 We're joined by John Smith, the Solutions Architect from Extra Hop Networks. Welcome, John. Hey, thanks for having me. Absolutely, so you said it's your first time to the RSA conference, so I'm just curious kind of first impressions of the show. Wow, well there's certainly a lot of people here. It's the biggest show I've ever been to. We've been to Synergy, Hymns, a couple of them. I think Hymns might have more people, but it certainly seems more crowded. People are more involved in the booths here. Askin' a lot of really good questions. A lot of ones and zeros people at the booth, so you really gotta be on your toes when you're talkin' to folks. All right, for the people that aren't familiar with Extra Hop, give us kind of the overview of what you guys are all about. So we are a real-time IT analytics product that uses wire data to provide, at least in the security space, the biggest play we have is more around surveillance and visibility. One of the first two controls that SANS recognizes as being that you need to secure your environment is asset inventory and the ability to see what applications are running on those assets. A lot of the tools in the security industry try to engineer down to that, to try to give you that. It's one of the, a lot of security people will kind of name that as one of the more difficult things to get. We start there. So we are a wire data analytics is kind of the core of what we do. So we don't require any IP addresses. We don't, or I'm sorry, we don't require any agents. We don't require any SNMP, any ping sweeps or anything like that. If it has an IP address, it can't hide from us. So that means whether it's an IoT device or a medical device that's been compromised. If it's someone who wants to work in the dark and they've got a knackle that's blocking people. The minute they communicate with someone else they're made and they can't hide from us. So what we've seen in our, in our, with our customer base is a kind of a burgeoning security practice where people are actually using the appliance more in a security use case. And that's probably our fastest growing use case right now. So what was, what was the core of the business before you said extra hops been around for, for 10 years, but you knew here, what was kind of the core business before your security practice really grows? So the core of the business and you know, there's three kind of major areas. There's a, we, we generally use the wire as a data source. So we, we position the customer to interact directly with the wire and the data that's coming across it. So that can be break, fix and performance of your different web applications from layer two up to layer seven. A lot of that is business intelligence. We had a, an online retailer that wanted to know, you know, the average of income of people who filled out their credit app by zip code so that they could adjust pricing. That used to be a complicated Olap job on the backend. We were able to give that to them in real time so they could see, hey, people in this zip code make $300 a month more than people in this zip code. We can raise prices here. So business intelligence and break, fix and performance are big ones. And then of course in the security place or the security space where we're able to provide full accountability for every single IP address on the network has been very powerful. Interesting. So you said you had some, some announcements that you guys are making here at the show? Yeah, so we are announcing our, our SaaS offering which is another, it's basically a machine learning, cloud-based machine learning platform that allows us to do some anomaly detection without the need to, you know, a lot of your long, cloud-based anomaly detection tools require you to forward terabytes of data so that then they can look at it, analyze it and then maybe an hour later you get some information that you've been breached or that there's a problem. Or maybe, yeah, exactly. We're kind of unique in that we're able to, you know, what our Atlas program is able to essentially interrogate systems that are deployed around the world, currently around the US, it's a US offering today. But basically we can interrogate those systems for any types of anomalies that happen. Actually in the run-up to the offering we had a customer that was able to reroute some traffic because they were able to see the Mariah Botnet was starting to meddle with some of the performance of different parts of their infrastructure. And so having the ability to be able to provide customers visibility into what's going on on their networks without the burden of making them FTP data up to you so that then you can evaluate it. One, you don't have the infrastructure burden of sending the data to you and the delay with that. But in addition to that, you're able to provide some real-time visibility. One of the things we've noticed is that the people who have the ability to interpret the data and to kind of parse and tell you when there is an anomaly, they're very overworked and they're spread really thin in a lot of their organizations. We augment that capability by doing some of that heavy lifting for them so that we can say, hey, did you know you have a 1,000% increase in DNS traffic from this particular host? That type of visibility that you can do in real-time so that if you have multiple branches around the country, we can provide that visibility from one centralized location. It's all about the real-time, right? Real-time is in-time, hopefully. Real-time and really the money is in the mash-up, right? We've had a lot of really, one of the things I've noticed over the years is threat intelligence has really matured. And I think that's great, but if you can't marry that with some of your own intelligence that's going on on your own networks, you know, the value is really a lot tougher to realize. If you can ad hoc or if you can engage in some ad hoc threat intelligence by leveraging a platform-like extra hop that can do the evaluation and thread things like anomalous behavior, that makes your agility to deal with today's threats really, really a lot more effective. Most threats, as you're probably aware, happen. I think 93% of them happen within a minute. You know, dealing with that with humans, dealing with that with logs, it's really, really tough to do. I love logs and I love humans, but if you can position yourself to engage in, you know, programmatically dealing with that, we see orchestration as becoming, you know, kind of an emerging technology and we're uniquely positioned to be able to interact with any sort of orchestration engines, something like a phantom, you know, things like that where we can observe some actionable data and then we have an open platform that can then integrate with the orchestration there after. John, that was a great time. We were going to leave it there. Thanks for stopping by. The money's in the mashup, did I get it right? That the money's in the mashup, baby. All right. He's John Smith. I'm Jeff Rick. You're watching theCUBE from Marseille. Thanks for watching.