 Welcome back, everyone. Cube's live coverage here in San Francisco, Moscone West, I'm John Furrier, my co-host, Dave Vellante, the Cube pod guys, having a little episode here kicking off. Dave, 13 years of the Cube, RSA, we're on broadcast alley. They did a really good job of formalizing this. We're live, the keynotes are about to start. We had our pre-game coverage earlier, pre-event coverage, I should say. We had Amazon on, we had Top Exit from Cisco. We had Tigera on, tons of relevant content. Keynotes are going to be kicking out here as we kick off RSA. And obviously the most important story is going on is obviously security, the identity crisis, the breaking analysis that we have done on SiliconANGLE that you did, the ongoing multi-part series, our new writer, hire for SiliconANGLE. David Strom. David Strom, Rob Hoef is here, Mark Alberson is here, the Cube team is here in force. We are going to cover security like a blanket this year. So this is of course the premier security, cybersecurity event on the planet. And this was the last event in 2020 prior to COVID. You remember, because you were out here. I did that show. It was kind of weird, I'm sure. I wasn't there, but I was watching remotely saying, this is it. I was actually in Chicago that week in an Oracle thing. And then so I got to suspect, John, I mean, it feels like it's back to where it was in 2019. It was a super spreader event. Pre-Covid. I knew what you were saying. Yeah, so, right? I mean, I don't know what the numbers are here, but it's big. It started actually on Saturday, going all the way through Thursday. But to your point about the identity crisis in security, you know, all you hear from the vendor community is you got to spend more. You got to spend more here from the government. You got to spend more. I'm not sure if spending more is going to solve the problem, John. I think that most of the security challenges that we face in this industry are self-inflicted. All right, so how much are spending is the answer? Man, unless you're spending on education and culture. You got to spend. Otherwise, you might be out of business because you're worried about security hacks and security as a cost center is not the question anymore. It's security as a company saver is the messaging we're hearing. And yeah, the spend is never going to die down, but I think you're going to start to see cost optimization around platforms versus tools, Dave. And the conversations earlier before the keynote has been around every company needs to build a platform and everyone is selling to companies as a platform. So the question is, you're going to have a platform or platforms going on. And so it's going to be a real choice for the customer to figure out how to consume technology to solve the technology problems. At the same time, the cloud native world's booming up. Software supply chains a big story. You mentioned identity on your piece. It's a shift. The big buzzword is zero trust, but it's gone from buzzword to actual serious strategic consideration. So CISOs are serious about zero trust, meaning nobody gets access, access unless they've been validated and verified. The problem is, John, the problem is GRS, I call it. Getting rid of stuff. We have a GRS in IT. It was really hard to do zero trust with all this technical debt. You understand technical debt very well. And I've talked about it extensively. And so you have all this legacy infrastructure and all these tools. And then somebody comes out with a new tool, you know, a bunch of VC funding during the boom. Hey, I'll try that, that'll solve a problem. And so you have this huge array of tools that some people know how to use, then Ed leaves the company, they don't know how to use it. And so it's not an easy problem to solve. And as a result, you have a market that's let's call it 100 billion. No one vendor really has double digit market share, except maybe Microsoft, but who knows what they're throwing in there. This has been something you've been saying for years, Dave. That is a real tell sign that the marketplace is emerging and yet there isn't a dominant player. And what that tells me is that everything we're reporting about the market's true. Cloud computing scale and growth is going to be an opportunity to create a better data haven because Amazon's seeing data that no one else sees. They're quote first party data, primary data around tax. They got honey pots laying out everywhere. They get all kinds of data. It's reversal customer data that they have seeing network patterns. Then you have cloud native shift with cloud native applications. So modern AI applications are coming, that combined with cloud scale is going to make an opportunity to reshift the development and security posture. And it's just prevented more preventative, more runtime operational and then risk management. Three major areas we're seeing a lot of discussion on and all of it's underpinned by open source software and the software supply chain or software bill of materials. All that's going to come into play up and down the stack from network to Kubernetes clusters to application monitoring and security. So it's going to be a completely different ball game in the next five years in this ecosystem. Well, it's course foundation models like GPT are going to, we're going to hear a lot of talk about that today. I'm really interested because we've got folks coming on from Mandiant, we've got folks coming on from unit 42, Palo Alto's threat intelligent units. These guys see everything. So I'm curious as to how much, you know, how mature, I know it's immature, it's early days, but how much activity is going on with foundation models and AI from the adversaries? You know, how much penetration are we seeing and how has it changed over the last 120 days? And then the flip side is how are people using it? Are people using it to defend and how are they using it to defend? Who's winning that battle? Well, that's a good question. I don't think anyone really knows the answer, but from my reporting and what I've been digging into is, you have two sides of the coin. On one side, the people who are doing their environments, the practitioners and security and operations, whether it's open source, they're really like, they're not leaning into AI because of the hallucinations and the fact that it's not secure. They don't know what it is, it's licensing rights, all kinds of like challenges because they want to make sure things are running. Okay, I get that. On the other side, the adversaries, the bad guys, they're all in because they can use chat GPT and other foundation generative AI models to generate zero-day exploits to go in and identify what hasn't been patched. Go in and go in and penetrate the network. If someone doesn't segment their network properly, more malware is going to come in. So you've got ransomware, malware, and now as we pointed out, and you pointed out in your review analysis, you have this two-tiered supply chain attack challenge that's been known about, but it's being exploited even more. So the surface areas and the ability to attack is multi-dimensional, and that's just getting more and more pervasive. And so it's incredibly difficult. You're talking about the 3CX attack, which was a double supply chain attack. The first documented known, they suspected that it was happening, but it was the first evidentiary-based double hack, meaning you had a download of a piece of software that then triggered through the supply chain, that triggered a second supply chain. So when it was downloaded, it alerted the hackers that, hey, we've got one on the line, so they initiated a second wave of supply chain hacks. And that was the first time, and it was well-documented by Mandiant. We covered it last week in breaking analysis with David Strom, but these are the types of things that's never ending. And so one has to wonder, as you look back every year, remember Art Covielo used to keynote RSA, and every year it stayed up as a, well, we look back, it's getting worse. It seems like that trend has continued, despite how much money we spend. The other thing is you've got public policy, you've got the government finger-wagging. You've got to do better. And so there's this unfunded mandate, but the public-private partnership is not great right now. You've got Lena Kahn trying to break up big tech, trying to stop all the mergers and acquisitions and consolidation. Speaking of consolidation, this industry definitely needs consolidation. We see little bits and pieces. Akamai bought NeoSec recently. Okay, that's fine. But needs a lot more. I mean, you've got 4,000 suppliers of security technology. It's just too many. I mean, first of all, the tool platform discussion means consolidation has to happen. You can't have tools on a big platform without a platform. And also, I think the do-over comment that Pat Gelsinger said in 2015 is security a do-over. You asked him that question. He was at VMware CEO at the time. Now CEO of Intel. It's the real legitimate, and he was adamant, no, it's a do-over. And we get, I have yet to see the do-over. I want to see the do-over. Now, Amazon, Merit Bear is on. She's the Office of the CISO at AWS. She's like, the security and development developers that we're going to get. So I introduced the concept of developer first or B to D, business to developer. The developer is the new consumer. If the developer likes it, the products, they're going to adopt it and that's the next iPhone for security, if you will. If the developers are coding, they're going to be coding data. So that's a wild card in this mark. I haven't seen anyone do that. Merit Bear pointed out something I thought was interesting where he said, in that kind of developer first concept, the security team becomes a yes team, not a no team. So that's a mindset. Can you be a yes team on the security side to enable the developers to actually be a big part of coding, not just shifting left, but actually coding at the point of code, building security in with a platform, that's going to be an opportunity. We'll see, I haven't yet to see anyone doing it. Yeah, I see some people saying, yeah, shift left and do some security and see ICD pipelining, but the cloud native cloud scale paradigm, I have yet to see the winning hand. I mean, cloud obviously has had a huge impact and in so many ways it makes security better. But at the same time, if you have multiple clouds, now you have multiple shared responsibility models. If you got shared, multiple shared responsibility models, you got different policies and different procedures across those different clouds. And so it's, and different cloud vendors like Microsoft has a lot of cloud tools that they sell. Amazon doesn't really make so much money off of security. It's just kind of embedded in there. Google, we're going to hear from Sunil Padi shortly. It's kind of in the middle, they just bought Mandiant. Their whole thing is we want to make security invisible. So it's a complicated situation for customers. And then you bring up developers. People are relying, organizations are relying on developers to secure their businesses now. Developers, they got a lot to do. They're like, okay, here's another thing. You got to figure out security. I mean, you know developers today, you were just at KubeCon. Do they want to take on security? I mean, they're being forced to, right? No, I think they know they will have to do it. That's why SHIFT left so popular. And the software supply chain, that whole phenomenon's coming out of the open source world because you got to know what's in the code. The bill of materials, like you're building a car, you got to know what's in the steel. You got to know where it's been. You got to know what's in the parts. And containers and Kubernetes have very, they're not secure by default. Okay, so if someone gets in there, you can move around laterally in clusters, like it's nobody's business. So Kubernetes and containers are an opportunity on one hand, but a security nightmare on the other. So you see the rise of Tigera clients like that, Platform 9, other ones like Ralphie Systems. Kubernetes services to give the operations team the confidence because in security and DevOps and DevSecOps, operations trumps hype. And that's why the AI shit's not getting traction because they don't look at it like, oh, AI hype, get out of the buzzword bingo. They want to see machine learning and automation that locks stuff down, okay? Zero trust is not the answer to everything. It has to be systems that talk together and work. That to me is going to be a very interesting paradigm. The zero trust paradigm is very much, don't trust anything, this is an object. Okay, I get it, I'm not against it, but I'm saying it's not the system. I think in general, all that agree with, but organizations are scared right now because they don't know what they don't know. And so as a result, and they can't predict what's coming next. It's like this double supply chain hack. So my advice is get your backup and recovery act together. Like seriously, that's your last line of defense. And I just heard a stat the other day that 100% of the ransomware attacks, the backup corpus was encrypted. So you got to get, so backup and recovery is becoming a fundamental component of a cybersecurity strategy. Now there are some companies like Rubrik, to a lesser extent, maybe Cohesity, they're totally pivoting to become cybersecurity companies. Oh yeah, we're cyber companies. Get our valuation jacked up. That's cool, fine, good marketing. But the reality is, is you got to think about that from the beginning. My point being that you need a comprehensive strategy for those critical assets and you need to air gap them and you need to have immutability. And you should do that separate from your normal processes. You don't want your day-to-day workflow to mess with that. And so the, I ask- Well, that's an interesting point because look at the AI impact. Okay, even though it's hyped and the people don't like AI here in the security world, or they do what they don't want to talk about it, what AI is doing is changing the mechanisms to do stuff. Like we see stuff being eliminated away because the purpose of security is to secure shit, not to just do it the way we did it before. So the question I'm gonna do over is how does AI and machine, how does machine learning and AI solve some of those problems that are taken out of the workflow? Meaning security can be focused. Like let's take our example content. I can use chatGPT to write some summaries for me. It saves me a bunch of time to do that again. And security, what's the equivalent replacement of the mechanism for security? And that's going to be the open question. Well, we always hear that there's a lack of talent, right? And if you look at, it's like the same old, same old. So 80% of the incidents are triggered, and the alerts are triggered by around 5% of the rules. Okay, so the people are getting inundated by 5% of the rules, and so, and they're trying to prioritize. So that's to me, one of the areas, the obvious areas where AI comes in. Help me prioritize which alerts are legit and which aren't and which ones I have to worry about because 80% are coming from 5%. So I should be able to narrow that down. The other thing is, I would think AI should be able to help me find hard-coded secrets inside of my code. It's astounding how many hard-coded secrets are inside code. And also patch what you haven't patched. There's a lot of blocking and tackling. Right, that's the basic stuff that's, like I say, it's mostly self-inflicted wounds. Yeah, that's important. And that's why, if you're going to spend, spend on the processes and the procedures, the tech is not going to solve your problem in and of itself. I think it's going to be so hard. It's going to be harder if you don't rethink the mechanisms and how you're doing it and why you're doing it. And I think you're going to hear a lot about in the keynote. I know Cisco, G2 Patel is going to talk about work, the future of work, because they have hybrid work environments, the role of the network, role of security, integrated unified systems. If you don't have unification, that's going to be a big problem from what I hear in some of these talks. So we'll see. I mean, I'm expecting to have this year to be a wake-up call in terms of the themes. If any indication of the pre-kino conversations, we're going to hear a lot more about cloud native, a lot more about software supply chain, a lot more of microservices, and I think large-scale cloud and data-specific, pre-AI hype conversations. Almost laying the groundwork for, hey, to use the word data fabric, but like semantic layer or using data as a competitive advantage for security. But ultimately, I think the winners who are going to come out of this are the ones that are rethinking their mechanisms, integrating, not being siloed or bespoke in the architecture. That's going to be a winning hand. We're going to see who has it. I also think there needs to be a translation model that takes the security speak and turns it into business speak. And because it seems like there's still a wide chasm. I mean, this industry has more acronyms than any industry in tech by far, and they change constantly. And when you start getting into it, it's like only a handful of people really understand it. So it's like the mechanic. You know, you go in and the mechanic's like, well, you got this, you got that, who knows? You just got to spend. And you spend and you don't get the outcomes you want. So there's a lot of frustration today that we're spending, we're paying a lot of attention to this, we're hiring as best as we can, but we're not getting the outcomes that we want. I think you're going to see a regulation policy thing you brought that up. It's kind of no one likes to talk about policy at the tech show, but the reality is you're starting to see regulations around even software supply chain, the spill of materials. Are people disclosing, and we unpacked on theCUBE pod and also at KubeCon, the open source security rights around licenses. If you're blending large language models, and I even saw a report on the markup, there is no precedent on license, it's a wild west. And intellectual property is still intellectual property. If you're stealing intellectual property, they were comparing it more to like the MP3 music days, Dave. You know what I'm talking about? Give me started again on the government, John. I mean, look at how bad they've screwed up crypto. Right? Crypto was also self-inflicted, the shit coins. It was a fraud market. Okay, but Coinbase wasn't shit coin. No, I know. I mean Coinbase was legit. They cleared a lot of shit coins. And now Binance, okay, Binance got caught with the hand in the cookie jar, but you know, you got Gary Gensler, you got big luminaries like Warren Buffett, you know, you got Janet Yellen all down on crypto. Well, it's all the innovations. You know how much innovation's going on crypto, and it's all going to go overseas. So my point is, my point is- It's going to go to Hong Kong, so we're taking it over by China. Yeah, and so the U.S. is going to lose out on that. But my point is, if you're going to have some public policy, set down some frameworks, have a better private public partnership. That's missing today. If you're watching this video right now, you just got a little taste of the cube pod. So check out our cube pod, go search on Spotify, Apple, David and I are in episode eight. We're going to push this forward. We're getting our groove. Check out our podcast. Subscribe to it and tell your friends, because we're going to keep doing it and ramp up and keep our kind of our conversations like we're riffing. But yeah, the riff here is, there's going to be winners and losers, Dave, here. And let's take a moment in time, this show, to look out on the landscape and mark the time and mark the players. People will survive this and some won't. They'll be on the wrong side of history or the right side of history. And that's going to be the tell sign. And I believe the right side of history is going to be more cloud scale, open source with bona fide supply chains, bill of materials with software, machine learning and real AI contributing as an augmentation to the human loop, the human factor and handling stuff at scale where prompt engineering becomes coding data, where software developers are going to be coding data and then allow the data to be tuning because what these large language models are showing in the multimodal AI is that this self-correcting is going on in the chaining of the tokens. And you hear about Lang chain, you hear about Haystack, these like chaining technologies. Systems are going to self-correct. This was the ideal dream of AI. So I think there's going to be the one side of the street that there's these lockdown, they'll die a slow death. And then you're going to have the growing side where people are going to keep moving. These people throw cold water on the idea. But those are the ideas that I think that are going to move forward. So we'll see who's on which either side. I'll give you some ideas too, some of the companies that are both large and have some momentum based on the survey data. So Microsoft is like the biggest right there everywhere. Microsoft, Cisco, Palo Alto, Splunk, CrowdStrike, Okta, NoB4, Oracle's actually up there. F5, Fortinet, Zscaler, Proofpoint and Cloudflare. But not all of those companies have spending momentum on their platforms. The ones that have the most spending momentum are Microsoft, Palo Alto networks, CrowdStrike and Okta. And then behind them are NoB4, Fortinet, Zscaler and Cloudflare. Cloudflare's coming up as is CyberArk software. Now there's, as I said before, 4,000 companies in the space. Those are just some of the highlights from the survey. We filtered out just to focus on some of the bigger names. So there are other ones that we're leaving off that. But that's based on research that we've been doing now for the past three years working with our partner ETR on who's got the spending momentum and who's got the size and the presence within the IT decision maker mindset. We got tons of activity right now. The floor's buzzing. We are rocking. We've been here all day pre-gaming, pre-interviewing. The keynote starts. It's Monday, day one. It's the afternoon keynotes, which will kick off, which will be a flurry of parties tonight. So we'll see how we do tomorrow when we pull up a night or tonight. I'm going to probably go home and go to bed. I'm still on the Amsterdam time from Kootkaun. But a lot of activity, people are rolling into the keynotes you see behind us. Exciting. You're still on European time here, John. Exciting time here. And this is a collaborative industry. We're going to see how good they can be. And sharing the data. I think we're going to start to see a big mergers and acquisition interest in the surge in this industry. As you know, you pointed out this four criterias that people are looking at right now for acquisition, alignment of vision, technology, fit culture, and financial considerations. Obviously economics. And we've got a bunch of companies we're pointing out. NEOSEC, NONAME Security, Sonray, Sequence Security, Cloud Storage, Horizon 3, Antion, Hunters, Illumeo, JumpCloud, Salt Security, many more. All focused on specialized solutions to address the security challenges of cloud scale. Tigera, I just interviewed those guys. I even, we're going to interview with Island Browser. It's an enterprise browser. And that's going to come in handy. We've been talking about WebAssembly and open source. Wasm as it's called. A whole nother shift of developer action is happening. I think DevOps and DevSecOps is going to go next level. That's what I'm looking for here is to find out who is going to be rocking this. And the question is who can scale and be secure and deliver operations? There's a narrative now too. You know this better than I in the VC community that any company who's series C trying to raise money, you have a very difficult time. Series C funding has dropped like a rock. But I talked to you beyond trust earlier and they're saying, hey, we're beyond series C. We're doing great. So that's sort of an example of a company that's evidently doing pretty well. It's hard to tell. But there are so many companies that raised a ton of dough during the tech bubble, during the COVID bubble, that they might have a tough time, John, getting the follow on rounds. And you've talked about this that a VC oftentimes is going to say, yeah, the hell with it. I'd rather start over. Some of the smart VCs that are coming in the security angle from the cloud, native worlds and cloud is saying, developers are the new consumer. It's like all the B to D. B to D to B, business to developers to business. If the developers as the consumer of the technology like it, then massive amounts of developers will be using it. That rise, that could bring a new model security. They'll make the changes in the landscape. We're seeing signs of radical changes right now and how programming is done with AI and ML and large language models of proprietary data. The data will be the new weapons, Dave, against cyber attacks. Merit Bear called the whole scene like a Marvel movie. Like pick your superhero, right? Against the bad adversary. Proprietary data is what's coming out of this AI wave that people are pointing to and we have our data and we've been verifying, I agree. That's the weapon against the cyber attacks. Using data properly and that's going to come from both a partnership between the security teams that are yes teams and developers who are slinging the data and coding the data. A prompt engineer is a query to a system that's coding. So coding data with security teams will be the new weaponry to fight the next gen cyber wars. Well, I think basically you're saying that security ultimately is a data problem and if it is a data problem then AI is part of the answer. It's a data opportunity. Well, okay. It's a data opportunity. Right, okay. So a data problem on one hand is a data opportunity on the other. That maybe is the do-over. The problem is most companies, like 99.9% of them, data's all in silos. Programmable data will arrive on the scene and nobody's going to see it except for the revolutionaries who are going to understand that data is the new weapon. What do you mean? Explain, explain. There's a revolution going on in the world right now in the world of cyber security. The data size not being seen by the hardcore security guys. So programmable data, meaning like programming with data will allow you to fight faster and use the large language model, the foundational models, whatever multimodal system you're using to be larger scale and be bigger. So I think data as a proprietary asset will be that and I think the new wave of innovation always comes from revolutionaries in this market, not the small incremental advances. This is not a incremental move the ball down the field inch by inch. This is going to be game changing, fast pace, and that's going to come from revolutionaries. To succeed with that strategy, you cannot have the data be all buried into different silos inside of SaaS applications, inside of business processes. It has to be discoverable and accessible and shareable in a way that's trusted. Dave, it's rocking. We're going to get the keynotes going. So the keynotes are going to hit the scene. We're going to take a break. We're going to roll into the keynotes. Yeah, so just so you know, so Roe hit guy is one of the keynotes. He's the one, we stole the looming identity crisis. I love that. And then G2 Patel you just had on Tom Gillis. Wait, he stole that from us? No, we stole that from him. Oh, okay, got it. Yeah, no, it was so good. I had to take it. Okay, that's it. And I tagged him on LinkedIn and he said, hey, there's good title. And then Tom Gillis who left VMware last year to go work for G2 Patel. You know, you wonder, right? Because we had Tom on last year. He said, Tom, your story is so good. I think G2 Patel probably heard the story in theCUBE. And he said, I got to go poach Tom Gillis. Well, I can't wait to get those guys on theCUBE. G2 Patel was just on earlier. We'll get him back on. He wants to do more with theCUBE. So we're expecting more from him. He's a great leader. He's got two groups. He's got collaboration and security. It's kind of interesting the way they organize that way. But I think they do it as a whole hybrid thing. They'll give that job to anyone. He'll take it. Well, but I mean, there is some logic to it, right? With the remote work and hybrid and then. Yes, it's totally legit. It makes a lot of sense. And they're two big monster areas for Cisco. Okay, I know they're core businesses on the other side, but he is on a major piece there. And I got to say, he's the right guy to pull it off. And I love the submit. President of VMware is speaking today. So, I mean, VMware has a really good security story. We're going to have Jake on tomorrow. CEO of Jscaler. CEO of Zscaler, I mean. Jay Chaudry? Yeah. Zscaler. Jeremy Burton is going to come on. Good friend of the CUBE CEO of Observe Inc. We got At Bay, Palo Alto Networks, Bug Crowd. Crowdstrike's coming on. Crivel's coming on. It's going to be good. They've got a lot of great content. We've got a couple of CISOs coming on as well. Sondray Security, they're coming on. Awesome. Aperio coming on. My friend, Anthony Cunha from Mercury Financial, is roaming around. We're trying to get him on. Sironics is coming on. We've got Zias coming on. Carvella for CK Research. Yeah, Zias Carvella. I mean, we've just got a great line up. Sorry, we're in town, right? Yeah, we're going to crush it. All right, so. And we'll have our new journalists, right? Yes. David Strong. Guys, a lot of updates from the CUBE this year. We've got the CUBE pod, as I mentioned earlier. You go to SiliconANGLE.com. You're going to see a lot of security content coming. Security across the cloud, across AI. And looking for those winning hands. Those formulas for success for the next generation. We'll be tracking the profile in them, obsessively going into the details of their business model, their technology, and the customer traction. That's going to be the tell sign, Dave. Can they get it done? What will happen? Distributed computing, distributed platforms with the edge. It's a data problem and a data opportunity. All right, Dave. All right, John. All right. Stay with us for more coverage. We'll be right back. The keynotes are going up next. Come back with the CUBE. We'll stay with us. We'll be right back.