TCP Talks

Andrew Krug from Datadog In this episode, Andrew Krug talks about Datadog as a security observability tool, shedding light on some of its applications as well as its benefits to engineers. Andrew is the lead in Datadog Security Advocacy and Datadog Security Labs. Also a Cloud Security consultant, he started the Threat Response Project, a toolkit for Amazon Web Services first responders. Andrew has also spoken at Black Hat USA, DEFCON, re:Invent, and other platforms.. DataDog Product Overview Datadog is focused on bringing security to engineering teams, not just security people. One of the biggest advantages of Datadog or other vendors is how they ingest and normalize various log sources. It can be very challenging to maintain a reasonable data structure for logs ingested from cloud providers. Vendors try to provide customers with enough signals that they feel they are getting value while trying not to flood them with unactionable alerts. Also, considering the cloud friendliness for the stack is crucial for clients evaluating a new product. Datadog is active in the open-source community and gives back to groups like the Cloud native computing foundation. One of their popular open-source security tools created is Stratus-red-team which simulates the techniques of attackers in a clean room environment. The criticality of findings is becoming a major topic. It is necessary when evaluating that criticality is based on how much risk applies to the business, and what can be done. One of the things that teams struggle with as high maturity DevOps is trying to automate incident handling or response to critical alerts as this can cause Configuration Drift which is why there is a lot of hesitation to fully automate things. Having someone to make hard choices is at the heart of incident handling processes. Datadog Cloud SIEM was created to help customers who were already customers of logs. Datadog SIEM is also very easy to use such that without being a security expert, the UI is simple. It is quite difficult to deploy a SIEM on completely unstructured logs, hence being able to extract and normalize data to a set of security attributes is highly beneficial. Interestingly, the typical boring hygienic issues that are easy to detect still cause major problems for very large companies. This is where posture management comes in to address issues on time and prevent large breaches. Generally, Datadog is inclined towards moving these detections closer to the data that they are securing, and examining the application run time in real-time to verify that there are no issues. Datadog would be helpful to solve IAM challenges through CSPM which evaluates policies. For engineering teams, the benefit is seen in how information surfaces in areas where they normally look, especially with Datadog Security products where Issues are sorted in order of importance. Security Observability Day is coming up on the 18th of April when Datadog products will be highlighted; the link to sign up is available on the Datadog Twitter page and Datadog community Slack. To find out more, reach out to Andrew on Twitter @andrewkrug and on the Datadog Security Labs website. Top Quotes

In this episode, Ravi Mayuram highlights the functionality of Couchbase as an evolutionary database platform, citing several simple day-to-day use cases and particular advantages of Couchbase. Ravi Mayuram is CTO of Couchbase. He is an accomplished engineering executive with a passion for creating and delivering game-changing products for startups as well as Fortune-500 industry-leading companies. Notes Couchbase set out to build a next-generation database. Data has evolved greatly with IT advancements. The goal was to build a database that will connect people to the newer technologies, addressing problems that relational systems did not have to solve. The fundamental shift is that earlier systems were internally focused, built for trained users but now the systems are built directly for consumers. This shift also plays out in the vast difference in the number of consumers now interacting with these systems compared to the fewer trained users previously interacting with the systems. One of the key factors that sets Couchbase apart is the No-SQL Database. It is a database that has evolved by combining five systems; a Cache and Key-value store, a Document store, a Relational document store, a Search system, and an Analytical system. Secondly, Couchbase performs well in the geo-distributed manner such that with one click, data is made available across availability zones. Lastly, all of this can be done at a large scale in seconds. Regarding the global database concept that Google talks about, a globally consistent database may not be needed by most companies. The performance will be the biggest problem as transaction speed will be considerably low. Couchbase does these transactions locally within the data center and replicates them on the other side. The main issue of relational systems is that they make you pay the price of every transaction no matter how minor, but with Couchbase, it is possible to pay only the cost only with certain crucial transactions. Edge has become a part of the enterprise architecture even such that people now have edge-based solutions. Two edges are emerging; the Network edge and the Tool edge where people are interfacing. Couchbase has built a mobile database available on devices, with sync capability. As a consumer, the primary advantage of bringing data closer to the consumer is the latency issue. Often, data has to go through firewalls and multiple steps which delays it but this is the benefit of Couchbase. The user simply continues to have access to the data while Couchbase synchronizes the data in the back. One of the applications of Couchbase in healthcare is insulin tracking. With many devices that monitor insulin which must work everywhere you go, Couchbase Lite does the insulin tracking, keeps the data even in the absence of a network, and later syncs it for review by healthcare professionals. This is also useful in operating rooms where the network is not accessible. The real benefit is seen when the data eventually gets back to the server and can be interpreted to make decisions on patient care. The Couchbase Capella Service runs in the cloud and allows clients to specify what data should be sent to the edge and what should not be. This offers privacy and security measures, such that even in the loss or damage of a device, the data is secure and can be recovered. To effectively manage edge in devices, a lot of problems must be addressed to make it easier. One of the concerns for anyone coming into Couchbase Capella is the expense of data extraction from the cloud, however, Couchbase is available on all three cloud providers. Also, with Couchbase, there is no need to keep replicating data as you can work on the data without moving it, which largely saves costs. Other use cases for Couchbase include information for flight bookings, flight crew management systems, hotel reservations, and credit card payments. To learn more, visit the Couchbase website. There is also a free trial for the Couchbase Capella Service.   Top Quotes

Revolutionizing Observability with New Relic In this episode, Daniel explains a new strategy towards observability aimed at contextualizing large volumes of data to make it easier for users to identify the root cause of problems with their systems. Daniel Kim is a Principal Developer Relations Engineer at New Relic and the founder of Bit Project, a 501(c)(3) nonprofit dedicated to making tech accessible to under-served communities. His job is basically to get developers excited about Observability, and he hopes to inspire students to maximize their potential in tech through inclusive, accessible developer education. He is passionate about diversity and inclusion in tech, good food, and dad jokes. Show Notes First, it is important to differentiate between monitoring and observability. Monitoring is basically when a code is instrumented to send data to a backend, to give answers to preconceived questions. With Observability, the goal is to monitor your system so as to later ask questions that were not in mind during the instrumentation of the system. Hence, if something new comes up you can find the root cause without modifying the code. There are so many levels of things to check when troubleshooting to find the cause of a problem, and this is where observability comes in. There are different use cases for logs, metrics, and traces; Logs are files that record events, warnings, or errors however logs are ephemeral which means there is increased risk of losing a lot of data. A system needs to be in place to move logs to a central source. Another issue with logs is that it is poorly structured data. Logs are good to have as the last step of observability. Metrics and traces can however help to narrow down where to search in the logs to solve an issue. Metrics are measurements that reflect the performance or health of your applications. They give an overview of how the systems are doing but tend to not be very specific in finding the root cause of a problem; other forms of data have to be adopted to get a clear picture. This is where Traces come in. Traces are pieces of data that track a request as it goes through the system. Because of this, they can identify the root cause of an error or bottlenecks slowing down the system. However, they are very expensive and as such sampling is used when tracing but this reduces the accuracy of traces. Correlating information from logs, metrics, and traces gives a full clear picture for debugging to be carried out successfully. A lot of New Relic customers strive to get more pieces of data to get errors faster. To balance the right data at the right time with the right cost, the first step when collecting large amounts of data is to find out how your organization is leveraging the data. A quick audit of the data to identify useful data is helpful. This can be done monthly or quarterly. Unstructured logs are difficult to aggregate In the cloud native space, being able to be compatible with as many people as possible will determine the winners because there are many projects people use in production. Projects that are compatible with many other projects are the way forward. APM is still very useful to understand application performance and in the future, data from all sources will be correlated to figure out the cause of a problem. Getting value very early from the system involves having a solid infrastructure and installing APM. The real power of full stack observability is getting data from different parts of your stack so you can diagnose what part of your system is going wrong. Leveraging AI to make sense of large amounts of data for engineers is going to be a huge plus. A lot of vendors claim that their alert systems will automatically generate all alerts for you but this is not true because they would not know your team's needs. It is ultimately up to your team to set up alerts that create an observability strategy. Those who invest time into setting this up get the most ROI from New Relic. Engineers need to figure out what metrics are important to them. About New Relic One: This was made to be a singular observability platform where people can correlate various pieces of data to get more context making the work easy for engineers. The goal was to help engineers to find the information they need as fast as possible, especially during a crisis. This kind of third-party solution is much more applicable for processing millions of logs or larger data, compared to native tools. It also provides a large amount of expertise around observability and curated experiences around machine-generated data. The future seems to have customers tilting towards open-source observability solutions. OpenTelemetry is one example of this, as it brings together all observability offerings in open source in a whole stack observability experience. Visit the New Relic website to learn more about it. To learn more about ways to use New Relic, check out the New Relic Blogs. Top Quotes

Spatial Simulations with AWS SimSpace Weaver In this episode, Peter sits with Rahul Thakkar to discuss the revolutionary AWS SimSpace Weaver, highlighting its unique function and applications across several industries. Rahul Thakkar is the Director and General Manager of Simulation Technologies at Amazon Web Services. Before AWS, he held multiple executive roles at Boeing, Brivo, PIXIA, and DreamWorks Animation. He is an inventor, and global technology executive with a background in cloud computing, distributed and high-performance computing, media and entertainment, film, television, defense and intelligence, aerospace, and access control. His film credits include Shrek, Antz, and Legend of Bagger Vance. In 2002, he was part of the team that won an Academy Award for Shrek as the Best Animated Feature. Again in 2016, at the 88th Annual Academy Awards, Thakkar received a Technical Achievement Award. Notes AWS SimSpace Weaver enables customers to run extremely large-scale spatial simulations without having to manage any of the underlying infrastructure. It also removes the complexity of state management of entities as they move about the simulation. Previously, carrying out such simulations would be done sequentially, in a cumbersome manner over years but now it can be done in parallel in weeks. Different organizations have tried out this functionality for several scenarios and the results have been amazing. This value was largely made possible due to the approach of working with customer feedback. Rahul's interest in the cloud came much later in his career which started initially in the R&D department of the Motion Picture industry where he created many of the complex graphics in movies. He later moved into a small start-up that was developing technologies for satellite imagery and mapping, and from here he moved to aerospace. Generally, he observed the problem that it is very expensive for companies to maintain their infrastructure when dealing with simulations. It also would drain resources and distract from the main focus of the company. Eventually, knew he had to use AWS, and now he works with them. All the other primitive tools within AWS are being consumed to build the service. There is also the ability to write to S3 so that customers can write the simulations out. This helps customers to remember how the simulation played out. Relating this new service to the metaverse, Rahul believes that when it comes to the metaverse, each organization has its vision of what it should be. However, AWS built the tools to empower these organizations to build their metaverses. Despite the possibility of having competition from Azure or GCP, the focus of AWS would remain on the customer and their needs, innovation on their behalf. Identifying new problems that the service would be very applicable for is a great challenge that AWS relies on customers for, to help AWS envision where they want to go with the service. There are definitely many companies running simulations but it is hard to predict how many would migrate to the AWS SimSpace Weaver because it is still a new product. Nonetheless, a lot of industries are interested in this new service. These include smart cities, organizations ranging from local to federal or international, logistics and supply chains, large-scale event planning, or any situation where there is a need to simulate a large problem with digital replicas of the real world. Top Quotes

Applying and Maximizing Observability In this episode, Christine talks about her company, Honeycomb which runs on AWS, with the goal of promoting observability for clients interested in the performance of their code or those trying to identify problem areas that need to be corrected. Christine Yen is the Co-Founder and CEO of Honeycomb. Before founding Honeycomb, she built analytics products at Parse/Facebook and loved writing software to separate signals from noise. Christine delights in being a developer in a room full of ops folks. Outside of work, Christine is kept busy by her two dogs and wants your sci-fi & fantasy book recommendations. Notes Honeycomb is an observability platform that helps customers understand why their code is behaving differently from what they expected. The inspiration behind this software came after Christine's previous company was acquired by Facebook and they realized how software made it very easy to identify problems in large code data within a short time. This encouraged them to build the tool and make it available to all engineers. If the first wave of DevOps was Ops-people learning how to automate their working code, the second wave would be helping developers learn to operate their code. Honeycomb is designed intentionally to ensure that all types of engineers can make sense of the tool. Honeycomb has always come up with ways for customers to use AWS products and get the data reflected in Honeycomb to be manipulated. Over the last few months, they have ensured that it is possible for clients to plug into CloudWatch Log and CloudWatch metrics, and redirect data directly from AWS products into Honeycomb instead. Clients can also use Honeycomb to extract data based on what their applications are doing. This applies to performance optimization, experimentation, or any situation where a company wants to try a code to see how it performs on production. The focus remains on the application layer. Before Honeycomb, no one was using observability in this context. The pricing of Honeycomb is based on the volume of data, which makes it predictable and understandable. Unlike when the pricing scale is based on the fidelity of the data, which can be quite expensive. Challenges within the observability space: The question is how to help new engineers learn from the seasoned engineers on the team through paper trails left by the seasoned engineers. This is a problem that can only be solved by enabling teams to orient new engineers on their systems without having to create another question as part of the code. Building an AI Approach in Honeycomb may not be suitable because of the context involved, since training effective machine learning models relies on a vast amount of easily classifiable data and this does not apply in the world of software; every engineering team's systems are different from every other engineering team's systems. Honeycomb is interested in using Al to build these models in order to help users know what questions to ask. With Honeycomb, usage patterns are much more dependent on the curiosity and proficiency of the engineering team; while some engineers who are used to getting answers directly may just leave the software, those who have a culture of asking questions will benefit more from it. Top Quotes

In this TCP Talks episode, Justin Brodley and Jonathan Baker talk with Anthony Lye, Executive Vice President and General Manager of NetApp's Public Cloud Services Business Unit. An industry veteran for over 25 years, Anthony has been at the forefront of cloud innovation for over half this time. Anthony shares his insight on the importance of embracing disruption in the tech industry. He discusses how NetApp seized the right opportunities, got lucky, and came to dominate the Cloud space — even while younger app developers may have no idea what it was. "They don't comprehend — nor should they — the complexities of infrastructure,” Anthony explains. “And I really love the fact that we've been able to democratize ONTAP, because it's cool, but you've got to be really smart to get the best out of it. And so we just decided we would be the smart ones.” What's really behind innovation in tech? “The context is where you are. And people like to think that the world operates through evolution. And sometimes it's revolution –- sometimes, you have to do something radically different.” Anthony also discusses cloud computing trends, the importance of customer focus, what NetApp does differently, and the multi-cloud. Featured Guest

In this TCP Talks episode, Justin Brodley and Jonathan Baker talk with Jonathan Heiliger, co-founder and partner at Vertex Ventures: an early-stage venture capital firm backing innovative technology entrepreneurs.  Earlier in his career, at just 19, Jonathan co-founded web hosting provider GlobalCenter and served as CTO. He went on to hold engineering roles at Walmart and Danger, Inc., the latter of which was acquired by Microsoft. He was also Vice President of Infrastructure and Operations at Facebook (now Meta), and a general partner at North Bridge Ventures. The latter firm's portfolio included Quora, Periscope, and Lytro (which has been acquired by Google.) At Vertex Ventures, Jonathan has helped cutting-edge companies like LaunchDarkly and OpsLevel revolutionize the tech space with continuous delivery and IT service management solutions. Jonathan shares his insights into the shifting market of IT services and explains why decentralizing infrastructure management can help digitally native companies operate at a faster pace. According to Jonathan, the question of IT service infrastructure isn't being adequately addressed. Without properly defining service ownership, businesses looking to scale run the risk of siloing critical knowledge, and losing track of services networks.  Jonathan also discusses his own experiences running infrastructure at Facebook (oops, Meta), the merits of both centralized and decentralized IT services management, and how he and his partners at Vertex Ventures approach new investments.   Featured Guest

In this TCP Talks episode, Justin Brodley and Jonathan Baker talk with Josh Stella, co-founder and CEO of Fugue, a cloud security company that helps businesses run faster on the cloud without breaking any rules.  Josh shares insights from Fugue's State of Cloud Security 2021 Report, and highlights key themes, including preventative security measures, automation, and engineering-first compliance.  According to the report, within the next two years, all but 1% of security breaches will be caused by misconfiguration of cloud resources. Josh and his team at Fugue aim to minimize these mistakes by simplifying cloud security through a systems-based approach. One way to streamline security, Josh notes, is to take advantage of automation. With cloud environments becoming increasingly complex, relying on pure knowledge will soon be untenable. Josh urges business leaders to embrace automation to reduce the risk of human error in their security systems.  Josh also discusses how businesses can declutter security tech stacks, the “land grab” happening in the cloud, and trends he predicts will shape the future of cloud compliance.  Featured Guest

In this episode of TCP Talks, Justin Brodley and Jonathan Baker talk with Miles Ward, the founder of the Google Cloud's Solutions Architecture practice. Currently, Miles leads the cloud strategy and solutions capabilities as the Chief Technology Officer for consulting and IT services company SADA. Startups have helped increase the popularity of open source products among enterprise businesses. Changing systems can be a struggle for larger, more traditional companies. But legacy businesses also want to accomplish more in a shorter amount of time, which requires shedding clunky, legacy systems.  “Those building blocks make it so that companies operate at a certain rate of change. And I know zero companies asking me to slow down their rate of change,” he notes.  The evolution of product compatibility is also discussed.  Product sellers need to help customers understand how much of their system fits and how much doesn't fit in one solution compared to another, Miles says. Customers need to have a clear understanding of what's involved and how much work it's going to be.   In addition, Miles shares his thoughts on the role of the CTO as well as the benefits of rebranding a product everybody hates. Featured Guest

Note: This interview is part of a paid sponsorship between Open Raven and The Cloud Pod.  In this TCP Talks episode, Justin Brodley and Jonathan Baker talk with Mark Curphey, Chief Product Office and Co-Founder of Open Raven, a fully integrated platform for security and privacy workflows. Featured Guest Name: Mark Curphey What he does: Mark is Chief Product Officer and Co-Founder of Open Raven. Where to find him: LinkedIn | Twitter Listen to Mark discuss the Open Raven strategy for protecting your data, the use of serverless workflows to scale to enormous workloads. Protecting your data and ensuring compliance using the Open Policy Agent – and more. Key Points Discover – Classify – Monitor – Protect “The cloud has moved in incredibly fast; security has been moved off to the side and as a result companies don't know where their data is, breaches are happening constantly, and these are the big things that get companies in the press.” Macie “Every single customer that we spoke to in the early stages said, a) It doesn't work b) It's ridiculously expensive, and c) It's only on s3 buckets. Well, whilst The Register is always reporting breaches of S3 buckets, my customer data is in RDS! That's a real piece of the problem for me; sure, it's popular, but I shouldn't just be thinking about trying to protect myself from getting on The Register.” Part of the challenge is that data is not one thing... I may have a name, I may have an address, I may have a card number. There are all sorts of different parameters, and the data could be stored in multiple ways. So you have the concept of like data adjacency; If I have a CCV number, and expiry date and name associated to it that might be something which is real. With Macie, even if you just use the straight matching techniques, you don't have control over the adjacency thing, so that's why a lot of the basic trivial cases get completely missed. Security at the edge? "If you are protecting data in the cloud, you have to wire the tools into the cloud to understand which IAM has access, which routes, which security groups can give you access? That's the only way to understand the context to protect it. You can't do it in some sort of edge device."  Getting started with Open Raven Visit openraven.com to get a 15 day trial. Spin up a SaaS instance and go play. “We already think we're a better choice than Macie, but don't think that's the end goal. Come partner with us, work with us on the end goal, because those are things that we love; solving massive, complex, and interesting problems.” https://www.openraven.com/thecloudpod

In this TCP Talks episode, Justin Brodley and Jonathan Baker talk with Forrest Brazeal, a Senior Manager at A Cloud Guru, a cloud education platform that has attracted more than two million students. A Cloud Guru offers full certification training and technical deep dives for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and more. Forrest talks about why companies need to invest in training to reap the benefits of “cloud fluency,” and how A Cloud Guru is contributing to cloud adoption success at Fortune 500 companies.  While discussing knowledge gaps, Forrest highlights how important it is to clearly identify which cloud services and knowledge areas you're going to become certified in to avoid missing important high level areas.  “Going through the certification training and prep really helps you to avoid those blind spots that will keep you from speaking effectively to the other teams that you work with,” says Forrest.  Featured Guest

Note: This interview is part of a paid sponsorship between Protera and The Cloud Pod.  In this TCP Talks episode, Justin Brodley and Jonathan Baker talk with Patrick Osterhaus, CTO and Founder of Protera Technologies, a preeminent provider for SAP and cloud managed services. Patrick discusses how the cloud, COVID-19, and work-from-home are influencing SAP and legacy enterprise software packages today, and Protera's goal to provide the very best SAP services available on the cloud. Covering issues around migration to SAP, Patrick takes the opportunity to reflect on Protera's history, while also addressing corporate IT integration. “We call this the transformation journey-site assessment, specific to each client's needs, looking beyond SAP to the SAP systems, we use a tool we call [Protera] FlexBridgeSM,” notes Patrick. Featured Guest Name: Patrick Osterhaus What he does: Patrick is CTO and Founder of Protera Technologies. Key quote: “The complexity of moving to public cloud is getting those non-cloud native applications into the cloud, and then looking at the transformation of those applications once they're in the cloud.” Where to find him: LinkedIn | Twitter  Key Takeaways The best way to prepare for cloud migration is what Patrick calls “the journey,” which involves a site assessment of the customer environment and understanding how everything on-premise, or in a hybrid environment, is working together. COVID-19 has accelerated migration to the cloud and has forced companies to plan their disaster recovery systems. Patrick says businesses aren't just thinking about their earpiece systems — the thinking extends to ancillary systems like CRMs and web access systems — “all these systems to be connected and have it fully available in the cloud as a backup.”  He adds, “We've seen a natural interest in what is good practice,” which is to have a protection plan for critical SAP applications. Working with many compliance-heavy industries, such as financial or military and defense clients, Protera stresses has learned the importance of not only application security, but also the physical security necessary around data centers. He says the discussing the real-world protection of data centers — “who owns the data, how it's governed, how it's protected” — is important to raise with the client.  Resources Here's what was mentioned in the episode ✔️ SAP: Systems in Application Products and Data Processing ✔️ "What is DevOps?": An AWS blog post explaining the DevOps model ✔️ Microsoft Azure: Cloud Computing Services ✔️ Amazon Redshift: Cloud Computing Services ✔️ Google Cloud Platform: Cloud Computing Services ✔️ DR system: Multi-cloud disaster recovery system ✔️ "What is SAP HANA?": A Protera blog post ✔️ SAP GUI: Used to initiate a session in a SAP server ✔️ "VDI Solutions": Virtual Desktop Infrastructure ✔️ AWS: Amazon Web Services ✔️ AWS Cloud Development Kit (CDK): An open-source development framework to model and provision cloud application resources ✔️ FlexBridgeSM: Protera FlexBridgeSM migration software ✔️ "Infrastructure as Code" (IaC): A Microsoft blog post describing the IaC managing model ✔️ “What is Hybrid Cloud?”: A Microsoft blog post defining what a hybrid cloud is ✔️ "What is the Public Cloud?": A Microsoft blog post defining the terms of the public cloud Top quotes in this episode [6:14] "And the big challenge with SAP, in my opinion, is they have such a tremendous customer base that is already running in their own data centers … and the challenges to make that transition. And being that they're not just the number of customers and the number of SAP systems each of those customers has, but just the tremendous volumes of data. And the dependency that their whole business has on SAP as the lifeblood of the organization, not just as the data itself, which is obviously very important." [13:29] “I joke, [making the cloud decision is like] the Coke versus Pepsi. It's the two challengers and people certainly have biases … people have very strong opinions on each side, and we try to satisfy [customers] as best we can. So we keep our certifications up on the providers, try to keep our team up [to date] with all the new developments, which in and of itself is always a challenge.” [16:38:] “You know, [competition between cloud providers] reminds me of the 90's when we had the browser wars in that it's every single week, there's a new feature. And, it's a very exciting time.”

In this TCP Talks episode, Justin Brodley and Jonathan Baker talk with Bart Castle, an AWS and cloud computing trainer and media personality. Bart works with IT training company CBT Nuggets and also does cloud-migration consulting projects.  Bart shares the patterns he seems based on training demand and also advises how to decide which certification to go for next. He discusses the importance of solving business problems that will help achieve the business' goals while retooling and transforming systems. "At this point in my career, every technical conversation that I have is always paired up with a business value conversation," he notes. But how should a data team shift focus to better solve business problems? He suggests looking for patterns. Uncovering patterns can help determine actionable steps to maximize efficiency and enable new business opportunities. Bart also discusses cloud computing trends, CloudFormation stacking, hybrid deployments, and containers. Featured Guest

In this TCP Talks episode, Justin Brodley and Jonathan Baker chat with Liz Rice, VP of open source engineering for Aqua Security, which provides tools to secure cloud-native deployments.  Liz describes Aqua's evolution over the years: From a provider of container security to its acquisition of CloudSploit and its development of open-source security solutions. Most customers are using cloud native software, and Aqua wants to secure those workloads and engage that community.  "As a business, we have to be where the discussions are. Having open-source tools that are genuinely useful gives us a good way to participate in that community," Liz explains.  In addition to her role at Aqua Security, she is the chair on the CloudNative Computing Foundation's (CNCF) Technical Oversight Committee. During the conversation, Liz gives an overview of how they handle projects. Key Takeaways

In this episode of TCP-Talks we chat with Amiram Shachar, founder and CEO of Spot, which aims to help its customers reduce complexity and compute costs by up to 90% in the AWS, GCP and Azure clouds. We talk about the impact on the spot pricing market, and the differences between the AWS, GCP and Azure approach to spot pricing and delivery, and whether customers are asking for multi cloud solutions. Amiram discusses the problems Spot solves, why they chose to partner with NetApp and reveal the mystery of the rebrand from Spotinst, then takes us on a deeper dive into Spot's Ocean, a Serverless Infrastructure Engine for Containers,.

This week Chris Riley DevOps Advocate for Splunk and Podcast Host of Developers Eating the World joins us. We ask the tough questions, like what is Observability exactly? We touch on the risk of robots taking my job, with AI-Ops, and if it is marketing buzzwords or a product. Plus the mad rush to SRE all the NOCs, because GOOGLE DOES IT and more on TCP-Talks. Twitter: https://twitter.com/hoardinginfo  Developers Eating the World Podcast

Josh Stella (twitter: @joshstella) joins us to talk about the state of cloud security. We discuss Fugue's new report, the complexity and challenges of IAM, and the most common cloud misconfiguration aren't always the ones you would expect. Fugue ensures cloud infrastructure stays in continuous compliance with enterprise security policies. Our solution identifies cloud infrastructure security risks and compliance violations and ensures that they are never repeated. Fugue provides baseline drift detection and automated remediation to eliminate data breaches, and powerful visualization and reporting tools to easily demonstrate compliance.

Jacques Chester author of Knative In Action and Principal engineer at Pivotal joins us to educate us on Knative.  Knative is an open-source tool to run functions as a service on top of Kubernetes and is gaining popularity in Kubernetes deployments.  Learn all about Knative, Kubernetes maturity, Googles involvement in Knative, and more. If you are are interested in checking out Knative in Action, I have a coupon code for you to save today on any Manning press publication including Knative in Action! https://www.manning.com/books/knative-in-action?query=Knative%20in%20Action  Code: podcloud20

One of the most exciting cloud computing technologies of the last few years is Serverless computing, whether it be via AWS Lambda, Azure Functions, GCP functions or technologies like K-Native. This week Jonathan and Justin talk to Ben Kehoe Chief Roboticist at iRobot and AWS Serverless hero. We ask Ben the burning questions about Serverless Computing, robotics, AWS and more! Listen today.

The most terrifying part of moving to the cloud isn't security, migration techniques or learning new infrastructure as code tools, it is managing that pesky cloud bill.  To some CFO's it might even be downright terrifying.  Join Jonathan and Justin as they talk about all things FinOps with Rob Martin from Apptio (formerly Cloudability) where they discuss cost management techniques, getting help via the Finops Foundation and more. A big thanks to TCP-Talks Sponsor: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning, and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure.

Justin Brodley and Jonathan Baker kick off our new TCP Talks bonus episodes with a chat with Mike Kelly, CTO at Blue Medora. Monitoring can be hard on-premises or in the cloud. As a result, it can be downright scary with multi-cloud strategies, hybrid cloud, and legacy tools. Bring order chaos, by centralizing the management of metrics and logs. From solving out of disk space alerts to building observability techniques, Stackdriver and Bindplane can help.  Adopting these practices and principals will help your Observability and SRE teams in the cloud.