 Hello and welcome to today's session of the CUBE presentation of the AWS startup showcase, the next big thing in security, featuring Anishin for the security track. I'm your host, John Furrier. We're here with the CEO of Anishin, Rakesh Narasimhan and Aditya Uparapu, Global Segment Leader of DevOps for AWS Partner Network. Rakesh, Aditya, thanks for coming on. Appreciate it. Thank you very much, John. Pleasure is mine. So this is the track session. We're going to get into the details on the leadership of digital transformation and DevSecOps, automation, cloud security and compliance. So let's get started. But first for questions, we last talked, you guys had some awards, RSA conference 2021 virtual. You guys got some serious awards? Give us the update. Yeah, thank you very much, John. Yeah, we were humbled to be recognized in our industry recognition. It's always a great thing. We deliver value for customers and the industry is recognizing it. So at the RSA conference, we got seven different awards. Very excited that we were chosen for publishers choice and security company of the year, editors choice in cloud security and hot company in cloud security automation. So really thrilled about the recognition. Thanks. Awesome, seven awards. I mean, RSA is obviously a show that's in transition itself. They're transforming no longer part of Dell Technologies now kind of on their own, kind of speaks to the waiver in it. So congratulations on the success there. Hot startup here in security track. Give us a quick overview of what you guys are enabling because this transformation is everywhere. It's in every sector. It's in every vertical dev sec ops, shifting left, you know, day two operations, get ops. All this is all talking to one thing, developer productivity, programmable infrastructure with security. Rakesh, give us a quick overview. Yeah, exactly right, John. I think there's a big shift happening obviously to the cloud and it affects every one of our lives and productivity in enterprise applications, consumers. You name it, there's a huge change happening but central to that theme is security. And so it's one of the areas we focus on. An issue is the fastest way for both existing and new applications to be developed in the cloud. And so we make sure that you can get there fastest time to value and time to revenue pretty quickly by providing the best secure and compliance environment for you. That's really the core of what we do as a company. And we look forward to helping all of our customers in the industry. Aditya, you're a global segment lead at AWS Partner Network. You're seeing successful companies. You got a winner here, obviously a success story. I want to get your take on this because this is a trend in cloud native scale, you know, horizontally scalable, large scale but shifting left, okay, get ops, big topics where code is being inspected in real time, people want automation. So I got to ask you, what does shift left mean to being out there in the security world? What does that mean? So instead of applying your security and compliance guardrails only in production, we also need to apply them across your application, development and delivery cycles. Instead of having one gate that becomes a bottleneck, we should have multiple checkpoints at various stages. This provides fast feedback for the developers while they're still in the context of developing that feature. So it's easier and less expensive to fix the issues. And what it is not, is this doesn't mean you move all your focus to dev and ignore production. It also doesn't mean developers are now responsible for security and you can get rid of your security. We did a process and a mechanism in place to leverage the expertise of the security teams and offer their services to the developers very early on in the development cycles, thereby enabling and empowering developers to write a secure and compliant code. I mean, to me, not to put my old school hat on, but I think to me, I view it as security at the point of coding, right? At the point of, I don't want to say point of sale, but the point of writing the code. In the old days, it used to be like patches and getting updates and provisioned into production, same kind of concept, but as a developer, that's kind of the focus, is getting the latest knowledge, either through tools and technologies to make it easier for me as a developer to inject at the point of code. Is that right? That's right, yeah. So what makes Anishin so different and what's successful within AWS? What's the, why the success there? Can you share with us why they're so unique in AWS? So I think the biggest case for that is really, security oftentimes, security is thought of as an impediment sometimes, actually, believe it or not. So the configuration, the management, the deployment, all of that, you got to be able to do and you got to be able to do that at scale. The great thing about cloud is scale and a big portion of that is automation. So what we at Anishin have done is taken that lifecycle of taking applications on a variety of states, if you will, if you're trying to get to production, you're trying to do one of two things. Either you're trying to get into a compliance standard like FedRAMP, you want a very predictable process or you're just trying to get an application secure pretty quickly. So how can you do either one of those things becomes the challenge? And we help you do that by having a pre-engineered environment where configuration, defining deployment, all of that becomes very consistent and very predictable which means we've automated it in a way that it can scale. So you can sort of almost have this regularly happening and not just one application with multiple applications for any company. That is, I think, the biggest obstacle that has happened for a lot of folks in the enterprise for sure to try to get to production and keep that cycle going continuously. And we help with that in a big way. That's one of the reasons why we're having a lot of adoption customers, working with partners, of course, and getting industry recognition for it. Yeah, I mean, this is one of the benefits of cloud. I want to get you guys both reaction this way. As things get going, it's kind of like that, you can take advantage of all these solutions. So if I'm an AWS customer, I want to look for solutions that help me move the ball forward, not backwards, right? Or help me move the ball forward without building anything that I don't need or that's already been built. So here it sounds like, if I get this right, Anishia is saying, hey, if you're an Amazon customer, I can accelerate you with FedRAM compliance. So you don't have to spend all these cycle times getting ready or hiring or operationalizing it. Is that right? I mean, is that the value proposition? Very accurate, John. So what happens is, we're working with Amazon web services who's really innovated quite a bit in building all the building blocks, if you will. And so we're standing on the shoulders of giants, if you will, to basically get the next level of automation and acceleration happen. So that just like customers have gotten used to not having to buy service, but guide compute and storage, if you will. Now they're able to secure and also become compliant with the services that we offer. That level of acceleration, I think isn't needed. If you believe that there's going to be a lot more cloud applications, a lot more cloud, if you're going to achieve scale, you got to automate. And if you want to automate, but secure as well, you need a mechanism to doing that. That's really where Anishin comes in, if you will. Yeah, and I think FedRAMP to me is just a great low-hanging fruit example, because everyone wants to get into the public sector market. They know how hard it is, kind of like, we want to do it, but stand in line, we got to get some resources. I'm not kind of get that. But the question I want to Rakesh get to you and Aditya is the bigger picture, which is, as you said, more cloud applications are coming. So customers in the enterprise have or are building fast DevOps teams to accelerate the security paradigm. How do you help those folks? Because that's really kind of where the action is going. The puck is going to go there too, right? So beyond FedRAMP, there's other things. Right, so I think the way we approached it is, really there's like at least two different sets of customers, right? In the FedRAMP market itself, you just think about commercial SaaS companies who are trying to enter the public sector markets. Well, you need to clear a standard like FedRAMP. So we're the fastest way to not just complete it, but be able to start selling and producing revenue in that new market, perusing that functionality, if you will, to that market. Similarly, there's a lot of public sector organizations who are trying to move to the cloud because they have traditionally developed applications and architectures based on what they've done over the last 20 plus years. Well, guess what? They're also trying to migrate. So how do you help both commercial companies as well as public sector companies transition, if you will, to the cloud in a secure way, but also meeting a public standard. We're helping both those organizations do that migration and that journey, if you will. But it's premised on, we've pre-engineered it. It's the fastest way for you to get there for you to be able to provide your capability and functionality to the larger marketplace. That's one of the main reasons why I think the productivity jump is enormously high because that's how you get to larger marketplace, if you will, to serve that market. Aditya, so they have to change your title from global segment leader DevOps to DevSecOps, AWS Partner Network here with this solution. In a way, it's kind of becoming standard. Yeah, security is getting embedded into all of your development and delivery life cycle. So DevSecOps is becoming more and more critical with customers migrating to the cloud and modernizing their applications. How much is automation playing into this? Because one of the things that we're talking about fuel and digital transformation is the automation component of the security piece here. Rakesh, how important is automation? And how do you set yourself up for that to be successful? Great question. I think the big key to that is automation is, I think automation is there in general in the cloud, space people expect it, frankly. But I think that the key thing, what we have done is pre-integrated, not just our platform, but a variety of the partner ecosystem around AWS. And so when a customer is looking forward to taking an application and going to the cloud, they're not just getting functionality from us and AWS, but also a lot of partner functionality around it so that they don't have to build it. Remember this discussion we had earlier about how do you jumpstart that? Well, it's really instead of them having to best of breed assemble with pre-done it for them, which means it's predictable, it's consistent, it's configured correctly, they can rely on it. That allows us to be able to help them move faster, which means they can go serve larger markets and obviously make money around it. Rakesh, I got to follow up on that and ask you specifically around this business model. Obviously cloud has become great service. Everyone kind of knows that and they kind of sees the edge coming next and all these other issues that are going to provide more opportunities. But I got to ask you for your company, what industries and business models are you disrupting? Yeah, I think primarily too, we're a classic example of software eating the world, right? Primarily what happens is most of the folks and certainly the compliance arena are really trying to figure out how to do it themselves, right? And then that's primarily the group of people who are sort of trying to figure that out. And then there's a class of companies who do consulting, who are trying to consult with you and what you should do. And we have taken a very software oriented approach built on Amazon that we will not only help you fast forward that, but also get you compliant, but also keep you compliant. Because it's a cycle, much like in other industries you've seen, there used to be a time when people did email and they used to run email servers and ran the email service in backups and things of that nature. That transitioned over time where people procure that service from somebody else and it's still a secure, it's still a scalable and they can rely on that service without having to be in that business, if you will. So we see us disrupting the consulting and do-it-yourself world to actually providing a dependable service out there that you can rely on for security and compliance. Awesome. Aditya, I got to ask you on the Amazon side, obviously you see a lot over there. What are some of the challenges that you see with security? One of the main challenges I see that is that the landscape itself is rapidly changing. As customers are migrating to the cloud and modernizing, what used to be a simple monolithic application running on a server in an office or a data center is now distributed, hybrid, and spans across development practices like microservices, managed services, packaged applications, et cetera. And also the infrastructure platform choices have dramatically increased from on-prem to Kolo data centers, to edge computing, IoT, VMs container, serverless, a lot more options. All these leads to more complexity and it increased the number of threat vectors exponentially. Though this advancement was great from a usability perspective, it now created a whole slew of challenges. This is complex, it's very hard to keep up. It's not something you set and forget. One needs to make sure you have the right guardrails in place to make sure you're continuously compliant with your own policies, or also with the regulatory compliance frameworks that are needed for your business, like GDPR, PCI DSS, NIST, HIPAA, SOX, FedRAM, et cetera. Rakesh, specifically on the DevOps efficiency with Amazon, what are you guys, what's your top few value proposition points you say? Biggest value proposition, honestly, is keeping and maintaining security while you're doing compliance at scale with speed. I think those are big issues for companies. Like if you're a company, you're trying to be in the cloud, you want to enter the federal market, for example, you got to get there quickly. So what could take a lot of money, 18, 24 months, error-prone, manual, we've just completely automated that. And so within a quarter, depending on how quickly the two organizations can work, we can get you into the marketplace. That speed is of enormous value to companies. But also remember that, as Aditya pointed out, there's a lot of complexity in the kind of architecture that has evolved. But we feel like people like Anishin, what we can help customers with is as much as you take advantage of all the cloud-style architecture, providing the simplicity of providing security consistently and providing compliance consistently quickly, I think there'll always be a value for that because people are always trying to get faster, cheaper, quicker, and I think we're able to do that. But remember, security is not just about fast. It's got to be secure, right? We got to be effective, not just efficient. I think that's a big value prop that we're able to bring to the table on EWS. Well, I got you here. Obviously we're showcasing you guys as the hot startup. Who is your customer on Amazon? So you have customers that sell in Marketplace for FedRAMP. That's a huge, that's the people who are in business to sell software, but also other enterprises as well, right? So could you just quickly break down your customers and then when do they know it's time to call Anishin? Yeah, so we have two large groups of customers, if you will, certainly the commercial segment as well as in the public sector. In the commercial side, you have lots of companies in the cybersecurity enterprise collaboration as a robotic process automation, all those categories of companies in the commercial environment, they're trying to enter the public sector federal market to go sell their services, but you have to get compliant. We are the fastest path to get you there. Time to value, time to revenue, we can accomplish for you. That's a group of customers we have in Market. And then we have the other side, which is a lot of government agencies who are themselves trying to migrate to the cloud. So if you're trying to get your applications which were once on hybrid or on-premise and you're trying to go to the AWS cloud, well, we're a great way for you to have a pre-engineered environment into which you can move in. So not only are you secure, it's pre-built, it can scale to the cloud that you're trying to migrate to. So we have both those particular sites, if you will, of the marketplace. And then in market, we have lots of agencies big and small on the government side, but also all these categories in the commercial side that I mentioned. Rakesh, Anishin's helping a lot of companies sell them to the public sector market. How big is the public sector federal market? It's, yeah, billions of dollars, more than $250 billion is what people say, but it's a very large market. But remember, it's any commercial SaaS company who's trying to go into that federal market is a target market we can help that customer get into that market. And just real quick, their choice alternative to not working with Anishin is what? Months of pain and what's the heavy lift? As Annie Jassy would say, the heavy lifting, undifferentiated heavy lifting, a lot of paperwork, a lot of hoops to jump through. Can you just paint a picture of the paths with and without Anishin? There's three areas that I think customers or companies have to do. A, they have to understand the standard. B, they have to really figure out the technology, the integration, the partners and the platform itself. So it's a lift to basically get all of that together. And then actually produce the documentation, produce all the configuration and in a repeatable way. And that's just to get one application up there. Well, guess what? Not only do you need to get that up there, you need to keep that compliant and then as future standards come in, you need to go upgrade to that. So the best way for me to describe that is either you, you come to Anishin and we make that a just a service and subscribe to it to keep you compliant and grow. Or you could try to build it yourself or you try to go get consulting companies to tell you what to do. You still have to do the work. So those are your sort of choices, if you will. Which is one of the reasons why we're enjoying the growth we are because we're making it easy and productive for companies to get there faster. Aditya, I want to get to you real quick. Obviously AWS partner also known as APN. You guys see some of the best hot startups. They all kind of have the same pattern like this. They do something that's hard. They make it easier. They go faster, more cost effective. What's the pattern in this cloud scale world as startups we're going to be featuring, you know, every, as much as we can, hot startups coming out of your network. There's a pattern here. What would you say they are? Well, the DevOps, obviously cloud native besides iterate, move faster. What's the pattern you're seeing for the successful companies? It's like Andy says, it's figuring out how to continuously reinvent yourself is the key to stay successful in this market. Awesome. Prakash, real big success. Congratulations on your awards. I got to ask you, we're asking all the companies this question, what is your defining contribution to the future of cloud scale? Great question. I think when I think about what can be accomplished in the future, not just in the past, I think cloud is a huge phenomenon that has completely upended the architecture for all sorts of things, commercial, government, you know, consumer enterprise, if you will. I would think we would be humbly the people who ensure that lots of B2B companies and government organizations are able to move to the cloud and are able to be secure and compliant because I believe that there'll be more and more of that happening in the cloud. And the more that is available, just like the commercial world is takes advantage of all those features. I feel like public sector government organizations also can accomplish the same things very quickly because of folks like us, which means you have a larger segment of population that you can support. That's only going to make the planet more successful. I'm a big optimist when it comes to tech. I know there's a lot of folks who would look down upon tech or think about that as not great. I'm a very big optimist around tech improving people's lives. And I think we have our own humble role in enabling that to happen in the security and compliance. Well, anything in my opinion, I'm really a big fan of your work and your team. Anything that could bring great innovation into the public sector faster and more effective is good win for society. So I think it's a great mission. Thanks for sharing and congratulations on your awards and thanks for being part of our AWS startup showcase. Appreciate it, Rakesh, thank you. Thank you. Okay, this is the CUBE coverage of AWS startup showcase. I'm John Furrier, host of theCUBE. This is the next big thing in security. Anishin in the security track. Thanks for watching.