Investor Relations Fireside Chat Series: Security

Friday, June 4, 2021

Virtual Meeting

Transcript

20:32

Vasu Jakkal, CVP, Security, Compliance & Identity
Harvinder Bhela, CVP, M365 Security, Compliance & Management
Hayete Gallot, CVP, Modern Work and Security, Worldwide Commercial Business
Brett Iversen, General Manager, Investor Relations

Brett Iversen:
Welcome, everyone. I'm Brett Iversen, general manager of Investor Relations. This is the second in our series of videos, focusing on strategic areas that are top of mind for our investors. Today's discussion will focus on our security business, including our investments across security, compliance, identity and management. We've brought together some of our key leaders to answer your most frequently asked questions. We have Vasu, who's responsible for our security business. Hayete, who leads our sales efforts in this space. And Harv, who leads our product and engineering for Microsoft 365 security, compliance and management.

As always, we'd welcome any feedback on specific topics, the format, or other suggestions you might have after you view the video. Please reach out to our Investor Relations team directly with any feedback. With that, let's kick things off. I'll start with a question for Vasu. To some degree most investors and customers are aware Microsoft has a security business with security compliance, identity and management offerings, especially after we disclosed the business was over $10 billion in our Q2 FY21 earnings call. However, to level set our audience, could you start by talking about Microsoft's strategy and approach to the security market?

Vasu Jakkal:
Thank you so much, Brett. It's so great to be here with you and Harv and Hayete. Now, our approach to security is unique. And what we bring to the table are two security superpowers, a unified end-to-end approach, and world-class AI and automation powered by eight trillion signals daily. With these superpowers we can tackle security from all angles and do it at scale. Brett, we combine security, compliance, identity and management as an interconnected whole. We give our customers a complete end-to-end solution for meeting today's complex tech landscape. Now, we do believe that we get a great vantage point because of that and with this great vantage point we can think about security holistically. We can protect our customers comprehensively. We are incredibly honored that more than 400,000 customers in 120 countries trust us for their security and they use our solutions across the spectrum.

Another important point is that we don't just secure everything Microsoft. That's a big myth. We help our customers have the same holistic security across all their platforms and all their clouds. This helps organizations simplify the complex, build a more effective security posture and achieve better outcomes.

And lastly, as defenders ourselves, we know that we must protect people wherever they are at, no matter the device, app, data and network, especially as we enter the hybrid world. As such, we believe zero trust, which I'm sure you've heard about before, is the cornerstone of effective cybersecurity. And we embrace this model ourselves. We've given our customers a complete solution to embrace it too.

Brett Iversen:
For those who may not be familiar with zero trust, could you explain?

Vasu Jakkal:

Yeah. It's a big word and we use this a lot. So what zero trust essentially is it's a mindset, a framework, a model, an architecture that assumes all activity, even by known users could be an attempt to breach systems. It requires all users, no matter if you are in the corporate network or you're not, to be authenticated, authorized and continuously validated before being granted or keeping access to apps and data.

And this approach really leverages advanced technologies, such as multi-factor authentication, conditional access and password-less identity, modern device management and next gen security and compliance technology to verify the user's identity and really maintain system security. To break it down and deconstruct it, it has three pillars. One, verify explicitly. Two, use least-privileged access. And three, always assume breach.

This is a significant departure, Brett, from traditional network security. Where once someone was inside the network, they were trusted. And I always tell customers because we got a lot of questions on this. If you're wondering where to start, begin with a strong cloud identity foundation as a first line of defense. Gaps in protecting identities like weak passwords or lack of multi-factor authentication are really opportunities for an actor to find their way into the system and move laterally across the environment, targeting things like email and source code and critical databases, plus, plus.

So part of zero trust is also taking a holistic approach to integrating extended detection and response tools and security information events management, or SIEM. And this helps customers understand and improve their posture protection and response across their digital estate.

Now, finally, let's not forget of that strong “inside out” compliance protections, that address risks related to data and need to part of the zero trust architecture. It is important that zero trust approaches address multi-cloud and hybrid environments so customers can address risk across their entire digital estate. The investment community may be interested to know that part of our own zero trust approach for Microsoft employees that we now require multi-factor authentication for all users that access the corporate network. And doing this has made us more secure and also allowed to really do away with passwords. In fact, nearly 100% of our full-time employees now opt to use password-less authentication. There's a benefit to our employees, but it's also making us more secure, Brett.

Brett Iversen:
I'm one of them. Thanks, Vasu. My next question is for you, Hayete. From a customer perspective, how does security fit into their digital transformation priorities and how has this changed over the last year with COVID?

Hayete Gallot:

Well, with the increasing focus on digital transformation and now hybrid work security is front and center. Every one of our customers is asking for help with their security posture. And across those conversation, we see a few themes.

First, like Vasu mentioned, customers want to create a seamless and secure experience for every employee, from the information worker to the frontline worker. And that's driving demand across identity access management solution like Azure Active Directory for single sign-on and multifactor authentication, as well as Microsoft Endpoint Manager for mobile devices and app management.

And then customers want consolidation and cost saving. Without giving best of breed capabilities and quality, those that invested in technology from point solution providers are discovering that it's like playing a game of whack-a-mole, trying to anticipate and respond to so many decentralized threat alerts. And when there are silos and gaps in between solutions, that means opportunity for threat actors.

Hayete Gallot:

So customers are looking for us to help them stitch together their security estates, both by providing best of breed and best of integration solutions like Microsoft Defender, Azure Sentinel, Microsoft Cloud Security and Microsoft Information Protection. This approach further helps customers connect silos and remove the gaps that they may have in their portfolio.

Next, customers recognize it is time to modernize their security operation. And to remediate risk they're actually looking for AI and automation capability. An area where Azure Sentinel and Microsoft Defender are very well positioned.

But customer focus is not only about digital asset. They need to protect physical assets and infrastructure like factories and supply chains. And the Colonial Pipeline incident is one example of this type of cyberattack and the key implication it can have on everyday life. So customers are looking for help to connect physical assets with the cloud. And this creates an opportunity for Azure Defender for IoT, where customers get visibility in their IoT devices that are connected to their networks and can monitor them against compromise.

Compliance is another big consideration. Customers are dealing with complex regulatory environment, privacy concerns, as people move in and out of the company. They're turning to us to help them manage those risks and build trust.

And finally, it's about skills and talent. The worldwide cybersecurity skills gap is estimated to be about four million professionals. And with this shortage and the sophistication of the attacks we're seeing customers are just overwhelmed. So we believe we can also help our customers build skills internally within their company so that they can respond effectively.

Brett Iversen:
And recently we've seen more sophisticated cyberattacks. So what is Microsoft doing to help? And what has been the customer reaction?

Hayete Gallot:

Well, the sophistication of cyberattacks and the attack surface has been rapidly increasing. The threat landscape has never been more complex or challenging. And in many ways, unfortunately, these recent incidents have further motivated customers to improve their poster and quickly move to zero trust, driving increased demand for our integrated end-to-end solution.

While any security incidents will require Microsoft as a first responder, we also work with our broad security ecosystem so that we can coordinate a better way of protecting against those attacks. Our Microsoft Threat Intelligence Center works with our security partners to trace the activity of the attacker. And then what we do is we take additional actions, including integrating this intelligence into our solution. As an example, we can update Defender to detect malware components of an attack and alert customers via threat analytics and also with our targeted attack notification. And we can use Defender to block the malware and shut off the attackers.

The specific incidents aside, many customers are asking us for help to review their security postures. Ultimately, customers see value and differentiation in how we're able to connect between identity, endpoint, app, cloud, data, and infrastructure, and be informed by our own operational security posture, which analyzes trillions of signal every day. In addition to our technology solution, we can also match them with specialized human services, including Microsoft consulting services, Microsoft threat experts, customer engineers, and our DART services, detection and response team.

At the end of the day, the interconnectivity, the signal with cloud scale AI, the operational excellence, and a combination of automation and human expertise is the way we can help our customers with those incidents.

Brett Iversen:

Harv, one of the biggest pain points, security vendors hear from customers is around the fragmentation of the market. Can you talk about the current competitive landscape and how Microsoft looks to address this? Why are customers choosing Microsoft and where does Microsoft still have more work to do?

Harvinder Bhela:

Sure, Brett. I know customers today, they currently are using many different security products. Those security products are like a complex web of point solutions with many gaps between them. These growing threats that the customers face is growing need for security. It has led to a ton of industry investment, and I feel really proud of how the whole industry has risen to meet this need. It also has become this “six blind men and the elephant” story, where every person only sees part of the entire picture. A typical enterprise customer might be using over 50 different security products from many different vendors, and these products are not built to work together with each other. So, while the attackers, they can see the whole picture, the defenders, they can't see that entire picture. So, when an attacker breaches an organization, they immediately look to exploit this siloed architecture to move laterally until they find something valuable. So, these gaps in between the products, they can be devastating for customers. Having too many fragmented security products has actually become one of the biggest security problems for the industry.

This is why today's CISOs, they're looking to reduce this complexity, they are prioritizing integrated end-to-end solutions so that the defenders, too, can see the full picture. This has many benefits. For example, one, it improves the security. Number two, it reduces costs, and then finally, number three, it helps free up that critical security talent to focus on what is most important, to focus on the things that truly require that human ingenuity, rather than spending all of their time trying to stitch together those different products.

That doesn't mean that the customers have to pick between best of breed or best of suite, that's not a choice any customer should ever have to make. That's primarily what we set out to change at Microsoft, and we wanted to offer customers both best of breed, as well as best of suite. You have to offer the most effective market-leading products in the categories and also have a complete solution that works together across those categories, across identity, endpoint, email, cloud apps, and infrastructure. It works in a seamless way to help defenders see that full picture, too, and be the superhero that the world needs them to be. We believe that no one else in the world provides this combination, this best of breed plus best of suite solution the way we do. Really proud of our ability to do that.

Now, the success of the strategy is highlighted by how the industry views the market. We are now a leader in five different Gartner magic quadrants, including endpoint, access management, CASB. We are also recognized as a leader in six different Forrester Waves, including endpoint, email, and security analytics platforms.

At the same time, we also recognize that no one in the world can solve this security problem alone. You can see our commitment to this in the Microsoft Intelligent Security Association, or MISA. We have 175 different independent security vendors and security service providers, and they have built 250 different integrations with Microsoft products. Together, we are helping organizations take a holistic end-to-end approach to security. Because of this end-to-end approach to security, I believe that's why more and more customers are choosing Microsoft for their security needs.

Brett Iversen:
Super helpful, thank you. Before we move into the strategic pillars of our portfolio, can you talk about how Microsoft prioritizes our investments across the security business?

Harvinder Bhela:

Sure. We feel quite grateful that we are able to invest very significantly to go help protect our customers, protect our communities. At a high level, we invest in security across five different areas.

So, number one, we want to provide the most secure cloud globally, it means investments in AI, automation, human intelligence, spanning physical security, code security, and SecOps.

Number two, from a product perspective, we are working hard every day to become the best of breed in every category. We are excited that our products are recognized as such by Gartner, by Forrester, and also loved by our customers. We need to keep investing in this in a big way. As one example, we recently acquired a company called CyberX, it's now part of our Azure defender for IoT product. It further extends over endpoint security to the factory floor, to the critical infrastructure environments.

Number three, in addition to best of breed, we are insanely focused on best of suite. We have brought together our security capabilities across identity, across endpoints, across email, cloud apps, infrastructure, all in one place in Microsoft Defender. That, together with Azure Sentinel, what it does for customers is it unites detections and investigations, and hunting and response, all in one place, across the customer's entire estate.

Number four, we support multi-platform and multi-cloud, so that Microsoft, we don't protect just our own products, but everything that the customer has and uses. For example, our Defender for Endpoint product is now available for Linux, for Mac, for Android, for IOS, in addition to Windows. In cloud security, we have built new capabilities, like Azure Arc, that extends security broadly to all cloud workloads, running in AWS, running in GCP in addition to Azure.

Finally, fifth, with partnerships, we invest through peer collaboration, building a more complete solution for customers together with partners, commitment to standard setting, focus on public policy work. These five priorities, building the most secure cloud globally, the best of breed in every category, the best of suite across all categories, multi-platform and multi-cloud, great partnerships. These are the five priorities for us in the security business and that's what guides our investments in this space.

Brett Iversen:
Vasu, within our identity pillar, we often hear about Enterprise Mobility and Security, as well as Azure Active Directory. Can you help investors understand, what is the best way to think about our strategy here? Can you talk about how we play in the endpoint management space and how this can tie to our strategy in identity?

Vasu Jakkal:

Brett, as digital transformation accelerates, we're seeing an increased migration to the cloud, and this has been particularly true, as you know, in the last 12 months as many more organizations embrace remote work and now, we're seeing the shift to hybrid. The goal always has been, and will be, to enable every organization moving to the cloud with simpler, but at the same time, more effective security. So, our Enterprise Mobility and Security suite, or as we call it, EMS, gives organizations just that. In EMS, we combined our two leading products, Cloud Identity and Access Management, and Unified Endpoint Management. Each of them is a best of breed product, recognized as a leader in this category, as Harv talked about, by independent analyst firms like Gartner. So, they are powerful individually, but together, they're stronger and they amplify each other's protection because of their tight integration.

Now, let's take our Cloud Identity product, Azure AD as an example. Azure AD gives customers a solution to secure identity and access to every commercial online service. Through things like single sign-on and multi-factor authentication, they can authenticate their identity with little friction and maximum security. They can also do so not only with Microsoft services like Azure or Office 365, but also with any third-party app or service. In fact, Brett, I don't know if you know, but we have over 425 million monthly active users securely using Azure AD. In addition, we also offer Azure AD Premium, an advanced solution for the differentiated security and governance value. Our paid customer base, which are customers that choose Azure AD Premium, has already grown to more than 300,000 customers worldwide.

And by natively integrating our endpoint management tool, Microsoft Endpoint Manager, formerly known as Intune, with advanced capabilities in Azure AD, like conditional access, gives EMS the breadth, the power, and the versatility that is really hard to match. For example, customers can create unique Conditional Access policies informed by Endpoint Manager. Capabilities like Conditional Access, the policy engine at the heart of our zero trust solution.

So effectively with EMS, we are helping customers modernize their security beyond the perimeter defenses and really adopt an advanced integrated user and device identity for the modern perimeter-less world.

Brett Iversen:
I love it. Thanks, Vasu. Could you talk more about multi-cloud and open ecosystem as one of the strategic growth priorities? How does this show up in our identity pillar as we often hear that Microsoft is only for Microsoft, and you talked about Azure AD being an identity solution for Microsoft apps?

Vasu Jakkal:

Yeah. I love dispelling myths, and that is definitely one of the most common myths that Microsoft solutions, like Azure AD and our Defender Threat Protection solutions only work with Microsoft. Our strategy is to protect customers across their multi-cloud and hybrid environments. In fact, one of our leading priorities Brett, is helping customers connect all their apps and resources to Azure AD.

Now while most deployments start with the adoption of Azure AD for Office 365 apps, many organizations then proceed to connect all their apps to Azure AD. I'll share some stats that I have. Forrester estimated a 123% ROI, with more than $8 million NPV over three years for large enterprise organizations that standardize app access on Azure AD. Currently, as I shared earlier, Azure AD provides secure access to over 425 million monthly active users, including a paid customer base of over 300,000 customers. And just in the last year, usage of Azure AD, the third party apps, has increased by 85%, which further speaks to the reach and usage of our solutions across our customer base.

Brett Iversen:
Love it. Can you help investors understand what you consider to be a security investment versus our other pillars? Is it just threat protection and Microsoft Defender, or is there a broader approach?

Vasu Jakkal:

Yeah, that's a great question. So security investments are about protecting everything from workloads, to data, to devices, to apps, to people across any cloud and any platform. We fundamentally want to give our customers choice and amazing security. So it's a huge surface area. To give you a sense of the scale, Microsoft Defender blocked more than 30 billion threats on email and nearly 7 billion threats on endpoints over the past 12 months alone. Those are whopping big numbers. We think about the investment across the whole attack cycle in four parts: Threat protection, security operations, cloud security, and application development.

In threat protection, our first pillar for security, which you can think of as threat detection and response capabilities, but also prevention capabilities. We have Microsoft Defender and Azure Sentinel. Microsoft Defender combines best of breed, endpoint, email, identity, and cloud workload protection. But we don't just deliver those as individual point products - we bring them together as an integrated solution through the Microsoft cloud, as Harv was talking about earlier. And now in the industry, this type of integration and this type of integrated protection is becoming quite popular and familiar as Extended Detection and Response, or XDR for short, and it continues to grow in importance because when you try to protect these things in isolation, both Hayete and Harv talked about it, you create silos. You can miss the big picture. And when that happens, you're opening an opportunity for attackers to exploit.

So in our second pillar then moving on, SecOps. Take that and extend that to Azure Sentinel, a cloud native Security Information and Event Management solution or SIEM. Our SIEM connects to third party security tools, as well as Microsoft Defender. And this really provides a bird's-eye view of threat activity across the entire enterprise, XDR meeting SIEM, for the best of all worlds. And when attacks start increasing in sophistication Brett, defenders must have more sophisticated and comprehensive tools to fight them. We have to stay a step ahead and we believe that it is really critical to combine these two perspectives, these two superpowers for better efficacy.

Now, the third pillar that I mentioned is Cloud Security. Here we are focused on breaking down the traditional silos of the security industry for better effectiveness. We integrate Microsoft Cloud App Security and Azure Security Center with Azure AD, our identity solution, for stronger, smarter security and with Data Loss Prevention, our compliance solution, for better information protection. So again, it's that end to end.

And our fourth pillar is about protecting that first line of code, layer up. As such, we are bringing to bear security for the full application development cycle, with GitHub advanced security. And unlike point solution vendors, we're able to help our customers secure both custom-built and commercial SaaS apps from development, to deployment, to usage.

Brett Iversen:
Harv to bring you back in, so recently we are hearing more about our momentum in the risk management and compliance space. So how should investors think about our offerings here?

Harvinder Bhela:

Brett, I believe that there's a ton of opportunity in this space because you have to think about protecting from the inside-out and not just outside-in. We believe we can also help customers address the significant pain points they have in navigating a complex regulatory environment. In this space, our offering has four pillars.

Number one is Microsoft information Protection and our unified Data Loss Prevention, or DLP solution, for the enterprise. This solution helps customers protect and govern data wherever it lives. It could be in an email attachment, in a document on SharePoint, could be stored on premises, could be shared with others in the cloud. And this is critical because information is the fuel that businesses run on. It's proprietary and confidential, it's governed by regulations in some industries, and it's what attackers are ultimately after. That's the first pillar.

The second pillar is Insider Risk Management, which is also critically important. Some of the most difficult threats to defend against, they come from inside an organization. About half of the breaches are from inside of the organization, and they're not always intentional. And I think Hayete mentioned this before, that insider threats are some of the biggest concerns for enterprises today, especially with the rise in remote workforces. So we have an Insider Risk Management solution that helps customers quickly identify, detect, and act on those insider threats. We also have a Communications Compliance solution that helps customers minimize the communication risks in Teams and email and Yammer. And we often refer to these solutions as a form of “inside-out” protection.

Our third pillar is called Compliance Manager, and this helps customers manage the highly complex regulatory compliance environment they live in. They need help to keep up with all those regulations that apply to their business across all those geographies. They also need help to understand how to implement the controls across the apps and the clouds, and to comply with the unique regulatory footprint. So Compliance Manager gives them an easy-to-understand compliance score so they can cut through all this complexity. They can measure the improvement over time easily.

And finally, the fourth pillar is about tools that help you with investigation and response and discovery. We have an Advanced Audit solution and an Advanced eDiscovery solution. These help the organizations find relevant information quickly, cost effectively. To take an example, Advanced eDiscovery provides an end to end workflow to preserve, to collect, to analyze, to review, to export content for your organization's internal or external investigations, and to respond to legal matters. In the past year, these four pillars Information Protection and governance, Insider Risk Management, Compliance Management, discovery and response. These four pillars, they have seen some great rapid adoption, usage, and love by our customers. We're very excited about the solutions we have in this space.

Brett Iversen:
Thanks for that. In our Q2 earnings cycle in January, we shared that our security business generated over $10 billion in revenue in the last year, growing over 40% year over year. Vasu, how should investors think about our security revenue and where it shows up in our financials, and how does this align with our go-to-market strategy?

Vasu Jakkal:
Brett, another great question. So breaking it down, first, the $10 billion number is significant because it underscores the trust our customers place in us. It also underscores the competitive differentiation we have, and the real inflection point in security spending. I think that it may have surprised some people who haven't traditionally thought of us as a security leader. And as you mentioned, we grew over 40% year over year, which is just incredible to see, given the size of our security business and the reach of our security business. So we believe it's a testament to our unique approach and also to the significant focus we've placed on security, as far as outlining all the investments, which is so foundational to everything they do. We've invested, and we will continue to invest in our products, in our people, and in our technology, because we believe we bring a lot to the table and that differentiation is what you see in our results. And I would love for Hayete to add more to this.

Hayete Gallot:

Thanks, Vasu. Yes, in terms of how this aligns to our go to market strategy, we talk with customers about solutions. We don't lead with pricing and packaging, and really we use our secure and compliance score combined with workshops to build a vision and roadmap for how they can modernize. We start with our customers on where they are in their journey. We work with them on a total cost of ownership and business value case to help them know where to consolidate and how much they can save. It's common for us to help customers consolidate dozens of endpoint solutions from third parties and save millions of dollars annually. On average, we integrate over 40 categories and offer approximately 60% cost savings so it resonates deeply with customers.

From a monetization perspective, let me clarify. There is two buckets for us. The first is our M365 per user model. And the second includes our consumption-based offerings. With Microsoft 365 E3, customers get Azure Active Directory, Windows Defender Antivirus, Data Loss Prevention, Device Health, and Endpoint Manager as part of the suite. As they move up to M365 E5, they get advanced threat protection with Microsoft Defender, advanced Compliance, and then they get premium Azure AD, Cloud App Security as well, or CASB capability. And customers can buy that as part of the suite, or they can buy it as a standalone package as E5 Security or E5 Compliance SKU.

For Azure consumption-based model, customers can purchase Azure Sentinel, which is our SIEM capability, Azure Defender - our extended detection and response solution, Azure Defender for IoT, Azure Network Security and Azure Firewall.

So from a financial perspective, you see this revenue recognized in Office 365, Windows Commercial, and Azure, including both our per-user Enterprise Mobility and Security offerings and our consumption-based security offerings.

For context today, the per-user model is the larger of the two buckets, and we continue to see strong and sustainable momentum here. And we expect our consumption-based offerings to continue to grow as we expand our portfolio and support new customer workloads.

Brett Iversen:
Thanks Hayete. How much does our security benefit from the overall Microsoft 365 sales motion versus security acting as the key driver and customers purchasing Microsoft 365? And how is security positioned with our go-to-market around teams?

Hayete Gallot:

That's actually a great question, which one drives which? It's important to understand that security and compliance are deeply integrated within M365 and Teams. So as such, it makes security and compliance key differentiators for Microsoft 365 as well as actually key drivers for Teams adoption. Just to give you an example, customers are shifting to hybrid work. So data and users no longer live inside the perimeter of the company. So as employees move in and out of the company, customers are concerned about protecting their IP and managing against insider risk. It's these types of concern that lead them to adopt Teams because we've integrated Data Loss Prevention, or DLP, natively, and information barriers into the product.

Customers are also as another example, looking at frontline workers. They've learned over the last year how critical frontline workers are to their companies. And they're now finally including them in their digital transformation strategy. But as customers digitize the frontline, they're discovering urgent needs around security and compliance. That's because many frontline workers use their personal unmanaged devices, or they use shared devices at work, so this creates significant risk for IP and compliance risk. So to address this challenge, customers are turning to Microsoft 365 and Teams to apply conditional access, and multifactor authentication to those devices. Customers don't want to compromise with security and compliance. They're applying the same bar to frontline workers, that they applied to information workers. And to help with that, we've actually introduced a new SKU in security and in compliance as well, that is tailored for frontline workers and customers can attach it to their existing licenses.

Hayete Gallot:
So overall Brett, I would say customers have a lot of questions right now as they embrace hybrid work. And these are just a few example of this types of scenarios they face. The fact that we have integrated security and compliance natively into M365, actually gives them peace of mind. So which ones drive which? Not sure, but it's driving security and compliance for sure.

Brett Iversen:
Vasu, given the success you're seeing with security, what's next? Can you give investors a bit of color on what you see in the future for our portfolio and what will drive sustainable growth?

Vasu Jakkal:

Brett, first of all, it's been so great to be part of this whole security journey and security is a critical conversation right now across every customer. And it's an area of significant focus and investment for Microsoft. So overall, we will continue to invest in simplifying the whole customer experience, whether it's the purchase, or the deployment, or the user-based solutions, as well as providing more seamless integration of our security solutions, both within the Microsoft portfolio and across multi-plat and multi-cloud and third party products and solutions. We also believe that there's tremendous cross sell and upsell opportunities, not only within our customer base, but also in the acquisition of new customers to Microsoft security.

And in addition, we will continue to build out our portfolio, enhancing our unique position that they've talked to you a lot about today, in providing that end to end protection, as well as really leading with that best of breed capabilities that we're proud of for our customers.

We are also looking at things like privacy management, verifiable credentials, that privacy and identity meet each other, and decentralized identity in the decentralized world, as well as enhancing threat intelligence across our entire product experience.

Now, in addition to that, we also believe we can build out our human services offerings with additional ways for customers to directly access the incredible bench of experts at Microsoft. This would be in addition to existing services that today include Microsoft Threat Experts and the DART team that Hayete talked about earlier.

As it continues to get tougher for CISOs and security practitioners and defenders across the board, we want to give them visibility into the full supply chain of the apps that they're building and managing. And as such, we are also increasing our focus around DevOps and code security by providing visibility across the vulnerabilities and into the vulnerabilities and helping them secure code as it is written.

And I do want to say one more thing about skilling. As Hayete mentioned, customers continue to struggle to fill the security skills gap. The estimated shortfall of security professionals is quite daunting as you heard. So we are also investing in the area of skilling to help customers build their knowledge base. And at Ignite, we announced four new certifications, as well as a robust content library to help defenders anywhere get training and to help anyone become a defender. You can look for us to continue to make announcements in that area. Empowerment through skilling Brett, as you know, is the heart of our mission as a company. And it's an important part of our commitment for our customers and our global community.

I'll end by saying it's a real privilege to be part of security today. We get to make the world a safer place and we get to do that with all defenders across the world. So security after all is a team sport and I'm so proud to be part of it.

Brett Iversen:
For sure, a perfect way to close. So thank you Vasu, Hayete and Harv for your time today and insights. And we thank everyone for watching. We recognize the importance of helping customers enhance their security posture. And we're glad we got to take some time with you to talk about it today. So thanks again, and I look forward to the next one.

Vasu Jakkal:
Thank you.

Hayete Gallot:
Thank you.

Harvinder Bhela:
Thank you.