Sramana Mitra: Let’s click down into the process and talk about what it is that you’re doing for these customers.
Tim Prendergast: If you think about what cloud really is, cloud is programmatically defined infrastructure and services. Instead of people having to sit and click buttons and work through UIs of products, you consume these in a very engineering-centric way where we hook API’s to submit inquiries or to request data. Then we get back a known quantitative result; something that is idempotent. In the public cloud if you look at strictly an Amazon Web Services example, when I say, “Launch an EC2 server on AWS,” I’m basically making a structured data request to their API control plane. That request is being stored.
When that happens at a massive scale like if we have a thousand developers working inside Amazon Web Services, there’s a massive amount of data sitting there in that middle zone, that data is a very important part of your operational strategy. We consume that data through APIs and event streams and we model a security context and a compliance context around it for customers so they can understand as their environment is constantly changing through continuous integration and deployment or even from outside forces like hackers or malicious entities trying to manipulate your infrastructure for profit or gain.
We can rationalize what’s going on and distill that state in the environment back to the person who operates that environment and help them make the best decisions possible around fixing or closing up those security or compliance gaps. A very simple example of this is, if I have a developer who may not be a firewall expert who’s launching machines in a AWS that are publicly accessible, our platform will actually detect those misconfigured firewalls across all the assets where they’ve been deployed and then guide that user back into properly configuring the firewall against unwanted access.
It can also trigger automated remediation where the platform can then trigger a mechanism that can fix it without a human having to intercede. This gives guard rails to organizations that may not have a lot of security expertise.