Shownotes
Operating a modern digital business means building and operating large, highly-scaled applications that are more and more cloud-native in their architecture and implementation. Observability is critical in maintaining the highly scaled, highly available, highly adaptive nature of these modern cloud-native applications. You just can't keep a large, complex, modern application operating without having a solid, modern observability platform as part of your system. And ideally, in today's cloud-native market, you want an observability platform that is based on cloud-native technologies.
Sumo Logic is a leader in cloud-native observability. They not only focus on providing analytics for cloud-native applications, but they themselves also operate on a cloud-native platform. And while Sumo Logic provides tools for improving application reliability and availability, what really sets them apart is their focus on security and compliance in a cloud-native environment.
Bruno Kurtic, founding Chief Strategy Officer for Sumo Logic, today on Modern Digital Business.
Useful Links
- Bruno Kurtic | LinkedIn
- Cloud Log Management, Monitoring, SIEM Tools | Sumo Logic
- Architecting for Scale, 2nd Edition, O’Reilly Media
About Lee
Lee Atchison is a software architect, author, public speaker, and recognized thought leader on cloud computing and application modernization. His most recent book, Architecting for Scale (O’Reilly Media), is an essential resource for technical teams looking to maintain high availability and manage risk in their cloud environments. Lee has been widely quoted in multiple technology publications, including InfoWorld, Diginomica, IT Brief, Programmable Web, CIO Review, and DZone, and has been a featured speaker at events across the globe.
Take a look at Lee's many books, courses, and articles by going to leeatchison.com.
Looking to modernize your application organization?
Check out Architecting for Scale. Currently in it's second edition, this book, written by Lee Atchison, and published by O'Reilly Media, will help you build high scale, highly available web applications, or modernize your existing applications. Check it out! Available in paperback or on Kindle from Amazon.com or other retailers.
Don't Miss Out!
Subscribe here to catch each new episode as it becomes available.
Want more from Lee? Click here to sign up for our newsletter. You'll receive information about new episodes, new articles, new books, and courses from Lee. Don't worry, we won't send you spam, and you can unsubscribe anytime.
Mentioned in this episode:
LinkedIn Learning Courses
Are you looking to become an architect? Or perhaps are you looking to learn how to drive your organization towards better utilization of the cloud? Are you you looking for ways to help you utilize a Cloud Center of Excellence in your organization? I have a whole series of cloud and architecture courses available on LinkedIn Learning. For more information, please go to leeatchison.com/courses or mdb.fm/courses.
LinkedIn Learning Courses
Are you looking to become an architect? Or perhaps are you looking to learn how to drive your organization towards better utilization of the cloud? Are you you looking for ways to help you utilize a Cloud Center of Excellence in your organization? I have a whole series of cloud and architecture courses available on LinkedIn Learning. For more information, please go to leeatchison.com/courses or mdb.fm/courses.
Architecting for Scale
What does it take to operate a modern organization running a modern digital application? Read more in my O’Reilly Media book Architecting for Scale, now in its second edition. Go to: leeatchison.com/books or mdb.fm/afs.
Transcripts
Operating a modern digital business means building and operating large,
Lee:highly scaled applications that are more and more cloud-native in their
Lee:architecture and implementation.
Lee:Observability is critical in maintaining the highly scaled, highly available,
Lee:highly adaptive nature of these modern cloud-native applications.
Lee:You just can't keep a large, complex, modern application operating without
Lee:having a solid, modern observability platform as part of your system.
Lee:And ideally, in today's cloud-native market, you want an observability
Lee:platform that is itself based on cloud-native technologies.
Lee:Today I will talk with the founder of such a cloud-native platform.
Lee:Are you ready?
Lee:Let's go.
Lee:Sumo Logic is a leader in cloud-native observability.
Lee:They not only focus on providing analytics for cloud-native
Lee:applications, they themselves operate on the cloud native platform.
Lee:And while Sumo Logic provides tools for improving application reliability and
Lee:availability, What really sets them apart in my mind, is their focus on security and
Lee:compliance in a cloud-native environment.
Lee:My guest today is Bruno Kurtic.
Lee:Bruno is the founding Chief Strategy Officer for Sumo Logic.
Lee:Bruno, welcome to Modern Digital Business.
Bruno Kurtic:Thank you.
Bruno Kurtic:It's a pleasure to be here.
Lee:Well, so Sumo Logic, it appears, has a, I guess what I
Lee:would call a multidimensional approach to observability.
Lee:You do infrastructure monitoring, log monitoring, uh, you know,
Lee:traditional application performance monitoring, and then you get into
Lee:security and audit compliance, and even software lifecycle optimization.
Lee:If you had to point a one thing that is the core key differentiator for
Lee:Sumo, what would that one thing be?
Bruno Kurtic:Well, it's a single platform that is all based on our
Bruno Kurtic:strength in handling, highly scaled.
Bruno Kurtic:Um, unstructured log data, right?
Bruno Kurtic:It's the output of most of this infrastructure and applications.
Bruno Kurtic:And we've, over the last 12 years, really spent a lot of effort on
Bruno Kurtic:making sure we can handle that data at scale, uh, as it bursts that we
Bruno Kurtic:can find schema and structure in the unstructured data and really kind of,
Bruno Kurtic:um, put a lot of analytic rigor on digging up insights inside of this
Bruno Kurtic:highly scaled, unstructured data that.
Bruno Kurtic:Generally hard to analyze.
Lee:So it's the platform approach to Observability.
Bruno Kurtic:It is, and it's the logs and the unstructured, uh, data
Bruno Kurtic:that we process through the log management system that we built.
Lee:Okay.
Lee:So it's, it's not just the structured analytical data, it's unstructured
Lee:log data and the importance of, uh, of relating all that.
Lee:And I'm, and I'm assuming, um, the processing of that
Lee:includes, uh, AI machine learning capabilities that you go into it.
Lee:Do you wanna talk about that
Bruno Kurtic:It ,it absolutely does.
Bruno Kurtic:Yeah.
Bruno Kurtic:Um, there's, there's a lot of techniques that, that we've built.
Bruno Kurtic:To make that log data and unstructured data to life for our customers, right?
Bruno Kurtic:As because that data is growing at the rate of Moore's law, meaning it's, it's
Bruno Kurtic:growing faster than budget, it's growing faster than than companies revenues.
Bruno Kurtic:So coping with it and finding insights that it's critical.
Bruno Kurtic:So we've applied a lot of techniques to that.
Bruno Kurtic:Number one is we apply machine learning and AI to this data.
Bruno Kurtic:Uh, our approach to that is very much of black box.
Bruno Kurtic:We, we built algorithms.
Bruno Kurtic:Highly focused and specially tuned for specific use cases.
Bruno Kurtic:They work on behalf of our customers.
Bruno Kurtic:They discover anomalies, patterns, outliers, perform predictive analytics
Bruno Kurtic:and all these things the hood without our customer setting to know anything
Bruno Kurtic:about machine learning, right?
Bruno Kurtic:So the engine works on behalf of the customer without the customer having
Bruno Kurtic:to science teams working with it.
Bruno Kurtic:So that's, that's number one.
Bruno Kurtic:And number two that we are building.
Bruno Kurtic:Techniques around these analytics, for example, able to take fully unstructured
Bruno Kurtic:data without knowing anything about it.
Bruno Kurtic:Ingested into the system apply schema on demand, meaning we don't
Bruno Kurtic:have to know what the data is.
Bruno Kurtic:We can extract schema at, at query time and perform all of the required analytics
Bruno Kurtic:as if we re as if we knew the schema ahead of time, which is super difficult to do.
Bruno Kurtic:And it is really important in a, in a world.
Bruno Kurtic:Agile teams ship new code and new data into production every hour of the
Bruno Kurtic:day, and you cannot rely on knowing what the schema is ahead of time.
Bruno Kurtic:So that's another technique that's very unique and important
Bruno Kurtic:in this, in this, in this space.
Lee:Did I hear you say at query time, you actually apply the schema changes.
Lee:this is all, all done based on the, the request from a given user looking
Lee:for a specific pattern or whatever.
Lee:And in data they, they give you a query, and from that query you
Lee:deduce a schema on your unstructured.
Lee:And then process through that query.
Bruno Kurtic:Exactly.
Bruno Kurtic:Automatically discover schema and, and we also allow customers to specify,
Bruno Kurtic:Hey, I wanna look at these fields.
Bruno Kurtic:I wanna extract them, you know, specifically these,
Bruno Kurtic:or we can extract them.
Lee:What about alerting is, so this is, that's great for, for, uh, analysis
Lee:by a human, asking questions upon the data representing what's the, the
Lee:application going is going through.
Lee:But what about alerting and, and the non-monitored or the non-human
Lee:monitored aspect of observability?
Bruno Kurtic:Yep.
Bruno Kurtic:So, you know, look, um, alerting is a huge use case for us.
Bruno Kurtic:Um, we alert on all types of telemetry, you know, traces, um,
Bruno Kurtic:metrics and logs, obviously, right?
Bruno Kurtic:Logs are the big, big part of what we alert on.
Bruno Kurtic:So we alert on all kinds of different, um, uh, conditions, right?
Bruno Kurtic:So, A general purpose alerting system that can basically do basic aggregations
Bruno Kurtic:and say, okay, if a specific user fails, log in more than x times within,
Bruno Kurtic:you know, a set period, you alert.
Bruno Kurtic:Right?
Bruno Kurtic:And we extract that schema as the alert is being evaluated.
Bruno Kurtic:We also, those will be sort of simple alerts, but then we've got also.
Bruno Kurtic:So unknown, unknown type of alerts where we're detecting, Okay,
Bruno Kurtic:we have a whole new pattern.
Bruno Kurtic:We detected, we've never seen this pattern.
Bruno Kurtic:You probably want to know about this pattern.
Bruno Kurtic:Right?
Bruno Kurtic:Something so much more sophisticated.
Bruno Kurtic:Security style, threat detection type of alert.
Bruno Kurtic:That we apply.
Bruno Kurtic:And for those, we either extract schema on ingest, or we extract schema on
Bruno Kurtic:demand as as, uh, the data is coming in,
Lee:So now your, your focus is cloud native applications, is that correct?
Lee:I mean, it's obviously these strategies can work for all types
Lee:of applications, but you focus on cloud native a applications.
Lee:Tell me what that means to you.
Bruno Kurtic:In any industry, you win by innovating faster.
Bruno Kurtic:Agile is a way to innovate faster, and if you're gonna build software in
Bruno Kurtic:a much at a much faster rate, there are things downstream that facilitate.
Bruno Kurtic:For example, when you build software and you change it every hour of every day,
Bruno Kurtic:you probably want to be able to change your hardware at a similar rate of.
Bruno Kurtic:You can't do that in a data center, right?
Bruno Kurtic:So in the cloud you essentially, it's not all about cost and you know, separating
Bruno Kurtic:yourself from managing infrastructure.
Bruno Kurtic:It's about evolving your hardware.
Bruno Kurtic:At the rate you're evolving software.
Bruno Kurtic:Then the architecture that evolved with that is the microservices architecture.
Bruno Kurtic:Because you de componentize the software, it allows you to sort of upgrade and
Bruno Kurtic:build and push the production much faster.
Bruno Kurtic:And all of these things are designed to accelerate the the rate
Bruno Kurtic:of innovation when this happens.
Bruno Kurtic:We are breaking down the number of components we're getting, you know, order.
Bruno Kurtic:Couple of orders of magnitude, more components.
Bruno Kurtic:Components are more ephemeral.
Bruno Kurtic:You know, you go from servers and virtual machines to containers and serverless
Bruno Kurtic:functions, Uh, microservices, many more sort of code, um, uh, containers
Bruno Kurtic:that, that than in the previous three tier or multi-tier applications, which
Bruno Kurtic:means that there's far more vari.
Bruno Kurtic:Many, many more components to keep track of scale, um, is much
Bruno Kurtic:more sort of, um, elastic, right?
Bruno Kurtic:So
Bruno Kurtic:being able to monitor these components to be able to adapt yourself to
Bruno Kurtic:scaling the of these applications is very different behavior than, than
Bruno Kurtic:what you see in the data center.
Bruno Kurtic:And so for that new techniques had to evolve, had to be.
Bruno Kurtic:Our own application had to be different and more scalable and more integrated
Bruno Kurtic:into the cloud stacks, more aware of these components, and that is why we
Bruno Kurtic:focused on the cloud native application.
Bruno Kurtic:And we do believe that, that it requires very, very different tooling
Bruno Kurtic:and technology for observability.
Lee:And I completely agree with you.
Lee:You're, you're speaking to the choir a little bit here when, uh, when you talk
Lee:about that, I've, I've spoken a lot about, uh, the, what I call the dynamic
Lee:cloud, which is basically the, the aspect that your application is changing
Lee:not only software, but hardware and hardware's constantly changing, constantly
Lee:involving, and that makes observability more difficult and actually more central.
Lee:It's so, so much more critical.
Lee:You know, the, you know, people who are afraid of Agile are afraid of, well, how,
Lee:how, how can you make a change so fast?
Lee:How do you know, how, you know, what happens to your application that
Lee:says, Well, the answer is you, you watch it, you pay attention to it.
Lee:And you have software that does that.
Lee:And that's a critical aspect about Agile or, and a critical aspect
Lee:about, well, DevOps in general, but uh, critical to making all this work.
Lee:And what Cloud native does is it applies the same concepts to
Lee:hardware as well as to software.
Lee:Right?
Lee:And so your, your entire infrastructure is now agile and, and, uh, and
Lee:uh, and constantly evolving that.
Lee:So, you, you mentioned the AWS word.
Lee:And uh, and I know that very early on you made a conscious decision
Lee:as a company that you wanted to.
Lee:You wanted to focus on AWS , I think the phrase you used was, uh, your
Lee:company used was You're all in on AWS.
Lee:So talk about that a little bit.
Lee:And, you know, nowadays multi cloud is becoming a bigger deal.
Lee:Uh, you know, it used to, it wasn't that many years ago when AWS was the
Lee:cloud and there really wasn't a tier two and tier three of any significance.
Lee:But now both Azure and, and, uh, gcp, our, our major comp competitors and
Lee:major players in the cloud market, there's other smaller ones coming up
Lee:and multi cloud really is not only a viable option, but in many ways did a
Lee:preferred option for a lot of companies.
Lee:So, uh, have you adapted your AWS all in strategy to match that?
Lee:Or, and if so, what, what does that mean to you and to your strategy?
Bruno Kurtic:That's a fantastic question.
Bruno Kurtic:I could go on about this question for, you know, tens of minutes.
Bruno Kurtic:Um, so look, we, we did, we did pick AWS initially at that time when we
Bruno Kurtic:picked AWS, it was because it was the only real viable option, right?
Bruno Kurtic:As, as I said earlier, um, AWS has.
Bruno Kurtic:Fabulous partner to us, right?
Bruno Kurtic:So far, you know, they're not only a technology partner, they're also
Bruno Kurtic:a go-to-market partner with us.
Bruno Kurtic:And, you know, we, we work quite closely with AWS on sort of helping them help our
Bruno Kurtic:customers, us helping their customers, and it's a very symbiotic relationship
Bruno Kurtic:and we, we really appreciate that.
Bruno Kurtic:Um, we, we have also, we're also fully aware that many of our
Bruno Kurtic:customers are not just on AWS.
Bruno Kurtic:In fact, many of our customers are not on AWS at all.
Bruno Kurtic:And we have seen the evolution of what's happening to sort of the adoption of
Bruno Kurtic:the cloud , we, we, I use, I use the term multi-cloud customers, and over the
Bruno Kurtic:last five years or so, maybe six years, my conversations in my capacity as a
Bruno Kurtic:have strategy with our customers has been to understand what is their path?
Bruno Kurtic:How are you evolving?
Bruno Kurtic:Your path to the cloud and then I'll come back and talk about ours.
Bruno Kurtic:And about five years ago, everybody was telling us, Oh, it's gonna be multi-cloud.
Bruno Kurtic:We don't wanna be beholden to one customer, one, one vendor.
Bruno Kurtic:Nobody wanted to repeat The Microsoft of 1990s, uh, challenges of just being
Bruno Kurtic:basically, you know, uh, essentially beholden to only one technology provider.
Bruno Kurtic:And so, you know, everybody talked to talk and then something
Bruno Kurtic:happened about three years.
Bruno Kurtic:Where we actually started to see the talk translate into action.
Bruno Kurtic:And I will tell you this, we run this, uh, we run this report annually called
Bruno Kurtic:the continuous intelligence report , what it does, it looks at all the trends
Bruno Kurtic:underneath our customers infrastructure.
Bruno Kurtic:What are they doing to build their applications where they're running
Bruno Kurtic:their applications, all that stuff.
Bruno Kurtic:And, and the fastest group, individual group of customers that we have is
Bruno Kurtic:the fastest growing group is the multi-cloud customers, meaning, Customers
Bruno Kurtic:sending us data from more than one cloud to to, to observe and to secure.
Bruno Kurtic:And so that's very interesting to us.
Bruno Kurtic:It is still a smaller base, but it is the fastest growing and what have
Bruno Kurtic:we done to, to do that and why have we chosen to stick with, with Amazon?
Bruno Kurtic:So we are adapting our strategies.
Bruno Kurtic:Number one, we're fully integrated in partners with Azure and GTP
Bruno Kurtic:and other cloud providers as well.
Bruno Kurtic:So we integrate and have visibility and provide observ.
Bruno Kurtic:Security for their stacks as well.
Bruno Kurtic:We still though, only run on Amazon.
Bruno Kurtic:Um, and that has just been a convenience for us.
Bruno Kurtic:No real reason.
Bruno Kurtic:I fully imagine that at some point we, our workload itself will span
Bruno Kurtic:clouds once we have enough of a center of gravity where we don't wanna move
Bruno Kurtic:data around and things like that.
Bruno Kurtic:Or customers have very, very specific requests about
Bruno Kurtic:where the data has to reside.
Bruno Kurtic:So far, that hasn't been an issue.
Bruno Kurtic:Our customers don't really mind.
Bruno Kurtic:Most of our customers are still on AWS.
Bruno Kurtic:Right.
Bruno Kurtic:But I totally agree with you.
Bruno Kurtic:I see where the world is.
Bruno Kurtic:There's definitely benefits of having multiple cloud provider
Bruno Kurtic:infrastructures available.
Bruno Kurtic:They all have different technologies.
Bruno Kurtic:Some of them have better certain technologies in certain areas than others.
Bruno Kurtic:They have better coverage in certain areas of the world where
Bruno Kurtic:we operate and you know, I can imagine envision that happening.
Bruno Kurtic:We just haven't had to do it quite yet.
Lee:And you know, certainly, uh, the, the data export charges can be one of
Lee:the things that drives customers there.
Lee:You, you haven't had any problems with customers complaining or
Bruno Kurtic:Great question,
Lee:strategies.
Lee:Uh, you always have problems with
Bruno Kurtic:No, no, no.
Bruno Kurtic:It's a, it's a, it's a great question because I have that conversation
Bruno Kurtic:probably in 50% of my customer, uh, initial customer meetings, right?
Bruno Kurtic:Everybody wants to know about that.
Bruno Kurtic:In the end, when you sort of add it all up, it becomes a,
Bruno Kurtic:Uh, charge because we do heavy compression in real time, you know, and the data
Bruno Kurtic:trickles from many different places.
Bruno Kurtic:Ultimately, that becomes a non-issue for our customers,
Bruno Kurtic:Right.
Bruno Kurtic:At some point you.
Bruno Kurtic:Things will add up, including that, and we will end up, you know, I expect
Bruno Kurtic:though that what will happen is it'll be more about people not wanting to
Bruno Kurtic:move the data, not for the cost reasons, but because of either internal policy
Bruno Kurtic:reasons, or regulatory reasons or, or, uh, contractual obligations or
Bruno Kurtic:competitive concerns or whatever it is, right?
Bruno Kurtic:They will want to keep it, and at that point, when that becomes bigger,
Bruno Kurtic:big enough for a snowball for us, we'll probably pull the trigger.
Lee:Yeah.
Lee:I, And I, I agree with that comment too, and I, I think it's rather funny
Lee:when one of the ear, early on, one of the first complaints you started
Lee:hearing about why people couldn't move to the cloud was it's not secure.
Lee:And now what you're hearing is we can't move data off the cloud because
Lee:it's not secure to move off cloud.
Lee:You know, it's, it's, it all, it all plays together there, and certainly,
Lee:you know, the, the compliance aspect is going to be really important from, uh,
Lee:you know, regulatory aspects, et cetera.
Lee:Which brings me to something that I think is a differentiator for
Lee:you compared to a lot of other observability companies, and that is
Lee:your focus on audit and compliance.
Lee:You know, you, you talk a lot about pci, about hipaa, SOX
Lee:compliance, gdpr, et cetera.
Lee:You know, basically PII management.
Lee:Right.
Lee:Tell me more about what you do in that space and why Sumo is,
Lee:is an important player in, in the compliance and auditing space.
Bruno Kurtic:Sure.
Bruno Kurtic:Um, so look, the, the, I'll start a little bit of the history again.
Bruno Kurtic:One of the reasons why we ended up where we ended up is because the three
Bruno Kurtic:founders, um, including me and the two of us are two of the founders.
Bruno Kurtic:Two of the three are still at, at, Sumo.
Bruno Kurtic:All came prior to Sumo from a security space, security
Bruno Kurtic:compliance space, sim space.
Bruno Kurtic:Um, and when we first started the company, we had the hypothesis,
Bruno Kurtic:especially for the when, when, when, um, data moves to the cloud.
Bruno Kurtic:So we knew we were gonna focus on cloud.
Bruno Kurtic:So that was one, number one thing.
Bruno Kurtic:Number two, we also knew that our focus is going.
Bruno Kurtic:Applications, customer facing mission critical apps, right?
Bruno Kurtic:We weren't necessarily looking to just manage infrastructure where we
Bruno Kurtic:wanted to make sure that we help cus companies transforming into digital
Bruno Kurtic:companies running their mission critical workloads in the cloud, make those
Bruno Kurtic:workloads run well and run secure, right?
Bruno Kurtic:That includes compliance.
Bruno Kurtic:So when we looked at it that way, we realized.
Bruno Kurtic:You know what?
Bruno Kurtic:What the security world and the compliance world looked like on premise.
Bruno Kurtic:Where we used to be before Sumo Logic was that the observability
Bruno Kurtic:data , was coming from the application into the observability tool.
Bruno Kurtic:Security data was going from the edge into the security tool.
Bruno Kurtic:There was very little overlap between security and observability there.
Bruno Kurtic:Once you move that application to the cloud, the perimeter goes away.
Bruno Kurtic:You're running on infrastructure where your hacker might be running
Bruno Kurtic:on the same physical machine on a virtual machine right next to you.
Bruno Kurtic:There is no perimeter.
Bruno Kurtic:There is no way to really kind of think about yourself as as walled off.
Bruno Kurtic:Therefore, security and observability data comes from the same technologies.
Bruno Kurtic:So we had a hypothesis that the data between observability and
Bruno Kurtic:security will be heavily, heavily overlapping in the cloud, which meant
Bruno Kurtic:that economically it didn't make.
Bruno Kurtic:To duplicate it and put it into two different tools because it's huge, right?
Bruno Kurtic:It's gonna cost you too much.
Bruno Kurtic:And we thought from the very beginning, we need to make a technology that will
Bruno Kurtic:have one data, uh, payload under the hood and multiple different lenses
Bruno Kurtic:looking at that data for various purposes of a digital enterprise.
Bruno Kurtic:So that was the sort of premise.
Bruno Kurtic:We think that we were correct at that.
Bruno Kurtic:We, we have.
Bruno Kurtic:We think that we have proven that a hypothesis correct at this point in time.
Bruno Kurtic:And now why?
Bruno Kurtic:Compliance, right?
Bruno Kurtic:When you think about compliance and audit, it's really important when
Bruno Kurtic:you're running an application, right?
Bruno Kurtic:Which contains, you know, your customer's data, your employee data.
Bruno Kurtic:When you're processing credit cards, when you're holding health records, when you're
Bruno Kurtic:running on third party infrastructure, auditors are gonna want to.
Bruno Kurtic:How are you operating your technology stacks in this environment
Bruno Kurtic:that you don't control anymore?
Bruno Kurtic:And so we initially immediately knew that compliance will be a big use
Bruno Kurtic:case for our customers given what business they are pursuing and what
Bruno Kurtic:we were trying to help them with.
Bruno Kurtic:And so we had a two-pronged strategy.
Bruno Kurtic:One was.
Bruno Kurtic:We, nobody will trust us because we were a small little cloud company at
Bruno Kurtic:the beginning of the cloud, so we had to have a third party certify us in order
Bruno Kurtic:to, for us not to have to convince the customer, like, I can't convince a GE or
Bruno Kurtic:somebody like that, that I'm, I'm secure.
Bruno Kurtic:I'm gonna leave that to the auditors.
Bruno Kurtic:So we actually made ourselves go through the rigorous process of architecting
Bruno Kurtic:for compliance and security and actually getting certifications for
Bruno Kurtic:PCI provider level one, hippa, fedra, moderate, all of these things that we
Bruno Kurtic:now hold and that gives our customers a level of security about ourselves.
Bruno Kurtic:Second was we said, Okay, they will then need to also prove their own
Bruno Kurtic:compliance to their own auditors.
Bruno Kurtic:So we.
Bruno Kurtic:will take these techniques, these techniques of understanding
Bruno Kurtic:these compliance regulations and build solutions for our customers
Bruno Kurtic:to actually gather the data.
Bruno Kurtic:Store it in a, in a worm.
Bruno Kurtic:Only write ones, read many, um, non-changeable data store.
Bruno Kurtic:Be able to pull reports for auditors, do it all of that on a regular basis
Bruno Kurtic:in order to provide our customers retooling for compliance auditors
Bruno Kurtic:and for their own regulatory needs.
Bruno Kurtic:So those are the two, That's the two, two-prong strategy for
Bruno Kurtic:compliance that we needed to do.
Bruno Kurtic:And you know, so far it's been working pretty well.
Lee:Do you feel you're a tool that helps companies get compliance, um,
Lee:maintain compliance, or are you a tool that helps companies work, uh, figure
Lee:out what they need to do to become compliant or, or all of the above?
Lee:Where, where's your focus there?
Bruno Kurtic:our focus is to help our customers be compliant,
Bruno Kurtic:run in a compliant manner.
Bruno Kurtic:Prove compliance and maintain their compliance on an ongoing basis.
Bruno Kurtic:We have many of our customers who are basically, you know, payment
Bruno Kurtic:providers, like, you know, modern online payment providers, you know,
Bruno Kurtic:companies like Visa and others.
Bruno Kurtic:And they are basically, you know, using us, many of these pain
Bruno Kurtic:providers using us to essentially prove to they're pci, right?
Bruno Kurtic:And, and they use us to answer questions of their auditors when they come in.
Bruno Kurtic:And, um, you.
Bruno Kurtic:Talk to them about, you know, pulling up specific months of data to, to,
Bruno Kurtic:you know, verify that, you know, the personal, uh, account systems
Bruno Kurtic:have not been, you know, hack into,
Lee:So it's, it's to help the companies maintain compliance.
Lee:Or, and, and if that helps in getting the compliance or helps
Lee:the auditors, that's great.
Lee:But the main purpose is for your, uh, customers to do the things they need to
Lee:do to maintain the compliance that they
Bruno Kurtic:Correct.
Bruno Kurtic:And then you know, you have to, you know, it never goes just like that.
Bruno Kurtic:Right?
Bruno Kurtic:Because, you know, we have a whole cloud sim tool.
Bruno Kurtic:Well, what's the sim all about?
Bruno Kurtic:Well, it's about.
Bruno Kurtic:becoming more secure.
Bruno Kurtic:What's compliance about?
Bruno Kurtic:It's, you know, what's pci?
Bruno Kurtic:PCI is just a set of specific rules on what you need to do to
Bruno Kurtic:be secure in order to, that the industry allows you to process, you
Bruno Kurtic:know, credit card payments, right?
Bruno Kurtic:So, you know, our technology helps customers become more secure, detect
Bruno Kurtic:threats, defend against threats, investigate threats, and then prove.
Bruno Kurtic:To the auditors that they comply with specific regulations that are required.
Lee:So Sumo Logic is listed in the, you know, the Gardner Magic Quadrant
Lee:for, I believe it's the one for security information and event management.
Lee:You're listed as a visionary and so obviously this is a big deal.
Lee:I, you know, the Gardner Magic quadrant's a big deal to a lot of companies,
Lee:but especially when they're, uh, customers or enterprise customers.
Lee:But what specifically does that mean for you and your customer?
Bruno Kurtic:So we're one of the few, very, very few, uh, uh, that are listed
Bruno Kurtic:in both the APM and Observability Magic Quadrant as well as Sim s Im Magic
Bruno Kurtic:Quadrant, which is, you know, sort of the, the manifestation to what you were
Bruno Kurtic:saying earlier that we, we, you know, we, we participated in both of these domains.
Bruno Kurtic:Um, What it means for our customers to be visionary, um, is that, you
Bruno Kurtic:know, we know how to handle their security use cases across the
Bruno Kurtic:spectrum of security, from security analytics, cloud security analytics,
Bruno Kurtic:essentially managing and monitoring their cloud security to compliance
Bruno Kurtic:and auditing all the way to sim.
Bruno Kurtic:And Soar, right?
Bruno Kurtic:We have a so product as well, which is a security orchestration, automation
Bruno Kurtic:response product, which, you know, in that sort of full spectrum, I
Bruno Kurtic:would call it a full stack security.
Bruno Kurtic:But overall, what the, the participation and recognition of the Gartner
Bruno Kurtic:Magic there means is that we check the right boxes and divisionary.
Bruno Kurtic:We are actually innovating, right?
Bruno Kurtic:We are innovating with technologies and techniques.
Bruno Kurtic:Like for example, we have a global intelligence service that we built,
Bruno Kurtic:which is essentially, uh, leveraging our multitenancy and our visibility.
Bruno Kurtic:Into, you know, thousands of different customers infrastructures
Bruno Kurtic:and, and threats that are being experienced, say on AWS, right?
Bruno Kurtic:We have this, we have this sort of crowdsourced engine that is able to
Bruno Kurtic:detect the threats of AWS and then allow customers who are say on AWS to
Bruno Kurtic:compare themselves against a global threat profile and say, Okay, why
Bruno Kurtic:do I have more of these types of threats than what is seen on average?
Bruno Kurtic:Let's say whatever, you know, subset of communities you
Bruno Kurtic:see, let's say on AWS, right?
Bruno Kurtic:It allows you to sort of not be in a silo to learn from the community of experts and
Bruno Kurtic:to actually improve proactively, right?
Bruno Kurtic:So that's one of the reasons, for example, that we are visionaries in that quadrant
Bruno Kurtic:. Lee: So I wanna switch
Bruno Kurtic:So, you know, one of the things that's been coming up in the cloud conversations,
Bruno Kurtic:More and more in recent years, and by recent years, I think specifically
Bruno Kurtic:I'm talking about the last year or two
Bruno Kurtic:is cost.
Bruno Kurtic:And, um, you know, you're e even starting to see, you know, people
Bruno Kurtic:writing about, uh, the backlash about how the cloud is ex is more expensive.
Bruno Kurtic:And, you know, e even pundants , like, like David Linthicum, who's, you know,
Bruno Kurtic:an enterprise cloud expert , has been very, very, very, , um, focused on
Bruno Kurtic:some of his writing on cloud is, is too expensive and it's kind of surprising to
Bruno Kurtic:hear a lot of those sorts of comments.
Bruno Kurtic:And then 37signals . And when I think about this and when I look at it, when I
Bruno Kurtic:analyze what I'm reading in those areas, usually what I find the issue isn't that
Bruno Kurtic:people find the cloud to be too expensive.
Bruno Kurtic:That's what they think the problem is, but usually what it is, is they find.
Bruno Kurtic:And what's usually the problem, I should say, is that the cloud
Bruno Kurtic:is too easy to spend money in.
Bruno Kurtic:And the, the agility of the cloud is part of what makes it more expensive to use.
Bruno Kurtic:Um, there's, of course, you know, that's a very simplistic view.
Bruno Kurtic:It's a lot more detailed than that, but, but cost management
Bruno Kurtic:in the cloud is something that, you know, its day is here, right?
Bruno Kurtic:We need to find ways and techniques to better manage.
Bruno Kurtic:Uh, cost and cost containment in cloud infrastructures in order for
Bruno Kurtic:the cloud to maintain its ability to provide a cost effective solution
Bruno Kurtic:to an on premise data center.
Bruno Kurtic:Now, Sumo Logic is, uh, is in the cost management space.
Bruno Kurtic:So what, what do you do specifically for your customers for cloud cost
Bruno Kurtic:optimization, and where do you see the future of the cloud from the
Bruno Kurtic:standpoint of cost optimization?
Bruno Kurtic:Uh, that's a great question.
Bruno Kurtic:Um, just before I go there, I'll just confirm or agree with you
Bruno Kurtic:a little bit about this sort of whole cost of the cloud.
Bruno Kurtic:My perspective on the cloud has always been, it's not about cost.
Bruno Kurtic:It's about focus on, you know, why should a, you know, a real estate company learn
Bruno Kurtic:how to run and wrap and stock servers.
Bruno Kurtic:That just doesn't make sense.
Bruno Kurtic:Like, you know, and I would, I would, I would venture to say,
Bruno Kurtic:when you do the fully loaded cost, would all of the, um, sort of.
Bruno Kurtic:Spend and, and time spend and talent spend and physical infrastructure, all
Bruno Kurtic:this stuff, I would, I would still argue that I'm not sure that, that it would
Bruno Kurtic:be end up being more expensive, but let's just, let's let the people who,
Lee:again, choir here.
Lee:I completely agree with you.
Lee:And, and that's something I could and have talked for long periods
Bruno Kurtic:Right.
Bruno Kurtic:Uh, I, Exactly.
Bruno Kurtic:So, so, we're, we're we're on the same page there, but I would say that, you
Bruno Kurtic:know, it's important, and I do agree with you, that it's very easy to spend
Bruno Kurtic:money on, on cloud, and then if you're not diligent and you don't clean up after
Bruno Kurtic:yourself, you can see what can happen.
Bruno Kurtic:Right?
Bruno Kurtic:You can be a lot lingering infrastructure just sitting there and wasting money.
Bruno Kurtic:But what do we do for our customers?
Bruno Kurtic:We have, we have, um, we do a few things.
Bruno Kurtic:Uh, we actually just announced recently a, an application that is essentially
Bruno Kurtic:looks at, um, sort of the, the, the data.
Bruno Kurtic:Let's talk about AWS again.
Bruno Kurtic:Uh, that we are collecting on behalf of a customer in AWS.
Bruno Kurtic:We're looking at, you know, how much.
Bruno Kurtic:What, how much of, what infrastructure they're, they're, they're consuming,
Bruno Kurtic:what type of infrastructure they're consuming, um, where are their
Bruno Kurtic:opportunities to reduce that cost?
Bruno Kurtic:What is, what this would look like, you know, if it was, you know, reserve
Bruno Kurtic:spend versus non reserve spend.
Bruno Kurtic:All of these things we do.
Bruno Kurtic:So it's basically breaking down what we see flowing from through
Bruno Kurtic:their data, from their applications.
Bruno Kurtic:We break it down into components that are sort of meaningful costs.
Bruno Kurtic:These cloud providers, particularly AWS, and then we essentially just
Bruno Kurtic:illuminated sometimes, you know, when you look at the AWS bill or Bill from
Bruno Kurtic:other cloud providers, it's, it's, it's not that easy to digest and.
Bruno Kurtic:I'm not gonna say that it's by design like that, but it's not that easy to digest.
Bruno Kurtic:Like we, we've looked at our own, uh, uh, uh, costs and that's why
Bruno Kurtic:there's a cottage industry of, of companies that is always focused
Bruno Kurtic:on, on managing cloud costs, right?
Bruno Kurtic:And, you know, uh, you've seen that.
Bruno Kurtic:The other thing that we do that I think is more, even more unique than, um, uh,
Bruno Kurtic:than this application is again, Um, this global intelligence work that we've done.
Bruno Kurtic:So I talked about it in, in aspect of security, where you can look at,
Bruno Kurtic:hey, what do the threat, what does the threat profile look like and
Bruno Kurtic:what, why look like we're doing this also for observability and cost.
Bruno Kurtic:What does that mean?
Bruno Kurtic:So it means that we, when we, let me use an example of Kubernetes, we are managing
Bruno Kurtic:tens of thousands of Kubernetes clusters.
Bruno Kurtic:We take, you know, on behalf of our customers and nodes and what have you.
Bruno Kurtic:and we are benchmarking those or those clusters to understand what the
Bruno Kurtic:provisioning looks like on average.
Bruno Kurtic:What amount of memory are they consuming cpu?
Bruno Kurtic:Are they consuming what through getting, We're doing the same thing.
Bruno Kurtic:We're looking at things like that are seeing flow through cloud
Bruno Kurtic:drill to look at like instance consumption and databases and latency
Bruno Kurtic:and inserts and all that stuff.
Bruno Kurtic:And we're then benchmarking that and providing that back to customers.
Bruno Kurtic:And we have an application for Kubernetes that basically says, Hey, we've looked
Bruno Kurtic:at all of your Kubernetes clusters and we think that 70% of them are are mis.
Bruno Kurtic:You know, 30% are, um, overspending.
Bruno Kurtic:They're over-provisioned and you know, another 40 are under provisioned
Bruno Kurtic:where you're incurring risk.
Bruno Kurtic:Right.
Bruno Kurtic:We actually had, uh, a customer of ours, Alaska Airlines did the whole
Bruno Kurtic:presentation at our conference on this very topic, is they were able to like
Bruno Kurtic:just turn the sun and all of a sudden, based on the benchmarking of the all
Bruno Kurtic:of the communities clusters, as we see, they immediately understood where
Bruno Kurtic:their gaps were in terms of spend,
Bruno Kurtic:and they were able to remedy those.
Lee:So you essentially treat cost just like, uh, any
Lee:other observability variable.
Bruno Kurtic:Correct.
Lee:That's a great strategy.
Lee:And again, something you can do with a platform that you
Lee:can't do with separate tools.
Lee:So that's cool.
Lee:That's great.
Lee:Hey, are you going to be at reinvent this year?
Bruno Kurtic:Absolutely.
Bruno Kurtic:I've never missed one and we are, never missed one.
Bruno Kurtic:And I will be on this one as well.
Lee:I'm a little envious.
Lee:I've missed the last two.
Lee:Uh, you know, I missed the, the one in the heart of the pandemic and last year I
Lee:was planning on going and then decided it.
Lee:Probably just wasn't quite time yet.
Lee:I decided not to and, and really regret that going, but I am going to be there
Lee:this year, so let's definitely touch bases
Lee:. Anyway, well thank you,
Lee:I want to thank you for joining me today and I look forward to
Lee:talking to you in the future.
Bruno Kurtic:Thank you very much.
Bruno Kurtic:It was a pleasure and any time you're interested to let me know.
Lee:my guest today has been Bruno Kurtic, the founding Chief
Lee:Strategy Officer for Sumo Logic.
Lee:Bruno, thank you for being on modern digital Business.
