 Welcome everyone to this Cube Conversation featuring Elastio. I'm your host, Lisa Martin. Today, excited to be joined by Cube alum, Nash Hussein, founder and CEO of Elastio. Nash, thanks so much for joining us today. Great to have you back on the program. Thank you so much, Lisa. Happy to be here. Yeah. Tell our audience a little bit about Elastio. What do you guys do and what gaps in the market did you see back in 2020 when you launched the company? Yeah. So, very good question. So, back in two companies ago, we had a company called Apogee on the data protection space. What we did really well in that company was figure out how to recover from corrupted data. In those days, it was Exchange, Microsoft SQL, and you remember those days when Exchange went down, I mean, the company was done, right? You couldn't communicate. So, that was a big problem. So, we did so well there as we were able to understand the data and if it was clean or not, and we could do that early and often. So, the customer can understand if they were vulnerable or not. Can they get back when Exchange goes down, it's going to go down? So, they were prepared for that and they can take proactive steps to make sure their apps continue to run. So, that was circa 2010. Circa 2020 when we founded Elastio, we shifted that emphasis over to cyber, because the cyber threats are so prevalent now. So, we spent a lot of time, first of all, focused on the cloud number one. So, everything we do is cloud native, but we really drilled inside of these cyber threats to understand how they can corrupt the data. So, we spent three years kind of reverse engineering all the known ransomware out there, 1800 plus of them, created some very interesting ML engines and data integrity scanning engines to go solve that problem. So, we founded in 2020 to go run after that issue. We have kind of two components to the platform. We both can protect the data and make it immutable, plus make sure it's scanned and clean and recoverable. And we released that literally January and we're off to the races. We just finished our series A and we're running excited to get out in the market. Nice, lots of momentum, I'm sure. As you mentioned, cyber threats are so prevalent. Ransomware, you mentioned it's a household word. It's no longer something that any organization can ignore, because it's really a matter of when we're gonna get it, not if, talk about some of the challenges and the rise of ransomware that your customers are facing. Yeah, I mean, some Gartner stats are really scary. I mean, they're saying 75% of the companies are gonna get hit by 2025. And all these folks have perimeter defenses in place, right? You're running the state of the art perimeter defenses, but the bad guys are still getting through, right? And they're getting to the data. So that's what we really focus on, the data integrity, making sure that that data is clean and or not, and we're gonna tell you early and often if it's not. So we continuously check that data for you. And if it is a corrupted piece of data or you have a threat sitting in that data, we'll notify you quickly, notify the business so they can take proactive steps to recover that. So it's a kind of a wide open, left open space in the market where the data is very vulnerable right now. And we're data guys and security guys, we understand that. So that was a great market for us to go tap into. That's a great point. Data is incredibly vulnerable. It's such a huge asset for organizations. But you mentioned that Gartner's data, three out of four businesses are gonna experience ransomware by 2025. That's around the corner. Gartner's recommending that customers really shift their focus and spend to resiliency initiative. So I wanna pick your brain on, what do resiliency initiatives look like? Who's at the table? This is a board level conversation. What do you see? Yeah, it's a great question. So it is a board level conversation now. So we're seeing kind of two sides of the business engaging us. It's the security first side. So the security mandates coming down from the board and through the CSOs and the security organization, saying, yeah, this is a serious problem. We have to start thinking about becoming more resilient. It's all around data resilience. I was here to start thinking about that. And how do I know if my data is recoverable and clean? How do I know this, right? And the business is running the risk of running where the data is opaque and you can't see inside of it. It's a high risk to the business. So everything we do is to make sure that thing is inspected and make sure the business knows if there's a risk inside the data. And if there is, we give them ways to recover that. The other side of the fence is the infrastructure team. So ultimately they get involved in this as well because they're dealing with data. They usually typically deal with backups, right? So the security mandates coming in, hey, I need to make sure my data is clean but also that it's recoverable. So I need recovery assurance as well. So that's where we start to engage that side of the house. And so we've done some very clever things with Amazon. We partner very closely with Amazon with some of their tooling to make sure that if customers are running their backup tooling, we can integrate with that as well and provide that value to those customers. As organizations start thinking about becoming resilient, you mentioned AWS, what's the biggest risk to cloud data resiliency that organizations may not be thinking about? Yeah, so cloud is much different than on-prem, right? So most customers are moving in from on-prem. They might have on-premise tools but it's quite different in the cloud because the cloud operating mode is so much different. It's ephemeral, it's on-demand. There's literally thousands of resources that get deployed constantly. How do you keep up with all that? It's very difficult and difficult. You can't do it manually. So you need to have automated tooling that can check that and make sure that data is clean and scan it continuously to make sure nothing's left behind. And it literally just takes one vulnerability. Some vulnerability on an EC2 instance is open to the public, right? Or some unencrypted EBS volume, one out of a thousand, a bad guy's gonna attack that. So that's why this cloud native type tooling is so imperative in the cloud. And that's why it is different than on-prem tooling. It has to be designed for the cloud, designed to handle the load, designed to scale on demand. All those things are required to provide this level of protection for cloud customers. So to ensure that data is clean, it's protected. Tell me when you're in customer conversations, how and why is Elastio the right solution? Yeah, it's a good question. I think a couple of things come to bear for them. One is the fact that it's integrated in with the cloud, right? So it's best in class for the cloud. So everything we do ties in and follows their security policy, which is very important. It integrates cleanly. The data, when we protect the data, it stays in the context of the customer account, stays in their VPC. So we don't move the data outside of their control. Very important. So all those things come into play. But on top of it, what they really love is the visibility and the clarity that we give them on the types of threats they have in their data. And for them, that's invaluable. That visibility and clarity is not a nice to have. It's really an imperative. So the security market is fairly congested. So why is it that existing security platforms are not solving for the challenges that you're talking about? Well, it's a very unique problem, right? So you're dealing with data, which is one thing. Most companies are dealing on the network or as an agent inside of the host. But dealing with data is hard because there's so much volume of it. So you're literally thinking about, I have terabytes of data sitting here. How do I make sure that those terabytes, it could be AI data, it could be database data. How can I make sure that the data is clean and recoverable and it's not compromised? And that's tricky. So you have to have kind of roots inside of data as an organization, as a technology to understand how you can actually parse that data to make sure it's clean. It's difficult technology. And we have a lot of experience there so we're able to kind of tackle this problem. And we think it's a huge problem today and we're trying to help our customers not get attacked. So for customers to protect themselves, we mentioned the ransomware stat. What are the questions that businesses, the security folks, the infrastructure folks, the sea levels should be asking themselves to really ensure that they're designing a data resilience strategy that's gonna allow them to recover? Yeah, it's a great question. So part of it, there's the basic questions, right? Am I, do I have a data integrity engine in place that I can check my data against ransomware? Do I, is that available? Are my recoveries able to recover? Are they clean and uncompromised? Or do they have ransomware in them? How do I answer that question? So in today's cloud market, you can't answer those questions. And if you can't answer those, you cannot be resilient, right? So the big key of resiliency is to make sure that data is inspected, to make sure it's recoverable and make sure that if you do get attacked, God forbid you have a post-attack recovery strategy to make sure you can get back safely and with the minimum data loss possible. Absolutely, the minimum data loss. You talked about the difference, the significant differences between on-prem and the cloud. The cloud itself brings a new set of threat vectors. The stats are showing, as you mentioned, ransomware is a one that's going to happen. So businesses need to have a really strong resilience strategy in place, as you talked about. How do you help customers that are in cloud migration journey do that simultaneously? Yeah, that's a tough one, right? So typically, when customers migrate, there's multiple ways that Amazon and the Azure and the cloud vendors enable customers to migrate. So our strategy with them, as soon as that data lands inside the cloud, that needs to be protected and that can be protected with us and scanned at that point. So as soon as it drops, it can get scanned. So you don't want to introduce vulnerabilities and threats into the new cloud environments. You want to catch that early and often to make sure that it doesn't pervade itself if it is infected. Talk a little bit more about, we talked about clean data. How Elastio enables businesses to recover data cleanly and quickly. What are some of the kind of the under the hood technology elements that is allowing you to achieve this? Yeah, so great, great one. So we have a very interesting technology that can actually deeply inspect the file content. So it goes inside of the data to look for anomalies and threats and ransomware. Many companies think about cursory information like just anomaly detection. Hey, how much data has changed over a period of time or did something get encrypted? But that's too high level. You need to be inside the data, so it's accurate. If you do it with just anomaly detection it's too many false positives. So we've done the really hard work of understanding what ransomware looks like, 1800 plus of them inside of the data and how it encrypts and very clever. I mean, the bad guys encrypt one block and then 10 blocks later encrypt another one. So it's not the whole things, how do you capture that? So there's a lot of different approaches the bad guys use. And these are well-funded groups and they're insented, they're capitalist, they're insented to make money. So they're very, very clever. So you gotta try to stay ahead if you can. So our security team is constantly researching new threats to look for new vectors. And obviously we coordinate with open community, with the open source community and other threat intel agencies to enhance our capabilities. Yeah, nobody wants to be the next headline where a ransomware event is concerned. I was actually talking with a customer of one of our clients who got hit and was unusual in that he was willing to talk about it because he learned so much. How much of what you're seeing with respect to ransomware vulnerability is we talked about the technology piece. How much of its people and cultural that need awareness and training? I imagine there's a fair amount of that. It's a ton. I mean, look, people operate and put self-interest right in mind and that's how they mostly operate. So I was speaking to Assiso and many folks keep this quiet because they don't want this word out. His point was I never want to be that company like SolarWinds, for example, never. I mean, that's a fear for them, right? So I don't want to be that company that's been ransomware attacked. I don't want that. And that's coming down from the board now too. I mean, these are extinction level events, man, right? Yep. That's a serious problem. So they don't want to be that in that situation or in that environment. So that's where we try to help, right? So I think the best strategy companies can do is layer in your perimeter defenses as you do today. That's fairly robust, but you must layer in the data resilience later underneath that to make sure that you have your first line of defense and you have your last line of defense and you're fully covered. And then you have an option. God forbid you're attacked. You can get your data back, right? So. Yep, end to end protection is like we said, it's not a nice to have. It's an essential for customers in every industry as nobody's safe. Do you have a favorite customer story, Narsha, that you think really shines the light on the value proposition that Elastio delivers, your unique differentiators? Yeah, we have many, but I think one that comes to mind where it's a large e-commerce site and they were running something called ephemeral and scale out clusters and it was front-ending all the revenue. And they were constantly getting hit on these ephemeral sites. And if you know ephemeral means they get deleted, right? So they run for a period of time and they get tossed. So all the evidence has gone as well. So the bad guys attack that, which makes a lot of sense, right? Because it's hard to track them. So they deployed Elastio and Elastio obviously can pick that up. So we're completely automated. So we'll pick up new workloads as they appear and we take them and scan them, right? We protect them and scan them. So we look deeply inside there. So we had the forensics history for them now where yes, these ephemeral workloads were getting tossed and then we could track back through forensics through the recoveries. Hey, where did that threat come from? We could pinpoint the issue. So because of Elastio, they're able to now go back and forensically figure out exactly what happened. So we provided that extra level of threat intelligence because we have the history that the security team can then use to solve the problem. So it's solved now and they're hardened and they're up and running again. And resilient. And resilient. And that's absolutely critical. What are some of the things that are next for Elastio? What can we expect any little peek into the road map? Say the next six to 12 months, things you're excited about? Yeah, you'll see a bunch of new things coming from us. So re-invents a big inflection point for us. So we'll be there. You'll see new service coverage from us. So we'll expand our service coverage. You'll hear more about multi-platform. So obviously the other clouds are very important for us. So we're looking hard at that. And more integrations with AWS. I mean, we're the tight partnership with them. We jointly sell customers together. It's very important. So we're gonna continue to add capabilities inside of the AWS ecosystem to harden that environment. That's important that AWS ecosystem is massive, but also the multi-cloud approach that you talked about is so many businesses are finding themselves living in multi-cloud for various reasons. So we will definitely be keeping our eyes peeled, our ears open. Not great to have you on the program. Thanks for sharing what Elastio is doing, how it's different, and how you're really enabling organizations to have that end-to-end resiliency that is table stakes these days. We really appreciate your time and your insights. Thank you so much. My pleasure. We wanna thank you for watching theCUBE and remind you to keep it here for more action on theCUBE, the leader in hybrid tech event coverage.