 from downtown San Francisco. It's theCUBE, covering RSA North America 2018. Hey, welcome back everybody. Jeff Frick here with theCUBE. We're at the RSA conference in downtown San Francisco. 40,000 plus security experts really trying to help us all out, protect our borders, not so much, but protect access to these machines, which is harder and harder and harder every day with bringing your own devices and all these devices. So really it's a different strategy and we're really excited to have ExtraHop back. We had ExtraHop on last year for the first year. He's Matt Cotthorne, the VP of security at ExtraHop. So Matt, what do you think of the show? Amazing, yeah, absolutely amazing. Super packed, been walking like crazy. I've got all my steps in, it's fantastic. All right, so you guys have been in network security for a long time? Yeah, so we've been, so we live in the East West corridor inside the enterprise, inside the perimeter, doing wire data analytics and network security analytics. Our source of data is the network itself. Okay, and the network is increasing exponentially with all the traffic that's going through, the data sources are increasing exponentially with all the traffic going through. That's right. So how are you guys keeping up with the scale and what's really the security solution that you guys are implementing? So the point you make is really interesting. Yes, it is increasing exponentially and as a data source, the network is the only sort of observational point of truth in the entirety of IT. Everything else is sort of self-reported. Logs, endpoints, those are very valuable data sources but as an empirical source of truth, of evidence, the network wins. That assumes you can scale and that assumes you're fluent with the protocols that are traversing the network and you're able to actually handle the traffic in the first place. And so for us, just this week, we announced 100 gigs per second capable appliance which is an unprecedented amount of analytics from the network's perspective, so we're very proud about that. So what are you looking for? What are some of the tell-tale signs that you guys are sniffing for? Yeah, so generally we auto-classify and auto-discover all of the behaviors on the wire from the devices themselves to the services that those devices expose as well as the transactions that those devices exchange. And so from a context perspective, we're able to go far deeper than most anybody else in the space that we know of at least, far deeper and far more comprehensive sort of analysis as it relates to the network itself. And the context is really the key, right? What's accessing what, why, how? Does it consist of behavior? So that's really what you're looking for. A great example is like a user logging into a database that might be part of a cluster of databases and understanding what the user's behavior is with the database, which queries are being exchanged, what the database response is in the first place? Is it an error? Is it an access denied? And does this behavior look like a denial of service, for example? And we can do all of that in real time and we have a machine learning layer that sits over top and sort of does a lot of the analytics and the sort of insights preemptively, proactively on your behalf. And then it's only going to get crazier, right? With IoT and 5G, just putting that much more data, that many more devices, that much more information on the network. Yeah, so IoT in particular is interesting because IoT is challenging to instrument in traditional ways and so you really do have to fall back to the network at some point for your analysis and so that's where we're very, very strong in the IoT world, industrial controls, SCADA and beyond, healthcare, HL7, for example. So we're able to actually give you a level of insight that's really, really difficult to get otherwise. And we've been hearing a lot of the keynotes and stuff that those machines, those endpoints are often the easiest path in for the bad guys to come in on a security camera or whatever because they don't have all the same OS, they don't have all the ability to configure the protections that you would with, say, a laptop or a server. That's right, there's a surprising number of IoT devices out there that are running very, very old and vulnerable operating systems that are easy to exploit. All right, so Matt, I guess we're into Q2 already, hard to believe the year's passing by. What's priorities for 2018 for you and extra hop? So we've announced the first-class purpose-built security solution this year and really the plan is to continue the sort of momentum that we've accrued which is very encouraging, like the amount of interest that we've had. It's hard to keep up, frankly, which is fantastic. We want to continue to build on that, grow out the use cases, grow out the customer base and continue our success. All right, Matt, we'll keep an eye on the story and thanks for stopping by. Great, thank you, I appreciate it. All right, he's mad, I'm Jeff. You're watching the Q for Marseille Conference in San Francisco, thanks for watching.