Videos

Welcome and thank you for joining us today. I'm joined here by John Grady and Gal Yosef. And today we're going to discuss a few of the findings in our recent e-book focused on convergence. John, if you don't mind kicking us off and introducing yourself. Yeah, sure. Thank you. Appreciate you having me here. So my name is John Grady. I'm a Principal Analyst with the Enterprise Strategy Group. And so he's a clear. And so stay, and R methane. Prov Batman clients. Soгрos Whitney the episode. And so prima p...and this year. Von summer. Flewlak to see that are occurring. UNF trucs. And you have� phosphorus. years beyond that 24-month time frame, it's not going to go down to zero. And so this hybrid environment in reality is going to persist for the foreseeable future. And that's really only part of it because the other side is multi-cloud. It's not like you just have AWS and your on-premises environment. You have multiple regions within that cloud provider and then realistically multiple cloud providers. Only 14% of the organizations that we spoke to were standardized on a single CSP, 43% used three or more. And that can be either a very specific, purposeful decision to do that, or it can just be due to sprawl over time, either acquiring companies that are using different providers, using more of a self-service model and maybe IT not having fully walked down some of those providers, any being a little more open to what their lines of business go out and use. So it can look very different kind of beneath the surface, but the main point here is that hybrid multi-cloud is a reality for almost every enterprise at this point. Amazing. And Gal, what are you seeing across our customer base when you speak with them? I think that we definitely see the transition more and more of application into the cloud. But it's so we have a mass transition into the cloud. So I think that we can expect over the next couple of years, to see the 50-50 split that John mentioned going on the cloud side of things. But then once we're in the cloud, now there are different aspects to how we run those applications, right? Because most of those applications, even if they are deployed in the cloud, we will still need to be able to access the on-premises in one way or another. And we see that mesh, as we call it. And it's a triangle of three pieces. There is the cloud, there is the multi-cloud, and there is the on-prem. And we see the hybrid or the application really live in that hybrid space. So we can see, or it's very common that we see a customer reaching out and saying, hey, I have an application that runs on one cloud or public cloud provider, needs to access another cloud provider, and then go to the on-premises and vice versa. So we see that mesh and evolve evolution of those applications, which really touch the hybrid network connectivity all across the board from the application perspective. And we see more and more of our customers approaching that from various reasons, from security, compliance, and so on. And we are able basically to provide an holistic view for all of that. Amazing. And from my standpoint, when I'm solutioning and working with our customers, one thing has really jumped out at me is that you play things back 24, 36 months, many, many customers were jumping into the cloud and looking for different ways to, not only automate moving to the cloud, but secure everything around it. But I've seen many of them move back, move into multi-cloud. And a lot of that is being driven by different considerations. Cost, as well as wanting to leverage the clouds for, quite frankly, what they're good at, right? Each cloud provider, GCP, Azure, AWS, the list goes on, really has their own stance on different pieces of functionality, and they have best of breed in certain areas. And so clients are demanding more and more to be able to use multi-cloud, to leverage those best of breed functions in each cloud provider to support the different functionality they're trying to deliver in all of these applications that are being enabled for the business. But that being said, when you end up in these multi-cloud scenarios, and we see it all the time when we're solutioning for customers, your attack surface is increasing exponentially, right? You've got all kinds of hairpinning connectivity back and forth to and from the data center, cross-cloud, and all of that creates more complexity, which breeds, vulnerabilities, vulnerabilities, and attack surface to be exploited. So I'm interested, you know, from your standpoint, John, when you did the research and you looked at things, were security teams sharing some of the specific struggles that they were finding protecting these environments? And are they actually making headway in doing that? Yeah, and just one quick comment on your last point before I share some of the challenges security teams cited. I think your point about some workloads moving back from the cloud and then moving into different cloud, and AI is going to be a good point. And I think that's going to be a massive driver of that as organizations are looking to build out inferencing models and move compute more to the edge and some of those models to the edge. There's going to be a fundamental kind of rethinking of infrastructure that's just going to, I think, continue to kind of accelerate some of the changes we were talking about. So it's a really good point on your part. As far as some of the challenges that organizations cite specifically with hybrid cloud infrastructure, you can kind of boil these down as a little bit of a long list, but into a few different ways. So, you know, one is the fact that security responsibility has really become democratized throughout the organization. It's not just the security team, but the IT organization, teams, communication developers, everyone really has to have a role in ensuring security because things are moving so quickly and there's a lot of responsibility just in terms of, you know, bringing up infrastructure and deploying apps, you know, maybe outside of the security security teams, security teams, security teams, and security teams, and security teams, and security teams, and security can't be seen as a bottleneck. And so, you know, ensuring that security doesn't slow things down, you know, it took a while, I think, for security teams to wrap their head around that, but they're very much aware and it's on their their list of concerns at this point. So, you know, collaboration, you know, enabling secure migration, aspects like that. On the security side itself, you know, that whole phenomenon we're talking about in terms of, you know, kind of distributed hybrid multi-cloud consistency, both in terms of visibility and policies, especially as you get into what Gall is talking about in true hybrid multi-cloud apps, not just environments, but applications being, you know, kind of, you know, kind of broken up and split across different aspects of the environment, ensuring that policies can kind of be written once and pushed consistently becomes really important. There's compliance impacts as that becomes a reality, and so ensuring that that's not an overly burdensome process is really important. And then the result of all of that is often tool fragmentation and having too many tools that are too siloed, so trying to kind of bring things together from a tool perspective is an ongoing challenge and something security teams are trying to solve for. So what I think is interesting is kind of set those up as challenges, and then there's a bit of a so what or what's the impact kind of next question. And our research found that 43% of the organizations we spoke to said they had experienced an attack on their public cloud infrastructure. So the so what is, well, these are the challenges, and it's actually having a pretty significant impact. And you can see a lot of the different types of attacks that were that were seen. And there's a couple that I think really highlight how these issues are coming to the surface. And the first one is the top answer response. Now we're moving laterally from other parts of the environment, bringing up that consistency issue and kind of sprawl, whether it's from on premises, the cloud or from one cloud provider to another, as those applications become more distributed, that's a massive problem. And then a couple of the other ones are really what I would consider unforced errors. So exploiting misconfigurations, exploiting open ports, unauthorized access by internal users, there's so much to keep track of in that type of environment that folks are still struggling with kind of closing those doors. To say nothing of the sophisticated attacks, which are still a problem. But if we can kind of fix the foundation, we have more resources to deal with the next gen type stuff. Yeah, it's really interesting. I took a look at the content in the ebook, and it's amazing to me, you know, as this complexity grows, a lot of the mistakes of the past are just unfortunately being repeated, right? There needs to be a renewed focus, in my opinion, on just fundamental hygiene and things like that to make sure these environments are kept secure. And Gal, I think you're seeing the same thing. Maybe you could share a little bit. Yes, I think that the fact that what we are seeing is more and more integration across platforms, which in one way gives us that agility and the ability to achieve a lot more and be kind of like on the edge technology. But then on the other end, it opens up a lot of risk into that. And there's a very big question on how can we mitigate that? How can we ensure that there isn't any kind of like an attack path into that? And you touched that also, both of you actually touched that as well. I think that there is one need to provide agility in that transition. There is one need to provide balancing performance in that transition. There is need to be able to achieve a lot more within each one of the vendors and its own specialty. So, you know, you can go with AWS or GCP or Azure, you name it. And each one of them are stronger and different aspects, which the organization and our customers want to leverage it all. But it opens a huge challenge for the security side of things that they need to be able to provide that sort of guardrails around that, that that helps them to automate that and make sure they are secure and in compliance. So I think that that's something that we really see on the cost of the board. And the question is really how are we able to provide the boundaries around that to ensure that there is compliance in place, security in place, that we're able to detect that. And John, I'll touch also your AI question or item that you mentioned earlier. AI is a huge thing and it opens a lot of, you know, different use cases. pieces on how you can leverage that. You want to make sure that the AI itself is also a secure platform and the way that it's being utilized is secure as well. But then also you want to make sure that you're advancing and taking that to the next step in terms of the AI, you know, being able to prioritize on real time threat detection or providing you some sort of anomaly monitoring and things of that nature. So there is a lot into that as well. Yeah, I spent a lot of time as you guys might think, you know, solutioning and working with customers on what, what the type of automation and risk management, auto compliance solutions that AlgoSec is going to deliver look like for our customers. And something, you know, I share all the time is the moment you start moving into the cloud, becoming more and more segmented, either single cloud or multi-cloud, as we've been discussing, you're exponentially growing the sheer number of policies that need to be managed and secured and understood. And this is where it can very easily become a situation where bad practices that you were running in your environment with thousands of policies become even worse when it's tens of thousands or hundreds of thousands of unique policies that need to be managed and thoughtfully secured as you're moving back and forth or intra the cloud infrastructure. And just to continue on the AI theme, right, when we, you know, look at this, lateral movement was the number one. And when we think about things like MCP protocol, which is really just agents talking about, talking to one another wrapped up inside of HTTPS protocol, I think that's going to be quite a concern for a lot of clients that don't necessarily have well-segmented, well-secured environments because the agents are just going to run wild talking to one another and segmentation is going to have to become a really, really renewed focus when you talk about clamping down on what's talking to what and reducing those data exfiltration opportunities. The agentic question, it's just amazing to me how quickly we've moved from, you know, Gen AI at RSA last year to now agents and, you know, the number of startups that are already kind of getting started, you know, building agents. I was at a conference the week before last and agentic AI was the main theme, even though it was a general kind of security and infrastructure event. We, we're not ready to secure it, but your point about segmentation and, I mean, we're still trying to kind of figure out how NPC is going to work. You know, identity is going to be really important. Segment, the network aspect, I think, is underappreciated. So, I'm glad you brought that up because segmentation is going to be even more important in how you kind of delineate, you know, what those agents can do. We still haven't come to grips with kind of automation in terms of a lot of the core things that we do. So, I, it's going to move super fast. I'm not trying to downplay it, but I do, I do wonder how it kind of manifests how quickly in terms of full automation. I think we're still going to have human in the loop for, for a while just because of the comfort level. But the risk is going to exponentially grow, even with that being the case. And it's, I don't know, it's, it's, it's just such a super interesting topic that we really don't have an idea where it's going to go yet. Yeah, I know, I know AI wasn't the theme of the, the ebook, but again, I'm, I'm seeing kind of a similar experience to what you're seeing. And several of the large enterprises that I've been working with lately have these tactical teams separate, carved out from network, from security, from cloud teams about how they're going to leverage AI across any kind of data set in the enterprise that they can get their hands on. And I think what you're going to see to your point is it's going to run at a very different pace than folks are used to operating at, touching a lot of data, moving over networks. That folks just aren't used to. And what the AI can deliver on top of that infrastructure is going to astound people, I think. And not to belabor the point, because you're right, it wasn't the topic, but we're talking about kind of the changing infrastructure. And I think that that topic, AI, agendic AI, just kind of continues to build on everything that we're talking about here with hybrid multi-cloud. It continues to look different. So that's, I think, why we're, we're kind of harping on it. Yeah, no, very much so. Oh, go ahead, Gal. I just want to say, and if I take it to our world and, you know, meeting with CISOs and listening and listening to the question that they ask of, you know, how AI can make you a lot more efficient, how I can ensure that I still, you know, running it, but in a secure way. And how can I make that a lot more automated and implement that into the different areas of the use cases and things of that nature. The main thing that they're looking at, please, from my perspective on AI is how can I run now 20 times, 30 times, 50 times faster, but then maintain the level of security, maintain the level of agility or not, or even increasing the level of agility using those kinds of tools. And I think it really is, it's incredible where it can shift us over. And it's, it's another fuel to, to, to the incentive to automate and make things a lot more efficient, a lot more automated and maintaining the guardrails around that all the time. Yeah. And, you know, obviously this all dovetails off something else that I found very interesting in the ebook was this idea of organizational structure and how it plays a part in, in what's going on in the cloud. And me personally, I mean, we've talked a lot about a convergence in the technology, right? Customers converging on multi-cloud, single cloud, what hybrid is going to look like. But I've noticed in particular, a big convergence happening in the teams. You know, you look back again over the last 18, 24 months, and there was a cloud team and an on-prem network security team. And in my experience, in some of the leading enterprises in the world, these teams are starting to converge and you've got singular teams managing the infrastructure. Again, very interested, John, on what you found in the research. Yeah. I see very much the, that same trend with convergence across a lot of different teams. And we've seen a lot of kind of different forcing functions for this that just have responsibility distributed across different parts of the org, zero trust, talked about application security, which is kind of relevant to what we're talking about now, security and networking cloud, where it's kind of multi-domain. So I think the good news is most organizations are, you know, on some level trying to solve for this organization. Where they understand that it's not just a technology issue. And so, you know, what we asked were kind of some of the key priorities to help improve organizational collaboration, excuse me, alignment. And they're really a mix of kind of strategic and tactical aspects. So on the tactical side of things, just improving workflows for collaborative processes as you have kind of responsibilities split across across different groups, making sure that you're kind of, you know, you know, building that into your processes to make sure that they're working efficiently and effectively. As, as well as, you know, increasing just the frequency these teams are meeting and collaborating. I mean, this goes back to even, you know, AppSec with, you know, DevOps and DevSecOps, which I know can be kind of a third real term, but that type of phenomenon, making sure security has a seat at the table. So you kind of get those in place at a tactical level, but strategically, there's still this idea of aligning to similar business goals. I mean, I think one of the issues is these teams have been typically, you know, judged, compensated, measured on very different goals. Everything outside of IT, it's kind of pace of innovation, revenue, how you're enabling the business. Security historically has been more focused on, you know, limiting incidents, preventing breaches. And there, there has to be kind of a cross pollination there. Security needs to also share some of the responsibility for enabling the business, but doing so securely. And then non-security teams need to be charged with kind of protecting the infrastructure. So that comes down to, I said, you know, goals, KPIs, making sure those are aligned. And this can take different forms, as I said, some of it's just formalizing collaboration, you know, through existing teams. Some of it's through a center of excellence model, which we saw with clouding. We've seen zero trust. We've seen zero trust. And then some of it's, you know, really breaking down silos and creating hybrid roles that kind of have dotted line responsibility. So there's not necessarily a right answer here. But I think it's refreshing to see that folks are so focused on this because it's really a foundational aspect. Yeah, in my experience, it would probably surprise everybody how many organizations I've spoken with and talked to. And, and when there was an urgent move to cloud, it was a separate team that just ran wild. And, and the horse really left the barn because what was stood up there wasn't necessarily done in the most secure way from day one, given the urgency and the need to drive the business forward. And now, you know, the clocks run out and, and folks need to come back and look at this, understand it, just gain fundamental observability into what's been built and what it looks like. And whole different teams now that this organizational convergence has taken place, have been tasked with needing to secure it. And then find ongoing ways to bake processes in to do it to, to put security at the front of the process. And there is a, in my mind, huge demand for a single pane of glass, even though that's a marketing term that can see across all of this and bring that visibility. Gal, again, you know, tying that together, what does that look like from your angle? Yeah. So I'm actually thinking about a workshop. We will run with one of our customers and they reach out asking, you know, we are mashing and merging those teams. We used to have the cloud team. We used to have the network team. We are now shifting over the responsibilities and we are having the network team a lot more engaged with, with the cloud side of things. And the cloud side is also engaged now with the on-prem. And what's the platform. And what's the best way to, to, to, to operate that and, and, and, and, and to get that into a lot more efficient workflow between the teams, to improve the communication between the teams, to shift all some of those responsibilities and things of that. And that's really how we approach it with our horizon capabilities, providing an autocorstable, as you said, a single plane of glass of, that really allows you to, to, to leverage for any kind of those teams that have their own, their own KPIs and goals and whatnot, but they're able to take that and, and use that in different aspects within the horizon capabilities. So they can go from the application perspective, they can drill down to the firewall perspective. And, and we really provide that all the cause of the ball. Um, and we see a lot of our customers that are going through that transition or even post the transition, reaching out and asking what's the most efficient way to utilize it that really helps them change, um, from, from an organizational perspective, the way that they operate on the day to day in, in a way that also match and, and mash with, with, uh, with, with our capabilities and our ability to really take it to the next step. Yeah. I think the way you just described it there was excellent. It's, it's, it's really interesting. Obviously, as you might imagine, I spent a lot of time talking to our customers and I try and begin every discussion that provides an overview of what we really do at Algosec, uh, with an application. And, and some folks will stop me and ask, you know, why are you talking about application? I want to talk about cloud today. I want to talk about multi-cloud and I have to ask them why, why are you moving to the cloud? What's driving the need for multi-cloud? Uh, why are you ending up with network architectures designed this way? And it's, it's the application. And so, you know, I spent a lot of time sharing, you know, we really look at the application as the hypervisor in many respects to the network. That application can live anywhere. Um, and that's really what we need to be focused on, on securing, uh, because that's going to pivot and be dynamic over time. What that application is today is not what it's going to be. Um, 60 days from now or six years from now, if it's still living and breathing and serving the business. And so that's, I think one key area also where I encourage customers to coalesce their teams, right? That connectivity, uh, can be what coalesces these teams. Um, you know, with all that mind, uh, again, diving into the details of what you put together in the ebook, John, it was interesting to see that teams are focused on different capabilities and different thoughts. Now that they're converging into more, uh, teams that can see across all of this. And I was really interested in the findings. Maybe you can share a little bit. Yeah. So essentially we wanted to understand, okay, you said, uh, your environment is much more complex. It's, it's hybrid multi-cloud. You have all these challenges you're, you're seeing, um, you know, attacks, you know, what are you looking for, uh, kind of at a high level in terms of capabilities for tools that are going to help you secure, uh, you know, the, the environment. And this is a long list and I won't go through all of them because there's some, you know, foundational elements in terms of different types of threat prevention and so on. But I wanted to focus on, um, you know, some aspects to kind of enable some of what we've been talking about and, and address some of those challenges specifically. So near the top of the list was integration with cloud automation tools. So, you know, if we think about kind of the different teams and how different teams work, um, you know, cloud and application teams are, are using a lot of automation. Uh, infrastructures, code, terraform aspects like that. And so it only makes sense for security tool kind of plug into that to make sure that security is deployed as the infrastructure is, um, to help close some of those gaps that, that we talked about. Centralized management was really important. Kyle, you mentioned kind of single pane of glass, um, whatever you want to call it, the idea that, you know, and I mentioned earlier kind of policy consistency, but that you're writing it once and you're kind of pushing it everywhere. Obviously with, with some of the, the specific specifics for the environment taken into account, um, but kind of policy that's kind of, you know, based on business intent and things like that. Um, so you don't have to go from, from screen to screen or console to console. You mentioned segmentation and kind of the next level of that is, is your trust. Um, you know, this has become just a fundamental aspect of cybersecurity at this point. So, um, supporting those types of tenants to ensure that, um, you know, least privilege access is enforced. And entities can only communicate with, uh, what they're, you know, what they need to, to, to complete their function or perform their function, uh, is, is really important. Um, and then from a policy perspective, kind of asset discovery from, you know, a workload perspective, understanding what's there, uh, and then, you know, policy recommendations and configurations are seeing more and more interest in this. We talked about automation earlier. This is kind of the first step, um, you know, you have, this is my environment. This, this new workload came online based on what it is. Give me a recommendation for what the policy policy should be. I'm still going to check it. Um, and you know, maybe there's some aspect that's incorrect, but it's a starting point. And, uh, and that, you know, again, helps close gaps, helps improve efficiency. Um, and, and that's really critical. So there's a lot of other things on this list, but those were some of the ones that really stood out to me as most important specifically to address the challenges of organizations. Yeah. You know, gal looking at this list, I see many different things that, that algo sec can, can handle in different places in the horizon platform you were talking about, particularly when we think about the end to end intelligent automation, uh, that we talk about because, you know, pushing a rule is just the tip of the iceberg. You have to know where you have to know if you should from a, from a security posture standpoint, um, interested in, in, in where you think some of these, uh, these capabilities line up with what you're thinking about from a product standpoint. So again, I think that it's, it's a matter of the agility and the boundaries that a customer wants to define. Uh, and then I'll give a good example. When we're looking on the cloud and we're looking in the PPC spaces and things like that, we want to allow a lot more, uh, agility for, for the end user, for the app owner to run a lot faster in a skew way. But then we're, we want to be able to, you know, to have some sort of like a firewall in the way that we're, uh, tightening up a little bit the policies and things of that nature. And, and, and all of that is really covering from the automation perspective of how we are able to do that across the board in an automated way that gives you different level of agility, the agility is across the way, uh, to secure in, in the right way. Uh, one way, one side is the, the business continuity. And on the other way is really the, the risk and compliance side of things and, and ensuring that everything is in the right secure way. So that's the balance that the automation pieces is tightening up, uh, you know, all across the board around that. Yeah. You know, looking at this data, uh, if there's one thing that jumps out at me personally, it's, it's the idea of centralized management for both IaaS and on-premise firewalls. This is something, uh, that we're seeing everywhere. At least I am, uh, you know, a lot of these new. Yeah. And again, it, it ties up also the last point that we discussed, you know, that, that, the, the converge of those teams, the fact that they are now in that height with space also increased their need to be able to have a centralized management. And, and, and, and, and customers want to run best of breed technology and all of these, right? It may mean injecting a very high end third-party firewall into that cloud infrastructure and mixing the cloud native with the third-party firewall and technology. Go ahead, John. Yeah. Sorry to jump out. I was just going to say, we didn't show, you know, this data, but we found that organizations are still using, you know, multiple different firewall providers in terms of, you know, native security vendors and then the CSPs themselves. Um, so when we talk about, uh, management for on-prem and infrastructure as a service, it's not even across one vendor, it's across multiple vendors. Everyone wants to consolidate their firewall footprint. It's a lot harder to do. It's a, it's, it's a great idea, but in many cases it's unrealistic. So, you know, how do you solve for that? Uh, if you, if you can centrally manage, uh, those different firewalls, that's at least one step in the right direction. Yeah. We've seen, in my experience, customers, uh, struggling, uh, to do that for years and years and years. And again, because of the complexity, it's, it's something that they continue, uh, to need assistance with. And, um, you know, that being said, uh, I couldn't agree more with all these findings, uh, John Gallany parting words as we go, uh, and wrap things up both on the, the data, uh, in the ebook or any of your own experience with, with folks you're talking to. Yeah, I can, I can start. Uh, you know, I think the organizational aspect is on, as we said, underappreciated. So one piece of it, and this popped in my head as, as Gall was speaking, piece of advice I, I provided, um, when I was doing a lot of work around zero trust and folks were trying to kind of get that initiative underway was to look for vendors that had kind of a point of view outside of just their technology and could kind of help from a trusted advisor. and, and directional perspective outside of just the tech. And I think that's important here as well in terms of, you know, how can I use technology to enable what I'm trying to do organizationally? Do you have any best practices you can share in terms of how to set up my team? And so, you know, it sounded like I was doing that from that workshop perspective in terms of, um, best practices, you know, coupled with the use of, of the platform. And I just think that's really important, uh, from a partnership perspective, looking at vendors to, to work with. Amazing. Cal? Uh, I think that, you know, the, the, the report covers a lot of what we see, um, in the, in the field for my customers and, and what they are asking. And also from a product perspective, what is the strategy when we are looking on what is the core valuable position that we can provide to our customers within the centralized management, within their realizing capabilities. And it really covers all of that and everything that we discussed today and our ability to address and increase significantly the developer position in terms of the security side, the, the multi-cloud side of things, the, the hybrid network connectivity, the application perspective, of course, the automation, and all of that ties up into this, um, um, conversion, if you will, in, into the new phase of, of the hybrid network connectivity, all across the board. So it really, um, um, it's what we see out there and it's what our customers are asking for, um, demanding for, and, and, and, and what we are promoting to, to, to provide and ensure that the valuable position that they are getting out of the horizon capability that is really at the edge technology. Yeah. John, you touched on something that is so relevant to what I do every day, uh, you know, working with our customers designing solutions. It's so much about not only introducing technology that can provide these types of capabilities, but also taking a step back as you're going through this convergence and saying, okay, how can we look at the processes? How can we, um, do things more efficiently, not take these legacy processes and apply them to really what is an entirely new paradigm, uh, and trying to modernize. Well, gentlemen, I thought this discussion was great. Really appreciate you talking, taking the time. And John, uh, of course, for all your, your hard work and research, uh, on the ebook, uh, looking forward to maybe doing this again sometime. Absolutely. Thank you very much. Thank you very much, guys. Thank you very much. Have a good day.