Podcasts about iaas

ai lessons learned saas enterprise breaches failings iaas security operations varonis

Play Episode Listen Later Nov 19, 2025 14:43

Joseph Avanzato is the Security Operations and Forensics Group Leader at Varonis. In this episode, he joins host Paul John Spaulding to discuss the common tactics attackers exploit and mistakes made by enterprises that lead breaches, as well as how Varonis is uniquely positioned to help public and private customers around the world investigate, contain, and evict attackers from their network. This episode is brought to you by Varonis, whose AI-powered data security platform secures your data at scale – across IaaS, SaaS, and hybrid cloud environments. To learn more about our sponsor, visit https://www.Varonis.com.

TCG062: The Tech Expertise Deficit with Russ White

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Nov 12, 2025 48:01

Today we delve into the tech expertise deficit and why technical depth and decades of doing the work matter more than social media followers and content creation hype. Our guest is Russ White, engineer, author, teacher, and certification developer. We begin with current events in AI, and then investigate the differences between career and influence... Read more »

ai tech saas expertise aws deficit devops azure cloud computing kubernetes paas gcp digital ocean iaas aiops gke russ white

CCT 293: CISSP Rapid Review - Domain 8

Play Episode Listen Later Oct 30, 2025 39:02 Transcription Available

Send us a textQuantum threats aren't waiting politely on the horizon, and neither should we. We kick off with Signal's bold move to deploy post-quantum encryption, unpacking the “belt and suspenders” approach that blends classical cryptography with quantum-resistant algorithms. No jargon traps—just clear takeaways on why this matters for privacy, resilience, and the pressure it puts on other messaging platforms to evolve. We point you to smart reads from Ars Technica and Bruce Schneier that make the technical guts approachable and actionable.From there, we switch gears into a focused CISSP Domain 8 walkthrough: how to weave security into every phase of the software development lifecycle. We talk practical integration across waterfall, agile, and DevOps; show why change management, continuous monitoring, and application-aware incident response are non-negotiable; and explain how maturity models like CMMI and BSIMM help teams move from reactive to repeatable. We also break down the developer's toolbox—secure language choices, vetted libraries with SCA, hardened runtimes, and IDE plugins that surface issues in real time—so teams can ship faster without trading away safety.Speed meets rigor in the CI/CD pipeline, where shift-left security comes alive with SAST, DAST, and SOAR-driven checks. We cover repository hygiene, secret scanning, and how to measure effectiveness with audit trails and risk analysis that map code issues to business impact. You'll get a clear view of third-party risk across COTS and open source, the shared responsibility model for SaaS, PaaS, and IaaS, and the daily practices that keep APIs from leaking data: least privilege, strict authorization, input validation, and rate limiting. We close with software-defined security—policies as code—bringing consistency, versioning, and automation to your defenses. Subscribe, share with a teammate who owns your pipeline, and leave a review to tell us the next Domain 8 topic you want us to deep-dive.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

speed saas signal rapid soar domain apis devops ide sca ci cd paas ars technica iaas cissp bruce schneier dast cots sast cmmi bsimm

A Fábrica de Receita e a Alma Humana: Navegando Dados e Vendas na Era Digital

Growth Diaries

Play Episode Listen Later Oct 30, 2025 54:39

No cenário dinâmico do marketing digital e das vendas, a busca pela previsibilidade e eficiência tornou-se uma obsessão. Empresas de todos os portes anseiam por transformar o processo de vendas de uma “arte” intuitiva e, por vezes, caótica, em uma “ciência” replicável e escalável. Mas, seria essa transição meramente técnica? Ou há um profundo embate cultural e psicológico em jogo? O episódio do podcast Growth Diaries, com a participação de Daniel Lestinge, fundador da Blue Forecast, desvenda as complexidades dessa jornada, expondo a tensão entre a natureza humana dos vendedores e a frieza implacável dos dados. Mais do que um mero relatório de vendas, o que emerge é um manifesto sobre como a gestão de dados pode, paradoxalmente, humanizar e otimizar a máquina de receita, desde que se compreenda a intrincada dança entre pessoas, processos e algoritmos.A Evolução da Gestão Comercial: Do Grito ao AlgoritmoA história da gestão comercial é uma jornada fascinante, pontuada por transformações radicais. Houve um tempo em que o sucesso em vendas era sinônimo de carisma, persuasão e, muitas vezes, de uma boa dose de “gritos e motivação” por parte dos gestores. Era uma era onde a intuição reinava soberana, e a performance individual era celebrada, mas dificilmente replicável ou escalável. Max Weber, o sociólogo alemão, já observava no início do século XX a tendência da sociedade moderna à racionalização, onde a eficiência e a calculabilidade suplantariam a tradição e a emoção (Weber, 1978). Essa racionalização, que ele via nas burocracias, hoje se manifesta na busca incessante por métricas e processos no universo das vendas.Daniel Lestinge, com sua trajetória que migra de vendas para dados, é um testemunho vivo dessa evolução. Ele representa a nova guarda, que entende que a paixão e a motivação continuam sendo cruciais, mas precisam ser ancoradas em um arcabouço de dados e processos. O modelo artesanal, onde o “feeling” do vendedor era o KPI supremo, cede lugar a uma gestão que busca transformar a operação de vendas em uma “fábrica de receita” previsível. Não se trata de desumanizar, mas de otimizar. Como argumenta Peter Drucker, “o que não pode ser medido, não pode ser gerenciado” (Drucker, 1954). E no mundo das vendas, gerenciar significa entender o que funciona, por que funciona, e como replicar esse sucesso em escala.O Calcanhar de Aquiles Humano: Vendedores e o CRMApesar da inegável lógica por trás da gestão de vendas baseada em dados, o maior desafio reside, ironicamente, no elemento humano. Vendedores, por sua própria natureza, são movidos pela emoção, pela conexão pessoal e pela liberdade de ação. A ideia de preencher meticulosamente um CRM, seguir roteiros rígidos ou aderir a processos padronizados pode soar como uma camisa de força para muitos. Essa resistência não é meramente uma questão de preguiça ou má vontade; é um reflexo de vieses cognitivos e da aversão à perda, conceitos explorados por Daniel Kahneman e Amos Tversky em sua Teoria da Perspectiva (Kahneman & Tversky, 1979). A mudança de um método familiar para um novo, mesmo que comprovadamente mais eficiente, é percebida como uma perda de autonomia ou de um “jeito de fazer” que já trouxe resultados.A Blue Forecast, ao se deparar com essa realidade, precisou desenvolver uma abordagem que não apenas implementasse ferramentas de dados, mas que também promovesse uma profunda mudança cultural. A solução não está em impor, mas em demonstrar o valor. Quando os vendedores percebem que o CRM não é um instrumento de controle, mas uma ferramenta que os ajuda a fechar mais negócios, a gerenciar melhor seu pipeline e a identificar oportunidades que antes passariam despercebidas, a resistência diminui. É uma questão de traduzir a linguagem dos dados para a linguagem dos resultados tangíveis na vida do vendedor. Como Lestinge aponta, a gestão comercial precisa de visibilidade e controle, especialmente em ambientes remotos, e essa visibilidade só é alcançada com dados confiáveis, gerados por processos bem definidos.Data as a Service: O Modelo Blue Forecast e a Democratização da AnáliseA complexidade de montar e manter uma equipe de dados interna é um obstáculo significativo para muitas empresas, especialmente as de médio porte que faturam acima de 10 milhões por ano, mas que ainda não possuem a maturidade para um departamento de dados robusto. É nesse vácuo que o modelo “time de dados por assinatura” da Blue Forecast se posiciona como uma solução estratégica. Esse modelo reflete uma tendência econômica mais ampla: a “economia de serviços” ou “as-a-service” (SaaS, PaaS, IaaS), onde empresas podem acessar expertise e infraestrutura de ponta sem os custos fixos e os desafios de recrutamento e retenção de talentos.Ao oferecer times de dados por assinatura, a Blue Forecast democratiza o acesso à inteligência de negócios avançada. Empresas como Embracon e Ser Ronda, que talvez hesitassem em investir em uma estrutura de dados própria, podem agora alavancar análises sofisticadas para otimizar suas operações de vendas. Isso permite que se concentrem em seu core business, enquanto especialistas gerenciam a complexidade dos dados. É uma terceirização estratégica que não apenas reduz custos, mas também acelera a curva de aprendizado e a implementação de melhores práticas, conforme o conceito de vantagem competitiva de Michael Porter (Porter, 1985).A “Fábrica de Receita”: Previsibilidade em um Mundo IncertoA visão de transformar a operação de vendas em uma “fábrica de receita” é o cerne da proposta da Blue Forecast e um conceito poderoso para o marketing digital. Em um mercado cada vez mais volátil e competitivo, a previsibilidade é um ativo inestimável. Uma “fábrica de receita” implica um sistema onde as entradas (leads, atividades de vendas) são processadas de forma consistente para gerar saídas (vendas, receita) com uma taxa de conversão conhecida e gerenciável. Isso exige a aplicação de princípios de gestão de processos, como os popularizados pelo Lean Manufacturing e Six Sigma na indústria, adaptados para o universo das vendas (Womack & Jones, 2003).A chave para essa previsibilidade é a definição clara de processos e a medição constante de KPIs. Sem dados confiáveis, a “fábrica” operaria no escuro, sujeita a flutuações e ineficiências. Com eles, é possível identificar gargalos, otimizar etapas e prever resultados com maior acurácia. A previsibilidade não elimina a necessidade de inovação ou de adaptação a mudanças de mercado, mas fornece uma base sólida para a tomada de decisões, permitindo que as empresas reajam de forma proativa, e não apenas reativa.Governança de Dados: O Alicerce InvisívelUm dos pontos cruciais levantados por Lestinge é a necessidade de homologação dos dados. Em muitos casos, as empresas sequer possuem uma definição clara do que constitui uma “venda” ou um “lead qualificado”. Sem essa padronização, qualquer análise de dados será falha, construída sobre areia movediça. A governança de dados, portanto, torna-se o alicerce invisível sobre o qual toda a “fábrica de receita” é construída.A homologação envolve alinhar critérios, criar campos padronizados no CRM e garantir que todos os membros da equipe compreendam e sigam esses padrões. É um trabalho minucioso, mas essencial. Filosoficamente, pode-se traçar um paralelo com a busca pela verdade e consistência na epistemologia. Para que o conhecimento (neste caso, os insights de dados) seja válido, ele precisa ser fundamentado em premissas claras e consistentes. Dados inconsistentes levam a conclusões equivocadas e, consequentemente, a decisões de negócios erradas. Como alertam Davenport e Dyché, sem uma boa governança, os dados podem se tornar um passivo, não um ativo (Davenport & Dyché, 2013).Além dos Dashboards: A Cultura Data-Driven na PráticaTer dashboards bonitos é um bom começo, mas a verdadeira transformação acontece quando os dados permeiam a cultura organizacional. Daniel Lestinge destaca como as reuniões se transformam após a implementação das soluções da Blue Forecast. De debates improdutivos focados em atribuição de culpa, elas evoluem para sessões focadas em soluções e acompanhamento de iniciativas, utilizando ferramentas como PDCA (Plan-Do-Check-Act) e 5W2H.Essa mudança de cultura é um desafio sociológico e psicológico complexo. Requer que os líderes modelem o comportamento desejado, que a equipe seja treinada para interpretar e agir com base nos dados, e que haja um ambiente de segurança psicológica onde os erros sejam vistos como oportunidades de aprendizado, não de punição. Edgar Schein, renomado teórico da cultura organizacional, enfatiza que a cultura é moldada por artefatos, valores e pressupostos básicos, e que a mudança cultural é um processo lento e deliberado (Schein, 2017). Ao transformar a forma como as reuniões são conduzidas, a Blue Forecast está, de fato, reescrevendo os rituais e as normas que sustentam a cultura de vendas de seus clientes.O Dilema da Imagem vs. Entrega: Lições do Ecossistema DigitalUm dos insights mais provocadores do episódio do Growth Diaries foi a reflexão sobre a influência das redes sociais e os “influenciadores corporativos”. Daniel e Victor observaram que, muitas vezes, há um foco excessivo na imagem dos fundadores e na retórica inspiradora, em detrimento da entrega real de valor estruturado. Essa crítica ressoa com a teoria da “sociedade do espetáculo” de Guy Debord, que descrevia uma sociedade onde as relações sociais são mediadas por imagens e o consumo de representações se sobrepõe à experiência direta e autêntica (Debord, 1994).No contexto do marketing digital e da educação corporativa, essa tendência pode ser perigosa. Empresas e indivíduos que constroem sua reputação apenas na imagem, sem a substância de processos sólidos e resultados concretos, correm o risco de se tornar “castelos de areia”. A mensagem de Daniel é clara: a entrega de resultados tangíveis e a transformação contínua são o que realmente fidelizam o cliente. Em uma era de excesso de informação e de “gurus” instantâneos, a autenticidade e a capacidade de gerar valor real são os diferenciais competitivos mais poderosos.A Autonomia do Cliente: Infraestrutura e FlexibilidadeUm aspecto técnico, mas de grande impacto estratégico, é a decisão da Blue Forecast de implantar todas as soluções na infraestrutura do cliente. Essa abordagem, que pode parecer mais trabalhosa à primeira vista, é fundamental para garantir a autonomia do cliente e evitar a chamada “dependência de fornecedor” (vendor lock-in). Ao hospedar os dados e as ferramentas na própria infraestrutura do cliente (seja AWS, GCP ou outra), a Blue Forecast assegura que o cliente mantém a posse e o controle de seus ativos digitais.Essa estratégia reflete uma compreensão profunda do valor a longo prazo para o cliente. Não se trata apenas de entregar uma solução, mas de capacitar o cliente. Em um mundo onde a segurança e a soberania dos dados são cada vez mais críticas, essa escolha técnica se traduz em um benefício estratégico, reforçando a confiança e a parceria. Além disso, a flexibilidade em adaptar-se à stack tecnológica do cliente demonstra uma abordagem centrada no cliente, um pilar fundamental para o sucesso de qualquer empresa de serviços, como ressaltado por autores como Frederick Reichheld sobre a lealdade do cliente (Reichheld, 1996).O ROI da Transparência: Casos de Sucesso e RetençãoO valor da análise de dados em vendas é mais bem ilustrado pelos casos de sucesso. Lestinge citou o exemplo de uma empresa de Telecom do Espírito Santo que, após a implementação de dashboards e processos estruturados, viu sua retenção (Customer Success) saltar de 27% para 54%. Esse é um testemunho poderoso do ROI da transparência e da governança de dados. A retenção de clientes é, muitas vezes, mais lucrativa do que a aquisição de novos, um princípio econômico bem estabelecido no marketing.O aumento da retenção não é um resultado mágico; é a consequência direta de uma melhor compreensão do cliente, da identificação proativa de riscos de churn e da capacidade de agir com base em insights. Quando a equipe de CS tem acesso a dados confiáveis sobre o comportamento do cliente, o uso do produto e o histórico de interações, ela pode intervir de forma mais eficaz, oferecendo soluções personalizadas e fortalecendo o relacionamento. Esse é o poder de transformar dados em ações estratégicas que impactam diretamente o resultado final.O Caminho à Frente: Priorizando o EssencialA mensagem final de Daniel Lestinge é um lembrete valioso em um mundo saturado de informações e soluções complexas: comece simples. Ele orienta focar inicialmente em construir processos claros, definir poucos KPIs essenciais e garantir que o time de vendas funcione de forma coesa, antes de buscar soluções excessivamente complexas. Essa abordagem minimalista e pragmática ecoa o Princípio de Pareto (80/20), onde a maioria dos resultados advém de um número limitado de causas (Koch, 1998).No contexto do marketing digital e da gestão de vendas, isso significa resistir à tentação de implementar todas as ferramentas e métricas disponíveis de uma vez. Em vez disso, a prioridade deve ser estabelecer uma base sólida de dados confiáveis e processos operacionais eficientes. A jornada é gradual, e o principal é progredir com foco e “mão na massa”. É um convite à ação deliberada e estratégica, em vez de uma corrida desenfreada por todas as inovações tecnológicas.Conclusão: A Sinfonia de Dados e HumanidadeO bate-papo no Growth Diaries com Daniel Lestinge transcendeu a mera discussão sobre análise de dados e vendas. Ele nos convidou a uma reflexão profunda sobre a natureza do trabalho, a psicologia humana e a evolução da gestão na era digital. A “fábrica de receita” não é um ideal frio e desumano; é a materialização da busca por eficiência e previsibilidade, que, quando bem implementada, pode liberar os vendedores para se concentrarem no que fazem de melhor: conectar-se com pessoas.A verdadeira maestria reside em orquestrar a sinfonia entre a precisão dos algoritmos e a intuição humana, entre a rigidez dos processos e a flexibilidade da criatividade. O futuro das vendas e do marketing digital não é apenas sobre coletar dados, mas sobre interpretá-los com sabedoria, aplicar essa sabedoria com propósito e, acima de tudo, lembrar que, no final das contas, estamos lidando com pessoas. A jornada é contínua, os desafios são constantes, mas a promessa de uma operação de receita mais eficiente e previsível, que respeita e amplifica o potencial humano, é um horizonte que vale a pena perseguir. É hora de salvar, reparar e decidir: vamos construir fábricas de receita que nutrem a alma humana ou nos perderemos na busca incessante por métricas vazias? A escolha é nossa.Referências (Estilo MLA)Davenport, Thomas H., and Jill Dyché. The New IT: How Technology Leaders Are Shaping the Digital Future. McGraw-Hill Education, 2013.Debord, Guy. The Society of the Spectacle. Translated by Donald Nicholson-Smith, Zone Books, 1994.Drucker, Peter F. The Practice of Management. Harper & Row, 1954.Kahneman, Daniel, and Amos Tversky. “Prospect Theory: An Analysis of Decision under Risk.” Econometrica, vol. 47, no. 2, 1979, pp. 263–91.Koch, Richard. The 80/20 Principle: The Secret to Achieving More with Less. Doubleday, 1998.Porter, Michael E. Competitive Advantage: Creating and Sustaining Superior Performance. Free Press, 1985.Reichheld, Frederick F. The Loyalty Effect: The Hidden Force Behind Growth, Profits, and Lasting Value. Harvard Business School Press, 1996.Schein, Edgar H. Organizational Culture and Leadership. 5th ed., Wiley, 2017.Weber, Max. Economy and Society: An Outline of Interpretive Sociology. Edited by Guenther Roth and Claus Wittich, University of California Press, 1978.Womack, James P., and Daniel T. Jones. Lean Thinking: Banish Waste and Create Wealth in Your Corporation. Free Press, 2003. To hear more, visit victormignone.substack.com

university leadership society management data risk decision economy roi era quando uma saas esse crm profits esp santo ele xx edited isso ao kpis weber sem cs empresas koch gest aws humana kpi refer wiley casos sucesso spectacle davenport customer success teoria dados telecom evolu princ daniel kahneman imagem pareto vendas schein free press drucker peter drucker womack era digital receita autonomia houve california press six sigma conclus create wealth paas navegando digital future gcp transpar max weber vendedores thomas h governan kahneman sinfonia doubleday iaas james p requer debord lean manufacturing guy debord amos tversky edgar schein mcgraw hill education achieving more lasting value zone books principle the secret econometrica harvard business school press daniel t jones your corporation

TCG061: How Are You Using AI?

Oracle University Podcast

Play Episode Listen Later Oct 29, 2025 49:01

Join William Collins and Evyonne Sharp as they catch up on all things AI. They discuss the AI bubble and how it relates to venture capital, stock, and company evaluations. They talk about the AI experience for the average person, the adoption rate of AI tools, and how the AI infrastructure buildout might affect the... Read more »

ai saas using ai aws devops azure cloud computing kubernetes paas gcp digital ocean iaas aiops gke

Cloud Data Centers: Core Concepts - Part 4

Play Episode Listen Later Oct 28, 2025 13:56

In this episode, hosts Lois Houston and Nikita Abraham, along with Principal OCI Instructor Orlando Gentil, break down the differences between Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service. The conversation explores how each framework influences control, cost efficiency, expansion, reliability, and contingency planning. Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. ----------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hey there! Last week, we spoke about how hypervisors, virtual machines, and containers have transformed data centers. Today, we're moving on to something just as important—the main cloud models that drive modern cloud computing. Nikita: Orlando Gentil, Principal OCI Instructor at Oracle University, joins us once again for part four of our discussion on cloud data centers. 01:01 Lois: Hi Orlando! Glad to have you with us today. Can you walk us through the different types of cloud models? Orlando: These are commonly categorized into three main service models: Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service. Let's use the idea of getting around town to understand cloud service models. IaaS is like renting a car. You don't own the car, but you control where it goes, how fast, and when to stop. In cloud terms, the provider gives you the infrastructure—virtual machines, storage, and networking—but you manage everything on top—the OS, middleware, runtime, and application. Thus, it's like using a shuttle service. You bring your bags—your code, pick your destination—your app requirements, but someone else drives and maintains the vehicle. You don't worry about the engine, fuel, or routing planning. That's the platform's job. Your focus stays on development and deployment, not on servers or patching. SaaS is like ordering a taxi. You say where you want to go and everything else is handled for you. It's the full-service experience. In the cloud, SaaS is software UXs over the web—Email, CRM, project management. No infrastructure, no updates, just productivity. 02:32 Nikita: Ok. How do the trade-offs between control and convenience differ across SaaS, PaaS, and IaaS? Orlando: With IaaS, much like renting a car, you gain high control. You are managing components like the operating system, runtime, your applications, and your data. In return, the provider expertly handles the underlying virtual machines, storage, and networking. This model gives you immense flexibility. Moving to PaaS, our shuttle service, you shift to a medium level of control but gain significantly higher convenience. Your primary focus remains on your application code and data. The provider now takes on the heavy lifting of managing the runtime environment, the operating system, the servers themselves, and even the scaling. Finally, SaaS, our taxi service, offers the highest convenience with the lowest control level. Here, your responsibility is essentially just using the application and managing your specific configurations or data within it. The cloud provider manages absolutely everything else—the entire infrastructure, the platform, and the application itself. 03:52 Nikita: One of the top concerns for cloud users is cost optimization. How can we manage this? Orlando: Each cloud service model offers distinct strategies to help you manage and reduce your spending effectively, as well as different factors that drives those costs. For Infrastructure-as-a-Service, where you have more control, optimization largely revolves around smart resource management. This means rightsizing your VMs, ensuring they are not overprovisioned, and actively turning off idle resources when not in use. Leveraging preemptible or spot instances for flexible workloads can also significantly cut costs. Your charges here are directly tied to your compute, storage, and network usage, so efficiency is key. Moving to Platform-as-a-Service, where the platform is managed for you, optimization shifts slightly. Strategies include choosing scalable platforms that can efficiently handle fluctuating demand, opting for consumption-based pricing where available, and diligently optimizing your runtime usage to minimize processing time. Costs in PaaS are typically based on your application usage, runtime hours, and storage consumed. Finally, for Software-as-a-Service where you can consume a ready-to-use application, cost optimization centers on licensing and usage. This involves consolidating tools to avoid redundant subscriptions, selecting usage-based plans if they align better with your needs, and crucially, eliminating any unused license. SaaS costs are generally based on subscription or per user fees. Understanding these nuances is essential for effective cloud financial management. 05:52 Lois: Ok. And what about scalability? How does each model handle the ability to grow and shrink with demand, without needing manual hardware changes? Orlando: How you achieve and manage that scalability varies significantly across our three service models. For Infrastructure-as-a-Service, you have the most direct control over scaling. You can implement manual or auto scaling by adding or removing virtual machines as needed, often leveraging load balancers to distribute traffic. In this model, you configure the scaling policies and parameters based on your specific workload. Moving to Platform-as-a-Service, the scaling becomes more automated and elastic. The platform automatically adjusts resources based on your application's demand, allowing it to seamlessly handle traffic spikes or dips. Here, the provider manages the underlying scaling behavior, freeing you from that operational burden. Finally, with Software-as-a-Service, scalability is largely abstracted and invisible to the user. The application scales automatically in the background, with the entire process fully managed by the provider. As a user, you simply benefit from the application's ability to handle millions of users without ever needing to worry about the infrastructure. Understanding these scaling differences is crucial for selecting the right model for your application's need. 07:34 Join the Oracle University Learning Community and tap into a vibrant network of over 1 million members, including Oracle experts and fellow learners. This dynamic community is the perfect place to grow your skills, connect with likeminded learners, and celebrate your successes. As a MyLearn subscriber, you have access to engage with your fellow learners and participate in activities in the community. Visit community.oracle.com/ou to check things out today! 08:05 Nikita: Welcome back! We've talked about cost optimization and scalability in cloud environments. But what about ensuring availability? How does that work? Orlando: Availability refers to the ability of a system or service to remain accessible in operational, even in the face of failures or extremely high demand. The approach of achieving and managing availability, and crucially, your role versus the provider's differs greatly across each model. With Infrastructure-as-a-Service, you have the most direct control over your availability strategy. You will be responsible for designing an architecture that includes redundant VMs, deploying load balancers, and potentially even multi-region setups for disaster recovery. Your specific roles involves designing this architecture and managing your failover process and data backups. The provider's role, in turn, is to deliver the underlying infrastructure with defined service level agreements, SLAs, and health monitoring. For Platform-as-a-Service, the platform itself offers a higher degree of built-in, high availability, and automated failover. While the provider maintains the runtime platform's availability, your role shifts. You need to ensure your application's logic is designed to gracefully handle retries and potential transient failures that might occur. Finally, with Software-as-a-Service, availability is almost entirely handled for you. The provider ensures fully abstracted redundancy and failover behind the scenes. Your role becomes largely minimal, often just involving a specific application's configurations. The provider is entirely responsible for the full application uptime and the underlying high availability infrastructure. Understanding these distinct roles in ensuring availability is essential for setting expectations and designing your cloud strategy efficiently. 10:19 Lois: Building on availability, let's talk Disaster Recovery. Orlando: DR is about ensuring your systems and data can be recovered and brought back online in the event of a significant failure, whether it's a hardware crash, a natural disaster, or even human error. Just like the other aspects, the strategy and responsibilities for DR vary significantly across the cloud service models. For Infrastructure-as-a Service, you have the most direct involvement in your DR strategy. You need to design and execute custom DR plans. This involves leveraging capabilities like multi-region backups, taking VM snapshots, and setting up failover clusters. A real-world example might be using Oracle Cloud compute to replicate your VMs to a secondary region with block volume backups to ensure business continuity. Essentially, you manage your entire DR process here. Moving to Platform-as-a-Service, disaster recovery becomes a shared responsibility. The platform itself offers built-in redundancy and provide APIs for backup and restore. Your role will be to configure the application-level recovery and ensure your data is backed up appropriately, while the provider handles the underlying infrastructure's DR capability. An example could be Azure app service, Oracle APEX applications, where your apps are redeployed from source control like Git after an incident. Finally, with Software-as-a-Service, disaster recovery is almost entirely vendor managed. The provider takes full responsibility, offering features like auto replication and continuous backup, often backed by specific Recovery Point Objective (RPO) and Recovery Time Objective (RTO) SLAs. A common example is how Microsoft 365 or Salesforce manage user data backups in restoration. It's all handled seamlessly by the provider without your direct intervention. Understanding these different approaches to DR is crucial for defining your own business continuity plans in the cloud. 12:46 Lois: Thank you, Orlando, for this insightful discussion. To recap, we spoke about the three main cloud models: IaaS, PaaS, and SaaS, and how each one offers a different mix of control and convenience, impacting cost, scalability, availability, and recovery. Nikita: Yeah, hopefully this helps you pick the right cloud solution for your needs. If you want to learn more about the topics we discussed today, head over to mylearn.oracle.com and search for the Cloud Tech Jumpstart course. In our next episode, we'll take a close look at the essentials of networking. Until then, this is Nikita Abraham… Lois: And Lois Houston, signing off! 13:26 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

director strategy moving service microsoft os software cloud platform leveraging costs oracle infrastructure saas crm salesforce apis vm azure data centers git disaster recovery paas david wright vms iaas slas oracle cloud core concepts oracle university innovation programs orlando how

TCG060: Rockets, Networks, and Markets With Michael Reid

security cloud cybersecurity automation saas fundamentals iot comif capital one embedded kubernetes solarwinds zero trust paas iaas showif sase

Play Episode Listen Later Oct 15, 2025 60:45

Michael Reid went from studying aerospace engineering to becoming CEO at Megaport, a global network-as-a-service platform. How did he get there, and what can we learn from his journey? We walk his career path, including a pivotal role scaling ThousandEyes from 74 million to over 2.4x ARR post-acquisition, and how those experiences shaped his approach to... Read more »

ceo markets saas rockets networks aws devops azure arr cloud computing kubernetes paas gcp digital ocean iaas aiops thousand eyes michael reid gke

Cybersecurity Fundamentals : Cloud, Zero Trust, and You Chapter 6

Technology Tap

Play Episode Listen Later Oct 9, 2025 23:24 Transcription Available

professorjrod@gmail.comCloud perimeters are fading, identities are multiplying, and threats move faster than patches. We dive into the real mechanics of securing a hybrid world—mapping cloud deployment choices, clarifying shared responsibility across SaaS, PaaS, and IaaS, and showing how Zero Trust reshapes defenses around identity, posture, and context. It's a practical tour from first principles to field-tested patterns, grounded by case studies like Capital One and SolarWinds and anchored in frameworks such as NIST SP 800-207.We start by decoding public, private, hosted private, community, and hybrid models, then connect those choices to risk: multi-tenant isolation, data flows between zones, and the observability challenges of decentralization. From there, we move into reliability engineering—high availability, geo-redundancy, disaster recovery—and the role Kubernetes plays in scaling securely, with a frank look at container pitfalls and how least privilege and image scanning reduce blast radius. Automation takes center stage with infrastructure as code, autoscaling, and software-defined networking, plus how SASE brings secure access to a remote-first workforce without bolting on more complexity.Embedded systems and IoT get a hard look: scarce memory, weak encryption, default credentials, and unpatchable firmware that turns convenience into risk. We offer a simple playbook—segment aggressively, enforce egress controls, rotate credentials, and plan device lifecycles—to stop small sensors from causing big outages. Zero Trust ties it all together: never trust, always verify; microsegment to prevent lateral movement; and evaluate every access request through identity, device health, and real-time signals. Along the way, we weave in Security+ exam-style questions so you can test your knowledge and lock in the fundamentals.If this helped you see your cloud and Zero Trust roadmap more clearly, follow the show, share it with a teammate, and leave a quick review. Got certified recently or put these controls into practice? Email professorjrod@gmail.com—we'd love to shout you out on a future episode.Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

TCG059: From Source of Truth to Knowledge Graph – Rethinking Network Data

Play Episode Listen Later Oct 1, 2025 46:30

Network automation has a data problem. Traditional tools may hit limitations when managing complex infrastructure relationships. We explore how OpsMill’s InfraHub uses graph databases and temporal versioning to create what our guest calls “the knowledge graph of infrastructure” – enabling true version control at the database level while maintaining the flexibility to model anything from... Read more »

data network traditional rethinking saas aws devops azure graphs cloud computing kubernetes paas gcp digital ocean iaas aiops knowledge graph gke

Database Security. Defending Against Modern Cyber Threats & More. Terry Ray, Varonis.

ai vice president modern security saas defending databases product strategy cyber threats iaas varonis terry ray

Play Episode Listen Later Sep 30, 2025 16:55

Terry Ray is the Vice President of Product Strategy at Varonis. In this episode, he joins host Paul John Spaulding to discuss database security, including defense against modern cyber threats, risks associated with over-permissioned users and applications, and more. This episode is brought to you by Varonis, whose AI-powered data security platform secures your data at scale – across IaaS, SaaS, and hybrid cloud environments. To learn more about our sponsor, visit https://www.Varonis.com.

TCG058: Creating the Internet Layer That Should Have Been With Avery Pennarun

Play Episode Listen Later Sep 17, 2025 51:49

In this deep dive episode, we explore the evolution of networking with Avery Pennarun, Co-Founder and CEO of Tailscale. Avery shares his extensive journey through VPN technologies, from writing his first mesh VPN protocol in 1997 called “Tunnel Vision” to building Tailscale, a zero-trust networking solution. We discuss how Tailscale reimagines the OSI stack by... Read more »

ceo internet co founders saas aws vpn layer devops azure cloud computing kubernetes tunnel vision paas osi gcp digital ocean iaas aiops tailscale gke

Resilient Cyber w/ Cory Michal (AppOmni) - Unpacking the SaaS Security Supply Chain Landscape

Resilient Cyber

Play Episode Listen Later Sep 10, 2025 24:52

- One of the biggest SaaS security incidents recently of course is the Salesloft Drive/Salesforce incident, which impacted hundreds of organizations and involved compromised OAuth tokens. Can you tell us a bit about the incident and the fallout?- In an AppOmni blog on the incident, you all discuss attackers taking advantage of persistent OAuth access, over-permissive access, limited monitoring, and unsecured secrets. Why do these problems continue to plague organizations despite incidents like this?This is part of a broader trend of increased SaaS supply chain attacks. What makes these attacks so enticing for malicious actors and challenging for organizations to prevent entirely?You recently published your State of SaaS Security Report, which projects SaaS to grow 20% YoY between 2025 and 2032. This is despite 75% of organizations reporting a SaaS security incident in the past year. Why do you think we're seeing continued growth in adoption but still lagging in SaaS security to accompany the adoption?The report discusses the rise of NHIs and GenAI and how this will exacerbate problems around SaaS Access and incidents. Can you unpack that for us?I was shocked to see the report find that just 13% of organizations use SSPM tooling despite SaaS's widespread adoption. When you talk to enterprises, for example, nearly everyone is doing some CSPM activity for IaaS. Why are so many neglecting hygiene and posture for their SaaS footprint?

state security landscape unpacking saas resilient cyber supply chains genai yoy iaas oauth cspm appomni sspm

TCG057: Following the Progress of the Model Context Protocol (MCP) With John Capobianco

Play Episode Listen Later Sep 3, 2025 57:43

John Capobianco is back! Just months after our first Model Context Protocol (MCP) discussion, John returns to showcase how this “USB-C of software” has transformed from experimental technology to an enterprise-ready solutions. We explore the game-changing OAuth 2.1 security updates, witness live demonstrations of packet analysis through natural language with Gemini CLI, and discover how... Read more »

model progress context saas protocol aws devops azure cloud computing usb c kubernetes paas gcp digital ocean iaas oauth aiops gke john capobianco

AWS Cloud Computing: Part 2 – Basics to Infrastructure Explained

service basics cloud infrastructure saas aws deployment amazon web services cloud computing paas iaas aws cloud

Play Episode Listen Later Sep 2, 2025 86:07

Cloud computing can feel overwhelming at first—but it doesn't have to be. In this beginner-to-pro session, InfosecTrain breaks down the fundamentals of cloud computing and explains how Amazon Web Services (AWS) delivers the backbone of today's digital world.Whether you're a student, IT professional, or career switcher, this episode will simplify complex cloud concepts and give you a clear path to understanding modern IT infrastructure.

AWS Cloud Computing: Part 1 – Basics to Infrastructure Explained

service basics cloud infrastructure saas aws deployment amazon web services cloud computing paas iaas aws cloud

Play Episode Listen Later Sep 1, 2025 87:08

CCSP Exam Prep 2025 | Domain 3: Cloud Platform & Infrastructure Security

Play Episode Listen Later Aug 22, 2025 16:31

Curious how cloud platforms stay secure? In this session, we explore Domain 3 of the CCSP exam—Cloud Platform & Infrastructure Security. Gain a solid foundation in protecting cloud infrastructure while keeping it scalable, resilient, and compliant.

prep curious cloud secure saas shared strengthen exam domain paas iaas cloud platforms ccsp infrastructure security

TCG056: Network Automation Reality Check with Ivan Pepelnjak

Play Episode Listen Later Aug 20, 2025 70:51

In this unplanned and unfiltered conversation, we dive deep into network automation realities with Ivan Pepelnjak, networking’s long standing and independent voice from ipSpace.net. We explore why automation projects fail, dissect the tooling landscape (Ansible vs. Terraform vs. Python), and discuss the cultural barriers preventing enterprises from modernizing their networks. Ivan delivers hard truths about... Read more »

network automation saas reality check python aws devops azure cloud computing kubernetes paas terraform gcp digital ocean iaas ansible aiops gke

CCSP Exam Prep 2025 | Deep Dive into Domain 1: Cloud Concepts, Architecture & Design

Play Episode Listen Later Aug 20, 2025 49:10

Struggling with CCSP Domain 1? This session simplifies Cloud Concepts, Architecture, and Design—the foundation of CCSP success. Whether you're new to cloud or strengthening your expertise, this breakdown prepares you for both the exam and real-world application.

real design deep dive struggling prep cloud architecture concepts exam domain paas iaas ccsp architecture design learn key

TCG055: Building Developer-First Identity Solutions with Brian Pontarelli

curious ease conquering scholarships mission possible iaas think globally

Play Episode Listen Later Aug 6, 2025 50:13

Today we explore how to build sustainable tech companies with Brian Pontarelli, Founder of FusionAuth. Brian shares his path from early programming on an Apple IIe to creating innovative solutions in the complex world of customer identity and access management (CIAM). Brian argues that single-tenancy and local development capabilities are crucial for developers. He also... Read more »

founders identity saas developers aws devops azure cloud computing kubernetes paas gcp digital ocean iaas aiops apple iie ciam gke fusionauth

#24 Mission Possible: Conquering Scholarship with Ease

IAAS Wanna Talks

Play Episode Listen Later Jul 27, 2025 13:52

Getting a scholarship isn't just about luck. It is about strategy, persistence, and self-belief. In this episode, we're joined by a Beasiswa Unggulan awardee who shares her journey, tips, and mindset to help you conquer scholarships with confidence!

TCG054: Framing Up the Future of Infrastructure-as-Code and User Experience with Cory O'Daniel

Play Episode Listen Later Jul 23, 2025 61:56

How is Infrastructure-as-Code (IaC) evolving? How does user experience fit in? Today on The Cloud Gambit, Cory O'Daniel, Co-Founder & CEO of Massdriver, lends his experience as a coder, architect, and founder to help us answer these questions. Cory also discusses what it was like building and funding a startup in the 2021-2022 market, the... Read more »

ceo co founders code infrastructure saas aws framing devops azure user experience cloud computing kubernetes paas gcp digital ocean iaas aiops gke

TCG000: The Cloud Gambit Podcast Joins the Packet Pushers Network!

Play Episode Listen Later Jun 30, 2025 10:42

The Cloud Gambit is joining the Packet Pushers network! Launched in 2023 as an independent podcast, The Cloud Gambit cuts through the hype to deliver what actually matters in cloud and AI. Hosts William Collins and Eyvonne Sharp decode the strategies, technologies, and market forces reshaping enterprise infrastructure. Built for engineers who lead, leaders who... Read more »

ai network built cloud saas launched gambit aws devops azure cloud computing kubernetes paas gcp digital ocean iaas aiops gke packet pushers

2025 State of Data Security. Latest Threats & More. Mike Thompson, Varonis.

director ai state threats cloud saas data security iaas mike thompson security architecture varonis

Play Episode Listen Later Jun 4, 2025 15:03

Mike Thompson is the Director, Cloud and Security Architecture at Varonis. In this episode, he joins host Paul John Spaulding to discuss Varonis' 2025 State of Data Security report, including the latest threats, how companies can stay protected, and more. This episode is brought to you by Varonis, whose AI-powered data security platform secures your data at scale – across IaaS, SaaS, and hybrid cloud environments. To learn more about our sponsor, visit https://www.Varonis.com.

AI, Data Security, & The CISO's Evolving Role. Insights From Varonis. Yaki Faitelson, Varonis.