 From around the globe, it's theCUBE, covering Google Cloud Next OnAir 20. Hello, and welcome to theCUBE's coverage, virtual coverage of Google Next OnAir. I'm John Furrier, host of theCUBE. We're here in Palo Alto, California for our remote interviews, part of our quarantine crew, getting all the stories that matter, Google Next OnAir continues event through the summer. We're calling it the summer of cloud. We've got two great guests here, Neil Potty, general manager and vice president of cloud security at Google Cloud and Orion Hindawi, co-founder and CEO of TANIUM. Gentlemen, thank you for coming on today. Appreciate it. Great event you guys have on the continue. I'll call it the summer of cloud. It's a lot of events that Google's having so that you guys on your team are doing a great job. But there's some hard news. You guys are announcing an expanded partnership together. So Neil, tell us what is the news today? Hey John, first of all, great to see you again. Love being on theCUBE anytime and it's my honor to actually share the stage this time around with Ryan and the TANIUM team. So essentially what we're announcing today is the fact that as most of you know, especially in the new normal with the distributed workforce and potentially it being the safer normal down the road, it presents an unprecedented opportunity I think in our opinion that we can use this to accelerate potentially safer posture that otherwise would have taken years to build into the enterprise ecosystem that we could now bring forward in potentially in the year 2020 or 2021. So the primary announcement is based on the fact that TANIUM's core enterprise offering and Google Cloud's Chronicle offering are coming together to build a full stack offering for endpoint detection and response. So that customers can have an end to end offering that's both powerful and easy to use all the way from the detection, response, remediation and analytics all built together into one seamless, easy to consume offering for the global enterprise and being delivered in such a way that it can take into account organizations of thousands of employees or hundreds of thousands of employees, all by the same cloud native solution. All right, talk about why you're excited about this deal. What's different about it? Obviously there's a relationship here. What's so exciting about this story? Yeah, I think, you know, Ryan should comment as well, but look, I think the key thing that we sort of partnered on initially was a customer driven, you know, technology centric integrations where, you know, we went deep from a Chronicle perspective to ensure native integration between TiniM's products to send signals out of the box as well as curated, enhanced and reached so that they could be actionable responses taken by, you know, TiniM's solutions as well on behalf of security analysts as part of our journey to kind of reinvent the sock of the future, right? And so essentially it's been a deliberate effort by both teams to not provide incremental integrations but something that offers a reimagined safety posture, especially that's enhanced, I would say, or amplified in a world where pretty much every employee is essentially a threat vector now, but otherwise it was not the case when they were working in a normal enterprise office. All right, what's your take on this? Obviously, what's different? Obviously new big news. Sure, yeah. I mean, if you look at why we decided that Google would have been the perfect partner for us, we have very large enterprises. We work with about 70 of the Fortune 100, the US DOD, a lot of these very large environments and many of them were coming to us and telling us two things. The first one was the amount of data that they were generating that they needed to be able to process and analyze and be able to find insight from was going exponentially up. And the second one was in the new kind of post COVID world, the amount of work from home risk that they were seeing and the kind of perfection they needed to achieve on finding threats quickly and neutralizing them was actually also going up. And so between those two things, we started really looking for a partner that we could accelerate with to provide our customers with true world-class data analytics, retention, being able to visualize that data and then being able to act on that data through Tainium and I think that the partnership that we've struck with Google and the work we've done with them to make this seamless for our customers to make it scale really well even for the largest managed networks is something we're really proud of. What's the history between Chronicle and Tainium? What's the, how far back does it go and how would you guys categorize this time and point in time in terms of evolution of that partnership? So maybe I'll take a stab, Sunil and then you can take one as well. You know, we've been working with Chronicle now for over a year and we've got customers who kind of pointed us in this direction, which is how we love to start partnerships. We had some customers who had a lot of faith that Google was going to be able to crack this nut and honestly, many of our customers had been really struggling with this with their current vendors at the time for years and we're really looking for Google because Google was the company that they saw as having the most credibility with massive, massive data sets. What we got surprised by actually was that there were a bunch of different legs of the stool that we could work with Google on. So not only data retention with Chronicle but things like Zero Trust, which I think many people know Google actually invented the concept of when we start thinking about thin client management. So we actually found that there's a really expansive partnership here and what we're doing with Chronicle I think is the first kind of instantiation of that. But we expect that over the next even years we've got a lot of room to run with Google to really secure and help our customers. Sunil, talk about the wave that you're riding on right now because obviously the reality is, I won't use the term new normal, but the new reality is COVID has forced everyone to look at basically an unexpected disruption that no one saw coming. Yeah, we can prepare for disasters and floods and hurricanes and whatnot, but this is unforeseen, everybody working at home. I mean, I can imagine all the VPN vendors freaking out, who even needs a VPN? So the access methods is everything. It's mobile, home, home is the new office. It's not just connect to an access point and or, my son's gaming, my daughter's watching Netflix. I'm trying to do some video conferencing and it's a mix of consumer business all happening. This is a complex environment now. What does this mean, this relation? How does this connect the dots? Can you expand on that? Yeah, I mean, I think I hinted on this a little bit at the beginning, John, is that we think, this is an unprecedented opportunity to help accelerate digital transformation that otherwise would have taken a few years for many enterprises to get to that can now be done intentionally in months and for some customers, maybe even in weeks. And some examples of that that we've seen are that look, if you just take Google as an company to Orion's point, look, we invested many years worth of technology and IP that now we're slowly bringing out in the form of beyond-corp product sets, but essentially of the fact that, look, we should treat every employee as if they were a remote worker. We don't trust the network. We basically break transit of properties, which was one of the foundational issues with security in the enterprise, where I trust a network and the network is trusted by a desktop. And then if you penetrate one, you can penetrate everything else in the chain. And so when COVID hit, we went from essentially pretty much, you know, 100,000 plus employees working in distributed headquarters, but within the Google environment to working from home within a week later, but retained the same sort of like, not productivity levels just, but actually the same safety levels that were much strong. And so in many cases, what we are now seeing that is that even though enterprises have come forward and said, look, yeah, we have some patchwork solutions just because this is a major change for us. Now that we are in it for not just three months or six months, but potentially a longer period of time, why not take the opportunity to re-platform our security environments so that we can actually be in a better state when we actually exit out of this environment, where we might actually never go back full-time, but it can actually be a hybrid environment. So that's part of the reason why I think we're so jazzed about the partnership is that these are two examples of products coming together to help re-platform at least one sets of traditional, if I can call it weak links in the security ecosystem that can now be sort of like re-platform. I was doing an interview actually last week and I was kind of riffing on this idea. This is one big IoT experiment. I mean, people are devices here. I mean, everyone's connected, but it's all remote. It's changed the patterns of work and traffic and all kinds of kind of paradigms, but this brings up the issue of, you know, the customer challenge. Everyone's going to look at their environment saying, look, we now know the benefit of cloud, it's clear, but I got to rethink the projects that are on the table and get rid of the ones that aren't going to be relevant to where the world has shifted. It's not even a question of digital trends. It's like, okay, what am I doubling down on and what am I going to eliminate from the picture? So I got to ask you guys, if you guys can comment, if I'm a customer, that's what's going through my head. I got to survive, reinvent the foundation and come out with a growth strategy with a workforce, workplace, workloads and workflows that are completely different. What's in it for me? What does this mean to me, this partnership? So how do you help me? What's in it for me? So I might take a stab at that. You know, I think that a lot of our customers, if we look at where they were at the beginning of the year, they'd been building on a pretty creaky foundation and just adding more and more layers to it. So, you know, in the security side, many of our customers have 20 or 30 or 50 different tools and many of them are there because they were there yesterday. They're not actually, if you were going to zero base budget the way you were going to do security, they wouldn't be the tools you'd choose. And the interesting thing about this whole work from home transition is it is effectively a zero base budget for security because a lot of the tools just basically don't work. So you think about a lot of the network tools and when everybody's working from home, you don't own the network. You think about a lot of even the endpoint tools that assumed that devices would be behind that network perimeter and now just don't work over the internet. And so when we look at our customers, they're realizing they have to re-platform their security model anyway. And what they're doing is they're now picking again. And what they get to do is they get to pick the platforms that they now trust in 2020 with the work from home environment as it is. And I think what it gives you as a customer is a huge simplification of your environment. I mean, we talk to people every day who were used to operating those 20 or 30, 50 tools and they were spending 90% of their energy just operating those tools, not actually improving security. And they were falling behind. And if you look at what they're able to do now they actually can go back to a starting point where they think about what is the real threat I'm facing? What are the real platforms I should be choosing today? And we're actually seeing huge increases in our customer kind of adoption of our platform because that resistance to change has been removed. People can't resist change. Any more change has come. And as a result of that they get to choose what they would like now. That's a huge point. I want to just double down on that and redirect and then we'll go to Neil in his commentary. But I think you just hit the nail on the head. We're seeing the same kind of commentary. You said it really eloquently. But the thing is is that, okay, let's just, if you believe what you just said, which I do, going to zero base budgeting decisions, fresh look at everything. The problem is people are looking at the decisions and comparing what the bells and whistles were from the tools. So how do you advise customers to rethink like, okay, if it's a fresh look, it's a fresh look. It's not like, okay, the way we did it before. So a lot of times when you're evaluating products, the group gets to go and say, does it have this bell or this whistle? Cause that's the way we did it before. So you got to kind of separate out this idea of you're going to go that direction. It's a full fresh look. So how are customers doing that? Cause that's really difficult. It's a super relevant question for today's world because I think you're absolutely right. If you talk to the person who operated the compliance tool in a big bank and you ask them what do you need from that tool? They very quickly get to things that if you just take the question, which is I need to do compliance for the bank. What do I need to do compliance effectively? And you look at the answer that they give you, which is I need this checkbox here. I need this button here. I need this kind of minutia that I'm used to to be consistent with what I've been used to for the last 10 years. Those two things are not the same. And what we've really been encouraging our customers to do is take a look back at your requirements. So you are processing credit cards. You need to be PCI regulated. You need to be able to answer to your vendors how many copies of their software you're using. You need to be able to find an attacker who's moving around your environment and do that as quickly as possible. And then let's build from there what capabilities you need. And let's forget about whether the color scheme of the logo at the top of the report is the same. Let's talk about the core capabilities. And it's a very freeing conversation actually because what a lot of people start realizing is they've been maintaining the status quo for reasons that actually have nothing to do with efficacy. They have to do with comfort. And the curse and the beauty of the last six months is no one's comfortable. So I don't care how comfortable you are with your tools. No one I know is comfortable today. And what it's giving us is an opportunity to look past the old school comfort and think about how do we transition to the future? And I think it's actually gonna galvanize a lot of positive change. You know, I was saying this before we went on air but I don't think anybody wished that COVID was the way that we would end up in a position where people have the appetite for change. But if there's a silver lining in the situation, that's it. And I really think that CIOs and CEOs and CFOs and CSOs and really across the board need to take advantage of the fact that there's a discontinuity here that allows us to throw out the old and bring in things that are much more effective. So Neil, that's a great tee-up for you because what he's saying, basically saying is if you don't focus on the check boxes because there was reasons why and they'll give you, there's a long list, probably RFPs in the same way. We check in the boxes. Okay, throw that out. And then you can, by the way, you can innovate on those check boxes differently but still achieve the same outcome, I get that. But for Google Cloud, you guys have a great network. It's well known in the industry, Google's got a phenomenal network hence powering Android and all the servers, we know that. With a Cloud player, this is a great opportunity for you guys to be a fresh candidate for this kind of change. How are you guys talking about this internally? Because this really is, the goalposts have been moved and in favor of who can deliver. I think as both of you have been talking about it, I think the way I will maybe color this is, when consumers got to a safer posture with the advent of iPhone, right? Even though it was much more productive, delightful and there's a bunch of other things, ultimately though, if anything, things became safer when you actually did computing on a phone just because it was an opinionated stack. Ultimately we believe whether you come to Cloud completely or you consume some stacks, the more opinionated they are, that's ultimately the only way to reduce these moving parts that expose us to security issues. And that principle is applied by the way in reliability too, right? I mean, you have to simplify stuff for things to actually work at six nines and so forth. The same things apply in security. So imagine a world where every employee now is sitting at home, maybe two years from now they come back, they work in the Starbucks, but they had a virtual Chromebook experience. Because a physical Chromebook, of course, it's our goal to kind of get that out there because on one hand we have the cloud which is a full stack opinionated offering but there's various elements of computing still dispersed in the environment. And you were talking about IoT, eventually we'll get there, but just look at the employee's laptop or productivity station and imagine the construct of a virtual Chromebook off. And that's an opinionated stack and that's essentially a variant of what the joint offering between the two companies is essentially sort of aspiring to is to provide that level of clarity and opinionation that actually genuinely solves for some foundational security issues. And in doing so, you now have, hey, essentially an opinionated stack close to the user, the enterprise user is an opinionated stack via mobile phones close to the consumer user and for all enterprises from a computing side, there's an opinionated stack whether it be Google or some of the other public apps, right? And ultimately I think the world will move into these few sets of these opinionated stacks at various points of control. And at least this particular partnership is around making the first step towards potentially one of those opinionated stacks a lot of virtual Chromebook like experience for the enterprise use. And I think this is the beginning of the wave of the reality that the edge of the network, whatever you want to call it and you see this with endpoint detection, right? I mean, everything's an endpoint now. I mean, I mean, I still think this is one big IoT device and everything's just moving around. So zero trust is a big part of it, Google Cloud and this relationship kind of brings that to the next level. How does that, how does zero trust and attenu mission intersect here? Because I mean, I'd see some obvious ones we just talked about, but what's the connection? Yeah, I think and we'll hopefully, you know, talk more about it later in the year as well as we kind of come up with more integrations. But at the high level, I think the way to think about this would be imagine that device as you were talking about having an ability to actually send a strong set of signals, not just for detection and response, but for actually enforcing, you know, authentication and authorization as well. Because ultimately identity needs to intersect with the current stack that we currently have between the two companies. And so when identity of the user, identity of the device, identity of, you know, the context in which, you know, someone actually allows a user to access an application. These are all net new things that need to be brought into the solution to kind of then provide both a, you know, not just a safe way to kind of provide an, you know, an endpoint detection and response kind of opinionist act, but to also essentially make that part of an Uber zero trust offering that a customer can consume to ensure that look, you know, ultimately look, it doesn't really matter whether the employees at home, they're using their own laptop, they're at Starbucks, they can come back to work, but ultimately they have this virtualized sort of security ring that protects and always constantly authorizes, authenticates and provides a bunch of this security operations capabilities behind us. So anyway, so the simple answer is, you know, once we intersect identity and a slew of beyond core capabilities into the current offering, that's how the next step towards a more formidable zero trust offering falls. Okay, Oryan, I'd love to get your thoughts, but if you both can answer this question, that'd be great, I'd love to get your thoughts, little gamification here. If you had to put the headline out on this news, not the one on the press release, that's like perfectly written. Like, I mean bumper sticker, what's the, what is the real meaning of this relationship in this news? If you had to put a headline out there, think Washington, think New York post style maybe, or, you know, something that can describe the news. I mean, I will admit, I'm not known for being good soundbites, so I'll give you the one sentence and you can help me pair it down, but I mean really what it is, is I think Tanium's got the highest fidelity endpoint visibility and control out there, and I think Google's got the best data storage analytics, retention, cross referencing we've ever seen. And when you combine those two things, it's incredibly powerful for our enterprise users, and we've already seen customers where it's been transformative. You can help me pair it down. That's fine, you know, point protection, solid. I think it's a much more descriptive nature, frankly, but I think my logical tagline that I just keep, you know, sort of like the soundbite that I keep referring to is, look, you know, the world needs a virtual Chromebook to really feel safe at an endpoint level. And this is sort of like the first instantiation of that core stack that can, you know, at least get enterprise to start on that, Jen. You know, I think you guys run something really big here, and one of my personal observations is, one is the complexity of the telemetry coming in. I can see how you would go in there and connecting the dots between Google's back end and your stuff coming together. You need to have that high powered energy from the resource, but also there's a human element. People are working at home, whether you're a teacher, they're getting, you're getting fished. They're spear fished, they're targeted social engineering, so as people come home and there's now multiple access points, there's more surface area. So every single endpoint needs to be protected. I think people are kind of in the normal world, the outside of the tech industry saying, oh, I get it now. We're not really protected. And this is not just sensor networks or, you know, OT technology, you know, OT, it's really humans. This is really where it's going, isn't it guys? I'll chime in, and then maybe around you should take it there. Look, I think we do have a foundational principle here which says, look, as demonstrated in a post COVID world, but your point, John, of whether it be IoT, just to distribute computing in general, continues to expand, we should just assume that the surface area for security issues only expands, right? And rather than trying to kind of do a whack-a-mole of the surface area, what if you could take a foundational approach that actually breaks the relationship between expanded surface area means expanded exposure to the test? And so essentially the same approach that we took with Zero Trust, which is, look, we just know we're going to get broken into. So just don't assume that your network is not safe, but still have a secure posture, right? How did that come to be? I think if you can just apply that more generally into this construct of a distributed enterprise, which says, look, your surface area is going to keep going, but let's break that correlation between surface area to that's by a more foundational construct that says, look, doesn't matter if you're, so today, as you said, this is your device, tomorrow it could be your son's laptop that you used to actually log into your network and so forth, but ultimately though, it doesn't matter who you are, where you're accessing it from, what device you're using or what network you're using or which location, the safety posture is still very strong. That's awesome. Yeah, I will just add, you're absolutely right. I mean, if you look at a customer I'm thinking about today, and I just heard this from their CIO a couple of days ago, but they have one and a half million things they're protecting today. They expect to have over 150 million in five years. And so you look at containerization, cloud, mobility, all the work from home stuff, it's just going to make this a more and more complex, highly variant problem. We need to expect that. And I think a lot of people are very frustrated that at the time that expansion is happening, the network essentially did become a control point you couldn't trust anymore. So the thesis that Google had around zero trust actually became our entire world for most enterprises. When you look at that, we do owe our customers quantum jumps in capability or they're just not going to catch up. And I think that the theoretical approach that we're taking here between Google and Taneum lets our customers take one of those quantum jumps where they're going to be seeing a lot more, they're going to be able to trust it a lot more. They're going to be able to allow devices to have access to things based on their current state and based on believing that we can extrapolate whether there's security on that device accurately. And that's something that I think a lot of customers have just never been able to do before. And frankly, I think it takes companies like this to pair up and really invest in joining their technologies to be able to get that fabric that will get our customers materially forward. And I'll just say one other thing. Many of our customers up to literally like three or four months ago were in a position where they were spending 60 or 70% of their security budgets on network. There's nowhere to spend that money today that's actually productive. It gives them the ability to refactor what they're doing and the obligation to do it. Because if they don't do it, I think is, I was describing with the amount of increased assets, the amount of complexity, the lack of network control. If they don't do it looking at the amount of threat our customers are facing today, they're going to be underwater really quickly. And so, I'm proud that we get to get together here and give them a big step forward. And I really, I think there's an obligation on our industry not to try and rewarm the same stuff we've been doing for the last 20 years and try and serve it to our customers again, but to really rethink the approach because it is a different world. So now you've been involved in a very, a lot of entrepreneurial ventures. You've been on these waves that were misunderstood and then became understood. This is what we're getting at here. And what he's saying is essentially new expectations. We're going to drive the experience and then ultimately drive the demand and people will either be out of business or in business. If you're a supplier, I'll give you the final word. You guys are in good position. I would say that, especially in security John, more so than maybe any other infrastructure space that I've been involved in. Most products have been built to solve problems with other products. And as Orion just briefly pointed out, I think this opportunity gives enterprises clarity and vendors clarity that, look, you really have to take a foundationally original approach to solve problems that can get customers to, if I can call it a stuff function change in their current safety posture. And so that's really the core essence of the partnership is to sort of rather than worrying about solving problems with other products and so forth, is to use this opportunity, like I said, to have an opinionated view to fundamentally change the security posture of the endpoint once and for all. Well gentlemen, congratulations on a great partnership, expanded partnership. Again, the world has changed. I love this fresh look. I think that's totally right on the money. New reality, we're here. Thanks for taking the time to remote in from Seattle and in the Bay Area. So it's great to see you again at Google Cloud. Thanks for coming in. Alright, nice to meet you and good luck with everything. Thank you. Thank you. Great to meet you. Okay, this is the Cube is coverage, Cube virtual coverage of Google on air next 2020. It's all virtual, virtualization has come in and don't trust the network. You know, you got to watch those end points here with Google and any great partnership news. I'm John Furrier, host of theCUBE. Thanks for watching.