 Well, welcome to this CUBE Conversation. I'm John Furrier, your host of theCUBE here in our Palo Alto studio. We've got a great conversation with the CEO of LaceWork, David Hatfield, who's on theCUBE remote. David, great to see you guys, a security platform at LaceWork. You're at the helm of CEO. Welcome to the CUBE Conversation. Thank you, John. Great to see you. Congrats to you and the team and all the success. I think what you guys are doing is really important. So happy to be part of it. Great to have you in the community and you know you guys doing great work. I know about LaceWork. I've done some due diligence on you guys to love your business model, but for the folks who don't know what you guys do, take a minute to explain who is LaceWork? What do you guys do? What's your positioning and what's your focus? Yeah, well, we're a modern data security platform for the cloud, you know? And so I think data science meets cloud security, you know, ultimately the company's been around since 2015. We received one of the largest financing rounds that we're aware of I think in history and security business, $525 million in January, led by Sutter Hill Ventures, which many people may know about. They founded Pure Storage with the notion that, you know, we're going to go fundamentally change and revamp the ownership model for a high-speed data storage using Flash versus using spending disk drives. I spent eight years with that company. Love what we built there. Mike Spicer and Sutter invested in a company called Snowflake Computing. And I think you're very aware of what Snowflake does, which is bringing data warehousing into the cloud. And the third big investment that Sutter Hill made is really to help disrupt security and that's in LaceWork. So north of a billion dollar valuation, you know, 300% year-over-year growth and have a ton of momentum. So at the core of what we do, you know, it's really trying to merge. And we look at security as a data problem, security and compliance to the data problem. And when you apply that to the cloud, it's a massive data problem. You know, you literally have trillions of data points, you know, across shared infrastructure that you need to be able to ingest and capture. And then you need to be able to process efficiently and provide context back to the end user. And so we approached it very differently than how legacy approaches have been in place, you know, largely rules-based engines that are written to be able to try and stop the bad guys. And they miss a lot of things. And so our data-driven approach that we've patented is called Polygraph. It's a security architecture and there are three primary benefits. It does a lot of things. But the three things that we think are most profound, our first is it eliminates the need for, you know, dozens of point solutions. I was shocked when I, you know, kind of learned about security. I was at Symantec back in the day and just to see how fragmented this market is. It's one of the biggest markets in tech. $124 billion an annual spend, growing at $300 billion in the next three years. And it's massively fragmented in the average number of point solutions that customers have to deal with is dozens, like literally 75 is the average number. And so we wanted to take a platform approach to solve this problem where the larger the attack service that you put in the more data that you put into our machine learning algorithms, the smarter it gets and the higher the efficacy. So eliminating point solutions is value proposition one. Point two is that we have to be 10x better than everybody else in the business. Otherwise, emerging companies don't get a breakout and become long enduring companies. And so there's a number of different dimensions. The first dimension that I think is probably the most important is efficacy, you know, in anomaly detection or in, you know, threat detection where you're trying to identify what risks we have in the business. It's generally a very noisy activity. And so rules-based approaches on average will produce a hundred alerts to R1 or two. So the signal to noise ratio is a massive 100x, but call it 10x reduction. And so we're actually delivering the needle versus the haystack for security administrators and developers to actually solve the problem. So it's 10x higher efficacy. It's 10x faster to be able to resolve the problems. And obviously the ROI is a no-brainer because you're eliminating all these point solutions and having to manage it. And the third and probably the thing that I'm most excited about what we're doing and what our customers are already realizing is that we're transforming security and compliance teams from kind of compliance into business enablers. You know, when you automate all of these processes and you build it into the CICD platforms for the developers, you actually enable the developers to write code to differentiate their business, to create new customer experiences, to get competitive advantage and drive revenue for their businesses. And that's not what security has done up at this point. I mean, oftentimes though the ones, we're the ones having to say no, or slow down or it's too risky, et cetera. But when you automate that and you increase the efficacy, you can enable the developers to do their thing. And it allows the CISOs and allows the security professionals to up-level their responsibility into selling and driving revenue. And that is increasingly going to become more and more important for supply chains and partners of these cloud-native businesses of how secure am I working with you, et cetera. And so we think that that transformation of the role of security is going to be as meaningful as the technology that we're providing to the business. So we're super excited about it. I'm Matt Cattell. You have so much going on, the investment team. Sotter Hill, you mentioned big-time players. You, SuccessTracker, just saw them written up in the Wall Street Journal as one of the best venture capital firms from Returns just so the bets are all coming home. But their bet strategy is simple, disrupting the market that's growing and changing. Pure storage, you mentioned, company you worked for, people were saying, oh, they'll never get escape velocity. They disrupted an existing, boring storage market, changed the game there. Security, right for change. A lot of tools, a lot of people have buying tools off the shelf, and everyone fighting for the platform, that seems to be the compensation. So I have to ask you, you guys want to be that platform, you are that platform. What's different in this platform where everyone's trying to be a security platform? What makes you different? Yeah, so I mean, I think the platform wars are clearly upon us. I think what's different about our approach is that we were built on the cloud for the cloud. So we're a cloud native business that runs our business on AWS. And everything that we do, we don't have hardware. We don't own data centers. We don't have any of the legacy elements that are there. We use software run on the cloud to enable this. So that's point number one. Point number two is we did the hard work of mapping the data elements that are out there and ingesting them in and then have this polygraph, behavioral anomaly detection, that can be applied to today. It's being applied to vulnerability and discovery management containers and Kubernetes. But over time, we believe it extends very naturally to a larger part of the attack server. So we don't have to rewrite the data engine to develop solutions across broader attack services. We already have that. So I think our time to develop and innovate will be profound. And I think the third thing that we're seeing companies do and largely the legacy bigger companies is that they're just acquiring their way there. And it's very, very difficult to acquire eight to 10 to 20 to 30 companies, 30 different CTOs, 30 different code bases and try and integrate them to provide a delightful customer experience. And the parallels in the storage business are pretty similar actually. Dell bought EMC, EMC about a hundred companies. And we went after a platform approach to be able to go attack them with a unified file system and a unified customer experience. That was native for the media that we're working with. We're doing the same playbook here, which is you have to have the hard work of the foundation elements in place to be cloud native to deliver great outcomes, great efficacy and a really great customer experience. So when we get head to head with any of these point coming out and trying to solve something for containers or Kubernetes or just vulnerability discovery management, et cetera, or we're competing with the legacy companies that have a hodgepodge of acquisitions that they're trying to pull together, we went north of 95% of the time. Our POC win rates are phenomenal better than anything I've ever seen. We had some pretty good ones appear too. And the product and the experience and the efficacy kind of stand on their own once we're in those fights. So part of why we enjoy working with AWS and are really focused on building the partnership together is that it creates awareness of what could be and what possibilities all we want is a shot and our approach is such that you can be up and running in minutes and every single one of our customers does a POC. So we'll stand behind our technology as our real differentiator compared to anybody else that's out there. Great, you guys had great traction going on with the company. Certainly saw the investment news that you mentioned earlier at the top. Why did you come on as CEO and when did you come on and join the team? And what was the reason? What attracted you to join as the CEO of Laceworth? Well, I've been involved in the company for since the beginning, actually. I invested in the early rounds, participated on the board and I've always bought into the thesis that security is fundamentally a data problem. And if we can get the data problem and the data processing right, you can fundamentally change the industry but you need to have a major inflection and that inflection is people moving to the cloud. And we all seen it during the pandemic, things are accelerating AWS just at their earnings yesterday. I think they increased their top line guidance from 46 billion to 56 billion this year. I mean, it's a machine that is continuing to move forward. They have 30% market share, Azure's investing at 20% GCP still investing. People are moving their businesses online aggressively and as they shift to the cloud, the rules-based approach just doesn't work. It doesn't scale. And so a new approach needs to be done. And so by being cloud native and best agreed and solving the thorny problem of this data processing problem first, it gives us an opportunity to use that to then extend and build a business at an enduring level over the next 10 to 20 years. That's Sutter's model. That's their playbook. They don't invest in 400 companies and kind of spray and pray, which is what most venture funds do. And I love them. They're great. We appreciate the investment in tech but Sutter's focus is find a really big market, find a catalyst for change in our case, it's moving to the cloud and then build a modern approach. That is 10x better in every dimension and that attracted to me. It's one of the biggest markets in tech and it's one of the most important things that we can do as a digital business is to ensure that we're secure and we're safe and the threats are becoming much more skilled, much more deliberate, much better funded. And so the importance for us to ensure that company security posture is really tight is increasingly critical. So the combination of those factors and then as I dove back into it and talked to a bunch of customers and talked to partners and seeing the outcomes and the enthusiasm that they had and the team is phenomenal and so talking to them and I just kind of got energized by the opportunity to go build a really important company that really delivers great outcomes. So I'm having a ball, great to be back into it. Yeah, it's great to have leadership that has experienced that you have and go the next level because this is a classic next level when you talk about Amazon's earnings and cloud scale and hybrid and edge right around the corner at scale as well. So you started to see that transformation really hit the tipping point which is changing the landscape on the developer side which I think is super valuable and I think you hit that. You mentioned core problem, you guys look at that through the lens of data problem. How does this trend of everything going hybrid and soon to be edge, core to edge impact your business of tailwind? How do you see you capturing that next level of scale from a business perspective for at least work? Well, I think that the trend from core to edge, hybrid and ultimately cloud 100% we've started with the cloud native businesses. We've been focusing on those companies that are already there. And so now we just had finished a phenomenal record-breaking Q1 and multiple seven-figure deals with very complex global environments where they do have a hybrid environment and they are leveraging the edge and we're perfect for that. I mean, as you think about what we deliver in its most simplistic context, we're effectively delivering a security solution from container to control plane. We want to be able to have a granular understanding and operate at this trillions of data points coming in and those can be collected in the core, they can be collected on-prem, they can be collected in the cloud. Ultimately, they need to be collected and then contextualized. And so, and this is where our behavioral polygraph technology transitions data into information that's useful via the polygraph. And so we think that the complexity that's added with environments that are high-ridden, environments that are leveraging the edge, environments that are leveraging the cloud native all need to control plane to run across that to deliver efficacy for customers. And we work with, AWS has their own security tools, Azure has some security tools, GCP has security tools, but ultimately our challenge and opportunity is to be best of breed, to deliver incremental value on top of that and then horizontal value across it. So customers have choice, but they know that their security posture is secure. And so we see it as a talent for our businesses we go forward. I always said, the companies that have the horizontal scalability with cloud and then have that vertical AI kind of vibe where you can get in the context of the data as it went at all. And I think that you guys have a great solution potentially there. I want to get more information up. If you don't mind double clicking on that with me. This is kind of a different take on cloud security because you got the scalability which gives you the observation space. And then you got to get the context to get the right patterns or whatever magic you guys have in the secret sauce. But you're doing that on top of massive exponential velocity. Yeah. Where is that secret sauce? Is it in the compute? Is it in the software? What's different about what you guys have in security? Give us a- It's all in the software. Ultimately, it's the intelligence of how you capture it. How you ingest it, how you process it. But then ultimately how you contextualize it and then how you apply it to different problems. And so the attack surface area and security is a very broad. That's why there's so many point solutions that are out there. And so the breadth of solutions, we just want to continue to add solutions and capabilities on top of this polygraph security architecture that allows for the same kind of simple experience, the same kind of 10X value proposition, but wider. And so we can eliminate more and more of those point solutions. So our thinking on it is that, we can participate once we have a customer. The land and expand motion of what we have. We want to make it really, really frictionless for customers to try our technology. And so that's why we do POCs. That's why it only takes a couple of minutes. And you can do it for just Kubernetes or just containers or just vulnerability discovery imagine like wherever your specific pain point is, we want to help identify what that is. You know, give you a chance to try it. And then once we prove ourselves, it's very easy to extend that across the board. So we get natural growth and velocity from people moving the cloud and just more usage of compute and storage and sort of, et cetera, but breadth of actually the security or posture or a tax service that they have as well. So I think we have the opportunity to benefit from both the depth and the breadth, but the value that we're delivering is ultimately the software that we're running on top of the infrastructure. And you mentioned observability, there's a number of companies that are leveraging the data and insights collected in different ways to converge security and observability over time. And, you know, we see that, you know, that ultimately there's a very, very big security company that needs to be built that really is best agreed. But the data and the insights that we're providing to our primary customer, which is really DevOps. I mean, it's really the development communities and the builders or who we're changing security for and enabling in addition to the security teams, you know, we think that we're going to continue to drive software that adds value on that data set and it can be applied to multiple problems in the future. So today, security is a massive market, we're going to focus there, but it does extend pretty naturally into other markets. It's a hot market, security, everyone needs to have the latest in grace and also has to be effective. I got to ask you specifically around startup transition to a rapidly growing company to now you're going to the next level where you're starting to having to get into some serious, big complex enterprise, go to market sales, motions. So what's in it for the customer? What's the pain point? What's the customer orientation? What are you marketing into as a solution? Is it the developer? Is it the CISO? Is it the CXO? What's in it for the enterprise? Why lace work? Why are they engaging as record numbers? What's in it for them? What's the, if I'm the customer, what's in it for me? Ultimately, efficacy, which is your security postures, it goes up significantly, simplicity, which makes it easier for you to do your other jobs. And I have to look for those needles in a haystack and ROI, which is just compelling and much more efficient than what you're doing today. So that's a pretty universal value proposition. It applies to cloud native businesses that are high growth. It applies to government agencies. It applies to large, complex enterprises. We have a wonderful kind of go-to-market motion right now. I think Andy Byron and the team that have been here have really done a wonderful job of really making the customer buying experience and the journey really efficient, and help them quantify the impact and the risk and then deliver value. And I think that applies in sort of the commercial and mid-market and cloud native space. And like I mentioned, we had a number of deals in the quarter that were seven-figure deals in very complex organizations with massive demands. And it ultimately selling as a team sport. And so having the process and the rigor that's there, fine-tuning that to make sure you have the people and the partnerships that deliver solutions in the way that customers want to buy them. And then ultimately deliver a value proposition that is just unquestionably better. And I think we have all of those elements. We'll be entering the large enterprise very aggressively in the quarters to come. That's where I've come from, running multi-tool, kind of go to market engines where you've got mid-market, commercial enterprise, large enterprise government across all geographies is really fun to expand. And we're hiring as fast as we can maintain quality. And so we're out of that startup phase now and entering into real scale. And I think that in the AWS marketplace, I think we're the number one startup vendor if I got my facts right for private offers. We're one of the top security players and top 50 ISPs in the marketplace overall. And so in order for us to get the motion, we need to make sure that we're delivering our value in the context of how companies want to buy it. And people want to use AWS credits to apply to their solutions. And so it's really important for us to make that frictionless buying experience occur. And so we're excited about it. I think we've got a really nice start and it's the fun part of building companies, which is how do you tune things to make sure you're making it really, really easy for the market to absorb your technology. And then once you're there, delight the hell out of them and just make sure that they're excited and our net retention rates are the best I've seen in the marketplace. Our net promoter scores are on the high 50s, low 60s, which is fantastic in this space. I think it's best in class by an order of magnitude. Some players, big sum players that are out there, have a customer in net promoter score of four. That means 96% of the people are 96 votes. It says they wouldn't recommend this solution to their peers. So at peer, we got this at scale. So from 70 to in the low 80s, I think we have the opportunity to do the same thing here. So combination of tailoring the motion that we have, making it really easy for the buyer to buy what they want, with whom they want, from whom they want. And then just spreading a value proposition that is a no brainer is, I think, the secret recipe. It's anything, it's interesting. You're so much experienced in the enterprise and tech with cloud native, you're basically laying out the success formula, which is if you have a value proposition, you should be able to get it in quickly. You don't need to top down, win everything. You can have a value proposition that can be enabled for usage and then grow rapidly when it's successful. That's cloud, that's the cloud business model. So it's not so much about organic versus this. It's really what the preferred motion is. It's speed. And I think developers in particular, it's why the cloud happened, right? IT wasn't delivering services in the speed and the advocacy that the developers wanted. And so in order to appeal to the developer community, you need to deliver something that's frictionless and easy and fits into JIRA and fits into their workflow processes and speaks their language. And so we built our platform and our solutions for builders because that's where the money is. That's where the pain point is and that's, and they want to build secure code. They just don't want to be told no. And so we want to automate that process and make code secure and do that in the build phase and then do it in the runtime. And then across the CI CD pipeline, we want to continuously be adding value across that. And the developers, candidly, went pure about the solution many years ago and I introduced him to the company. It was the general manager of our software business unit that bought it, not the security team. And I think that's a trend that is continuing that we're going to focus on. Well, a lot of people realize that security and compliance and automation kind of all go together where you don't want to disrupt developers to kind of engineer something just to do an integration, for instance. So there's a real business model impact that you're hitting on here that's not just a technical solution. It's really how the business is operating. And I think that to me is super interesting use case. What's your reaction to that? Do you see this as a success? No, that's that third part that I was talking about, which is that's most exciting is that people are calling shift left, right? So moving security into the development pipeline as it's happening and integrating security architects as value added into the development organizations themselves and leveraging automated machine learning tools like ours to be able to simplify and automate the process versus slowing it down. So we think that shift left is super exciting and will continue. And we actually think we're the leaders in that space. I want to continue to be the leaders in that space. Congratulations, great insight. Awesome to have you on and to hear from your experience and also the great venture that you're scaling up and to the next level, lacework. David, thanks for coming on. I'll give you the last minute to close us out. Give us a quick plug for the company, vitals, what you're working on now, what you're looking for, you're obviously hiring. Give a quick plug for lacework, what are you working on? So number one, we live our partnership with AWS and so we're going to continue to invest there. Two, the business is growing north of 300% year over year. That means that we've got record-baking growth and lots of hiring. So we're hiring across all functions. And three, give us an opportunity. And I think that you can fundamentally, we want to be the bar in which you define all other security companies, all other technology companies. So it's a high bar. We want to make it frictionless to try. Give us a shot. Give us some feedback. And I'm grateful and privileged to be part of this wonderful team. So look forward to spending more time with you, John, in the future. Man, looking forward to a lot to talk about. David Hadfield, CEO of Lacework, great company, scaling up again, another success story in cloud, cloud native as COVID comes to a close, if you will, from this phase and people get back to real life. The scale of cloud is going to be leading it and new technology is going to be powering it. This is theCUBE Conversation. I'm John Furrier. Thanks for watching.