 Welcome back to SuperCloud 3, everybody. We're here exploring the critical issues around cross-cloud security and the impact of GenAI and LLMs on this space. And it's our pleasure to welcome George Kurtz back to theCUBE. He's the president, CEO and co-founder of CrowdStrike George, good to see you again. Thanks for making some time for us. Great to be here, thank you. Yeah, let's dig into the state of security as you see it today, zero trust, AI, all the big themes. What are you seeing out there? Well, I think it starts with how dangerous it is in the cloud environment, what we've seen over the last year, 95% increase year-over-year in cloud service exploitation. And the cloud obviously has tremendous benefits and can be secured, but what we have to start to realize and accept is that the adversaries have figured out that the cloud is a great opportunity to exploit services, gain data, and ransom other organizations. So that being said, then there's a host of security technologies out there. We talk about zero trust, we talk about cloud security posture, management and workload protection. We can go on and on, and I'm sure we'll get to some of those, but a lot of the technologies that we have come to rely on in traditional environments either need to be redone or kind of reconstituted in the cloud environment. And that's obviously an area that CrowdStrike has been pioneering and spending lots of R&D dollars on. So when you think about your vision for CrowdStrike in the context of multiple clouds and this accelerated awareness of AI, you kind of just alluded to it, but how has that vision evolved or changed? Sometimes people talk about pivots. I don't think you've pivoted, but maybe you could add some color as to how you're thinking about the future in this sort of new era that we seem to be entering. Jordan, one of the things, as you know, when we started the company, 2011 was really focused on stopping breaches and creating what I call the sales force of security platform. We've successfully been able to do that. We've got lots of large enterprise customers and many, many small SMB customers and everything in between. But when we think about cloud, obviously, that has been an emerging technology where organizations have adopted cloud infrastructure, have moved their data centers, have gone through digital transformations. And I can tell you, when I started the company, we first started in Amazon and it was pretty scary for a lot of customers to think about our infrastructure in Amazon and now people don't think twice about that. Many of the largest companies in the world are part of that or part of some other cloud. But that being said, the clouds have evolved over time from simple hosting files and hosting simple workloads to much more complicated workloads and just the development process from Code to Cloud has matured over a number of years. So in each of those areas, there's an opportunity for mistakes, there's an opportunity for vulnerabilities, there's an opportunity for the adversaries to exploit that and gain a foothold or advantage or steal data, what have you or disrupt an infrastructure. And we've evolved with that in protecting those workloads. The original workload that we protected really was something like a desktop and a server. And now that form factor is just slightly different in the cloud, but it's still a workload. It may exist for a 10th of a second, but it's still a workload or it may exist as a virtual machine for a couple of years and not to be touched. Doesn't matter, we still have to protect it. Yeah, so a couple of things that I want to explore. You mentioned digital transformation. It's still there, it's not like that went away. We just don't talk about it as much in the last six months, but it's coming into focus actually with AI. And you talked about developers. It's almost like the cloud has become the first line of defense. And then you have a lot more constituents involved in securing not only the SecOps team, but you've got developers, audit is sort of the last line of defense. And then the board's involved, everybody's involved. It's a sort of whole house thing. But I want to come back to developers because developers want to get code running on one machine. They want to perfect it and then deploy it in the same exact environment, ideally. It's so much easier to work that way. You think about multi-cloud security. Take a simple example you mentioned when you first onboard AWS or Azure, customers are going to spend hours, maybe even days they're going to create permissions. They got a hierarchy of roles in each environment. And as you point out, this means configuration errors. You got containers now to worry about, which are sort of a newer trend since when you started the company, even though they've been around forever. And you got to do that across clouds. So how do you deal with this problem and create a common experience for users, what we sort of use as the metaphor of super cloud? How do you think about that? Well, we think a lot about it. And I think you really hit on one of the core points. You have a lot of companies that will go multi-cloud for a variety of reasons, many times for costs, just to keep kind of vendors in line. And part of the challenge is that each cloud vendor for the most part only manages their own infrastructure. One of the things that we focused on, and I think successfully is to allow our customers to be able to secure and manage those cloud workloads and their configurations and posture from one console. Doesn't matter which cloud it is, we're able to do that. Doesn't matter whether it's internal, external, somebody's Azure, AWS, GCP, and it's all the same. And I think that's a huge benefit to customers from a cost and complexity perspective and something that has really resonated with them and it's just the fact that we're able to focus and harmonize all of the controls across every cloud, even though they're a different way to implement those. It's a huge time saver and money saver for our customers. So I got a couple of questions on AI. First one is, can you just take the audience through your AI journey? It's not like I joked off camera that was invented nine months ago, of course AI wasn't. It's been around for a long, long time. But now as people touch things like chat GPT, the minds explode with things that they can do with it. But when did your journey start and where is it today and where is it going? It really started at the inception of the company. As I said, I started the company late 2011 and part of our overall goal was always to be able to prevent these sort of malicious activities without using things like signatures. So when we think about AI in particular when I started the company, what we're using, it was really supervised and unsupervised machine learning first focused on file types, right? So we would look at a file, look at 5 million different data points within a hundred milliseconds and basically compute the probability whether that was a good file or bad file. And obviously that's evolved over time, but that was pretty unique in the early days rather than just having a database of signatures. That's evolved into machine learning and AI specifically around behaviors. And one of the things that CrowdStrike we pioneered was attack indicators, right? So we look at these chain of events and we're able to chain all these events together and by themselves, a particular event may be okay, but when they're chained together, they become an indicator of an attack and we can do machine learning on that. And then that's evolved over time into things like generative AI, which we announced a couple of months ago with Charlotte AI. And that is really, I think, gonna change the industry. It's just gonna change the way organizations work, how fast they can actually get their job done and change their workflows from what we would call kind of a point click workflow to a generative workflow, which will be much more interactive with Charlotte AI. So the idea behind that piece is to really take the collective knowledge. If you think about ChatGPT, it's taking the collective knowledge from 2021 of the internet, put it into one spot. We're trying to take the collective knowledge of the CrowdStrike best security analysts for over 10, 11 years of doing this and put it into one virtual analyst we call Charlotte to make that available to our customers. So can you talk a little bit more about Charlotte? Because a lot of companies have, so how are you doing it using sort of your own, LLM, open source LLMs? And the other part of that question is, a lot of companies are saying, hey, we don't want our IP to leak. Although I would imagine in security, you're okay with some data, quote unquote leaking because you want to share it. So how do you think about the balance between having your own sort of proprietary LLM? And when I say proprietary, I mean not using ChatGPT versus being able to share data with some of your constituents, not just your customers or other sort of partners, like a mandiant for example, but even potentially your competitors. How do you think about that? Well, it's a good question and it's one that we've been focused on solving as many others. And in particular, what's important is the kind of the private data and the questions that are being asked you want to be able to compartmentalize that. So we've been working several of the larger LLM vendors in different models where we can protect that data but still take advantage of what they built. And I think over time, what you're going to see is that the LLM itself will be commoditized and it's really going to be about the data itself and how do you interact with it? And that's one of the areas where we've spent a lot of time over the last say 10 years in curating the data sets that we have where we have human annotated attack chains. So as you probably know with chat GPT, there's a lot of time that's actually spent with humans kind of training it and making sure it doesn't have what they call hallucinations which is really just bad information. So the fact that we've annotated this over the last 10 years, I would love to tell you that we did that in preparation for this but it was just a kind of a byproduct of how things operated, which really makes the fact that we believe our data and the training set available to it is going to be the best in the industry. So we're going to leverage, we can talk more about that but we're going to leverage more of the LLMs that are out there and a variety of those, big ones, small ones, the ability to make critical information private but still leverage it. That's all part of the design process for Charlotte. Okay, so totally great. It's all about the data. That's really where you're going to get your proprietary advantage. And I'm inferring from what you said that if there's a LLM that comes out that's on cloud A or cloud B, you're architecting your system so that you'll be able to take advantage of it. Is that correct? That's correct. It's almost, I would say LLM agnostic. Each of the LLMs that we've been using and there are multiple ones that are out there, they all have their advantages and disadvantages. So rather than just pick one horse and go with one particular provider, we're going to curate the data in a way that we can leverage any of the LLMs that are out there. And what we found is that some of the smaller LLMs actually give you better results because of the way we operate is very specialized. So we want to be future-proof. And so we've created in a way that we can just kind of plug and play the LLMs into the model and we're going to get the best results for our customers. So I want to make sure I'm not hallucinating here but it feels like, and you've got a long history in tech as a technologist and a leader. You know, we always talk about how, and we've talked about this for decades, is how things are compressing, the timeframes are compressing. And it seems like with gen AI have never seen such rapid advancements, 3.5 comes out and all of a sudden four comes out, then four is made widely available and then competitors are coming out and then things seem to be happening at a much more rapid pace. How real is that in terms of substance that customers can actually take advantage of in your view? Well, I think the first, the answer is I think it's real, but let me give you a little color on that. I think the first kind of iterations on this for many of the companies are, well, that's really cool. How do we leverage that within our business and how do we save time and money and give customers a better experience? And that's kind of what everyone seems to be going through right now. The fact that these LLMs are built out, you know, and it's 2023, you've got great APIs interact with it. Just trying to get access to them is hard enough because there's so much demand. But I think it's in the early innings of what can we do with this thing and how do we monetize it? And then from there, you'll see more mature offerings come out that are really solving specific problems. And again, I would say it's time and money. Obviously the skills shortage in security is huge, which is why we call Charlotte the virtual security analyst because you can't hire enough really good ones and they're super expensive and they're hard to keep. So by, you know, by my view, it's in the early innings and then now everyone's going to be focused on, well, how do you actually monetize this down the road? And that's, you know, I think that's what everyone is figuring out. So the big question we've been asking all of our guests is do you think artificial intelligence is ultimately going to be of greater benefit to attackers or defenders? And it's about obviously getting a lot of balanced sort of yes, but answers, but I'd love to get your perspective on that. What do you think? It can be used for good and bad, just like almost any tool, take AI out of it. I mean, there are many things that can be used for good or bad. We've been tracking adversarial AI for some period of time and, you know, that's just trying to work around existing controls, AI controls that are out there now. And I think when you look at adversarial AI and generative AI, which I would say one of the areas that I think is critical is the ability to actually compress the timeframe for exploitation. So think about this, you know, zero day, Tuesday from Microsoft comes out, you know, once a month. And overall, what we found is that it takes some period of time to be able to reverse engineer patches and create exploits and things of that nature. And it's actually very specialized. You have to be very skilled in doing that. So you can take something which is very time consuming and specialize and leverage a generative AI model to say, okay, every time there's a new Microsoft patch that comes out, reverse engineer it, create an exploit and then start to build that into the exploit toolkits that can be monetized as part of the gray market. I mean, those are the kind of things that we're going to see. Last question, how does, how do you think about competition? I'm interested in how you compete with not only other security providers interested in that, but also cloud providers. There's a spectrum. You know, look at Microsoft is much more competitive with CrowdStrike, for instance, then say Amazon. And I would never say never with Amazon, but generally speaking, you know, Amazon's leaving a lot more meat on the bone for ecosystem partners like yourselves. But how do you think about competition? What's your unique differentiation relative to both pure plays and cloud providers? Well, as I've talked about in the past, we've had a long standing relationship with AWS and a great relationship there as a partner and a customer. But when you look at the various cloud providers that are out there, including GCP, we work with them as well. We have many customers that are on Azure. I think what is important to realize is that CrowdStrike gets up every morning and sleeps and breeds security. That's what we do. We're not an OS provider. We're not an application provider. We're not a cloud provider. We're a security provider. And one of the areas that I touched on earlier in the conversation was really around the fact that we can do this across all clouds and harmonize the controls in one single pane of glass, rather than nine different consoles. And it's very specialized. So, I think the cloud providers have some base level of security, some more than others, but I think it's incumbent on companies to choose someone like CrowdStrike that is really focused on this area and that can go very deep and harmonize this across all clouds to make it work super easy, simple and cost effective. And I think that's obviously one of our big benefits. We've been at it for a long time. We've got a born in the cloud platform and we can work across all the clouds in a very agnostic way. Well, history would show that focus works. It seems to be working for CrowdStrike and thank you for bringing it back to the single pane of glass in SuperCloud. George Kurtz, appreciate your time. Thank you. All right, keep it right there. This is Dave Vellante, John Furrier as well. More action from SuperCloud 3 from Palo Alto.