Transcript
my co-host for this week's VeeamON 2026. We're here at the awesome location, Krista. Yes. This is sort of a new location here in New York City and VeeamON, we're just coming off of the keynotes. Anand Eswaran basically made the case, Krista, that not only is silicon a bottleneck, not only is power and water and data centers a bottleneck, but trust is the AI bottleneck. And Veeam wants to be the data and AI trust infrastructure layer. He laid out his version of the stack, sort of five layers. There's a missing piece and that missing piece is AI trust. You know, very narrow sort of view of the world in Veeam's perspective, but nonetheless, a correct one. First of all, this is your first CUBE, this is your inaugural CUBE, so welcome. Thank you so much. Great to have you here. We're super excited to have you on board as leading the data resilience and the cybersecurity practice at the CUBE Research. So welcome. What are your thoughts? What'd you think of the keynote? Yeah, yeah, Dave. I think the keynote, so first of all, thank you so much. I'm thrilled to be here. And yeah, in terms of the keynote, like you mentioned, I think Veeam is very adeptly dialing in on this layer that's required in terms of this AI governance. And given the fact that Veeam comes from this standpoint of data backup and increasingly they're moving into data security, that's really a critical layer when we talk about securing this AI security stack for a couple of reasons. The first is that we really need to hone in on the context of data in terms of, you know, how sensitive and valuable is it to the data? And secondly, we really need to kind of make sure that it is recoverable and very resilient from that standpoint. So I see this as a move from Veeam to really be evolving, you know, from those backup routes into kind of this new domain. So Anand Iswaran made the case for Veeam. He went back to the beginning, which Veeam started in 2006, right in the middle of, I mean, the timing was perfect. It was in the middle of the virtualization era. And they aptly, their founders, Ratmir and company named the company Veeam. Everybody confused it with VMware. It was perfect timing for the VMware ascendancy in 2006. They're a 20-year-old company now. And he talked about the various eras. I like to think of it as, okay, there was the virtualization era. And then, you know, Veeam has always been there with the latest trend, making it really simple, taking tough operational problems and simplifying them. So they went from virtualization, obviously cloud, you know, containers, they bought Kasten. And so now, of course, they're talking heavily into the agentic era. They leaned in, as you well know, to the ransomware trend. And bought some products, you know, made some acquisitions around that and built some products around that. And of course, the CEO of security is now on. Anand Iswaran called him his partner in crime. So what's your take on Veeam's progression, its ascendancy, and its ability to sort of map to the fashion of the day? Yeah, yeah, absolutely. I think this acquisition of security shows that it's, to your point, Dave, very dialed in to the key challenges that its customers are facing. I know just in terms of the work that I've done with Veeam personally, they really want to dial into sort of the hearts and minds of their customers. It's always been a core part of their product strategy as well as their messaging. And with this security AI piece, they're adding two key capabilities. They're adding data security posture management, DSPM. And they're also adding capabilities around AI security posture management as well. So they're taking those capabilities like backup and instant recovery, as well as what they've been leaning into in incident response. They made an acquisition a couple years ago prior to the security acquisition of Coveware. And again, now they're adding the security posture management layer, that context in terms of data sensitivity, as well as the ability to understand kind of the security posture of AI applications as well. So a couple of stats Anand shared that they've got 550,000 customers. I mean, that's always been a big number for Veeam. A lot of those are smaller customers, but a lot of those are enterprise customers as well. They've passed the two billion ARR mark. He claimed they have the best instant recovery, a two minute RTO, and obviously very broad workload coverage. We know that about Veeam. They were the first, by my recollection, to do Microsoft 365. I think they were the first to do Salesforce. At the time, people were like, why do we need to back up SaaS? And I think they educated the market on that. So he talked about the first era being fast recovery and broad workload coverage. The second area being cyber resilience. He mentioned post-quantum cryptography. And the third era is agentic. And he talked about all these new rules and several triggers. Trigger number one was the data gravity flips. You've got all these SaaS apps and the data in the SaaS apps is siloed. I want to come back to that. But his point is that every system now with agentic is this live organic system. And he's talking about massive data creation over the next three years. He said 81% of enterprises are running agents. That's interesting. Half of them probably don't even know they're doing that. The second rule was infrastructure spend is enormous, $3 trillion by 2028. But there's 82 agents for every human. That's sort of the trend that we're going to see. And then rule number three is that infrastructure that's trusted hasn't been delivered yet. The trust perimeter is gone. AI changes all that. It melts that trust perimeter. And that is the new bottleneck. And that was the premise of his talk. I want to get your thoughts on that and get to the highlight, which was the director of cyber from the White House. But pick it up from that. Yeah. Yeah, absolutely. I think, again, I do think that this is, I think, again, they're very spot on in terms of that's really the point that customers are trying to secure. And really, it's become the bottleneck, right? So being able to have those operational guardrails as they move AI into production really is a bottleneck today. And I did want to double click quickly. I know, Dave, you mentioned that 82 to one agents to humans that, candidly, I've heard even higher stats over the last couple weeks. And that problem is only going to continue to grow. So what I also really like is that they're leaning not into kind of those data components, but they're also leaning into how can they work with identity providers to secure the privileged access to that data. So I'll personally be really interested to see how that plays out. So the big news today, the highlight of the keynote was Director Sean Cane Cross, who's the National White House Director for Cyber Security. That was kind of a good get by Veeam. And Anand Eswaran spent a fair amount of time with him going through recovery and resilience as a core principle of the public-private partnership. There was a lot of motherhood and apple pie in that conversation. But I will say this about the current administration is much more interested in partnering with the technology community, leaning into tech. They want to be leaders in tech. They want to be leaders in AI. And they've affected policy, whether you like it or not, that is a tailwind for data center buildouts, AI infrastructure, and certainly cybersecurity. There's some debate today in the news around the cyber, I mean, the crypto act that's coming. We know the Genius Act was passed, but there's some friction from labor around the current crypto. But the administration is very leaning forward into technology generally. What did you make of Director Cane Cross's commentary? What are your thoughts on having him here at VeeamON? Yeah, I agree. I think it was a really great guest, Dave. And one thing that I kind of started my notes was Director Cane Cross reiterated the fact that it's not enough anymore just to play defense. And I know that's something you and I have been talking about as we kind of launch this security and resilience practice here at theCube Research, that there really needs to be sort of this operating model that spans from defense all the way through resilience and recovery. So it's really kind of validating to hear that even from a government perspective, thinking about policies, that those are going to be shaped with that in mind. So I also I really liked kind of hearing that. And I also like to your point, his comments on partnerships with the private tech sector, but also with other, you know, kind of public entities in terms of the types of threats and attacks that they're facing. And how do we have better knowledge sharing, I think that's going to be really important as, you know, attack vectors evolve more quickly with the use of AI, which as we know, is available to attackers as well. So I really liked hearing kind of the push and pull between government tech, you know, third party, public sector organizations as well, and how that might shape policy moving forward. So Ishran, we really didn't go deep into the product announcement. We got the preview last night, Veeam's got four new, you know, major announcements, Veeam Data AI Command Platform, Veeam Intelligence Resilience Operations, Veeam Data Platform 13.1. So that's, you know, the cadence continues, and they've, they're launching an AI trusted maturity model that's free for customers. I'm sure we'll be talking about the products today, but it was interesting that Ishran spent more of his time at the strategic layer talking about, you know, what's missing in AI, talking, he talked a lot about their knowledge graph, and the five components of their knowledge graph. He kind of went into that in some detail, which was quite good, I thought. Those areas are security, which is really around posture management, governance, compliance, privacy, and resilience, bringing those all together in a knowledge graph, so that organizations, tech pros, business leaders can visualize where the risks are, they can communicate through natural language processing to the system, identify exposures, and then I guess, I guess remediate in the sense of, where am I exposed? Let's take a snapshot, so that we can recover and take our, you know, a seven-day RPO down to five minutes. That was, I thought, you know, pretty powerful. I have some thoughts on that, but take us through your thoughts, initially. Yes, yeah, I agree. I think a couple of reactions to that, Dave. First, the fact that Anand spent so much time at the strategic layer, I think, shows that practitioners today are trying to figure this out. You know, these, the adoption of AI is disrupting security and resilience requirements very rapidly in real time, and customers are still figuring that out. So, I think having, you know, a CEO like Anand up there talking strategy, I think, makes a lot of sense. And then, in terms of the new command graph that they're launching, I do like that it provides that single pane that kind of touches on those five areas, as you mentioned. You know, I think it's a very comprehensive view, and I think it potentially will help Veeam to bring different stakeholders to the table, and be able to start having more effective conversations around security, around resilience, because they'll have this visual way to see these five layers of the security and resilience model, and be able to really understand where the gaps and risks are, and again, be able to come to the table over that shared data. I think Ishran is right that there is a missing layer. I think they're attacking, you know, one piece of that layer. I would say, just for context, we've been talking about this a lot on theCUBE and theCUBE Research, the real missing layer of the software, new software stack is the system of intelligence, what we would call the system of intelligence, and that's a layer that harmonizes data, and then there are, I'll call them harnesses, or there's scaffolding that connects into other areas like the LLMs. You can't just plug an LLM into a vectorized database and expect results. You've got to have a harmonization layer that interprets the data and the context, but also the processes, okay? That is the missing piece of the new AI software stack. Veeam is not going to solve that. That's not their territory. Think of a Palantir ontology, but that's horizontal across, you know, any application or any workload. That's sort of new territory, and I don't think it's Veeam's role to solve for that, but what that is going to allow organizations to do is to not only track into database people, places, and things, you know, customer, region, you know, products that are sold, you know, logistics, you know, where the product is that you just ordered, but also processes, and if you think about enterprise processes today, they are still stovepipe within the various systems of record. Your Salesforce, your ERP, your logistics system, et cetera, your HR, those are all sort of contain process logic, their own data and metadata, business logic. The promise of AI is to harmonize all those together and break down those silos. That sets up a new capability. So if you think about today, how do we harmonize all that dissonance in the business? We sit down as humans, we have whiteboards, we have exceptions, you know, we talk, we argue, we debate, we have spreadsheets, et cetera. Humans are doing that reconciliation. The promise of AI is it will do that reconciliation and it will capture the state of an enterprise in an enterprise knowledge graph. So the point I'm making is, will the future of data resilience and business resilience be on capturing that state of the enterprise and being able to recover that state and find granularity? In other words, taking, you know, continuous data protection to state of an enterprise where process knowledge is actually incorporated in that way. We talk a lot, Veeam does, about context. Much of the context, if not most of it, is operational and technical metadata. You know, who has access to it? Who has, you know, its identity? Who touched the file? Where does the file live? How old is the file? All that kind of metadata. What it doesn't get to yet, because nobody's really invented that layer, is that process knowledge. So I'd love your response to that. I mean, it's very kind of futuristic. It's not here yet, but that seems to be, to me, to be the promise of AI. Yes. Yeah, I agree, Dave. I think to your point, I'm not sure who exactly will protect that. I don't know that it's going to be a data protection company like Veeam. But I think when you think about, as you referenced, Dave, the institutional knowledge and ultimately the degree to which important business services will rely on that knowledge and those organizations within the company operating smoothly together, that's going to be very important. And I think that's something that, as you're saying, we're seeing emerge with the use of AI. So I agree. Yeah, so Veeam, a very practical company, right? They don't announce products that they, they generally don't announce products that they can't ship. They generally don't ship products that they can't sell. So if you announce the product to capture the state of the enterprise today, you know, it would be a flop because there's no product market fit. Nobody really understands how to apply that to their business. They're just trying to figure out how to get agents to work. Like you said, you've got agents running around the organization and that creates, you know, significant amount of risk. That's where Veeam's focus is today. So I think it's in the right place. But I think there are a lot of changes coming in the future. I mean, they talked about Meethos. They talk about OpenAI's announcement today. Those are things that are very rapidly changing. There's open source models coming out of China that are going to permeate the world. So the whole data protection, you know, higher, the whole storage hierarchy is changing. And that's going to have a ripple down effect on data protection. Your thoughts? Yes. Yeah, no, absolutely. 100% it will. And like you say, it's going to be changing, not only kind of the processes, but also the underlying technology as well. That's going to need to be protected. And it certainly is changing the storage stack as well. So to your point, I think it's not quite where customers and practitioners are today. You know, I think today they're trying to kind of turn the lights on, so to speak, and understand how their company is using AI. They're trying to reduce all of this shadow AI risk that they have. So I think that's where they're at today and where they're going to be probably for the next 12 to 18 months or so, at least. But with, you know, longer time, as we rely more on AI, I do think it will become more of a problem that will need to be solved. So maybe something to consider for the longer term roadmap. Yeah, so we're here in Chelsea at VeeamON 2026. You can see the keynote is just ended. All the audience, the patrons are floating out here, you know, having the lobby con. theCUBE is going to be here all day, wall-to-wall coverage. Dave Vellante for Chris DeCase. We'll be right back, right after this short break. Thanks for watching. you
