 Hello everyone and welcome back to theCUBE's live coverage of HPE Discover Barcelona 2023. I'm Rebecca Knight, your host along with my co-host and analyst Rob Streche. Rob, we've been talking a lot about security here and we really are at a point in time when attacks are not just sort of rare events. They are an inevitability in the life of any company. Right, and I think we even heard yesterday in the atmosphere keynote about, you know, on average, I don't know whose number they were quoting, 1.8 million dollars or euros or whatever it was. It's a lot of money per ransomware attack. It's one of these things you got to be prepared for and not only backing things up, but you have to have true resilience and effectiveness in how you go about that. Well, we're going to talk a lot about that in the next 15 minutes with our next guest. We have John Cedillo. He is the vice president OEM and alliances at Cohesity. Welcome. Thank you. And Chris Klosterman, alliances field CTO at Cohesity. Thank you so much both for coming on theCUBE. Yeah, appreciate you having us on. Yeah. It's a pleasure to be here. So I'm going to start with you, Chris. Talk a little bit about the partnership that you, that Cohesity and HPE have. Yeah, absolutely. So, you know, HPE is an investor in Cohesity. They've invested in multiple rounds of our financing through the Pathfinder venture capital arm that looks for those early stage startups that really have true promise in the market. And I think from what I've been told to date, we're definitely the most successful Pathfinder company that HPE's ever invested in, which, you know, is certainly a great thing. That relationship's been in place now, what, six, seven years, John, something like that. And, you know, we've got over 650 joint customers together, you know, we're winning a lot together. And there's a good reason for that, to be sure. So, how is it, since everybody's top of mind is, it's either talking about AI or ransomware. It's, and sometimes at the same time. And how, you know, ransomware is, you know, you can use co-pilots and stuff like that to go actually build ransomware, which is not so great. But what is it that you're bringing with HPE to those customers to try to look at their entire estate and help them be prepared? And, because being resilient is not just an out-of-the-box kind of thing. It takes some technology and some people and processes in place. Absolutely, it takes a fundamental philosophy. And I like to tell the story of Robert Mueller when he was the FBI director back at RSA in 2012. One of the big things that he spoke about was, at that point in time, he saw there being two types of businesses out in the market. Those that have been breached and those that will be. And then he continued on to say I foresee a point in time when those two businesses become one, which is those that have been breached and those that will be again. He continued thereafter to say it requires a fundamental change in how it is that you approach concepts of protection and resiliency in your business. And to do so, it requires partnerships, it requires new technological thinking and requires customers to be able to push and advance those dialogues. So what we see with our founder, Mohit Aron, is somebody who is actually stepping forward to say let's take a different philosophical approach rather than bringing yet another point product, which once you start having point product after point product, you're expanding your attack surface area. And so it makes it more simple for your adversaries who are using technologies like AI and ML to automate that potential attack. So with a larger surface, with people who are trying to use powerful technologies against you in a negative way, you have to up level that. You have to fundamentally change how it is that people approach. The thought process around protection of your most critical asset. So what we do fundamentally is we reduce the number of point products that are required, putting them into an immutable format, wrapping those around with an ecosystem of security partnerships that allow us to not just create awareness of what is potentially coming after you, but also being able to flip that on its head to say and here's how you harden all of your defensive barriers before they can get access to your data. So it's this synergistic approach that is absolutely rooted in a change in philosophy. So we're at a point now where philosophy matters, minutes matter, seconds matter, and we know exactly how to articulate that kind of monetization that the bad guys are doing or gaining when they come after your data. And so that's the approach that we've taken now. Yeah, so the approach as you're talking about it, it really is a mindset. And a philosophy as you just described. And that is the technology certainly, and you have internalized that, the urgency around it. But then you need to bring customers along and have them understand how much this matters. How do you do that? Because that's really cultural stuff. It's not just the tech then, it really is the mindset. Sure, I would say that it becomes a little bit more about having radical candor about the situation that we're all in. When we look back over the course of the last 10 years, roughly about 90 to 95% of all defensive spend or security spend has been premised on the idea of prevention being possible. And now it's a much different dialogue that you have to be willing to engage in, which is, okay, if I do have that 5 a.m. phone call, what is it that we do? How is it that I'm going to respond to this? What are my first few calls? How do I bring back at least a core capability for our business so that we can begin to assess that potential damage? Chris has some really interesting concepts that he presses in upon along this same line. So I'll pass it to him, but it has to be candor driven. I mean, a big part of that is really looking at your business and understanding what are the potentials for loss. Doing what the popular term these days is a BIA, a business impact analysis, right? Sit down and look at what are all the possible things that can go wrong in my environment and then forget the technology, throw that out the window for a minute and look at what is the impact to my business of it happening? What's the likelihood of that happening, right? And when you mentioned earlier, the $1.8 million or Euro, whichever it was figure from atmosphere last night, the more interesting thing to me is not the cost of the ransom itself. That's what so many people focus on the ransom. And for a moment, if we forget that and we look at a random customer that makes an easy math, $365 million a year, right? That means if it's simple, it's a million dollars a day. If they're down for more than one day, it costs them a million dollars. Well, if you look at the metrics, the surveys that are out there, you'll see that most customers, over what was it, 71% of customers can't recover within four days, okay? So it's a matter of looking at the cost of avoidance there, but turning it around and saying, okay, I'm going to try and put something in place ahead of time to avoid those costs. If we accept the reality that likely you'll get hit in maybe not your whole environment, right? Maybe part of it. Maybe you'll catch it in time. There's a lot of maybes in there, mind you. But if you look at it from that perspective, the cost can be greatly reduced and the impact your business can be cut down massively. So let's break it down into how you're helping customers because I think going down that road there, ensuring their recovery time objectives and recovery point objectives that goes along with that BIA and understanding, okay, here's the approach that we and HPE come in and we have this discussion with you. Are you going in and helping them when they're doing their tabletop and going around that? Or how does that engagement work with them so that they can determine what to protect or how? In a perfect world, this would be absolutely proactive, but the reality is that many customers don't have these conversations until they're in a reactive mode, until they've suffered through something. Maybe it's a breach, maybe it's an outage. We have one of the largest banks in the world that's a customer of ours, had 250 Windows servers blow up on a Microsoft patch Tuesday. It's a real thing. Took them five days to recover, 250 servers. So one of Cohesity's core capabilities is what we call IMR, instant mass recovery, which is our ability to bring back massive numbers of virtual machines in a very short period of time. That same customer did what most customers would do, right? They went through, did an RFP, down selected, did a proof of concept and picked the solution, ultimately us, that responded best. So those same 250 virtual servers were able to get back 250 randomly selected ones in seven minutes. So it's about meeting that goal I would personally love for every customer to have us come in, sit down and have that needs-based assessment, figure out your whole environment doesn't need an RPO of zero or near zero, just a piece of it. But that piece is mission critical and what is that piece? Let's add it up. How much capacity is that? And it can make a meaningful difference if you sit down and do that ahead of time. And I think that's one of the areas where Cohesity's relationship with HPE really shines because HPE is having deep and very meaningful conversations with customers around what are your most critical assets? What are your most critical applications? Where do they need to run? On what technology sets do they need to run? So when it comes time to do this business impact analysis those become some of the most important driving conversational points. What is the data that you need? What are the apps that you absolutely have to have so that way we can put together an appropriate runbook? So with that inevitable ransomware event what is that order of operations? And in so doing then solutions that provide improved RPO or RTO. Those solutions that can bring back thousands of VMs within minutes. That becomes the hook. That becomes the thing that allows you to go and have those very eye-opening conversations with your C level and board level directors to talk about here is what our plan is and here it is how we're going to be responding. And not just between Cohesity and HPE but even our channel partners and GSI and service provider partners they play an important role in ensuring that we have that appropriate runbook available. So what beyond they invested in you? What's special about the relationship with HPE? I mean it sounds like there's so much trust there. I mean as you said you have to have this radical candor with all these different kind of customers and also with your partner as well. Yes absolutely so what makes this one so special? I believe again it's philosophy based. It's the fact that we are doing things intentionally different. We've gone out of our way to do things that are not just disruptive in terms of shaking up preconceived notions around the legacy technologies and how it is that you adopt them. But again it's that candor of saying there is an entity out in the marketplace that is doing something fundamentally different than what we do. And so rather than trying to build it from within all on our own and have that innovators dilemma let's partner with someone who's doing it far and away better than anyone else in the marketplace. So I believe it's a partnership of recognition of that trailblazer being that Vanguard in the industry doing something different with the ability to do it repeatedly at scale and doing so in partnership with the customer in such a way that when things do go wrong we have the ability to fail fast and get it right. And it becomes much more dynamic in terms of how do we move forward. So I believe that our rate of innovation as partners is one of the key things that separates us from anyone else. So the AI is not new of course but there is so much hype and buzz around it as ChatGPT's birthday today. And so I'm curious about your approach with AI in terms of how you think about AI you said the malicious actors are using AI to attack but the good guys can also use AI to counter attack or to be prepared I guess. So what's your approach and how do you think about AI? John? So Cohesity has always had AI and ML capabilities down in the core of what it is that we do. Cohesity is not just a data protection solution Cohesity is an actual file system and an OS that has all of these capabilities built into the core. We have the ability of identifying when there's data entropy when things are changing at a rate that's abnormal and what does that actual baseline look like and how do we flex and make that baseline more specific to the customer, to the vertical or to the industry. So we've been using it for a long time but we actually do have some really interesting and powerful new offerings that are going to be coming up in just a couple months time based on leveraging AI, integrating that with a large language model and then sticking that on top of this massive pool of aggregated data that Cohesity has inside of our clusters. So with that, what we're able to do is drive massive amounts of insights and with the rest of our security ecosystem starting to use that AI to start asking questions and submit queries and what are some of the things that we should do in order to harden some of those endpoint devices or network-based devices or cloud-based devices to help us get an improved posture with respect to our data overall. And Chris, you know a bit more about the touring offering and how it is that we're using some of this so I think it'd be really interesting to kind of continue on. Yeah, absolutely. So Cohesity Touring is based upon a large language model but you need a big data set to train it on and for it to work upon and that Cohesity Touring is just entering beta. We're taking applications now for a private beta but some of the initial demonstrations that I've seen of it are quite powerful. You know, one of the most interesting and compelling ones that I saw was focused around a healthcare customer, right? And this healthcare customer used Cohesity to back up their Microsoft 365 environment, right? All their emails, OneDrive, SharePoint teams, all of that. Well, in doing that, they went and in the chatbot asked it a question and said, has any patient data been sent outside the company in the last week, right? The kind of question that a compliance officer might ask, right? And because we're already holding all of the customer's emails it actually returned very shortly with a result saying, hey, here's the data that has left the organization gone outside of our email domain in that period of time. One, two, three and four, would you like to learn more? And that was real eye-opening for me because it's quite powerful. Then it becomes a question of what is the right question to ask, right? And I think that's something we'll learn as we go and as we go through this beta process with customers, it'll help us improve the product even more. Excellent. Yeah, I was going to say, I actually got to talk to your CEO, Sanjay, at another show pretty recently and I think part of it was, again, the fact that data lives everywhere and that you got to protect it everywhere and you got to go to the data and that being part of your strategy as well and that kind of fits with kind of the edge-to-cloud message that Antonio was talking about this morning as well. Yeah, that was great. Excellent. Well, John and Chris, thank you both so much for coming on theCUBE. A pleasure having you on. Yeah, thank you for having us. So much, really appreciate you. Stay tuned for more of theCUBE's live coverage of HPE Discover Barcelona. I'm Rebecca Knight for Robstretch. You are watching theCUBE, the leader in high-tech enterprise coverage.