 Live from the Sands Convention Center in Las Vegas, Nevada, it's theCUBE at AWS ReInvent 2014. Brought to you by headline sponsors, Amazon and Trend Micro. Hey, welcome back everyone. We are here live in Las Vegas for Amazon ReInvent. I'm John Furrier, the founder of SiliconANGEL, my co-host Stu Miniman at Wikibon.org. We are on the ground, blanket coverage, all the action here at Amazon, slew of announcements, huge tsunami of news services every year. It's the cadence of the Amazon way, which is more and more stuff, goodness for developers, now certainly the enterprise. And really going mainstream is the big theme here. Navy Jassy really got to spring in and step up on the keynote today, highlighting some awesome innovations of how developers are using their tools quickly with MLB, obviously giants, the highlights were great, and also medicine, curing cancer, things of that nature. So, people are running their business now in the cloud. Every year it gets stronger and stronger value proposition. And our next guest is Mark Nunnicoven, Vice President of Cloud and Emerging Technologies with Trend Micro. Welcome to theCUBE. Thanks for having me. We really appreciate you guys coming on because security is the big thing. So you guys have been not a new player to security. You've been in touch points everywhere from PC, old days, LANs, networks, internet, inside the data center, now with cloud, I mean the game changed. I remember you guys talking Trend Micro even four years ago, perimeter less security was on your radar. So it's now finally on everyone's radar, right? So what is all this? I mean, what's going on in security? You guys certainly a tier one sponsor here at the show. What's going on? Give us the update. Yeah, so we're obviously a long time AWS partner. We're excited to be here. We've been in on the ground floor with AWS. You'll notice most of their programs, Test Drive, AWS Activate, we're all either the first one out of the gate or shortly thereafter. We love the platform because it enables so much new and exciting innovation in technology. And obviously security is a concern of that. But the important part of when you're dealing with security in AWS is security, while it's important, it's not the focus. And we really try to mirror that approach that the focus is for MLB. The focus is on delivering that fan experience, that amazing integration of stats cast. I was just blown away by seeing that. And obviously you want to keep that data secure. And that's a critical component. So we want to enable that and allow people to build tools like that. I mean, it humanizes the MLB example is great because to me, I mean, I've retweeted, you had me at hello, you know, I'm awesome. Love Amazon. The demo alone was badass. I mean, just like, it's just a geek's dream, right? And a fan's dream. So, you know, it speaks to the fan experience. That really highlights the consumerization. But under the covers, MLB is running a large scale global operation that they're now servicing other industries. They talked about ESPN. So again, the cloud gives you that evolutionary perspective. Absolutely. So talk about that because in the old days it was you picked your, stay close to your knitting, you know, Rockefeller, did oil, J.P. Morgan, Carnegie did steel, that's what they did. Amazon's different now. They're doing, they're morphing. And their customers are morphing. They are. And they've taken a fundamentally different approach. So Andy mentioned it this morning on stage. They haven't ever announced a price increase, right? They're very customer focused and they want to earn your business hour after hour. It's absolutely crucial for them to have a positive customer experience. But I think the really important thing here is to look at the technology and the solutions that people are developing. So, you know, to take back to StatsCast, you know, and as a Canadian, I'll just say NHL, where are you? You know, I'd love to see that influence in hockey. But for MLB, you know, five years ago, no one would have ever conceived to be able to deliver that type of a real time analysis service because you don't have that infrastructure. Nobody's going to okay the investment of, you know, multiple tens of millions of dollars to create something that might or might not work. Whereas with AWS, you can start small and grow it out and create a revolutionary service like that that, you know, it blew my mind when they showed the what if scenario, if the runner after the hit had actually continued to accelerate, it would have been a completely different play. And that's- The what if scenarios alone were awesome, right? Certainly don't slide into the first base. It was proven that they had the velocity, but they had other people on the field looking at their position to break to the ball. And so you're in the situation, baseball situational sport as in business. So very interesting, fascinating piece, but it brings up the whole, what does it mean for business? So what's your take on that? I mean, if you're a customer and you look at that, you say, okay, what does that relate to my business? Sure, and I think what it is is you have to completely sort of shoot for the stars, right, anything you can kind of dream up is possible now at this scale because you can start small and grow it out and with the Aurora announcement this morning for RDS as a database. Here you've got a compatible with MySQL, which is widely distributed open source tooling. So there's tons of support there and developers are already familiar with it. But now you can leverage AWS's powerful backend to get performance that you only got with a highly tuned, very expensive proprietary system. So it opens up a whole new realm of possibilities for your business, whereas a little guy, you might have never shot for that kind of a solution to say, well, we're never going to get there, we can't afford it, we can never grow that large. And now you can start small and go big and there's no excuse not to be shooting for the stars on that. Mark, so can you speak to what has Amazon's tremendous growth done to transform the security industry? I think back 15 years ago you built infrastructure and you secured it by locking the door on the rack, it built out to securing the perimeter and now it's in the cloud and I need to think about security differently. Can you speak to, what have you seen over the last couple of years and how big of a player is Amazon in that security ecosystem now? Yeah, well the easy part of that is they're a monster. The Gartner Magic Quadrant says it all, they own the market share in the cloud and I think what it's done for security is it's changed that conversation. So security in the AWS cloud is a shared responsibility. So it's a mind shift for security folks, whereas as you mentioned before, we used to be able to draw a very clear line around this is mine, stay out of my sandbox, this is the area I'm going to protect, here's how I'm going to build a strong wall. That's gone, right, just poof, gone. Now you need to understand how AWS contributes to the security and then what you need to do on top of that. So for most services like EC2, they secure everything up to the operating system and then it's your responsibility to go beyond that. So you have to secure your operating system, your apps and your data. Once you understand that, you can actually end up with better security because you have to focus on less. So you can use the same amount of resources you've got, same team, same budget, to accomplish more. So it's a security win once you understand it. Okay, can you unpack for us a little bit the announcement today for the key management? How does that fit? What else are you looking for that you expect Amazon to add on to the security portfolio? Yeah, and key management is a great announcement. It is very much a win for users. It's an interesting announcement for Trend Micro as a company because we do have an encryption product with key management there. I think it's a smart play on AWS's part. It's a fundamental service that helps people secure their instances better. So we knew with S3 encryption, most people used it simply for compliance because it was a checkbox and there was no control over the keys. The announcement of the KMS service this morning gives them control of those keys and now that extends to EBS volume encryption as well. So obviously, as a partner, we have to walk this line of supporting them, but I think it's very complimentary because for us, there are still consumers who have legal requirements that they have to maintain their keys on-premise, whether it's a regulatory or a legislation that requires them to do so. So there's still room for us there, but I think this service is going to do, it's the most important piece of this service is that it's going to get that capability into more people's hands, which means more people are going to have stronger security and that's just a win. All right, so Mark, I'm wondering if you can respond to this. Everybody looks at Amazon and says, how are they going to partner? Are they going to take over your business? At the analyst session yesterday, we asked Andy Jassy what the ecosystem means and he says, we're looking at better engaging with our partners ahead of time and allowing them to integrate and that Amazon wants to give the customer's choice and not to squash everyone and that this is not a winner-take-all. So would you agree with what Andy said? How is it as a partner, did you get good advanced notification on the key management and have time to sort out how that portfolio worked? Well, I'm not going to tell you if we got advanced notice or not, but I will say that what Andy says is very, very true. Partnering with AWS can be challenging simply because of the pace of innovation. So I was speaking with Jeff Barr and he was saying how many blog posts he's done this year to announce the features. As a partner to try to keep pace with that is very difficult, but it's good because it challenges us to grow as a company. But I think that the misconception of winner-take-all or it's a smaller pie because AWS is in a space, I think that it's really incorrect. What it is is the pie is just different and it's bigger. So there is room for all of us to play and AWS is a fantastic partner as long as you're willing to accept some cultural change internally. And that's not always a smooth transition, but if you can embrace it and go for it, it's worthwhile. Yeah, so I had some comments last night. I was hanging out with some people and they said, you know, how's it feel to kind of span some of the new world? And I'm an infrastructure guy background, go back and deal with some of the on-premises stuff. Trend Micro spans those environments. How are you guys changing organizationally? Do you have two sets of kind of customer people that deal with the kind of cloud natives versus the server huggers or? Yeah, so we have, we view our company in three chunks and one of those areas is cloud and data center. And we do deal with customers who have hybrid environments or dedicated environments, but I think what a better example is is we're not only an AWS partner, but we're also a very large AWS customer. So we've undergone this transition internally. We have, I think, six at last count data centers globally that we run services out of and we run our own IT infrastructure. And over the last two or three years, we've been transitioning more and more of that to AWS where it makes sense for us. So we've been undergoing the same change that our customers are. And yeah, there are bumps in the road. It's not always smooth sailing, but that's a reality when you're taking any large IT infrastructure through any migration and there's going to be some challenges. But if you can embrace it and convince people there's a lot of education. I forget to see where there's a technology challenge. It's always education and sitting people down and understanding where they're coming from. So I got to get your take. We interviewed Illumio yesterday. A lot of buzz. You're in the space. Are they legit? How do you guys compare? I mean, obviously they're new to the game. How do you compare to those guys? I'll be perfectly honest. I don't know too much about their solutions. So I couldn't give you an informed opinion. But if you circle back with me after this afternoon, I'll go do some research. I figure it out. I would love to get your opinion, but their premise is there's no perimeter. And so cloud has got to be secure. So that is a great premise. I mean, I think I go check the box on that. It's pretty safe premise. Yeah, for sure. What do you guys have for that area for solutions? For our customers is, hey, you know what? I've been doing perimeter for a long time. And I know I got breaches. I know I got incidents are up. And I'm going to make a huge investment in cloud and hybrid and private. I need a security plan. What do you guys offer? Sure. So the first thing that's important to note is if you try to create a perimeter, you're going to have a lot of problems in your fail, in your project. Because we've seen people who do that. They're more comfortable with that sort of classic networking structure. And they want to do that same thing in AWS. And that's not going to be successful at any size scale. What's the first thing that happens? They have API calls, they have apps loading. Yeah, so the first thing that happens as far as failure or? Yeah, they think, okay, thanks for your advice, but we're going to go with the unknown way of putting up a perimeter. Lock the front door. Yeah, it tends to end up being a scaling challenge. So they'll create this, another DMZ zone in front and they'll try to shove all their cloud traffic through these areas. And even though it can scale out, the tools aren't designed for that type of response. So what we've done is we've taken our deep security platform which is a security solution that provides a six separate modules. So we've taken the same controls that you'd expect in network solutions and put them down to the EC2 instance. And then that creates some additional challenges of how do you manage thousands upon thousands of agents. We do that centrally through a simple policy system. So we try to take the same controls you're used to and just deploy them in a more efficient manner for the AWS Cloud. Especially porting known tools to the environment of cloud. Yeah, for Amazon. And they're tools for us that we've had for a decade in this product that we've deployed in the enterprise. We're strong partners with VMware, with Microsoft, the whole, everyone you'd expect. And then they're just, they're optimized now for AWS. And you can deploy them in a manner that matches the most efficient AWS architectures. All right, I got to ask you a question as well, I was talking to the CloudNexa guy because Amazon, I would say they're a finicky partner but it's like, you know, they're pretty much, they don't do Barney deals. They don't like Barney being kind of like reference to just doing partnerships for the sake of, you know, loving each other. They're really, they're technical. They're pretty picky. So what's it like working with Amazon and give some insight into the Amazon culture and the machine? Sure, so good example, CloudNex is a great example. They're actually a partner of ours as well. And CloudNex has a managed service offering where they offer Trend Micro, App Dynamics, and Sumo Logic. But they're a, and they package that up in one managed service. But that's a great example because that's not a partner you would normally see in a traditional environment. So in a traditional environment for a partner, they'd either be selling you a kit, they'd be selling you software or they'd be, you know, normally co-locating your stuff, not necessarily managing it to the level that we see for successful partners in AWS. So the same thing applies for consulting partners and for the managed services partners in AWS as it does to us as technology partners. If you're willing to be CloudNative, if you're willing to adapt to the way that AWS looks at the world, you can be extremely successful. But if you try to come in and enforce a traditional viewpoint into this new world, you're going to be set up for failure. And I think AWS knows that from experience. So they're going to focus on a partner, even if they're much smaller, who gets it. And that's really where it's at. If you get it, you'll be very- It's really about believing. It is. It's very much about believing. It's the classic non-believers, believers. Well, certainly they've got a lot of believers out there. What else in security would you point to? For the practitioners out there who are watching, saying, hey, you know what, I got to get off my butt, I got some POCs, and I've been testing, kicking the tires, you know, evaluating, maybe a little bit burnt out to them. Like, a lot of energy going on right now in security. What's the playbook? What do you guys recommend to clients to say, okay, here's how you really want to roll out security at a large scale for the data center and in the cloud? Yeah, and that actually ties back to some of the announcements we saw from Andy this morning at the keynote. So the sort of the code pipeline overall, and I know they named one of the services pipeline, but with code deploy, code commit, what they're doing is making it easier for developers and operational folks to get their code into production. Security needs to catch up. We need, that's really the biggest thing security folks need to do, especially if you're in a traditional enterprise mindset, you need to realize that if you're not automating your security from the ground up, you're going to get left behind, even within your own organization. If a developer's able to deploy commits, so Andy had the, you know, multiple millions of commits that AWS does, something like 95 a minute, you know, just ridiculous. That doesn't happen in a traditional environment. If your security tooling and your security team doesn't think in that manner, they're just going to be bypassed, because you can't go to a business unit and say, you know, all that nice technology you're used to, you know, you're innovating in and all those excellent things that you're developing, you're not going to be allowed to do that because we need to gate these processes. That's not going to work. You need to get up to speed and you need to automate everything. What is the coolest thing you've seen here at Amazon so far in terms of the announcements, some of the early views of what's happening here? Yeah, you know, it's always interesting because I think the announcements that tend to get the less play at the keynotes are always more exciting for me, you know, and that's just my nerd upbringing, I think. You know, I'm a developer at heart, so I really like where they're going with code deploy and code commit. You know, it doesn't sound very exciting to people who don't write code, but to have constant repeatable deployments is huge. So that's why, you know, you see things like Jenkins and Travis CI, all these, you know, startups and tools around continuous integration. To have that built from the platform provider is amazing. Why is that amazing? Because it's just easier just to get off their plate, have a turnkey, scale, all the above. It's the level of integration, I think that's going to be there. So, you know, just slant back to the security angle, everything backed by identity and access management really lets you put security lease privilege into practice. So we've preached that for the longest time that users or objects only have the minimal rights to do what they need to do. In AWS, you can actually do that as opposed to just saying you should do that. Hey Mark, I was looking through your tweet stream and you made a comment that it's not just lip service that Amazon is truly customer driven. Of course, show me a company that's not customer driven and I'll show you a company that's going out of business soon. So can you give us any examples, any, you know, kind of things that you can share about what you've seen, new features they've had, something that they've really given customer attention? Sure, and a good example comes back to the question around how do they partner? So AWS for partners has a call where we get in touch with some of their key solution architects, some of their project management to see what they're considering on the roadmap, on the short term roadmap. So things that are coming out in the next few weeks. And that is very much in order based on customer demand. Then they ask the partners, what do we think? Where are we going? And then they evaluate that all in and we can ask our customers to input as well. And then they will actually read, adjust their priorities and deploy things ahead of time. Sometimes that's good, where something you want gets out faster, sometimes that's bad because you were expecting something and it's going to be pushed back a little while. But I think regardless of whether you're a little bit disappointed, that's a win because it's a direct correlation of what people are asking for. Mark, we really appreciate you coming on theCUBE and I want to just say thanks for sharing your insights and developer and the coolness of what's going on in security and best practices. But I also want to really thank you guys for sponsoring theCUBE. We'd love to get the support to allow us to go out of these events and bring our editorial mojo and opinion and analysis. So really appreciate that. So I want to give you the final word. Give us the update, give us a quick plug. Do the quick commercial for you guys. What are you guys doing here? What's the key hot buttons and share what's happening? So the big plug, I'll give you the sales, real quick sales plug than my favorite plug. The sales plug is today we launched our deep security technology available through the AWS Marketplace. So one click you can get up and running with our advanced security platform. My favorite plug is the fact that the people we brought to the show, we brought a lot of the key developers, our architects, our solution architects, all of the people who build this technology are here on the floor. We're right by the AWS booth. Come on by. We'd love to help you diagram out your solution, architects and stuff, even if it's not with trend technology, just to make sure you're doing the best job you can in the AWS Cloud. Yeah, I think that's really the awesome thing. The new marketing strategies is content. Authentic content, not the sales pitch. Yeah, you get the plug in, but really here, and Jassy said it on stage, it's a learning show. It's not a sales marketing show. It's all about sessions and learning. Well, and that's why we love what you're doing at theCUBE. You're getting the word out. You're getting the perspective of what everyone's doing here. It's fantastic content. We'll sponsor you any time. Awesome, we'll take you up on that. Love you, write a big check. You're our Budweiser, okay? ESPN had Budweiser, we'll get Trend Micro. No, in all seriousness. Sounds great. I like it. Close. Really appreciate it. Again, security's hot. Amazon really pumping themselves up with the CIA deal. Huge, huge thing. The fact that the government, which is glacier, moving speed, unintended, up and running with consumption means that this is going to be in the enterprise. So great stuff. We'll be right back with more here on the ground floor at theCUBE, at AWS re-invent. I'm John Furrier with Stu Miniman. We'll be right back after this short break.