Artwork for podcast Modern Digital Business
Cloud-Native Observability with Bruno Kurtic, Sumo Logic
Episode 127th November 2022 • Modern Digital Business • Lee Atchison
00:00:00 00:35:09

Share Episode

Shownotes

Operating a modern digital business means building and operating large, highly-scaled applications that are more and more cloud-native in their architecture and implementation. Observability is critical in maintaining the highly scaled, highly available, highly adaptive nature of these modern cloud-native applications. You just can't keep a large, complex, modern application operating without having a solid, modern observability platform as part of your system. And ideally, in today's cloud-native market, you want an observability platform that is based on cloud-native technologies.

Sumo Logic is a leader in cloud-native observability. They not only focus on providing analytics for cloud-native applications, but they themselves also operate on a cloud-native platform. And while Sumo Logic provides tools for improving application reliability and availability, what really sets them apart is their focus on security and compliance in a cloud-native environment.

Bruno Kurtic, founding Chief Strategy Officer for Sumo Logic, today on Modern Digital Business.

Useful Links

About Lee

Lee Atchison is a software architect, author, public speaker, and recognized thought leader on cloud computing and application modernization. His most recent book, Architecting for Scale (O’Reilly Media), is an essential resource for technical teams looking to maintain high availability and manage risk in their cloud environments. Lee has been widely quoted in multiple technology publications, including InfoWorld, Diginomica, IT Brief, Programmable Web, CIO Review, and DZone, and has been a featured speaker at events across the globe.

Take a look at Lee's many books, courses, and articles by going to leeatchison.com.

Looking to modernize your application organization?

Check out Architecting for Scale. Currently in it's second edition, this book, written by Lee Atchison, and published by O'Reilly Media, will help you build high scale, highly available web applications, or modernize your existing applications. Check it out! Available in paperback or on Kindle from Amazon.com or other retailers.


Don't Miss Out!

Subscribe here to catch each new episode as it becomes available.

Want more from Lee? Click here to sign up for our newsletter. You'll receive information about new episodes, new articles, new books and courses from Lee. Don't worry, we won't send you spam and you can unsubscribe at any time.

Mentioned in this episode:

LinkedIn Learning Courses

Are you looking to become an architect? Or perhaps are you looking to learn how to drive your organization towards better utilization of the cloud? Are you you looking for ways to help you utilize a Cloud Center of Excellence in your organization? I have a whole series of cloud and architecture courses available on LinkedIn Learning. For more information, please go to leeatchison.com/courses or mdb.fm/courses.

LinkedIn Learning Courses

Are you looking to become an architect? Or perhaps are you looking to learn how to drive your organization towards better utilization of the cloud? Are you you looking for ways to help you utilize a Cloud Center of Excellence in your organization? I have a whole series of cloud and architecture courses available on LinkedIn Learning. For more information, please go to leeatchison.com/courses or mdb.fm/courses.

Architecting for Scale

What does it take to operate a modern organization running a modern digital application? Read more in my O’Reilly Media book Architecting for Scale, now in its second edition. Go to: leeatchison.com/books or mdb.fm/afs.

Transcripts

Lee:

Operating a modern digital business means building and operating large,

Lee:

highly scaled applications that are more and more cloud-native in their

Lee:

architecture and implementation.

Lee:

Observability is critical in maintaining the highly scaled, highly available,

Lee:

highly adaptive nature of these modern cloud-native applications.

Lee:

You just can't keep a large, complex, modern application operating without

Lee:

having a solid, modern observability platform as part of your system.

Lee:

And ideally, in today's cloud-native market, you want an observability

Lee:

platform that is itself based on cloud-native technologies.

Lee:

Today I will talk with the founder of such a cloud-native platform.

Lee:

Are you ready?

Lee:

Let's go.

Lee:

Sumo Logic is a leader in cloud-native observability.

Lee:

They not only focus on providing analytics for cloud-native

Lee:

applications, they themselves operate on the cloud native platform.

Lee:

And while Sumo Logic provides tools for improving application reliability and

Lee:

availability, What really sets them apart in my mind, is their focus on security and

Lee:

compliance in a cloud-native environment.

Lee:

My guest today is Bruno Kurtic.

Lee:

Bruno is the founding Chief Strategy Officer for Sumo Logic.

Lee:

Bruno, welcome to Modern Digital Business.

Bruno Kurtic:

Thank you.

Bruno Kurtic:

It's a pleasure to be here.

Lee:

Well, so Sumo Logic, it appears, has a, I guess what I

Lee:

would call a multidimensional approach to observability.

Lee:

You do infrastructure monitoring, log monitoring, uh, you know,

Lee:

traditional application performance monitoring, and then you get into

Lee:

security and audit compliance, and even software lifecycle optimization.

Lee:

If you had to point a one thing that is the core key differentiator for

Lee:

Sumo, what would that one thing be?

Bruno Kurtic:

Well, it's a single platform that is all based on our

Bruno Kurtic:

strength in handling, highly scaled.

Bruno Kurtic:

Um, unstructured log data, right?

Bruno Kurtic:

It's the output of most of this infrastructure and applications.

Bruno Kurtic:

And we've, over the last 12 years, really spent a lot of effort on

Bruno Kurtic:

making sure we can handle that data at scale, uh, as it bursts that we

Bruno Kurtic:

can find schema and structure in the unstructured data and really kind of,

Bruno Kurtic:

um, put a lot of analytic rigor on digging up insights inside of this

Bruno Kurtic:

highly scaled, unstructured data that.

Bruno Kurtic:

Generally hard to analyze.

Lee:

So it's the platform approach to Observability.

Bruno Kurtic:

It is, and it's the logs and the unstructured, uh, data

Bruno Kurtic:

that we process through the log management system that we built.

Lee:

Okay.

Lee:

So it's, it's not just the structured analytical data, it's unstructured

Lee:

log data and the importance of, uh, of relating all that.

Lee:

And I'm, and I'm assuming, um, the processing of that

Lee:

includes, uh, AI machine learning capabilities that you go into it.

Lee:

Do you wanna talk about that

Bruno Kurtic:

It ,it absolutely does.

Bruno Kurtic:

Yeah.

Bruno Kurtic:

Um, there's, there's a lot of techniques that, that we've built.

Bruno Kurtic:

To make that log data and unstructured data to life for our customers, right?

Bruno Kurtic:

As because that data is growing at the rate of Moore's law, meaning it's, it's

Bruno Kurtic:

growing faster than budget, it's growing faster than than companies revenues.

Bruno Kurtic:

So coping with it and finding insights that it's critical.

Bruno Kurtic:

So we've applied a lot of techniques to that.

Bruno Kurtic:

Number one is we apply machine learning and AI to this data.

Bruno Kurtic:

Uh, our approach to that is very much of black box.

Bruno Kurtic:

We, we built algorithms.

Bruno Kurtic:

Highly focused and specially tuned for specific use cases.

Bruno Kurtic:

They work on behalf of our customers.

Bruno Kurtic:

They discover anomalies, patterns, outliers, perform predictive analytics

Bruno Kurtic:

and all these things the hood without our customer setting to know anything

Bruno Kurtic:

about machine learning, right?

Bruno Kurtic:

So the engine works on behalf of the customer without the customer having

Bruno Kurtic:

to science teams working with it.

Bruno Kurtic:

So that's, that's number one.

Bruno Kurtic:

And number two that we are building.

Bruno Kurtic:

Techniques around these analytics, for example, able to take fully unstructured

Bruno Kurtic:

data without knowing anything about it.

Bruno Kurtic:

Ingested into the system apply schema on demand, meaning we don't

Bruno Kurtic:

have to know what the data is.

Bruno Kurtic:

We can extract schema at, at query time and perform all of the required analytics

Bruno Kurtic:

as if we re as if we knew the schema ahead of time, which is super difficult to do.

Bruno Kurtic:

And it is really important in a, in a world.

Bruno Kurtic:

Agile teams ship new code and new data into production every hour of the

Bruno Kurtic:

day, and you cannot rely on knowing what the schema is ahead of time.

Bruno Kurtic:

So that's another technique that's very unique and important

Bruno Kurtic:

in this, in this, in this space.

Lee:

Did I hear you say at query time, you actually apply the schema changes.

Lee:

this is all, all done based on the, the request from a given user looking

Lee:

for a specific pattern or whatever.

Lee:

And in data they, they give you a query, and from that query you

Lee:

deduce a schema on your unstructured.

Lee:

And then process through that query.

Bruno Kurtic:

Exactly.

Bruno Kurtic:

Automatically discover schema and, and we also allow customers to specify,

Bruno Kurtic:

Hey, I wanna look at these fields.

Bruno Kurtic:

I wanna extract them, you know, specifically these,

Bruno Kurtic:

or we can extract them.

Lee:

What about alerting is, so this is, that's great for, for, uh, analysis

Lee:

by a human, asking questions upon the data representing what's the, the

Lee:

application going is going through.

Lee:

But what about alerting and, and the non-monitored or the non-human

Lee:

monitored aspect of observability?

Bruno Kurtic:

Yep.

Bruno Kurtic:

So, you know, look, um, alerting is a huge use case for us.

Bruno Kurtic:

Um, we alert on all types of telemetry, you know, traces, um,

Bruno Kurtic:

metrics and logs, obviously, right?

Bruno Kurtic:

Logs are the big, big part of what we alert on.

Bruno Kurtic:

So we alert on all kinds of different, um, uh, conditions, right?

Bruno Kurtic:

So, A general purpose alerting system that can basically do basic aggregations

Bruno Kurtic:

and say, okay, if a specific user fails, log in more than x times within,

Bruno Kurtic:

you know, a set period, you alert.

Bruno Kurtic:

Right?

Bruno Kurtic:

And we extract that schema as the alert is being evaluated.

Bruno Kurtic:

We also, those will be sort of simple alerts, but then we've got also.

Bruno Kurtic:

So unknown, unknown type of alerts where we're detecting, Okay,

Bruno Kurtic:

we have a whole new pattern.

Bruno Kurtic:

We detected, we've never seen this pattern.

Bruno Kurtic:

You probably want to know about this pattern.

Bruno Kurtic:

Right?

Bruno Kurtic:

Something so much more sophisticated.

Bruno Kurtic:

Security style, threat detection type of alert.

Bruno Kurtic:

That we apply.

Bruno Kurtic:

And for those, we either extract schema on ingest, or we extract schema on

Bruno Kurtic:

demand as as, uh, the data is coming in,

Lee:

So now your, your focus is cloud native applications, is that correct?

Lee:

I mean, it's obviously these strategies can work for all types

Lee:

of applications, but you focus on cloud native a applications.

Lee:

Tell me what that means to you.

Bruno Kurtic:

In any industry, you win by innovating faster.

Bruno Kurtic:

Agile is a way to innovate faster, and if you're gonna build software in

Bruno Kurtic:

a much at a much faster rate, there are things downstream that facilitate.

Bruno Kurtic:

For example, when you build software and you change it every hour of every day,

Bruno Kurtic:

you probably want to be able to change your hardware at a similar rate of.

Bruno Kurtic:

You can't do that in a data center, right?

Bruno Kurtic:

So in the cloud you essentially, it's not all about cost and you know, separating

Bruno Kurtic:

yourself from managing infrastructure.

Bruno Kurtic:

It's about evolving your hardware.

Bruno Kurtic:

At the rate you're evolving software.

Bruno Kurtic:

Then the architecture that evolved with that is the microservices architecture.

Bruno Kurtic:

Because you de componentize the software, it allows you to sort of upgrade and

Bruno Kurtic:

build and push the production much faster.

Bruno Kurtic:

And all of these things are designed to accelerate the the rate

Bruno Kurtic:

of innovation when this happens.

Bruno Kurtic:

We are breaking down the number of components we're getting, you know, order.

Bruno Kurtic:

Couple of orders of magnitude, more components.

Bruno Kurtic:

Components are more ephemeral.

Bruno Kurtic:

You know, you go from servers and virtual machines to containers and serverless

Bruno Kurtic:

functions, Uh, microservices, many more sort of code, um, uh, containers

Bruno Kurtic:

that, that than in the previous three tier or multi-tier applications, which

Bruno Kurtic:

means that there's far more vari.

Bruno Kurtic:

Many, many more components to keep track of scale, um, is much

Bruno Kurtic:

more sort of, um, elastic, right?

Bruno Kurtic:

So

Bruno Kurtic:

being able to monitor these components to be able to adapt yourself to

Bruno Kurtic:

scaling the of these applications is very different behavior than, than

Bruno Kurtic:

what you see in the data center.

Bruno Kurtic:

And so for that new techniques had to evolve, had to be.

Bruno Kurtic:

Our own application had to be different and more scalable and more integrated

Bruno Kurtic:

into the cloud stacks, more aware of these components, and that is why we

Bruno Kurtic:

focused on the cloud native application.

Bruno Kurtic:

And we do believe that, that it requires very, very different tooling

Bruno Kurtic:

and technology for observability.

Lee:

And I completely agree with you.

Lee:

You're, you're speaking to the choir a little bit here when, uh, when you talk

Lee:

about that, I've, I've spoken a lot about, uh, the, what I call the dynamic

Lee:

cloud, which is basically the, the aspect that your application is changing

Lee:

not only software, but hardware and hardware's constantly changing, constantly

Lee:

involving, and that makes observability more difficult and actually more central.

Lee:

It's so, so much more critical.

Lee:

You know, the, you know, people who are afraid of Agile are afraid of, well, how,

Lee:

how, how can you make a change so fast?

Lee:

How do you know, how, you know, what happens to your application that

Lee:

says, Well, the answer is you, you watch it, you pay attention to it.

Lee:

And you have software that does that.

Lee:

And that's a critical aspect about Agile or, and a critical aspect

Lee:

about, well, DevOps in general, but uh, critical to making all this work.

Lee:

And what Cloud native does is it applies the same concepts to

Lee:

hardware as well as to software.

Lee:

Right?

Lee:

And so your, your entire infrastructure is now agile and, and, uh, and

Lee:

uh, and constantly evolving that.

Lee:

So, you, you mentioned the AWS word.

Lee:

And uh, and I know that very early on you made a conscious decision

Lee:

as a company that you wanted to.

Lee:

You wanted to focus on AWS , I think the phrase you used was, uh, your

Lee:

company used was You're all in on AWS.

Lee:

So talk about that a little bit.

Lee:

And, you know, nowadays multi cloud is becoming a bigger deal.

Lee:

Uh, you know, it used to, it wasn't that many years ago when AWS was the

Lee:

cloud and there really wasn't a tier two and tier three of any significance.

Lee:

But now both Azure and, and, uh, gcp, our, our major comp competitors and

Lee:

major players in the cloud market, there's other smaller ones coming up

Lee:

and multi cloud really is not only a viable option, but in many ways did a

Lee:

preferred option for a lot of companies.

Lee:

So, uh, have you adapted your AWS all in strategy to match that?

Lee:

Or, and if so, what, what does that mean to you and to your strategy?

Bruno Kurtic:

That's a fantastic question.

Bruno Kurtic:

I could go on about this question for, you know, tens of minutes.

Bruno Kurtic:

Um, so look, we, we did, we did pick AWS initially at that time when we

Bruno Kurtic:

picked AWS, it was because it was the only real viable option, right?

Bruno Kurtic:

As, as I said earlier, um, AWS has.

Bruno Kurtic:

Fabulous partner to us, right?

Bruno Kurtic:

So far, you know, they're not only a technology partner, they're also

Bruno Kurtic:

a go-to-market partner with us.

Bruno Kurtic:

And, you know, we, we work quite closely with AWS on sort of helping them help our

Bruno Kurtic:

customers, us helping their customers, and it's a very symbiotic relationship

Bruno Kurtic:

and we, we really appreciate that.

Bruno Kurtic:

Um, we, we have also, we're also fully aware that many of our

Bruno Kurtic:

customers are not just on AWS.

Bruno Kurtic:

In fact, many of our customers are not on AWS at all.

Bruno Kurtic:

And we have seen the evolution of what's happening to sort of the adoption of

Bruno Kurtic:

the cloud , we, we, I use, I use the term multi-cloud customers, and over the

Bruno Kurtic:

last five years or so, maybe six years, my conversations in my capacity as a

Bruno Kurtic:

have strategy with our customers has been to understand what is their path?

Bruno Kurtic:

How are you evolving?

Bruno Kurtic:

Your path to the cloud and then I'll come back and talk about ours.

Bruno Kurtic:

And about five years ago, everybody was telling us, Oh, it's gonna be multi-cloud.

Bruno Kurtic:

We don't wanna be beholden to one customer, one, one vendor.

Bruno Kurtic:

Nobody wanted to repeat The Microsoft of 1990s, uh, challenges of just being

Bruno Kurtic:

basically, you know, uh, essentially beholden to only one technology provider.

Bruno Kurtic:

And so, you know, everybody talked to talk and then something

Bruno Kurtic:

happened about three years.

Bruno Kurtic:

Where we actually started to see the talk translate into action.

Bruno Kurtic:

And I will tell you this, we run this, uh, we run this report annually called

Bruno Kurtic:

the continuous intelligence report , what it does, it looks at all the trends

Bruno Kurtic:

underneath our customers infrastructure.

Bruno Kurtic:

What are they doing to build their applications where they're running

Bruno Kurtic:

their applications, all that stuff.

Bruno Kurtic:

And, and the fastest group, individual group of customers that we have is

Bruno Kurtic:

the fastest growing group is the multi-cloud customers, meaning, Customers

Bruno Kurtic:

sending us data from more than one cloud to to, to observe and to secure.

Bruno Kurtic:

And so that's very interesting to us.

Bruno Kurtic:

It is still a smaller base, but it is the fastest growing and what have

Bruno Kurtic:

we done to, to do that and why have we chosen to stick with, with Amazon?

Bruno Kurtic:

So we are adapting our strategies.

Bruno Kurtic:

Number one, we're fully integrated in partners with Azure and GTP

Bruno Kurtic:

and other cloud providers as well.

Bruno Kurtic:

So we integrate and have visibility and provide observ.

Bruno Kurtic:

Security for their stacks as well.

Bruno Kurtic:

We still though, only run on Amazon.

Bruno Kurtic:

Um, and that has just been a convenience for us.

Bruno Kurtic:

No real reason.

Bruno Kurtic:

I fully imagine that at some point we, our workload itself will span

Bruno Kurtic:

clouds once we have enough of a center of gravity where we don't wanna move

Bruno Kurtic:

data around and things like that.

Bruno Kurtic:

Or customers have very, very specific requests about

Bruno Kurtic:

where the data has to reside.

Bruno Kurtic:

So far, that hasn't been an issue.

Bruno Kurtic:

Our customers don't really mind.

Bruno Kurtic:

Most of our customers are still on AWS.

Bruno Kurtic:

Right.

Bruno Kurtic:

But I totally agree with you.

Bruno Kurtic:

I see where the world is.

Bruno Kurtic:

There's definitely benefits of having multiple cloud provider

Bruno Kurtic:

infrastructures available.

Bruno Kurtic:

They all have different technologies.

Bruno Kurtic:

Some of them have better certain technologies in certain areas than others.

Bruno Kurtic:

They have better coverage in certain areas of the world where

Bruno Kurtic:

we operate and you know, I can imagine envision that happening.

Bruno Kurtic:

We just haven't had to do it quite yet.

Lee:

And you know, certainly, uh, the, the data export charges can be one of

Lee:

the things that drives customers there.

Lee:

You, you haven't had any problems with customers complaining or

Bruno Kurtic:

Great question,

Lee:

strategies.

Lee:

Uh, you always have problems with

Bruno Kurtic:

No, no, no.

Bruno Kurtic:

It's a, it's a, it's a great question because I have that conversation

Bruno Kurtic:

probably in 50% of my customer, uh, initial customer meetings, right?

Bruno Kurtic:

Everybody wants to know about that.

Bruno Kurtic:

In the end, when you sort of add it all up, it becomes a,

Bruno Kurtic:

Uh, charge because we do heavy compression in real time, you know, and the data

Bruno Kurtic:

trickles from many different places.

Bruno Kurtic:

Ultimately, that becomes a non-issue for our customers,

Bruno Kurtic:

Right.

Bruno Kurtic:

At some point you.

Bruno Kurtic:

Things will add up, including that, and we will end up, you know, I expect

Bruno Kurtic:

though that what will happen is it'll be more about people not wanting to

Bruno Kurtic:

move the data, not for the cost reasons, but because of either internal policy

Bruno Kurtic:

reasons, or regulatory reasons or, or, uh, contractual obligations or

Bruno Kurtic:

competitive concerns or whatever it is, right?

Bruno Kurtic:

They will want to keep it, and at that point, when that becomes bigger,

Bruno Kurtic:

big enough for a snowball for us, we'll probably pull the trigger.

Lee:

Yeah.

Lee:

I, And I, I agree with that comment too, and I, I think it's rather funny

Lee:

when one of the ear, early on, one of the first complaints you started

Lee:

hearing about why people couldn't move to the cloud was it's not secure.

Lee:

And now what you're hearing is we can't move data off the cloud because

Lee:

it's not secure to move off cloud.

Lee:

You know, it's, it's, it all, it all plays together there, and certainly,

Lee:

you know, the, the compliance aspect is going to be really important from, uh,

Lee:

you know, regulatory aspects, et cetera.

Lee:

Which brings me to something that I think is a differentiator for

Lee:

you compared to a lot of other observability companies, and that is

Lee:

your focus on audit and compliance.

Lee:

You know, you, you talk a lot about pci, about hipaa, SOX

Lee:

compliance, gdpr, et cetera.

Lee:

You know, basically PII management.

Lee:

Right.

Lee:

Tell me more about what you do in that space and why Sumo is,

Lee:

is an important player in, in the compliance and auditing space.

Bruno Kurtic:

Sure.

Bruno Kurtic:

Um, so look, the, the, I'll start a little bit of the history again.

Bruno Kurtic:

One of the reasons why we ended up where we ended up is because the three

Bruno Kurtic:

founders, um, including me and the two of us are two of the founders.

Bruno Kurtic:

Two of the three are still at, at, Sumo.

Bruno Kurtic:

All came prior to Sumo from a security space, security

Bruno Kurtic:

compliance space, sim space.

Bruno Kurtic:

Um, and when we first started the company, we had the hypothesis,

Bruno Kurtic:

especially for the when, when, when, um, data moves to the cloud.

Bruno Kurtic:

So we knew we were gonna focus on cloud.

Bruno Kurtic:

So that was one, number one thing.

Bruno Kurtic:

Number two, we also knew that our focus is going.

Bruno Kurtic:

Applications, customer facing mission critical apps, right?

Bruno Kurtic:

We weren't necessarily looking to just manage infrastructure where we

Bruno Kurtic:

wanted to make sure that we help cus companies transforming into digital

Bruno Kurtic:

companies running their mission critical workloads in the cloud, make those

Bruno Kurtic:

workloads run well and run secure, right?

Bruno Kurtic:

That includes compliance.

Bruno Kurtic:

So when we looked at it that way, we realized.

Bruno Kurtic:

You know what?

Bruno Kurtic:

What the security world and the compliance world looked like on premise.

Bruno Kurtic:

Where we used to be before Sumo Logic was that the observability

Bruno Kurtic:

data , was coming from the application into the observability tool.

Bruno Kurtic:

Security data was going from the edge into the security tool.

Bruno Kurtic:

There was very little overlap between security and observability there.

Bruno Kurtic:

Once you move that application to the cloud, the perimeter goes away.

Bruno Kurtic:

You're running on infrastructure where your hacker might be running

Bruno Kurtic:

on the same physical machine on a virtual machine right next to you.

Bruno Kurtic:

There is no perimeter.

Bruno Kurtic:

There is no way to really kind of think about yourself as as walled off.

Bruno Kurtic:

Therefore, security and observability data comes from the same technologies.

Bruno Kurtic:

So we had a hypothesis that the data between observability and

Bruno Kurtic:

security will be heavily, heavily overlapping in the cloud, which meant

Bruno Kurtic:

that economically it didn't make.

Bruno Kurtic:

To duplicate it and put it into two different tools because it's huge, right?

Bruno Kurtic:

It's gonna cost you too much.

Bruno Kurtic:

And we thought from the very beginning, we need to make a technology that will

Bruno Kurtic:

have one data, uh, payload under the hood and multiple different lenses

Bruno Kurtic:

looking at that data for various purposes of a digital enterprise.

Bruno Kurtic:

So that was the sort of premise.

Bruno Kurtic:

We think that we were correct at that.

Bruno Kurtic:

We, we have.

Bruno Kurtic:

We think that we have proven that a hypothesis correct at this point in time.

Bruno Kurtic:

And now why?

Bruno Kurtic:

Compliance, right?

Bruno Kurtic:

When you think about compliance and audit, it's really important when

Bruno Kurtic:

you're running an application, right?

Bruno Kurtic:

Which contains, you know, your customer's data, your employee data.

Bruno Kurtic:

When you're processing credit cards, when you're holding health records, when you're

Bruno Kurtic:

running on third party infrastructure, auditors are gonna want to.

Bruno Kurtic:

How are you operating your technology stacks in this environment

Bruno Kurtic:

that you don't control anymore?

Bruno Kurtic:

And so we initially immediately knew that compliance will be a big use

Bruno Kurtic:

case for our customers given what business they are pursuing and what

Bruno Kurtic:

we were trying to help them with.

Bruno Kurtic:

And so we had a two-pronged strategy.

Bruno Kurtic:

One was.

Bruno Kurtic:

We, nobody will trust us because we were a small little cloud company at

Bruno Kurtic:

the beginning of the cloud, so we had to have a third party certify us in order

Bruno Kurtic:

to, for us not to have to convince the customer, like, I can't convince a GE or

Bruno Kurtic:

somebody like that, that I'm, I'm secure.

Bruno Kurtic:

I'm gonna leave that to the auditors.

Bruno Kurtic:

So we actually made ourselves go through the rigorous process of architecting

Bruno Kurtic:

for compliance and security and actually getting certifications for

Bruno Kurtic:

PCI provider level one, hippa, fedra, moderate, all of these things that we

Bruno Kurtic:

now hold and that gives our customers a level of security about ourselves.

Bruno Kurtic:

Second was we said, Okay, they will then need to also prove their own

Bruno Kurtic:

compliance to their own auditors.

Bruno Kurtic:

So we.

Bruno Kurtic:

will take these techniques, these techniques of understanding

Bruno Kurtic:

these compliance regulations and build solutions for our customers

Bruno Kurtic:

to actually gather the data.

Bruno Kurtic:

Store it in a, in a worm.

Bruno Kurtic:

Only write ones, read many, um, non-changeable data store.

Bruno Kurtic:

Be able to pull reports for auditors, do it all of that on a regular basis

Bruno Kurtic:

in order to provide our customers retooling for compliance auditors

Bruno Kurtic:

and for their own regulatory needs.

Bruno Kurtic:

So those are the two, That's the two, two-prong strategy for

Bruno Kurtic:

compliance that we needed to do.

Bruno Kurtic:

And you know, so far it's been working pretty well.

Lee:

Do you feel you're a tool that helps companies get compliance, um,

Lee:

maintain compliance, or are you a tool that helps companies work, uh, figure

Lee:

out what they need to do to become compliant or, or all of the above?

Lee:

Where, where's your focus there?

Bruno Kurtic:

our focus is to help our customers be compliant,

Bruno Kurtic:

run in a compliant manner.

Bruno Kurtic:

Prove compliance and maintain their compliance on an ongoing basis.

Bruno Kurtic:

We have many of our customers who are basically, you know, payment

Bruno Kurtic:

providers, like, you know, modern online payment providers, you know,

Bruno Kurtic:

companies like Visa and others.

Bruno Kurtic:

And they are basically, you know, using us, many of these pain

Bruno Kurtic:

providers using us to essentially prove to they're pci, right?

Bruno Kurtic:

And, and they use us to answer questions of their auditors when they come in.

Bruno Kurtic:

And, um, you.

Bruno Kurtic:

Talk to them about, you know, pulling up specific months of data to, to,

Bruno Kurtic:

you know, verify that, you know, the personal, uh, account systems

Bruno Kurtic:

have not been, you know, hack into,

Lee:

So it's, it's to help the companies maintain compliance.

Lee:

Or, and, and if that helps in getting the compliance or helps

Lee:

the auditors, that's great.

Lee:

But the main purpose is for your, uh, customers to do the things they need to

Lee:

do to maintain the compliance that they

Bruno Kurtic:

Correct.

Bruno Kurtic:

And then you know, you have to, you know, it never goes just like that.

Bruno Kurtic:

Right?

Bruno Kurtic:

Because, you know, we have a whole cloud sim tool.

Bruno Kurtic:

Well, what's the sim all about?

Bruno Kurtic:

Well, it's about.

Bruno Kurtic:

becoming more secure.

Bruno Kurtic:

What's compliance about?

Bruno Kurtic:

It's, you know, what's pci?

Bruno Kurtic:

PCI is just a set of specific rules on what you need to do to

Bruno Kurtic:

be secure in order to, that the industry allows you to process, you

Bruno Kurtic:

know, credit card payments, right?

Bruno Kurtic:

So, you know, our technology helps customers become more secure, detect

Bruno Kurtic:

threats, defend against threats, investigate threats, and then prove.

Bruno Kurtic:

To the auditors that they comply with specific regulations that are required.

Lee:

So Sumo Logic is listed in the, you know, the Gardner Magic Quadrant

Lee:

for, I believe it's the one for security information and event management.

Lee:

You're listed as a visionary and so obviously this is a big deal.

Lee:

I, you know, the Gardner Magic quadrant's a big deal to a lot of companies,

Lee:

but especially when they're, uh, customers or enterprise customers.

Lee:

But what specifically does that mean for you and your customer?

Bruno Kurtic:

So we're one of the few, very, very few, uh, uh, that are listed

Bruno Kurtic:

in both the APM and Observability Magic Quadrant as well as Sim s Im Magic

Bruno Kurtic:

Quadrant, which is, you know, sort of the, the manifestation to what you were

Bruno Kurtic:

saying earlier that we, we, you know, we, we participated in both of these domains.

Bruno Kurtic:

Um, What it means for our customers to be visionary, um, is that, you

Bruno Kurtic:

know, we know how to handle their security use cases across the

Bruno Kurtic:

spectrum of security, from security analytics, cloud security analytics,

Bruno Kurtic:

essentially managing and monitoring their cloud security to compliance

Bruno Kurtic:

and auditing all the way to sim.

Bruno Kurtic:

And Soar, right?

Bruno Kurtic:

We have a so product as well, which is a security orchestration, automation

Bruno Kurtic:

response product, which, you know, in that sort of full spectrum, I

Bruno Kurtic:

would call it a full stack security.

Bruno Kurtic:

But overall, what the, the participation and recognition of the Gartner

Bruno Kurtic:

Magic there means is that we check the right boxes and divisionary.

Bruno Kurtic:

We are actually innovating, right?

Bruno Kurtic:

We are innovating with technologies and techniques.

Bruno Kurtic:

Like for example, we have a global intelligence service that we built,

Bruno Kurtic:

which is essentially, uh, leveraging our multitenancy and our visibility.

Bruno Kurtic:

Into, you know, thousands of different customers infrastructures

Bruno Kurtic:

and, and threats that are being experienced, say on AWS, right?

Bruno Kurtic:

We have this, we have this sort of crowdsourced engine that is able to

Bruno Kurtic:

detect the threats of AWS and then allow customers who are say on AWS to

Bruno Kurtic:

compare themselves against a global threat profile and say, Okay, why

Bruno Kurtic:

do I have more of these types of threats than what is seen on average?

Bruno Kurtic:

Let's say whatever, you know, subset of communities you

Bruno Kurtic:

see, let's say on AWS, right?

Bruno Kurtic:

It allows you to sort of not be in a silo to learn from the community of experts and

Bruno Kurtic:

to actually improve proactively, right?

Bruno Kurtic:

So that's one of the reasons, for example, that we are visionaries in that quadrant

Bruno Kurtic:

. Lee: So I wanna switch

Bruno Kurtic:

So, you know, one of the things that's been coming up in the cloud conversations,

Bruno Kurtic:

More and more in recent years, and by recent years, I think specifically

Bruno Kurtic:

I'm talking about the last year or two

Bruno Kurtic:

is cost.

Bruno Kurtic:

And, um, you know, you're e even starting to see, you know, people

Bruno Kurtic:

writing about, uh, the backlash about how the cloud is ex is more expensive.

Bruno Kurtic:

And, you know, e even pundants , like, like David Linthicum, who's, you know,

Bruno Kurtic:

an enterprise cloud expert , has been very, very, very, , um, focused on

Bruno Kurtic:

some of his writing on cloud is, is too expensive and it's kind of surprising to

Bruno Kurtic:

hear a lot of those sorts of comments.

Bruno Kurtic:

And then 37signals . And when I think about this and when I look at it, when I

Bruno Kurtic:

analyze what I'm reading in those areas, usually what I find the issue isn't that

Bruno Kurtic:

people find the cloud to be too expensive.

Bruno Kurtic:

That's what they think the problem is, but usually what it is, is they find.

Bruno Kurtic:

And what's usually the problem, I should say, is that the cloud

Bruno Kurtic:

is too easy to spend money in.

Bruno Kurtic:

And the, the agility of the cloud is part of what makes it more expensive to use.

Bruno Kurtic:

Um, there's, of course, you know, that's a very simplistic view.

Bruno Kurtic:

It's a lot more detailed than that, but, but cost management

Bruno Kurtic:

in the cloud is something that, you know, its day is here, right?

Bruno Kurtic:

We need to find ways and techniques to better manage.

Bruno Kurtic:

Uh, cost and cost containment in cloud infrastructures in order for

Bruno Kurtic:

the cloud to maintain its ability to provide a cost effective solution

Bruno Kurtic:

to an on premise data center.

Bruno Kurtic:

Now, Sumo Logic is, uh, is in the cost management space.

Bruno Kurtic:

So what, what do you do specifically for your customers for cloud cost

Bruno Kurtic:

optimization, and where do you see the future of the cloud from the

Bruno Kurtic:

standpoint of cost optimization?

Bruno Kurtic:

Uh, that's a great question.

Bruno Kurtic:

Um, just before I go there, I'll just confirm or agree with you

Bruno Kurtic:

a little bit about this sort of whole cost of the cloud.

Bruno Kurtic:

My perspective on the cloud has always been, it's not about cost.

Bruno Kurtic:

It's about focus on, you know, why should a, you know, a real estate company learn

Bruno Kurtic:

how to run and wrap and stock servers.

Bruno Kurtic:

That just doesn't make sense.

Bruno Kurtic:

Like, you know, and I would, I would, I would venture to say,

Bruno Kurtic:

when you do the fully loaded cost, would all of the, um, sort of.

Bruno Kurtic:

Spend and, and time spend and talent spend and physical infrastructure, all

Bruno Kurtic:

this stuff, I would, I would still argue that I'm not sure that, that it would

Bruno Kurtic:

be end up being more expensive, but let's just, let's let the people who,

Lee:

again, choir here.

Lee:

I completely agree with you.

Lee:

And, and that's something I could and have talked for long periods

Bruno Kurtic:

Right.

Bruno Kurtic:

Uh, I, Exactly.

Bruno Kurtic:

So, so, we're, we're we're on the same page there, but I would say that, you

Bruno Kurtic:

know, it's important, and I do agree with you, that it's very easy to spend

Bruno Kurtic:

money on, on cloud, and then if you're not diligent and you don't clean up after

Bruno Kurtic:

yourself, you can see what can happen.

Bruno Kurtic:

Right?

Bruno Kurtic:

You can be a lot lingering infrastructure just sitting there and wasting money.

Bruno Kurtic:

But what do we do for our customers?

Bruno Kurtic:

We have, we have, um, we do a few things.

Bruno Kurtic:

Uh, we actually just announced recently a, an application that is essentially

Bruno Kurtic:

looks at, um, sort of the, the, the data.

Bruno Kurtic:

Let's talk about AWS again.

Bruno Kurtic:

Uh, that we are collecting on behalf of a customer in AWS.

Bruno Kurtic:

We're looking at, you know, how much.

Bruno Kurtic:

What, how much of, what infrastructure they're, they're, they're consuming,

Bruno Kurtic:

what type of infrastructure they're consuming, um, where are their

Bruno Kurtic:

opportunities to reduce that cost?

Bruno Kurtic:

What is, what this would look like, you know, if it was, you know, reserve

Bruno Kurtic:

spend versus non reserve spend.

Bruno Kurtic:

All of these things we do.

Bruno Kurtic:

So it's basically breaking down what we see flowing from through

Bruno Kurtic:

their data, from their applications.

Bruno Kurtic:

We break it down into components that are sort of meaningful costs.

Bruno Kurtic:

These cloud providers, particularly AWS, and then we essentially just

Bruno Kurtic:

illuminated sometimes, you know, when you look at the AWS bill or Bill from

Bruno Kurtic:

other cloud providers, it's, it's, it's not that easy to digest and.

Bruno Kurtic:

I'm not gonna say that it's by design like that, but it's not that easy to digest.

Bruno Kurtic:

Like we, we've looked at our own, uh, uh, uh, costs and that's why

Bruno Kurtic:

there's a cottage industry of, of companies that is always focused

Bruno Kurtic:

on, on managing cloud costs, right?

Bruno Kurtic:

And, you know, uh, you've seen that.

Bruno Kurtic:

The other thing that we do that I think is more, even more unique than, um, uh,

Bruno Kurtic:

than this application is again, Um, this global intelligence work that we've done.

Bruno Kurtic:

So I talked about it in, in aspect of security, where you can look at,

Bruno Kurtic:

hey, what do the threat, what does the threat profile look like and

Bruno Kurtic:

what, why look like we're doing this also for observability and cost.

Bruno Kurtic:

What does that mean?

Bruno Kurtic:

So it means that we, when we, let me use an example of Kubernetes, we are managing

Bruno Kurtic:

tens of thousands of Kubernetes clusters.

Bruno Kurtic:

We take, you know, on behalf of our customers and nodes and what have you.

Bruno Kurtic:

and we are benchmarking those or those clusters to understand what the

Bruno Kurtic:

provisioning looks like on average.

Bruno Kurtic:

What amount of memory are they consuming cpu?

Bruno Kurtic:

Are they consuming what through getting, We're doing the same thing.

Bruno Kurtic:

We're looking at things like that are seeing flow through cloud

Bruno Kurtic:

drill to look at like instance consumption and databases and latency

Bruno Kurtic:

and inserts and all that stuff.

Bruno Kurtic:

And we're then benchmarking that and providing that back to customers.

Bruno Kurtic:

And we have an application for Kubernetes that basically says, Hey, we've looked

Bruno Kurtic:

at all of your Kubernetes clusters and we think that 70% of them are are mis.

Bruno Kurtic:

You know, 30% are, um, overspending.

Bruno Kurtic:

They're over-provisioned and you know, another 40 are under provisioned

Bruno Kurtic:

where you're incurring risk.

Bruno Kurtic:

Right.

Bruno Kurtic:

We actually had, uh, a customer of ours, Alaska Airlines did the whole

Bruno Kurtic:

presentation at our conference on this very topic, is they were able to like

Bruno Kurtic:

just turn the sun and all of a sudden, based on the benchmarking of the all

Bruno Kurtic:

of the communities clusters, as we see, they immediately understood where

Bruno Kurtic:

their gaps were in terms of spend,

Bruno Kurtic:

and they were able to remedy those.

Lee:

So you essentially treat cost just like, uh, any

Lee:

other observability variable.

Bruno Kurtic:

Correct.

Lee:

That's a great strategy.

Lee:

And again, something you can do with a platform that you

Lee:

can't do with separate tools.

Lee:

So that's cool.

Lee:

That's great.

Lee:

Hey, are you going to be at reinvent this year?

Bruno Kurtic:

Absolutely.

Bruno Kurtic:

I've never missed one and we are, never missed one.

Bruno Kurtic:

And I will be on this one as well.

Lee:

I'm a little envious.

Lee:

I've missed the last two.

Lee:

Uh, you know, I missed the, the one in the heart of the pandemic and last year I

Lee:

was planning on going and then decided it.

Lee:

Probably just wasn't quite time yet.

Lee:

I decided not to and, and really regret that going, but I am going to be there

Lee:

this year, so let's definitely touch bases

Lee:

. Anyway, well thank you,

Lee:

I want to thank you for joining me today and I look forward to

Lee:

talking to you in the future.

Bruno Kurtic:

Thank you very much.

Bruno Kurtic:

It was a pleasure and any time you're interested to let me know.

Lee:

my guest today has been Bruno Kurtic, the founding Chief

Lee:

Strategy Officer for Sumo Logic.

Lee:

Bruno, thank you for being on modern digital Business.