Podcasts about Application development

  • 196PODCASTS
  • 388EPISODES
  • 29mAVG DURATION
  • 1MONTHLY NEW EPISODE
  • May 19, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about Application development

Latest podcast episodes about Application development

Grow Your Credit Union
Member Loyalty Starts Next to the Sugar

Grow Your Credit Union

Play Episode Listen Later May 19, 2025 30:02


Credit unions talk about being community-focused. But what if real connection meant showing up in the moments that matter, like when someone's buying groceries?In this episode of Grow Your Credit Union, host Joshua Barclay is joined by co-host Becky Reed and guest Jennifer Borowy, President and CEO of Michigan First Credit Union to talk about how mentorship can accelerate leadership, what lessons credit unions can borrow from banks, and whether in-store branches really drive growth.Also, we talked with Bradley Hickey, Manager of Application Development at American Airlines Federal Credit Union, to hear why CU Build is a must-attend for any credit union team looking to innovate from within.Register here: https://www.cubuild.org/register-nowFollow us on LinkedIn: https://www.linkedin.com/company/growyourcreditunion/

The Data Stack Show
238: What Every Developer Needs to Know About Microservices in 2025 with Mark Fussell, Founder & CEO at Diagrid

The Data Stack Show

Play Episode Listen Later Apr 23, 2025 52:21


Highlights from this week's conversation include:Mark's Background and Journey in Data (1:08)Mark's Time at Microsoft (5:33)Internal Adoption of Azure (9:20)Understanding Pain Points (11:06)Complexity in Software Development (13:15)Microservices Architecture Overview (17:15)Microservices vs. Monolith (22:08)Modernizing Legacy Applications (24:39)Dependency Management with Dapr (29:43)Infrastructure as Code (33:04)AI's Rapid Evolution and Vendor Changes (37:27)Language Models in Application Development (39:05)AI in Creative Applications (42:59)The Future of Backend Development (47:22)Streamlining Development Processes (49:29)Dapr as an Open Source Solution (51:11)Getting Started with Dapr and Parting Thoughts (51:39)The Data Stack Show is a weekly podcast powered by RudderStack, the CDP for developers. Each week we'll talk to data engineers, analysts, and data scientists about their experience around building and maintaining data infrastructure, delivering data and data products, and driving better outcomes across their businesses with data.RudderStack helps businesses make the most out of their customer data while ensuring data privacy and security. To learn more about RudderStack visit rudderstack.com.

SAP Cloud Platform Podcast
Episode 114: Configure and manage BTP landscape with your AI digital assistant – Joule within SAP BTP Cockpit

SAP Cloud Platform Podcast

Play Episode Listen Later Dec 24, 2024 28:47 Transcription Available


In this episode of SAP BTP Talk, December 2024, we will talk about how Joule – the AI copilot from SAP – truly understands your business. And when this intelligence is infused in SAP BTP Cockpit, how it transforms productivity and the way your teams work. Host Gaurav Dey interviews Kishore Vivekanandan, a product lead at SAP BTP, discussing Joule's role in making BTP administration more efficient and user-friendly. Our conversation delves into the advancements in AI, particularly interactive AI in business applications, with a focus on the new features of SAP BTP and Joule's integration. We also touch upon the learnings that the development team had from the beta program and how those insights have shaped the product roadmap.

The Data Exchange with Ben Lorica
Breaking the Cloud Barrier: How DBOS Transforms Application Development

The Data Exchange with Ben Lorica

Play Episode Listen Later Dec 19, 2024 36:02


Qian Li and Peter Kraft, co-founders at DBOS, Inc., a startup that's building a serverless platform for building highly reliable applications. We dive into DBOS, a system built on Postgres that addresses workflow management and application durability.Subscribe to the Gradient Flow Newsletter:  https://gradientflow.substack.com/Subscribe: Apple • Spotify • Overcast • Pocket Casts • AntennaPod • Podcast Addict • Amazon •  RSS.Detailed show notes - with links to many references - can be found on The Data Exchange web site.

Tech Barometer – From The Forecast by Nutanix
Cloud native technologies driving AI application development

Tech Barometer – From The Forecast by Nutanix

Play Episode Listen Later Dec 13, 2024 9:32


In this video interview, Nutanix cloud native technology expert Dan Ciruli describes the trends and technologies powering an explosion in...[…]

Connected Social Media
Cloud native technologies driving AI application development

Connected Social Media

Play Episode Listen Later Dec 13, 2024 9:32


In this video interview, Nutanix cloud native technology expert Dan Ciruli describes the trends and technologies powering an explosion in...[…]

The Six Five with Patrick Moorhead and Daniel Newman
A Decade of AWS Lambda—Leading the Future of Serverless Computing - Six Five On The Road at AWS re:Invent

The Six Five with Patrick Moorhead and Daniel Newman

Play Episode Listen Later Dec 6, 2024 17:08


Join us on a serverless computing journey! Host Keith Townsend is with Amazon Web Services' Usman Khalid, Director, AWS Lambda on this episode of Six Five On The Road at AWS re:Invent. They look at a decade of evolution and what's in store for the future of serverless computing with AWS Lambda. Tune in for details

The Incident Report
Application Devemopment Trends - Ep85

The Incident Report

Play Episode Listen Later Dec 6, 2024 20:40


Welcome to The Incident Report! We discuss Application Development trends and how you can stand out in a crowded partner landscape. Don't miss this episode!   Join Adam Burke for Cybersecurity Sales Bootcamp Series Dec 18 – Selling Comprehensive Cybersecurity Packages – Risk Management   If you have questions or suggestions for the podcast, you can always email Paul and Adam at theincidentreport@questsys.com. Thanks for listening! The Incident Report is created by Quest Technology Management. With over 40 years of experience, Quest is a leading Technology Integrator, working seamlessly with your staff, and systems to achieve your IT goals. Learn more about everything they do at https://www.questsys.com.

SaaS Scaled - Interviews about SaaS Startups, Analytics, & Operations
Making Web Apps Scalable, Reliable, and Secure with Anurag Goel

SaaS Scaled - Interviews about SaaS Startups, Analytics, & Operations

Play Episode Listen Later Nov 25, 2024 35:56


Today, we're joined by Anurag Goel, Founder and CEO of Render, the modern cloud provider for all your apps and websites. We talk about:Why founders select a particular problem to solveWhat to focus on in each phase of growth, from product development to finance to peopleBarriers to entry to starting new cloud servicesThe importance of great customer service & building trust with users

The Six Five with Patrick Moorhead and Daniel Newman
Highlights from The Futurum Group's Mitch Ashley at OpenText World 2024 Las Vegas - Six Five On The Road

The Six Five with Patrick Moorhead and Daniel Newman

Play Episode Listen Later Nov 21, 2024 6:55


OpenText World '24 = entering a new era of human potential. The Futurum Group's Mitch Ashley, VP and Practice Manager, DevOps and Application Development, shares his analysis and recaps some key takeaways from OpenText World 2024 in Las Vegas.

ITSPmagazine | Technology. Cybersecurity. Society
Building Resilient Applications and APIs: The Importance of Security by Design to Ensure Data Protection | An Imperva Brand Story with Lebin Cheng

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Sep 25, 2024 36:47


In this Brand Story episode, hosts Sean Martin and Marco Ciappelli welcome Lebin Cheng from Imperva to discuss the ever-important topic of API security. As the head of the API security team at Imperva, Lebin Cheng offers a nuanced view into the challenges and solutions involved in protecting sensitive data facilitated by APIs. A central theme of the discussion revolves around API security's complexity due to APIs' role in digital transformation, cloud migration, and data integration. APIs act as a gateway for data interaction and integration, offering flexibility but also introducing significant security risks.Cheng underscores that as APIs provide open access to critical data, they become prime targets for sophisticated cyber threats. These threats exploit vulnerabilities in API deployments, making robust security measures indispensable. Cheng highlights the importance of securing APIs not as a one-time effort but as an ongoing process. He discusses how Imperva employs real-time monitoring and behavioral analysis to enhance API security. By establishing a baseline of what constitutes normal behavior, Imperva can quickly detect and respond to anomalies. This approach goes beyond traditional, static security measures, which often fall short against dynamic threats that evolve alongside technology.Additionally, the conversation touches on the notion of 'security by design.' Cheng advocates for integrating security considerations from the earliest stages of API development. This results in more resilient applications capable of withstanding sophisticated attacks. The discussion also notes the growing trend of DevSecOps, which emphasizes the collaboration between development, security, and operations teams to embed security throughout the software development lifecycle. Real-world applications of these principles are evident in various sectors, including open banking.Cheng explains how open banking initiatives, which allow smaller financial institutions to access larger banks' data via APIs, highlight the necessity of strong API security. A breached API could expose sensitive financial data, leading to significant financial and reputational damage. The hosts and Cheng also explore how Imperva's innovation in API security involves leveraging artificial intelligence and machine learning. These technologies help in identifying and mitigating potential risks by analyzing vast amounts of data to detect unusual patterns that might indicate a security threat.In closing, Cheng emphasizes the importance of continuous innovation and vigilance in the field of API security. He invites organizations to adopt a proactive stance, continuously updating their security measures to protect their data assets effectively. This episode serves as a compelling reminder of the critical role API security plays in today's interconnected digital world.Learn more about Imperva: https://itspm.ag/imperva277117988Note: This story contains promotional content. Learn more.Guest: Lebin Cheng, VP, API Security, Imperva [@Imperva]On LinkedIn | https://www.linkedin.com/in/lebin/ResourcesLearn more and catch more stories from Imperva: https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Redefining CyberSecurity
Building Resilient Applications and APIs: The Importance of Security by Design to Ensure Data Protection | An Imperva Brand Story with Lebin Cheng

Redefining CyberSecurity

Play Episode Listen Later Sep 25, 2024 36:47


In this Brand Story episode, hosts Sean Martin and Marco Ciappelli welcome Lebin Cheng from Imperva to discuss the ever-important topic of API security. As the head of the API security team at Imperva, Lebin Cheng offers a nuanced view into the challenges and solutions involved in protecting sensitive data facilitated by APIs. A central theme of the discussion revolves around API security's complexity due to APIs' role in digital transformation, cloud migration, and data integration. APIs act as a gateway for data interaction and integration, offering flexibility but also introducing significant security risks.Cheng underscores that as APIs provide open access to critical data, they become prime targets for sophisticated cyber threats. These threats exploit vulnerabilities in API deployments, making robust security measures indispensable. Cheng highlights the importance of securing APIs not as a one-time effort but as an ongoing process. He discusses how Imperva employs real-time monitoring and behavioral analysis to enhance API security. By establishing a baseline of what constitutes normal behavior, Imperva can quickly detect and respond to anomalies. This approach goes beyond traditional, static security measures, which often fall short against dynamic threats that evolve alongside technology.Additionally, the conversation touches on the notion of 'security by design.' Cheng advocates for integrating security considerations from the earliest stages of API development. This results in more resilient applications capable of withstanding sophisticated attacks. The discussion also notes the growing trend of DevSecOps, which emphasizes the collaboration between development, security, and operations teams to embed security throughout the software development lifecycle. Real-world applications of these principles are evident in various sectors, including open banking.Cheng explains how open banking initiatives, which allow smaller financial institutions to access larger banks' data via APIs, highlight the necessity of strong API security. A breached API could expose sensitive financial data, leading to significant financial and reputational damage. The hosts and Cheng also explore how Imperva's innovation in API security involves leveraging artificial intelligence and machine learning. These technologies help in identifying and mitigating potential risks by analyzing vast amounts of data to detect unusual patterns that might indicate a security threat.In closing, Cheng emphasizes the importance of continuous innovation and vigilance in the field of API security. He invites organizations to adopt a proactive stance, continuously updating their security measures to protect their data assets effectively. This episode serves as a compelling reminder of the critical role API security plays in today's interconnected digital world.Learn more about Imperva: https://itspm.ag/imperva277117988Note: This story contains promotional content. Learn more.Guest: Lebin Cheng, VP, API Security, Imperva [@Imperva]On LinkedIn | https://www.linkedin.com/in/lebin/ResourcesLearn more and catch more stories from Imperva: https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

ILTA
#0041: (CCT) Data Dilemmas: From Hygiene to Ownership to the Rise of AI

ILTA

Play Episode Listen Later Sep 18, 2024 19:05


Ever wondered where your data lives, who's in charge of it, and how it should be managed? Join us as we dive into the wild world of Information Governance with a sprinkle of fun and a dash of expertise!  In this episode, we unraveled the mysteries of data hygiene—because clean data is happy data! We chatted about privacy functions and how they dance with legal and security realms. Plus, we tackled the big question: Who really owns your data? Is it Operations, IT, or someone else entirely?  But wait, there's more! We explored the exciting frontier of AI tools and how they could impact governance. And let's not forget the business case for tidying up that unstructured data clutter—because who doesn't love a good data makeover? Finally, we'll help you strike the perfect balance between keeping data accessible and maintaining order. Tune in for a lively discussion that'll leave you smarter and more entertained than ever before. Don't miss out—your data deserves this! Moderator: @Jack Recinto - Manager of Application Development, Vedder Price   Speaker: @Rebecca Sattin - Senior Director, Partner Success, NetDocuments  Recorded on 09-18-2024.

Paradigm Shift of Healthcare
Application Development for Older Adults with Jennifer Cain Birkmose

Paradigm Shift of Healthcare

Play Episode Listen Later Sep 17, 2024 33:59


Jennifer Cain Birkmose, co-founder and CEO of VivaValet, joins hosts Michael Roberts and Justin Bantuelle to discuss how medtech companies can develop applications that are user-friendly for elderly adults, or as she calls them, "olders." You might be surprised to learn that older adults actually DO want to use apps to maintain their independence, but user-friendliness goes beyond just making the fonts larger. Jennifer explains how companies can best help this underserved population. Hosted on Acast. See acast.com/privacy for more information.

Wickedly Smart Women
SHEQONOMI and Beyond with Anu Bhardwaj - Ep.289

Wickedly Smart Women

Play Episode Listen Later Sep 11, 2024 30:33


In this episode of Wickedly Smart Women, host Anjel B Hartwell engages in a compelling conversation with Anu Bhardwaj, founder of the State of Women Institute and SHEQONOMI.   Anu shares her inspiring journey, starting from a radio show to creating a multi-platform app aimed at economically empowering women worldwide. Despite the challenges of the COVID-19 pandemic, limited technology, and high costs, Anu's perseverance led to the development of an innovative application now accessible in 175 countries.   Tune in to learn about SHEQONOMI's mission to support the bottom billion people, the unique fundraising challenges, and the future plans to amplify women's voices through podcasting and digital content. Don't miss out on this motivating episode filled with practical wisdom, heartfelt stories, and a vision for a more inclusive world. What You Will Learn  1. How did the diverse backgrounds of the attendees at the Blockchain on the Beach event reflect the mission of Women Investing in Women and Girls? 2. What impact do you think having young cohosts on the original radio show had on its success and evolution? 3. How did the shift from a radio show to an application with a linked crypto wallet during COVID change user engagement and accessibility? 4. What are some of the unique challenges faced by Anu's team in developing their app in a village with limited technology, and how were these overcome? 5. How important is community support, as mentioned during Anjel's break in the podcast, in sustaining long-term projects like SHEQONOMI? 6. Discuss the concept of SHEQONOMI. How does this platform aim to empower women economically, and why is this important? 7. Anu used her daughter's college savings to fund SHEQONOMI. What does this decision say about her commitment, and what lessons can be learned from this act of belief? 8. Despite numerous rejections, Anu's team eventually secured significant grants. How does this tenacity reflect on the broader challenges of funding social enterprises? 9. Given the high costs of technology and connectivity, what are some ways SHEQONOMI is making its content and technology accessible to those living on less than $5 a day? 10. What insights can be drawn from Anu's approach to investor relations and her future goals for SHEQONOMI? How important is strategic advice, like that from Harvard lawyers, in shaping the growth and direction of her projects? Connect with Anu Bhardwaj Anu Bhardwaj on LinkedIn SHEQONOMI's Website Resources Wickedly Smart Women: Trusting Intuition, Taking Action, Transforming Worlds by Anjel B. Hartwell Connect with Anjel B. Hartwell Wickedly Smart Women Wickedly Smart Women on X Wickedly Smart Women on Instagram Wickedly Smart Women Facebook Community Wickedly Smart Women Store on TeePublic The Wealthy Life Mentor The Wealthy Life Mentor on Facebook Listener Line (540) 402-0043 Ext. 4343  Email listeners@wickedlysmartwomen.com

Technology for Business
What are Development Services?

Technology for Business

Play Episode Listen Later Sep 11, 2024 24:24


Dive into the world of Development Services in this episode, where Jim, our Development Manager, and Cole, a Power Platform Developer, explore the many advantages of CIT's Application Development services. From the specifics of API integrations and workflow optimizations to the bigger picture of efficiency gains and error reduction, our experts explain how tailored solutions can transform your business. Discover how agile development helps align technology with your unique needs, reduces the risks of manual processes, and boosts efficiency through automation. Whether you're just starting with custom development or looking to improve existing systems, this episode offers valuable insights into driving business growth through technological innovation.Resources: https://www.cit-net.com/solutions/software-and-applications/https://www.cit-net.com/the-power-of-application-development/https://make.powerapps.com/

The Six Five with Patrick Moorhead and Daniel Newman
Building Generative AI Applications with Serverless - Six Five Webcast - AWS Serverless Series

The Six Five with Patrick Moorhead and Daniel Newman

Play Episode Listen Later Sep 9, 2024 24:31


On this episode of the Six Five Webcast - AWS Serverless Series,  hosts Daniel Newman and Patrick Moorhead are joined by Amazon Web Services' Uma Ramadoss and Eric Johnson, Principal Solutions Architect, and Principal Developer Advocate, respectively. Together, we dive into the fascinating world of Building Generative AI Applications with Serverless technology, shedding light on the advancements and best practices facilitated by AWS. Their discussion covers: The foundational elements of generative AI applications in a serverless environment Key benefits and challenges associated with building AI applications without server limitations. Real-world examples of how businesses are leveraging AWS serverless solutions for generative AI. Best practices and tips for developers starting with serverless AI applications. Future directions for generative AI and serverless computing with AWS.  

Federal Tech Podcast: Listen and learn how successful companies get federal contracts
Ep. 175 Technical debt, code abstraction, and federal application development

Federal Tech Podcast: Listen and learn how successful companies get federal contracts

Play Episode Listen Later Aug 29, 2024 21:25


 Want to make the most out of your next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Every software developer knows about the meeting in February 2011 at a skiing lodge in Utah. Seventeen people met to produce the “Agile Software Manifesto.” Large software projects were falling left and right. This was a group of experienced developers who thought interaction and flexibility were keys to producing complex code effectively. They introduce concepts like iteration and technical debt to the general audience. Twenty- three years later we see a distortion of these concepts in the federal government's approach to software development. They may launch an application quickly and suboptimal, and then expect to iterate. However, this process has been distorted to a point where 70% of the federal IT budget is spent on this “iteration” under the guise of Operations and Maintenance. Today, we sat down with Sonny Hashimi, the Head of Global Sector for Unquirky. He has experience in the commercial world as well as the federal government. His last federal title was Commissioner, Federal Acquisition Service for the GSA. He has seen this flawed software development strategy from many angles. He suggests that proprietary software should be replaced by open-source methods that will allow for rapid change in code. That way, patches, and changes in direction of application development can be accomplished in a timely manner. This change would free up millions of dollars to accomplish improvements in federal systems. Listen to hear his diagnosis of the problem and the options he provides.

The CMO Podcast
Penn State Panel | Dana H. Born (US Air Force), Wanda Bryant Hope (Johnson & Johnson), and Paula Garcia Todd, (IFF)

The CMO Podcast

Play Episode Listen Later Aug 21, 2024 65:00


For this week's episode, The CMO Podcast returns to Penn State University–Jim's MBA alma mater–for a live panel discussion on authentic leadership. This panel wrapped up another successful annual Alumni Leadership Connections Conference in Happy Valley. Joining Jim on stage for the Authentic Leadership panel are three fellow alumnae:Dana H. Born, Faculty Chair of Harvard Kennedy School & a Retired Brigadier General of the US Air ForceWanda Bryant Hope, Chief Diversity, Equity & Inclusion Officer for Johnson & Johnson.Paula Garcia Todd, Application Development and Innovation Director for IFF, a 130-year-old world leader in food, beverage, scent, home, personal care, and healthWith a mix of Jim's queries and questions from the alumni and student audience, the panelists chatted about imposter syndrome, personal legacies, mentorship, and advice for those looking forward. Tune in for a happy conversation in Happy Valley Pennsylvania.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Futurum Tech Podcast
Outsourcing Skill Gaps | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jul 30, 2024 16:09


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by Guy Currier, VP & CTO of Visible Impact at The Futurum Group and Scott King, Managing Partner at Sprinter Associates for a discussion on the impacts of outsourcing skill gaps. Our conversation covers: Challenges and complexity, tech stack issues, and the impacts of skill gap issues 34% of organizations indicated that they would like to use managed services  How vendors enable service delivery partners and enable them   These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

ServiceNow Podcasts
ServiceNow Federal Forum 2024: Aligning Federal Operations To Get To Outcomes Faster and Improve EX

ServiceNow Podcasts

Play Episode Listen Later Jul 26, 2024 34:16


Prioritizing employee experience in the Federal government is a strategic imperative for achieving organizational goals, delivering quality public services, and attracting and retaining top talent. To help rebuild, empower, and support the Federal workforce, agencies need solutions to align operations and get to outcomes faster. This conversation will discuss the most recent collaboration efforts between ServiceNow and the government, as well as highlight real-world examples of technology helping agencies improve organization-wide employee services across IT, HR, and Facilities.Featured Speakers: • Pamela Graulich, Manager Solution Consulting for Federal, ServiceNow• Bill Daniels, Director of Application Development and Digital Services, Office of the Secretary, Department of Commerce• Steve Krauss, Senior Advisor for the HR Quality Services Management Office and HR Line of Business, Office of Personnel Management• Liz Persell, Director of Human Resources Information Systems, U.S. International Development Finance CorporationClick here to view the on-demand recordingSee omnystudio.com/listener for privacy information.

Futurum Tech Podcast
How CIOs are Managing the Cost of DevOps | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jul 23, 2024 15:48


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by Alan Shimel, CEO and President of TechStrong Group, and Stephen Foskett, President of Tech Field Day, for a discussion on impacts of how CIOs are managing the cost of DevOps. Our conversation covers: Past, present, and future applications 24% of organizations have a desire to release code on an hourly basis, but yet, only 8% are able to do so. Re-internalization of IT and managing the cost  

Futurum Tech Podcast
Red Hat Virtualization and AI Impacts on DevOps | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jul 15, 2024 17:39


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by Senior Director of Market Insights, Hybrid Platforms at Red Hat, Stuart Miniman, for a discussion on Red Hat Virtualization and AI Impacts on DevOps Our conversation covers: Highlights of Red Hat Summit Impacts of Virtualization and AI on the market Additions of Lightspeed into RHEL and OpenShift expanding on Ansible  

Futurum Tech Podcast
Mezmo Data Management, Observability, and Getting Value Out of Telemetry Data | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jul 9, 2024 15:07


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by Tucker Callaway, CEO of Mezmo, for a discussion on Mezmo Data Management, Observability, and getting real value out of telemetry data. Our conversation covers: What Mezmo Data Management is. The fact that 52% of organizations use 6 to 15 different tools in observability. Why DevOps or application developers are creating logging capabilities .  

Futurum Tech Podcast
Catchpoint IPM, Internet Traffic and Application Availability | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jul 1, 2024 15:03


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by Catchpoint's Mehdi Daoudi, CEO and Brandon DeLap, Senior Solutions Engineer for a discussion on Catchpoint IPM, Internet traffic and application availability. Our conversation covers: What is Catchpoint and the impacts to Internet performance monitoring  What is resilience and the ability to know that you're going to have a problem and that you can recover from that problem Modernization of applications. Moving away from control the server, to control the code  

Futurum Tech Podcast
Impacts to DevSecOps as it Relates to the Software Release Cycles | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jun 26, 2024 15:41


On this episode of DevOps Dialogues: Insights & Innovations, host Paul Nashawaty is joined by Jack Poller of Paradigm Technica and Mitch Ashley, analyst and founder of Techstrong Research and Chief Technology Advisor at The Futurum Group, for a discussion on the SDLC and the impacts of security as it is integrated into the pipeline. Their discussion covers: How security is not just security Security as a bolt-on afterthought Impacts to DevSecOps as it relates to the software release cycles  

The Six Five with Patrick Moorhead and Daniel Newman
Staying Secure while Innovating Fast with AWS Serverless Compute

The Six Five with Patrick Moorhead and Daniel Newman

Play Episode Listen Later Jun 24, 2024 20:09


On this episode of the Six Five Webcast - AWS Serverless Series, Keith Townsend is joined by Amazon Web Services' AWS Lambda Usman Khalid and Spencer Dillard for a conversation on leveraging AWS Serverless technologies to achieve rapid innovation without compromising security. Their discussion covers: The advantages of the Serverless operating model versus traditional application development Common security challenges in modern application development and how AWS addresses these The shared responsibility model for securing Serverless applications on AWS Built-in protections provided by AWS Serverless services like AWS Lambda and Amazon ECS with AWS Fargate How the ephemeral nature of Serverless resources contributes to security  

Futurum Tech Podcast
Google Cloud AI Impact to Application Modernization | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jun 18, 2024 14:48


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by serverless product management team lead at Google, Steren Giannini, for a discussion on Google Cloud AI and the impacts on application modernization. Our conversation covers: The impact of Gen AI applications Refactoring all applications to leverage AI models Kubernetes to migrate to the Cloud, getting started with Cloud Run These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

The Six Five with Patrick Moorhead and Daniel Newman
Pega's Vision for AI and How Blueprint is Changing the World of Application Development - Six Five On the Road

The Six Five with Patrick Moorhead and Daniel Newman

Play Episode Listen Later Jun 17, 2024 16:13


On this episode of the Six Five On the Road, host Keith Kirkpatrick is joined by Pega's Matt Healy, Director of Product Marketing, Intelligent Automation for a conversation on how Pega's innovative approach to AI and application development is reshaping industries. Their discussion covers: The evolving role of AI in application development How Pega's Blueprint technology stands out in the market Real-world impacts of Pega's intelligent automation The future vision of AI and automation at Pega Challenges and opportunities in implementing AI solutions in businesses   #Pegaworld #Pegasystems #Pega #AI #BlueprintTechnology #appdevelopment #TheSixFiveOnTheRoad #KeithKirkpatrick #MattHealy #technology

ITSPmagazine | Technology. Cybersecurity. Society
Practical Privacy by Design - Building Secure Applications that Respect Privacy | An OWASP AppSec Global Lisbon 2024 Conversation with Kim Wuyts and Avi Douglen | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 14, 2024 32:20


Guests: Kim Wuyts, Manager Cyber & Privacy, PwC Belgium [@PwC_Belgium]On LinkedIn | https://www.linkedin.com/in/kwuyts/On Twitter | https://twitter.com/WuytskiOn Mastodon | https://mastodon.social/@kimwAvi Douglen, CEO / Board of Directors, Bounce Security & OWASPOn LinkedIn | https://www.linkedin.com/in/avidouglen/On Twitter | https://twitter.com/sec_tigger____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, host Sean Martin offers a deep dive into the OWASP AppSec Lisbon event, engaging in a meaningful conversation with Kim Wuyts and Avi Douglen. Sean starts by setting the stage for an insightful discussion focused on privacy, security, and the integration of both in modern application development.Kim Wuyts, a Cyber and Privacy Manager at PwC Belgium, shares her journey from a security researcher to a privacy engineering expert, emphasizing the importance of privacy threat modeling and the intricate balance between security and privacy. She explains how privacy not only strengthens security but also involves complex considerations like legal, ethical, and technological aspects. Kim highlights the need for companies to adopt privacy by design, ensuring data is used with care and transparency, rather than merely being collected and stored.Avi Douglen, Lead Consultant at Bounce Security, brings his experience in threat modeling to the conversation, recounting his learning curve in understanding the depths of privacy beyond mere confidentiality. He speaks about the importance of educating security engineers on privacy considerations and using value-driven security to protect stakeholders' interests. Avi stresses that privacy and security should be integrated from the beginning of the application development process to avoid clashes and ensure robust, privacy-respecting systems.Throughout the discussion, the guests delve into various privacy engineering practices, including data minimization, the handling of meta-information, and the potential conflicts between security requirements and privacy needs. They touch on real-world scenarios where privacy can enhance overall security posture and how privacy engineering aligns with compliance requirements such as GDPR.Sean, Kim, and Avi also explore the concept of architectural data mapping and selecting the right components for privacy. They discuss the evolving skill set required for privacy engineering and how integrating privacy with existing security practices can add significant value to any organization.The episode concludes with a look at the upcoming training session at the OWASP AppSec event in Lisbon, emphasizing the need for a diverse audience, including security engineers, privacy professionals, and developers. This session aims to foster a collaborative environment where participants can expand their knowledge and apply practical privacy by design principles in their work.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube:

Redefining CyberSecurity
Practical Privacy by Design - Building Secure Applications that Respect Privacy | An OWASP AppSec Global Lisbon 2024 Conversation with Kim Wuyts and Avi Douglen | On Location Coverage with Sean Martin and Marco Ciappelli

Redefining CyberSecurity

Play Episode Listen Later Jun 14, 2024 32:20


Guests: Kim Wuyts, Manager Cyber & Privacy, PwC Belgium [@PwC_Belgium]On LinkedIn | https://www.linkedin.com/in/kwuyts/On Twitter | https://twitter.com/WuytskiOn Mastodon | https://mastodon.social/@kimwAvi Douglen, CEO / Board of Directors, Bounce Security & OWASPOn LinkedIn | https://www.linkedin.com/in/avidouglen/On Twitter | https://twitter.com/sec_tigger____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, host Sean Martin offers a deep dive into the OWASP AppSec Lisbon event, engaging in a meaningful conversation with Kim Wuyts and Avi Douglen. Sean starts by setting the stage for an insightful discussion focused on privacy, security, and the integration of both in modern application development.Kim Wuyts, a Cyber and Privacy Manager at PwC Belgium, shares her journey from a security researcher to a privacy engineering expert, emphasizing the importance of privacy threat modeling and the intricate balance between security and privacy. She explains how privacy not only strengthens security but also involves complex considerations like legal, ethical, and technological aspects. Kim highlights the need for companies to adopt privacy by design, ensuring data is used with care and transparency, rather than merely being collected and stored.Avi Douglen, Lead Consultant at Bounce Security, brings his experience in threat modeling to the conversation, recounting his learning curve in understanding the depths of privacy beyond mere confidentiality. He speaks about the importance of educating security engineers on privacy considerations and using value-driven security to protect stakeholders' interests. Avi stresses that privacy and security should be integrated from the beginning of the application development process to avoid clashes and ensure robust, privacy-respecting systems.Throughout the discussion, the guests delve into various privacy engineering practices, including data minimization, the handling of meta-information, and the potential conflicts between security requirements and privacy needs. They touch on real-world scenarios where privacy can enhance overall security posture and how privacy engineering aligns with compliance requirements such as GDPR.Sean, Kim, and Avi also explore the concept of architectural data mapping and selecting the right components for privacy. They discuss the evolving skill set required for privacy engineering and how integrating privacy with existing security practices can add significant value to any organization.The episode concludes with a look at the upcoming training session at the OWASP AppSec event in Lisbon, emphasizing the need for a diverse audience, including security engineers, privacy professionals, and developers. This session aims to foster a collaborative environment where participants can expand their knowledge and apply practical privacy by design principles in their work.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube:

Futurum Tech Podcast
Intersection of DevOps, Platform Engineering, and SREs | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Jun 3, 2024 25:16


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by CTO Advisor and Signal65 Analyst, Alastair Cooke, for a discussion on the Intersection of DevOps, Platform Engineering, and SREs Our conversations cover: DevOps for Continuous Evolution Platform Engineering Orchestrating Infrastructure for Innovation Site Reliability Engineers Are Bridging the Gap The Importance of Each Practice Area These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

The Six Five with Patrick Moorhead and Daniel Newman
Infinidat and The Future of Enterprise Storage, Cyber Storage Resilience, and Hybrid Multi-cloud Storage

The Six Five with Patrick Moorhead and Daniel Newman

Play Episode Listen Later Jun 3, 2024 27:35


In this episode of The Six Five Webcast, host Paul Nashawaty welcomes Infinidat's Eric Herzog, CMO to discuss the future of enterprise storage, cyber storage resilience, and hybrid multi-cloud storage. Their conversation covers: Infinidat G4 Storage platforms Cyber Storage Resilience and Recovery InfiniSafe Advanced Cyber Protection (ACP) InfiniSafe Cyber Detection for VMware Environments InfiniVerse Infrastructure Consumption Software Control Plane InfuzeOS Cloud Edition for Microsoft Azure and Amazon AWS   

Workday Podcast
DevTalk: Strategies for Enhancing Application Development

Workday Podcast

Play Episode Listen Later May 16, 2024 32:38


In this episode of Workday DevTalk, Workday's head of developer relations Chris Bledsoe engages in conversation with Jason Miller, the lead software engineer at Chevron. Together, they explore the intersection of technology, innovation, and collaboration in the realm of application development. Their discussion highlights the challenges and triumphs of adopting new technologies and emphasizes the significance of teamwork to develop successful solutions. https://blog.workday.com/en-us/2024/workday-devtalk-strategies-enhancing-application-development.html

Digital Transformation Podcast
Integrating AI with No-Code Application Development Tools

Digital Transformation Podcast

Play Episode Listen Later May 16, 2024 29:28


Dmitry Shapiro, CEO at MindStudio, discusses the integration of Artificial Intelligence with no-code application development tools. Dmitry is dedicated to revolutionizing AI integration with no-code tools and MindStudio allows enterprise teams to build custom AI applications with no coding required. Host, Kevin Craine Do you want to be a guest? DigitalTransformationPodcast.net/guest

Futurum Tech Podcast
Impacts of Quantum Computing on DevOps and AppDev | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later May 15, 2024 26:22


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by VP and Practice Lead, Bob Sutor, for discussion of the impacts of quantum computing on AI, DevOps and AppDev. Our conversation covered: What quantum software development is, what people use as their SDK, the platform, rise of Rust with a Python wrapper and WASM Quantum, AI and AppDev overlap and market space, including qualification TEV, ROI and the economic models Why this is important, and why prospects should care  How this relates to the topics of quantum, DevOps, AI, AppDev, etc These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

COMPRESSEDfm
175 | Designing Infrastructure for Product Engineers

COMPRESSEDfm

Play Episode Listen Later May 14, 2024 53:34


In this episode, James Quick and Amy Dutton chat with James Cowling, co-founder of Convex, about designing infrastructure for product engineers. James explains the innovative features of Convex, including its JavaScript-based queries and real-time data subscriptions, and compares it to Firebase. They also discuss the challenges of edge computing, the importance of user state, and the role of AI in modern development.Show Notes[00:00:00] - Introduction to the Episode[00:01:00] - James Cowling's Background and Convex OverviewConvex[00:01:52] - Deep Dive into Convex[00:05:29] - User State and Application Development[00:07:05] - Challenges of Edge Computing[00:09:53] - Automatic Caching and Real-Time Updates[00:13:22] - AI and Backend Integration[00:17:01] - Leveraging AI in Applications[00:21:11] - Convex's Infrastructure and Technology[00:25:28] - Comparisons with Other Platforms[00:30:03] - Server Rendering and Data Storage[00:33:19] - Physical Challenges in Data Centers[00:37:04] - Cost Efficiency and Cloud Platforms[00:40:56] - Final Thoughts on Infrastructure[00:43:30] - Picks and Plugs Introduction[00:44:11] - James Cowling's Picks and Plugs[00:45:41] - Amy Dutton's Picks and Plugs[00:48:28] - James Quick's Picks and Plugs

Modern Web
Modern Web Podcast S12E05- Local-First Application Development is Back? with Dev Agrawal

Modern Web

Play Episode Listen Later May 10, 2024 43:06


Dev Agrawal talks about the newfound interest in building 'local first' applications, which is often seen as an outdated paradigm. With Rob Ocel, he discusses how these apps prioritize user devices as the primary data source, allowing for offline access and user control. The conversation highlights the benefits of local-first architecture in creating personalized experiences and seamless synchronization, and the importance of data ownership and Conflict-free Replicated Data Types (CRDTs) for collaborative environments. They also discuss what meta frameworks are ideal for local-first development, signals, and server components. Sponsored by This Dot. Watch this episode on YouTube. Read more on our blog.  

Modern Web
Modern Web Podcast S12E05- Local-First Application Development is Back with Dev Agrawal

Modern Web

Play Episode Listen Later May 9, 2024 40:04


Dev Agrawal talks about the newfound interest in building 'local first' applications, which is often seen as an outdated paradigm. With Rob Ocel, he discusses how these apps prioritize user devices as the primary data source, allowing for offline access and user control. The conversation highlights the benefits of local-first architecture in creating personalized experiences and seamless synchronization, and the importance of data ownership and Conflict-free Replicated Data Types (CRDTs) for collaborative environments. They also discuss what meta frameworks are ideal for local-first development, signals, and server components. Sponsored by This Dot Watch this episode on our YouTube Channel Read more on our blog

Smart Software with SmartLogic
"Keeping it Fresh" with Bilal Hankins and Anna Dorigo

Smart Software with SmartLogic

Play Episode Listen Later Apr 25, 2024 36:00


In Office Hours Episode 6, SmartLogic Developers Anna Dorigo and Bilal Hankins join Elixir Wizards Sundi and Dan to discuss their experiences maintaining a decade-old Ruby on Rails codebase. They delve into the critical importance of deeply understanding the codebase, keeping dependencies current, and adapting to the original application's evolving priorities and design choices. The conversation spans a range of topics, including accessibility, testing, monitoring, and the challenges of deploying database migrations in production environments. The guests share effective strategies for sustaining and enhancing older codebases, such as employing automated tools, performing code audits, and adhering to clean coding principles. Key topics discussed in this episode: Grasping the legacy codebase and its historical context Overcoming accessibility issues in older applications Safe dependency management and upgrades The effects of application scaling on database performance The critical role of comprehensive test suites in legacy systems Using tools like Sentry for error tracking and performance monitoring The benefits of automated security and dependency scans Juggling client needs with budget constraints Local simulation techniques for large datasets The value of iterative code reviews and maintaining clean code Utilizing git history for contextual understanding Onboarding strategies for legacy projects Removing obsolete code and avoiding "magic numbers" Importance of descriptive naming for better code clarity Leveraging a rich repository of example code for learning and reference Proactive code audits to anticipate issues Managing pull request sizes for smoother reviews Communicating effectively about upgrades and potential impacts Strategies for handling large databases efficiently Ensuring thorough test coverage Keeping open lines of communication with clients regarding ongoing maintenance Links mentioned: COBOL programming language https://developer.ibm.com/languages/cobol/ Ruby on Rails https://rubyonrails.org/ ARIA Rules (Accessible Rich Internet Applications) https://www.w3.org/TR/using-aria/ Shawn Vo on Elixir as a Competitive Advantage https://smartlogic.io/podcast/elixir-wizards/s5e5-vo/ Bundler Audit Ruby Gem https://rubygems.org/gems/bundler-audit/ Sentry application monitoring and error tracking software  https://sentry.io/ Dependabot Github automated dependency updates Mix hex.audit https://hexdocs.pm/hex/Mx.Tasks.Hex.Audit.html Git Blame https://git-scm.com/docs/git-blame Cow hoof trimming videos - The Hoof GP on YouTube (TW graphic imagery) Special Guests: Anna Dorigo and Bilal Hankins.

Futurum Tech Podcast
Chronosphere partnership with CrowdStrike and the recent acquisition of Calyptia | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Apr 23, 2024 14:30


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by Chronosphere's CEO, Martin Mao, for discussion of the partnership with CrowdStrike and the recent acquisition of Calyptia. Our discussion covers: Chronosphere recently unveiled “Logs powered by CrowdStrike,” a comprehensive log storage and visualization solution, and how embedding CrowdStrike Falcon LogScale within Chronosphere's cloud-native observability platform helps clients Chronosphere's recently acquisition of Calyptia, founded by the original creators of the Fluent Ecosystem What's next for Chronosphere, and the next sets of advancements in the observability and security space Cloud native coming off Kubecon These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

Futurum Tech Podcast
Impacts of AI & GenAI to DevOps | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Apr 16, 2024 21:34


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by The Futurum Group's Stephen Foskett and Keith Townsend, for a conversation on the impact of AI and Generative AI on DevOps, application modernization, and innovative development methodologies. The discussion covers: How the integration of AI, including Generative AI (GenAI), has impacted the efficiency and effectiveness of DevOps practices within modern software development lifecycles Specific examples where AI technologies have enhanced or optimized DevOps processes such as continuous integration, continuous deployment, and automated testing The challenges when implementing AI/GenAI within DevOps frameworks, and how can organizations address issues related to transparency, accountability, and bias in AI-driven decision-making Ways that AI contributes to the evolution of DevOps culture, collaboration, and cross-functional team dynamics, particularly in environments focused on agility and innovation How AI-powered analytics and predictive capabilities influence decision-making processes in DevOps, including resource allocation, risk management, and performance optimization across development, testing, and deployment pipelines These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

Futurum Tech Podcast
How Plainsight Provides AI-powered Intelligence - Interview with CEO | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Apr 9, 2024 35:27


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by Plainsight's CEO, Kit Merker, for discussion of the impacts of AI and Generative AI on application modernization, and innovative development methodologies for overall business goals. Our conversation covers:  How Plainsight's integration of visual AI and data science distinguish its approach in the competitive Computer Vision market In what specific ways Plainsight addresses the challenges posed by the rapidly evolving landscape of Computer Vision technology How Plainsight prioritize customers' end-to-end business processes to ensure the success of their Computer Vision initiatives The evidence or examples demonstrate Plainsight's commitment to customer satisfaction and how has it contributed to the company's achievements in the field of Computer Vision These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

Futurum Tech Podcast
Exploring DevOps with Futurum's CEO | DevOps Dialogues: Insights & Innovations

Futurum Tech Podcast

Play Episode Listen Later Mar 26, 2024 18:36


On this episode of DevOps Dialogues: Insights & Innovations, I am joined by The Futurum Group's CEO, Daniel Newman for a conversation on exploring the intersection of DevOps, application modernization, and innovative development methodologies. Our conversation covers: Why The Futurum Group is investing in this new DevOps, Application Development and Modernization practice The market trends that are sparking interest in this new practice area What is top of mind for DevOps and how this practice can help These topics reflect ongoing discussions, challenges, and innovations within the DevOps community.  

What's New In Data
Unraveling the World of AI-Native Application Development with Mehmet Ozan Kabak Ph.D (CEO at Synnada, fmr ML at Instagram)

What's New In Data

Play Episode Listen Later Feb 16, 2024 46:58 Transcription Available


Mehmet Ozan Kabak, Ph.D. joins us to introduce the idea of AI-native application development. Ozan applies his real world experience working on machine learning at Instagram Signals and various other roles in AI & ML.  Embark on a transformative journey into the heart of AI infrastructure with Ozan Kabak, a beacon of knowledge in the realms of AI and machine learning. Our enlightening dialogue traverses the landscape of 'AI native' applications, where Ozan's insights bridge the gap between academic theory and industry practice. Through anecdotes from his Stanford days to tales of data infrastructure dilemmas, Ozan demystifies the often-overlooked development hurdles such as model monitoring and the balance between training and inference. This episode promises to illuminate the intricate dance behind the scenes of deploying AI solutions, sparing not a detail on the developer's labor and the pivotal moments that shape the backbone of AI applications.Gain an edge as we unpack the strategic foresight necessary for wielding AI in business; a cautious approach underscored by the significance of a robust data framework and the lurking risks of customer-facing AI systems. Ozan's expertise shines as we introduce Apache Arrow, the open-source project championing data format interoperability, heralding a new era of standardization and best practices. Be prepared to peer into the crystal ball of AI's future with us, where efficiency reigns supreme, and the compute landscape is primed for an overhaul. We grapple with the immense potential and existential considerations of large language models, examining how today's marvels could become tomorrow's masters. Tune in for a session packed with insights that will redefine your perspective on AI's current and future roles.What's New In Data is a data thought leadership series hosted by John Kutay who leads data and products at Striim. What's New In Data hosts industry practitioners to discuss latest trends, common patterns for real world data patterns, and analytics success stories.

5amMesterScrum
Amit Kumar Team Mgr Interview 9 Thursday Nights #5amMesterScrum

5amMesterScrum

Play Episode Listen Later Feb 16, 2024 40:48


Thursday Night Interview Program with Amit Kumar Team Manager and Cybersecurity Adjunct Professor at Villanova University Interview No. 9.  This is a part of our new Thursday Night line up of interviews agile people, change agents and business people seeking Transformation. Amit Kumar is a Manager of Application Development & Services and we 1st crossed paths 5 years ago. Amit is a driven solution provider with experience delivering high performing, scalable, stable and secure applications in multiple domains, including Health Care, Public sector and Auto Insurance. Proficient in building and managing teams across onshore/offshore model using multiple software development methodologies. Recently Amit completed his MBA specializing in Cybersecurity and now is an Cybersecurity Adjunct Professor at Villanova University. https://www.linkedin.com/in/xamitkumarx/ The Thursday Night show will start at 8pm EST with the podcast version to follow up at 9pm EST.  Please stay tune for more interviews with agile people and change agents. Happy Scrumming, Please don't forget to sign up for out weekly mailing list with its freebees. https://5ammesterscrum.com/join-our-weekly-newsletter/ Social Media: - search 5amMesterScrum or #5amMesterScrum  and you should find us and if not please let us know LinkedIn, Youtube, Facebook, Instagram, Twitter, TikTok     Podcasts: (search 5amMesterScrum) 

ITSPmagazine | Technology. Cybersecurity. Society
Incorporating Security from the Start for a More Secure Future: Exploring the 'Secure by Design' Initiative and the Ongoing Secure by Design Alert Series | A Conversation with Jack Cable | Redefining CyberSecurity Podcast with Sean Martin

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 14, 2024 36:46


Guest: Jack Cable, Senior Technical Advisor at CISA [@CISAgov]On LinkedIn | https://linkedin.com/in/jackcableOn Twitter | https://twitter.com/jackhcableCISA on LinkedIn | https://www.linkedin.com/company/cisagov/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Devo | https://itspm.ag/itspdvweb___________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, host Sean Martin invites Jack Cable, Senior Technical Advisor at CISA (U.S. Cybersecurity and Infrastructure Security Agency), to discuss the concept of 'Secure by Design' and the importance of incorporating security into the development process of technology products. The episode explores the motivations behind CISA's 'Secure by Design' initiative, which aims to shift the responsibility for cybersecurity from end users to technology manufacturers.During the conversation, Jack highlights the need for long-term investments in cybersecurity and emphasizes the role of business leaders in driving necessary security improvements. The conversation explores the core principles of 'Secure by Design', including technology manufacturers taking ownership of security outcomes for their customers, promoting radical transparency and accountability, and ensuring top business leadership drives security improvements. The episode also touches on the collaboration between CISA and the open-source community to foster greater security improvements in the open-source space.Jack also shares success stories of companies effectively implementing 'Secure by Design' principles and highlights the economic and business factors that will drive a more secure future. The episode concludes with a call-to-action for organizations to adopt the 'Secure by Design' approach and engage with CISA to support the shift towards more secure software.Top Key Insights:The 'Secure by Design' initiative is aiming to shift the burden of cybersecurity from end users to the technology manufacturers, essentially pushing for a more proactive approach to security.Successful adoption of 'Secure by Design' requires buy-in from business leaders who possess the power to allocate budgets and direct the shift towards a secure future, demonstrating that cybersecurity is as much a business issue as a technical one.Collaboration with the open-source community is crucial for improving security in the technology ecosystem. This includes expectaing companies who use open-source software to be responsible consumers and sustainable contributors to the open-source software ecosystem.___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Smart Software with SmartLogic
Actor Model and Concurrent Processing in Elixir vs. Clojure and Ruby with Xiang Ji & Nathan Hessler

Smart Software with SmartLogic

Play Episode Listen Later Dec 21, 2023 47:57


In this episode of Elixir Wizards, Xiang Ji and Nathan Hessler join hosts Sundi Myint and Owen Bickford to compare actor model implementation in Elixir, Ruby, and Clojure. In Elixir, the actor model is core to how the BEAM VM works, with lightweight processes communicating asynchronously via message passing. GenServers provide a common abstraction for building actors, handling messages, and maintaining internal state. In Ruby, the actor model is represented through Ractors, which currently map to OS threads. They discuss what we can learn by comparing models, understanding tradeoffs between VMs, languages, and concurrency primitives, and how this knowledge can help us choose the best tools for a project. Topics discussed in this episode: Difference between actor model and shared memory concurrency Isolation of actor state and communication via message passing BEAM VM design for high concurrency via lightweight processes GenServers as common abstraction for building stateful actors GenServer callbacks for message handling and state updates Agents as similar process abstraction to GenServers Shared state utilities like ETS for inter-process communication Global Interpreter Lock in older Ruby VMs Ractors as initial actor implementation in Ruby mapping to threads Planned improvements to Ruby concurrency in 3.3 Akka implementation of actor model on JVM using thread scheduling Limitations of shared memory concurrency on JVM Project Loom bringing lightweight processes to JVM Building GenServer behavior in Ruby using metaprogramming CSP model of communication using channels in Clojure Differences between BEAM scheduler and thread-based VMs Comparing Elixir to academic languages like Haskell Remote and theScore are hiring! Links mentioned in this episode: theScore is hiring! https://www.thescore.com/ Remote is also hiring! https://remote.com/ Comparing the Actor Model and CSP with Elixir and Clojure (https://xiangji.me/2023/12/18/comparing-the-actor-model-and-csp-with-elixir-and-clojure/) Blog Post by Xiang Ji Comparing the Actor model & CSP concurrency with Elixir & Clojure (https://www.youtube.com/watch?v=lIQCQKPRNCI) Xiang Ji at ElixirConf EU 2022 Clojure Programming Language https://clojure.org/ Akka https://akka.io/ Go Programming Language https://github.com/golang/go Proto Actor for Golang https://proto.actor/ RabbitMQ Open-Source Message Broker Software  https://github.com/rabbitmq JVM Project Loom https://github.com/openjdk/loom Ractor for Ruby  https://docs.ruby-lang.org/en/master/ractor_md.html Seven Concurrency Models in Seven Weeks: When Threads Unravel (https://pragprog.com/titles/pb7con/seven-concurrency-models-in-seven-weeks/)by Paul Butcher Seven Languages in Seven Weeks (https://pragprog.com/titles/btlang/seven-languages-in-seven-weeks/) by Bruce A. Tate GenServer https://hexdocs.pm/elixir/1.12/GenServer.html ets https://www.erlang.org/doc/man/ets.html Elixir in Action (https://pragprog.com/titles/btlang/seven-languages-in-seven-weeks/) by Saša Jurić Redis https://github.com/redis/redis Designing for Scalability with Erlang/OTP (https://www.oreilly.com/library/view/designing-for-scalability/9781449361556/) by Francesco Cesarini & Steve Vinoski Discord Blog: Using Rust to Scale Elixir for 11 Million Concurrent Users (https://discord.com/blog/using-rust-to-scale-elixir-for-11-million-concurrent-users) Xiang's website https://xiangji.me/ Feeling Good: The New Mood Therapy (https://www.thriftbooks.com/w/feeling-good-the-new-mood-therapy-by-david-d-burns/250046/?resultid=7691fb71-d8f9-4435-a7a3-db3441d2272b#edition=2377541&idiq=3913925) by David D. Burns Special Guests: Nathan Hessler and Xiang Ji.

This Week in Health IT
TownHall: Exploring the Intersections of Innovation, Leadership, and Health Equity with Todd Carlson

This Week in Health IT

Play Episode Listen Later Nov 21, 2023 20:53 Transcription Available


November 21: Today on TownHall Linda Yang, CIO, talks with Todd Carlson, VP of Application Development and Enterprise Architecture at CareSource about leadership in technological advancements in the healthcare insurance industry. How is generative AI shaping the quality and efficiency of healthcare and how does it hold up to the unique challenges of the healthcare industry? Also, we explore the importance of a human-centric design in the development of healthcare systems, the risks and rewards of innovation, and the critical role of strong leadership in promoting innovation while maintaining accuracy and efficiency.This Week Health SubscribeThis Week Health TwitterThis Week Health LinkedinAlex's Lemonade Stand: Foundation for Childhood Cancer Donate

Screaming in the Cloud
Elevating the SaaS Application Development Experience with Salman Paracha

Screaming in the Cloud

Play Episode Listen Later Jul 20, 2023 35:45


Salman Paracha, Founder & CEO at Katanemo Labs, joins Corey at Screaming in the Cloud to discuss his vision for the future of SaaS application development. Salman and Corey discuss what led him to take the leap into founding a start-up, and Salman shares how he believes the future of SaaS application development is at an inflection point. Salman also explains why it's critical to focus on the outcome your customers experience over infrastructure, and shares his vision for future developers looking to build the next wave of SaaS applications. About SalmanBuilding high-growth, high-tech software products that affect the lives of millions of customers. 15+ years of experience in building successful products and highly effective teams. I am deeply interested in bringing the power of the cloud to end customers, large scale data problems, and delivering scalable services on commodity hardware.Links Referenced: Katanemo: https://www.katanemo.com/ LinkedIn: https://www.linkedin.com/in/salmanparacha/ Email: mailto:salman@katanemo.com Twitter: https://twitter.com/salman_paracha TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. And this promoted guest episode of Screaming in the Cloud is brought to us by our friends at Katanemo, who is—when you talk to small startups, like, “Who should we talk to?” They invariably look around the room, figure out who they should throw directly into the grist mill, and in this particular case, they have selected Salman Paracha, who is the founder and CEO. Salman, thank you for joining me.Salman: Hey, thanks for having me. Second time.Corey: It is. And every time we talk, it seems like there has been an interesting progression in your career. Originally, when we first started talking, you were the GM of the serverless application repository at AWS, and of AWS SAM, the Serverless Application Model that most people know because of the giant psychotic squirrel running around the expo hall at events. Then you went to be a group VP at Oracle Cloud, and now you look around the landscape and decide, you know, what I've done my entire career? Worked at big companies where everything is, you know, convenient in certain ways. And that sucks. I want everything to be three times harder, at least, so I'm going to go start a startup of my own. Presumably. I'm assuming that is the thought process that led you here. What's the actual story behind why you decided to leave giant corporate entities and go to a small startup?Salman: Thanks for that intro. The primary reason to sort of pursue this dream was something was pulling at me for the past four to five years. As a person who considers himself a builder, the most happiest I am when I'm actually trying to ship software out for customers. And so, I've been pulling on this thread for a very, very long time, that the world of the modern reference architecture, as it goes more microservices and explodes in the face of developers, has gotten to a point that we are now being inundated with all these micro-primitives, if you would, on infrastructure that actually slow the rate of innovation down. And why hasn't there been a move and reversion to the other side?And so, as I looked around, and at my time at Serverless particularly, where we were trying to champion this idea of serverless compute where you don't manage your servers, I kind of was ruminating on this notion of how do you get to zero infrastructure? And the idea that how can we actually orchestrate out all the complexity behind the scenes and you can truly focus on what your application does. And in that part of the journey, I've been chatting with developers across swath of industries and varying degrees of sophistication if you would, and the thing that emerged is that the most complex, perhaps the most complex piece to build in the cloud is a SaaS application. And there's inherent complexity in sort of thinking through the various concerns of the shapes and sizes of your customers that you're serving, the security and safety controls that you have to give them, the operational burdens that you take to serve a very large customer versus a very small customer who is perhaps in your free tier.And so, I was pulling on this thread for a very long time, even at my time, somewhat, at AWS, having—I chatted folks like Twilio and Slack at that time, and I said, “I think there has to be a much, much better way.” It cannot be more; it has to be less, and that less is actually getting us closer to what we believe is the future of cloud infrastructure, which is no infrastructure. So, that's it. I mean, I think the core thesis was, “Hey, if I've operated at this intersection of hyperscale cloud infrastructure and SaaS applications for the past 20 years, what is the compression algorithm that I can apply and give to developers so that they can truly focus on building something phenomenal without having to worry about the complexity of the infrastructure, the security of the scaling of the operational, and the access logs, and all that stuff that they have to today focus on?” And then I'm very fortunate to have had a phenomenal team that have joined and humbled me in my journey here.Since last year, we have folks across the spectrum who have built these things at scale and at Lyft, at Dropbox, at Meta, at AWS, at Cloudera, and et cetera. And so, we've been really fortunate that we have a very firm belief of where we want to take the future of infrastructure and who we want to serve in that market segment. And I said to myself, I don't think I'm getting any younger. My parents, my South Asian parents, perhaps they're going to be more happy to see me sort of fight it out and battle it out versus just naturally climb the corporate ladder. Nothing wrong with that, of course.Corey: It's not too late to go be a doctor. I say that as someone who grew up in a Jewish home where there were certain expectations and pressures placed upon me that I continue to disappoint four decades later.Salman: Yeah, so anywho [laugh], on that front, so I think I'm kind of living to the expectations I had for myself 20 years ago when I joined the workforce, and I now have the great fortune to build alongside these amazing builders and see what we can unlock for the developer community.Corey: One of the challenges with the approach that I found historically has been Heroku did something very similar and then everyone tried to build the next Heroku, except for the company that bought Heroku, they were content to let that thing sit and never think about it again, for whatever reason. But another example would be something like NPM, the Node Package Manager, where it abstracts away stupendous complexity. You tell it to npm install for some project and it just starts scrolling huge amounts of text past and doing all kinds of work and your computer fans start screaming, and you're like, “Wow, it's doing an awful lot of fascinating stuff underneath the hood, and I really hope this works. If it breaks halfway through, I haven't first idea where to look under the hood to make sure that this actually works and doesn't break my application.”The problem that I have historically with the things in this space is it requires a certain element of trust. That said, looking at the things you've done before, the places you've been, I don't have to explain that to you. You have clearly spent your entire career in environments where mistakes matter because they're going to show very quickly to an awful lot of customers if they wind up getting out there. That feels to me like it's a significant competitive advantage versus, not to be disparaging, but a couple of founders fresh out of a boot camp who have never worked in the industry before, but they have an idea, gosh darn it, this is what they're going to build.Salman: You know, you'll find builders, and you'll have builders surprise you. And I, you know, salute all those who come out and start something new. I have a whole bunch of respect for that, just the courage that takes it. But there's an advantage that the team has, and we're very fortunate on having that advantage, having seen things break. And I think we're at this inflection point, perhaps now that there's been an incredible amount of effort done in the open-source community relative to [dis-established 00:06:56] standards.Like if you imagine, what, 25+ years ago, when HTTP and HTTP 1.1 came out, that created an explosion of people hosting these web services and HTTP-based applications. I think we're at the point where we can preserve the developer experience, preserve the operator experience, but never have to sort of have you tinker in the bowels of the infrastructure … to build a SaaS application. And I think that the interesting part of this is knowing how successful these projects can be, but also how complex they can be to manage. But if you (the developer) can just focus on dev experience and operator experience and ask what's the most pressing question to answer, which is…Can you know who (your customers) are and what they're doing in your system, and have the ability to shape their experience versus shaping the infrastructure?”I think we'll be in a much better state as an industry, we'll be much happier developers, we'll just be in a much higher place than we are today. Where as I said earlier, which is the modern reference architecture of microservices perhaps gives you some powers, but it really explodes the amount of choices and results in this massive drag on innovation. And that's that part of the lessons and learnings and insights that we have and we're going to compress that, hopefully, on behalf of developers as we build out Katanemo, particularly, you know, going towards this future of no infrastructure, zero infrastructure. So yeah, all respect to everyone who's building. You know, we've had the good fortune and we hope to pass that fortune back in terms of a product experience.Corey: This feels like a problem that never really goes away, at any scale, for that matter. I want to build out something new. Maybe it's just a ridiculous static site. Maybe it's some serverless-powered shitposting app. I have several of those in existence.And every time it's like, “Oh, you have a great idea for an application. Cool. Step one: do a whole bunch of infrastructure provisioning nonsense along the way first because that's going to be the important thing to get done.” And then, only then, do you get to start getting into the application logic and the rest. And it always feels like boilerplate, but it's specific boilerplate, in that it has to be right for this environment with this constraint and this use case, and it just feels like it's undifferentiated work that I don't want to be doing.Salman: I think that actually is magnified to a certain degree when you're thinking about an enterprise-grade SaaS application. And my impression is it's magnified of perhaps an order of magnitude more. Because in any modern SaaS experience, you would have to think through the list of concerns relative to your small customer base that's trying your product, teams that are relying on your experience that their workflows don't break, or perhaps large enterprises who you're trying to serve and upsell to. And that inherent complexity then gets baked into the choices on “Hey, should I have more nodes or should I have more concurrency or should I have more isolation boundaries? How do I think about security for multiple customers within my system?”And I think that's the really hard nut to crack. And we're focused there first because we believe we can serve that community really well, get off on the get-go, and then create the right level of experiences, perhaps for general business-to-consumer applications as well. But this problem, I think, it's magnified even more for the [unintelligible 00:10:01] dot community that's trying to start off with a developer-led motion but naturally wants to upsell to teams, organizations, and enterprises with their suite of services, perhaps a next-generation ChatGPT, if you would. So yeah, I'm with you. I hear you, and I think the problems amplified, in our view, to that other community that sort of struggles with this and has to hire specific talent to build that stack out.Corey: I have to ask, because I alluded to, it seems like every company has been trying to build the next version of Heroku, which when you distill down what the value would actually deliver doesn't sound that far removed from what it is that you're proposing to build. Hasn't this been done yet?Salman: So, I think the way we think about this problem is it's across multiple layers. And some components to this problem that's worth talking about. Of course, when you say zero infrastructure and no infrastructure, what does that even mean? Like, I think people naturally get confused. So, three weeks ago, we actually launched what we call our first set of capabilities on behalf of this community as we break things out in components, which is zero-trust capability.So, if you think about the space, there's a whole bunch of these undifferentiated essentials that you need to build something meaningful and serve users, teams, organizations, and enterprises. And Heroku is this approach was an abstraction—and a fine one, if you want to build a general purpose app that is just serving the consumer, perhaps. And we're sort of taking a very different position. We're saying we're here to solve you if you're building something that's going to serve developers, teams, or organizations. So, we are very different in terms of how we're approaching the market relative to what we want to go solve for.That's just number one. And B, as the thing that we recently launched, is how do we break this problem down on behalf of the community and be targeted to solve a particular problem? So, when I connected with developers in my journey for the past six to nine months as we've been in business, is that they felt that the modern state and fragmented nature of identity and access management is really complex for their application. Why? Because now you have this very interesting usage patterns for your applications.There's no longer users using something you're built. There are, of course, as I mentioned, teams, and of course, there's an enterprise component to this. There are machine keys for your APIs. And all these vectors now of uses all naturally become a threat vector that you have to protect for and they have to be neatly thought through from a access management strategy. And so, what we've set out to do is, like, how do we unify this experience today, and solve a real problem, which is you can effortlessly onboard any customer of any size and upsell through zero-trust capabilities like role-based access control, attribute-based access control, and give your customers the ability to achieve least privileged access?So, meaning how do you safeguard the most protected resources off your SaaS application and make sure they will be safeguarded, but if your users want to create for more sharing and collaboration experiences, you have the means for them to go achieve that without having to build custom logic, custom code, and perhaps spend, many months cycles and perfecting it? And that engineer that built it, and when it left, who's going to take over and maintain that piece of code?Corey: Not to mention you're going to get it wrong, and as a result, mistakes there have security implications that can be dire.Salman: I think that's where developers tell us, this is why—you know, I was talking to one potential developer the other day and the thinking was, hey, you know, it was really hard for us to, perhaps, let go of these security controls because we want to build them ourselves. And I asked them this question: “Where do you store your username and passwords for your applications?” Like, “I don't store them anymore.” Like, I think the reason why people have moved away from having these concerns is because it's a compliance security risk, it's a threat vector. And there are others who have hired teams and staff of experts to make sure that thing never breaks, on their behalf.And similarly, I think as you think about this multimodal identity experiences, this permissions experience that we have built for developers, we are the experts in this domain. We have advisors, past advisors from AWS IAM, perhaps people know that's a very popular. It serves billions of transactions a second, and securing cloud infrastructure at this rate of $100 billion worth of workloads. And so, we've got the expertise to help think through, like, what do developers need to create these safety guardrails, but with a phenomenal developer experience? And I'll give you an example of that, Corey.Like, in order for you to, sort of, interact with Katanemo, all you need to do is capture your API surface area in an OpenAPI specification or a GraphQL specification. And that submission of that specification means we know your resources, we know your resource model, your data paths, your access control mechanisms from the HTTP methods that you're exposing, and then we create the entire identity, customer identity, and finding permissions experience that the developer can expose to their customers in a self-service way to construct their own roles, construct their own SSO, construct their own access log controls, if you would, and just move past this, like, can we get to an enterprise-grade experience instantly as we serve, users, teams as effortlessly with us, and through their business lifecycle. Like, no developer is going to serve necessarily an enterprise on day one; they're going to get these teams really excited about their product and then they're going to have an upsell motion. But having to build these by bespoke experiences on onboarding and safety for each different cohort of the customers that they want to serve, that's just time away from stuff that they can build, cool things that are differentiating for them.Corey: One of the things has always sucked for me about building applications, even from an infrastructure perspective, has been that I don't know what I don't know. And I always feel like I am making a bunch of decisions now that make perfect sense, but when I start scaling or having to take this into a more serious environment, I'm going to have to throw so much of it away and backtrack massively. And oh, I shouldn't roll my own authentication subsystem and whatnot. But finding the right path forward that matches the current state of the art from an industry perspective really feels like a crapshoot, it's you're looking at all the horses, wondering which one you want to bet on and it carries a cost to get it wrong.Salman: In my time at Serverless, at EC2, even my time at Oracle, the whole idea was to make sure that we reduce this crapshoot behavior on behalf of developers. Of course, at AWS, at Oracle, it was very wide and horizontal in its appeal to any type of developer, but we have felt that if you sort of flipped on its head and go with a verticalized approach, and particularly target one persona and their use cases and their needs, that actually helps us, sort of, look at the problem very holistically and solve that thing just for them. And as I mentioned, we sort of focused on that SaaS use case, particularly, because we believe there's inherent and unbounded complexity there. So, this is just for playing from the experiences and learnings I've had in the past, which is, yeah, this stuff is hard. It's incredibly hard to get right, and just as, you know, the industry moved to hey, I can trust somebody else who's an expert here, we're saying we complete that story. And we look to the modern ways people access your applications through APIs and API keys, or users, or teams, or SSL, whatever, and we compress it, saying single API call to us and you get those capabilities out of the box so you can focus on what matters: moving fast, closing customers even faster.Corey: I think that is the grail that people are chasing. The problem I found, especially in the enterprise space, has been that it sounds great in theory, but in practice, it's a oh great, the old Model T story, you can get in any color you want, as long as it's black. And it's well, okay, that's a path, but it doesn't comport with our security requirements and our guardrails and our compliance objectives, et cetera, et cetera, et cetera. Rightly or—more often—wrongly, people tend to believe that they are bespoke unicorns whose problems could never possibly be realized by anything that wasn't brewed in-house at their own company. I don't find that to be true, but I imagine you're getting a lot of pushback from that direction.Salman: I think there are two pieces of feedback that we normally hear. “Oh, hey. We built some of this stuff. How do we sort of untangle the mess that we have?” That's fine. We can help them we have some components that easily wrap around their experience and give them the ability to sort of move to a better state.But if we build this stuff as a meaningful framework using open standards, like OpenAPI and GraphQL, as the only way you interact with us today, that means that your customers can now build, have a framework in which they set their own security standards against your service, against your application. And I think that makes you getting out of the business of defining the security posture to giving them the ability to construct their security posture is using open standards so their teams can plug down their own SEIM tools if they have to. But you have that framework powering your security and safety experience, your identity and access management experience, without having to build it.Going back to the earlier thing that we talked about, we believe we're in an inflection point where standards do establish a lot of innovation, specifically in infrastructure, and we're going to leverage as much as we can on behalf of developers to bet on those standards. Like I said, OpenAPI, GraphQL, AsyncAPI, so that their customers can say, “Yeah, I get it. I understand your surface area. I can construct these things at least privileged or coarse grained. That's my choice. You're going to give me access logs so I know what I did, or who did what, when, and how, so, you know, I can confirm for my compliance requirements.”And they're off the hook. They're actually truly off the hook without having to think about, I think I can do it better because my customers are pi—or second, their customers put these requirements that take them and create [sort of 00:19:29] Rube Goldberg type of scenario in terms of their own stack. So, we think we have something to really serve the market and make it such that it's not necessarily bespoke.Corey: I think that you're probably right that there's a lot of opportunity to develop those things. I mean, you spent enough time at Amazon, for example, to have benefited from the realization of some of this. One of the nice things I have to imagine, about building a product or a service at AWS is so much of the infrastructure work has already been done. You're not going to convince me that individual service teams have to sit there and come up with, well, we need to implement a global, highly available block store. S3 already exists. It's right there. You can use it.Same with authentication in the form of IAM, et cetera, et cetera, et cetera, a bunch of internal infrastructure stuff that's there and ready to go. Now, the counterargument, of course, is, as you're building this out, you don't have that, I guess, luxury anymore of big company, massive, awesome infrastructure there and ready to go, other than what is available to the rest of us mere mortals. So, I have to ask, is that the big part of what sucks about building SaaS these days or are you finding the friction and challenging parts somewhere else?Salman: So, it's a good question because Katanemo is built on Katanemo. It's a very [mind-tingling 00:20:46] type of discussion, but the one principle that we took is if we're going to build something on behalf of the community, then our product and service has to consume it as well, and specifically in talking about identity and access management for our SaaS service. Because there's nothing in the market that neatly solves this problem today. And should we rely on the cloud infrastructure and build on top of AWS and perhaps others in the market like Azure or GCP trying to do? Yeah, absolutely.We're not here to reinvent the primitives that are there for low-level infrastructure. We have a very strong non-religious belief that hey, we should leverage what we have, so we can move faster into market. So, we have a whole bunch of usage on, you know, openly speaking, we, when customers ask us, “How do you [unintelligible 00:21:27]? I'm like, “We use KMS for securing some of the things that we do on your behalf.” We have architected around the complexity on [unintelligible 00:21:34] groups and pools and multiples and trying keys and all that stuff. And so, we are trying to use as much as we can, but as I go back to this earlier notion, we're trying to develop a purpose-built experience that dramatically simplifies for that developer community.And tomorrow, as we go in towards our [unintelligible 00:21:51] infrastructure future, we will then design something very particular for that next community. And perhaps it's going to be a gaming community if we want to solve their problems. And that's going to be the ethos of the company. It has to be purpose-built, it has to be developer experiences phenomenal, not just digging any large cloud provider, but that is a missing component tree and how to think about it, and make sure that we can compress our infrastructure and systems knowledge so that they don't have to build it. And so, that's the mission that we're on. And we're, of course, very excited about what we're doing and very fortunate to have both the team and the backing that we have so far to pursue this a little bit further.Corey: You're putting your finger right on a very painful spot that has been resonating with me for a long time, which is that it feels like building something on top of AWS natively is a lot like going to the Home Depot and building a cabinet. Well, you go walk up and down the aisles and you pick the exact wood you want, the exact stain for it, the fasteners, et cetera, et cetera, et cetera, whereas sometimes you just want something to store some bowls, so going to Target is going to be the better solution. But now you're so forced to go and build these things yourself from parts. And that just feels like it has been such a heavy lift for folks because there's so much you need to understand. And it's more or less a shipping of AWS's internal product culture.But containers, databases, networks, compute, et cetera, are all things that any customer building even a Hello World app has to think about. But that falls across five different talk tracks at re:Invent, for example. It's too much burden that has been put on the customer and as a result, I think that there's a lot of value being left on the table. I spend roughly equivalent amounts of money every month on AWS and on Retool. For AWS, I spent about 450 bucks to get about 450 bucks worth of infrastructure services.Retool, which is basically a WYSIWYG app that designs in-house applications charges me about 400 bucks for which I receive probably about 20 cents worth of infrastructure services, but the value it presents by stringing those things together for me means I am happy to pay it. I really feel like there's a massive untapped value in being able to deliver not building blocks, but conceived solutions that get out of the way and let people build the differentiated thing that they're in business to build.Salman: We feel the same way. I think part of this realization is developers who are building these things continue to stumble upon the explosion of courses and certification material and all that stuff to train themselves to do something. As of course, naturally, AI comes into play and the way that you know the future of applications continues to press upon, you have to build something quickly, you will see that this notion of just [hugging 00:24:32] your primitives or hugging these low-level infrastructure primitives is going to go away because the world is moving at an incredibly breakneck pace. And that will be true, but there is truly now an inflection point where everyone wants to move even faster.And our talk track with, I guess, our customers is, focus on what really matters to grow your business. And if you are a SaaS developer, or perhaps you're a gaming developer, or perhaps you're thinking very specifically in terms of vertical industry that you want to unlock, like, a healthcare company, for example, you should focus on great patient care, you should focus on great gaming experience, you should focus on great X, Y, Z. Don't focus on infrastructure. Infrastructure is not the outcome. The outcome is your customers are happy and you're going to serve them.And your customers are not all equal size, equal shape, and never will be, but you need to give equal shape, equal size, type of price performance or great experience to them. Because you're not necessarily going to spend the effort to make sure that your free tier is the most highly performant place for you serve your customers and leave your perhaps platinum or enterprise customers hanging dry, as an example. But yeah, I mean, I think that's the ethos of our company and the spirit of what we are trying to go build. As I said, we're humbled to be—I am humbled to be surrounded by folks who are much smarter than me and been better builders, and customers who are so excited about our journey. So, this is a good time for us at the moment.Corey: I understand the grass is always greener when it comes to looking at the road not taken. For me, I see one of the advantages of running a services business as I do, in that, well, I can start a services business on Monday and by you know, Friday or so, I have my first client lined up and I'm ready to start performing work and get paid immediately. SaaS on the other hand feels a lot more like a real estate adjacent, where you have to go ahead and buy the land and get everyone lined up and sink the massive investment into it to get it built up, and you won't know for years in some cases whether this is something that is going to catch on, much less even justify the cost of building it in the first place. Where are you on that journey as far as validating that you're building something that's resonating?Salman: So, we have design partners, we call them because they're shaping our product experience. And we don't call them customers yet, just because we're in sort of the early stages. But we have designed partners across four critical industries. One of them which is AI, as the booming next-generation AI company is going to be API-first, we have that use case that we can target really well. They're really early in their days and they need support across their business lifecycle. Hey, I'm just going to support three users tinkering of my product to 3000 customers in an enterprise.But that's one. We are very much engaged in the healthcare space because the healthcare is actually going through a very massive legal transformation through—well, what's happening there's this HL7 FHIR standard which is actually making healthcare records more interoperable. So, you actually can get patient records if you go from one doctor to the other and not be blocked by the healthcare Gods to say, “No, you cannot do that.” And that is actually creating a very net-new experience in the healthcare space, so we have very customers excited about how we can self-solve their problems in terms of identity and authorization. We have customers in the Web3 off-chain space.So, on-chain is all permissionless and it's a whole bunch of different type of development experience, but off-chain has very much of the same characteristics that you will find on a traditional SaaS application. They [need 00:27:56] about safety, you think about privacy, you think about users and teams and API keys and a whole bunch of stuff that sort of baked into it. And the general developer tools who are going from an open-source experience to perhaps a cloud service experience, they've got a really great project in the GitHub, they got a bunch of stars and they now have to think about how to provide a better value to customers? And they have to go through a journey.So, in those four general sort of in buckets is where we are operating right now. We're very excited about that. And, you know, this opportunity to talk to you is to connect with more folks, especially as we, as I travel in the to AWS New York Summit, or perhaps just meeting up through one-on-ones through Calendly, or whatever have you, and figuring out how we can unlock more value for customers in these use case verticals, or perhaps something that we haven't necessarily thought through yet.Corey: I think that one of the clear signs of someone who used to work at Amazon is that—I don't even have to ask; I already know the answer—of are you talking to prospective customers before you start building things? Whereas start to finish everyone I've ever met at AWS is highly focused on the customer experience, whereas when you talk to people building things who have not been through that, a depressing amount of the time, your question is, okay, so what do your prospective customers think about this? Like, “Oh, we haven't talked to any of those people, yet. Talking to people is scary and we're here to write code.” It's, “You might be surprised by what you learn.”And there's no immunity to it. When I started this place, I thought I knew pretty well what people thought about their AWS bill, and it turns out, I was way off. There were nuances of the way customers talked about it that I didn't fully understand. So, to that end, in fact, we can prove it relatively easily. What is something you have learned about your space since you started the company from customer conversations?Salman: Oh, we actually made a pivot into this space that we are in at the moment because customers told us that's something that they do not want to focus their efforts on. Repeatedly. We did not write a single line of code all up until November of last year, but once we got the signal from our, as I said, as I mentioned, design partners, they're like, “This is a problem worth solving.” They're like, “We're going to get to work for you. You have these use cases, you have these scenarios that are coming up in your conversations with your customers. Let us be that accelerant for you and be an extension of your team in some ways, so that you can focus on what's really, really, really important.”So, you know, I think that's just survival, Corey. Part, of course—naturally, of course, you work backwards from customers and that was the framework I used when I joined Amazon back in 2012. And even in my time at Oracle, that's been the ethos of my, I guess, my personal self. But in our case, particularly, we actually talked about a very different idea, we wanted to start, but then customers told us, “You know what? Don't start there. Start here.”And I think that's obviously, just the nature of surviving in through the first few years of your company existence is… getting people to say yes and getting people to say no, and then no, is actually really valuable in many cases because it tells you what to adjust to. And so, we adjusted here as a result of those conversations.Corey: That may be the best answer to that question I think I've ever gotten. That is a phenomenal way to approach things. We started building a SaaS product here and two months later, we sunset the SaaS product because it turned out that what we were building and what customers wanted were not necessarily aligned. I like you said didn't even write a line of code until last November, just because of the conversations were still shaping what was actually needed in the marketplace. You would be astonished how rare that is.Salman: I guess. The startup founders that I have the privilege to call peers, they actually taught me some of the stuff. So, we've got the startup founders we want to just connect on the founder journey, we're happy to connect. Just, but yeah, I think that the strength of the team is sort of making sure that we have our ears to the ground. Get out of the building. You got to get out of the building. And we've been trying to get out of the building as much as we can with Katanemo. And I think that journey just continues. The learning journey, the evolution of what we're doing on behalf of SaaS developers continues, and we hope to delight them.Corey: I want to thank you for taking the time to speak with me. If people want to learn more, where should they go?Salman: So, they can go to katanemo.com, which is where our website is, and they can learn a little bit about what we do today and also where we're headed with the venture. They can reach out to me directly on LinkedIn. Salman Paracha. I'm not super hard to find on LinkedIn. You search for me and say Katanemo or AWS and Oracle, I think you'll be able to get to me. I'm also going to the AWS New York Summit, which happens on July 26, I believe. I might run into you there.Corey: Oh, yes. The night before I'll be hosting a drink up at Vol de Nuit at eight o'clock. You're welcome there, as anyone who's listening. And oh, it's always a pleasure to go and talk to people doing interesting things and just talk shop. But that's the reason I throw the drink up.Salman: Ah, okay. I'll take you up on that. And good, we'll get to see each other face-to-face after some time. You can reach out to me, as I said, even basic email, and I'll say that to you, and LinkedIn if you're just a chat. And there's just so many ways to get to me. On Twitter, I'm @salmanparacha, and it should be a bit easier to find me.Don't hesitate to reach out or search or connect with us. We are eager to talk to folks who are trying to solve or crack this Gordian Knot on terms of the what they're building. And especially if you're building towards the next-generation AI application and think through safety, we believe we are years ahead in terms of thinking about safety in that space. It's early days for us there, but we're obviously interacting with customers and developers who are trying to think through, how do I now take what was understood to be a table stakes, okay, API-first experiences, [user seems 00:33:31], keys, all that good jazz, and provide safety for that? But I think the new world that we're going to live in is not only going to just be deterministic responses from APIs; it's going to be probabilistic responses from large language models. And we got something going on in that space, particularly. We feel fairly bullish on it. But more, customer conversations before we write a piece of code is important. So, just connect with us. I'm salman@katanemo.com, on LinkedIn, Twitter, and I will be quick to reach back out to you.Corey: And I will, of course, put links to that in the [show notes 00:34:02]. And I've also filled out the contact us form on katanemo.com because I have a couple of problems it sounds like this might absolutely be a way to solve. Because otherwise, God help us all. I'm writing another login page.Salman: Right. So, just see Corey Quinn just signed up for our access. So, I will give you access. So.Corey: You think I'm kidding. I assure you I'm not. That's the scariest part is that I'm often being completely serious and people think I'm making a joke. Thank you so much for taking the time to speak with me. I really appreciate it.Salman: Hey, thanks for the time. I appreciate the opportunity.Corey: Salman Paracha, founder and CEO at Katanemo. I'm Cloud Economist Corey Quinn and this has been a promoted guest episode of Screaming in the Cloud brought to us by our friends at Katanemo. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with it insulting comment talking about how difficult it was to build that platform yourself from scratch because of all the infrastructure moving parts before it would take that insulting comment.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.