 Live from Washington D.C., it's theCUBE, covering AWS Public Sector Summit 2018, brought to you by Amazon Web Services and its ecosystem partners. Hey, welcome back, everyone. We're live here in Washington D.C. for theCUBE's exclusive coverage of Amazon Web Services Public Sector Summit. I'm John Furrier, Stu Miniman. It's a huge show. It's like the reinvent for public sector, and it's really booming. We've got a CUBE alumnus on Josh Stella, C.O. Fugue and Peter O'Donoghue, Vice President of Application Services at Unisys. You guys back for the third time. We first interviewed you guys last year here, and then reinvent as well. Good to see you back. Thanks for joining us again. Thanks, sir. Thanks for having us back on. It's great. I love to connect the dots. It's almost like the trajectory. And we were talking yesterday about cloud and how Amazon and other cloud players and Stu brought up a term called having the experience. And then we were talking about diseconomies with scale. And this is really where you're starting to, people who have done it over time, have got the requisite experience, scar tissue and learnings. Some jump to try to deliver everything at once. You guys have been together for a while, working together. What's the update on the trajectory as you guys go cloud first? What's the status? What's going on? You guys made an announcement this week, right, Stu? Yeah, yeah. So, yeah, we at Unisys are super, super excited to announce our new cloud offering called Cloud Forte. And your point about like taking the lessons from experience and really embedding those into a capability. And that's really what Cloud Forte's about. I think, you know, at a very high level, Cloud Forte has got two major kind of sets of capabilities. One is like subscription services which is around, you know, management and governance of AWS. And actually we've designed it to solve like really tricky problems that our public sector and frankly our commercial clients are really struggling with. And the second set of services are really professional services that allow for and they facilitate and catalyze adoption at scale. And actually they go, you know, head on addressing some of the trickiest problems in that space as well. Well, take a minute to explain what does the product do? What's the value proposition of this new service? Okay. Well, at the management of governance here, let me tell you what the problem is that it solves. I can go into all the minutiae but I think we could be here a while, right? It solves some big problems. Problem one that it solves is, is, you know, commercially, public sector and actually federal-wise, organizations have a tough time managing the finances of AWS Cloud consumption. Actually having the transparency and visibility and being able to, you know, comply with the Anti-Deficiency Act, being able to manage funding and also being able to tie it back to contracts and contract line-outers. Sounds trivial enough, but it's really a thorn in the side of a lot of folks really trying to adopt Cloud. And I would say the second element is, is what we're calling our command bundle. And the command bundle really kind of, it deliberately kind of solves the, it fills the gap of the shared responsibility model. I think we all probably are deeply aware of what that means, but that's really kind of the air gap, if you will, between what AWS, it supports out of the box and frankly what customers need to support. So things like, classic things like service catalog management, you know, patch management, backup and recovery, IT operations, incident management, asset management, all those things, we've built and we've constructed basically, you know, a flexible framework, a lightweight framework that allows folks to do, to go fast, but also, you know, has that enterprise level of governance that people expect to see from the cloud. And one of the key elements of our command bundle is what Josh's organization provides, is the few policy engine. So we find that in order to provide cloud, it's really important to be able to have those guardrails, to provide basically a nanny like supervisor to make sure that, that what's deployed is compliant and actually what's deployed and what's running in production actually stays compliant with security policy. So that's really what command is all about. Josh, talk about what's under the hood. We've had a lot of conversations around policy and automation. Okay, it's third year in our conversations. What's going on under the hood? What's happening with the things that you guys are doing with Unisys? Yeah, so when we last talked, they hadn't announced this yet so we couldn't quite explain what we were working on together. But we're working with Unisys and other organizations to provide that full automation of the entire infrastructure layer. And it's just, it's fire and forget infrastructure on cloud. And so one of the things we're seeing consistently is people are really starting to struggle. The market's really maturing around the need to fully automate remediation of problems, detection and remediation, where the old model of, you know, use a monitoring solution, throws a ticket over the wall, search through the pilot tickets. You might have hours, days, weeks where you're exposed and your data leaks and Fugue fixes that in under a minute. So that's what we've been working on together. And we love the partnership because Unisys has the experience and the engagement and the federal side of the market and Fugue is baked in to just provide all that goodness. What's the impact of that? Because you compared kind of the old way to the new way that you guys are doing. Just kind of give some, you know, categorical or anecdotal color behind what the impact is from that. What's it do? Saves people's lives, I mean, saves time, money. What's the impact? Well, yeah, I'll tell you the impact and I'll describe a use case. So we're working with another customer and they came to us and said, in our hosted environments on AWS, we have over 500 events a day where configuration has drifted. And every one of those, we have to investigate, we have to come up with a plan, then we have to execute the plan, then we have to write a report on how it will never happen again, 500 a day. So with Fugue, every one of those just is automatically fixed and reported within about 30 seconds to a minute. So the impact of this is a team of three completely overwhelmed folks who were looking to hire 10 people to try to, as their cloud presence grew, they just had to staff a larger and larger cloud services desk. Actually, the three people they have are now on to doing other work because it's just automated. Yeah, so Peter, help connect the dots for your customers on the federal side because we know there's been pushback customers sometimes, oh, automation management sounds great, but oh, wait, on the government side, I've got regulations, I've got processes, I've got hurdles that we might need to do. So how do we get beyond those? Well, I think that's a great question, right? I would say that as you, so as I was talking about the Cloud 4T offerings set, there's a set of offerings in the professional services domain too. We actually have our Accelerate Bundle, right? And actually, one of the things that we really believe is important as folks adopt cloud is, in order to leverage cloud most effectively, you really need a mind shift, right? So we have like two of the legs of our offerings are around the org change management and kind of making that major transformation for human capital. And actually what really good looks like is, is folks who actually think cloud natively, right? So we find the most successful clients are folks who've kind of made that leap, right? The other kind of dimension is, is around process and process change. And we see, you know, we see ITIL has been super effective and has been kind of a stalwart of enterprise IT for a long time. But we see that as folks move to the cloud. And one of the strong recommendations we make and we have process offerings is, is how do we renew my management governance processes to actually embrace more DevOps thinking, and to embrace more everything as co-thinking, including policy? Because what we find is, as I think you're hinting at, right, is as folks move to the cloud, you can kind of have like almost a Goldilocks scenario, right? Where like on one hand, I've taken the really heavy way processes and tools from my data center and am I thinking? And I've got now kind of a Porsche 911, but I've put donut wheels on it and I can't move very quickly and I'm kind of frustrated with it, right? At the other extreme, I've got like the SharePoint era of 2005, 2006, where it is the wild west, it's pandemonium and God only knows what's going on out there right there. So what we're trying to do is, is really looking for effective enterprise and having transparent governance, making sure that the great lessons learned of before are there, but we have like a lightweight, extensible framework, and we have the nanny guard rails on it so that we can understand where there's policy drift. And the beauty of this is, the APIs give us and the APIs take it away. You know, the APIs are why we can go so fast, but it's also why it's really easy to hurt yourself. That's what Fugue is there for. We let you go just as fast and we can show that all those processes, like in ITIL having a CMDB, that's a side effect of running Fugue. You can query Fugue and you've got your configuration data. You make them go fast, I get that. How do you protect from breaking? What's the other half? Yeah, sure. So the Fugue approach and Eunice is doing some other things on top of this, but the Fugue approach is, you cannot deploy something unless it is both correct and meets policy and compliance. So... Guard rails you're talking about. That's the guard rails. And unlike anything else, Fugue tells you exactly how you got it wrong, why and how to fix it. So it's not just a big no at the end of the process. It's, hey, on line 47, you're not allowed to have unencrypted volumes, so change that. Then once the infrastructure is provisioned, that must be correct upfront. Once it's provisioned, Fugue will never let it drift again. So again, within 30 seconds to a minute, we've seen anything that's changed. We fixed it. And what that means is... Intelligence. It is. You're bringing intelligence to it. You should fix it. And again, this is why I love the automation of the whole cloud thing. You know, the non-believers don't understand the value of this. I call them the cloud non-believers because this is just game-changing. You mentioned the point about the efficiency of people not having to bulk up manual labor to lock down and just opens up so many security holes. Peter, got to ask you, I put you on the spot here, what's it like now working with Fugue? You guys done a lot of work together. What's the outcomes? Tell us about the experience and what is about their solution that really helps you out? Okay, sure. Well, I mean, I think the most obvious response there is the fact that we've baked it in, it's part of the solution. It's one of the core tenets and components within our command bundle. That of itself is a major part of our strategy. While we're finding our customers, we do find clients actually kind of range in where they are in terms of their cloud adoption. And we're also finding with our Cloud Forte bundle, folks actually will adopt different parts of it at different time. But actually we do find clients are very interested. Actually, I think our best clients are folks who actually have been playing with CI CD and they've been playing with Cloud, but they've actually kind of, they started to see that the sprawl effect is actually starting to happen. And they're looking to have speed, but also security at the same time. And we find that the integration of Fugue and that kind of the insane Cloud native thinking and this ability to speak AWS natively as a native language is really important differentiator when we bring a joint solution to our client. I mean the scale pieces, Creed. Josh, I want to give you the final word on your business. Give us the update on your business. What's going on? What's the value, probably shouldn't look like now. Obviously automation we're believers, we just kind of talked about that. But where's it go next? What's up with Fugue? Sure, so it's up for Fugue, all kinds of things over the next quarter or two that we'll be releasing that I can't quite talk about yet or my product lead will kill me. But one of the things we've put a ton of work into is around pre-building libraries of policy for our customers. So NIS 800-53 for federal, we've implemented a lot of that as policy now. PCI, HIPAA, all kinds of standards so that when they purchase Fugue, they just get these out of the box. And it's amazing to watch somebody who's been on cloud for a little while bring up the Fugue composer or visualization engine, go discover all their infrastructure and then do import HIPAA and find all the little red dots of where they actually have been running wrong, fix it all in less than an hour and then not worry about it again. So we're doing a lot of business in federal, we're doing a lot of business with partners, and we're also doing a lot of business in commercial now, mostly on the larger enterprise side. The value prop is really around that controlling sprawl over time and automated remediation. There's lots of kinds of automation that are partial unless the system, like Fugue does, can fix everything. If there are any gaps in that, you're back to manual world. So it's a kind of binary scenario. So yeah. Kind of never give it up unless you can fully let go of it. That's right, that's right. Awesome, well congratulations on the project. You want to add? Yeah, can I pull a string on that though? I mean, I think this is another great concrete example of why we like working with Fugue is, is part of our business obviously is, I mean, I would say one of the major blockers getting folks to the cloud is, it's what do we do with ATOs that folks already have and how do I bring those security creditations into the cloud? So if you think of where I think the industry is going to go next is automation frameworks that allow me to quickly figure out what I inherit, what controls are our balance I need to address as I move to the cloud. But the fact that Fugue is looking at natively kind of having as a primary citizen of their policies, this idea of those NIST controls, that's going to help provide the transparency and visibility. So that's actually going to be a key part of being able to shorten the time to get to it. Well, that certainly accelerates the discovery piece. Then you kind of understand what you have first and then you attack it with automation and everything seems more efficient. That's the goal, right? Yeah, so this is why the true believer there's concrete reality there, which is I can demonstrate it, but I can demonstrate in real time that I'm complying all the time. I mean, we've never really had that before, right? Yeah, it's awesome. Not to this extent. Yeah, I mean, again, this wave is coming. Again, love the commentary. Again, public sector is very interesting. It's just being disrupted heavily and a highly accelerated rate. You guys doing a great job. Good to see you, Josh. Peter, great to see you. Cube Coverage here in Washington, D.C., bringing all the action, extracting the seeds from the noise. I'm John Furrier, Stu Miniman. Stay with us. We'll be right back with more after this short break.