 From San Francisco, it's theCUBE, covering Day2IQ. Brought to you by Day2IQ. Hey, welcome back, everybody. Jeff Frick here with theCUBE. We're in downtown San Francisco at the Day2IQ headquarters. They used to be called Mesosphere. They rebranded the company. They've got a much bigger focus than just Mesos and supporting Mesos. So we're here to get the story really. Talk about, you know, enterprise's journey to cloud native and we're excited to have our first because he's Brian Kenyon, the chief strategy officer. Brian, great to see you. Thanks for having me. Absolutely. So Day2IQ, I'm going to get it eventually by the end of the day. Interesting name. What does Day2IQ mean? Why did you guys rebrand the company? Yeah, absolutely. So we were formerly known as Mesosphere and the technology that we founded the company on was an open source package called Mesos. So the name naturally had a very close tie with Mesos and Mesosphere. So as we looked to rebrand the company and really enter the market with some of the changes we've seen in the evolution of cloud native, we focused on where customers were having trouble. Where they were focused on operations, how they were going to take these concepts and these great ideas that were pervasive in the concept of cloud native and make them institutionalized and operationalized inside their companies. And what we found was, you know, day zeros when you played around and tested things and day one is when you got it installed and stood up. But day two is when you really focused on the operations. How do I make this enterprise ready? How do I make this fit my business? All of that happened on day two and after. And so we saw that as a pretty natural way to focus our energy and focus our market penetration on day two. And you also expanded beyond just kind of the Mesos ecosystem into some other areas. And containers and Kubernetes, also data. So you guys are taking a little broader approach than maybe the company had at the original launch. Yeah, absolutely. And you've heard from one of our founders already and you spoke to our head of engineering. So I'm the newest of those, right? I joined in February, so I'm just, you know, almost 10 months in. So when I joined, I spent a lot of time meeting with our customers, talking to partners, talking to other folks and vendors in the space. And what we saw was there was a massive shift happening from where cloud native started maybe three, four, five years ago to where it is today. And one of the biggest changes has been around the emergence of Kubernetes, which has turned into a de facto standard for containers and cloud native. And so as we've evolved and moved into this day two IQ name, as we've started focusing on meeting our customer, we've obviously taken on a bigger stance inside the Kubernetes community and Kubernetes product line. Right. So what did you see? I mean, you're a long time security executive. You've been strategy and security for years and years and years. What did you see in this opportunity with this small startup to get you to leave, you know, kind of a safe, comfortable, pretty standard corporate job and to jump in back into this. Nobody's ever said security's safe, so that's awesome. Well, safe certainly in terms of job security. Go run around RSA, my goodness, the biggest show out there these days. It is. So what did you see? I saw the future is really what I saw. When you really took a step back and you looked at where compute was going and how organizations were starting to adopt new application methodologies, new application architectures, it was very clear that cloud had taken on a big portion of that. And the concept of cloud native and open source technologies was becoming more and more prominent. Right. So when we looked at this, not only do we see a unique opportunity with the cloud native space, but if you fast forward a couple years, customers are going to be coming back around and starting to have conversations around security. How do I secure this? How do my SISOs and my operational folks in security understand this and how do they really, you know, start to apply the same controls and visibility to it? So it was a unique opportunity to get in and focus on where the future of our industry is going. Right. So it's an interesting thing with open source and open source specifically in the enterprise. I think my favorite open source quote is, yeah, it's free like a puppy. You know, it's not free and you need support and you need training and you need a lot of help. So, you know, when you guys work with enterprises and they're, you know, incorporating more and more open source into their technology stack, what are some of the challenges that you guys are coming in to help them to actually get beyond, you know, a simple free download and the latest cool version to actually running in production. Heavy duty loads, really important workloads. Yeah, one of the biggest shortfalls we see is obviously expertise, right? So there's a massive amount of innovation and capability that can be, it can really be captured through open source software. The challenge is it's all community-based. So folks contribute code, they sign it in, it's available for everybody to use, but how long is that code updated for? How long is it maintained? How do new features get added? And what you see is you see a huge spike in interest and enthusiasm. And then just like every other hype cycle, you get to a trough of disillusionment where people move on to the next thing and the next thing in the open source community. And so organizations who wanna leverage that innovation, wanna focus their operations around open source, either for cost savings or time to market, find themselves a couple of years later looking at code that's been abandoned, projects that aren't maintained anymore. We saw this in security with things like open SSL, right? One of the largest SSL libraries used across entire security landscape, there were two people in the world maintaining that code. And so when a massive security vulnerability hit, organizations were scrambling. We wanna stop that now for organizations that wanna use open source. We, day two IQ, wanna bring our innovation, our expertise to bring that open source to the customers and make sure that it's enterprise ready, it's enterprise supported, and it's enterprise scalable. Right. So you guys have basically three market offerings, if I understand right. You've got a solution set where you're taking the core software and building solutions around it. You've got services, professional services to get it in, get it up, and probably support it. So I have a 1-800, somebody to call please, which you couldn't call those two people. In that case. Exactly. And then training, is that right? So those are how you're basically enterprise hardening an open source kernel to get to a great solution for the customer. Yeah, but I'd also add in their services. So whether it's advisory services, implementation services, or just kind of more traditional, our focus is really about meeting the customer where they need us. And if you look at cloud and cloud native today, almost every customer across the globe is at a different evolution or a different maturity in that journey. And so somewhere at the very beginning where they're learning, others are more towards the end where they're focused on operations and how do I streamline this? How do I hire the right folks? So we've taken a product services support and training strategy that allows us to meet our customers where they are in their cloud native journey and assures us that we can provide the right level of expertise regardless of where they are. Right. What's been the biggest hole of all the challenges that you see when people are getting started? What's some of the biggest challenges that you just see over and over and over again that you know you're going to get walking in the door? Over and over, you see training as just a constant across the entire industry. No matter where a customer is in their evolution or their journey, they're constantly having to train whether they're hiring and then training folks on the new way of developing or they're taking developers who have been building code and building applications and virtual machines or old monoliths for years that they want to train to this new paradigm. Training is a huge constant. The other piece is people are looking to rationalize their infrastructure. And so services, we are in a very services led industry right now where we can come in and help customers get stock of where are we today and where do we want to go long term and then put them on a plan, put them on a program or a path where they can achieve those outcomes but do it in a way that's not disruptive or adds friction to business. Because the complexity just continues to increase. It's funny, you know, both Amazon introduced a piece of Amazon Cloud you can stick in your data center and Google introduced a piece of Google Cloud that you can stick in your data center and Microsoft recently introduced a piece of Azure that you can stick in your data center. So kind of this, you know, kind of real aggressive embracing of hybrid and this real embracing of complex setups where you can partition your workload based on where you think that workload should run today is really gaining hold. So the complexity is only going up, not going down. It is, you're absolutely right. And I'll tell you what you just brought up is a great example of why the complexity is growing up. On-prem is a massively different, materially different environment than the clouds. The clouds are built on margin, right? They're built on if I take the same server and do this over and over again, I get repeatability, I get consistency, I get a very finite platform. If you look at how on-prem is, the traditional data center, you buy some servers from Dell, some servers from HP, storage from EMC, storage from HP, you got all different types of hardware and software in there. So fixing that on-prem cloud is hard and the clouds are struggling with this because the concept of taking their very clean vanilla infrastructure and bringing that to the traditional on-premise is failing. That's where we shine. That's where we've built. That's where Mesosphere got their initial start was taking the cloud concept and bring it to the traditional data center. So we're helping clouds extend now by being that on-prem piece that speaks seamlessly with the clouds that our customers choose to use. So I think too, initially, the cloud was seen as a way to save money and we've seen that evolve over time. It's really much more about speed and agility in your development cycles and getting new products to market. The customers grunk that? Are they still kind of wrestling with the cost savings and this is kind of an alternative way to buy, compute and networking and capacity or are they really moving fast because of the speed and the competitive threats? So I think it's interesting and it varies but I will tell you just from my lens, I'll say that a lot of customers are confused. They went to the cloud initially because they believed they wanted to be out of the data center game. It was easier for Amazon or Microsoft or Google to manage the data center than it was for their own IT teams. And so they shifted infrastructure up there and then what they saw was the promises of hyper scaling, the promises of this elasticity or your application grows as more users show up. They never realized that because those applications were built under a different premise, under a different architecture and don't leverage the cloud native capabilities. So you're seeing a shift of people who moved infrastructure or applications to the cloud to get out of the data center or now saying, okay, I'm kind of locked in but where do I get my operational efficiency? Where do I get my hyper scaling? How do I get that? And now you're starting to see that shift from just using the clouds as infrastructure to more moving towards microservices, containers and some of the things that Day 2 IQ helps with. Right, right. It's pretty funny too, right? Because the apps used to have to be built for the infrastructure in which you were going to deploy them. That's now flipped upside down, right? Now the app, the infrastructure needs to support the app comes first, the infrastructure, second. So having an architecture, you got to have the new architecture. As you said, you just can't simply flip the functionality of an old architecture into a new paradigm. And then expect you're going to get the same outcomes. Right, right. All right, so before I let you go, I want to get your perspective specifically on security because again, you were in the security space for a long time, security's a hot space. Everyone says security has to be baked in everywhere. It can't be the castle and moat anymore. So with your security hat on it, as you kind of see these migrations and you see these new deployments and you see this move to cloud native, what do you think about from security? Are people baking it in enough? Are they thinking about it in the right way? Is it just such a fundamental shift that they need to think about security and really baking it in from the bottom to the top? They absolutely do. And I'll tell you what the scariest thing is, is if I go through my CISO networks and talk to folks who are on that side of the fence, they're not even educated to this cloud native space yet. They don't really understand how it's happening and how it's evolving and what that means. So there's a huge education that needs to happen in security. But these things need to be bolted on from the beginning. I'll give you an example. Some of the value that comes from operating cloud native is that your ability to push code and push changes is very agile and quick. So it's encouraged in a cloud native type of architecture that a company can make 100, 200, 300 code changes a day. When I grew up, you'd make those monthly, quarterly, because you had a whole bunch of testing. Well, now they push code multiple times a day. If you don't have your security team in lockstep with those developers and operation staff, how quickly can you get out of compliance? How quickly can you erode your security posture? These are all questions that have to be answered and we're just at the very earliest stages of getting there. We didn't even talk about IoT and edge devices. Absolutely. Which opens up a whole different kind of threat surface. Absolutely. Absolutely. All right, Brian, well, thanks for taking a few minutes. Good luck on the journey and I hope things go super for you here. Thanks for having me. All right. He's Brian. I'm Jeff. You're watching theCUBE. We're at day two headquarters, day two IQ headquarters in downtown San Francisco. Thanks for watching. We'll see you next time.