The superstore underlying Amazon Web Services Inc.’s Marketplace, is home to 4,200 software listings from 1,300 vendors. As AWS rafts across diverse domains like machine learning and virtual reality, it’s overlapping with Marketplace partners, inevitably competing with them. But for now, these AWS-affiliated startups are holding their own in emerging areas of hybrid cloud security and next-gen data management.

Founded earlier this year at the intersection of five simultaneous acquisitions, Cyxtera Technologies Inc. wants to remodel information technology security. “We think it should be more like cloud,” said Chief Marketing Officer Simon West (pictured).

Cyxtera is one part physical data center and colocation provider and four parts security and analytics software startup. It has integrated software-defined parameter, or SDP, security features into its physical data centers around the globe. It also extends its SDP technology into customers’ various private or public cloud environments for location-agnostic, user-centric security.

Watch the complete video interview with Simon West below:

West spoke with Lisa Martin (@LuccaZara), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, and guest host Keith Townsend (@CTOAdvisor), principal at The CTO Advisor, during the AWS re:Invent conference in Las Vegas, Nevada. They discussed how Cyxtera is bringing security into the multicloud era. (* Disclosure below.)

Can SDP suck security out of the 90s?

“If you took a systems administrator from ’96 and you showed him IT today, I think you’d have some explaining to do,” West said.

Public cloud infrastructure is far afield of the on-premise hardware of 20 years ago, and it’s enabled agility and innovation cycles undreamed of then. However, a security administrator from 1996 would be pretty familiar with the bulk of today’s security systems, with their hardware-based, static choke-points, West pointed out.

“You build cloud applications that are capable of spawning multiple copies of themselves, auto-scaling up and down, moving from availability zone to availability zone — yet our typical network security posture is still highly static,” he said.

Cyxtera’s flagship product, AppGate SDP allows agile, dynamic network security that interrogates users rather than IP addressees. Access is conditional and granted based on a number of fluctuating factors — location, date, time, operating system, overall security posture, etc.

“In the case of AWS, we integrate with features like [EC2] Security Groups, like AMI [Amazon Machine Image] tagging, so you can build policy natively out of those Amazon features,” West said.

This is one version of the AWS flywheel effect, whereby users can link to and build upon its services to create something larger. However, the double-edged sword AWS presents is seldom lost on its partners. “Show me the largest booth at re:Invent, and then go listen to the keynote and go see those people crying in their beer because Amazon just announced some service that’s going to eat some of their business,” joked Wikibon.com analyst Stu Miniman at re: Invent 2016.

Nonetheless, Cyxtera is getting in on the ground floor of what is still an unplundered market. If AppGate SDP works as reliably as it claims, it should find plenty of eager takers. Gartner Inc.’s recent “Hype Cycle For Cloud Security 2017” report placed SDP near the top of the list of technologies whose fanfare did not reflect successful real-world deployments. SDP, along with data loss protection for mobile devices and key management as-a-service will take “at least five years to reach productive mainstream adoption,” Gartner predicted.

Cloud data backup charges forward

Multicloud data protection and backup is also heavily hyped nowadays, as evinced by the startups all over Silicon Valley sallying to market with such offerings. “Every other company in the Bay Area is a backup and restore company,” Rishi Yadav, founder and chief executive officer of Zettabytes Inc., recently told theCUBE.

Given the great migration to cloud, it’s not difficult to see why. “The world is moving to the cloud, the world is moving largely to a non-relational [database] world, and so there’s going to be a huge opportunity to provide data management solutions,” said Peter Smails, vice president of marketing and business development at Datos IO Inc.

These are not just any old data management solutions, but data-aware, infrastructure-agnostic, multicloud-capable solutions, Smails told theCUBE during the AWS re:Invent conference.

Watch the complete video interview with Peter Smails below:

While Smails’ attitude is unapologetically cloud-first, he believes some companies have put the cart before the horse in terms of backup and protection. Yes, they are moving to cloud; they have cloud-native applications in production on AWS. Wonderful — and yet, ask: How are they protecting those applications? They have no idea, according to Smails.

Datos IO provides a new kind of backup and recovery optimized for multicloud. Its RecoverX v2.5 helps users better understand and manipulate data. “I can pick individual rows and columns. I can pick and choose based upon my database schema. I can mask columns of data if I have to do GDPR compliance or [personally identifiable information]. Our view of the world aligns incredibly well with AWS,” Smails said, adding that 50 percent of Datos IO customers run natively on AWS.

Many swords to slay multicloud beast

Perhaps multicloud data managment and security are such complex beasts, even AWS will not be able to cover all customers without outside assists. “It’s easy to configure your AWS setup to let anybody in the front door of S3 [object storage] … pretty embarrassing when it happens,” said Eric Thomas, director of solutions architecture at ExtraHop Networks Inc.

Watch the complete video interview with Eric Thomas below:

ExtraHop is an IT operations and wire data analytics platform. It uses the network as a data source for application intelligence, monitoring performance, security, forensics, etc., whether on public or private cloud, on-prem or in hybrid environments.

“We sort of sit on the network — virtual or physical network — listen to all the traffic, and then we analyze it sort of at an application layer,” Thomas told theCUBE during AWS re:Invent. It applies machine learning to surface insights to IT professionals and app developers.

Its anomaly detection can catch security threats in real-time. Consider the case of the AWS S3 intruder. “With ExtraHop and ExtraHop for AWS, that’s an anomaly. It’s a couple of clicks to find out where it’s going on and to fix it,” Thomas concluded.

Be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent. (* Disclosure: Cyxtera Technologies, Inc., Datos IO Inc. and ExtraHop Networks Inc. sponsored these segments of theCUBE. None of these companies nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE