 Good morning, everyone. Welcome back to theCUBE's live coverage of CrowdStrike Falcon 23 Live from Caesars Palace in Las Vegas. Day two of our two-day coverage, Lisa Martin with Dave Vellante. We just came from the keynote day. It was demo day. Demo day, yeah, Mike Santonis was going deeper in the demos. I thought it was good. I mean, I really liked how he sort of double clicked on the whole notion of breakout time. Yes. He gave some new information there, just to share for the audience. I think it was last year they said the average breakout time was an hour and 58 minutes. Right. And then the last one, the last snapshot they took was 79 minutes. So dramatic compression and breakout. Breakout time is the time it takes the adversaries to get in and get out. Yes. Okay, so, I mean, hour and 58 minutes. I mean, when you think about that and you think about, you know, the member of the dwell time stats and we were talking about Adam Myers, I said dwell time stats don't matter anymore. You can compress it, but they're in and out. But you think about it, if the dwell time used to be like 365 days before you realized anybody's even in there, even if that's like down to a couple days, if they're in and out in an hour and 58 minutes or 79 minutes, doesn't matter if you find them or not within 10 days and you take it down to five days because they're already taking everything that they want, exfiltrated, maybe encrypted. You even said the fastest breakout time that they've discovered was seven minutes. Seven minutes. Seven minutes. Yeah, so I think it was an example where AI is going to help the adversaries in the near term anyway, probably more than it helps the defenders. So, you know, the whole marketing message of we stop breaches is very strong. Of course, you can't stop all breaches. That's kind of the problem. We've even talked about that. There's no software, there's no capabilities to detect every single vulnerability, but they will help organizations prioritize when he was talking about talking for IT and exposure management and that sort of stuff. And his demos were good. He talked about Raptor as the interface for AI. And then the whole notion that Charlotte's going to help you prioritize. It's not, I mean, it is a way in a magic bullet if it actually works as advertised because it can help you take all this complex information that's in logs and other incoming data and then narrow it down and prioritize. These are the high-profile, high-risk incidents or exposures. And so it was like Raptor, then sort of Charlotte AI, the whole exposure management thing that he talked about. And then Falcon IT, which I think is people going to get a lot of interest in that, like show me the laptops that have exposure. And then he talked about the Bionic acquisition, which is show me all the cloud configurations that have exposure. And then he also talked about, I thought this was interesting, he talked about doing distributed scans and being able to utilize their agent to have a wider observation space and eventually he said this is futures in just third-party data. So that's kind of cool. So again, it makes CrowdStrike the place you want to put all your data. It's all about the data, it always is. Cloud guys want your data, CrowdStrike wants your data, of course, because then they can do more with it, they can protect you, they can remediate, prioritize, and act. I thought it was good. I thought the demos were strong, he was very confident. I think he said this was his seventh year there. The crowd was pretty packed. It was bigger today than yesterday when I walked out and turned around. There were people sitting and standing. It's obviously more people came in today. I know the financial analysts came in last night. So they got the FA event, financial analyst event today at 11 o'clock. So that's going to be interesting. They're going to actually unveil the pricing. We talked about it last night in our insights segment, the pricing. And it's going to be interesting to see if they make that available for Falcon Complete. I think they will, but I'm not sure. Maybe they'll stage that out. But you remember, just to reiterate, we think that the Charlotte AI pricing is going to be, you're going to be priced by endpoint, a very low-cost entry point, and then you're going to be able to buy, let's call it bundles of query time. Kind of like t-shirt sizes, like snowflake prices, small, medium, large. So you'll commit to some number of use it or lose it queries, some capacity, and I'm sure you can scale up. Probably can't scale down. You probably got to commit to a minimum. But they also announced this flex pricing, Falcon Flex, where as you get everything and you pay for only what you use and you can swap modules in and out, now I'm sure you're going to have to commit to a one or a three year term and you're going to have to commit to some level of spend, I'm guessing. Maybe you don't have to, but you'll get a much better deal if you do. It's kind of like AWS on demand. If you just swipe your credit card, go to AWS and pay on-demand pricing, you're going to pay through the roof. But if you sign up for a bigger chunk with reserved instances or cost optimizations, let's say for a year or a longer term, you're going to get a better price per drink. And so I'm sure that kind of pricing is going to work. Whatever pricing they do, it's not going to be perfect. It's hard to serve all the all things to all people with pricing, but this Falcon Flex pricing is good. And CrowdStrike has an advantage because they have so many integrated modules. It's not like cul-de-sacs, where you got to rip one out and put a new one in. Or you have to have kind of a manager of managers and sort of this foe veneer interface over everything, but everything underneath is not integrated. At least that's the promise that they state that the architecture is truly integrated. And I believe it, they got good engineering here. And so that allows them to say, all right, turn this one off and turn that one on. Kind of AWS-like. And then we saw, at the end we saw the, they're still going on, but we saw the awards. The customer awards were Mattel and Target. Mattel, the guy from Mattel, the CISO from Mattel stood up yesterday and said, CrowdStrike basically paid for itself. So I was like, all right, he gets an award. Exactly, you kind of saw that coming, right? Right. And then Target, and then the partner of the year they just announced, Daniel Bernard announced it was AWS. Which is interesting, I mean, makes sense. Basically they do a ton of business through AWS. It's their number one cloud partner by far. Microsoft's a big competitor. You know, they were depositioning Microsoft all day. Yeah. Well, there was a funny subtle dig at Microsoft when the logo just came across the screen as they were talking about complexities and vulnerabilities. Explain that to the audience. So let me look at my notes. He was talking about why security is so hard, complexity, cost, catastrophe, vulnerabilities, and then very slowly, and Mike said nothing, the Microsoft logo, the four colored boxes just comes across the screen. So the audience started cracking up. The audience cracks up, and then there were a couple of very intended digs at Microsoft from a patching perspective, but I thought that subtle one was great. Well, they're rapping, I mean, they got a good rap against Microsoft. It's good marketing. They basically would say, you know, Microsoft does patch Tuesday, and they used to say patch Tuesday means hack Wednesday. Now it's patch Tuesday because things are so much more compressed. Patch Tuesday means zero day Tuesday. So all the hackers, you know, can go right away. I would say this, and the other narrative that CrowdStrike uses, which again, I think is very effective, but it's, you know, it's marketing, is good enough, is not good enough in security. Right. Okay, that's again, really good marketing, plants the fud in there, but the reality is good enough is really alluring, especially for a lot of SMBs. Microsoft has a very large security business. It's easy to do business with Microsoft. They have Azure as the flywheel. You kind of add on to your existing collaborative tooling. You're a Microsoft shop. So it's like, yeah, okay, we'll take these tools as well. We talked yesterday that of the 420 or so accounts in the ETR database, there are about 75 to 80% actually are using Microsoft security tools. Now how effective those tools are, how active those tools are, whether or not shelf wear is not clear, but there's a huge overlap there. And my point is, for small and mid-sized businesses, especially, it's very alluring to work with Microsoft. It's very easy. And SMB is a challenging area for CrowdStrike a couple of quarters ago. We saw that they sort of had softness in SMB. We saw they had the partnership with PAX 8. We see they have a partnership with Dell, but these partnerships, they take time to bake. So that is the one area where, CrowdStrike's doing what they have to do to shore that up. But you got to have distribution channels. There's a lot of competition there. You got the MSSPs all participating there, but I like that PAX 8 relationship because that gives CrowdStrike a channel to SMBs through that PAX 8 marketplace. And so it's a big market. But nonetheless, Microsoft has a pain in the neck to companies like CrowdStrike, UiPath, same thing. We'll be there a couple of weeks. Recently, Zscaler and Okta as Microsoft gets into network security and identity. But they're competition because Okta and Zscaler are sponsors of the event. Yeah, yeah, but I'm saying Microsoft. So Microsoft competes with, very directly with CrowdStrike and Endpoint and has for years. And they have identity of course, but recently they announced a new thrust into network security which goes after Zscaler and identity which goes after Okta. So they're expanding their offerings. But it's like George Kurtz said, I don't know when it was. Maybe it was on the earnings call or one of these conferences or maybe it was here. Look, we wake up every day. That's all we do. We have our entire company, our entire R&D budget is aimed at solving security with Microsoft. It's kind of a rounding error in their business. But it's Microsoft. Microsoft is an awesome machine. You just can't ignore them. Well, you mentioned the ecosystem. And we talked yesterday about the ecosystem growing. We had PAX 8 on yesterday with Daniel Bernard. He's coming back on today. So we'll get to dig into the state of the CrowdStrike partner business. What's going on in SMB? What their opportunities are there? We also have Allie Mellon coming on. I know that you don't get to go to the financial analyst session because we're going to be here. But hopefully Allie will be able to come on and validate the crystal ball predictions that you made yesterday. Yeah, I wonder if she's going to go to that. Oh, I'm hoping so. And she got a shout out from Michael Santonis. As he said, Allie Mellon, and I just met her on the phone just to prepping for CrowdStrike Falcon, said she's one of the very few analysts that actually talks about the SecOps experience. And so we're going to talk about that with her. She's got some research on this topic. You know, the SOC analyst experience is something that Mike Santonis was saying needs to improve. We want to help. Allie's going to talk about SOC metrics. So that's going to be really interesting. Of course, we're going to talk about Gen AI. We have to with a forester analyst. Sounds like she's doing some good work in that area. I'm excited to meet her. I am too. We have a great lineup today. We're going to be talking with the ecosystem, with executives, we'll get the state of the business. We'll get really kind of an understanding of professional services. We've got Deloitte on. We've got Dell and Intel on. Going to be talking about some of the great new partnerships that they're doing there with hardware-assisted security. And it's going to be another great day. And I can't wait to see if your crystal ball was right. I know you, it probably was. Oh, I guarantee that's going to be close to what they do. I don't know if the, you know, the devil's in the details, but I mean, the basic concept of charging per endpoint, because that's how CrowdStrike charges. And then they've got to, they've got to price in, you know, they've got to charge for queries. They have to. And I doubt it's just going to be open-ended. There's no way customers are going to just accept open-ended. So they're going to have to give them some kind of small, medium and large way to experiment and get to learn the platform and then adjust. That's necessary. Yeah. What are you looking forward to most today? Say it again. What are you looking forward to most today from all the guests we have on? Let's see. Well, we talked about Ally Mellon. You know, I want to, Daniel Bernards is coming back and I want to ask him more about the go-to market. Because the one thing that I think I missed in my breaking analysis, you know, think about CrowdStrike, the architecture of the single agent, ingest once, use many. Their heritage and AI, we covered that. Their M&A prowess, we definitely covered that. When I put it out on LinkedIn, one of the comments that I got on LinkedIn is, Dave, you missed their other sort of secret weapon, which is their go-to market. And I said, okay, cool. I want to learn more about that. So that's kind of cool. Awesome. Who else we got coming on? We have... Tom Atheridge is coming on. We got Dell and Intel, like you talked about them. We've got a couple of partners. We got Dig Security coming on. CTO of CrowdStrike's coming on. That's going to be good. Yep. Sean Henry. We got Hubble. Hubble, yep. Oh, Elia. Yes. That's him. He's coming on. CTO, he's your CTO. He's going to do the Raptor overview. So that's going to be kind of good. And then Daniel Bernards is going to close it out. There's one other that I want. Oh, Sean Henry is coming on. Yes. Yep. And also the guys from Beyond Identity. My friend Kurt Johnson's coming on. So former IDC colleague. So I'm excited to see him. Excellent. And we're going to have another great day, Dave. I'm looking forward to covering day two, CrowdStrike.com with you. We're happy that you're here with us. We're going to be here all day. You can catch everything on theCube.net. If you missed anything from yesterday, go there. All of our editorial is on siliconangle.com. Stick around. Dave and I will be joined by our first guest who is Tom Atheridge in just a minute.