 Hello friends, it's theCUBE, the leader in live tech coverage. Lisa Martin with Dave Vellante covering day two of Snowflake Summit 2023 from Toasty, Las Vegas. I think there have had a glut of 100 degree days, the last 300 days, I think that's changing. I think it's pretty toasty outside. I'm just excited to talk security and super cloud and AI. You know, you can't not be excited to talk about security, super cloud and AI. We're going to have a great conversation next. What if our alumni is back with us? Omar Singer, head of cybersecurity strategy at Snowflake and Niko Pop, chief product officer at Tenna Mall. Going to be talking about how customers can really centralize all vulnerability and threat data in one place and unlock that holistic view. Guys, welcome. We'll be back on theCUBE. Yeah, we haven't seen you in a year, Omar. What's new? You talked about the launch of the security data workload last year. I imagine lots of great new stuff this year. I got to tell you, we've launched no new cybersecurity products since last year. And there's a reason for that. We have been laser focused on the data platform level. And we've had a slew of releases in terms of making it faster, easier, cheaper to collect all your security data in one place. And customers have really been responding to that. Nice. Niko, talk a little bit about cybersecurity at its core is a data problem. We hear leaders say that all the time customers are talking about that. It's also a board level initiative, right? We know that, for sure. What are some of the changes and trends in cyber that you've seen over the last year that are really like, whoa? Yeah, so first, thank you for having me here today. I think there's a major trend in cyber is the realization that, you know, it's about cyber risk management. And how do you manage risk? It's a data game. So cyber is becoming a data game period full stop, which means data integration, right? And then, you know, what do you do with the data? You have to prioritize, right? You have to prioritize all your security findings across the attack surface. I can fix everything. What are the critical few? You have to correlate, you have to contextualize, you have to remade it. So the ability to bring all the data together, breaking the silos of cyber security, that's the big trend, right? And you see it all across cyber. You see consolidation because of that. That's the go to RSE, super fragmented market. So platforms are emerging to consolidate cyber security and data is a primary form of consolidation. Okay, so you're familiar, I'm sure, with this octave chart, right? Yeah, exactly. That's my location. Yeah. Okay, so I love this chart because it just sums up the nightmares. Something will happen. So, okay, so explain where you fit in the taxonomy, Tenable. So in cyber, you really have two school of art, right? You have what I call reactive security. It's like in medicine, right? You're sick, you're being breached, you're under attack, you're going to the hospital, right? You're going to the emergency room. I call it the EDR, right? Yeah. But really, there's also preventive medicine, which we know works, right? So Tenable, we're a leader in vulnerability management, which is kind of the essence of proactive security and we have 50,000 customers, a lot of trust. So we have permission to say, hey, you have weaknesses, exposure, across the attack surface, beyond your own premise, your own laptop, right? Cloud, OT, active directory, Octa, SaaS application, right? Supply chain. So that's the idea behind Tenable One, powered by Snowflake, is we can consolidate a lot of these logos and the platform is the data. You know, what if, of course, all the Tenable data, but what about other product that you have from other vendors, bring that data together, prioritize better, contextualize better, remediate better? That is the big idea behind Tenable One and what we call exposure management. We believe it's a new category in cyber and that's all about preventive security. Make sense? And I just got to say how timely this is because if in the kind of old days when all the interesting things happen on premises, security teams were focused on reacting. I'd say 80% of the effort was on responding, but in the cloud things happen too quickly and by the time you're responding, it's oftentimes too late, the damage has been done and so it's kind of flipped. Now 80% of the effort is spent on preventing in the first place, but it's very much a data problem. How, I was just going to say, I understand Snowflake's cross-cloud strategy but actually I don't. I want to double click on this security specifically. How do you deal with the shared responsibility model across different clouds? What's the communication with your customers there? I mean, I think that's the thing where the cloud can be very secure but as a customer you do have responsibility, right? It's got to be configured well, the services, the virtual machines that you run in the cloud need to be patched, that's on the customer and a lot of times. You made your configuration, your access, your privileges, you're responsible for that. Right, yes. And especially in multi-cloud, individual cloud providers might have their view but a customer needs to have a unified view if they have any chance of dealing with it, right? And that's where Tenable has the ability to identify the issues and bring them in and then also use analytics in order to prioritize them because, I mean, customers have thousands and thousands of vulnerabilities, right? I mean- You help with the customer responsibility piece, that's what I mean. Exactly, we really help with like generalized vulnerability management, right? We call it exposure management. Should I fix that misconfiguration on that workload? Well, yes, because it's sitting on the internet. That's another piece of data. Should I fix that vulnerability on your laptop? Yes, because you're a highly privileged user. Should I fix that OT problem on that host-human interface, right? And so on and so forth. So you can see the size of the problem. And by the way, which one do I fix first? Which one is more critical? So you can prioritize. Yeah. You got to do it. I just met this morning with the CISO of one of our customers out of Atlanta. Fluent to some, which is already fun, right? Here's a security leader coming out to a data conference, right? It's very nice to see it, very encouraging. And what he shared with me is the reports that he shows his leadership and the board around the security posture, how things are trending, take them a week to create. And so once a quarter, they present it to the board, spend a week preparing it, and guess what? As soon as they finish preparing it, it's out of date. Things are changing so quickly, right? How do we enable that security leader to have a near real-time view into what's the matter in the environment? Are they resolving the issues, right? Before it's too late? Yeah. That data today is intangible, inactive directory, in cold strike, in-sneak. I got to get all that data, massage, heat transform. I mean, that is the silo, right? Issue. I love your verb, un-silo, right? And that's your tagline, we have the same tagline. You've got to un-silo your chart, right? You've got to un-silo cybersecurity to raise our game. You know, we're not going to raise our game and win that war, or at least get better, right? Without, you know, breaking the silos, for sure. To un-silo sounds complex. How do customers lean on Tenable and Snowflake to help them do that? And what's the realistic timeframe in which that can be done? So they can get a perspective on the risks and the threats and turn that dial down. So we have a scoop for the cube. All right. Tell them, tell them. Okay, well, two things, right? This guy basically have an amazing platform, right? All the security vendors have APIs, all of them. You can use this API to ingest these silos into one data cloud. Once you have the data in there, you know, snow pipe and all these beautiful things, right? You've got access to the entire stack, right? You can SQL, Python, you know, correlation. You can do the ML, now the LLM, right? We heard on the first day, everything is available there. Even better, right? That data can be shared. So you may already have that data in Snowflake, and you know, it's just one point away to be shared. So their infrastructure, remove all the plumbing that a cyber security company like Tenable has to build. I spent the last one years building plumbing. We want to focus on what we do really, really well. We're a cyber expert. We don't want to do plumbing. They take all the plumbing away. So we love that, right? We get much, much faster. And the data is only one view away from us accessing it and adding the cyber value, the prioritization, the contextualization. And you can share that within an organization or outside of an organization if you want. Exactly. And or across clouds. Absolutely, I mean that's one of the things that we're so excited about from Tenable joining the data cloud is that they have all this very important information around what does the enterprise have to protect? How's it going with locking it down and all that? And now they're making it available and that's the scoop that we have for theCUBE today through data sharing, which means removing the friction. I don't need to go out and build that plumbing, integrate with API, bring it. It's just showing up in my Snowflake and now I can get to the important part, which is analyzing it. That's why we're so proud of the work that Tenable is doing. We awarded them the Cyber Security Partner for the year award and it's just phenomenal work that Tenable is doing on Snowflake. Would I give you an example? Yeah, yeah, please. Because I think that's really telling. You remember Loc4j? These are good for a team, right? Who could forget? Everybody won, like the entire world stopped starting scanning, right? It took weeks, months, right? Imagine you have that data lake with all your data. One query, I'm going to tell you where you have Loc4j in your data center. One query, that's about a millisecond with these guys. Okay, now what if I also have the cloud security data and your audit data? You want to know where you have Loc4j in your environment, in the OT environment, in your public cloud, all the public cloud, second query. Now, tell me where it is. Okay, great. I don't have and run a single scan. I know now where it is, where the risk is. Show me now where the critical asset are that I have Loc4j. That's the one I patched now before I go home across my attack surface. Simple example, GameChanger, all the sweat, all the midnight oil that happened, gone. That's the power of getting the data. That's a good example, Nico. So what does it mean for Tenable to join the data cloud and how do I engage with that offering? So we have a product that we call, which is our platform, we go Tenable One. And so the data cloud is totally transparent, right? You're basically purchasing the ability to do proactive preventive security across your attack surface. You, you know, one SKU, one price per asset, you have all the technology from Tenable. And then now we're going to add the third party data. You know, if you have CrowdStrike, we'll ingest CrowdStrike. So it's really, really simple, powered by Snowflake, right? Yeah. And then, but more to come. Yeah. So I don't, I don't see, I just go on to the, what, a console and engage? This is what we talk about. Snowflake becoming the platform of choice for application builders. In some cases, it could be a lightweight data app that you build internally in Streamlit and that's great. But here is a substantial application that thousands and thousands of customers rely on. And under the hood, it runs on Snowflake. And it runs better than it did before and it has the ability to crunch the data, have the insights. You do nothing. You know, you already have Tenable, you have all our sensors, the data moves automatically into Snowflake. And then we have application to do risk management, to do prioritization, that you basically, you just log into. So when you say it's transparent, I don't even see Snowflake, I see Tenable. Yeah, exactly. And then how do I engage with Tenable? Do I do that through the AWS console, through Tenable directly? No, so we have application. So you have a choice, right? If you're a medium-sized company, you can use our application. I think what's very exciting is the largest customer. They are building Data Lake on Snowflake, where they see a lot of the value is the data, the enriched data that we bring with the risk scoring, that contextualization. So shared to them. They have a lot of tools, and so accessing just the data, and then with Snowflake, the ability to access that data effortlessly. They don't have to export and re-enport in another tool. They basically just move, accessing the table on one click, on one permission, super powerful. And then now they augment all the other data they may have around cybersecurity, instantly. And who are the users? I imagine CISO security practitioners, but it's probably not just for them, right? So CISO is the ultimate buyer, right? It's the guy with the budget. We're now spawning a lot of these logos. So what do you have? You have the VM buyer, right? You have the OT security buyer, increasingly converging with the IT OT convergence. You have the cloud security guys, right? That basically they're opening the cloud, but they're also doing governance, and they need security. You have the app side. In fact, that's the beauty, right? CISO have an app side team. They have a VM team. They have an OT side team, right? And they're all doing the same thing. They're scanning, they're ingesting, they're prioritizing, they're all doing their thing in their eye without changing. And you know who take advantage of that? The bad guys. Because they know which cello it's not effective. And they use the cello, it's called lateral movement, right? To break it. Yeah, patch Tuesday means hack Wednesday. Yeah, and we should also enter the compliance team. I mean, that's a team that we see increasingly using Snowflake. I can't tell you how many compliance teams are still relying on screenshots, and hey, can you email me a screenshot of your system? Let's do away with all that, right? Let's have everything be data driven so that we can automate it and free up the teams to do what they need to do. Especially because the cloud is like now the first line of defense in security. And now you've got the CISO, he or she has that, the app sec team shifting left. They're responsible for it, right? You have all those roles that you just talked about. And then you've got the audit is like the last line of defense. So to the extent that they've got better data, they can do a better job. Absolutely. You forgot SecOps, right? And that's interesting. Yeah, yeah, yeah. Even while we're doing around preventive security, will be a huge boon for SecOps. And that's really where the left preventive security meets the right reactive security and the value of Snowflake. Because imagine, right? If you're an analyst in the stock, you know, it's 1 a.m. and you see an activity on that device. And you have to make a quick decision. Do I ignore it? Or do I pass it to the more expensive guy? You need context. What's that first question? Is that device vulnerable? Does he have a critical vulnerability like log4j? Okay, does he have CodeStrike to protect me? Great. Oh, CodeStrike is not in protection mode. All right, that's the problem. Third question, what does he belong to? Oh, he belong to an executive. My goodness, what does the executive can access? Salesforce, customer data, you know, or source code maybe, you know? HR data. You see this question are everything that exposure management can answer by bringing the data together. Now, so if you're a sec-up guy, you want that data. So if you're building your sec-ups data lake on top of Snowflake, you want data sharing away from getting all that context, all that intelligence, that exposure intelligence, at your fingertip. And that's what we see in the partnership. So you can remediate, escalate, or avoid it, or avoid a false positive. Yeah, exactly. It's exciting, right? That's why they're our partner of the year for cybersecurity. I think it really is exciting. I can see why. Congratulations. What's next for Tenable One and Snowflake? What's next? Crystal ball time, magic eight ball, whatever you prefer. Look, I think we learn about more of, you know, they're working up the stack, right? They are bringing, you know, so a lot of application could be data sharing, I think is the next thing. There's a lot of opportunity once we share the data. Some of application could actually run in the warehouse of the customer, right? The large customers as well. So I think your application environment is very interesting. Customers want to use our application and their application on top of Snowflake. So I think that will lead probably to, we hope, John go to market together, because we're very aligned, right? They are trying to break the sell of data. We're trying to break the sell of data security. And we can help build that ecosystem. We can work, we're very complimentary. We don't step on each other. They're not trying to be us. We're not trying to be them. So I think there's a lot of, you know, not only product technology, but joint market. Yeah, and I think tackling the cybersecurity skills shortage is so important. Absolutely. That's when we hear announcements around generative AI and LLM coming to the platform, right? Being supported within the data cloud. Imagine being able to ask my vulnerability data, natural language questions. All of a sudden, that's available to more folks within the enterprise. And hopefully we can do a better job as a whole of protecting the company. So. Come back at RSA. Yeah. Back at August. Yeah. All right. You're 100% right. I think one easy, powerful use of LLM or generative AI, explainability. People do not understand security. What is that vulnerability? Why are you rating it high? What does it take to fix it? Why should I fix it? In plain English or French, right? They're not in front of you. You know, we'll show things like attack path analysis. You know, we actually use AI to do some of these things and they're plain English. It explain, okay. The attacker is going to go compromise that server that's sitting on the internet using that vulnerability. Then he's going to sniff the network. It was like, we were blown away. And mere models can now understand complex construct from cybersecurity. That's a low hanging fruit. That's scary though. There's two sides to that. True. True. I like your side. I'm going to stay on the other side. Yeah, yeah, yeah. I'm going to stay on the other side. Nico, Omar, thank you so much for coming on theCUBE, explaining all that has gone on in the last year despite having nothing to announce. But really what Tenable One is enabling organizations to achieve that shared responsibility model. We could, I know we could keep talking. So you guys are going to have to come back. We will. Thank you for having us. It's a pleasure to have you. Thank you. For our guest and for Dave Vellante. I'm Lisa Martin. We're going to be back after a short break. So don't go too far, get your cup of coffee, walk the dog. We're going to be talking about the Snowflake Media data cloud and live ramps data journey. You can find all of this content from Snowflake on theCUBE.net, all the CUBE content is there. Our analysis and editorial content is on siliconangle.com. Dave and I will see you after your short break.