 from Las Vegas. It's theCUBE, covering AWS re-invent 2018. Brought to you by Amazon Web Services, Intel, and their ecosystem partners. Well, welcome back here at the Sands Expos. We continue our coverage here on theCUBE of AWS re-invent. We said about 40,000 attendees this week. We're just off the show floor. It has been jam-packed with a lot of energy. All day today, Justin Warren and John Walls were joined out by Rameen Sayar, who was the president and CEO of Sumo Logic. Rameen, how are you doing? Good, thanks for having me back today. You bet. Oh, it's good to have you back on theCUBE. You've made some news, had an announcement yesterday that kind of takes your AWS linkage or partnership to a new level. Tell us a little bit about that. Yeah, so in short, you know, we've been partnering with Amazon for well over eight years. We've been born and bred in the cloud as a multi-tenant service. And over the years, we've been working on a variety of ways to improve some operational best practices, not just innovations and product. And that's led us to really push Amazon to do more in security. Because security, posture, practices, understanding in the cloud world is fundamentally different than that on-prem in the traditional world. So one of the key points of the announcement was some efforts that we're continuing with Amazon around security and bringing cloud-first security posture, best practices as well as integrations of things that we've already announced as well as some things that may hypothetically be even announced tomorrow. Okay, so tell us about that discussion, all right? You say it's been going on for some time. The need to bring a higher level of awareness or concern, however you want to word it, to security in the public cloud. I mean, how's that evolved? And then where's that going to go? Well, I guess there's two ways of looking at it. You know, one is it's really centered on the fact that there's a big movement right now for the lift and shift of workloads to the cloud. And you can't bring along all the baggage that's associated with these workloads because you're modernizing these applications. And fundamentally it requires different ways of instrumenting, collecting, analyzing. And last but definitely not least, the tsunami of data that's being generated because of these distributed applications, you can't take the old way of writing rules to presuppose events and security issues in this new world. So we've been pushing Amazon really, really hard to build practices. So competency was one of the things we first started with them, right? And that competency led us to understand that it's not just about guard duty, it's not just about some simple best practices, but how we bring the broader community together. So we're taking this on the road with them, bringing MSPs or managed service providers as well as managed security service providers together and building this integrated practice to them and with them so that they can take it out as a channel. Right, so what are you expecting people to get out of this? You've run this, this road show, when you've taken the show on the road and you've got all of these MSPs to sign up to this way of doing things, where do you see them taking from where they are today and where they will end up at the end of this? Yeah, so simply put managed service providers or managed security service providers are one vehicle. A lot of this is actually teaching the practitioners in terms of CISOs, security operations and security analysts, like what should you consider and what should you use in the cloud? So it's not just about VPC flow logs, it's not just about AWS Config or GuardDuty but the combination of what the Amazon does or AWS does at the infrastructure level coupled with what Sumo does at the security analytics level is what delivers that best-in-class cloud service for security. And so it's educating them on that first. Second piece is really pushing that responsibility not just to the security operations or security analyst team but upstream into the development teams. And so that's part of this whole notion that Sumo's been aggressively pushing called DevSecOps. It's a responsibility, everyone in the organization, not just the people downstream that get to hangover when a breach happens, right? It feels like we've been talking about that idea of embedding security into security is everyone's issue and that we need to move it upstream and shift it left is that a lot of people like to say. So where do you think we are on that journey? It's like we've been talking about it for a little while. It feels like we're still actually right at the beginning of that kind of movement. So it's funny you said that because we were thinking about this before this event and categorically we see in born in the cloud types of companies, they have a security first principle in mind already. And so naturally as they just look at as another data source that they have to manage not as a burden. And so that's a difference with traditional security companies and enterprise who feel like, oh great, my developers are going over there and now it's a burden for me to manage that. So I think from a born in the bread cloud perspective, adoption is super high. The ones that are doing the lift and shift now we're trying to get the CISOs to be the champions. So we enter a lot of times there versus just the DevOps students. And so as a result that's helping us educate the CISOs to take it down to the SOC or the analysts so they can understand what should I even use with Amazon and how does Sumo support that? Yeah. So it sounds like a lot of these more traditional companies are doing it in the same way that the cloud has changed the way the developers actually write code and use infrastructure. It sounds like the security practices that have been bought in the cloud are actually starting to make their way back up almost upstream, if you will, into these more traditional companies and they're cloudifying the way that they run things which is an interesting parallel to what we're seeing with the infrastructure where it's becoming more hybrid. So we're kind of getting this hybrid security model of the old way of doing things and a cloud way of doing things. Yeah. And I think the interesting piece of that is it's profoundly changing the operating model, right? Historically, all these teams have been siloed. They use their siloed tools for security over here, for monitoring over there, for troubleshooting over here, right? For build and release systems over there. And this new way of deploying building, running, securing workloads and more importantly, cloud services now has fundamentally broke down those barriers. And so by nature, what it's done is force those teams to either come together to collaborate. And a lot of cases that we've seen in accounts is also there's a single throat to choke. A person who's owning that service owns it end to end. Yeah. And so our platform uniquely helps all those different constituents across the organization really share and collaborate, but also rely on one vendor and one platform that spans not just obviously here with Amazon and Amazon Web Services, but also GCP, Azure and 40% of the data we collect every day comes from on-prem. So we give them that single platform that spans everything that they need. Yeah. What is the, if there's a fundamental problem with someone who has, they're looking at their migration, they say, okay, public cloud, that's where we're going from a security standpoint. Is it that they're going to a space that they don't have total control over or they're going to a space, this is the way we used to do it. And now you're going to, you're coming at it from a different, so I don't know if that's, is it buy-in? I mean, what is kind of like the- So I think it comes down to three things. I think one is mindset change. So we look for progressive CISOs that believe in the vision of fundamentally doing things different. Two is debunking the myth. And I say that because SIM has been a dirty word for years. Useless services and technology and vendors that have been pimpin' SIM for years and have not delivered on the value. Don't, don't, don't, nope, that's words. Don't look to them for me. No, but in all seriousness. And so we have a job to clean up that dirty word. So with the cloud SIM and what we're doing on top of Amazon and supporting other cloud providers, we're trying to make it sexy again, but more importantly, make it real. Deliver value through our cloud SIM. And the third is, we're trying to break down the silos. It's not just the security operations anymore. And they understand that in order for them to have that holistic control, because at the end of the day it's about control, they need to have accountability upstream and they need to be partnering with the DevOps teams. And so that's the value we bring because the DevOps teams, the site reliability engineers, the tech ops, platform engineering, are all using sumo. And so now we can connect the CISO to them and they can have one unified way. Light shared model for data that can have access control, predictable costs. And then more importantly, going forward, allows them to start to analyze data with different values and different sets as they need to through a consumption model. Right. You say you're trying to make the SIM sexy again, which is an interesting way of putting it. What are you seeing customers using sumo logic for that really gets your attention? What's something that you think would be a thing that people here at this show should really pay attention to? Sorry, you're a gamer. The way that people use it. I have been known to game on occasion. Do you play Pokemon or Fortnite? I keep getting tested to get Fortnite, but no, I'm an old school guy. I like Borderlands too. So I'll give you two different contrasting examples in the gaming industry, for example. So Pokemon, guess who their average age user is? About eight. No. Kids. Right. Young kids. And so for them, it's about protecting identity, right? And protecting privacy of these users, kids for parents. So we help them with privacy and controls. We compare that to Fortnite. We help fortify Fortnite because Fortnite needs to look at the metadata, what's going on in the game, right? They're looking at all the actions from the chat, from the text, from the things that were unplanned in the game to get a sense of how the real game experience is. They're both securing, but in different ways, right? You compare contrast that to outside of gaming, media, online retailers. What do we help them with? They have audit responsibilities because they take payments from PCI. They have healthcare responsibility because of HIPAA and compliance. They have regulatory responsibilities with GDPR, right? And so we help all of them with the audit and compliance, but also we give them the threat and investigation capabilities when and if they have a breach or when they have an audit issue. Right. Gotcha. So you're not a Pokemon player? I played Pokemon Go for a while there. It's like, I'm too busy hosting theCUBE. I don't know. Yeah, right. I mean, thanks for being with us. We appreciate the story and wish you continued success to Sumo Logic just about 50 yards from our spot here on the floor, drawing a lot of attention in your booth. So congratulations on that as well. Thank you for having me again. Great seeing you guys. You bet. All right, back with more here on theCUBE at AWS re-invent in Las Vegas.