 Welcome back everyone to theCUBE's live coverage of MY's, the leading cybersecurity conference. We're here in Washington DC at the Marriott Marquis. I'm Rebecca Knight, your host, along with my co-host and analyst, John Furrier. We are joined by Chris Lopez. He is the technical marketing engineer at Cloudflare. Thank you so much for coming on the show. Happy to be here. So we are hearing so many conversations about security breaches and ransomware attacks. They are rising exponentially. In traditional prevention and detection, technologies really aren't enough to stop them. So what are some of the trends that Cloudflare is seeing with regard to zero trust? I mean, when it comes to zero trust, it really comes down to time to productivity and consolidation, right? So managers, they want something that is able to be deployed very quickly and they want something that is, you know, be able to be deployed very efficiently, if that makes sense. So like, they don't want to have to manage devices. That we offer like clientless onboarding, like we offer like clientless web isolation to be able to, you know, isolate unsecured traffic and really just be able to, the ease of use of it is really becoming key, right? Because you can have as many features as you want, but if you can't apply that effectively, then it's not going to be very of a choose to you. You know, one of the things that's come up a lot is, oh, the perimeter's been dead, zero trust is critical to make that work. But now you've got the customers who are trying to put all these tools together, different vendors, just got shared responsibility models, a lot of seams for the bad guys to get in there. You guys have taken a good approach with the network. What's the big value that Cloudflare is delivering to folks today? Because simplicity is one we hear, developers constantly monitoring. What's the big secret sauce of Cloudflare? Why are you guys so successful? Well, I'd say apart from the ease of use, it's going to be our massive global edge network, right? We started off as a CDN. So obviously once we're managing, you know, 20% of the world's traffic, it becomes easier to apply security services on top of that rather than do that the other way around. And the network is where the ground truth is. That's all the packets as they say, right? Yeah, and our pace of innovation. Right, so like Cloudflare is on the front lines of things like people who are creating generative AI applications, right? And you know, image-based AI applications, like we're on the front lines of that. You know, the AI buzz got everyone kind of jazzed up. Generative AI is, I mean, generating stuff. So you've got more, I mean, I've been on our podcast, I said a lot of code pollution coming out there. You can do good code, but also bad code too. So a lot of injections, new stuff hitting the network content-wise, but also people using it to find zero day, for instance, or other things. How has AI changed at least the landscape from a cybersecurity standpoint? How do you guys, obviously you have the network of visibility of that. What are you guys seeing? A lot of people are turning to AI-based tools really to do their job, right? It's showing up in shadow, you know, shadow IT, you have chat GPT showing up, you know, and people are using that to say, hey, give me a program that does this. And unfortunately, there's a security risk associated with that because they start putting out, you know, intellectual property on the web and it's now become open source, that kind of thing. So, Cloudflare helps mitigate that, mainly by controlling users' access to such applications. I mean, that's just basic threat defense there, but also we're able to isolate web sessions to AI-based applications. We can say, hey, we're going to stop you from, you know, copy, pasting something, or if we detect a signature within your traffic and it's going to this application, then we're going to go ahead and stop that. So you're mitigating risk with AI, but you're also helping companies stay on this next wave of innovation. Can you talk a little bit more about what you're doing to support companies in using AI for? Sure, so Cloudflare currently, we have the Zero Trust AI toolkit, but also for developers on that side, we have Constellation AI, where they can run, you know, basically pre-trained machine learning models on Cloudflare's Edge network. And we have Cursor AI, so it allows, you know, it's our tool that helps developers basically navigate, you know, the Cloudflare developer console. On the AI piece, I want to get back to this, because the LLMs would take a lot of heat for hallucinations, but also, I mean, end point protection, you can say, has been kind of replaced by Zero Trust. A lot of people pointing to that as a thing. It's a new perimeter. And the question is, is that with LLMs, people are putting their IP into them proprietary models, and that's come up as a security issue, an IP issue. Is that a security risk? I mean, how do you guys see that from AI perspective? LLMs, the mashups coming down. Sure, I mean, when it comes to Cloudflare, really what we're saying is you're going to be just using our network, put our network in front of you. I mean, you're going to see that, like, even in the non-AI services, like, you know, magic transit, let us proxy it, right? So when it comes to, is AI, or, you know, is it a threat for people to put their IP address in AI? I'd say Cloudflare would probably be very well equipped to be able to handle emerging threats that would be coming from that. What's the developer landscape like that you guys see out there? How are people using you from a development standpoint? There's a lot of younger, yeah, AI has kind of brought this whole renaissance. Pretty much, if you're under 30, you're pretty much doing AI, so I just had a meetup in San Francisco and I saw a bunch of computer science freshmen from big schools, like not shabby schools. These are good schools. They dropping out, when I asked why, they said, I don't want to miss out on the AI wave. So there's a huge tsunami of developers. Wow. And so, are they just, what do they do for AI? Do they stand up, Cloudflare? Do they use the network? How do you guys engage with developers? So, like I mentioned before, we do have Constellation AI, so we do have the pre-trained models. I mean, Cloudflare Workers itself just allows people to, you know, generate, you know, or build more applications on Cloudflare's network, right? So serverless compute that way. When it comes to how Cloudflare's really, I mean, that would be essentially the scope of how we're currently doing that, but stay tuned for next week. We do have a lot of announcements coming with Cloudflare's birthday week in regards to AI. What's zero trust mean to you when people ask you for the definition of it? What's the current state-of-the-art zero trust definition? I mean, never trust, always verify, right? I mean, we all know that one, but... But when you deploy to IT department, what does that mean from an argument, implementation standpoint? They've replacing anything. What are some of the practical implementations of zero trust? Well, I'd say like a very unique part of Cloudflare is the part where we're just using our edge network to deliver all of these services. So we're saying, just use us, right? You don't have to, all of the previous configuration that you had to do, all of the metal boxes, they go away. What's some of the cool conversations you've had so far here at the show? Well, I haven't been here too long, but I did have a pretty interesting conversation about DDoS. And how'd that go? Interesting, I was actually getting up speed on that product, but he's actually from a competitor and he was, or not like a competitor currently, but someone who used to be a competitor against me at a previous job. But basically you're saying that, yeah, Cloudflare has a more effective DDoS solution than they do, we kind of compare notes. You guys have done really well. You guys got a great reputation in the tech circles, certainly in the cloud computing world with everything now going edge and AI at the edge. A lot of people are just trying to figure out what to do with all the devices at the edge. You guys have that CDN. Any perspective there? Well, could you elaborate? Like if you have the network, global CDN, the network, obviously that's going to be great for table stakes and security. But if I'm a company I want to deploy more applications say at the edge of the network with devices, how does that tie into Cloudflare? Just kind of taking it through. I mean they'd be a shoe in for zero trust network access. So we have our app connector, right? And you'd be able to proxy any service through Cloudflare's network. I mean, if you're trying to deploy it that way. I mean, to me that would be like a huge deal from a security standpoint. When we talk about AI, it's like, I think people are more afraid of AI than they actually know about it. I mean, I just saw Elon Musk was in Washington DC said AI is going to kill us. I mean, that was his sound. Now Elon's a little bit out there, a little bit out there. But the AI is pretty much hyped up right now. What's your take on the AI? What's next? I'm interested in seeing what goes beyond like the models that that chat chief was built off of, right? So we know that there is a upper limits to how effective that platform can be. And that's just because of the architecture that was used to construct it. So I'm interested in seeing like someone who use a less popular architecture that can go further. And maybe they come out in five, six years. I mean, I'm really interested to see what that does in terms of just, I don't know, adaptive learning. Well, AI is such a hot topic. And as you said, it's going, every conversation here in corridors and panels, the keynote is going to be talking about it later today. What do you think we're going to be talking about at next year's MYS conference? I mean, with regards to AI, if you could look into your crystal ball a little bit, what do you see the future to be? I think that someone might integrate AI in a really effective way. So you basically have like an assistant who would show up and say, hey, what do you want to build? Right? And you don't have to give it very precise instructions. You say, hey, I just need to onboard this application and I need to apply these rules around it. And you'll be able to interpret that through natural language to say, build this policy and build these tunnels and they're going to go here. I think that'd be really cool. I interviewed your CEO and I pulled up the quote here in our video data lake, it's a little AI in there too. But what I found interesting was he told the story, he's like, when Cloudflare first started, he was at an investor meeting and he said quote, Cloudflare is an AI company. And he said, all the AI has kind of rolled like really come on. And he's like, no, no, we had the one platform. And what he was illuminating was, is that with all that data, you can see a lot of the patterns. And so when you look at machine learning that you guys had in place, you had that already going on. I got to believe that the AI is really adding value on identifying kind of all that data, that collective intelligence on network security. Is that, what's the vibe like right now? Is that first, you obviously agree with that statement since he said it, right? But what does that mean for the customer? Because I can imagine that not only to get the zero trust, now you have all that data to help them get the benefits of other customers' patterns. Well, currently that translates to better intelligence, right? So with DNS, all the DNS requests, all the HTTP requests that we vet and we analyze every single day, we have fantastic threat intelligence. But in terms of the future, I'd say, I mean, better threat categories, sure. I mean, the ability to detect threats faster, right? I mean, if we look at the WAF right now, we have the currently managed rule sets like the OWASC Core 10, we have the credential stuffing. They're probably going to have more categories that pop up from that in the future. What's your main job right now at Cloudflare? What do you do there? What's your main task? What do you work on? Oh, sure. So my job is to, well, I'm a technical marketing engineer for Zero Trust. My job is to basically learn the platform to be able to build a compelling demo environment that I can then make videos and just explain it at any level. So C-level or technical. Do you go out and customer calls and like do- All the time. What's the hardest customer problem that you saw and you were involved in? Let's see. I feel like I'm going to terrorize you. It's like a chop in everywhere. In the hot thing. I'd say it was actually surrounding RDP. We had someone who basically needed to RDP into 500 different devices and it was, they just, they wanted to make 500 different policies or basically 500 different applications and I was basically saying, no, you just make it IP based, right? And they were basically trying to do it one way and then eventually we realized, not to go into too many details here, but we eventually realized that they should have just been doing it a far simpler way. John mentioned that AI is creating this sort of renaissance for the tech industry and more and more young people, the best and the brightest are really wanting to go into tech and into AI. What are you seeing on the ground in San Francisco where a lot of offices are empty and people are working from home, but what's the vibe in San Francisco in terms of the talent pipeline going into and who want to work at companies like Cloudfiller? So I'm actually based in DC itself. I've been to the San Francisco office. Honestly, that office is bustling. Everybody who shows up there, they really want to be there. It's an excellent vibe to be at the San Francisco office. When it comes to remote working and things like that, I mean, a lot of people have gotten used to working from home. I personally do come into the office a few times just to be around people, to be able to share different skill sets because I notice my own knowledge base gets a little brittle if it's just me. You have to be able to talk and bounce ideas off of people. And would you say that that is the style of Cloudfiller, the collaborative environment and working together, create, bolstering creativity? With all the different functionalities that we have and all the different specializations that you can have, you need to collaborate. Do customers get tool overload? I mean, how many tools, how many zero trust tools can one company have? At some point you've got a platform, great platform and or tap the network. How do you guys, when you run into that, the tool sprawl? Customers who have too many tools. You don't insult them directly, but you've got to kind of give them some feedback. I get it. So when it comes to zero trust, I mean, that's just an amalgamation of seven different products, right? So we've got, you know, a SWIG, you know, we've got DLP, you know, we've got zero trust network access. I won't list them all here. We do know. So, and I'd say like zero trust tools in that sense, I mean, just zero trust platform it becomes effective when you have those seven products there. But when it comes to the rest of Cloudflash dashboard, I mean, you know, the zero trust is just a small part of what we do. And when, you know, we really look at the bread and butter of it as CDN, that's WAF, right? That's anti DDoS. And those are all very discreet services that customers will immediately see a value for. So I don't see tool sprawl or at least customer, negative customer reaction to tool sprawl that much just because everything that's there, they have a use for it. You got to use it, yeah. Yeah. Like when you have a web presence, you need it. Excellent. Well, Chris, thank you so much for coming on theCUBE. This was a great interview. It's great to be here. Thanks. I'm Rebecca Knight for John Furrier. Stay tuned for more of theCUBE's live coverage of MYs.