 Live from Las Vegas, it's theCUBE, covering AWS re-invent 2017 presented by AWS, Intel and our ecosystem of partners. Oh, well welcome to theCUBE, John Walls here with Keith Townsend, talking about re-invent, the big AWS show going on here at the Sands Expo Center and talking about 40,000 plus people. I don't know how many hundred thousand square feet of boost space we're talking about here, but this show has grown exponentially from last year to this year and we're looking forward to being with you here for the next three days. Again, I'm John Walls with Keith Townsend. Keith, always a pleasure to see you sir. How you been? I've been really well. I'm navigating the four hotels, this conference is spanning, last number I heard almost 50,000 people. Is that right? Yeah. 48,000, 45,000, a huge conference. Well, quite often for those of you who come out to Las Vegas a lot, for sure as you realize that there are certain anchor centers, but as Keith pointed out, we're talking about four hotels and even some spillover into a fifth as well, so the sessions are packed, the exhibits are certainly dynamic, already attracting a lot of attention behind us and we're glad to be with you here on theCUBE. It's a pleasure now to introduce Eric Thomas, who's the director of Cloud Products at Extra Hop and good to see you sir. Thanks for being with us. Thanks very much. Breaking your maiden on theCUBE, is that correct? Absolutely, first time. Hopefully not the last. We'll go easy on you. Thank you so much. Appreciate that. Extra Hop based out of Seattle. Tell us a little bit first off about core competencies, what you guys do and then we'll drill down a little bit to just why you're here at AWS. Absolutely, so we're a platform for what we call wire data analytics. Essentially what we do is we use the network as a data source for application intelligence, performance, security, forensics, whether that's sort of public or private cloud, on-prem, hybrid setups, we sort of sit on the network, virtual or physical network, listen to all the traffic and then we analyze it sort of at an application layer. So we speak web and database and storage, active directory, single sign-on, all these different sort of services and protocols, then we apply machine learning to that, to surface insights to IT professionals and app developers. So I mean, are you looking for, whether it's code issues or maybe infiltration or maybe performance, I mean, we're everything. All the above, all the above. So we sort of started off talking about IT operations, performance management, availability, downtime, and our customers then said to us, once you have full visibility across the entire app delivery chain, there's real implications for security there, finding intrusions, anomalies and things of that nature. And so over the last few years, we've gotten more and more into that business. As far as AWS is concerned and kind of the cloud operations, we've been supporting AWS since 2013, that was our first product offering, and we allow our customers to maintain their visibility as they shift their workloads to AWS. And sort of the value prop here is kind of a shared responsibility model, whether you're talking about security or infrastructure, at the end of the day, the business and the customer still responsible for the application. So help us understand wire data in the cloud. I mean, I'm used to taking a network analyzer and putting it on my wire in the data center and I can get the really smart people to look at that data and extrapolate and find really great patterns. Do I really get wire data in the cloud? How do you guys work in AWS? Yeah, so the virtual wire is still a virtual network, still the same TCP connection, the same packets going across the virtual wire. So we capture that virtual network traffic, marry it with physical network traffic from the data center or on-prem, put it all together in one package. So across customers, you guys have to have a lot of great insights. Do you have a service where you anomalize that data and then provide that insight back to your customer base? Yeah, absolutely. So we sort of turn that investigative workflow on its head where we do analysis and find the interesting stuff up front so that the smart people don't have to go digging through packets and network analyzers. We surface our machine learning insights by looking at behavioral anomalies. We can kind of separate those into operational versus security anomalies to kind of improve the signal to noise ratio for both IT ops teams and security teams as well. To deal with the security stuff then on that level, then an interesting point, Keith, that you bring up the fact that you can learn from the greater community and apply it to specific examples. What are some of these high-level findings? I don't know, don't get into specifics or too specific, but what do you find it out in terms of security concerns and how people are best addressing and best practices to addressing this? So we just announced yesterday a new rev of Extra Hop for AWS, which enables a lot of new types of use cases or outcomes from those types of security anomalies. It's a great example. You're still responsible for securing all of your storage, all of your web applications. It's easy to configure your AWS setup to let anybody in the front door of S3. That's, we've seen that a lot, right? Pretty embarrassing when it happens. With Extra Hop and Extra Hop for AWS, that's an anomaly. It's a couple of clicks to find out where it's going on and to fix it. So is this more prescriptive or descriptive? Are we doing this pre, an event, or post discovery of some type of intrusion? So we're doing it as it happens. We talk about real-time analytics and when we say real-time, we mean within one second of it happening. We see it in Extra Hop. Some vendors say real-time to mean 15 or 10 minutes. Not really enough if you're trying to find a ransomware infection and stop it, for example. With the machine learning, we'll provide suggested root causes. We'll say this looks like a security anomaly. It looks like you've opened your S3 bucket. Here's how you go fix it. So let's talk a little bit about ecosystem. Security, especially in the cloud, is a really big topic. There's challenges with SSL encryption, decryption. Extra Hop can't do it all by themselves. Do you guys partner with other security firms to bring insights? Yeah, we partner with a lot of different firms. Splunk comes to mind as sort of a log analytics and aggregation vendor. A lot of sort of bytecode instrumentation on the sort of performance analytics side. And if you think about it architecturally, you've got the inside-out view from logs and bytecode, which is great. Find out what's going on in the brains of the computer as it's self-reporting as a virtual machine or application. We take the outside-in view, and we're sort of looking at it from the outside to get more sort of definitive about literally every single transaction and the impact of everything from active drill. All those things you can't measure instrument using classical agents and that sort of thing. So we've had those firms come to us and say we'd like to partner with you on this ecosystem approach. So AWS big conference, one of the things I've talked to a lot of folks in the community the past couple of days. For me, this is a very different community. We have anywhere from infrastructure architects from the big Fortune 500s to people who have been more traditional AWS customers and are not used to going through IT and consuming these services. How does that ladder customer surface up an extra hop? So having been at this show since 2013, I've seen more and more enterprise customers at these shows as these sort of cloud strategies have finally come to pass. Been talking about public clouds since 2008 or so from a strategic perspective in the enterprise, now it's becoming real. Those are our customers, full stop, the CIOs, the CISOs, the VPs of AppDev, product management, et cetera. It's great to see them moving their workloads to the cloud. It's also great to see that they're monetizing some of the services while choosing to leave some of their other legacy services for later. We can monitor all of that, sort of maintain visibility, performance, assurance and security as they're moving those workloads. So can you talk about how you ease the pain between those two worlds? The public cloud, which is a very different operating model than what we can do in a data center. We have complete control of the infrastructure in a data center. The cloud is abstracted the way. How do you guys help even that out and make operations simple? So one thing that we're seeing, sort of from a mega trend perspective with CIOs, they really want to make as many options available to their app teams, their infrastructure teams, their dev teams as possible. Because the CIOs saying, I don't know what's going to stick from a technology perspective. I'm not the one to make those decisions, I'm the one to support them. And so I'm going to open the floodgates. You know, you're allowed to do whatever you want with public cloud, virtual private cloud. I'm going to give you all these options. Meanwhile, the CISO is saying, I really wish you'd standardized. It's getting hard to track all these assets, all these different middleware components that you're putting out there. They need a way to audit and assess what's really going on, you know, in both the public, virtual private cloud and on-prem. And that's sort of where we come in. So just in general, cloud migration, you were just saying how 0809, right? This has been eight, nine years in the making. Is it finally been kind of demystified to think to a certain degree, or people there's been enough trial and error that there's more confidence for those who haven't made that leap yet, that okay, there's a more defined path and I'm more comfortable with it now. I think it's gotten more realistic in terms of the assumptions around cost savings. And when people started talking about this originally, it was like, oh great, you know, we're going to completely map our consumption of resources to what we really need, we're going to save all this money. And yeah, that's true to your degree. I think those expectations have been tempered a little bit as you figure out, you know, where you can track that sort of performance and capacity, where you just want to let people run wild. So that's a tempering of expectations. There have also been these unexpected benefits around next-gen application architectures, microservices, continuous integration, even continuous delivery. The cloud enables all that, you know, it sort of inspires a level of agility in historically less agile businesses. And then you mentioned the kind of these microservices. How do you guys support microservices? We're used to the VM-centric view of the cloud. When you're talking about services that are abstracted away from the VM, how does extra hop play in those realms? So, you know, this is sort of the next iteration of a service-oriented architecture as people have realized, you know, that the sort of the best practices and sort of code patterns for developing these services for us, you know, we auto discover systems and services, you know, running across virtual or physical networks, which means you don't have to configure things ahead of time, and we can scale to elasticity very easily. We see services spin up, spin down, move from one place to another, move across availability zones, and we just track all of that as it happens. Well, Eric, we certainly appreciate the time and we want to know how was the first Cube experience before, you all right with it? Oh, so far so good, what do you think? You tell me, you're the expert. We didn't beat him up enough. We didn't, I got to come with tougher questions next time. Next time. There you go. Eric Thomas, extra hop, glad to have you with us here on theCUBE. Thank you so much, appreciate it. Back with more here from ReInvent. We're in Las Vegas, we'll be here all week, back with more on theCUBE right after this.