Welcome to the Episode 361, part of the continuing series called “Behind the Scenes of the NetApp Tech ONTAP Podcast.”
If you’ve ever worked an IT support job and had to do on-call rotations, you probably know how noisy things can get with alerts and events – especially when they get sent to your phone or work device. I can recall rolling out of bed at 3AM to the sound of alerts on my phone, only to realize that most of the alarms were either false positives or things that were not high urgency.
That gets old fast, and you start to tune the alerts out. Naturally, that’s when the big outage happens and your boss wonders why you didn’t respond quickly enough.
That gets even more complicated when you are dealing with infrastructure that you don’t even own – such as the cloud. Good luck tracking down where the problem is in your environment or where a potential security vulnerability might be hiding out. It’s like finding a needle in a haystack.
NetApp Spot Security aims to simplify your cloud security monitoring by providing a single interface to monitor multiple clouds, notify you of potential misconfiguration issues that might lead to breaches, filter out noisy events so that you only get the important alerts, and much more.
Spot Security PM Isma Rizvi (firstname.lastname@example.org, LinkedIn) joins us to tell us all about what’s new with Spot Security in the Spring 2023 release!
For more information:
Finding the Podcast
You can find this week’s episode here:
I’ve also resurrected the YouTube playlist. You can find this week’s episode here:
You can also find the Tech ONTAP Podcast on:
I also recently got asked how to leverage RSS for the podcast. You can do that here:
The following transcript was generated using Descript’s speech to text service and then further edited. As it is AI generated, YMMV.
Episode 361: NetApp Spot Security – What’s New in Spring 2023
Justin Parisi: This week on The Tech ONTAP podcast, we talk all about cloud security and how NetApp Spot Security can help you identify multi-cloud misconfigurations before they become security incidents.
Podcast Intro/Outro: [Intro]
Justin Parisi: Hello and welcome to the Tech ONTAP podcast. My name is Justin Parisi. I’m here in the basement of my house and with me today I have a special guest on the phone. Isma Rizvi is here. So Isma, what do you do here at NetApp and how do we reach you?
Isma Rizvi: Hey. Hi Justin. Thank you for having me on the call today. I’m the product manager for Spot Security, which helps customers have a safer journey in public cloud. You can reach me at email@example.com or Isma Rizvi on LinkedIn. That’s me.
Justin Parisi: All right, excellent. Before we get into Spot Security and cloud security and all that, tell me about Spot. What does it do and how can it help us?
Isma Rizvi: Spot by NetApp is a one stop solution for all of your cloud ops needs, which means that your finops, your DevOps, your security, everything under the same hood of Spot, so you can actually just onboard your cloud accounts and do management of your cloud, do cost reduction of your cloud, secure your cloud, store your cloud, create workflows for your cloud. Everything under the same hood of spot by NetApp.
Justin Parisi: So I understand that Spot has a subset of products and one of those is Spot Security. This is what we’re here to talk about. So tell me about Spot Security.
Isma Rizvi: Spot Security is a comprehensive cloud security solution built exclusively for your public cloud. What it does is that it gives you 360 degree visibility of your risk. When I say that, I mean it will tell you what are your misconfigurations? What is your compliance posture? What is your risk impact?
What is the posture of your overall organization versus your asset groups? The threats that are coming in your environment, anomaly that are coming in your environment? Literally all of the security findings under the same hood and multi-cloud. So you get to see not just for one public cloud, but for all of your public clouds.
Justin Parisi: Okay. And you said a 360 degree view. So talk to me about that. What does that mean?
Isma Rizvi: Essentially what that means is that as soon as customers onboard their cloud accounts onto the Spot Security platform, our engines start running in three different directions. One is that we start scanning your environment.
We start scanning your a hundred percent inventory for any kind of misconfiguration. So by the way, we are completely agent less assessment, so you don’t have to deploy anything, you just have to literally plug in your cloud accounts and it can happen within two minutes also. And we have bulk onboarding as well, taking onboard all of your cloud accounts in one go.
So we start scanning your environment for any and every kind of misconfiguration, which is out there. From there, we start mapping which of these misconfigurations are a breach in compliance, which assets are at risk, which regions are at risk, and so on. The second thing we start doing is what we call the risk impact map.
The way Spot Security risk engine works is that it does not consider a risk in silo. What it considers is that this risk can further impact another asset in the network. So another asset, which is, for example, one hop away in the blast radius of this risk, even those will get impacted. Now this visualization is literally available for every risk in your environment and customers even get to see how far is your crown jewel from an attack surface or how far is your crown jewel is from let’s say, an asset which is having critical vulnerabilities, right? So that’s the second piece that the engine starts working is creating a blast radius of every security issue.
The third thing is that, and this is one of the biggest challenges that they have, the very high signal to noise ratio. So what Spot Security does is that it goes through all of your events, understand what kind of events they are, are there configuration change events, are there data change events?
Are there events with auditor compliance impact, et cetera. From there, think of it as a funnel system. It filters out the events, which have at least one security issue associated with it so that you get to focus only on the ones which are potentially breaching any best practice.
From there, it further filters out and says that, okay, I’ve understood your environment for 24 hours or so, and I think that this event looks a little out of ordinary. So we do anomaly detection on top of it. So imagine 1 million events. From there, we say that these thousand events look anomalous to us.
Please have extra focus on it. And we give you all the tools on the product, such as the event impact map, the trail logs, historic events, session events, that the SOC teams can actually sit and analyze these issues in detail. Further from there, we again do a filter and say that now these particular anomalous events looks threats to us.
How do we do that? We look at those events and then we see that any of these events are they leveraging MITRE ATT&CK framework, any of the tactic or technique of the attack framework in cybersecurity. So we looked for events which can be potential threats, and we flag them to the customer.
And the customer can actually create notifications on top of them to inform their SOC team as soon as there is an event that happens in their environment, which is a potential threat. This is what we do when we enter your environment. We go through all the possible kinds of data to give you the right kind of analytics, to give the right kinda findings and prioritized recommendations to fix those issues.
Justin Parisi: Does Spot Security support doing this with multiple clouds and on-prem all in the same instance? Or do I have to have separate instances for each cloud and each on-prem? What can it actually do to consolidate all that?
Isma Rizvi: Spot Security is built for public cloud, so it won’t support anything on-prem. Currently we support AWS and Azure and all of the findings, everything on the platform can be looked. in a consolidated manner, which means that if you want to look at your threats, your events, your misconfigurations, you can see it all together for Azure as well as AWS together.
Or you can use filters to see them separately.
Justin Parisi: Okay. And you mentioned that this thing flags anomalies and that sort of thing, so if I’m a Spot Security admin and I see something get flagged, what’s the next step for me?
Isma Rizvi: Spot Security allows you to firstly act and secure in the right manner. We understand that customers will have thousands of misconfigurations and events in their environment. So firstly, we give them the list of things that they should be first focusing on.
We have a concept of highest impact recommendations, which considers things like attack surface, things like not just the asset, which is at risk, but all the other assets affected by that risk, the number of assets affected by that risk. And logic like, is your S3 more vulnerable compared to your RDS based on the industry data?
So using all of those combination is what we give you the highest impact recommendations. So the admin gets the top hundred things that they should be focusing on now. From there, we further give you the guided remediation guidelines on how to make that fix in their environment. We do that and we have one of the most comprehensive remediation guidelines because we give you guidelines in three forms.
We give you a ready to use CLI script, just copy, paste and run it in your environment. We give you the console steps along with screenshots and everything that you know, where to click, how to go about fixing this issue if you’re using the AWS or Azure Management Console. And thirdly we also give you ready to use Python scripts.
So you can just automate remediation at your end using the Python scripts that we’ve given on the platform. Apart from that, you can turn on notifications based on severity. You know, you would not want to turn on notification for every asset which is at risk, right?
So you can actually create custom logic and create notification policies just for the assets that you cared about. And the admin team, the SOC team, the IR team will be notified as soon as there is a breach that has been detected.
Justin Parisi: Okay. And you know this is a NetApp product, but it doesn’t necessarily mean that you only scan NetApp things, right?
This is scanning anything in the cloud.
Isma Rizvi: Yes, everything under the public cloud. So all the default services which are offered by AWS and Azure, which includes your EC2, your cloud trail, your VPC buckets, et cetera, your ELBs, RDS, so on. And same goes for Azure. Your load balancers, virtual machines, security groups, et cetera. So anything that your public cloud provides, is what we scan.
Justin Parisi: So there’s this meme basically of cloud being someone else’s computer, and it’s not entirely inaccurate. You have other people managing these services and hardware and infrastructure pieces, and the idea is that you lease the compute, you lease the storage, and that’s what cloud is.
That said, security becomes a big concern because you are no longer necessarily in control. So talk to me about the current state of cloud security and why we need to worry about security and why Spot is important to use in these situations.
Isma Rizvi: This is something that we keep hearing from some of our customers as well, where we ask them some very simple questions that when your developer spins up an EC2 instance or when they spin up an S3 bucket, is anyone really looking into it, looking the misconfigurations? How do you get to see whether they’re best practice or not? And more or less, the answer is that "hey, it’s on cloud." So it most probably will be based on at least the best practice default configurations. But I’ll tell you that just this year in January is when AWS mandated that every S3 bucket will by default be encrypted. So even such basic configurations are not by default available when you start using cloud. The customer is in fact responsible, end to end for the security in the cloud. And the service providers are responsible only for the security of the cloud, which means just the hardware and the software running on it.
But everything else is our responsibility. So that’s where this blurry line and on top of that cloud being so complex, with limited visibility, high signal to noise ratio, we are seeing customers having a lot of challenge, such as just giving us simple things, do you know how many EC2 do you have?
Do you know how many cloud accounts do you have? And so on. That’s the kind of things that we keep hearing as pain points when it comes to cloud adoption and that is why actually, if you look at data, data says that close to 99% of all the breaches that happened last year were due to misconfiguration and mismanagement, and it took 244 days on an average for a customer to identify and remediate a breach in cloud due to misconfiguration, which means that we are giving an attacker close to nine months to enter your environment, plan the next steps, leverage escalation, and end up impacting your organization. So when it comes to cloud, because of the complexity, because of the limited visibility, because of the lack of knowledge as well, because the adoption for cloud is increasing so fast. But the same speed as that is not with the teams being well-versed with cloud best practices.
These are some of the reasons why we keep hearing that when it comes to cloud, it’s all about, you know, pray and hope in the industry. Most customers don’t have the right visibility of whether or not they’re safe.
Justin Parisi: Yeah. And you may have a false sense of security because yes, there is someone else managing it and you’re assuming that there’s nothing for you to do, but in reality, there is a layer of security steps that you have to take on your end to comply with regulation, to comply with best practices. And what I’m hearing is that Spot helps you nail all those things down in an easy, defined way.
Isma Rizvi: Exactly. And a lot of our customers, because they use third party tools and very recently actually we heard one of our customer pointing this out they use third party tools for DevOps and stuff like that, which asked them to create a user role, a custom role in their cloud environment.
Spot Security will even uncover if that custom role is safe or not. Does it have the right MFA enabled? Does it have the right access enabled, et cetera. So, that’s where the tool comes very handy because it looks into all of your cloud interaction with the outside world to tell you that these are the things that are not as for best practice and you should be looking in.
Justin Parisi: So does Spot do like a pen test type of approach to security? Does it basically look for vulnerabilities and try to alert you to where those might be? Or is it just basing it off of a template of things that it’s got listed or is there other things involved that help Spot operate better?
Isma Rizvi: So there are two, three things that we start analyzing the moment you plug in your cloud accounts.
Firstly we assess the perimeter so we can look into what are the configuration settings of all of your assets in your environment. All of our security rules are backed by the standard, you know, NIST, CSF, CIS, and the likes of it. All of our security rules are coming from the industry standards, so we start checking your entire environment based on these industry standards and flag that this doesn’t have the right configuration. For example, an S3 bucket being open to public. So we start scanning for these kinda misconfigurations. Apart from that, we also start scanning your events. So your AWS and Azure generate events via cloud trail activity events, activity logs, et cetera.
Right? So we start analyzing all of it events as well to flag anything suspicious. So that’s where we look for any kind of open vulnerabilities, as in misconfigurations, which can be leveraged by an attacker.
Justin Parisi: I think that sort of thing’s valuable because I remember my days as being on call.
You’d get a bunch of texts from your alerting system, and it’s like, I don’t know what is important and what’s not. It’s 3:00 AM and I’m getting alerts about these things I don’t care about. Spot sounds like it’ll only take the things that are really important and notify you of those so that you can focus your time on the things that matter instead of becoming basically dead to alerts. Eventually you just start to ignore them cuz they’re overwhelming.
Isma Rizvi: Exactly. Exactly. And this is the problem that we keep hearing from our customers, and therefore everything in the product is extremely customizable. Firstly it’s customizable in terms of what do you want to be notified on, for a lot of times there are assets, which needs to be open to public or there are production accounts which need to have certain kind of configuration. In that case, we have a concept of risk accepted in the product where you can actually suppress and alert so that we will not notify you unnecessarily if you are accepting that risk.
Another thing is that most competitors out there all they look into is what is the severity of the risk? But what we look into is not just the severity, but along with that, the attack surface, the number of affected asset, the blast radius of the risk, the severity or the criticality of the kind of asset that it is.
So all of those combination and then now focus on these things only. We don’t want you to focus on these 5,000 things, but these hundred things as of now. So that’s how on every level, we are trying to reduce the signal to noise ratio significantly for the customer.
Justin Parisi: What spawned this podcast is that there’s a new set of features with Spot Security. Tell me about those. What’s new in this Spot Security release?
Isma Rizvi: Yeah, so firstly we are a multi-cloud solution now, so we support AWS as well as Azure. Another thing is that we’ve added new ML technology to do anomaly detection as well as threat detection.
And our threat detection are actually mapped to the tactics and techniques of Mitre ATT&CK framework. The last time we spoke, we were talking about that Spot Security is a CSPM solution which is just misconfiguration in compliance management. But now as we speak, you get three products in the same product. So one is the CSPM solution. We have the threat detection and response as well as something that we call policy engine. Now, a policy engine allows you to create asset groups and visualize their permissions in the cloud environment.
Now, think of it like this. The security admin team, they spend a lot of time going through each and every role. IAM user, group, role, S3 bucket, et cetera. Look at their permissions, look at if the policy statement says that they have access to public accounts, they have access to internet, stuff like that.
In Spot Security, you can actually just write a query. Show me all the assets which have access to public accounts, external accounts, specific internal accounts, et cetera. And you can actually just create a policy engine map and visualize that for that asset group. So that’s a huge, huge operational effort that we reduce for the customer as well as they can flag very easily that your internal admin team necessarily doesn’t have to have a public account access, so you’ll be able to flag those things instantaneously. Another new concept that we’ve brought in is the concept of asset groups, where you can actually create an asset group for assets which have been tagged in a certain way in your cloud environment or they’re of a particular region or they contain certain sensitive information, et cetera.
So you can create an asset group, visualize that in the topology map where you’ll be able to see that what are the potential communications happening in that asset group map. What are the potential communication happening with different subnets in this asset group?
And which of these assets have an attack surface? And furthermore, also get a compliance posture of this asset group. So think of it like you can run queries of assets, sensitive information, PII data, and visualize on the same page whether they are complied with GDPR or not. So those kinds of things are very exciting, new features that we’ve brought into the product in the latest release.
Justin Parisi: So you mentioned it, it can tell you if you comply with something like GDPR. Does it have a stock set of regulations and compliance that it can compare against? And if so, does it get updated regularly when new regulations are added? .
Isma Rizvi: Yeah. So currently we support close to 12 different compliance, and that includes your most common one, which is your GDPR, NIST-CSF, NIST-800, you know, 53, 52.
HIPAA, PCI-DSS, et cetera. They are regularly updated. For example, very recently we are updating our ISO-27001 compliance to the latest one, which is 2022 version. So yeah, as soon as there is a new version that gets updated or there is a new compliance, for example, you have the CMMC or the Essential Eight, these kind of compliance are in the pipeline for us to have support on the product as well, based on customer requirements.
It’s an ever-growing list.
Justin Parisi: Yeah. I mean, with something that’s cloud native, you can update it on the fly and customers don’t really have to know that it’s happening. It just gets updated.
Isma Rizvi: Yeah. Yeah, absolutely.
Justin Parisi: So as far as this policy engine goes, I come from the NAS world, and policy engine to me means something I think very different. So policy engine to me is something like NetApp’s Fpolicy, where I can do file extension blocking and I can scan files within a volume to see what sort of things are out there. Your policy engine in Spot Security sounds a bit different.
Is there any way Yeah. To get file visibility currently with Spot Security, or is it simply just configuration with your multi-cloud solutions?
Isma Rizvi: Yeah, it is the latter. So right now it is misconfigurations as well as event analysis. But we don’t go inside the file systems to flag for policies.
It is in the roadmap, however, to do governance side of things. So we allow customers to create a custom policy such as if there is a new S3 bucket, which is spinned up with so and so configuration, terminate that instance, something like that. Those things are coming in the next quarter in the product as well.
But our policy engine is basically the IAM policies, permissions, do they have duplicate permissions or not? To analyze all of those things in the product.
Justin Parisi: It sounds like a lot of these things are building blocks to other feature functionality. For example, when you do threat detection and anomaly, that could eventually evolve into, Hey, this is ransomware, or, Hey, this is a phishing attack.
Isma Rizvi: Yeah, that’s exactly what our roadmap is. So currently what we do is that we look into all of your events and look into that these events, whichever events are actually leveraging to the Mitre ATT&CK tactic and techniques starting from initial access all the way to impact. So for example, we look into that, okay, this particular event is leveraging default credentials with a little movement. So it is a potential attack. But the next step from here for us is to highlight which tactic and technique are specifically leveraged for a ransomware attack. So we’ll be able to even tell you that this threat, it’s not just any attack tech. This is for ransomware versus for phishing, versus a BEC, et cetera. So that’s exactly what the roadmap for this feature is that we’ll be able to predict which threats are relevant for ransomware phishing, BEC, et cetera.
Justin Parisi: And will there be integration with things like ONTAP to kick off snapshots or leverage some of the feature sets inside of ONTAP to help remediate these breaches or attacks? Or is that simply just something that an admin has to do on their own.
Isma Rizvi: So not the ONTAP route, but auto remediation is something that we do have in the next six month roadmap, where a customer will be able to, a) specifically select that they want to turn on auto remediation for which kind of assets or for which severity of breach. So they’ll be able to do that, so in that case, we’ll take some write access for the customer and we’ll be able to run auto remediation codes for them. It won’t happen via ONTAP because primarily right now, at least in the next one year of roadmap, we are focusing completely on the resources which are available by default, by the public clouds.
Justin Parisi: Okay, so cloud focus only right now, and then eventually, maybe more specifically, down to the storage level, whether it’s Cloud Volumes ONTAP, or the Cloud Volume Services.
Isma Rizvi: Exactly. Yeah.
Justin Parisi: Okay. All right. So let’s talk about getting access and installing and administering. So if I’m a Spot Security admin, and I’ve listened to this podcast, I’m like, man, this sounds good. I wanna try this out. Where do I go first?
Isma Rizvi: So it’s very simple. By the way, we are running a 30 day free trial for our customers. So all they have to do is sign up on the Spot instance. They can just go to spot.io and they can request. That is one route.
Another route is that they can literally just go on the Spot instance such as console.spotinst.com, sign up. Create their organization onto the Spot platform and once they enter the Spot platform, they just have to plug in their cloud accounts. It’s a very simple onboarding process and there is tons of documentation on the product itself that they can just use to get guided in this process. It’ll take not more than five minutes for them to be able to onboard their cloud accounts onto the Spot and Spot Security platform. Within half an hour of them onboarding, they’ll start seeing all of the findings, which I talked about, your risk analysis, your event analysis, your anomaly detection.
Everything will start coming up and from there they can create notifications, remediation, et cetera.
Justin Parisi: So what if I hate reading documentation? Can I still set this up pretty easily?
Isma Rizvi: Yes, the steps are on the product itself. So when you click on "Add a cloud account," it’ll literally guide you step by step on where to click, what to do, what to make change in your cloud environment to give us permissions to access your account. So, yeah, it’s all there and by the way, if you are using AWS organization in your AWS cloud accounts, you can actually onboard all of your dependent accounts in one go. All you have to do is onboard your master account and everything else will get onboarded automatically.
Literally we’ve gone on calls and it takes not more than five minutes to do the end to end onboarding, so yeah, that’s where it is.
Justin Parisi: Okay. And I imagine there’s some videos out there of you guys doing this sort of thing as well.
Isma Rizvi: yes, there is a demo video that the customers can find on YouTube as well.
Justin Parisi: Okay, so once I’ve set up my cloud account, it automatically starts to scan. I don’t have to do anything from there. Do I schedule these scans? Does it happen on a default schedule?
Isma Rizvi: They happen in real time. So as soon as any new activity is observed in your cloud environment, it’ll get published on Spot Security in real time.
So just the first can, will take close to half an hour for us to onboard your accounts and start running our rules engine. But after that, everything is real time.
Justin Parisi: And what’s the licensing model? Is it pay as you go? Is it a capacity based thing? Is it compute based? How does that work?
Isma Rizvi: So it’s a SaaS subscription. So the customer has to pay for the year. So one year, two year, three year subscription model. And the customer has to pay upfront. It completely depends. The pricing is based on the number of EC2 or virtual machines that the customer has in their environment. While we scan more than 25 different types of assets, we only charge you for the number of EC2 instances that are running in your environment. And the computation of that number is based on the number of hours. We consider as one EC2 when it is running literally for 24 hours, 365 days. Otherwise, the way that we do it is that you can onboard, let’s say if you purchase for hundred EC2 instances, but you have 200 EC2 instance on day one, running for 12 hours, it’ll still be considered as a hundred because 200 ran only for half a day. So the computation is literally by the hour so that it’s very fair to the customer. And any kind of workload fluctuation is also adjusted by consumption on an hourly basis. The cost is $99 for one EC2 for a year.
Justin Parisi: You mentioned all these different configuration possibilities and a number of EC2 instances. In some cases, I might not necessarily have full visibility or even knowledge of how many I have. So this 30 day Spot trial, does it have a calculator that can help me figure out the cost before I decide to buy it?
Isma Rizvi: Yes, yes. So we firstly have an inventory page so you can look at how many EC2 instances do you have in total. And then we have a page in the product called the license management, which gives you the list of all the assets onboarded versus the number of billable asset. So based on how many hours did we scan your instances for?
It gives you the billable asset number as well. So usually customers in the first month, they get an idea of what’s the average going to look like, and then any other workload fluctuation of any which we managed by this hourly consumption thing, so that is not something that the customer should be worried about.
Justin Parisi: Okay. So it makes it a lot easier to figure out how much this actually gonna cost you.
Isma Rizvi: Yes.
Justin Parisi: Because when you talk about all these different instances like, man, that can get complicated. But if you have just something that tells me, then that’s fine.
Isma Rizvi: Yeah. The inventory page gives you all the data, how many EC2s you have, how many other assets you have, et cetera.
Justin Parisi: Okay. So with Spot Security, tell me about how it’s different from some of the competitors. Like what does it offer that maybe other competitors cannot?
Isma Rizvi: The primary difference is the way that we look at risks. The way that we look at risk is that we don’t look at them in silo. So your crown jewel might just be very secure based on its own configurations, but it may not be secure because it is connected to an asset which is at risk or disconnected to an asset which has an attack surface because all that the hacker is looking for is the weakest link in your environment. That’s it. And if your crown is somehow linked to your weakest link, even your crown jewel is at risk. That kind of visibility, that kind of logic in when we show you the highest impact recommendations and so on is very different from the rest of our competitors.
Apart from that most of our competitors, especially the cloud native solutions you have, if you’d use Security Hub, you have to purchase Defender separately for Azure. For us, it’s all multi-cloud and unified in a way that you can get Azure as well as AWS onto one single platform. Again, going back to competitors, a lot of these companies have different solutions for different kinds of findings.
For example, you have Security Hub for the CSPM piece, as in the misconfiguration piece. Then you have Guard Duty for the threat detection piece and other tools for your policy engine piece. What we do is, club everything together. So give you a multi-cloud and unified cloud security solution. And the cost is cheaper than just purchasing one of these products from your cloud native solutions, and not two or three.
Justin Parisi: All right. Isma sounds like we got a lot of good things to think about with Spot Security. So if I wanted to find more information about Spot Security, where would I go to do that? .
Isma Rizvi: So you can just go to spot.io and from the products page select Spot Security. It will give you what the product does, all the blogs that we keep publishing, as well as a way to request for a demo.
So that’ll, directly reach to us and we can reach out to you to get you started. Apart from that, we keep publishing blogs on LinkedIn and our YouTube page, et cetera, so you can get more and more information from there as well.
Justin Parisi: Well, thanks again for joining us and talking to us all about Spot Security.
And whenever you have something new, feel free to stop by again.
Isma Rizvi: Absolutely. Thank you so much for having me on the call.
Justin Parisi: All right. That music tells me it’s time to go. If you’d like to get in touch, send us an email to firstname.lastname@example.org or send us a tweet @NetApp. As always, if you’d like to subscribe, find us on iTunes, Spotify, Google Play, iHeartRadio, SoundCloud, Stitcher, or via techontappodcast.com. If you liked the show today, leave us a review. On behalf of the entire Tech ONTAP podcast team, I’d like to thank Isma Rizvi for joining us today. As always, thanks for listening.
Podcast Intro/Outro: [Outro]