Prashant Mascarenhas, senior vice president and global business head – cybersecurity and GRC services at HCLTech, and Josh Karp, global security lead of GSIs at Google, join theCUBE’s Dave Vellante at the RSAC 2025 Conference. They discuss the evolution of their strategic partnership, sparked in part by Google’s acquisition of Simplify IA.
Mascarenhas shares how agentic AI and automation are reshaping operational efficiency and accelerating security operations center response. Karp explains why deep engineering collaboration takes precedence over transactional partnerships in today’s cybersecurity landscape.
The conversation also explores the impact of broader ecosystem alignment and what integrated solutions mean for global clients. Their insights reflect a joint commitment to building scalable, intelligence-driven managed detection and response offerings.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For RSAC Conference 2025
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSAC Conference 2025.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to RSAC Conference 2025
Please sign in with LinkedIn to continue to RSAC Conference 2025. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Prashant Mascarenhas, HCLTech & Josh Karp, Google Cloud Security
Exploring Strategic Synergies in Cybersecurity: A Conversation with HCL Technologies and Google Cloud at RSAC 2025
Prashant Mascarenhas, senior vice president and global solutions head of cybersecurity at HCL Technologies, joins Josh Karp, global lead of Global Systems Integrators at Google Cloud, in an insightful discussion on the evolution of their strategic partnership, captured at RSAC 2025. Their dialogue with Dave Vellante, co-founder and co-CEO of SiliconANGLE Media, Inc., provides insights into the collaborative journey of these two industry giants.
In this engaging video session, Mascarenhas and Karp highlight the genesis of their partnership, tracing its roots to Google's acquisition of Simplify and HCL's previous utilization of the Simplify automation solution. Vellante explores, alongside theCUBE Research hosts, how this relationship strategically aligns with their broader ecosystem partner programs and how it contributes to delivering comprehensive Managed Detection and Response solutions to clients.
Key insights from the conversation include the emphasis on sustaining strategic relationships that go beyond mere transactional engagements. According to Karp, the focus remains on fostering partnerships that extend into engineering and marketing realms. The discussion also covers advancements in artificial intelligence, such as Agentic solutions, with Mascarenhas describing its role in enhancing operational efficiency and response times within Security Operations Centers.
Prashant Mascarenhas, HCLTech & Josh Karp, Google Cloud Security
Prashant Mascarenhas
SVP & Global Solutions Head, CybersecurityHCLTech
Josh Karp
Global Lead of GSI'sGoogle Cloud
Prashant Mascarenhas, senior vice president and global business head – cybersecurity and GRC services at HCLTech, and Josh Karp, global security lead of GSIs at Google, join theCUBE’s Dave Vellante at the RSAC 2025 Conference. They discuss the evolution of their strategic partnership, sparked in part by Google’s acquisition of Simplify IA.
Mascarenhas shares how agentic AI and automation are reshaping operational efficiency and accelerating security operations center response. Karp explains why deep engineering collaboration takes precedence over tra...Read more
exploreKeep Exploring
What led to Google Cloud Security starting a partnership with HCL?add
What benefits did the acquisition of HCLTech bring to Google Cloud?add
What are some of the key considerations and goals when it comes to jointly designing Agentic solutions and implementing generative AI work in the SOC and MDR space?add
What has Google Cloud security been trying to do from day one?add
Prashant Mascarenhas, HCLTech & Josh Karp, Google Cloud Security
search
Dave Vellante
>> Hi, everybody. Welcome back to Moscone West. This is Dave Vellante and this is day three of our RSAC 2025 coverage. John Furrier is here, Jon Oltsik, Jackie McGuire, all in the house, and the entire CUBE team. We're really excited to have two great guests, Prashant Mascarenhas, who's the senior vice president and global solutions head of cybersecurity at HCL Technology. And the Googler Josh Karp, global security lead of GSI's at Google Cloud. Just coming off of Google Cloud next. We were in like the GSI corner. It was awesome. I felt like customer-centric just by hanging out in that area. So it was like the value add corner. So really appreciate you guys spending some time with me here.
Josh Karp
>> Likewise.
Dave Vellante
>> So where's the, let's go back to the beginning of the relationship. You guys were just sort of chatting, sort of figuring out how you guys got together, but can you share how it all started?
Josh Karp
>> Yeah, so if you actually look at our overview and our goal with the GSI group at Google Cloud Security, our concept is fewer, better partners. So we've got a ton of people coming to us wanting to partner with us, and we're consistently saying no because we want a smaller, more dedicated group that acts as an extension of what we're doing. And HCL came to us through an acquisition that we did of a company called Simplify. HCL was using the automation solution by Simplify prior to our acquisition. We acquired Simplify, and they kind of came on board through that and after long, long discussions and looking at kind of the synergies between us, realized they would make a great partner for Google Cloud security. So they're actually only one of five GSIs that we work with total, and they've been terrific partners. We were just saying that was about three and a half, almost four years ago now.
Prashant Mascarenhas
>> Three and half, four years ago. And Google Cloud security is part of a larger ecosystem. So Google Cloud for HCLTech is part of our ecosystem partner program. So there's significant work that HCLTech does with Google Cloud in our customers multiple different solutions that we've built, lots of joint go-to-market offerings. So I think the acquisition ended up being very synergetic. It helped us grow an existing partnership that was there for us. On the security side, it obviously meant we got continuity of a technology that we had deployed. There was a lot of investment that HCLTech had already done on the Simplify platform from an automation standpoint. A lot of work on the detection engineering side, a lot of work on the automation side, lots of playbooks. So when we sat down together, we spoke about what was the vision four stack position. I think we realized that it kind of still aligned to what we wanted to do jointly for our customers. They are a very core part of our MDR solution stack and we've kind of kept growing from there, right? We've kept building on top of that.
Dave Vellante
>> It's interesting, Josh, what you were saying, because we sometimes in the cube call them Barney deals. I love you. You love me. Let's do a press release. So I mean, other than revenue, what kind of indicators or metrics do you look at to identify that subset of...
Josh Karp
>> Yeah, partners. So funny, I just came from a conversation before here with another GSI who's, "Hey, we've got three great deals for you. We want to bring these deals." We're not interested in three deals. We are interested, again, in an extension of what we're doing, not only in the sales team and the partner team, but in the engineering part on the PM side, on the marketing side. If you look at what we want, we want partners who can grow with us. We're still growing, we're doing acquisitions, obviously large, some very large acquisitions. And so we're still growing. I mean it's unbelievable how fast the product, the organization, the leadership team is growing. And we're looking at partners who can kind of take that journey with us. We just announced something this week called SecOps Labs, Google SecOps Labs. And the idea around this is kind of an early release view to customers who want to opt into this to take advantage of new features, new functionality that we have within the platform. About 75% of Google Labs is going to be fueled by partners like HCL and that's exactly what we're looking for. Let's figure out together, where does the product need to go? Where does Google Cloud security need to go? Where does the feature and functionality need to go and the overall platform? And that's exactly what we're looking for.
Dave Vellante
>> So obviously everybody's talking about Agentic here. It's like I was just talking to George. It's like fashion our industry. And when you look at our surveys with our partner ETR, really only about 3% of a recent survey last week we closed the survey about 500 respondents, only about 3% are really sort of aggressively adopting Agentic across multiple use cases and across their platform. So early days, but everybody's excited about it. Okay, cool.
Prashant Mascarenhas
>> Absolutely.
Dave Vellante
>> But last year, couple of years the discussion was around gen AI. So when I think about gen AI, the gen AI adoption curve, that's going up the curve. I think about things like alert triage, threat intelligence, maybe tuning our policies a little bit, and there may be others. But what are you seeing on the boring old gen AI is passe going to use cases? And that's-
Josh Karp
>> So 2024.
Dave Vellante
>> Right. How it is. But it's actually happening. So that's where customers are, the technology community, the vendor community is obviously moving faster than the customers can absorb, so what are you seeing actually working with gen AI? Thinking about ML and Deterministic has been around for a while, but particularly the new AI, what are you seeing?
Prashant Mascarenhas
>> Yeah, I think it's an interesting point you make, Dave. As I was saying earlier, there's lots of investment that we made along with Google on the Chronicle stack. SecOps has been a strong platform. A lot of work that we are now doing forward-looking really comes off the back of what we've done together in the past. A lot of our generative AI work today, especially as we start looking at Agentic solutions, is essentially building on both the operational maturity that we have, the automations that we've built together, the knowledge base that we've built together, deploying these solutions for customers, operating it for customers, and then looking at metrics and looking at areas that we can drive efficiency in. So I think jointly designing Agentic solutions is the way that we are looking at things going forward. And in the SOC space and the MDR space, we are definitely looking at a very, very structured approach of how do we build persona-based agents and then really agents which can help our existing analysts. We want to obviously give them more efficiency. We want to find ways of cutting down the time to detect, but also how do we bring in a lot more context into things that are getting done? How do we improve speed of doing response actions? So there's so many thoughts that we have in terms of what are we doing and Agentic AI is really that next step of the partnership.
Josh Karp
>> And to me, the things that I guess where I interact with what we're doing the most around that really simple things actually. If you look at writing a detection rule, you're seeing a new threat within your environment, you need to tweak a rule or create a rule from scratch. I've been in security for years and years now, and there's a new language, new, YARA, whatever it may be
Dave Vellante
>> There's always an acronym.
Josh Karp
>> Always some new acronym.
Prashant Mascarenhas
>> Some three letters.
Josh Karp
>> Something that people need to learn to interact with tools like ours, well those days are kind of coming to an end where you can say in plain English, "Hey, go detect whatever, tweak it with plain English." To me just something that simple is really, really cool. And those are great examples of how people are actually interacting with AI within Google SecOps today. We also now take it to the more recent end of that spectrum. This week we announced all of our Agentic AI capabilities that we're releasing within SecOps, again with partners like HCL. And that's just going to be amazing once it is mature and people are using it on a daily basis. But just the very simple AI things, if you look at the lack of security analysts able to work in a SOC today, especially the L1, L2 level analysts, there's a huge shortage. And so something as simple as create a rule or go find every instance of this threat within my environment, something as simple as that is just so helpful within a SOC because of that lack of knowledge.
Dave Vellante
>> So it's interesting the point you're making about speaking in human language. There's a flip side of that. So initially people were really concerned and probably I'm sure still are, about the ethics, the bias, the legal exposures, the hallucinations, so what governance frameworks are you guys putting in place to make customers feel more comfortable about implementing, whether it's gen AI and now Agentic?
Josh Karp
>> Yeah, I think Google is in a really good spot when it comes to that type of thing and AI in general, to be honest. If you look at, AI is all about the data that a model is trained on. Who sees more data than Google? We're almost at an unfair-
Dave Vellante
>> .
Josh Karp
>> There you go.
Dave Vellante
>> The creator.
Josh Karp
>> Right. I mean, we're almost at an unfair advantage when it comes to that. And so I think because of that, and we're also not jumping on the bandwagon to just get features out as quick as possible and throw this out there to the world. We do really, really extensive long testing, maybe longer than some of our customers would like, but in the end, I think that turns out to be beneficial to everyone. I think that with, again, kind of the Labs feature that we've announced this week, I think that gives us a chance to, you see now not a lot of companies are doing beta release and early release. Again, they're just trying to get stuff out there quickly. So I think we're taking that side of things very, very seriously.
Dave Vellante
>> And are you seeing that? I mean, obviously there's still ethical considerations. Are customers more comfortable today? I was talking to a bank recently and they were like, "We're going to move fast, but we're not breaking things." So where would you say they are on that? I mean, Josh mentioned maturity, we're still not there yet, but have you noticed Prashant a discernible sort of change in customer attitude and comfort level with the whole ethical question?
Prashant Mascarenhas
>> I think the ethical question is a very important thing that customers are looking at as they start driving adoption. The entire aspect of responsible AI is playing in big, especially when we start looking at enterprise adoption. Risk management is a big element, so really looking at risks from various different aspects. I mean the data, privacy of data, all of those elements are kind of something that all customers are very, very cautious about. There's always projects that happen on the side somewhere, right? Someone's doing things. But when you start looking at mainstream adoption, when you start looking at enterprise-wide projects, I think the risk management frameworks that are getting deployed, the architectural considerations that we start looking at, when we're looking at what data's getting exposed, those things are kind of playing in a big way and there's a lot more awareness of it. So I would say there's optimism and there's caution at the same time, right?
Dave Vellante
>> At Google Cloud next we got a great dose. It was really impressive what you guys showed. John Furrier called it AI Everywhere All At once, like the movie. And so I want to talk about your play and your strategy. I mean, it is AI embedded everywhere and you guys made the point that you're the only hyperscaler with a true foundation model.
Josh Karp
>> Correct.
Dave Vellante
>> Which was kind of interesting point. Some people might say, "So what?" I'd love to get your thoughts on that. Why does that matter? And then you've got the developer angle covered with Vertex, you've got all kinds of different, Flash and other Gemini, and it's just pretty impressive what you guys have. So what is the play in AI and can you address, Josh what is the so what? Why does it matter that you guys have a foundation model? Why does that give you an advantage?
Josh Karp
>> Yeah, so if you kind of, I'm actually going to use an analogy almost. So we have Google threat intelligence, GTI. A lot of companies have threat intelligence, right? There's great companies. You just had CrowdStrike in here. It's where I came from before Google. They've got terrific threat intelligence. But then because we're Google, we have all of the threats and all of the intelligence that we gather from the Chrome browser, we have all of the phishing information that we gather from Gmail. We have VirusTotal, which is the world's largest malware library. We see more traffic than anyone else on the entire, we've now taken all of that, brought it together, and that is Google Threat Intelligence versus all these other companies who again, have terrific threat intelligence, but it's only gathered from maybe the incident response engagements that they do or them watching what they can see on the internet. Again, Google is almost at an unfair advantage because we have the browser, because we have Gmail, because we have Google Docs, because we have all these other things, they're not necessarily security-related, we're able to bring all of that together and offer what no one else can. And I think AI, we're in a similar spot with AI when it comes to that. We own the cloud, we own our own infrastructure. We're able to do it faster than most companies. We're able to do it cheaper than most companies, and we have much more data to train models than most companies. Again, we're at an advantage due to all of that resource that we have.
Dave Vellante
>> And you're really good at security. I mean, look at, we're a Google shop. Google and Amazon is basically our IT, and we couldn't secure it ourselves, and I sleep better at night because of that. We're not perfect because we have the shared responsibility and sometimes we miss.
Josh Karp
>> And that's a great point. I mean, that's exactly what Google Cloud security has been trying to do from day one is give the public same security that Google uses internally. If you look, from day one on my laptop, I've been using basically Zero Trust Chrome Enterprise browser without even knowing it, right? I never type in my password on my Google laptop. Now we're offering that as productized to the general public, but it's all built based on what we use internally.
Dave Vellante
>> I don't know my passwords anymore. I don't know...
Josh Karp
>> None of us should.
Prashant Mascarenhas
>> That's something we should be getting rid of.
Josh Karp
>> Yeah. That's
Dave Vellante
>> Absolutely.
Prashant Mascarenhas
>> Passwords, right?
Josh Karp
>> I've already been outspoken about that.
Prashant Mascarenhas
>> The biggest threat vector that's used to launch most attacks, most exploited element in most enterprises.
Dave Vellante
>> You solve that problem?
Prashant Mascarenhas
>> Well, we work very closely with partners. I think it's always a combination of great technology, getting it right from an adoption standpoint, making sure that you don't break the user experience. I think getting some of this tech rolled out always translates into how is the user looking at it? Are you breaking user experience, so ensuring that you don't really break user experience. We've come from that era where security used to be pushed at the back of the room.
Dave Vellante
>> People process right up front now. Guys, thanks so much. Really appreciate it, and congratulations on the partnership. I love the focus and look forward to hearing more at future events. Thank you.
Josh Karp
>> You definitely will. Thank you very much.
Prashant Mascarenhas
>> Thank you for having us.
Dave Vellante
>> You bet. All right, and thank you for watching. This is Dave Vellante for John Furrier, Jackie McGuire and Jon Oltsik. We'll be right back with RSAC 2025, day three. You're watching theCUBE.
Dave Vellante