 Good morning, everyone. Welcome to theCUBE's day two coverage of CrowdStrike Falcon 23, live from Caesars Palace in Las Vegas. Lisa Martin here with Dave Vellante. This is our second day of coverage. As I said, we've got Tom Atthridge with us next. We're going to be really digging into the state of CrowdStrike's services business. He's the Chief Global Professional Services Officer at CrowdStrike. Tom, welcome to theCUBE. Thank you very much. Nice to be here. So you, nice to have you. You've been with CrowdStrike over seven years. I was looking at your LinkedIn profile. So is this your seventh Falcon? It is my fifth Falcon, fifth Falcon. But it's been great to see the growth in the number of partners, customers, and folks that really are energized about what we're doing in the market. Give us a view of the state of the services business at CrowdStrike. What's going on there? I got to stop you. I can't hear anything you're saying. Speak up. Okay, what's the state of the services business? The services business is quite healthy. I think if you hear about what's going on with a number of threat actors in the market today, we're seeing a lot of threat actor activity, ransomware, data extortion, a lot of organizations impacted by some of the aggressive behaviors of threat actors in the market today. So we continue to see both reactive services growth from the professional services organization and with a lot of the SEC regulations and other assessment and advisory related requirements that we see boards and organizations starting to seek from service providers. We're seeing growth in that part of our business as well. So CrowdStrike, obviously a product company. Great products and a lot of momentum. How does services fit into the strategy? Do you have CrowdStrike services that are sort of enablers for your ecosystem? Is it a pure ecosystem play? Can you explain that? So we work hand in hand with partners. So both on the delivery side, whether it's reactive services or assessment or advisory services, we have partnership relationships that help us expand our reach and help us deliver in some cases, boutique services to customers and partners. On the training and enablement side, there's no shortage of vendors and partners here that deliver their own flavor of service and they are interested in leveraging the power of our platform to inform what they're doing from a services perspective. So I'm also responsible for training and education and that obviously is very aligned and supportive of the partner ecosystem. And Tom, those are four pay services or freebies or a combination of both? Combination of both primarily. We do offer on some discounted training services to our partner ecosystem and community, but we also work hand in hand to deliver services to customers as well as with our partners. Where your partners don't have a play or maybe there's a gap? I mean, you're obviously not trying to compete with your partners. I'm sure you're very sensitive about that. I'm just trying to understand sort of the posture and the business objectives. Yeah, great example is we have a number of partnerships on the recovery services side. So when our interim response team goes in and does an investigation, if an organization's been impacted to the point where they need system recovery support, we have partnerships that we can leverage to help accelerate getting a customer back to business as quickly as possible. So in that example, just to pick one, you might work hand in hand with a mandiant to help somebody recover. I know they're a big partner of yours. They got their event going on this week. We do, yeah. We work, I talk to mandiant pretty much weekly. So they're a good partner. They're leveraging the platform as well to kind of inform what they're doing from an investigative perspective, as well as a managed services perspective. So great relationship with them. And I think that that relationship is going to continue to grow based on some of the announcements we had this week. A lot of announcements this week. Let's talk about AI. We can't go to a conference without talking about AI these days. We talked great demo yesterday from George Kurtz on stage of Shirley AI. Mike Santonis was going through a lot of announcements this morning and new features and capabilities. But what is your, what are you seeing in terms of the impact on services that AI is having? And what do you see kind of in the future? Well, the first thing is I want to say that the platform grew up with AI as an undercurrent, right? So we've been using AI for years to kind of help us through the data science aspect. We have a huge volume of data, petabytes of data we're looking at trillions of events every single day coming into the platform from the sensors that we have deployed globally. And that AI capability is going to help us be able to take that data and analyze it faster so that organizations can be quicker and make better decisions around security and stopping breaches. The one thing I would say though is that the data and the volume is great but really you need human beings to contextualize and provide reason to that big data in order for tools like Charlotte to be able to make these decisions at scale and have them be impactful. So humans are very much a part of the whole process and I think are what allow us to enrich and provide that context and capabilities to make tools like Charlotte really impactful in the market. You know, services is the biggest sector been broadly in IT, pick your number maybe it's call it a two or three or four trillion dollar business whatever IDC, Gartner number. Services is the biggest sector. PCs were going to kill services because everybody could do it themselves and of course distributed computing became so complex. The cloud was going to kill services and of course the cloud became so complex. Now AI is going to kill services and of course we know what's going to happen there. And actually operationalizing is so complex. Having said that, all these waves have dramatically changed services used to be break fix and then more consultative services more actual agile development practices on and on and on. How do you see AI affecting your partnerships and the services business specifically? So one of the businesses I'm responsible for is our MXTR business, our Falcon complete business. Where I see that, Charlotte AI being really impactful is today we have a lot of analysts that support clients 24-7, 365. They're hunting on the data. They're responding to events and incidents that they see in the data very quickly. Charlotte's going to allow us to scale very quickly and allow analysts to be able to take care of that low hanging fruit impact stuff very, very quickly and help us drive the cost and the benefit to customers. Will Charlotte, is Charlotte available for Falcon complete on day zero? We have been testing and using a lot of the Charlotte capabilities within our MXTR offering today and it's proven to be very, very effective. And again, the analysts that do the hunting and the investigation and the response work, they're actually taking the knowledge and experience that they've built and have built for 10 years, taking that information and helping provide that for the learning model for Charlotte AI. So the more we do, the more customers we support, the more breaches we stop, that's going to allow for Charlotte to be much more informed and obviously impactful. Is it a correct assertion Tom that the MSSP space, your partners there, are largely targeting SMB? I may be off on that, but is that the case or not necessary? I wouldn't say that. I think it's certainly probably a large focus for MSSPs, but we have partnerships and relationships with MSPs that are supporting global enterprises as well as the SMB and mid-market accounts. Okay, and you take something like Deloitte. Deloitte obviously is a high-end partner and they have managed services, but focusing specifically on SMB because it's an indirect channel, it's a very important market for you guys. MSPs and MSPs, I'm interested in the dynamic between the small businesses, many of them don't have IT, so they reach out to an MSP or they're relying on an MSP. Those MSPs may or may not have security capabilities, even though you're building them out so there's a transition going on there. I wonder from your standpoint, if you can explain that dynamic and the trends that you see in that space. We're seeing on the MSP side is some MSPs, as you said, maybe aren't that great on the security side, but they're fantastic at managing the infrastructure, helping organizations through the basic blocking and tackling of owning that infrastructure. And in those cases, we've built mechanisms for us to partner with them so they may be able to embed our MXDR capability within their go-to-market for the services that they provide. Alternatively, we have organizations like Deloitte that are well capable and have experience kind of at a broader level for enterprise accounts and SMV. What they're doing is they're actually taking advantage of the technology and a lot of these new announcements to enrich what they're delivering for their clients as part of their own portfolio. So not necessarily a need to kind of resell what we offer, but being able to leverage the platform similarly to take that advantage to their clients. So it's interesting, I mean, when I see the demos on Charlotte AI, especially Falcon for IT, I'm like, hmm, if I'm an MSP, part of me says I could use that to make my business better or it says I better transform and find some new areas of value add. I couldn't agree more with that statement. I think that announcement in and of itself I think would be compelling for any managed service provider partner. It's providing that rich context about what's the vulnerability status of infrastructure in my environment, what assets are managed or unmanaged. It's really a game changer, I think, in terms of bringing IT and security a lot closer together. And I think the business model there might be, if I were an MSP, I'd say, okay, let's try to leverage that and then upsell and maybe shift the revenue bucket towards some of the more high value services that we offer that the business, the small, medium-sized business, maybe couldn't afford before and let's go deeper into that account, drive more value, make our business more sticky. It's a huge opportunity for them. I agree. Share a little bit about Tom, about the collaboration between the MSPs, the other partners in the ecosystem and customers to help really evolve the services business that we're seeing today. So I think on the collaboration with partners, I mean, one of the things I think that is kind of differentiated for how we deliver our services is we go into our engagements being a partner to the customer. So we want to understand how to help them improve their overall posture. A lot of the proactive services and assessment offerings. I find that I had this conversation yesterday, five, six, seven years ago, when we would do an assessment, we would be dependent primarily on conversations, interviews, workshops, documentation review to understand what the overall security posture of an organization is. Today, when we go do these assessments, we actually engage and deploy the platform. And by doing that, we get a ton of great telemetry about the actual status of the customer's cybersecurity posture. That helps us inform both how we're going to help that organization improve, but it gives the leadership and the sales, the server, excuse me, the security team in that organization the tools they need in order to prioritize investments and kind of work with their leadership team on making sure they're aligned budgetarily. And that's incredibly important to be able to prioritize those investments because as we, one of the things that Mike was saying today is that, you know, good enough is no longer good enough. Here we are sitting in Las Vegas, big breaches that just happened here. We know ransomware has become a household word. It's no longer, are we going to hit it? It's when, but it's really imperative that the executive leadership team is aligned with the security folks going forward to understand how should we be investing because we have to, we have no choice. It's all about managing risk and making sure that you have great visibility, the ability to prevent things very quickly and react and respond to things very quickly. So platform like CrowdStrike really does provide analysts as well as security teams and executives, all of the visibility, the detection and prevention capabilities across their entire endpoint and workload suite, and then be able to respond very, very quickly. And one of the key themes of this Falcon is speed, right? We got to stop threats from impacting organizations and with 79 minute breakout time, you got to be fast. Tom, where are the big GSIs in this whole equation? I mean, we talked about Deloitte, but I mean, I think of Accenture, IBM, KPMG, Cognizant, EY, PWC, those guys love to eat at the trough. Seems like there's a great market here. I don't, but I don't see them. Are they just haven't figured it out yet or it's so diffuse this market? I think we have a number of global systems integrators that are here this week to talk to us about how they can take advantage of the platform to help them monetize their services portfolio but also help bring additional value to the customers that they're supporting. I'll use our log scale platform as an example. We have a good relationship with EY. They're working with clients globally to help them implement and deploy our log scale platform to allow organizations to consume, not just endpoint telemetry, but third party telemetry to help them inform their overall position around cyber. So those relationships continue to be built out and the more tools that we provide in the platform allows those organizations to really take hold and monetize their services portfolio. I think they're missing the boat. They should be here in the hub with a big booth. I mean, Deloitte's sucking up all the customer interactions. You guys got to get on it. They're a great partner. I mean, they have a fantastic offering and we see a lot of synergy in what they're doing, bringing kind of the tool set to their clientele. Can you share any of the feedback from the GSIs that you have been talking with here at the show who may not be to Dave's point exhibiting on the direction the platform is going, the acquisitions. What is some of the feedback been from those GSIs? I think one thing to say is that they're also contributing. Like one of the things you heard in the keynotes is that we survey, we interview, we collect feedback from not just customers, but partners as well. So the GSIs are providing a lot of context around how they think the platform should evolve. So their input is certainly being heard and integrated into what our product roadmaps look like. And I think over time you're going to start to see though the GSIs start to adopt more and more of this platform approaches as they take their services capability to the market. Can you give us a sneak peek into the services roadmap what we might see in the next six to nine months? So, absolutely. So first thing is we've been investing a lot in cloud, bringing in talent that can help us and help organizations understand how to detect and respond to breaches in the cloud. So we have a number of cloud security assessment offerings and I think the new product releases with our Bionic acquisition is really going to help us accelerate what we're doing around cloud. Additionally, I think looking at tabletops, I'll just talk for a minute, one of our proactive services is tabletops with these SEC regulations and the impact that we see that having on the C-suite and boards. We're getting a lot of requests to kind of transform what we're doing on the tabletop side to make sure we're addressing how organizations should address materiality within their playbooks as well as within practice to build that muscle memory. Lots of good stuff coming. Tom, we appreciate you coming on theCUBE, sharing the state of the services business, how it's been evolving and what some of the things are that we should be looking at on the radar. We appreciate your insights. Thank you. Thanks Dave, thanks Lisa. All right, for our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE live from day two of our coverage of CrowdStrike Falcon 23. Stick around, our next guest joins us in just a minute.