Cloudflare TV

🎂 Christian Beedgen & John Graham-Cumming Fireside Chat

Presented by John Graham-Cumming, Christian Beedgen
Originally aired on 

2020 marks Cloudflare’s 10th birthday. To celebrate this milestone, we are hosting a series of fireside chats with business and industry leaders all week long.

In this Cloudflare TV segment, John Graham-Cumming will host a fireside chat with Christian Beedgen, CTO & Co-Founder of SumoLogic.

Watch more Fireside Chats 🎂

English
Birthday Week
Fireside Chat

Transcript (Beta)

Well, good afternoon from Lisbon. I'm John Graham-Cumming, Cloudflare's CTO, and my guest today for this special birthday week, or at least Cloudflare birthday week, fireside chat, is Christian Beedgen, who is CTO and co-founder of Sumo Logic.

Hi, Christian.

Thanks for having me, and happy birthday. Thank you. It's almost my birthday too, actually, but Cloudflare's birthday 10 years ago now, so it's been a while.

How old is Sumo Logic? 10 years, basically, in a couple of months. Happy birthday, Sumo Logic, as well.

Thank you. So I was just saying earlier, before we got started, that Sumo has kind of been a little bit following Cloudflare in the sense that we went public about a year ago, and you just went public.

Yep. Yeah, so we...

Go ahead. No, go ahead. Go ahead. Yeah, so we had the chance to do this. Obviously, it's a super interesting year, and lots of back and forth, but evaluations, especially for SaaS plays, continue to be very good, and the market receives these types of companies really well.

And we've been working on this for a very long time, believe that this company deserves to be a public company, and we managed to make the jump.

Obviously, it was a long time in the making, and the micro-timing, obviously, was a little bit thrown off this year, as you can imagine.

But yeah, I'm very happy.

I'm very happy myself. I'm very proud of the company and of everybody working with me there for basically 10 plus years at this point, to take this inkling of an idea that we had, and we thought could be a successful company, and get it past this.

It is a validation of some sorts, right? To be able to get your ticker symbol and all of that.

So, very happy, and quite proud, specifically, of all the stuff that folks ended up doing year over year to get us here.

Yeah, it's interesting, right? Because I was talking with Paul Judge yesterday, who's a cybersecurity entrepreneur, and we were talking about the length of time it takes for companies to be successful, because he's running a little investment fund, and he's being quite open with people.

It's not overnight.

It's a long process. So yeah, 10 years to get to IPO, it's not an unusual situation at all.

Specifically, if you're building enterprise software, right, which is what we are still doing.

I was at ArcSight before, right, as an engineer.

That's how I kind of got started, really. I ended up there in early 2001, sort of a long, long story, lots of random twists and turns.

But I was there for pretty much most of the decade, almost nine years.

And yeah, I saw it there. I mean, it took eight years there, in this case, right?

And when we started Sumo, we didn't really have any illusion that this would be kind of a three-year type affair.

We knew we were going to be in it for the long haul.

But we had also made the experience that it is possible to bring a thing like this public.

And so in many ways, we always thought it could be done.

The hubris, probably, that you need to have in the beginning, right?

But in this case, we managed to pull it off. And if you look at the other players that went public recently, you guys last year, 10 -year company.

I think Snowflake is a little bit younger. I think they're like eight years.

You know, the JFrog guys that also went public, who we also know quite well, and just fantastic companies and great people.

So I think they're actually a little bit past the 10-year mark, if I'm not mistaken.

So yeah, I mean, just building a business is just, you know, it's just not that easy.

It's not that easy.

It's one of those things where it's, I mean, it's interesting you said you'd kind of had a...

Oh, I'm losing you.

Hey, John, I'm...

Hey. I disappeared for a minute, I guess.

Yeah, there you are. Okay. I'm back. What I was trying to say, you sort of mentioned the ArcSight thing and the fact that you'd had a career beforehand, and you know, you had sort of wandered to this point.

I feel very much the same way.

If anyone ever looks at my LinkedIn, I just sort of have a big blank section because it's like, well, I did all these random things, and then I ended up at this company you've heard of.

What was the route that got you to Sumo?

Well, so the idea basically came out of what we had kind of, I guess, learned.

Basically, it was sort of, let me put it this way. I think being really immersed in ArcSight as an engineer, eventually chief architect, and it was very much kind of the founders, CTO, Hugh and Jim Enzi was always very outbound.

He always tracked us out, put us in front of customers, and to see how the product would resonate and so forth.

So we had a little bit of that kind of experience talking to customers.

We did a user conference very early on where we got additional kind of exposure and so forth.

So I think we started really early, we started understanding kind of the sort of consequences of what we were building in many ways, from the check it in and then go home.

But here are the things that customers really like about what you're building, and this is the stuff that works, and here's the stuff that doesn't work.

And for us, I think a couple of years in, from our internal perspective, the way that we felt about it as developers was the biggest pain point was that we would sit this classic enterprise software delivery model, right?

You sit there, you build the code, you throw it over the wall, and the customer gets stuck with the hard part, which is kind of installing it, right?

And maintaining it, and upgrading it, and putting the database, and the storage systems behind it, and all of that, right?

And it really was a software that was meant for security analysts to do better security analytics and security monitoring to improve the security posture of their business.

And I don't know how many of these folks we ended up inadvertently teaching to be window storage administrators and all kinds of other random crap, and like Oracle admins and all this type of stuff, right?

And it really felt that that was sort of a career or two might've spawned out of that, but that wasn't really the point, right?

The point was always talking to people about how to use the tool. And they always wanted to talk about how to kind of tweak this, and set the RAM differently on the Java application server, and all this type of stuff.

And so I was the platform guy.

I was always in high demand, and I was always very full of myself thinking that, hey, I'm clearly important, and I'm the master of the GC settings.

And I had these three hour long talks at a user conference with basically giving the admin users all the sort of dirty secrets, and the obvious things, and how to tweak this thing to run on a single machine, and all that kind of stuff.

And at some point I realized I shouldn't be spending any time on this, because they should focus on using the tool, right?

And then that combined with... That sort of seeded the idea that like, how can we make this?

How can we deliver this in a way, like this type of software, right?

How can we deliver it in a way that people can actually use it, instead of having to kind of go gray hair, or how to even get it to the point where they can use it.

That came down together with a fairly impactful day at Stanford, where Werner Vogels showed up, and this was in 2008, and kind of explained to us why AWS is cool.

We hadn't really cropped it before, but then I'm sure you know Werner.

So once Werner is done explaining it, you pretty much know, right?

And we kind of combined those two things, saying, hey, now AWS has basically given us a data center as an API.

And on the other hand, over here, we've been thinking about maybe this should be delivered in a sort of SaaS-like form factor, but we are not data fender, or hardware, or cabling people, et cetera, or networking people.

That's great stuff, but that was just not what we were. We were a bunch of developers, right?

And so data center as an API was very appealing, and so those two things together suddenly made it possible to dream big, right?

And the dream was to basically take this security and operational log management, and turn it into something that people could use, rather than worry how to scale.

It turned out that we didn't quite have the terms back then yet either, that it was essentially a big data problem, and a big data product, because you've got 50 events, and you've got 500 events, and you've got 5,000 events, right?

And you will always end up trying to debug the largest customer, and then the next customer had yet a completely different setup.

It just felt there was a lot of toil, and undifferentiated heavy lifting, and all of that.

And we bought that hook, line, and sinker, because it was just exactly what we had experienced.

And we pitched, then we ended up pitching this basically as a kind of...

We convinced ourselves that the next big company in this space was going to do roughly some kind of combination of Splunk and ArcSight at the time, if you look at it from the 2008, 2009 perspective, but as a service, right?

And there would be at least one company that would be very successful doing that.

Just like we looked at Salesforce, we looked at ServiceNow, we had seen those stories, and it felt like that was kind of a way to sort of disrupt, even just in the form factor, right?

And so we ended up finding folks that Cray looked at, kind of had that same vision, and off we went.

So that's how that all came together. It might be worth saying right now what Sumo Logic actually does in case there's a listener who doesn't know what people do with it.

That's a solid idea. So let me try to describe it. So we basically bring together like tons of IT telemetry, logs, metrics, distributed tracing, all of these types of things, sort of the exhaust of your systems, right?

And we make them available for you to analyze. And what you can do with that is obviously monitoring, alerting, and sort of security, right?

So the way that we look at the world is that, especially given digital transformation at an increasing rate, business runs on top of apps and systems.

Businesses are already digital.

They transform to become more digital or to become digital in the first place.

So the business is really kind of the apps and the systems on top of which the apps run.

And you want that stuff to be reliable because it's got to be 24-7, right?

And you want it to be secure because otherwise, if you lose people's data, you're not going to have a very bad time.

And if stuff's not reliable, your competitor knows how to do that better.

Again, you're going to have a bad time. And so we feel that by helping people with our service and with the solutions that are built on top of the platform that we have, we help them to keep their systems reliable and secure.

And by that, we help them actually be successful in business because the business needs to be reliable.

Business needs to be secure. So lock management, time series metrics, distributed tracing, all packaged up under the kind of new term of observability.

That's kind of one of the solutions on top of the platform.

And the other one is a security information event management tool that's basically, again, delivered as a SaaS, which is also still fairly new in this space.

So here you are as a public company. Now, if you're anything like me, the question I get asked all the time, especially by candidates trying to join the company is, what has changed since you went public?

Now, you haven't gone public that long ago.

Maybe you're not getting it yet, but what's changed so far? I'm still sitting in the same room.

Yeah, me too. But there's just, I think people have this idea that there's such a build up to this IPO thing and everyone's like, wow, and there's the day.

And then of course, the day is just a day. And then you go back to the work.

I know when internally at Cloudflare, when we announced to the company that we were going to go public, we told everybody, and then everybody just kind of went back to work on the following Monday.

And the same thing was true when we actually went public.

It was like, well, that was great, but now we have to carry on.

So has anything changed, do you think, in Sumo since going public? No, not really.

I think it shouldn't. It is, yes, and it is a major milestone. Let's just say what it is.

Because there's all kinds of benefits coming from it, including getting closer to people taking out some wealth that they deserve.

Hundreds and hundreds of people have been getting, basically putting their faith and all their hard work into it.

So I think that's significant. I think there's a lift that you get from becoming a public company.

Of course, you get a lot of airtime doing that, like IPO week and so forth.

But generally, I think you kind of reach an echelon where folks who would have never looked at you before to become a customer potentially are probably now looking at you.

But I don't really perceive it as a step function, really.

I mean, we've been working very diligently towards this and everything from strategy as internal G&A and legal processes, all that stuff.

It isn't overnight.

There's a long, long road, as you know, to get all this stuff in place.

And yeah, some things probably are getting scrutinized a little bit more now.

Some things we need to kind of think a little bit harder ahead of time rather than being super agile about them.

Then, of course, the street sort of forces you into sort of three months reporting, et cetera, et cetera.

So many companies have had post-IPO great trouble maintaining innovation and so forth.

But I think we've got that kind of all really well figured out.

And there's no change in strategy per se, right?

I think we know who we are. We know the solutions and products that we want to build.

We know the market. So we're going to continue the way that we've operated.

That sounds very familiar to me. Because the big thing was we had a project running up to the IPO while it was still a secret internally, which was all around all of what I think of as the boring stuff.

Some people love it. But all of the processes and financial reporting, and there was like a whole bunch of stuff you just have to do.

And you just have to do it. You have to get yourself in shape. And what was interesting about it was I thought it made us a stronger company because we actually had visibility of things we didn't necessarily have visibility of before.

We had control where we didn't have control before. But then, yeah, the IPO day is the IPO day.

And it's back to work after that doing the thing you've already been doing for 10 years in your case, right?

100%. And so then it might be a little bit anticlimactic the next day.

But life's like that, right? And you just keep grinding.

And you basically grind on stuff that you love grinding on. That's kind of also work.

Let's just go back just through the life that comes.

Because I'm interested in comparing our experience with yours.

What are the things that have changed for you over 10 years of Sumo?

And what do you think have stayed the same, maybe culturally or how you do things?

So I think I'm not necessarily sure that there will be a huge change, right?

I don't think we are planning for that.

I think we've got our culture pretty well set, right? I think continuing to scale the company will require us to constantly also evolve, right?

The culture, just like we've done in the last 10 years. And so that's basically that.

What was it like right at the beginning? Did you have a clear vision that, yeah, this is exactly what we're going to build, this is where it's going to go?

Or did it morph over time? It morphed a little bit, but I think within a very sort of narrow set of parameters.

I think what happened was that, I think the sort of initial idea was to sort of take the oxide type product like a cement or put it in a cloud.

What we fairly quickly realized is that we had to like, no matter what, at least we felt that we had to first build that kind of multi-tenant substrate for log management, right?

Which is just this really kind of large scale, right?

Kind of non-traditional, but ultimately a kind of warehouse type database, right?

For sort of funky data, like lots of full-text indexing going on, but also structure and all of that.

And so we then actually in the first 18 months or so, we built that to a degree where we felt that we had enough functionality that we could give it to customers to solve initial use cases around application monitoring, right?

So your basic log search basically, right? And then we did not actually focus that on security very much, right?

And so, despite what we probably originally thought, and probably also including kind of all the way through in the first investment round, the way that we ended up building stuff, we had that first, right?

And then that had it, that sort of, you get some gravitational pull, I guess, from that, right?

We managed to bring customers on board. They liked it.

They loved it, actually. They clearly saw the difference that it made in terms of simply just pouring the data in and getting value out of it without having to deal with all these things that we talked about earlier, right?

So we said, okay, let's go and continue on that a little bit.

And so that way we basically ended up kind of playing early on, much more sort of in this sort of operational analytics space rather than the security analytics space.

Because on the SIEM side, there's a bunch of additional stuff that you really need to build, like data normalization in particular, and then you need to build much more advanced detections of rules engine type stuff.

We knew all of that because we had built it once before, but just sort of the log search and log analytics and then dashboarding on top of it, that basically kind of became its own, that just became its own thing, right?

That like brought in revenue and we managed to build out sales around it.

And money came in and forecasts were being made and all that kind of stuff.

And so we basically just kind of decided to continue to double down on that for the first couple of years.

What was interesting was that, and then you try to focus, right?

Because you were just a couple of people, you have something that kind of, it sort of works just about well enough that you get your initial set of customers, right?

And you need to continue to focus on that so hard. But then some of those customers came back and they were security guys, right?

And they were like, oh, you guys are not a full-blown SIEM, back in 2012, we weren't, right?

But what you actually are delivering, which is this underlying data management and query substrate, that one is actually something I need anyway.

So I'm going to just go and get it, right?

Because it's also SaaS delivered. So that means I don't necessarily have to go to IT first and ask for boxes or VMs or storage and so forth, right?

So it can kind of help. Security teams are fairly small usually. They like their process, but they don't like other people's processes, like everybody, right?

And so we managed to kind of get a pretty good user base there.

And then folks continue to kind of just drag us down the security route again, which we love doing that, obviously.

There was obviously some interesting prioritization discussions for a number of years there, but then as we became more mature, we felt that we had, well, yes, the majority in the company and sort of the kind of execution strength and just purely number of people building stuff, right?

That we could double down on security.

And so then that's basically the second pillar that we grew on top of the platform.

And we made a bunch of acquisitions to kind of speed that up and so forth.

And yeah, so now we are a cloud SIEM, which is what we originally thought we would be, but we kind of took this detour and now we're also like operational analytics and ultimately observability solution, which is quite interesting.

So let's switch gears a little bit.

You mentioned you think the culture is fairly set in Sumo.

Tell me about that. How do you end up describing the culture to people and how is it maintained?

So the simplest way to put it in my mind, that's kind of the mantra that I have in my head is, the priority is always customer, employee, company, right?

So in other words, your company is basically the third priority.

And if you have a huge focus on your customers and if you actually, if you provide a great platform for your employees to be happy and do well, great work, then everything kind of from the company's perspective flows out of it by and large.

We have that encoded in a set of values that we've basically a couple of years in actually into the company.

We kind of sort of encoded those and it's about basically being in it with our customers.

That's one of them, which basically speaks to the customer focus. It's kind of interesting in many ways, we are a lot like our customers because we in fact actually use our own product in order to run a business.

We have a perfect sort of dogfooding loop set up.

Not a lot of companies are lucky enough to get this, but we are and we exploit it to the absolute maximum extent.

So we are not building a product that we don't understand or that only a small set of people in the company understand that have the domain and everybody else is building stuff.

No, I mean, we're actually using the stuff that we're building and we really build it so people can use it.

And this customer focus is sort of very strong and the way that we phrase it internally is in it with our customers.

And so we will get on the phone with them if we need to.

We can often reach out to them because we see certain behaviors that we can trigger on and give them tips.

And we try, we go out of our way to help them figure out how to get maximum value and minimum billing and those types of things.

And we always try as hard as we can to make the customer happy.

And I know that a lot of companies say that and it's obviously a sort of a trendy and obvious thing to say, but I know what people do in this company and how hard we're working through engineering, product management, and especially all the customers, like the directly customer facing customer success and so forth.

Organization, TAM, et cetera, et cetera. People are really, really in it deep.

And our customers appreciate that. And we do hear that all the time.

And to me, apart from it just philosophically feels right, I think it's also good business practice because it's a SaaS business.

And so you're up for renewal every year in a particular model.

You can't sell and hide, which is kind of what folks used to do in the old enterprise software days.

And no, if your shit doesn't work, customer income come back.

And the worst thing, as you know, for this type of recurring revenue model is churn.

The amount of x-raying that goes into churn, it has to be high and it's excruciating.

So try to really avoid that.

And you do that by delivering a good product and a good experience along with it.

And that a lot of it, no matter how much we talk about machines and this and that, has to do with people talking to people on both sides.

So that's a big one.

And then the other one, there's a couple more, but maybe the other one I should highlight is we call it bring light to dark.

That's something that in many ways we think about the analytical value that our product has.

It gives folks an idea to sort of see things that they could otherwise not see in this kind of funky kind of data that we have there.

That if you don't have a good product, I can pick it up and analyze it and model it for the various use cases that we talked about.

Then there's a lot of light that's being not shown on a lot of things. And you're basically in the dark.

And we try as much as possible to kind of apply that internally as well as a sort of way to challenge each other to sort of say something when we see something internally that might not roll properly, which you always get those things, no matter how hard you try.

Those values get challenged very hard during an IPO process, as I'm sure you probably also can remember.

But we try absolutely best to make sure that everybody in a company has the maximum amount of context about what the company is doing and why.

That's a very interesting one.

I used to work for a guy, a CEO, who one of his key things was get bad news out fast.

He was like, if something's not working right, tell us right now, rather than wait.

Because I think bad news is a bit like credit card debt.

It only gets much, much bigger over time. So interesting that you have that as a sort of a core idea.

Yeah, I test early and often, right? That's the other thing that reminds me of.

We've all seen those curves. I think cost of a buck two years out is exponentially higher than if you can squash it right away.

That makes sense to me.

When you're hiring as a CTO, what are you looking for in people to join your team?

Oh, that's really interesting.

I'm involved in hiring for lots of different teams, more so than even for my own team.

I don't actually have a huge team. My team is mostly composed out of folks that seem to be best served by working with me than with any other engineering manager in the company, meaning our chief architect, who has been with me.

That sounds very familiar. I have a very small team that works for me of people who are also roaming principal engineers, who they probably don't want to be on a product directly.

They'll wander around from thing to thing. So yeah, it sounds very familiar.

But tell me a bit about hiring. We've got a few minutes left.

Yeah, so generally, the hiring and Sandeep Khanna is a guy who basically runs all of engineering.

And I get the two of us work really well together. That's also a really cool story, actually, that allows me to not have to look out for hundreds and hundreds of folks from a people management perspective.

It gives me a lot more room for the more CTO-type stuff.

And I enjoy that, keeping a few out for a couple more quarters than everybody else into the future and that type of stuff.

The hiring thing is really quite interesting.

I've said this before, and people have challenged me on this, because as you get more senior, it seems like it becomes a very high bar.

But my first formulation for that years and years ago has always been, I'm trying to hire people that are better than I.

And of course, people are like, come on, you've been doing this for 20 years.

It's like, no, that's not necessarily what I mean.

But I mean, the way that I look at it is that I'm trying to find people that I feel that there's something that they can bring to the table that I can't.

And if we can do stuff together, because we know certain things well, then that's also fine.

But I'm looking for stuff that I'm looking for Legos that I don't have yet, so I can build a new thing.

And that can come in many, many, many different ways.

It can be because somebody is just ridiculously educated on a particular branch of research.

It's just that matches something that we could use.

Or it could just be somebody who has just a super interesting background that brings maybe even non -strictly speaking, programming, engineering, or product development experience to the table.

But it probably is a highly accomplished, I don't know, electronic music producer.

I don't know, I'm just kind of making that up a little bit on the fly.

Or some other sort of way where I can tell it is that that person has a certain sort of creative intellect there.

Exactly. Because I went to a famous university, did a PhD and have all the bits of paper you could possibly have.

And then I look at people in our team and there are all sorts of different backgrounds.

And I think what's interesting is what you just described, is the creativity that matters.

It's not necessarily a qualification or a specific background.

It's like, you know something or you know how to do something that I'm going to find useful and I'm going to learn from.

In fact, one of the things I find is this team is so smart, I'm learning a lot.

Well, listen, we've only got 45 seconds left. Thank you so much for doing this and chatting with us.

Happy birthday to Sumo. Congratulations on the IPO.

Thank you. Likewise. You'll no doubt start getting asked what's changed. Give another six months, no one will want to know how everything changed.

But good luck with everything.

And I look forward to one day getting to meet you in person. Oh, that would be that would be excellent, especially if I can come to Lisbon.

Exactly, exactly.

Where the weather is not raining, it is actually very, very sunny, as you might imagine.

That's what the Portuguese government promises. Yeah, I've been there for Web Summit a couple of times.

So yeah. Yeah. Cool. Thank you very much, sir.

Yes. Bye. Thank you.