 Live from Washington D.C., it's theCUBE, covering AWS Public Sector Summit 2018, brought to you by Amazon Web Services and its ecosystem partners. Welcome back to our nation's capital. You're watching theCUBE, the worldwide leader in live tech coverage. I'm Stu Miniman joined by my co-host Dave Vellante and happy to welcome to the program Matt Olson who is the co-founder, president and chief revenue officer of Iron Net Cyber Security. Thanks so much for joining us. Yeah, great to be here Stu, thanks. So, obviously, Public Sector, we've been talking a lot about the cyber, as it were. As a co-founder, always one of the first, give us the why of the company. Why was it founded in a little bit of background? Sure, we were founded, I guess, out of some frustration. A number of us, including our CEO Keith Alexander who was formerly the director of NSA, we came out of the government. And the frustration was that what we saw happening to companies, big companies, small companies and the government was getting hit with cyber attacks. Consistently and increasingly sophisticated and disruptive, even destructive cyber attacks. So, we left government around the same time, a number of us and we decided, can we start a company to really take on these threats? What can we do to develop a technology based on the threat landscape that really takes cyber security to the next level? So, our mission has always been to protect companies and governments from these types of attacks that are hitting us all the time. Yeah, so there's no shortage of security experts inside the government, especially the NSA. Actually, I remember Dave and I had talked to, there was a little company called Squirrel that came out of the NSA a little bit later. What do you know, AWS acquired them last year. So, bring us inside a little bit. What's the offering that IronNet has? How do you differentiate yourself from the others? Sure, and you're absolutely right. There is a lot of expertise in place like NSA where I formerly worked and a bunch of us formerly worked. The offering basically is network traffic analytics. So, we look at the network traffic inside large companies and we write down to the PCAP. So, we're looking at the actual network traffic and running analytics and what that means is not signature based but behavioral analytics. Looking for those indicators of malicious activity that we then can alert the SOC operators in these companies that this is something they need to pay attention to right away. Of course, the problem always with this area is false positives. You know, how do you make sure that the alerts you're giving to these operators really means something? So, we've done a lot of work to draw down those false positives so that we're giving them alerts that are actionable and meaningful in the context of a very difficult threat landscape. So, that's the basic offering. So, what's underneath the covers? I mean, what's the secret sauce? Are you using machine intelligence? Share with us. Yeah, sure. I think the secret sauce is really a combination of two things. It's analytics, algorithms that our data scientists develop. We've got some world-class folks that came out of places like the Defense Research Agency and universities that develop the analytics, the algorithms, but we combine those, that math with real-life operators, people who themselves are on the offense at one point, right? They were working to break into other networks. They were the hackers who understand how the adversary operates like nobody else does. Combining the mathematics, the analytics, with real-life operators, that I'd say, you know, Dave is the secret sauce because those are how we develop the analytics and the expert system to produce the alerts and draw down those false positives. Yeah, it was interesting. Last week we were at Cisco Live talking a lot about networking and one of the biggest things for networking people is a lot of the network that they own, they don't actually own it anymore. It's in Amazon, it's in, you know, I've got my SaaS stuff, public clouds, that I'm dealing with. So, you know, where do you sit are you mostly focused on public clouds like AWS or, you know, where in the network? So, it's a great question because there's clearly a movement, right, from on-prem solutions to cloud solutions, AWS is part of that. So, we're partners with AWS. So, we've developed our analytics to run in AWS as one of our key cloud providers. So, we, with some of our customers, we're all on-prem, we're in their data center, these are companies that want us there inside their perimeter, right? But then, with others, we have the ability to have sensors in their network, but then do all the analytics, all the backend work in AWS, in the cloud environment. And that makes a lot of sense for many companies, especially when you talk about companies that are a little smaller, maybe, or, you know, we're not talking about the biggest companies. So, they do a lot of their applications are running in the cloud. So, that's been a key transition for us as we've developed our product. Matt, what would you say are the biggest threats to organizations that they should be aware of? Yeah, well, you know, the biggest threats, they're the obvious ones in some ways, but there's no doubt that the nation-states that are carrying out attacks, whether we're talking about China or Iran or North Korea or Russia, are increasingly active and are especially dangerous in a volatile geopolitical landscape like we face today. So, we're concerned in working with our customers to make sure that we're taking on the level of threat that we see from nation-states. And that's something, I think, at IronNet, we understand particularly well, given that we were operating at that nation-state level when we were all in government. Of course, the most pervasive problem is the criminals. And you see that in all manner of hacks and cyber attacks that the most common type of attack, including ransomware, are occurring at the hands of criminals. So, rewarding, but your behavioral analytics can help with that problem. What about the weaponization of social media? I mean, what do you make of that? And I don't know, is there an answer to that that you can help with? You know, the way that social media has been used, for example, in the election in 2016, it's obviously a problem that we all are concerned about as citizens. And part of that is, I think there's a combination of the government working together with the private sector in particular, the social media companies, to come up with better ways to take on that problem, to make sure that people are using those platforms are actually people, and not bots, not Russian trolls. We need to do an education campaign for American citizens and we're coming into this election cycle that we're better prepared for what we saw happen in 2016. I mean, it's a big effort, and I'm not sure, to be honest, that as a country, we've totally come to grips with the nature of that problem. Yeah, I mean, I think you're right, we're just trying to get our heads around it. I interviewed Robert Gates one time, and I asked him this question, and I've asked other security practitioners, and I get all kinds of different responses. He said, I want to tell you what he said, and then maybe you can respond, I'm paraphrasing, of course, for Dr. Gates. He said, we have to be really careful. I was asking him offense or defense, you know, we probably have some of the best security people in the world, we could go on offense, is that the future warfare? He said, we have to be really careful because we have a lot to lose as well in critical infrastructure. Others have said, no, we should go on the offense to flex our muscles. What do you think the right posture is there? You know, I think that's a great point, Dave. There clearly is a balance. I mean, it begins with defense, right? It begins with hardening our defenses, having the right people with the right experience and the right expertise in place to protect our networks, because the best offense really is a good defense in protecting our networks. But we do need to have the capability, and we do have the capability to take offensive action when warranted. One of the challenges, I think, in this space is that we haven't necessarily developed the rules of engagement. You know, under what circumstances should the United States government take action on offense in cyber? You know, we saw this in going after ISIS, you know, going after some of their capability as a terrorist group, targeting people in the United States and taking out some of that capability. That's one way, I think, that we've clearly done the right thing in going on the offense. Harder to say when you have some of the cyber attacks going after a critical infrastructure, what's the right role for the government in going on the offense? I think, again, the first step is a good defense, and one element of a good defense is working better together. Companies working together, as well as companies working in close coordination and cooperation with the government. So it's not so much the technology. Obviously, the technology is there, but it's the process around that, the collaboration with, whether it's within agencies or organizations. I think that's right. I think there's a lot of good technology. We provide a common defense platform for companies to work together. That's what we do at IronNet, and we're doing that with a number of energy companies right now. But I think it's getting that policy in place so that companies understand that technology exists to be faster and better working together. How can we then break down whatever barriers there are to sharing information and having that sort of collaborative approach? And we see that happening more and more across the critical infrastructure, whether we're talking finance or healthcare or energy. Matt, what's IronNet's relationship with Amazon? Are you part of the marketplace? How do you go to market together? Yeah, we're a registered partner with Amazon. Amazon is one of our cloud providers, as I mentioned, for where we run our analytics. I also mentioned this common defense platform. We run the correlations that we do for companies working together. That's all done in AWS, in the cloud. We found Amazon to be really an extraordinary partner as an industry leader and a cloud provider. And so we're very close with Amazon in both going to market, but also in developing our product. So it's been a great partnership for us. Well, what do you think of the show? I mean, it's insane, isn't it? Yeah, it's amazing, right? Just a parking, trying a parking space was incredible. Once I got in. You didn't have to park. Yeah, once I got in, it's a fantastic show. We did have to register. Likewise. No, congratulations. It's a great show and Amazon has been terrific for us at IronNet. Well, we're glad to cover it and we appreciate you joining us, Matt, for this segment. Be back with more coverage here from the AWS Public Sector Show for Dave Vellante, I'm Stu Miniman, and thanks again for watching theCUBE.