 The great thing about Tetraed Istio subscription is that from a technology perspective, there's not much I need to say here. It is just pure open source Istio that we are not adding anything to it. We understand for that particular customer base, it's very important that there's no vendor added component. So all they're getting is just Istio and we package it as Tetraed Istio distro, which is just, it's basically us making it easier to get the distribution. Hi, this is your host, Sapil Bharti and welcome back here for Newsroom and today we have with us, once again, David Bang, head of product at Tetraed. David, it's great to have you back on the show. Yes, it's great to be here. Thank you for having me again. Just remind our viewers what is Tetraed all about. Tetraed as a company is dedicated to helping organizations achieve security, network security and availability for their Kubernetes and microservices workloads. So we have a portfolio of products, such as Tetraed Service Bridge and we talked earlier about Tetraed Service Express and now we're going to talk about Tetraed Istio subscription. And I remember when we talked about the new folks announced Tetraed Service Express. So I also want to talk a bit about, just also quick recap, what is that? And then let's talk about Tetraed Istio subscription. What is the difference between the two? Is it the different audience? Is the different offerings? So let's just get into the details now. Our general goal is to provide security availability for workloads and the portfolio basically are different approaches to providing that to our end users. So what we talked about earlier, Tetraed Service Express and Service Bridge are meant for platform teams who are taking a transformational approach. They want a service mesh platform that extends beyond just a pleasure to even Kubernetes. They want ready-to-go services for app teams to deploy. That is, we know that there's a different segment in the market and different set of users that just want to build their own on top of Istio. What they're looking for is somebody to help them with 100% pure open source Istio to get their objectives done. And they're not really looking to buy a proprietary platform. So for that, we have Tetraed Istio subscription. What we offer there is really three things. One is enterprise support, global enterprise support with strict SOAs, 400% open source Istio. The second thing we offer is backporting CVEs beyond community support CVE fixes. And that's very relevant because today we just, we're hearing about a new Envoy CVE that just emerged very recently. And the last one is to help people who are trying to operate Istio in a FedRAMP environment. They need FIPS-verified cryptos and we provide that to our customers. So same end state, more security and more availability, but different paths, transformational with a ready-to-go platform or build your own with Istio. What does this subscription mean for Istio users who are using, because Istio is an open source project? Of course, this is the whole model around open source, fully open source project and then commercial support around that. So talk about it from that perspective and also from the core basis perspective, from the technologies perspective. I would say the great thing about Tetraed Istio subscription is that from a technology perspective, there's not much I need to say here. It is just pure open source Istio that we are not adding anything to it. We understand for that particular customer base, it's very important that there's no vendor added component. So all they're getting is just Istio and we package it as Tetraed Istio distro, which is just, it's basically us making it easier to get the distribution, to help them with their build pipelines, but we don't really do anything to Istio itself. And in terms of how we offer it, we try to make it simple such that, all we are looking, the way we sort of scale our offering is by the number of Kubernetes clusters you're installing Istio on. So everything about it is very simple because we understand for people who are building this platform, what they want is simplicity. So, and the idea is with the CVE support and also the FIPS verified builds, it's all just about helping people who want to build on top of pure Istio, like a faster path into FedRAMP or just a bit more headroom to perform their upgrades. It's much easier to perform a patch upgrade than a minor release upgrade. And when we look at the distro, Istio distro, how close it's going to be to the upstream? It is exactly the same identical. We don't really do anything to it. All we do is just make it easier for you to get to the same, the very same bits. Now, with the FIPS build, the difference is that we've built the same Istio code but using the right crypto for FIPS to operate a FedRAMP environment. Istio itself is not altered. It's just how we build it. And we have engaged a third-party lab to verify that we've built the crypto correctly so that when our users do take this into a FedRAMP environment, there's proof that they are operating in compliance, like the software they're deploying, the Istio they're deploying is in compliance with FedRAMP needs. And when we do look at FIPS or FedRAMP, do you see any scope of possibility where there are specific features or additional functionalities that these industries might need, which you might end up offering, which will be something add-on on top of Istio? Yeah, we certainly see that as a possibility. I would say for now, we certainly already baked many of this into our platform offering, which is Tetris Service Express or Service Bridge. So it just comes down to a little bit of how we see people wanting to get on the journey from where they are to their end state. If they are ready for our transformational platforms, they should go with Service Bridge or Service Express. If the intent is to customize and build your own on top of true open-source Istio, Tetris Istio subscription is the way to go. Istio was in news last year also, the whole move to CNCF and graduation. The interesting thing with projects like Istio is that they have been in production even before they get graduation from CNCF. What does graduation actually mean? Or also when you announce general availability of things like, you know, Istio subscription, I want to look at it from the confidence it builds within the user ecosystem, within the ecosystem itself, where you have all the other players because a lot of folks are putting all their eggs in that basket of Istio. It breeds confidence. Wholeheartedly agree. I think your observation is accurate that there are more eggs in the Istio basket now. I mean, one interesting data point, aside from product, is just that we have Tetris Academy, which offers training and certification for people interested in Istio. We've seen a lot of increasing interest for that, to the point where CNCF asked us to donate our Istio certification to them, and we've done so. So this would not have happened, this pool would not have existed if Istio was not becoming more popular. So what we see is that there's definitely this maturation for Istio demand, to the point that there's now officially CNCF sanctioned certification now. We're happy to do it because I believe that is the right thing to do, and we'll continue to play a big role in just training and educating Istio users in the market. In general, how much awareness you are seeing of Service Merge, Istio, where you're like, hey, everybody knows about that. Like, we don't have to go out and tell why you should choose the Lampy Circle in this kernel. So are where you feel that now, different markets are in different phases of adoption and we still have to do a lot of awareness, education, all those drives. What are you seeing there? I do think it's still early for, I think for Istio, it's still a huge amount of opportunity ahead. I think we're past total confusion on what Service Merge at Istio does, but I do think that there are a very large number of use cases. Then there's certainly no template in terms of how to approach these use cases or what sequence you should do them. It's also possible that, there's just too much variety right now. So even though people, I think understand the technology, they understand what the use cases are, there's still a lot of opportunity for folks to figure out what is the right sequencing of use cases and what's the blueprint to actually deliver the value of Service Merge. And that's why I think our dual path exists. We have a strong opinion on how that value should be realized when we build that into the product of Service Express and Service Merge. At the same time, we recognize it's where early enough, so it's not one size fit all. So we're happy to support people who want to tackle the use cases in their own customized way through Tetrade Istio subscription. Do you folks also do anything to kind of get a pulse on the industry, the ecosystem to better understand how either folks are using it or what are the challenges they're facing just to get an understanding of where it's heading or how you folks can actually help them further. So we contribute very actively to projects and the ecosystem and we see the sort of issues people are raising and the kind of problems they're running into. I could be, I don't know the exact, but I think one of the top contributors for Envoy and Istio and it's really through our contributions and sort of monitoring the feedback of our contributions and what's going on in the community that we get a good sense of where people are with adoption and the state of Istio. That's on the open source end. In terms of like our commercial end, we spend a lot of time with big enterprise users, especially in the government and the FinServe sort of central platform teams to understand their roadmap and how they want to take service mesh adoption and what it means. For us, spending time with both the users like the platform team users rank and file architects and developers as well as the senior executives like leaders of lines of business in retail banking say or central IT say EVP of infrastructure. We have frequent engagements with these different folks just to understand how they see business value and what they're doing to actually achieve the value. So the three tier strategy we have in terms of understanding the overall market landscape is community contribution in open source we intend to lead there. We have a ton of engagement with the rank and file users and our enterprise customers and we have frequent touch points with executives at our customers as well. We provide a ton of value enterprise support and the FIPS verification but one thing that will become very apparent is the CVE backcourting we do to help people run STO securely and reliably. So there will be more CVEs emerging in the coming days. The community support is only eight months. We extended to 14 months. That will provide a lot of relief when you have a company like Tetrate sort of offering extended CVE support. People would not have to upgrade us as often in minor versions. Since you talked about support different project communities the discussions are also about the LTS versions or long-term supported version because when you look at enterprises especially when you look at some of these critical technologies they do want more than six or eight more than one year support. They cannot move as fast as some of these communities move. Are you seeing any discussion on that or you feel that no it doesn't make much sense to have LTS kind of version for a project like STO? So we definitely see pain in terms of platform teams or teams keeping up with STL upgrade cycles. Community support is only eight months which is why in Tetrate is your subscription we've extended that support to longer term 14 months. And just to give you some ideas like I think it's very hard for these platform teams which for most companies will never get bigger than single digits teams for them to manage the life cycle, upgrade cycle of somebody that of like an eight months like end of life. They would basically have to be constantly planning for upgrades and this impacts their end user experience. Because remember STO at dinner day is a place for application teams to deploy applications to so that the people who are running STO need to think about that end user experience. So having some long-term support from a company such as Tetrate really provides the stability, the stable experience that teams are running service mesh and STO that really they need. So we see that as an important thing to have for all companies running STO. CubeCon is almost here. Of course you folks will be making a lot of announcement. We cannot talk a lot of, we cannot talk about a lot of things that you folks will be announcing but just give us a glimpse what we should expect from Tetrate at the event. A lot of interesting is happening on the envoy side of the world right now. I think certainly envoy as part of STO we talked about the extended support. I think there's a lot of interesting innovation happening on the envoy gateway side of things. So I think folks who are watching this should check out Tetrate's website announcements that I will be doing with envoy gateway and there will be more interesting things to come at CubeCon. David, thank you so much for taking time out today and of course talk about this new subscription and also where the whole service mesh STO market is heading. Thanks for all those insights and I would love to chat with you again. Thank you. Thank you. It's a pleasure to be here.