 Well, good to have you with us here as we continue the AWS startup showcase and we're joined now by the CEO of Big ID, Dimitri Sarota. And Dimitri, good afternoon to you. How are you doing today? Pretty good. It's Friday, it's sunny, it's warm, I'm doing well. Then that's a good start. Yeah, glad to have you with us here. First off, just about Big ID. And when you look at, I would assume these accolades are, they're quite a showcase for you. World Economic Forum Technology Pioneer, Forbes Cloud 100, Business Insider startup to watch. I mean, you are getting a lot of attention obviously for and well-deserved, but when you see these kinds of recognition, recognitions coming your way. First off, what does that do to inspire, motivate and fuel this great passion that you have? Yeah, look, I think all of these recognitions help, I think, affirm, I think, what we aspire to be, provide the pre-emptive solution for helping organizations understand their data and so doing be able to address problems in privacy and protection and perspective. And I think that these recognitions are part of that as are our customers, as are our partners like AWS. So they're all part of that admixture. And I think they contribute to a sense that we're doing some pioneering work as they work from World Economic Forum recognized. So I think it's important, I think it's healthy and encourages kind of a corporate spirit at the company. And I think it's very encouraging for us to continue and build. So let's talk about big idea a little bit now for viewers who might not be too familiar. You are a fairly new company, raised 200 million so far, five years of operations coming up on five years. But talk about your sweet spot in terms of the variety of services you're providing in terms of protection and security. Yeah, sure. So we were founded with really this kind of precept that organizations need to have a better understanding of their data. I think when we got started about five years ago, most organizations had some view of their data, maybe a few of their files, maybe their databases. What changed is the emerging privacy regulations like GDPR and CCPA later forced companies to rethink their approach to data understanding, data knowledge. Because part of the kind of the core conception of privacy is that you and me and other individuals have a right to their data. Data actually belongs to us. Similar to when you deposit a check in a bank, that money you deposited is yours. If you ever want to withdraw it, the bank has to give it back to you. And in a similar way, these privacy regulations require organizations to be able to give back your data or delete it or do other things. And as it happens, there was no real technology to help companies do that, to help companies look across their vast data states and pick out all the pieces of information, all the detritus that could belong to the Metric. So it could be my password, it could be my social security, it could be my click screen, it could be my IP address, my cookie. And so we developed from the ground up a brand new approach to technology that covers the data center and the cloud and allowed organizations to understand their data in a level of detail that never existed before. And still I would argue doesn't exist today, separate from Big ID. And we described that as our foundational discovery in depth, right? We provide this kind of multi-dimensional view of your data to understand the content and the context of the information. And what that allows organizations to do is better understand the risk, better meet certain regulatory requirements like GDPR and CCPA, but ultimately also get better value from your data. And so what was pioneering about us is not only that level of detail that we provided, almost like your iPhone provides you four cameras to look at the world, we provide you kind of four lenses to look at your data. But then on top of that, we introduced a platform that allowed you to take action on what you found and that action could be in the realm of privacy so that you could solve for some of the privacy use cases like data rights or consent or consumer privacy preferences or data protection, data security so that you can remediate, you could deal with data lifecycle management, you could deal with encryption, et cetera, or ultimately what we call data governance or data perspective, this idea of being able to get value from your data but doing so in a privacy and security preserving way. So that's kind of the conception. We wanna help you know your data and then we wanna help you action your data so that your data is both secure, it's both compliant, but ultimately you get value from your data. I wanna get into this, helping me know my data better because you've talked about data you know and data you don't, right? And you're saying there's a lot more that we don't or a company doesn't know than it's aware of. And I find that still kind of striking in this day and age, I mean, with kind of the sophistication of tools that we have and different capabilities that I think give us better insight but I'm still kind of surprised when you say there's a lot of data that companies are housing that they're not even aware of right now. They're not. And candidly, they didn't really want to be for a long, long time. I think the more you know, sometimes the more you have to fix, right? So there needed to be a catalyzing event like these privacy regulations to essentially kind of unpack, to force a set of actions because the privacy regulations said, no, no, you need to know whether you want to or not. So I think a lot of organizations for years and years, outside of a couple of narrow fields like HIPAA, PCI, unless there was a specific regulation, they didn't want to know too much. And as a consequence, there wasn't really technology to keep up with the explosion in data volumes and in data platforms, right? The thing about like AWS didn't exist when a lot of these technologies were first built in the early 2000s. And so we had to kind of completely rethink thing and one thing I'll also kind of highlight is the need or necessity is not just driven by some of these emerging privacy regulations, but it's also driven by the shift to the cloud because when you have all your data on a server in a data center in New Jersey, you could feel a false sense of security because you have doors to that data center in New Jersey and you have firewalls to that data center in New Jersey. And if anybody asks you where you're sensitive data, you could say, it's in New Jersey. But now all of a sudden you move it into the cloud and data becomes the perimeter, right? It's kind of naked and exposed, it's out there. And so I think there is a much greater need and urgency because now data is kind of in the ethos, in the air. And so organizations are really kind of looking for additional ability for them to both understand, contextualize and deal with some of the privacy security and data governance aspects from that data. So you talk about data, obviously AWS comes to mind, right? And that relationship that you have with them, it's been a couple of years of the making, things are going really well for you and ultimately for your customers. What is it about this particular partnership that you have with AWS that you think has allowed you to bring that even more added value at the end of the day to your customer base? Look, our customers are going to AWS because it's simplicity to kind of vision their applications, their services, the cost is incredibly attractive, the diversity of capabilities that AWS provides our customers. And so we have a lot of larger and mid-sized and even smaller organizations that are going to AWS. And it's important for us to be where our customers are. And so if our customers are using Redshift or using S3A or using Dynamo or using Anissa or using Security Hub, we have to be there, right? So we've kind of followed that pathway because if they're putting data in those places, part of our job is provide that insight and intelligence to our customers around those data assets wherever they are. And so we build a set of capabilities and expertise around the broader AWS platform so that we could argue that we could help you whether you keep your data in S3, whether you keep it Dynamo, whether you keep it in EMR or yes, Aurora, Athena, the list goes on and on. We want to be that expert partner for you to kind of help you know your data and then take action on your data. So the question about data security in general, obviously, as you know, that there are these major stories of tremendous breaches, right? State actors, in some cases, bad guys. Yeah, really bad guys. And bad smart guys, unfortunately, and persistent to say the least. How do you work with your clients in an environment like that where you know these threats are never ending, they're becoming more and more complex and the tools that you have are certainly robust. But at the end of the day, it's very difficult, if not impossible to say, 100% full proof, right? You are absolutely safe with us, but you still try to give these assurances because of your sophistication that it shouldn't be people some piece of life again, it's a tough battle. Yeah, so I think the first rule of fight club is that to solve a problem, you need to know the problem, right? You can't fix what you can't find, right? So if you're unaware that there's a potential compromise in your data, potential risk in your data, maybe you have passwords in a certain data store and there's no security around that, because unless you know that first, there's no ability for you to solve it. So the first part of what we do that kind of know your data, that KYD is we help organizations understand what data do they have that potentially is at risk, may violate a regulatory requirement like GDPR or CCPA, things of that sort. So that's kind of the first level of value because you can't solve for something, you can't, your own data, you can't solve for something, you can't, you're unaware of it, right? You need to be able to see it, you need to be able to understand it. And so our ability to kind of both understand your data, understand what it is, why it is, who's it is, where it came from, the risk around it, lets you take action on that. Now we don't stop there, we don't stop in just helping you kind of find the problem. We also help you understand if there's additional levels of exposure, you have access control around that data, for instance. If that data is open to the world and you just put a bunch of passwords there or API keys or credentials, that's a problem. So we provide this kind of holistic view into your data and to some of the security controls. And then most importantly, through our application platform, our own apps, we provide ways for you to take action on that. And that action can take many forms, it could be about remediating where you delegate to a security owner and say, hey, I want you to delete that data or I want you to encrypt that data. It could be something more automated where it just encrypts everything. But again, part of the value and virtue of our platform is that we both help you identify the potential risk points. And then we give you in the form of apps that sit on top of our platform, ways to take action on it, to secure it, to reduce it, to minimize the risk. Because these threats are never evolving. Can you give us a little, maybe a inside peek under the tent here a bit about what you're looking at in terms of products or services down the road here? So somebody's thinking, okay, what enhanced tools might be at my disposal in the near term or even in the long term to try and mitigate these risks? Can you give us an idea about some things you guys are working on? Yeah, so the biggest thing we're working on and I've already kind of hinted at this is really the kind of first in industry platform in our category, companies that look at data. And by platform, I mean something like where you can introduce apps. So AWS is a platform. People can introduce additional capabilities on top of AWS. In the data discovery classification arena, that had never been the case because the tools were very, very old. So we're introducing these apps and these apps allow you to take a variety of actions. I mentioned a few of them. There's retention, you could do encryption, you could do access control, you could do remediation, you could do reach impact analysis. Each of these apps is kind of an atomic unit of functionality. So there's no different than on your iPhone or on your Android phone, you may have an Uber app. When you click on it, all of a sudden your phone looks like an Uber application. You may have an app focused on Salesforce. You click on it, all of a sudden your phone looks like a Salesforce application. And so what we've done is we've kind of taken this kind of data discovery and classification and intelligence mechanism that kind of KYDI referenced. And then we built a whole app platform and what we're going to start announcing over the coming months is more and more apps in the field of privacy, in the fields of data security or protection and even in the fields of data value when we call perspective. And we're actually coming out with an announcement shortly on this app marketplace and there'll be big ID building apps. But you know what, there's going to be a lot of third parties building apps. So companies that do intruding detection and integrations and all kinds of other things are also building apps on big ID. And that's an exciting part of what you're going to see coming from us in the coming weeks. Great, well, thanks for the sneak peek. And I feel like we just barely scratched the surface of governance, compliance, right? Regulation, you have so many balls in the air but obviously you're juggling them quite well and we wish you continued success. Job well done. Thanks Dimitri. Thank you very much for having me.