Dell Technologies World 2025 | David Noy & Andrew MacKay, Superna.io

More from Dell Technologies World 2025

Andrew MacKay

Chief Technology & Strategy Officer

Superna.io

David Noy

VP of Product Management

Dell Technologies

Info
Transcript

David Noy & Andrew MacKay, Superna.io

Andrew MacKay

Chief Technology & Strategy Officer Superna.io

David Noy

VP of Product Management Dell Technologies

David Noy, vice president of product management at Dell Technologies Inc., and Andrew MacKay, chief technology and strategy officer of Superna USA Inc., join theCUBE’s Jackie McGuire and Dave Vellante at Dell Technologies World 2025 to discuss the future of cybersecurity in enterprise storage. Their conversation highlights new integrations between Superna and Dell’s PowerStore and PowerScale platforms.

Noy and MacKay share how their partnership is addressing the rise of cyber storage threats by securing the data layer and enabling early threat detectio... Read more

David Noy & Andrew MacKay, Superna.io

search

Jackie McGuire

>> Hello CUBE family. Welcome back to Dell Technologies World 2025. I am Jackie McGuire, the practice lead and principal analyst for security. Joined by my good friend and coworker, Dave Vellante.

Dave Vellante

>> Hey, hey.

Jackie McGuire

>> Dave-

Dave Vellante

>> First time we've been working together this week-

Jackie McGuire

>> I know. I know.

Dave Vellante

>> We did it some RSA, but it's good to be with you.

Jackie McGuire

>> I have been getting my steps in running around doing the analyst thing, so it's really nice to be able to show up on camera once. What do you think so far?

Dave Vellante

>> Well, I mean, to me it's all about how you bring AI to the enterprise, that's the big theme here. And a big part of that is securing the footprint and doing so in a way throughout the stack that people can trust.

Jackie McGuire

>> Yeah, I think I love that we're talking about moving the right things to the edge now. I think that's important. And I really think it's fascinating that we've moved back into an era where the hardware is now the focus and the limiting factor because for the last, what, 15, 20 years, the software has been trying to keep up with the hardware. So as a hardware nerd I'm glad to be back on the other side.

Dave Vellante

>> Yeah. We like hardware.

Jackie McGuire

>> Awesome. So we are joined today by David Noy. He's the vice president of project management for Dell. David, thank you for joining us.

David Noy

>> Thank you.

Jackie McGuire

>> Thanks for having us. And with us we have Andrew McKay. Andrew is a chief technology and strategy officer for Superna. They are a partner of Dell. We have some really exciting announcements to go through today, so I'm really happy. I know that... Thank you for joining us, Andrew. I should give you a choice to say hi.

Dave Vellante

>> Yeah, hi. Yeah.

Dave Vellante

>> And we had you guys on at RSA and that was great. Kind of an introduction to our community and it was a good kickoff, so it was great to see you guys again.

Jackie McGuire

>> Yeah.

Jackie McGuire

>> It's great to be here.

Jackie McGuire

>> Absolutely. I know you guys have some really exciting announcements. There's an OEM announcement, so I wanted to get into that. Can you tell us some more about that?

Dave Vellante

>> Yeah, it's been a long time coming. I think David and I have known each other over 10 years-

Dave Vellante

>> That's right.

>> And we've been working on joint solutions with Dell for many, many years. And so this is the culmination of all that effort, all these years, many joint customers in many countries and we're super excited to be partnering even more with Dell and launching three new products.

Jackie McGuire

>> That's fantastic. All right, so can you tell us some more about the products? I know we have some new capabilities and some capabilities that you're expanding, so we can start wherever you'd like to start. Do you want to start with PowerStore, or where should we start?

David Noy

>> Yeah, that was another announcement this week. So we've expanded our footprint. We've been working with PowerScale for many, many years, and so we launched yesterday support for PowerStore, so bringing our technology across the unstructured world for the Dell portfolio. But I think the announcement we want to talk about here is PowerScale and products that have been in the market with over 4,000 customers, depending on our solutions for failover. These will be now branded available globally with Dell, including our security solution and our enterprise vault, AirGap, will also be available globally.

Jackie McGuire

>> Yeah, AirGap seems to be becoming an increasingly popular focus. I think it used to be that we only airgapped environments for clean rooms and data centers and things like that, but I think a lot more enterprises are looking at the security of those solutions and wondering whether everything needs to be fully connected. So that's awesome. So tell us a little bit more about, I know Superna looks at threats at the data layer, so I wanted to talk a little bit about how we typically look at threats right now, how in general the market does and why focusing on the data layer is so important?

>> Yeah, that's a great question. So the state-of-the-art has been, I'll call it perimeter security. Let's look at the endpoints. Let's look at the network. But we've forgotten that the ultimate target of cyber attacks is ultimately data. So the missing link has always been security at the data layer, and Gartner actually gave us a category name, it's called cyber storage. And so we saw this trend back in 2017 when we launched the initial product. And so we feel this is closing the gap for getting better outcomes. If you look in the news today or any given day, you're going to see some evidence of a cyber attack. Ultimately, it's all about the data. And so we figured that the data was the best place to start adding a layer of security.

Jackie McGuire

>> Yeah, that's great.

Dave Vellante

>> So David, you've come back to Dell in a new role. You've had several roles at Dell. Your focus now is unstructured data. Of course, that's what we all talk about is unstructured data because of AI. Maybe you could tell us how you think about the Superna integration and where you're applying it in the portfolio.

David Noy

>> Yeah, so I mean, look, as Andrew said, we've been working with Superna for over a decade now. They know our product extremely well. They have a good relationship between our engineering team and their engineering team. I was most recently covering the data protection portfolio here at Dell, and that's all about the backup administrators finding themselves in the role of the last line of defense. In the case that you got hit by a cyber attack, they're the guys who are going to get you back online quickly. Now that's great, but there's more to it than just getting back online quickly. To the extent that you can actually stop bad guys, figure out what they were doing in real time, that's absolutely critical. What Superna is providing for us is nearly a native integration of the Superna products into our products to look at user behavior and analytics. Do we see something that looks suspicious? How do we detect and respond? And then not just within their tooling but also into the broader ecosystem of tools that exist. That includes integration with CrowdStrike, SentinelOne, ServiceNow, even Palo Alto Networks, and making sure that the security team as well as the storage team have the tools they need to know that an attack is underway, be able to pinpoint that attack, lock out any bad guys, and then be able to get back online quickly before you even have to go to your backups as the last resort.

Dave Vellante

>> The point is a good one, and Jackie, you were sort of referring to before, if airgapped, great, you got that backed up, great that you can recover. But if the bad guys get the data out and they have it then they can still hold you for ransom.

Jackie McGuire

>> Exactly.

David Noy

>> That's right. And so a key part of what Superna is helping us work on is not just the detecting and shutting it down, but even being able to analyze what was exfiltrated potentially. And that's something I think is pretty cool.

Dave Vellante

>> Really? Okay so that-

Jackie McGuire

>> That's always hard because usually attackers are smart, they delete logs, they cover their trace. I mean I think that being able to actually know what you lost is something that enterprises are still struggling with.

Dave Vellante

>> Do risk assessment -

>> Forensics, right? Post-incident. So if you can't figure out how they got in or what they did or what they touched, I'm not sure how you can prevent it from happening again. And so we've focused on exfiltration as well. So everyone talks about ransomware, ransomware, ransomware. But exfiltration is the step before they attack you. So if you break down a cyber incident into before, during, and after. People forget, there's lots you can do before. And if the data layer also gives you clear indicators that something's abnormal. And so we've spent a lot of time looking at the exfiltration aspect of the whole cyber incident, not just the, okay, I'm under attack. What if we could identify it before the attack? So threat hunting is a big aspect of our solution.

Dave Vellante

>> So where... oh, go ahead, please.

Jackie McGuire

>> By monitoring the data and really looking at things as soon as something starts happening to the data, I imagine this really shifts detections much earlier in the process rather than waiting until you've gotten, so it's like, hey, your data was encrypted. It's probably not the best time to get the detection for that.

David Noy

>> Totally. Look, we see the case where a lot of attackers have been in your environment for a long time. The dwell time could be six months, and we're not talking about they've actually done damage, but they're in there.

Jackie McGuire

>> They're waiting. Yeah.

David Noy

>> And they're waiting. To the extent that we can actually figure out who that was or the avenues that were taken to bring an attacker in with their tooling, we can help to make sure that we stop that so that when you do recover, if you have to recover, the attacker's not still in your environment lingering, it can basically just get right back in and re-attack again.

Jackie McGuire

>> Yeah. Yeah. The last major ransomware incident, I helped respond to the company, to your point, they didn't even know what data they lost because they didn't know what data they were sitting on. And so they thought they knew and they were like, okay, well maybe we don't pay the ransom because we're pretty sure what we lost was not that big a deal. And then they started getting emails from the attackers with very sensitive documents in it that they didn't even know they were holding in the store that was compromised. So that observability and kind of the traceability of data I think is critical in terms of deciding how to move forward and whether you're going to negotiate with ransomware risks.

Dave Vellante

>> So where is Superna now in the portfolio? Jackie mentioned PowerStore I know you're there, PowerScale, that's the newest you're in Object as well.

David Noy

>> Object as well. Yeah. We also support ECS, which is now ObjectScale is also, so customers don't have to choose where to place their data to make sure it's secure. Put it on file, no problem. Put it on an object, no problem. So we don't make you choose, we secure your data wherever it lives.

Dave Vellante

>> And your superpower obviously in part is integration. What else? Secret sauce?

Jackie McGuire

>> Well, I'd like to talk about integrations a bit more because I don't want to gloss over that. Incident response is a well-defined process within a security operations center and the security teams was on average have 45 tools, we didn't want to be the 46th tool. We also don't want to train security teams on storage. So how did we achieve this? Well, we built native integrations, over 50 integrations with 20 of the largest security vendors. The goal of this is to participate in the incident response process. If you can't see it, you can't secure it. And so visibility that step one. Step two is we exported some of the capabilities of our detection and response into the security layer. So what does that mean? It means I can give the power to the security team to create an immutable snapshot on the storage. That's a capability they don't have. They're also the front line. They see attacks and firewall logs and phishing attempts, and they see a lot of early indicators, but they don't actually have the tools to protect the data, yet it is their mandate to protect the digital assets of the corporation. We now with integrations, can export just enough of what's required for them to take early response without giving them full access to the storage infrastructure itself.

Jackie McGuire

>> I imagine that eliminates a lot of the kind of back and forth between, does IT own the storage? Does security own the storage? If there's a security incident with the storage, who responds to it? That probably simplifies that whole process quite a bit, huh?

>> Yeah, and generally the conversation that we have with the storage teams, they see the value immediately. I don't want to be up all night bringing data back. So they love our tool, but they also aren't staffed 7 by 24 hours. So they're going to be going home and you need 7 by 24 hour coverage for a cyber incident response process. So it's critical for us to get the alerting and the root cause analytics of what just happened into the people that own incident response. So which user was affected, from which IP address, which SMB shares or NFS exports, a snippet of some of the data that was actually impacted and then more importantly, what did we do to mitigate that, right? So we packaged all that up and it's in a native format. So whether it's ServiceNow or SentinelOne or QRadar or Splunk, the security team gets exactly what they want. And I find conversations with the CISO team is, I didn't know this technology existed. As soon as you tell them what is now possible, the next question is, do you integrate with? And then they just list off the 45 tools. Good news, we have the coverage necessary for all the major enterprises for us to integrate seamlessly.

Jackie McGuire

>> That takes a lot of pain out of the tier one analyst job when you don't have to know six different query languages and context switch and you just get a package that tells you what happened, that's amazing.

Jackie McGuire

>> Yeah. So they can spend more time in the response versus the triage and looking at all the ancillary log data to figure out what happened. We basically packaged it all up, and so now they're immediately in response mode. And obviously the better you respond, the better the outcome for your data.

Jackie McGuire

>> Yeah.

Dave Vellante

>> So David, given we're going through this major architectural shift, massive influx, even greater influx of unstructured data and the opportunity and challenge of bringing AI to your on-prem customers, why is this important? Why now with the Superna relationship?

David Noy

>> Yeah, the AI data is still enterprise data at the end of the day, and it's going to be the largest enterprise, the Fortune 500 who are taking advantage of this stuff to build competitive advantage. But that doesn't mean it's free from incursion and people trying to do negative things, either trying to poison the data, in some way encrypt the data so it's no longer usable. All of the things that bad guys would do, they still do on AI data. And so while we're really thinking right now about the infrastructure, the speeds and the feeds and the latest GPUs and how much performance we can get, we forget that this is still sensitive data. It has to be protected. It has to be protected against people going in and maliciously changing the data in order to actually influence the outcomes of AI training, which is insidious stuff, but it's a real threat. And then on the outcomes of the AI, the actual inference, that data has to be protected as well. So all of the security stuff that we think about typically that applies to enterprise, is still actually still applicable in an AI world.

Jackie McGuire

>> And I imagine the fallout is a lot larger when you're dealing with AI too, because if you've fully trained a model and then that gets encrypted, retraining a model can be millions. So beyond the cost of backup and restore and all of that, I mean when we're talking about proprietary models, that's got to be a nightmare.

David Noy

>> It even goes a level beyond that. It's not just are they going in to actually damage the data or encrypt it in order to get a ransom out of it. They might be going in to actually change the data in order to actually influence the results that come out of a model.

Jackie McGuire

>> Poison the well or feature extraction-

David Noy

>> That's right....

Jackie McGuire

>> going in to figure out how you're using it. Yeah.

>> I'd also add to that everyone talks about AI and AI models and no one talks about trust. How do I trust an AI? How do I trust the answer? Well, we believe the only way to trust an AI model is if you trust the data pipeline that built it. It's foundational. There's data being ingested into a pipeline. If it's being manipulated along the way, then how could you possibly trust the answers that the model was used to create? So this solution that we're talking about can absolutely secure a data pipeline from the beginning all the way through the model process, and apply a zero trust concept. So these are the machines that are allowed to touch my data. These are the users that are allowed to touch my data. And if you can't do that in real time, how do you tell a customer that the answer that the AI produced can be trusted? Well, you need to trust the pipeline.

Jackie McGuire

>> I agree. Trust is security's number one currency. Right?

>> Yeah.

Jackie McGuire

>> Awesome. I think that's actually a great place to leave it because trust is what we need. So Andrew, David, thank you so much for joining us. Really appreciate it and really exciting stuff.

>> Thanks.

Dave Vellante

>> Thanks guys.

David Noy

>> Great. Thank you.

Jackie McGuire

>> Thank you, everybody. Live from Dell Technology World 2025. It is the end of the day if you can't tell. This is Jackie McGuire, for Dave Vellante, we'll be back with more insights on theCUBE Live.