 Live from Las Vegas, it's theCUBE, covering AWS re-invent 2017, presented by AWS, Intel and our ecosystem of partners. Hey, welcome back to theCUBE, our continuous coverage of AWS 2017. AWS re-invent, I should say, 42,000 people. A lot of them here in the room here. I'm Lisa Martin with my co-host Keith Townsend. We're excited to be joined by a CUBE alumni extraordinaire, remain seyer, CEO and president of Sumo Logic. Welcome back to theCUBE. Great, thanks for having me. It's good to be back. And you guys have had a big announcement today with AWS. What does that mean? What's in it for your customers? Sure. Well, it's good to know that for over seven and a half years we've been close partners with AWS. So we've designed and co-designed over a hundred services together with AWS. And today's announcements around guard duty in particular is taking all the basic compute, network storage, persistent type of stuff and toolkits and paths to the next level because as you've seen, security has always been an afterthought when it comes to workloads and data in the cloud. So we've been pushing Amazon in particular to really up their game on security. And so we designed the guard duty service to really start to provide a lens into threat intelligence with respect to cloud data. Why do you think security still continues to be not as big of a focus? We hear different things. It's not as big of a concern for customers anymore, but that's not actually true. Why do you think that trend is out there? Well, I don't think it's about focus. It's about uncertainty. And I say that because a lot of the CISOs that we engage with consistently who use our platform to get not only visibility to user behavior or infrastructure or the workloads, when they move from the traditional world to this new world of cloud, there's uncertainty about what to do. There's uncertainty about what services to use because a lot of the cloud providers until recently haven't had a lot of these capabilities provided. So in our case as an example, seven and a half years ago when we started born and bred in the cloud, we built our whole PKI infrastructure. We built encryption and transit arrests. So we had to build all that stuff ahead of what the platform like Amazon had provided. So we've been able to leverage all those experiences and extend the platform for not only cloud data but on-prem data to provide that unified view. So the vantage point we have as a result is really be that trusted advisor for CISOs and to guide them towards things like cloud trail that's part of their announcement. Things like VPC flow logs and what they should and should not do there. And so the announcement today is really more of a guidance for CISOs as well as developers and operations folks to better understand what they need to do differently in the cloud, not just from the technology point of view but also from a threat intelligence point of view. So let's talk a little bit about education because this is I think an opportunity to educate a lot of the market. Amazon has always preached share responsibility. They take care of the locks, the guards, the physical data center, all the way up to the hypervisor and the hypervisors ironically becoming less important with today's announcements. However, there seems to be some uncertainty still with clients as to where their responsibility starts. How do you guys help with that conversation of share responsibility? Well it actually starts back to the point I just made. In a lot of cases we've become the trusted advisor because we've had such a long history of building a mission critical platform that's analyzing 100 plus petabytes of data every single day. And so we know what the struggles are to understand new services as they come out whether it's Amazon or another cloud provider and what the implications of those services are. So now back to the root of the question here. You know what we try to really do is assess the maturity of a lot of our customers. So we really understand well what are you using today with respect to SaaS applications? How much of your data is inside your data centers versus potentially in a cloud platform like AWS? What types of cloud service are you using? That allows to kind of categorize the maturity but also start to lay out prescriptive roadmap as to what new application data, new infrastructure data, as well as the potential vulnerabilities and risk associated with users or infrastructure that they need to be concerned with when they make that transition to the cloud or migration or build natively in the cloud. So how much concern is it out there over these new services like Lambda that are no longer associated with, you know we can't just put an IP address or firewall and say okay this host can't talk to this host. It's service and database. So services like AWS that we really can't control from an OS perspective. How's that impacting the conversation? So that's actually an interesting aspect of what the ecosystem provides, right? So we analyze a lot of those connectivity and transport aspects because we look at the pattern of those data and it's not just about what's running in AWS. What's important here is you have your CDN providers, you have your on-premise data centers, you have your Colos and from a security posture perspective you need a holistic view. More and more customers are moving away from packaged on-prem apps to SaaS, right? And so understanding what the implications are from a 360 degree view is what Sumo helps provide them do. And more specifically, back to the announcement here, the role that we play is not only to be that advocate but also the champion to AWS because we're bringing a lot of these customers who are in this migration. So a good example, they mentioned a customer called Samsung and SmartThings. They're one of our large customers in IoT use case and they're pushing the boundaries on understanding how to start to compress and encrypt this data but start to analyze it real time across millions and millions of device that need to come in to look at the fingerprints and patterns. Those are services not yet available in Amazon or GCP or in Azure yet. So we're helping with SmartThings, for example, go to these platform providers and start to design new services or design new capabilities of existing services. One of the things I wanted to ask you is a lot of companies talk about CI CD. Sumo Logic is talking about continuous intelligence and you said the word holistic a minute ago, what is continuous intelligence? What does it mean? How does it differentiate Sumo Logic? Yeah, so our view of this is that unfortunately in the fragmented world we live in and the complexity of all these point tools that address small aspects of different parts of your stack, your application stack as well as the lifecycle to your point around CI CD. There's never been a comprehensive platform like Sumo that not only addresses the lifecycle, everything from your source code control system to your continuous release and deployment to your downstream monitoring, let alone everything from bare metal on-prem to containerized to logic, right? So Sumo actually created this strategy about seven and a half years ago when we founded the company that we want to be the full stack vendor. We want to be the full stack data analytics for structured data as well as unstructured data. And so the relevance of the continuous intelligence in that notion is we're not only providing full stack or 360 but we're also providing mechanisms to look at fingerprints and patterns in that data to take a lot of the guesswork out that typically a CISOs team or developer needs to do during the deployment of an application, during the release of infrastructure or God forbid in the case that there's been a breach. So we help proactively address these issues because we use a lot of machine learning algorithms, we use a lot of pattern recognition to understand what's normal and abnormal. We surface that up into a very salient view in terms of dashboards and alerts. So what does the solution look and feel like? I think on the SAS part of it, that's pretty straightforward but in the hybrid cloud environment in which I have on-premises information data that I'm trying to protect that's talking to these SAS components, whether it's Amazon cloud components, whether it's Amazon services or anyone else, what does the on-prem part of that look like? So interesting enough, it doesn't look like anything different than what the off-prem would look like or in the cloud because for us it's just where the data resides that we're collecting from. So whether it's a top of rack switch to discrete hardware, to converged hardware, to your CDNs, to your SAS apps, to your cloud infrastructure services, we collect and just analyze all that data and start to separate the signal to noise and provide meaningful, digestible insights and that's what we refer to as continuous intelligence. What are your thoughts about security being an enabler of digital transformation? What's interesting is we predicted this probably about almost two years ago now where we said it's no longer about this dev ops, it's about the dev sec ops model, right? And it's not about the security team being in the back room but in the front room meaning that the security operations, the CISO, the security analysts, needs to have a role in how these new architectures, new infrastructures are built and managed. And so what we see in a lot of organizations is whether those teams are merged or whether they're starting to work together, they need one single platform and that's why they choose Sumo. So you're seeing the formation informally of dev sec ops as well as formally of dev sec ops and that's really providing the agility to be able to release applications faster while also providing the security and credibility for making sure there's not a breach, data breach or user issue. So from a regulatory perspective, GDPR coming up quick, 2018 and May, a lot of customers are looking towards their security partners to help understand the data that they have on premises, the data they have in the cloud and get controls around that so they can avoid massive 4% of the revenue fines. How does Sumo help with those problems? Back to your question just right now. I think what's happening there is whether they're regulatory or industry related standards or security teams want to be more proactive, they're actually starting to be enablers for the business, surprisingly, right? And so what we're seeing in the case of GDPR is that's an accelerant to adopt cloud because we actually isolate the data down into regions and the way we've architected our platform from day one has always been a true multi-tenant SaaS technology platform. And so there's not that worry about data resiliency and where it resides and how you get access to it because we've built all that up. And so when we go through all of our own attestations, whether it's SOC type one, type two, GDPR as an initiative, what we're doing for HIPAA, what we're doing for a plethora of other things, usually the CISO says, oh, I get it, you're way more secure, now help me. Because I don't want the folks in development or operations to go amuck, so to speak. I want to be an enabler, not doctor no. So that relationship with the developer, how seamless is that? Are they changing their workflows from a development process? Absolutely. I think what's happening now is not only the formation of this DevSecOps model, you're starting to see the rationalization of tools to be able to support that. And so in a lot of cases, the CISOs are being pulled in because the business has made a decision to move to the cloud. Now the CISO needs a new posture because of data access, data privacy, things like we just talked about, GDPR. And once they realize that Sumo can provide that lens and provide the analytics, but enable the developers to have the agility, they become our biggest advocate in a lot of these accounts. So they're the ones oftentimes with initial budget because there's a lot more budget typically for security. They'll bring Sumo Logic in, they deploy it, and then they extend it to other groups. I'll give you an example. We started with Pinterest. Pinterest had a PCI audit issue. They had a short window where they had to pass their auditor's requirements. They brought us in and spent a few weeks. We helped them get through that audit. They had the Sumo console and all the alerts notifications up on the dashboard. The DevOps team got wind of it. Six weeks later, we did a multi-million dollar multi-year deal with them for their entire elastic displacement and their monitoring stack. That's all about the land and expand model that Sumo's been doing for now for seven and a half years. And it's predicated on security being the champion, not always DevOps being the champion. Fantastic. So you guys have a booth here. We can see it right this direction. What are, what are some of the cool things, last question that people can see and learn coming to the Sumo booth here at AWS? So I think it's probably a bigger point that we're trying to illustrate here at the conference and just our point of view in general. I think what the announcements that you saw today, we all saw today with respect to what Jassy talked about, the ML toolkits, the things around Kubernetes, it's really about flexibility around choice. So what we're actually demoing here is our support for Kubernetes and Docker containers, but it's all wrapped up into something even more intriguing here. And it's something that we look at as something we refer to as the analytics economy. All this technology, all this power that's been delivered and announced today is empowering a slew of new use cases that have not been yet addressed. And so we feel like we're the forerunner in that and helping design things with guard duty, for example, but it's not just about things that are running in AWS. I know we're at this event, but customers want choice. That's why Docker, that's why Kubernetes, that's why multicloud is important. So what they'll find in our booth is not only the best platform for running and securing, building, running and securing modern apps on AWS, but also the ability to have that portability and flexibility to deploy on GCP, to Azure, to their own data centers, because that's the world we live in, the complex world. Wow, exciting. Your passion and excitement for what you guys do and how you really have successfully become a trusted advisor is very palpable. So we'll have to have you back on the show because there's clearly a lot more to talk about. Unfortunately, we're out of time. I'm Lisa Martin for Keith Townsend and Mermin Thayer. Thank you so much for watching theCUBE Stick Around. We're live on day two of AWS re-invent 2017. We'll be right back.