of the year. We're very excited about that. And it's been a journey of understanding how best to protect data. I think that changes. It seems like it changes every other day, especially with the headlines that we have now. And we, as Zeta said, look at it and say, how can we help protect the data? We know we're not the only piece. We're not the end all be all, but we are, I would say the next generation of data protection that with the other pieces of security will help extend OpenShift will help have DevOps turn into DevSecOps and will hopefully help more production environments. And at the same time, we can still leverage our technology with a good old fashioned rel and help nodes further reach out to the edge or off the planet. If we've heard a couple of different ones about that too, but very excited to be the future of data protection. That's cool. And you talked about LUX and I wrote that down. I'm assuming it's LUX is not spelled L-U-C-K-S, is that right? Yeah, correct. It's L-U-K-S. Yes. And for those of you, Maxim, if I get it right, Linux, is it unified keys? Yes, it's unified keys services. Service set up. All right, give me three out of four. That's pretty good. Mike, if I may, a lot of people ask, because this is one of the fundamental pieces that goes from rel to OpenShift and how we really help protect the data. And over the years, we've heard, well, are you guys just replacing LUX? I mean, LUX comes with rel. So what's the point? And I love Maxim, because Maxim and I just had this talk the other day. Maxim, tell them how you view LUX, because he was one of the guys that designed the wrapper around LUX that makes it even better. But Maxim, before you get there, tell us about you, right? Oh, of course. So you're Chief Technology Officer there. You've been around at ZetaSet for quite some time. How about you? Yeah, I started in Silicon Valley in 1996, working on enterprise databases. In 2004, I was interviewed and invited to join a company called Ingrid Networks, where we built and designed and built enterprise key managers, hardware-based at the time. Encryption and key management were just trumping up and it was all hardware-based, because performance impact was pretty dramatic. So we built that. Ingrid later got acquired by SafeNet. A couple years into my SafeNet tenure, I got a call from my old boss at Ingrid and said, we have this exciting company focusing on Hadoop and big data. And if you've driven Highway 101 North through the Silicon Valley, you probably saw Hadoop Billboard saying the little white elephant is going to take over the big data market. And so come over and Hadoop is a horror to deploy. We're trying to make it enterprise. We're trying to make it human-friendly. So I joined ZetaSet November 2014, I want to say, 2012 actually, not my 14th. So November 2012, it's been a while since TeamSet, we've pivoted the company, we've focused on encryption for legacy environments and more recently for the DevSecOps and microservice-oriented environments, and what's better to run microservices than Kubernetes and Red Hat OpenSheet. So we started, we're kind of in that space right now. Is that a native San Francisco accent, a detector? No, not really. It's the accent from my previous life in Russia that 26 years here, 28 years here, this November, didn't work out. I keep asking team if I should take whatever, the classes to remove the accent and he insists that I keep it. I think it sounds better. You need your really smart Russian security guy. Right. That's what I was going to say. I mean, it just adds that much more credibility, especially being CTO. So Tim, you were just teeing up a question for Maxim there and then I said, well, hold on a second. Let's find out. Yeah, no problem. I just, I love how brilliant he is. So I jumped right over that, but you're absolutely right. I'm the guy that knows it and everyone should know how smart he is. To the point of when we, I want to just make a point about Hadoop because it was open source and then the other guys put a wrap around it like a cloud or like a Hortonworks. And then we were going to put encryption on it and that, it just didn't pan out. We all know it just didn't pan out. Well, in version 2.0, we are doing open source with another enterprise company that company just happens to be called Red Hat. And I think there's a better breath of integration, a more of a value prop and just how we can help Red Hat grow, how we can protect data in Red Hat environments, open shift and rel. Now, I say that and everybody will tell you, well, there's open source answers to data protection. How are you guys different? And what we see is the next question is, well, Lux, I hear all about LUKS and what makes you better or help them. And this is where I'm now going to pass it off to Maxim. Yes, so I'll try to tell this whole UNIX joke that some of you guys may have heard that if UNIX was the airplane, then the way that the airplane would be built, everybody brings a little piece of it, puts it together and tries to make it fly. And the point is UNIX is full of wonderful components, commands, tools, utilities. They're all doing an important bit, but they're doing separate and distinct bits and they are pretty much standalone in that regard. And DMCRIP, which is the low-level crypto technologies that we use and LUKS are building blocks, as I call them. They're critical. They work together really, really well, but they're building blocks. They need connecting code. They need the glue code. You think encryption, you start thinking key management. LUKS brings super basic, well, I wouldn't even call it key management. It brings an ability to pass keys over to DMCRIP. So you have an encryption system, you have the key management, quote-unquote system in the form of LUKS, and LUKS can pass the keys over to DMCRIP. Well, this is all great if I'm encryption a laptop. This is variable if I'm encryption a server. If I run a server farm or a 5G set of micro data centers and I need to protect them, I need to establish some LUKS passwords, how am I going to reboot a server ever? Am I going to have to walk around the building and type in the password every time LUKS boots? There are tools for that, but the point is don't keep the keys next to the data, make the system manageable, and understand that in no scenario it will be a standalone server. It will always be hundreds, if not thousands, if not tens of thousands of servers. This is where ZetaSet actually brings value to LUKS, kind of like what Red Hat does to Linux is to make it manageable, to make it scalable, and to make it run in an enterprise. That's what we do to LUKS, we make it manageable and we make it scale. Yep, yep, I mean it's real simple. Red Hat is the enterprise wrapper around Linux. ZetaSet is the enterprise wrapper around the basic encryption and data protection that Linux provides. You know, it's, so I started at Red Hat in February of 2002, so when I started here, we were making Red Hat Linux 6. It was like in a cardboard box, it was in retail stores and we were selling mouse pads and t-shirts and, you know, we actually, Red Hat wanted to figure out how to build an enterprise business model around all this momentum, this great, you know, as Maximum said, you know, all these people bringing little pieces together to try and put together an airplane. And, you know, so we ended up starting an office here in Massachusetts, which was our enterprise engineering office, there were 12 of us back then, and we came out with Advanced Server 2.1, which was our first version of what later we did at Red Hat. What's that? Red Hat Advanced Server, remember it well, yeah. Advanced Server 2.1, we made the decision to call it 2.1 because no one was going to buy version 1.0, right? Right. And anyways, it was interesting because, you know, you're fast, like I used to get on an airplane, I was a sales engineer, and, you know, you sit on an airplane and I'm, I talk to people, you know, I'm like, hey, what do you do? Hey, I'm like, oh, I work for Red Hat and they were like, what's that? You know, it was, it's really weird when I get on an airplane these days and like, you know, who do you work for? I'm like, I work for Red Hat, you know, and they're like, oh, the Linux company. I'm like, well, not just the Linux company. I mean, that's, you know, we're now a cloud vendor. We have OpenStack, we have OpenShift, we have Anzol, but we certainly do have a strong reputation as being the Linux company, which I guess is a good thing. So if you folks are the Red Hat of security, then I think that's also a great thing. And hopefully together, you know, when people use ZetaSet with OpenShift and other, you know, Red Hat platforms will stop a lot of these security breaches that are shutting down pipelines all over the country. I want to get to that for sure. But can you tell us about your technology? So ZetaSet's the company, right? We know who two of the executives are here right here with Tim and Maxim. How do you call your product or product or products? Is it ZetaSet? Is it the same as the company name? Is it different? Yeah, we use XCrypt, X, C, R, Y, P, T, and it is an encryption platform, the XCrypt encryption platform. And within that, we have the management console and we have a monitoring ability and we then have all the various modules within it. They all work together. And we also have a virtual key manager that can exchange the keys back and forth and the management console can track that. So it's a full package of crypto. And like I said, I like to view it more as data protection because when you start managing and watching data, whether it's encrypted or unencrypted, then you're more watching its data protection. And crypto just happens to be one facet of data protection. We had this interesting conversation sometime ago where we said, we keep saying, encrypt everything, right? Encrypt everything, encrypt data in all of your environments. And then we sat down and thought, well, if you encrypt everything, how in the world do you manage that? Now that you've encrypted everything, now you've encrypted your servers, your containers, your OpenShift clusters, your 5G microdata centers, how do you manage all of those? And I don't just mean key management. How do you manage the encrypted objects in a meaningful way? And so we figured we're becoming not so much, we're morphing into a data protection company. Still encryption being the enabling technology, but I think what we are now is an enterprise data protection company. And Mike, one of the things we compare, just like we said, we're the rel, we are also, if you want to look at our management console, it's essentially satellite. Or if you're looking at OpenShift, it's Rackam. So we are trying to be the management console for data protection that integrates with both satellite and with Rackam. So, and we've had wealthy discussions with both. We're in the middle of integration with Rackam right now. We'll have that done within the next 2 months. We've got a full stack of integration across a lot of the different Red Hat offerings with Ceph with OpenShift platform. I believe you guys now call it the data foundation. It's no longer a storage container. But again, just to say there, we understand that our platform needs to have all the different features and pieces that touch everything within Red Hat. And we feel like we've really come a long way with the partnership to get there. That's good. You know, it's interesting you brought up satellite. I remember, I don't know, Maxim, you're familiar with our advanced server 2.1 product. Did you know Christian Gaffton at Red Hat, Maxim? Do you remember him? No. He was in charge of Red Hat satellite. It was called the Red Hat network and satellite was the product. But Christian Gaffton, anyone can probably look him up. I don't know where he is these days, but the guy was absolutely brilliant. But it is interesting that you bring it up because it's one thing to go ahead and, you know, deploy Linux. It's one thing to go ahead and deploy OpenShift. It's one thing to say we're on board with, you know, hybrid, you know, multi-cloud. But if you can't manage it on day 2, then you're never going to go into production. You're never going to be successful. And, you know, containers are great, but containers are getting smaller and smaller and smaller and smaller and moving towards microservices and tens of thousands and millions of applications all standing up and shutting down. You know, and that's why there's companies out there that have, you know, service mesh tools to help manage, you know, how you manage the management of containers. So I would imagine that, you know, you folks just must be ripping your hair out. I know clearly I have been. But how do you secure an environment where customers are going whole hog into embracing microservices and cloud native, everything? It's just got to be an absolute goat rodeo. Go ahead. You start. No, you start. I think we'll. I think the key point here is that you kind of got to start fresh. When you take your legacy application and you say, I'm going to make it run on Kubernetes, hopefully, and it's my strong hope and strong believe and advice to whoever asks. Don't take your legacy application and drop it into Kubernetes cluster and think that it'll just run and run better just because Kubernetes does all this wonderful things. There's a great picture about Kubernetes where there's this little cute thing above the water that says, oh, this is the best way to run microservices. And there's a huge monster underneath the water line that has all this, you know, service meshes, networking, container runtime, all this 50 different components that Kubernetes makes seamless, which is great. But you still have to remember that in order to take advantage of all this, you have to essentially re architect your app to be microservice aware and to run microservice. This is this is so very true about security and data protection as well. You cannot carry your data protection legacy that said, you know, encrypt servers, encrypt VMs. You cannot take this legacy products and carry it into the Kubernetes and OpenShift environments and just say, yeah, Kubernetes basically runs on Unix servers. So let's just encrypt Unix servers and we're done. Well, we're not done. You have an illusion. You have the worst possible thing in that case because what you do have is an illusion of security, illusion of data protection because you're writing solutions which are not container aware. You have environments where you mentioned tens of southern containers. Kubernetes environment environments designed to be multi-tenant by nature. You're sharing the data. You're sharing the execution stuff. You're sharing pretty much everything. And using legacy data protection to protect DevSecOps environments and specifically Kubernetes, you lose that level of granularity because once you become multi-tenant, your number of attack vectors and the type of attacks are increasing exponentially. So what you don't want to see happen is one little tenant compromises one little container and that exposes the entire OpenShift cluster or set of clusters to malicious user. That's why just as you rearchitect your applications to run microservices, you have to think security first and rearchitect your security approach to be a microservices aware, Kubernetes aware and aware of this containerized application. That's the approach we've taken and set aside. We didn't carry our legacy. And Mike, if I just very high with new technology, you have to follow it with new security. You can't continue the old way like he's saying you have to rearchitect everything. And what we've seen is, all right, you're going to come across the folks who, like you said, pull your hair out because they just ported what they have done into this new environment. And even in those, we understand that is the world, right? You're going to have that. So our products are able to encrypt the data in place where we understand that everybody is going to jump in the right way. So yes, we're going to say, okay, here's the way that you should do it. And here's a partner OpenShift that you can put in. But for right now, do our security. If you want to then walk out as you turn your, the turret into where you should be with a proper DevOps, with a proper DevSecOps, we can go hand in hand with OpenShift to push that out. Flip it. Maybe OpenShift is there already. And then you hit a limit on deployment where you have 10,000 nodes that you want to put out in micro data centers, which happened to be 5G. If you're in Europe, GDPR, they say, yeah, you can put it out at the edge. You can't store data out there because it needs to be encrypted. It's got to be encrypted. So at that point, you say, again, do I use some old technology to do this in a new environment? Or do I call like on the lines of ZetaSet who can encrypt and there's no performance impact and minimal at that. So again, I think we go hand in hand. You guys, I like to say wherever the data goes, we'll follow it and protect it. Whoever manages the data will manage the security behind it and we'll work in concert with you. So one begets the other. I think it's a very symbiotic relationship. Tim, you were telling us that you guys got nominated for partner of the year. I don't believe it. You have anything there as a way to prove it, Tim? I do. Do you mind if I pull it up? Give me a second here. Maxim, you keep talking. It's a great picture. By the way, I don't know how much of a budget you guys use, but it is phenomenal. This thing is gorgeous. I was bringing this up and obviously this was planned. I'm just, I'm looking at your background knowing that you have a really cool acrylic trophy there and then I'm looking at Maxim's background and I'm kind of wondering why so spartan. You guys see that? This is the best way to do it. It is a beautiful piece. I imagine it's a beautiful prism. I might have rainbows on all sides of my office when this thing goes. We brought it in, Mike. We brought it in for our all hands because we finally are back in the office and I brought it in. It's probably in our office right now. Yeah, it's probably in our office. Maxim could go run over and get it. But yeah, we were just very proud and I wanted to tell our whole team, thank you for all the great efforts you put in. It's a great product. You guys helped get us here and thank you for all the support on the partner side as well. Well, you know, we're not just doing this randomly because we were like someone from, you know, your admin from Zeta set reached out to us and said, Hey, can we have Tim and Maximo on your TV show? I mean, there's a, there's a reason why we're doing this, right? My team works with third party software vendors to make sure that the, that the technologies are tested and red hat certified and published in our container registry and they're available in the red hat marketplace and the operators are actually built. You know, we were talking about application orchestration and ripping your hair out, you know, having a red hat certified operator for those products which run with OpenShift allow for the true ability to deploy once and run anywhere, right? So you can put OpenShift in Amazon, you can put OpenShift in Azure, you can put OpenShift in the data center and it'll all just work because the operators help with that orchestration for day two. So I wanted to point that out that we're not, we didn't just randomly select Zeta set to be here. You guys are here for a reason and at the end goal of this is to make, you know, things better for our customers, right? I mean, we need to do that in good faith. So we are live on YouTube right now. We're live on Facebook. If anyone has any questions for Tim or Maxim, you can drop them into the chat and our magical bots will bring them on over and stick them in there. We're calling today, it's called Stump the Maxim Wednesday. So if anyone wants to feel like they can Stump Maxim or Tim as it relates to data protection for multi-cloud, please feel free to step up. And we're offering up a $50 Amazon gift card for anyone who can make Maxim stumble on his words and say, I don't know, I'm going to have to go look that up. Wow, that is impressive. I would like to say this because you're absolutely right about the part while we're hopefully waiting for the stack of questions. But when it came to partnering with you guys, you're absolutely right. There was no admin that just called us or anything like that. In fact, we were chosen and I presented a gov loop back in November. It was a great talk about the joint attack development and the JAD to see is the initiatives that the Department of Defense has to bring everything together and data share and to use OpenShift to do that and for us to encrypt and protect the data. Then to your point in the partner conference that was in January, we presented, I presented, co-presented and with a healthcare integrator that we had opioid crisis and we needed to share. And the use case was simple. It was you have the healthcare provider, you have law enforcement, you have social civilian agencies. And there's a wealth of reports that'll say you can better help a human being get off of this horrible addiction if they all can share data and work as a unit to help a person. And to do that, unfortunately, there's so many regs that you can't. And they've had many conferences saying, how do we get over this? Well, OpenShift with managing containers helps. And with those containers touching all that data, if we can encrypt it so that everyone can share it, you can check the box with regulation. You now really have the benefit of a massive, massive amount of people that hopefully can get off of this. One of the items in Australia we found was Australia, I guess was one, I did not know this. They're one of the countries that's the most impacted by opioids. And the fact that we're now working with an integrator over there that will help with all the medical facilities and the government to better allow sharing with OpenShift. We're very excited to be able to help in healthcare. I just said defense. Yeah, state and local law enforcement sharing with Homeland Security. Another example of that. You have to be able to exchange data. So OpenShift will get further extension if we can get encryption of the data of the persistent volumes to give people comfort. Let me ask you a question. I mean, we've probably used the word OpenShift a whole bunch of times on here, but realistically, there's some companies or customers out there that aren't moving to cloud that aren't adopting Kubernetes and they're just fine staying with their data centers. What's the Zeta set play for a customer who is like, we're staying in our data center. I'll start and I imagine Max might have something. Simply put, if you're brick and mortar and you have your bare metal and you have your containers, maybe you don't, maybe you just have your VMs. Where REL is the only thing there, we welcome that as well, because like we said, Lux is basic. If you want to sit there and give another level of encryption, if you have a thousand servers in your farm, then you got to manage them all and you have to push out policy. You have to do detection if maybe one of them has been compromised. You have to decommission one of them if something's wrong. And right now that management console doesn't exist. So we're able to allow Red Hat to now unite all of their deployments on servers with Lux. And then I want you to imagine the fact that you now have this, we call it Amoeba of this network where everything is touched like an octopus. And to do that, you need our management console and it's got advantage and monitor. It's great. You can stop there. But again, what if you want to take that toe and dip it into the edge, which essentially is just a mini data center. And when it comes to edge computing, you can just do the same playbook and maybe it's only three notes or maybe it's, you know, a container, a cargo container worth of a microdisk. It's the same playbook. It's just smaller and we can be lightweight with you and we can do the management there. So it doesn't matter. I mean, that's just another playbook. But if you want, like you're saying, if you take that next leap, we can do the multiple cloud. We can do hybrid. We can do on-prem and we can do edge. So now you've got a massive mesh and it's all controlled in one area for it to protect your data. So we think we've got you covered from the basic old rel to the new world of open show. Now, Maxim was talking about, you know, customers having to rearchitect their legacy apps and make them, you know, Kubernetes ready. I know certainly some of the larger SQL database vendors out there are trying to do that and having real challenges. So as a result, they're trying to bring the cloud to them as opposed to bring their SQL, you know, database out to the cloud. The majority of the software companies that I work with and there's hundreds of them are all building cloud native apps. So what do you folks see as far as, you know, in your world, people using say something like a Yugo byte, which is a cloud native distributed database or cockroach labs or something like that, as opposed to more of a, you know, trying to do something with a legacy SQL database. And how do you folks view that from a data protection perspective? Do you have a preference on where your security is? Does security protection works better for third party apps running on OpenShift or does it not matter? It matters in a sense that with security, like I alluded to, you know, being granular and being able to protect them in multi-tenant environments, it's all about applying security at the right level. And when I say the right level, what I mean by that is that there's always a balance between performance and granularity and applicability. You want to be as close as possible to the environment, but as you are raising up the step, you know, obviously the closest you can be to the environment is being on the application level. Now, that's going to give you so much performance headache that you're just not going to be able to do that. Or you will have to modify the application source code and you'll have the developers cranking out hundreds of hours before you can release a new version of the application. Stepping down the database level, database vendors take their own steps to protect their databases with granular encryption. Sometimes it's too granular, sometimes it's hard to manage, but the point is we found a sweet spot where we run, which is just below the Linux file system. And again, the Linux file system you run in containers, that's the copy of the Linux file system running inside the container. That's our persistent volume encryption. If you are in our data center product or the cloud product, we're just underneath the Linux file system. That gives you performance overhead that is so low that the application layers will likely not notice that. So we're running at a sweet spot with our encryption. And in terms of databases, that happens to be almost just below the databases that we're not really concerned about what database on what platform we're running because we're inside just above the file system essentially. Now that, you know what? We need to have you guys come back and do round two because we haven't even gotten to the good part about having you folks explained to me and our listeners about what happened with those pipelines. But you just said that you guys are right underneath the file system. So let me ask you this. There's a good friend of mine and Red Hat. His name is Dan Walsh. He's been in my office for, he's a distinguished engineer and he, you know, we affectionately call him Mr. SELinux. So he's owned SELinux and, you know, he has, now he's actually Mr. Containers at Red Hat, but he was Mr. SELinux for the last shoot, 17 years or so. I can't tell you how many times he's been somewhere and he's doing a talk and people like, sure, we know how to work with SELinux, we just turn it off. So if you folks are just underneath the file system, how does SELinux play or does it with your data protection technology? All of the, well, everything that's above us is really transparent to us. In essence, think of it this way. Here's an example of what we do for permissions and access management. We don't really. What it means is that we leverage the host system, specifically Linux, of course, because it already has permissions. It already has authorization and access control and there are other permissioned engines that run on top of it. SELinux not being a permission agent per se, but it's a essentially restrictive environment where you can control access, you can control aspects of the system that runs above us. So whatever rules you have for the SELinux, by the way, please don't disable SELinux. I wasn't saying, I'm just telling you what Dave has been hearing for years and years and years. We've seen it so many times. I've seen it so many times where, by the way, people do that with firewalls as well. They're on the service, you know, firewall de-disable or, you know, they stop the firewall because they could not get the proper port open. They cannot get the SELinux rules configured correctly. They go and disable SELinux. Bad idea because once you disable it, it doesn't remind you that you have to be aware of its configuration and then you forget when you deploy in production. So don't. That's less to you and more for people who listen in. So SELinux is not a problem to us. It's, in fact, we welcome it. We had, we had two questions that were popped up in here. I'll just read them out for everyone just in case they, you just mentioned a couple of clouds. Why would a company choose, that is said, over AWS, KMS, EKS, ECS for cloud container Kubernetes data and corruption? That's, that's a good question. So let's talk about AWS KMS for KMS is short for key management system. Key management systems have been around for a while. We've, I mentioned that we worked on some of those. And that was before the KMIB, well, key management interoperability protocol, also known as KMIB, has been introduced sometime ago. And that's really standardized how key managers function, what type of APIs they expose, what type of features they provide. Now, AWS KMS, for whatever reason is chosen not to be KMIB compliant. A few years ago, they said they would work towards KMIB compliance. I'd like to see that actually happen. But the biggest issue with AWS KMS is not so much with its feature set or its functionality or its compatibility. The biggest issue is that you trust your data to the cloud provider, not so much so you encrypt your data, right? You protect your data, you essentially put it in the cloud, but you put it in the same. And then you turn around and give the keys to the safe, to the same cloud provider you've just given your encrypted data to. Now, the question is, did you just encrypt because you wanted to say that you're encrypting your data? Or are you really concerned about the security of your data? And if you are, why are you giving your keys to your cloud provider? So AWS KMS, great. AWS is trying to lock you into their ecosystem, but giving you all the services, including the key management system. But if you're serious about your data, don't trust it to the cloud provider. And if you're encrypting your data, don't trust your keys to the cloud provider. Why would you choose that a set? Because that's exactly what we do. You have my it maximum nailed it on the head. I mean, listen, I think we all know it's either client side or server side. And right now, and that's fine. I think some people are fine with AWS. But I how many people enterprises out there are going to be 100% in the cloud? They're more than likely still going to have some they're going to have a hybrid environment. They all are. I don't think anyone 100% trust AWS. They'll even tell you it's a shared security responsibility. And with that in mind, why wouldn't you at least control the data protection of it? So when you as soon as you get into that environment, which everyone is in management console comes in management console on a client side, manages the on-prem and the virtual there. And we also touch the AWS KMS and are able to encrypt and manage what's up there. And you're still able to manage and deal with it on the client side. I would want the crypto and the keys with me. I don't want them with them. I there are plenty of value ads that AWS has a question in the security one when the vendor says it's a share of responsibility. That means they can point a finger at you. And I'd rather you control it completely on-prem. That's that's my two cents about it. And one other thing, if you do, sorry, Maxim, if you decide to do two, which multi-cloud, now you're really what are you going to do? You're going to have two different key managers. And then you're going to try and bring that all together. Well, let's just keep it on-prem. Use the management console again. Touch Azure, touch Google, touch AWS, and then you can consolidate your policy for data protection in one place. Okay. Did you have anything else? I was just going to say, I think EKS, ECS for why would you use ZSAT for cloud native data protection? Well, because ZSAT does not tie into Amazon cloud. You can encrypt in any cloud. So you're getting multi-cloud or cloud agnostic right there. Okay. Well, but I mean, aren't there a million companies that do what you do? I mean, everybody's a security vendor. I'll just rattle off some of our other good friends, partners. You know, you've got Tremolo security, Aqua security, CyberArk, Endpoint security with McAfee. Like how many of our partners overlap with what you guys do? Very few actually. In fact, we've looked at the landscape. We have an interesting slide that kind of lays down the landscape for specifically in that case, container security. And there's so many facets to container security that it starts with securing container images. Then you have to secure credentials. You have to secure the continuous integration, continuous development pipeline. You have to maintain security while you deploy in production. And it's interesting to see that lately, well, not lately, but just with the rise of Kubernetes and containers, the security focus seemed to have shifted from, well, the security focus seemed to have shifted to securing the container runtime, container images, basically establishing trust in the environment. My fundamental question there is, well, isn't it all about securing the data, ultimately? I mean, it's lovely to say I can trust my container stuff. It's great to say I'm certified and I'm secure and I know that there hasn't been a code injection into my container stuff. But, well, what if my data is compromised? What if my persistent volumes are compromised? Isn't it all about the data? And so with the security landscape there, it's a little bit like Unix. Everybody bring their own kind of piece of pie to the potluck. It's a little bit like Stack Robes does something. CyberArch does something. They focus on container image scanning. They focus on runtime analysis. They focus on compromise detection within the container stack. We focus on securing the data. If I can round out what Maxime is saying, I think when the container world came along in the adoption of it, everyone was focused on some level during the DevOps process of the integrity of a container. They were not focused on, like Maxime said, the end game is no matter what, if you have a bad actor, they don't care just about getting into a container. They care about getting into a container to get to the data. So it would seem that everyone, and I totally get it, we live in a capitalism society and the opportunity was containers need to be protected. But the end game is to get to the data. And I think that's been forgotten a little bit and we fill that gap. To your point about partnerships, we partner with all of them in fact, because if you have, you need container scanning, you need integrity. To your point, we were working with StackRocks even before they were acquired by you guys. So now when you add those guys and then you add CyberArk for credentials and a couple other items, we now have a really tight little bundle. And in fact, we're just coming out with that. And we have a couple of trial customers that are looking into it between OpenShift, your new advanced cluster security, otherwise known as StackRocks, CyberArk and us protecting the data. It's been well received. And we're looking at a couple different trial deployments within the next quarter or so. You know, I didn't want to bring that up, but I thought I thought I'd talk about the elephant in the room. You know, when I started here in 2002, we made Linux. We didn't compete with anybody except Sun Microsystems. And, you know, of course, since we once we bought JBoss, and we had to start competing against Oracle and then we had to compete against IBM and we had to compete against Microsoft. And at the end of the day, we're still here and firing on all cylinders. But now that we're a platform and we have a full platform portfolio of management, security offerings. Is there any competitive overlap between the Red Hat StackRocks component and ZetaSet? Or how would you, is it more of a complementary solution? It's a very complementary solution because, you know, StackRocks provides container security. We provide data security. In fact, StackRocks is integrated with the advanced cluster management now. We're in the process of integration with advanced cluster management. So we compliment each other really, really well. There's really no overlap whatsoever. Tim, you wanted to... Yeah, I think one of the items you said was there's Mike looking back on the different flavors that are out there. We like to, some people say, kind of like Maxim said initially, they're porting old defenses, old data protection thoughts. Hey, let me just use, I'll give the evil empire, I joke about it. But if you have VMs and you turn around and you want to encrypt them, that's great. You're encrypting a VM, but that's not granular enough. You want to at least get to the persistent volume. Do you want to get any deeper than that to the file folder? So again, this is more like a Goldilocks. Do you want to use... This is what the comparison I make from my own family so they get it. Would you rather, if you look at it as a beach and sand. The beach is the likes of VMware vSAN encryption. The other end of it is a grain of sand, which is file folder. And where ZetaSet sits is the persistent volume itself is a bucket of sand. So which one do you want? Do you want minimal access, maybe too little? Or do you want too much? And we feel the bucket of sand, which is the persistent volume, is the optimal place to do it. And doing that around Ceph. It's been well received within the various organizations within Red Hat. We talked about your competitors. What about all the security problems that are going on around in the world? I mean, are there more now than ever? And is it because of distributed computing and multi-cloud? Or is it just because Twitter and the news channels are faster? Are the security threats and problems accelerating and becoming more prevalent? Or do we just know more about them? Maxim, you want to go first? Yeah, it's actually both. Well, we know about more of them and we learn about more of them faster because the media acceleration and the social networking and all the other ways to reach the audience. Security problems were always there. But make no mistake, the computing power increases exponentially. The storage capacity increases exponentially. It's pretty much boundless. And the ways to compromise it, that also grows. Talk about brute force setups. Brute force setups require massive computing power. Here you go. You have access to that computing power now. Your mobile phone is more powerful than some of the servers back in the day. So now you use mobile phone to brute force things, like simple passwords. So just as security shouldn't stand still, just as the data evolution and the computer evolution doesn't stand still, so are the compromises, the bad actors. They don't stand still, they progress. And on top of it, all these modernized environments, you know, more parallel computing, like you said, microservice oriented architecture. Think about every container as a potential attack surface that could be compromised, right? You used to have southern computers in a large data centers. Now you could have 10,000 containers in one Kubernetes cluster and you can have multitude of Kubernetes clusters. Every one of them is literally sitting there waiting to be attacked. Well, hopefully it's doing other things as well. But there's always somebody knocking on the door, always somebody scanning the ports, always somebody brute forcing the passwords. It just never ends. Data is the new goal, they say, the new oil. I kind of, I have, there's one presentation I've done where you look back at the Tower of London. It slowly and slowly grew bigger and bigger because they had to protect all that treasure, all the crown jewels. But the whole time, people were still trying to knock down that door. And I think back then it was a little harder, but now with all the different factors for powering it, like Maxim just said, the temptation is so great, it's never going to end. And we have to, it's a cat and mouse game. So how do we prevent what we can with our products combined with other products? And I think that's why we always like to say we're a solution cell with others and we partner with others. But at the end of the day, if the platform for OpenShift and containers is to touch the wealth of data, zettabytes of data, we're going to need to protect that. We're going to need to use StackRox or Advanced Cluster Service. We're going to have to use CyberArc to watch credentials and hold things. So yeah, let's keep scanning. Let's keep expanding what we touch because the only way you can find the data is if you touch it. And we like, if OpenShift is touching all this data, then we got to be there. We have to be there. And by itself, OpenShift won't, we don't want to see bad press for you guys, nor do I want to see bad press. And that's the best way we can do it is let's protect Kubernetes. And I was going to ask about that. I mean, Kubernetes and OpenShift are not synonymous. I mean, OpenShift is a Kubernetes commercial offering. There must be other vendors out there that you work with besides just OpenShift. Yes? Yes. Yeah, we feel that, yes, if you're going to protect data, you have to be somewhat agnostic, right? Sure. So yeah, we are definitely, we're part of the Cloud Native Compute Foundation. We're attending KubeCon. Hopefully, I get to speak and we'll talk about some of the items there. And yes, that's all agnostic. We're talking about fundamentally Kubernetes and we want to see it move into production environments. And yes, we feel that Red Hat is probably ahead of the game compared to some of the other guys. And if you're pushed, and I heard it again from your CEO on his conference earlier this week, it's about hybrid. It's about AI. It's about software and moving to the cloud. And in all those cases, what are they going to do? They're going to deploy OpenShift to do it and you're going to need to protect the data. And I think that's the fundamental piece of our partnership. And regardless of whether it's Kubernetes, and I would hope some folks who have Kubernetes realize that they need an enterprise wrapper, because ultimately it becomes so sophisticated, it's hard to do themselves. And I know that's where your value comes in. And along the way, we want to be there as well. We have three minutes left. We didn't even get to half of the fun topics that I wanted to bring up because frankly, I just, this was just, this was great. We have a podcast series that we do. It's called Behind the App. It used to be called the Red Hat X podcast series, but then actually I started it about four years ago. And then Red Hat Corporate found out about it. It was kind of flying under the radar. And so they've been doing a really good job on finding all these rogue things that are going on in Red Hat. So we're now taking our podcast series that's being merged into the fold and it's going to be called Behind the App. And I'm wondering if maybe you guys might want to come on sometime and we do something like a War Story Wednesday. I'm kind of thinking that there could be a whole conversation around what do you folks see customers or prospects potentially making poor decisions and planning on going down a certain direction and then making, you know, grave mistakes and having to turn around and start all over again. I would imagine that most companies I deal with have those types of war stories and I know our listeners want to hear those types of things. So if you guys want to come on and do a podcast with us about that, I think it would be great. Absolutely. And I'll see that with the thought that I think is critical. There are so many security problems that we're hearing of lately is that oftentimes security unfortunately isn't afterthought. People design environments and they think, are we just out security later? Security isn't afterthought. It's a really, really bad idea. It's a lot more expensive to add. It's going to be a lot weaker. So I think this is where we would be grateful to come on to the podcast and then talk more about that. Yep, I'm going to throw up the gratuitous last slide, Tim. I know that I'm going to say start from the current slide here. You talked about, is my screen being shared? Not seen yet. Not seen it. What I'm going to now do is I'm now going to learn how to share screens. How about now? Is it working now? We do. So you folks are planning on being in LA out at KubeCon? Is that right? Correct. Yes. Are you going to be on the floor and have a booth there? We do. We have a booth. And like I said, I'm waiting to hear if I awarded a speaking engagement. I believe we're also in your open shift comments. Did I get that? Yep. Yeah. Diane Mueller is a terrific person. She's unbelievable. So yeah, I'm still waiting to hear back from the corporate team on what our policy is about going and being there in person. Hopefully we'll hear back soon. I'd love to stop by and check up with you guys at the commons event. And also on the show floor. What else is going on here? Anything super exciting coming up? You guys IPO-ing next week or anything? You have your own customer conference or something? Yeah, that would be great. I think the environment is great. But I think we need to get a little bit more left with you guys in different areas beyond just the red hat. It's coming. It's coming. But one thing I will say, what's interesting is we just came out with a root OS encryption on that partition, which was something that when we looked into it, we were getting asked about the encrypt everything view of the world and everything on a server. And what you found was people are encrypting all the partitions with the data. They weren't encrypting the OS. And as we went around and looked, for whatever reason, all of that was pushed to the end with laptops and desktops and workstations. When it came to enterprise servers, it was missing. And we just finished up the product. We have our first customer. I'd love to say who it is, but we'll have to wait until they allow us to announce. But I think that's a whole other level. And to Maxim's point, encrypt everything and that includes the operating system. Great. Well, Tim and Maxim, thanks so much for coming on today. We literally need to do this again sometime. I want to get into all the, all the actual applied implications of poor security practices. I know you, you know, when you and I were talking about the pipeline and all the other stuff and see how you folks might be able to help with that. But we are out of time. And my producer is going to, going to give me the hook here. So thank, thanks for coming today. This was great. It was a really, really easy conversation. You know, I, I usually get a little, get a little tense before we go. And I'm like, oh, this is going to be like such an easy conversation with these guys. Thanks for having us, Mike. Okay. Well, until next time, Michael, wait when we're signing off. Have a good one everybody. Take care. Take care.