 From San Francisco, it's theCUBE, covering PagerDuty Summit 2019. Brought to you by PagerDuty. Hey, welcome back, everybody. Jeff Rick here with theCUBE. We're at PagerDuty Summit in the historic Western St. Francis Hotel downtown San Francisco. I think they've outgrown the venue. The place is packed to the gills, standing or mowing the keynote. And we're really excited to have our next guest, someone who's been in this industry for a while. He's really done some super cool creative things. He's given the closing keynote. We're happy to have him here right now. That's Mitchell Hashimoto from HashiCorp. Mitchell, great to see you. Great to see you too. Thanks for having me. Absolutely. So just a quick overview before we get into it on HashiCorp for the people that aren't familiar. Sure. So HashiCorp's a company that, what we try to do is help people sort of adopt cloud, but more realistically adopt multi-cloud and hybrid cloud and the real world complexities that cloud isn't just a technical landing point, but it's really a way you deliver software. You want to deliver more applications. You want to connect them faster. You want to do this in an automated way, infrastructure as code, sort of all these modern practices. And we build a suite of tools to provision, secure, connect, and run those applications for separate products that we sell that you could adopt separately. You could mix and match. And that's what we've been doing for a long time. Based on open source software, we started purely as an open source community and have grown into an enterprise company. So that's the elevator pitch. No, it's a great story, right? You're up in Seattle, got some access to some cloud infrastructure and really solved your own problem, figured out other people have that problem and then really built a really cool open source kind of base software company. Yeah, I mean I think the amount of people that had the problem I was facing personally was orders of magnitude more than I expected. I've told other people, we never expected to start even a business around this. It was just scratching our edge, building technical solutions. But as we sort of worked at startups and started talking to bigger and bigger companies, it just kept, everyone kept saying, yes, I have that problem. And it's only grown since then. So it's been surprising to say. And the complexity has only grown exponentially. I mean, before, you know, years ago there was kind of this bright and shiny new object called AWS. I mean, I love Bezos's great line that nobody even paid attention. Six or seven years they got a head start and kind of just rushed. And now there's been a little bit of a fallback as people trying to figure out what to go where. Now it's hyper cloud and horses for courses. So a lot of great complexity which is not the good news for you. Absolutely, I mean I've told this story before but our first year incorporating the company I actually got hung up on by an analyst because I said we were trying to solve a multi-cloud problem and they said that's not a real problem when there will never be a real problem. They hung up on me. And it was a bet then. And I think the expectation then was it was gonna be AWS. It was gonna be physical infrastructure and the physical infrastructure. Days were numbered and it was gonna get axed out and it was just gonna all go to AWS. And our conviction was that you would have both forever and or for a very long time. And then people like Azure and Google and others would pick up. And that's been true. But I think what we didn't expect is the complexity that got introduced with things like containers and Kubernetes because it's not like cloud adoption finished and the next thing started. It all came at once. And so now real companies are dealing with the complexity of they're still trying to move to cloud. They're trying to get more out of their physical infrastructure. They're trying to adopt Kubernetes. And now people are starting to peck at them about serverless. And so the complexity is a little bit crazy and we view our job as trying to simplify that adoption and make you get the most out of it. Right. And that was before you could get a piece of VMware inside of AWS or you could get a piece of the Google data center inside your own data center. So it just continues to get crazier. Yes, yeah. So you're giving a closing keynote on a new project you're working on Vault. And it's an existing project. Existing project, excuse me. But I think you talked about it before we turned the cameras on it's really more of kind of an attitude and a point of view and a way to go after the problem. I wonder if you can kind of dig into it a little bit as what did you see? How did you decide to kind of turn the lens a little bit and reframe this challenge? Yeah, I think the big picture of story I'm trying to tell in the keynote is that everybody, anything you look around you technical, non-technical, this table, that glass like everything you look at it trickles back to the idea of one or a small group of people and it takes an army to make it show up on this table but it starts by somebody's vision and everything was created by somebody. So I'm talking about Vault, something we made and why did we create it and why do we make it the way we did and another thing I say is people ask why did you start HashiCorp or have this vision and something I constantly told myself was why not me? If someone's gonna do it, why not me? It could be anybody. I'll give it a shot, because why not? And Vault was that way. Armand and I, my co-founder we took security classes in college but we don't have a formal security background. We didn't work in security in industry. So the odds of us launching a security product that is so prevalent today, whether you know it or not it's behind the scenes very prevalent we're stacked against us. So how did that happen? And that's sort of what I've been talking about. But let's go, but let's do dive into a little bit on the security challenge because it's funny, right? Everyone always says, right? Security's got to be baked in you've got these complex infrastructure and everything's connected with APIs to other people's applications and oh you have to deliver through this little thing that you carry around that maybe the network's not working well or the CPU's running low or you're running an iPhone 5 and of course it's not gonna work on the most modern app. Bake the security all the way through but that's easy to say, it's much harder to do. Still people want to build motes in castles and draw bridges and that's just not going to work anymore. Exactly, so you exactly hit upon the two major issues that we recognized or felt we recognized. One was that a lot of people were saying it and very few people were doing it and the reality was it was hard to do. Everyone knew theoretically what they should do. No one thought, oh yeah, saving somebody's personal information, plain text and the database is a good idea. Nobody thought that, everyone said this should be encrypted but encryption is hard. So maybe one day, so no one was doing it and then the other side of it was the people that were doing it were the world's largest companies because the solutions were catered towards this mindset of castle and moat which works totally fine in a physical and traditional environment but completely breaks down in a cloud world where there is no four perimeters anymore. You're one API call away from opening everything to the internet so how do you protect this and we've seen a lot of trends change towards zero trust and service mesh and mutual TLA. There's a lot of stuff that happened and we sort of jumped on that. Yeah, so it's interesting, so you're using like multi-level encryption and I was reading a little bit on the website, it's way over my head. I think the basics are just make encryption, not encryption, make security, cloud infrastructure security approachable by anybody and a core philosophy of our company, the Hashi and Hashi Corp of Hashi, my name, means bridge and that is a core part of our culture which is you can't just have a theoretical thing or a shiny object and leave people hanging. You've got to give them a bridge, a path to get there and so we say with all our technology what are the crawl, walk, and run adoption periods and with security it's the same is that to say you're secure means something totally different to everybody. For a bank to be secure, it's a lot more than for a five-person startup to be secure so how do you give somebody a solution that they can adopt and check the security box for themselves at every path of the way and Vault is one of those tools that we have individuals using it and we have the world's largest companies or almost 10% of the global 2000 are paying customers of Vault, many more open source users and it scales the entire spectrum. Wow, so you keep coming up with lots of new projects as we get ready to flip the counter to 2020 what are some of the things you're thinking about? I think the big one that our focus is right now is service mesh. Vault is, we're a big enough company now where we always have teams working on every one of our projects, we have releases going out. The thing we've been talking about the most is the service mesh thing. I think cloud as a mainstream thing let's say has existed for seven or eight years. Since it's been released it's been over almost 15 but as a thing that people have said is a good idea, seven or eight years and we've touched security now, we've touched how infrastructures manage, we've touched developers. I think a place that's been relatively untouched and has gotten by without anyone noticing has been networking and network security. They're really doing things the way they've always done things and I think that's been okay because there's been bigger fish to fry but I think the time has come and networking has a bull's eye on it and people are looking at what does networking mean in a cloud world and service mesh appears to be the way that that is going to happen and we have our own service mesh solution called Consoles and our approach is standard HashiCorp. It's nothing new, we're going to work with everything, containers, Kubernetes, VMs, physical infrastructure, we're going to make it all work across multiple data centers and that is our approach to service mesh and solving that challenge. What's the secret sauce? I mean it's not that secret, right? It's just building. Just execute better, I love it. Well, understand that this heterogeneity is the problem, I think. I said this at our keynote a couple of weeks ago that there are a lot of service meshes out there and nine out of 10 of them are solving a solution for a single environment, whether it's Kubernetes or physical environment or something and I think that's a problem but it's not the problem. The problem to me is how do I get my Kubernetes instances, pods to communicate to my NSX services on my physical infrastructure? And that is the problem as people, whether that's temporary or not and they intend to move the Kubernetes or whatever, it's that's the reality and so how do you make that work? And that is what we are focused on, is solving that problem. Every time I hear service mesh, I think there was a company a while ago that sold the CSC probably in like 2013, didn't only get ended up as a good happy story but they were early on the name. Yeah, yeah. So last thing, Pedro duty. We're at Pedro duty, what are you guys doing with Pedro duty? Sure, so we've been, I've actually been a paying customer of Pedro duty since before we even made this company. My previous job, I was a customer, we are now still customers so we still use it internally but in addition to that, we do integrations across the board. So with Terraform, our infrastructure provisioning tool, we have a way to manage all Pedro duty as code and as your complexity with Pedro duty rises, instead of clicking through a UI, being able to version and code everything and have that realize itself into how Pedro duty works is very valuable. From like a service mesh console standpoint, hooking in the monitoring to the alerting of Pedro duty is a big thing that we do. So tying those together. So it's very symbiotic. I love Pedro duty as a user and as a partner and there's a lot we're doing here. Yeah, it was pretty interesting slide when Jennifer put up in the keynote and saw it where it listed so many integration points with so many applications which when we outside look it in and you're like, how are you integrating with Splunk? That doesn't make any sense. How are you integrating with ServiceNow? That doesn't make any sense. How are you integrating with Zendesk? These are all kind of systems of record but really there's some really elegant integration points to make this one plus one equals three opportunity between these applications. Yeah, I think it's very similar to the stuff we do with Bolton security. It's like the core permanence, everybody needs them. Like with security, everyone needs an auto log. Everyone needs traceability. Everyone needs access control but rebuilding that functionality in every application is unrealistic and paging and alerting and on-call and events are the same thing and so you'd rather integrate and leverage those systems and make that your nexus for that specific functionality and that's where PagerDuty's awesome. That's where we step in. Well, Mitchell's always great to catch up. Good luck on your keynote tomorrow and really it's a really amazing story to watch what you guys have built. Well, thank you very much. All right, he's Mitchell. I'm Jeff, you're watching theCUBE where PagerDuty Summit in downtown San Francisco. Thanks for watching. We'll see you next time.