Podcasts about panoptica

Episode 18: How can embracing AI solve fundamental problems in areas like sustainability, healthcare, and education? Matt Wolfe (https://x.com/mreflow) and Nathan Lands (https://x.com/NathanLands) dive deep into this topic with Vijoy Pandey (https://x.com/vijoy), who leads Cisco's Outshift team. In this episode, Vijoy Pandey reveals the 4-step blueprint to building a successful AI startup and emphasizes how AI's integration in different sectors could revolutionize the way we live and work. Covering everything from the potential of AI to democratize knowledge, to the challenges startups face against tech giants, this conversation is packed with insights on adopting AI for larger societal benefits. Check out The Next Wave YouTube Channel if you want to see Matt and Nathan on screen: https://lnk.to/thenextwavepd — Mentions: Get the free ChatGPT Bundle here https://clickhubspot.com/chatgpt Vijoy Pandey: https://blogs.cisco.com/author/vijoypandey Cisco: https://www.cisco.com/ Outshift by Cisco: https://outshift.cisco.com/ Panoptica: https://www.panoptica.app/ — Check Out Matt's Stuff: • Future Tools - https://futuretools.beehiiv.com/ • Blog - https://www.mattwolfe.com/ • YouTube- https://www.youtube.com/@mreflow — Check Out Nathan's Stuff: Newsletter: https://news.lore.com/ Blog - https://lore.com/ The Next Wave is a HubSpot Original Podcast // Brought to you by The HubSpot Podcast Network // Production by Darren Clarke // Editing by Ezra Bakker Trupiano

In this Summer Replay, we revisit our 2021 conversation Micheal Benedict. At the time, he was the Head of Engineering Productivity at Pinterest, and today, he's Head of Infrastructure Engineering at Airtable. Micheal tells us what exactly it means to lead engineering productivity and divulges more details on productivity engineering. He traces the history of productivity engineering at Pinterest and offers some distinct observations on building out internal teams. Micheal talks about what it is like in his day-to-day complexities of working in AWS. Tune in for Micheal's take on the specific details of productivity and the cloud.Show Highlights:(0:00) Intro(0:55) Panoptica sponsor read(1:36) What is product engineering?(2:44) The effectiveness of internal platforms(7:46) Solving AMI problems(10:23) Building foundations and learning woes(13:06) Micheal's day-to-day at Pinterest(15:31) When engineering productivity starts to make sense(18:58) Changes Micheal would've made at Pinterest(20:56) Panoptica sponsor read(21:19) Biggest mistakes at Pinterest(23:46) Navigating outages in the cloud(30:51) Corey's personal experiences with Pinterest(36:20) The legacy of code(40:31) Where you can find more from MichealAbout Micheal Benedict:Micheal Benedict is an engineering leader with a decade of experience in building and scaling infrastructure for consumer and enterprise companies.He currently heads Infrastructure Engineering at Airtable. Previously, he led teams at Databricks, Pinterest, and Twitter, enhancing developer productivity, scaling infrastructure, and driving efficient use of multi-million $ cloud budgets.Micheal holds a Master's degree in Computer Science from the University at Buffalo.Links:Pinterest: https://www.pinterest.comTwitter: https://twitter.com/michealLinkedIn: https://www.linkedin.com/in/michealb/Original Episode:https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/breaking-down-productivity-engineering-with-micheal-benedict/SponsorPanoptica: https://www.panoptica.app/

AB sits down with Papi Menon, VP of Product Management at Outshift by Cisco, to discuss Outshift's charter to foster new and cutting-edge tech ideas and tools to help technology teams succeed in the future. Building successful products is not an overnight effort, and this enlightening conversation emphasizes the critical roles of commitment and patience in guiding a new product from its initial concept to market launch.

If you need a point of contact for all things networking, then look no further than Ivan Pepelnjak. Ivan is the webinar author at ipSpace.net where he is working on making networking an approachable subject for everyone. From teaching to writing books, Ivan has been at it for a long and storied career, and as a de facto go-to for networking knowledge, you can't beat him. In this Summer Replay of Screaming in the Cloud, Ivan and Corey discuss Ivan's status as a CCIE Emeritus and the old days of Cisco. Ivan also levels his network engineering expertise and helps Corey answer some questions about BGP and its implementation. Ivan aptly narrows it down into “layers” that he kindly runs us through. So tune in for a Dante-esque descent into BGP, DNS and Facebook, seeing out the graybeards of tech, and more!Show Highlights: (0:00) Intro to episode(1:23) Panoptica sponsor read(2:04) The world of VaxVMS(2:39) The significance of being a CCIE emeritus(5:02) The value of certification in the modern tech world(7:37) BGP and networking(12:41) Internal vs. external BGPs(15:23) “Unfair criticisms” of BGP(17:35) Differences between BGP and DNS(23:19) Cloud growth vs. loss of networking engineers(24:57) Panoptica sponsor read(25:20) Outsourcing admin work(27:45) Breaking down the Facebook DNS outage(31:37) Disconnect at the data center(37:06) Where you can find IvanAbout Guest:Ivan Pepelnjak, CCIE#1354 Emeritus, is an independent network architect, blogger, and webinar author at ipSpace.net. He's been designing and implementing large-scale service provider and enterprise networks as well as teaching and writing books about advanced internetworking technologies since 1990.Links Referenced:ipSpace.net: https://ipspace.netOriginal Episode: https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/ironing-out-the-bgp-ruffles-with-ivan-pepelnjak/SponsorPanoptica: https://www.panoptica.app/

Relishing in your company's current successes is important, but planning for the future of your business (and the wider industry) is equally vital. In this Summer Replay of Screaming in the Cloud, we're taking you back to the post-pandemic climate of tech with the Global Vice President of the AWS Professional Services and GenAI Innovation Center Francessca Vasquez. With 20+ years of experience under her belt and thousands of customers, she knows a thing or two about thriving in the cloud. You'll get Francessca's insights into why companies struggle to maintain a cutting-edge work environment, the rapid pivot to the cloud amid a global pandemic, the importance of courting different backgrounds in your organization, and why the next generation of tech workers could spur unprecedented innovation. Even though COVID is seemingly in our rearview mirror, this discussion still holds weight in today.Show Highlights: (0:00) Intro to episode(0:49) Panoptica sponsor read(1:30) Francessca's role as AWS Vice President of Technology(2:56) Challenges of shifting company culture(5:38) Customer service and cloud adoption(9:46) The importance of legacy companies as clients(11:55) The pandemic's role in cloud migration(14:39) Finding “untapped talent” during the pandemic(16:45) Courting people breaking into the industry(20:19) Panoptica sponsor read(20:42) Toxic gatekeeping in tech(24:29) The “real world” versus the realities of tech(26:43) Excitement for the next generation in tech(29:15) Diversity, equity, and excellence(32:20) How to communicate with your customers(40:00) Where you can find FrancesscaAbout Guest:Francessca is the leader of the AWS Technology Worldwide Commercial Operations organization. She is recognized as a thought leader of business technology cloud transformations and digital innovation, advising thousands of startups, small-midsize businesses, and enterprises. She is also the co-founder of AWS workforce transformation initiatives that inspire inclusion, diversity, and equity to foster more careers in science and technology.Links Referenced:Twitter: https://twitter.com/Francessca_V LinkedIn: https://www.linkedin.com/in/francesscavasquez/Original Episode: https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/building-and-maintaining-cultures-of-innovation-with-francessca-vasquez/SponsorPanoptica: https://www.panoptica.app/

When you hear a name like “Jamf,” you aren't likely to think of cloud architecture, but for Levi McCormick, it's his bread and butter. On this Summer Replay of Screaming in the Cloud, Corey and Levi chat about how Jamf's business approach benefits both their clients and their development team. Levi gives his take on the relationship between software development and personal ownership, how he gamified learning for young engineers, the economic challenges presented to professionals trying to break into the cloud, and how AWS can improve its rollout of new products. Seeing as Levi McCormick is now Jamf's Director of Engineering, those insights have seemingly paid dividends! You can check out this blast from the past (as well as Corey's usual wit and hot takes) right now!Show Highlights(0:00) Intro to the episode(0:58) Panoptica sponsor read(1:49) Levi's role as a Cloud Architect(2:41) The history of Jamf and the services they provide(5:58) Breaking down the cloud for customers(8:18) Services, development, and ownership(11:44) Identity and assumed roles in software engineering(14:41) The woes of mismanagement in the field(17:03) Pantoptica sponsor read(17:26) Explaining the Cloud Resume Challenge(20:11) Hesitancy to take the challenge wider(21:26) Economic barriers for young engineers(26:00) Thoughts on reInvent 2021(28:45) What's ahead for Levi McCormick(29:33) Where you can find LeviAbout LeviLevi's passion lies in helping others learn to cloud better.Links ReferencedJamf: https://www.jamf.comTwitter: https://twitter.com/levi_mccormickOriginal Episode: https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/an-enterprise-level-view-of-cloud-architecture-with-levi-mccormick/SponsorPanoptica: https://www.panoptica.app/

Can Threat Detection be enhanced with AI? Ashish sat down with Dave Johnson, Senior Threat Intelligence Advisor at Feedly, at BSides SF 2024, where Dave also presented a talk. Dave shares his journey in cyber threat intelligence, including his 15-year career with the FBI and his transition to the private sector. The conversation focuses on the innovative use of large language models (LLMs) to create Sigma rules for threat detection and the challenges faced along the way. Dave spoke about his four approaches to creating Sigma rules with AI, ultimately highlighting the benefits of prompt chaining and Retrieval Augmented Generation (RAG) systems. Guest Socials:⁠ ⁠Dave's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (01:44) A word for our episode sponsor, Panoptica (02:39) A bit about Dave Johnson (03:33) What are Sigma Rules? (04:36) Where to get started with Sigma Rules? (05:27) Skills required to work with Sigma Rules (06:32) The four approaches Dave took to Sigma Rules (11:29) Are Sigma Rules complimentary to existing log systems? (12:18) Challenges Dave had during his research (14:09) Validating Sigma Rules (16:01) Working on Sigma Rule Projects (18:54) The Fun Section Resources spoken about during the episode: Dave's Website SigmaHQ GitHub

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Nadav Lotan, product management team leader, Cisco. In this episode: How can security teams do their jobs without seeming like an impediment to developers? Why can this relationship seem oppositional? How can both sides work together to better secure software without seeming like a road block? Thanks to our podcast sponsor, Panoptica, Cisco's Cloud Application Security Platform Panoptica, Cisco's Cloud Application Security solution, provides end-to-end lifecycle protection for cloud native application environments. It empowers organizations to safeguard their APIs, serverless functions, containers, and Kubernetes environments. Panoptica ensures comprehensive cloud security, compliance, and monitoring at scale, offering deep visibility, contextual risk assessments, and actionable remediation insights for all your cloud assets.

Panoptica, Cisco's cloud application security solution, was born out of Outshift, Cisco's incubation engine. Shibu George, Engineering Product Manager at Outshift, joins Business Security Weekly to discuss his transition from application performance monitoring to application security and how Panoptica was born. This segment is sponsored by Panoptica. Visit https://securityweekly.com/panoptica to learn more about them! Show Notes: https://securityweekly.com/bsw-339

Panoptica, Cisco's cloud application security solution, was born out of Outshift, Cisco's incubation engine. Shibu George, Engineering Product Manager at Outshift, joins Business Security Weekly to discuss his transition from application performance monitoring to application security and how Panoptica was born. This segment is sponsored by Panoptica. Visit https://securityweekly.com/panoptica to learn more about them! Show Notes: https://securityweekly.com/bsw-339

Released on January 26, 2023, the NIST AI RMF Framework was developed through a consensus-driven, open, transparent, and collaborative process that included a Request for Information, several draft versions for public comments, multiple workshops, and other opportunities to provide input. It is intended to build on, align with, and support AI risk management efforts by others. Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint, joins BSW to discuss why AI risks are a unique challenge and how they can impact both organizations and society. Without proper controls, AI systems can amplify, perpetuate, or exacerbate inequitable or undesirable outcomes for individuals and communities. With proper controls, AI systems can mitigate and manage inequitable outcomes. This segment is sponsored by CyberSaint . Visit https://securityweekly.com/cybersaint to learn more about them! Panoptica, Cisco's cloud application security solution, was born out of Outshift, Cisco's incubation engine. Shibu George, Engineering Product Manager at Outshift, joins Business Security Weekly to discuss his transition from application performance monitoring to application security and how Panoptica was born. This segment is sponsored by Panoptica. Visit https://securityweekly.com/panoptica to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-339

Released on January 26, 2023, the NIST AI RMF Framework was developed through a consensus-driven, open, transparent, and collaborative process that included a Request for Information, several draft versions for public comments, multiple workshops, and other opportunities to provide input. It is intended to build on, align with, and support AI risk management efforts by others. Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint, joins BSW to discuss why AI risks are a unique challenge and how they can impact both organizations and society. Without proper controls, AI systems can amplify, perpetuate, or exacerbate inequitable or undesirable outcomes for individuals and communities. With proper controls, AI systems can mitigate and manage inequitable outcomes. This segment is sponsored by CyberSaint . Visit https://securityweekly.com/cybersaint to learn more about them! Panoptica, Cisco's cloud application security solution, was born out of Outshift, Cisco's incubation engine. Shibu George, Engineering Product Manager at Outshift, joins Business Security Weekly to discuss his transition from application performance monitoring to application security and how Panoptica was born. This segment is sponsored by Panoptica. Visit https://securityweekly.com/panoptica to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-339

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest Kelly Haydu, vp, infosec, technology, and enterprise applications, CarGurus. In this episode: What other career fields are rife with talent that could successfully transition into our industry? What kind of framework do we need to surface a more diverse array of talent? Also, what happens when a vendor goes over your head to the CEO? Thanks to our podcast sponsor, Panoptica, Cisco's Cloud Application Security Platform Panoptica, Cisco's Cloud Application Security solution, provides end-to-end lifecycle protection for cloud native application environments. It empowers organizations to safeguard their APIs, serverless functions, containers, and Kubernetes environments. Panoptica ensures comprehensive cloud security, compliance, and monitoring at scale, offering deep visibility, contextual risk assessments, and actionable remediation insights for all your cloud assets.

In this episode of CyberWire-X, N2K's CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by Tim Miller, Technical Marketing Engineer for Panoptica, Cisco's Cloud Application Security solution, (Panoptica is the result of Cisco's incubation engine (Outshift) for new products and markets), and Kevin Ford, Esri's CISO. They discuss the complexity reduction need that Cloud-Native Application Protection Platforms (CNAPPs) provide. Outshift by Cisco is our CyberWire-X episode sponsor. To learn more about Cloud-Native Application Protection Platforms, check out Panoptica's website at https://panoptica.app and consider attending the Cisco Live EMEA in Amsterdam, February 5-8, 2024. Learn more about your ad choices. Visit megaphone.fm/adchoices

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our guest, Shyama Rose, CISO and head of IT, Affirm. In this episode: What is the impact of burnout to your security team directly? Does burnout directly play a role in how an organization can respond to security incidents.? All jobs involve dealing with stress, but what should we consider normal in cybersecurity? And when does that stress endanger your security mission? Thanks to our podcast sponsors, Panoptica, Cisco's Cloud Application Security Platform Panoptica, Cisco's Cloud Application Security solution, provides end-to-end lifecycle protection for cloud native application environments. It empowers organizations to safeguard their APIs, serverless functions, containers, and Kubernetes environments. Panoptica ensures comprehensive cloud security, compliance, and monitoring at scale, offering deep visibility, contextual risk assessments, and actionable remediation insights for all your cloud assets.

In this episode of CyberWire-X, N2K's CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by Tim Miller, Technical Marketing Engineer for Panoptica, Cisco's Cloud Application Security solution, (Panoptica is the result of Cisco's incubation engine (Outshift) for new products and markets), and Kevin Ford, Esri's CISO. They discuss the complexity reduction need that Cloud-Native Application Protection Platforms (CNAPPs) provide. Outshift by Cisco is our CyberWire-X episode sponsor. To learn more about Cloud-Native Application Protection Platforms, check out Panoptica's website at https://panoptica.app and consider attending the Cisco Live EMEA in Amsterdam, February 5-8, 2024. Learn more about your ad choices. Visit megaphone.fm/adchoices

Brian and Brandon Whichard (@bwhichard, @SoftwareDefinedTalk) talk about surviving the annual planning process and Q1 goals, KPIs, politics, priorities, etcSHOW: 785CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Learn More About Azure Offerings : Learn more about Azure Migrate and Modernize & Azure Innovate!Azure Free Cloud Resource Kit : Step-by-step guidance, resources and expert advice, from migration to innovation.CloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:Topic 1 - The new year is upon us. What sorts of strategies do you use (or have you used) to deal with the onslaught of 2024 planning, Q1 goals/KPIs, etc.? Are you a fast-starter or trying to lay low?Topic 2 - What are some of the ways that you've seen people deal with the annual goals that seem overwhelming (or hard to project) in January? Topic 3 - What are the biggest pitfalls for being too aggressive too early in 2024? What are the biggest upsides for being aggressive?Topic 4 - Even though the calendar flips in December, it doesn't mean everything starts over (or starts new). How do you deal with the projects that have completely different priorities on January 1st vs. December 31st?Topic 5 - Who are the key people you're trying to align with in Q1? Is it managers, or finance, or strategy people….or someone else? Topic 6 - Any big disasters to avoid in Q1 that can ruin the rest of the year? Topic 7 - Final thoughts on winning at the beginning of the year?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Aaron and Brian talk to Mark Hinkle (@mrhinkle, Founder @peripety_labs) about enabling AI to drive personal productivity, AI experimentation and AIOps soft skills.SHOW: 783CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appCloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendSHOW NOTES:Peripety Labs - Adopt AI today to improve Business EfficiencyThe Artificially Intelligent Enterprise (newsletter)Archive.org for Artificial Intelligence (hosted by Cornell) Fireflies.ai (automater notetaker)Llamaindex (middleware)Langchain (middleware)Topic 1 - Welcome back to the show. Give our audience a little bit of your background and what you focus on now with Peripety Labs?Topic 2 - If you're a business leader today, where are you focusing your priorities in terms of taking advantage of AI to improve the business?Topic 3 - If you're a knowledge worker today, where are you focusing your priorities in terms of taking advantage of AI to improve your job?Topic 4 - What's a good way to think about experimentation with AI vs. trying to start measuring results now? Any tips to help companies or workers accelerate their learning curves?Topic 5 - What are some of the biggest misconceptions you're seeing across the industry right now around AI? Concerns, fears, anti-patterns, etc. Topic 6 - We're learned over many years (and technology trends) that the most successful ones align technology and people/culture/organization. What are the AI alignments of people and technology that are most needed? FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

What were the major announcements at 2023 AWS re:Invent? What did we learn about their AI strategy? What did we learn about how they continue to evolve the business?SHOW: 778CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:Top announcements from AWS re:Invent 2023AWS re:Invent Keynotes (2023)AWS MANAGES THE TRANSITION FROM ONE CLOUD ERA TO THE NEXT Reviewing AWS' AI strategyNVIDIA DGX Cloud in AWSFurther alignment with AnthropicAWS QCost Optimization HubMemory-optimized Graviton 4 ARM compute nodeszero-ETL integration for a number of database and data-ingestion platformsAurora Limitless DatabaseIBM DB2 comes to AWSProject Kuiper - Satellite InternetFEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Meta bans AI-generated Political Ads, Google's new RETVec Anti-spam tool, a casual convo on Super Soldiers, and more…

How did the modern cloud evolve from the earliest days of AWS to today's AI boom? What roles did open source, mobile apps, microservices and the sharing economy play?SHOW: 776CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appDatadog Application Monitoring: Modern Application Performance MonitoringGet started monitoring service dependencies to eliminate latency and errors and enhance your users app experience with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt.CloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendSHOW NOTES:All the show notes from this week's show.2001 - a dotCom Bubble Odyssey (Part 1 of 3) Building the Foundations of Modern Cloud (Part 2 of 3)FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

My Theory Of What Happened At OpenAI, A New Ransomware Tactic, Analysis Of What The SEC Case Will Do To Cybersecurity, Live David Attenborough Narration, And More… Read the episode here.

DOJ and Pentagon emails hacked by Russians, OpenAI's DevDay announcements, when DeepMind thinks we'll see AGI, and more…

Tim Miller (@broadcaststorm, Technical Marketing Engineer, Outshift by @Cisco) talks about new ways to approach the overwhelming security challenges created by cloud-native apps and multi-cloud. SHOW: 767CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Datadog Security Solution: Modern Monitoring and SecurityStart investigating security threats before it affects your customers with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt.CloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendSHOW NOTES:Panoptica (homepage)Outshift by Cisco (Emerging Technologies)Panoptica - Open Clarity (open source projects)Topic 1 - Welcome to the show. Tell us a bit about your background and what you focus on these days at Outshift by Cisco. Topic 2 - Let's begin by talking about the security challenges that come with modern applications and cloud environments.  Topic 3 - The classic challenges of security have always been too many tools, not enough people, lots of misconfigurations, tons of red on the dashboard. Are there new approaches that are trying to address these challenges?Topic 4 - Talk to us about this concept of “Attack Path Analysis”. What is it? What is it trying to accomplish that we didn't/couldn't do before?Topic 5 - How does Panoptica address many of these challenges? How does it integrate with the many areas of the entire picture, from IaC to CI/CD to Observability?Topic 6 - What are some differences that DevOps teams might experience by using Attack Path Analysis? FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Shannon Williams (President & Co-Founder, Acorn Labs) & Darren Shepherd (Chief Architect & Co-Founder, Acorn Labs) talk about abstracting away dependencies for developers and packaging in Acorns. We also cover the announcement of Acorn running in AWS.SHOW: 765CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appCode Comments - An original podcast from Red Hat (Season 2)Adjusting to new technology, from teams that have been through it20% off KubeCon in person (corporate use only): KCNA23CC20SHOW NOTES:Acorn Labs (homepage)Topic 1 - Welcome back to the show. We've spoken a few times over the years. First at cloud.com, then at Rancher. For those that aren't familiar, give everyone a quick background.Topic 2 - This core team has been working together for over ten years and have been through 3 startups now. What makes you want to do it again?Topic 3 - Let's talk Acorn Labs, what is the problem you're trying to solve in the market? Explain to everyone the concept of an application development framework.Topic 4 - Anything new going on? Announcement of Acorn running in AWSTopic 5 - You use terms like Acorns, Acornfiles, Acorn services, and even nested acorns. Can you explain the architecture design and how it all connects together? What all are you packaging up (Docker images, configuration files, etc.) What are the advantages to this?Topic 6 - Can Acorn be considered a runtime abstraction layer?Topic 7 - This is sort of like a PaaS, or PaaS-like. None of the cloud providers have a service like this on top of their Kubernetes services. What do you know that they don'tTopic 8 - How do you balance the specificity of individual cloud service but at the same time present a common interface/layer to developers?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

As Docker talks about their successes and failures after 10 years, what lessons can be learned by open source companies, projects and foundations over the past decade.SHOW: 764CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appDatadog Monitoring: Modern Monitoring and AnalyticsStart monitoring your infrastructure, applications, logs and security in one place with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt.SHOW NOTES:Docker at 10 - Three Things we got Right, Three Things we got Wrong (TNS)Lessons Learned from Docker (Eps.505 - 2021)Lessons Learned from OpenShift (Eps. 489 - 2021)If Kubernetes is Boring, what's next? (Eps.509 - 2021)IT'S HARD TO SEE THE FOREST FOR THE TREESDocker was the transition between OpenStack (bad foundation) and Kubernetes (CNCF)Was Docker a Community or a Cult? How did Leadership work?Docker was stuck between VMware and DevelopersWHAT HAS THE INDUSTRY LEARNED FROM THE DOCKER DAYS?Customers and communities are very hesitant to adopt another single-vendor offeringCould Docker have succeeded as a “free” implementation?As much as DevOps and PlatformEngineering are happening, it's tough to have an “in between” technology (used by both Infra and AppDev)It's OK to adapt your monetization model, but it's not OK to not have oneOpen source can't be the driving force of a business. It's not a charity. If somebody offers you $3B, maybe consider taking it….FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Joe Curley (VP and GM Software Products and Ecosystem @ Intel) and Arun Gupta (VP and GM for Open Ecosystems @ Intel) talk about OSS Software and Open Ecosystems at Intel.SHOW: 763CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Code Comments - An original podcast from Red Hat (Season 2)Adjusting to new technology, from teams that have been through itFind "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.app20% off KubeCon in person (corporate use only): KCNA23CC20SHOW NOTES:Intel Open EcosystemsLike Water for Fish: Intel's Elemental Support for DevelopersAnnouncing the Unified Acceleration (UXL) FoundationOur kid's graduating from college!Topic 1 - Welcome to the show. Joe and Arun, give everyone a brief background please.Topic 2 - For many of our listeners, they may not equate Intel with Software and Open Source. Can you give everyone some background on how the intersection of Intel and Open Ecosystems came to be and your involvement today? What's in it for developersTopic 3 - How does Open Source Software fit into Intel's broader software strategyTopic 4 - What are the trends you are seeing in OSS and how does that impact Intel? How does that impact organizations today?Topic 5 - What kind of investments does Intel make into Open Source and Open Tools? There is Intel's oneAPI for instance… Topic 6 - Artificial Intelligence seems to be everywhere, how does AI fit into Intel's hardware and software vision and strategy?Topic 7 - Any final closing thoughts on the future and what to expect from Intel in the future?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Between open source, open core, ad-supported and SaaS, software-focused business models are being questioned. Will new business models emerge in the next few years? SHOW: 762CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appDatadog Synthetic Monitoring: Frontend and Backend Modern MonitoringEnsure frontend issues don't impair user experience by detecting user-facing issues with API and browser tests with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt.CloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendSHOW NOTES:The Software Paradox (Stephen O'Grady - Redmonk) GitHub CoPilot hits $100M ARRUnity CEO steps down after pricing changesFree or Free is Often Complicated (Eps.738)The Future of Software? (Eps.740)Cloud and Software Economics (Eps.744)Will LLMs replace OSS software licenses?  (Joseph Jacks)ARE THERE ANY VALID SOFTWARE BUSINESS MODELS LEFT?Software business models keep running into road blocksVC funding is slowing down, and interest rates are risingCan OSS as marketing survive? WILL THE NEXT GENERATION PAY FOR SOFTWARE, IN ANY WAY? SaaS seems to work, if you can survive the burn rate to capture customers.Is SaaS too expensive? Will variations emerge?Any changing models (free to fee, open core, etc.) disenfranchise the usersOSS is getting less fundingGaming is tied to engines and app storesWill AI open up new business models? New licensing models?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Anish Bishen (Chief Data Architect @Sliide), Jay Rawal (Head of DevOps @Sliide), Ieva Jonaityte (TAM @DoIT) talk about scaling infrastructure and data services at a rapidly growing startup, with FinOps enabled.  SHOW: 761CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"All Things Open 2023 is making 5 free passes + a 20% discount available to the Cloudcast community! More than 150 speakers and 175 sessions will be featured in downtown Raleigh October 15-17.Free Pass (auto-applied until they are gone!)Once the free pass have been claimed, use this link for 20% off!SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appCode Comments - An original podcast from Red Hat (Season 2)Adjusting to new technology, from teams that have been through itFind "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBESHOW NOTES:Sliide HomepageDoIT HomepageTopic 1 - Welcome to the show. Give us a little bit of your background and your focus areas today. Topic 2 - Sliide delivers a platform that allows Carriers and OEMs to deliver unique digital experiences to customers. Tell us about the architecture behind the platform and some of the bigger challenges you have in delivering those services at scale.Topic 3 - When delivering services for mobile, there are tons of variables involved (user-experience, bandwidth management, backend data collection, analytics, etc.). What do you think about the tradeoffs in terms of costs vs. experience?Topic 4 - DId you look at the cost optimizations as a one-time project, or is a FInOps focus now part of your on-going planning and operations? How does that function work with the rest of the platform team?Topic 5 - You've been working with the DoIT team to help optimize the platform and overall costs. How did you decide to work with DoIT to augment your team, and what were some of the core areas you focused on? Topic 6 - What lessons learned would you pass along to other platform teams? FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Aaron Delp and Brian Gracely discuss the possibility of another major cloud provider emerging as the economy changes and new application workloads begin to take shape. SHOW: 757CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:Microsoft hiring to build small reactors near data centersThe economic case for Generative AI (a16z)AWS invests (up to) $4B in AnthropicNVIDIA DGX CloudNVIDIA's new computing model (Acquired podcast)Topic 1 - Do you remember back when AWS was starting to take off, and Simon Wardley used to talk about how IBM or HP or Cisco or EMC/VMware should have been the ones building the utility cloud services? Topic 2 - We're now at a stage when all anyone can talk about is AI (Generative AI, LLMs, etc.) and GPUs. So which one is more powerful, the Models/Data or the Infrastructure?Topic 3 - Is it possible that NVIDIA could start building their own cloud? Do they potentially want to own a more vertical experience? Topic 4 - Obviously the buildout costs are enormous, but are they that much different from what the Big 3 are trying to do in retrofitting existing data centers, or hiring to build their own mini-Nuclear reactors?Topic 5 - Who could potentially be a partner to NVIDIA in building out this type of cloud in the near-term? (Equinix, national governments, cities-of-the-future, sovereign wealth funds, etc.)FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Alex Ratner (@ajratner, CEO @SnorkelAI) talks about labeling and training of LLMs. We go over Foundational Models and how to take an “off the shelf” model and fine-tune it for private use.SHOW: 755CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appFind "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBESHOW NOTES:SnorkelAI (homepage)SnorkelAI on The Cloudcast #523Topic 1 - Welcome back to the show. We last spoke two years ago. A lot has changed so we thought it would be a great time to talk about updates. For those that aren't familiar, give everyone a quick background.Topic 2 - Let's start with when we last spoke. We talked a lot about data scientists and how data labeling works for training LLM's. For those that aren't familiar, can you give everyone a quick intro to data labeling and why it is important for training?Topic 3 - When we last spoke, LLM weren't as mainstream as they are today. How has this impacted how you think about AI/ML in general? What are the big challenges for LLM today that you see?Topic 4 - Many organizations are trying “off the shelf” models but this may or may not be a good idea. On one side they don't have to build a model but on the other they still have to fine tune it to their specific needs and use case. What are your recommendations for organizations to get started and be as effective as possible?Topic 5 - In addition to organization specific models, are teams building purpose built models for specific functions (i.e. are they running multiple models each with a different task?) How does labeling and training come into play here?Topic 6 - Another challenge I'm seeing is security and data privacy concerns. What do folks getting started need to be aware of to make sure company data is safe?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Matt Spitz (@mattspitz, Head of Engineering at @TrustVanta) talks about the challenges of developer security and compliance. SHOW: 753CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:Vanta (homepage)Topic 1 - Welcome to the show. Tell us a little bit about your background. What made you join Vanta and did your experience at Dropbox factor into this decision?Topic 2 - Our topic today is developer security and compliance. Let's start by helping our listeners understand the problem. We hear all the time about developers wanting to go fast. Things like security and compliance can be an afterthought. Do you agree and is this the root of the problem or is it something else?Topic 3 - Most organizations, especially smaller orgs or startups just getting going, they just want to get to MVP, what advice to you have for them in building security and compliance into their CI/CD pipelines so this becomes more programmatic?Topic 4 - Security is certainly one angle, but probably just as important, if not more so is compliance. To make it slightly more difficult, compliance can mean many different things based on geography (SOC in US for instance). How do organizations staff for this and keep up with regulation changes? Or, maybe on the flip side, is this a common area where they are understaffed and need outside assistance?Topic 5 - In security and compliance worlds there is often the concept of identification and discovery as one part, but remediation as the second part. Where and how does Vanta work with organizations to solve for both vectors?Topic 6 - Automation, especially into CI/CD pipelines seems like a no-brainer here, but I would also add is this an area where AI/ML will come into play in the future?Topic 7 - If folks want to dig in and learn more, how do you suggest they get started?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Joe Duffy (@funcOfJoe, Co-Founder/CEO @PulumiCorp) talks about the evolution of infrastructure as code, the challenges of multi-cloud, and applying Generative AI to Ops.SHOW: 751CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appFind "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBESHOW NOTES:Pulumi (homepage)Pulumi Insights (LLM - Generative AI)New Features (NewStack article)The Cloudcast #388, The Cloudcast #657Sept 14th WebinarSept 19th WebinarTopic 1 - Welcome to the show. Tell us a little bit about your background. What made you found Pulumi and you have an extensive developer background at Microsoft as well.Topic 2 - Pulumi's been in the market for 6+ years and we first spoke 4 years ago. Has the IaC space “settled down”? Do you consider it still emerging, evolving, or mature at this point?Topic 3 - We're seeing a lot of organizations manage resources and infrastructure across multiple clouds. What are the big challenges of multiple vs. single clouds?Topic 4 - Another big trend is of course Generative AI. You recently announced Pulumi Insights. Can you tell everyone about how this came to be and the problem you are trying to solve?Topic 5 - Let's talk about culture quickly. How do organizations, especially large organizations with many groups and tools, standardize tools and processes? What are the big hurdles that need to be overcome?Topic 6 - OSS has been in the news lately, especially around the Terraform project. What are your thoughts on OSS and its place in IaC both today and going forward?Topic 7 - We see you have a big webinar coming up. It looks to be a great place to dig in and get started. Tell everyone about it for those out there that want to know more.FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Luis Ceze (@luisceze, Founder/CEO @OctoML) talks about barriers to entry for AI & ML, the economics of funding, training, fine tuning, inferencing and optimizations.SHOW: 749CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:OctoML (homepage)OctoML makes it easier to put AI/ML models into productionOctoML launches OctoAITopic 1 - Welcome to the show. You have an interesting background with roots in both VC markets and academia. Tell us a little bit about your background.Topic 2 - Generative AI is now all the rage. But as more people dig into AI/ML in general, they find out quickly there are a few barriers to entry. Let's address some of them as you have an extensive history here. The first barrier I believe most people hit is complexity. The tools to ingest data into models and deployment of models has improved but what about the challenges implementing that into production applications? How do folks overcome this first hurdle?Topic 3 - The next hurdle I think most organizations hit is where to place the models. Where to train them, where to fine tune them and where to run them could be the same or different places. Can you talk a bit about placement of models? Also, as a follow up, how does GPU shortages play into this and can models be fine tuned to work around this?Topic 4 - Do you see the AI/ML dependence on GPU's continuing into the future? Will there be an abstraction layer or another technology coming that will allow the industry to move away from GPU's from more mainstream applications?Topic 5 - The next barrier but very related to the previous one is cost. There are some very real world tradeoffs between cost and performance when it comes to AI/ML. What cost factors need to be considered besides hardware costs? Data ingestion and data gravity comes to mind as a hidden cost that can add up quickly if not properly considered. Another one is latency. Maybe you arrive at an answer but at a slower rate that is more economical. How do organizations optimize for cost?Topic 6 - Do most organizations tend to use an “off the shelf model” today? Maybe an open source model that they train with their private data? I would expect this to be the fastest way to production, why build your own model when the difference is in your data? How does data privacy factor into this scenario?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Kelsey Hightower joins Corey on Screaming in the Cloud to discuss his reflections on how the tech industry is progressing. Kelsey describes what he's been getting out of retirement so far, and reflects on what he learned throughout his high-profile career - including why feature sprawl is such a driving force behind the complexity of the cloud environment and the tactics he used to create demos that are engaging for the audience. Corey and Kelsey also discuss the importance of remaining authentic throughout your career, and what it means to truly have an authentic voice in tech. About KelseyKelsey Hightower is a former Distinguished Engineer at Google Cloud, the co-chair of KubeCon, the world's premier Kubernetes conference, and an open source enthusiast. He's also the co-author of Kubernetes Up & Running: Dive into the Future of Infrastructure. Recently, Kelsey announced his retirement after a 25-year career in tech.Links Referenced:Twitter: https://twitter.com/kelseyhightower TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Do you wish there were cheat codes for database optimization? Well, there are – no seriously. If you're using Postgres or MySQL on Amazon Aurora or RDS, OtterTune uses AI to automatically optimize your knobs and indexes and queries and other bits and bobs in databases. OtterTune applies optimal settings and recommendations in the background or surfaces them to you and allows you to do it. The best part is that there's no cost to try it. Get a free, thirty-day trial to take it for a test drive. Go to ottertune dot com to learn more. That's O-T-T-E-R-T-U-N-E dot com.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. You know, there's a great story from the Bible or Torah—Old Testament, regardless—that I was always a big fan of where you wind up with the Israelites walking the desert for 40 years in order to figure out what comes next. And Moses led them but could never enter into what came next. Honestly, I feel like my entire life is sort of going to be that direction. Not the biblical aspects, but rather always wondering what's on the other side of a door that I can never cross, and that door is retirement. Today I'm having returning guest Kelsey Hightower, who is no longer at Google. In fact, is no longer working and has joined the ranks of the gloriously retired. Welcome back, and what's it like?Kelsey: I'm happy to be here. I think retirement is just like work in some ways: you have to learn how to do it. A lot of people have no practice in their adult life what to do with all of their time. We have small dabs in it, like, you get the weekend off, depending on what your work, but you never have enough time to kind of unwind and get into something else. So, I'm being honest with myself. It's going to be a learning curve, what to do with that much time.You're probably still going to do work, but it's going to be a different type of work than you're used to. And so, that's where I am. 30 days into this, I'm in that learning mode, I'm on-the-job training.Corey: What's harder than you expected?Kelsey: It's not the hard part because I think mentally I've been preparing for, like, the last ten years, being a minimalist, learning how to kind of live within my means, learn to appreciate things that are just not work-related or status symbols. And so, to me, it felt like a smooth transition because I started to value my time more than anything else, right? Just waking up the next day became valuable to me. Spending time in the moment, right, you go to these conferences, there's, like, 10,000 people, but you learn to value those one-on-one encounters, those one-off, kind of, let's just go grab lunch situations. So, to me, retirement just makes more room for that, right? I no longer have this calendar that is super full, so I think for me, it was a nice transition in terms of getting more of that valuable time back.Corey: It seems to me that you're in a similar position to the one that I find myself in where the job that you were doing and I still am is tied, more or less, to a sense of identity as opposed to a particular task or particular role that you fill. You were Kelsey Hightower. That was a complete sentence. People didn't necessarily need to hear the rest of what you were working on or what you were going to be talking about at a given conference or whatnot. So, it seemed, at least from the outside, that an awful lot of what you did was quite simply who you were. Do you feel that your sense of identity has changed?Kelsey: So, I think when you have that much influence, when you have that much reputation, the words you say travel further, they tend to come with a little bit more respect, and so when you're working with a team on new product, and you say, “Hey, I think we should change some things.” And when they hear those words coming from someone that they trust or has a name that is attached to reputation, you tend to be able to make a lot of impact with very few words. But what you also find is that no matter what you get involved in—configuration management, distributed systems, serverless, working with customers—it all is helped and aided by the reputation that you bring into that line of work. And so yes, who you are matters, but one thing that I think helped me, kind of greatly, people are paying attention maybe to the last eight years of my career: containers, Kubernetes, but my career stretches back to the converting COBOL into Python days; the dawn of DevOps, Puppet, Chef, and Ansible; the Golang appearance and every tool being rewritten from Ruby to Golang; the Docker era.And so, my identity has stayed with me throughout those transitions. And so, it was very easy for me to walk away from that thing because I've done it three or four times before in the past, so I know who I am. I've never had, like, a Twitter bio that said, “Company X. X person from company X.” I've learned long ago to just decouple who I am from my current employer because that is always subject to change.Corey: I was fortunate enough to not find myself in the public eye until I owned my own company. But I definitely remember times in my previous incarnations where I was, “Oh, today I'm working at this company,” and I believed—usually inaccurately—that this was it. This was where I really found my niche. And then surprise I'm not there anymore six months later for, either their decision, my decision, or mutual agreement. And I was always hesitant about hanging a shingle out that was tied too tightly to any one employer.Even now, I was little worried about doing it when I went independent, just because well, what if it doesn't work? Well, what if, on some level? I think that there's an authenticity that you can bring with you—and you certainly have—where, for a long time now, whenever you say something, I take it seriously, and a lot of people do. It's not that you're unassailably correct, but I've never known you to say something you did not authentically believe in. And that is an opinion that is very broadly shared in this industry. So, if nothing else, you definitely were a terrific object lesson in speaking the truth, as you saw it.Kelsey: I think what you describe is one way that, whether you're an engineer doing QA, working in the sales department, when you can be honest with the team you're working with, when you can be honest with the customers you're selling into when you can be honest with the community you're part of, that's where the authenticity gets built, right? Companies, sometimes on the surface, you believe that they just want you to walk the party line, you know, they give you the lines and you just read them verbatim and you're doing your part. To be honest, you can do that with the website. You can do that with a well-placed ad in the search queries.What people are actually looking for are real people with real experiences, sharing not just fact, but I think when you mix kind of fact and opinion, you get this level of authenticity that you can't get just by pure strategic marketing. And so, having that leverage, I remember back in the day, people used to say, “I'm going to do the right thing and if it gets me fired, then that's just the way it's going to be. I don't want to go around doing the wrong thing because I'm scared I'm going to lose my job.” You want to find yourself in that situation where doing the right thing, is also the best thing for the company, and that's very rare, so when I've either had that opportunity or I've tried to create that opportunity and move from there.Corey: It resonates and it shows. I have never had a lot of respect for people who effectively are saying one thing today and another thing the next week based upon which way they think that the winds are blowing. But there's also something to be said for being able and willing to publicly recant things you have said previously as technology evolves, as your perspective evolves and, in light of new information, I'm now going to change my perspective on something. I've done that already with multi-cloud, for example. I thought it was ridiculous when I heard about it. But there are also expressions of it that basically every company is using, including my own. And it's a nuanced area. Where I find it challenging is when you see a lot of these perspectives that people are espousing that just so happen to deeply align with where their paycheck comes from any given week. That doesn't ring quite as true to me.Kelsey: Yeah, most companies actually don't know how to deal with it either. And now there has been times at any number of companies where my authentic opinion that I put out there is against party line. And you get those emails from directors and VPs. Like, “Hey, I thought we all agree to think this way or to at least say this.” And that's where you have to kind of have that moment of clarity and say, “Listen, that is undeniably wrong. It's so wrong in fact that if you say this in public, whether a small setting or large setting, you are going to instantly lose credibility going forward for yourself. Forget the company for a moment. There's going to be a situation where you will no longer be effective in your job because all of your authenticity is now gone. And so, what I'm trying to do and tell you is don't do that. You're better off saying nothing.”But if you go out there, and you're telling what is obviously misinformation or isn't accurate, people are not dumb. They're going to see through it and you will be classified as a person not to listen to. And so, I think a lot of people struggle with that because they believe that enterprise's consensus should also be theirs.Corey: An argument that I made—we'll call it a prediction—four-and-a-half years ago, was that in five years, nobody would really care about Kubernetes. And people misunderstood that initially, and I've clarified since repeatedly that I'm not suggesting it's going away: “Oh, turns out that was just a ridiculous fever dream and we're all going back to running bare metal with our hands again,” but rather that it would slip below the surface-level of awareness. And I don't know that I got the timing quite right on that, I think it's going to depend on the company and the culture that you find yourself in. But increasingly, when there's an application to run, it's easy to ask someone just, “Oh, great. Where's the Kubernetes cluster live so we can throw this on there and just add it to the rest of the pile?”That is sort of what I was seeing. My intention with that was not purely just to be controversial, as much fun as that might be, but also to act as a bit of a warning, where I've known too many people who let their identities become inextricably tangled with the technology. But technologies rise and fall, and at some point—like, you talk about configuration management days; I learned to speak publicly as a traveling trainer for Puppet. I wrote part of SaltStack once upon a time. But it was clear that that was not the direction the industry was going, so it was time to find something else to focus on. And I fear for people who don't keep an awareness or their feet underneath them and pay attention to broader market trends.Kelsey: Yeah, I think whenever I was personally caught up in linking my identity to technology, like, “I'm a Rubyist,” right?“, I'm a Puppeteer,” and you wear those names proudly. But I remember just thinking to myself, like, “You have to take a step back. What's more important, you or the technology?” And at some point, I realized, like, it's me, that is more important, right? Like, my independent thinking on this, my independent experience with this is far more important than the success of this thing.But also, I think there's a component there. Like when you talked about Kubernetes, you know, maybe being less relevant in five years, there's two things there. One is the success of all infrastructure things equals irrelevancy. When flights don't crash, when bridges just work, you do not think about them. You just use them because they're so stable and they become very boring. That is the success criteria.Corey: Utilities. No one's wondering if the faucet's going to work when they turn it on in the morning.Kelsey: Yeah. So, you know, there's a couple of ways to look at your statement. One is, you believe Kubernetes is on the trajectory that it's going to stabilize itself and hit that success criteria, and then it will be irrelevant. Or there's another part of the irrelevancy where something else comes along and replaces that thing, right? I think Cloud Foundry and Mesos are two good examples of Kubernetes coming along and stealing all of the attention from that because those particular products never gained that mass adoption. Maybe they got to the stable part, but they never got to the mass adoption part. So, I think when it comes to infrastructure, it's going to be irrelevant. It's just what side of that [laugh] coin do you land on?Corey: It's similar to folks who used to have to work at a variety of different companies on very specific Linux kernel subsystems because everyone had to care because there were significant performance impacts. Time went on and now there's still a few of those people that very much need to care, but for the rest of us, it is below the level of things that we have to care about. For me, the signs of the unsustainability were, oh, you can run Kubernetes effectively in production? That's a minimum of a quarter-million dollars a year in comp or up in some cases. Not every company is going to be able to field a team of those people and still remain a going concern in business. Nor frankly, should they have to.Kelsey: I'm going to pull on that thread a little bit because it's about—we're hitting that ten-year mark of Kubernetes. So, when Kubernetes comes out, why were people drawn to it, right? Why did it even get the time of day to begin with? And I think Docker kind of opened Pandora's box there. This idea of Chef, Puppet, Ansible, ten thousand package managers, and honestly, that trajectory was going to continue forever and it was helping no one. It was literally people doing duplicate work depending on the operating system you're dealing with and we were wasting time copying bits to servers—literally—in a very glorified way.So, Docker comes along and gives us this nicer, better abstraction, but it has gaps. It has no orchestration. It's literally this thing where now we've unified the packaging situation, we've learned a lot from Red Hat, YUM, Debian, and the various package repo combinations out there and so we made this universal thing. Great. We also learned a little bit about orchestration through brute force, bash scripts, config management, you name it, and so we serialized that all into this thing we call Kubernetes.It's pretty simple on the surface, but it was probably never worthy of such fanfare, right? But I think a lot of people were relieved that now we finally commoditized this expertise that the Googles, the Facebooks of the world had, right, building these systems that can copy bits to other systems very fast. There you go. We've gotten that piece. But I think what the market actually wants is in the mobile space, if you want to ship software to 300 million people that you don't even know, you can do it with the app store.There's this appetite that the boring stuff should be easy. Let's Encrypt has made SSL certificates beyond easy. It's just so easy to do the right thing. And I think for this problem we call deployments—you know, shipping apps around—at some point we have to get to a point where that is just crazy easy. And it still isn't.So, I think some of the frustration people express ten years later, they're realizing that they're trying to recreate a Rube Goldberg machine with Kubernetes is the base element and we still haven't understood that this whole thing needs to simplify, not ten thousand new pieces so you can build your own adventure.Corey: It's the idea almost of what I'm seeing AWS go through, and to some extent, its large competitors. But building anything on top of AWS from scratch these days is still reminiscent of going to Home Depot—or any hardware store—and walking up and down the aisles and getting all the different components to piece together what you want. Sometimes just want to buy something from Target that's already assembled and you have to do all of that work. I'm not saying there isn't value to having a Home Depot down the street, but it's also not the panacea that solves for all use cases. An awful lot of customers just want to get the job done and I feel that if we cling too tightly to how things used to be, we lose it.Kelsey: I'm going to tell you, being in the cloud business for almost eight years, it's the customers that create this. Now, I'm not blaming the customer, but when you start dealing with thousands of customers with tons of money, you end up in a very different situation. You can have one customer willing to pay you a billion dollars a year and they will dictate things that apply to no one else. “We want this particular set of features that only we will use.” And for a billion bucks a year times ten years, it's probably worth from a business standpoint to add that feature.Now, do this times 500 customers, each major provider. What you end up with is a cloud console that is unbearable, right? Because they also want these things to be first-class citizens. There's always smaller companies trying to mimic larger peers in their segment that you just end up in that chaos machine of unbound features forever. I don't know how to stop it. Unless you really come out maybe more Apple style and you tell people, “This is the one and only true way to do things and if you don't like it, you have to go find an alternative.” The cloud business, I think, still deals with the, “If you have a large payment, we will build it.”Corey: I think that that is a perspective that is not appreciated until you've been in the position of watching how large enterprises really interact with each other. Because it's, “Well, what customer the world is asking for yet another way to run containers?” “Uh, this specific one and their constraints are valid.” Every time I think I've seen everything there is to see in the world of cloud, I just have to go talk to one more customer and I'm learning something new. It's inevitable.I just wish that there was a better way to explain some of this to newcomers, when they're looking at, “Oh, I'm going to learn how this cloud thing works. Oh, my stars, look at how many services there are.” And then they wind up getting lost with analysis paralysis, and every time they get started and ask someone for help, they're pushed in a completely different direction and you keep spinning your wheels getting told to start over time and time again when any of these things can be made to work. But getting there is often harder than it really should be.Kelsey: Yeah. I mean, I think a lot of people don't realize how far you can get with, like, three VMs, a load balancer, and Postgres. My guess is you can probably build pretty much any clone of any service we use today with at least 1 million customers. Most people never reached that level—I don't even want to say the word scale—but that blueprint is there and most people will probably be better served by that level of simplicity than trying to mimic the behaviors of large customers—or large companies—with these elaborate use cases. I don't think they understand the context there. A lot of that stuff is baggage. It's not [laugh] even, like, best-of-breed or great design. It's like happenstance from 20 years of trying to buy everything that's been sold to you.Corey: I agree with that idea wholeheartedly. I was surprising someone the other day when I said that if you were to give me a task of getting some random application up and running by tomorrow, I do a traditional three-tier architecture, some virtual machines, a load balancer, and a database service. And is that the way that all the cool kids are doing it today? Well, they're not talking about it, but mostly. But the point is, is that it's what I know, it's where my background is, and the thing you already know when you're trying to solve a new problem is incredibly helpful, rather than trying to learn everything along that new path that you're forging down. Is that architecture the best approach? No, but it's perfectly sufficient for an awful lot of stuff.Kelsey: Yeah. And so, I mean, look, I've benefited my whole career from people fantasizing about [laugh] infrastructure—Corey: [laugh].Kelsey: And the truth is that in 2023, this stuff is so powerful that you can do almost anything you want to do with the simplest architecture that's available to us. The three-tier architecture has actually gotten better over the years. I think people are forgotten: CPUs are faster, RAM is much bigger quantities, the networks are faster, right, these databases can store more data than ever. It's so good to learn the fundamentals, start there, and worst case, you have a sound architecture people can reason about, and then you can go jump into the deep end, once you learn how to swim.Corey: I think that people would be depressed to understand just how much the common case for the value that Kubernetes brings is, “Oh yeah, now we can lose a drive or a server and the application stays up.” It feels like it's a bit overkill for that one somewhat paltry use case, but that problem has been hounding companies for decades.Kelsey: Yeah, I think at some point, the whole ‘SSH is my only interface into these kinds of systems,' that's a little low level, that's a little bare bones, and there will probably be a feature now where we start to have this not Infrastructure as Code, not cloud where we put infrastructure behind APIs and you pay per use, but I think what Kubernetes hints at is a future where you have APIs that do something. Right now the APIs give you pieces so you can assemble things. In the future, the APIs will just do something, “Run this app. I need it to be available and here's my money budget, my security budget, and reliability budget.” And then that thing will say, “Okay, we know how to do that, and here's roughly what is going to cost.”And I think that's what people actually want because that's how requests actually come down from humans, right? We say, “We want this app or this game to be played by millions of people from Australia to New York.” And then for a person with experience, that means something. You kind of know what architecture you need for that, you know what pieces that need to go there. So, we're just moving into a realm where we're going to have APIs that do things all of a sudden.And so, Kubernetes is the warm-up to that era. And that's why I think that transition is a little rough because it leaks the pieces part, so where you can kind of build all the pieces that you want. But we know what's coming. Serverless also hints at this. But that's what people should be looking for: APIs that actually do something.Corey: This episode is sponsored in part by Panoptica.  Panoptica simplifies container deployment, monitoring, and security, protecting the entire application stack from build to runtime. Scalable across clusters and multi-cloud environments, Panoptica secures containers, serverless APIs, and Kubernetes with a unified view, reducing operational complexity and promoting collaboration by integrating with commonly used developer, SRE, and SecOps tools. Panoptica ensures compliance with regulatory mandates and CIS benchmarks for best practice conformity. Privacy teams can monitor API traffic and identify sensitive data, while identifying open-source components vulnerable to attacks that require patching. Proactively addressing security issues with Panoptica allows businesses to focus on mitigating critical risks and protecting their interests. Learn more about Panoptica today at panoptica.app.Corey: You started the show by talking about how your career began with translating COBOL into Python. I firmly believe someone starting their career today listening to this could absolutely find that by the time their career starts drawing to their own close, that Kubernetes is right in there as far as sounding like the deprecated thing that no one really talks about or thinks about anymore. And I hope so. I want the future to be brighter than the past. I want getting a business or getting software together in a way that helps people to not require the amount of, “First, spend six weeks at a boot camp,” or, “Learn how to write just enough code that you can wind up getting funding and then have it torn apart.”What's the drag-and-drop story? What's the describe the application to a robot and it builds it for you? I'm optimistic about the future of infrastructure, just because based upon its power to potentially make reliability and scale available to folks who have no idea of what's involved with that. That's kind of the point. That's the end game of having won this space.Kelsey: Well, you know what? Kubernetes is providing the metadata to make that possible, right? Like in the early days, people were writing one-off scripts or, you know, writing little for loops to get things in the right place. And then we get config management that kind of formalizes that, but it still had no metadata, right? You'd have things like Puppet report information.But in the world of, like, Kubernetes, or any cloud provider, now you get semantic meaning. “This app needs this volume with this much space with this much memory, I need three of these behind this load balancer with these protocols enabled.” There is now so much metadata about applications, their life cycles, and how they work that if you were to design a new system, you can actually use that data to craft a much better API that made a lot of this boilerplate the defaults. Oh, that's a web application. You do not need to specify all of this boilerplate. Now, we can give you much better nouns and verbs to describe what needs to happen.So, I think this is that transition as all the new people coming up, they're going to be dealing with semantic meaning to infrastructure, where we were dealing with, like, tribal knowledge and intuition, right? “Run this script, pipe it to this thing, and then this should happen. And if it doesn't, run the script again with this flag.” Versus, “Oh, here's the semantic meaning to a working system.” That's a game-changer.Corey: One other topic I wanted to ask you about—I've it's been on my list of things to bring up the next time I ran into you and then you went ahead and retired, making it harder to run into you. But a little while back, I was at a tech conference and someone gave a demo, and it didn't go as well as they had hoped. And a few of us were talking about it afterwards. We've all been speakers, we've all lived that life. Zero shade.But someone brought you up in particular—unprompted; your legend does precede you—and the phrase that they used was that Kelsey's demos were always picture-perfect. He was so lucky with how the demos worked out. And I just have to ask—because you don't strike me as someone who is not careful, particularly when all eyes are upon you—and real experts make things look easy, did you have demos periodically go wrong that the audience just didn't see going wrong along the way? Or did you just actually YOLO all of your demos and got super lucky every single time for the last eight years?Kelsey: There was a musician who said, “Hey, your demos are like jazz. You improvise the whole thing.” There's no script, there's no video. The way I look at the demo is, like, you got this instrument, the command prompt, and the web browser. You can do whatever you want with them.Now, I have working code. I wrote the code, I wrote the deployment scenarios, I delete it all and I put it all back. And so, I know how it's supposed to work from the ground up. And so, what that means is if anything goes wrong, I can improvise. I could go into fixing the code. I can go into doing a redeploy.And I'll give you one good example. The first time Kubernetes came out, there was this small meetup in San Francisco with just the core contributors, right? So, there is no community yet, there's no conference yet, just people hacking on Kubernetes. And so, we decided, we're going to have the first Kubernetes meetup. And everyone got, like, six, seven minutes, max. That's it. You got to move.And so, I was like, “Hey, I noticed that in the lineup, there is no ‘What is Kubernetes?' talk. We're just getting into these nuts and bolts and I don't think that's fair to the people that will be watching this for the first time.” And I said, “All right, Kelsey, you should give maybe an intro to what it is.” I was like, “You know what I'll do? I'm going to build a Kubernetes cluster from the ground up, starting with VMs on my laptop.”And I'm in it and I'm feeling confident. So, confidence is the part that makes it look good, right? Where you're confident in the commands you type. One thing I learned to do is just use your history, just hit the up arrow instead of trying to copy all these things out. So, you hit the up arrow, you find the right command and you talk through it and no one looks at what's happening. You're cycling through the history.Or you have multiple tabs where you know the next up arrow is the right history. So, you give yourself shortcuts. And so, I'm halfway through this demo. We got three minutes left, and it doesn't work. Like, VMware is doing something weird on my laptop and there's a guy calling me off stage, like, “Hey, that's it. Cut it now. You're done.”I'm like, “Oh, nope. Thou shalt not go out like this.” It's time to improvise. And so, I said, “Hey, who wants to see me finish this?” And now everyone is locked in. It's dead silent. And I blow the whole thing away. I bring up the VMs, I [pixie 00:28:20] boot, I installed the kubelet, I install Docker. And everyone's clapping. And it's up, it's going, and I say, “Now, if all of this works, we run this command and it should start running the app.” And I do kubectl apply-f and it comes up and the place goes crazy.And I had more to the demo. But you stop. You've gotten the point across, right? This is what Kubernetes is, here's how it works, and look how you do it from scratch. And I remember saying, “And that's the end of my presentation.” You need to know when to stop, you need to know when to pivot, and you need to have confidence that it's supposed to work, and if you've seen it work a couple of times, your confidence is unshaken.And when I walked off that stage, I remember someone from Red Hat was like—Clayton Coleman; that's his name—Clayton Coleman walked up to me and said, “You planned that. You planned it to fail just like that, so you can show people how to go from scratch all the way up. That was brilliant.” And I was like, “Sure. That's exactly what I did.”Corey: “Yeah, I meant to do that.” I like that approach. I found there's always things I have to plan for in demos. For example, I can never count on having solid WiFi from a conference hall. The show has to go on. It's, okay, the WiFi doesn't work. I've at one point had to give a talk where the projector just wasn't working to a bunch of students. So okay, close the laptop. We're turning this into a bunch of question-and-answer sessions, and it was one of the better talks I've ever given.But the alternative is getting stuck in how you think a talk absolutely needs to go. Now, keynotes are a little harder where everything has been scripted and choreographed and at that point, I've had multiple fallbacks for demos that I've had to switch between. And people never noticed I was doing it for that exact reason. But it takes work to look polished.Kelsey: I will tell you that the last Next keynote I gave was completely irresponsible. No dry runs, no rehearsals, no table reads, no speaker notes. And I think there were 30,000 people at that particular Next. And Diane Greene was still CEO, and I remember when marketing was like, “Yo, at least a backup recording.” I was like, “Nah, I don't have anything.”And that demo was extensive. I mean, I was building an app from scratch, starting with Postgres, adding the schema, building an app, deploying the app. And something went wrong halfway. And there's this joke that I came up with just to pass over the time, they gave me a new Chromebook to do the demo. And so, it's not mine, so none of the default settings were there, I was getting pop-ups all over the place.And I came up with this joke on the way to the conference. I was like, “You know what'd be cool? When I show off the serverless stuff, I would just copy the code from Stack Overflow. That'd be like a really cool joke to say this is what senior engineers do.” And I go to Stack Overflow and it's getting all of these pop-ups and my mouse couldn't highlight the text.So, I'm sitting there like a deer in headlights in front of all of these people and I'm looking down, and marketing is, like, “This is what… this is what we're talking about.” And so, I'm like, “Man do I have to end this thing here?” And I remember I kept trying, I kept trying, and came to me. Once the mouse finally got in there and I cleared up all the popups, I just came up with this joke. I said, “Good developers copy.” And I switched over to my terminal and I took the text from Stack Overflow and I said, “Great developers paste,” and the whole room start laughing.And I had them back. And we kept going and continued. And at the end, there was like this Google Assistant, and when it was finished, I said, “Thank you,” to the Google Assistant and it was talking back through the live system. And it said, “I got to admit, that was kind of dope.” So, I go to the back and Diane Greene walks back there—the CEO of Google Cloud—and she pats me on the shoulder. “Kelsey, that was dope.”But it was the thrill because I had as much thrill as the people watching it. So, in real-time, I was going through all these emotions. But I think people forget, the demo is supposed to convey something. The demo is supposed to tell some story. And I've seen people overdo their demos with way too much code, way too many commands, almost if they're trying to show off their expertise versus telling a story. And so, when I think about the demo, it has to complement the entire narrative. And so, sometimes you don't need as many commands, you don't need as much code. You can keep things simple and that gives you a lot more ins and outs in case something does go crazy.Corey: And I think the key takeaway here that so many people lose sight of is you have to know the material well enough that whatever happens, well, things don't always go the way I planned during the day, either, and talking through that is something that I think serves as a good example. It feels like a bit more of a challenge when you're trying to demo something that a company is trying to sell someone, “Oh, yeah, it didn't work. But that's okay.” But I'm still reminded by probably one of the best conference demo fails I've ever seen on video. One day, someone was attempting to do a talk that hit Amazon S3 and it didn't work.And the audience started shouting at him that yeah, S3 is down right now. Because that was the big day that S3 took a nap for four hours. It was one of those foundational things you'd should never stop to consider. Like, well, what if the internet doesn't work tomorrow when I'm doing my demo? That's a tough one to work around. But rough timing.Kelsey: [breathy sound]Corey: He nailed the rest of the talk, though. You keep going. That's the thing that people miss. They get stuck in the demo that isn't working, they expect the audience knows as much as they do about what's supposed to happen next. You're the one up there telling a story. People forget it's storytelling.Kelsey: Now, I will be remiss to say, I know that the demo gods have been on my side for, like, ten, maybe fifteen years solid. So, I retired from doing live demos. This is why I just don't do them anymore. I know I'm overdue as an understatement. But the thing I've learned though, is that what I found more impressive than the live demo is to be able to convey the same narratives through story alone. No slides. No demo. Nothing. But you can still make people feel where you would try to go with that live demo.And it's insanely hard, especially for technologies people have never seen before. But that's that new challenge that I kind of set up for myself. So, if you see me at a keynote and you've noticed why I've been choosing these fireside chats, it's mainly because I'm also trying to increase my ability to share narrative, technical concepts, but now in a new form. So, this new storytelling format through the fireside chat has been my substitute for the live demo, normally because I think sometimes, unless there's something really to show that people haven't seen before, the live demo isn't as powerful to me. Once the thing is kind of known… the live demo is kind of more of the same. So, I think they really work well when people literally have never seen the thing before, but outside of that, I think you can kind of move on to, like, real-life scenarios and narratives that help people understand the fundamentals and the philosophy behind the tech.Corey: An awful lot of tools and tech that we use on a day-to-day basis as well are thankfully optimized for the people using them and the ergonomics of going about your day. That is orthogonal, in my experience, to looking very impressive on stage. It's the rare company that can have a product that not only works well but also presents well. And that is something I don't tend to index on when I'm selecting a tool to do something with. So, it's always a question of how can I make this more visually entertaining? For while I got out of doing demos entirely, just because talking about things that have more staying power than a screenshot that is going to wind up being irrelevant the next week when they decide to redo the console for some service yet again.Kelsey: But you know what? That was my secret to doing software products and projects. When I was at CoreOS, we used to have these meetups we would used to do every two weeks or so. So, when we were building things like etcd, Fleet was a container management platform that came before Kubernetes, we would always run through them as a user, start install them, use them, and ask how does it feel? These command line flags, they don't feel right. This isn't a narrative you can present with the software alone.But once we could, then the meetups were that much more engaging. Like hey, have you ever tried to distribute configuration to, like, a thousand servers? It's insanely hard. Here's how you do with Puppet. But now I'm going to show you how you do with etcd. And then the narrative will kind of take care of itself because the tool was positioned behind what people would actually do with it versus what the tool could do by itself.Corey: I think that's the missing piece that most marketing doesn't seem to quite grasp is, they talk about the tool and how awesome it is, but that's why I love customer demos so much. They're showing us how they use a tool to solve a real-world problem. And honestly, from my snarky side of the world and the attendant perspective there, I can make an awful lot of fun about basically anything a company decides to show me, but put a customer on stage talking about how whatever they've built is solving a real-world problem for them, that's the point where I generally shut up and listen because I'm going to learn something about a real-world story. Because you don't generally get to tell customers to go on stage and just make up a story that makes us sound good, and have it come off with any sense of reality whatsoever. I haven't seen that one happen yet, but I'm sure it's out there somewhere.Kelsey: I don't know how many founders or people building companies listen in to your podcast, but this is right now, I think the number one problem that especially venture-backed startups have. They tend to have great technology—maybe it's based off some open-source project—with tons of users who just know how that tool works, it's just an ingredient into what they're already trying to do. But that isn't going to ever be your entire customer base. Soon, you'll deal with customers who don't understand the thing you have and they need more than technology, right? They need a product.And most of these companies struggle painting that picture. Here's what you can do with it. Or here's what you can't do now, but you will be able to do if you were to use this. And since they are missing that, a lot of these companies, they produce a lot of code, they ship a lot of open-source stuff, they raise a lot of capital, and then it just goes away, it fades out over time because they can bring on no newcomers. The people who need help the most, they don't have a narrative for them, and so therefore, they're just hoping that the people who have all the skills in the world, the early adopters, but unfortunately, those people are tend to be the ones that don't actually pay. They just kind of do it themselves. It's the people who need the most help.Corey: How do we monetize the bleeding edge of adoption? In many cases you don't. They become your community if you don't hug them to death first.Kelsey: Exactly.Corey: Ugh. None of this is easy. I really want to thank you for taking the time to catch up and talk about how you seen the remains of a career well spent, and now you're going off into that glorious sunset. But I have a sneaking suspicion you'll still be around. Where should people go if they want to follow up on what you're up to these days?Kelsey: Right now I still use… I'm going to keep calling it Twitter.Corey: I agree.Kelsey: I kind of use that for my real-time interactions. And I'm still attending conferences, doing fireside chats, and just meeting people on those conference floors. But that's what where I'll be for now. So yeah, I'll still be around, but maybe not as deep. And I'll be spending more time just doing normal life stuff, maybe less building software.Corey: And we will, of course, put a link to that in the show notes. Thank you so much for taking the time to catch up and share your reflections on how the industry is progressing.Kelsey: Awesome. Thanks for having me, Corey.Corey: Kelsey Hightower, now gloriously retired. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an angry comment that you're going to type on stage as part of a conference talk, and then accidentally typo all over yourself while you're doing it.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

Levi McCormick, Cloud Architect at Jamf, joins Corey on Screaming in the Cloud to discuss his work modernizing baseline cloud infrastructure and his experience being on the compliance side of cloud engineering. Levi explains how he works to ensure the different departments he collaborates with are all on the same page so that different definitions don't end up in miscommunications, and why he feels a sandbox environment is an important tool that leads to a successful production environment. Levi and Corey also explore the ethics behind the latest generative AI craze. About LeviLevi is an automation engineer, with a focus on scalable infrastructure and rapid development. He leverages deep understanding of DevOps culture and cloud technologies to build platforms that scale to millions of users. His passion lies in helping others learn to cloud better.Links Referenced: Jamf: https://www.jamf.com/ Twitter: https://twitter.com/levi_mccormick LinkedIn: https://www.linkedin.com/in/levimccormick/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. A longtime friend and person has been a while since he's been on the show, Levi McCormick has been promoted or punished for his sins, depending upon how you want to slice that, and he is now the Director of Cloud Engineering at Jamf. Levi, welcome back.Levi: Thanks for having me, Corey.Corey: I have to imagine internally, you put that very pronounced F everywhere, and sometimes where it doesn't belong, like your IAMf policies and whatnot.Levi: It is fun to see how people like to interpret how to pronounce our name.Corey: So, it's been a while. What were you doing before? And how did you wind up stumbling your way into your current role?Levi: [laugh]. When we last spoke, I was a cloud architect here, diving into just our general practices and trying to shore up some of them. In between, I did a short stint as director of FedRAMP. We are pursuing some certifications in that area and I led, kind of, the engineering side of the compliance journey.Corey: That sounds fairly close to hell on earth from my particular point of view, just because I've dealt in the compliance side of cloud engineering before, and it sounds super interesting from a technical level until you realize just how much of it revolves around checking the boxes, and—at least in the era I did it—explaining things to auditors that I kind of didn't feel I should have to explain to an auditor, but there you have it. Has the state of that world improved since roughly 2015?Levi: I wouldn't say it has improved. While doing this, I did feel like I drove a time machine to work, you know, we're certifying VMs, rather than container-based architectures. There was a lot of education that had to happen from us to auditors, but once they understood what we were trying to do, I think they were kind of on board. But yeah, it was a [laugh] it was a journey.Corey: So, one of the things you do—in fact, the first line in your bio talking about it—is you modernize baseline cloud infrastructure provisioning. That means an awful lot of things depending upon who it is that's answering the question. What does that look like for you?Levi: For what we're doing right now, we're trying to take what was a cobbled-together part-time project for one engineer, we're trying to modernize that, turn it into as much self-service as we can. There's a lot of steps that happen along the way, like a new workload needs to be spun up, they decide if they need a new AWS account or not, we pivot around, like, what does the access profile look like, who needs to have access to it, which things does it need to connect to, and then you look at the billing side, compliance side, and you just say, you know, “Who needs to be informed about these things?” We apply tags to the accounts, we start looking at lower-level tagging, depending on if it's a shared workload account or if it's a completely dedicated account, and we're trying to wrap all of that in automation so that it can be as click-button as possible.Corey: Historically, I found that when companies try to do this, the first few attempts at it don't often go super well. We'll be polite and say their first attempts resemble something artisanal and handcrafted, which might not be ideal for this. And then in many cases, the overreaction becomes something that is very top-down, dictatorial almost, is the way I would frame that. And the problem people learn then is that, “Oh, everyone is going to route around us because they don't want to deal with us at all.” That doesn't quite seem like your jam from what I know of you and your approach to things. How do you wind up keeping the guardrails up without driving people to shadow IT their way around you?Levi: I always want to keep it in mind that even if it's not an option, I want to at least pretend like a given team could not use our service, right? I try to bring a service mentality to it, so we're talking Accounts as a Service. And then I just think about all of the things that they would have to solve if they didn't go through us, right? Like, are they managing their finances w—imagine they had to go in and negotiate some kind of pricing deal on their own, right, all of these things that come with being part of our organization, being part of our service offering. And then just making sure, like, those things are always easier than doing it on their own.Corey: How diverse would you say that the workloads are that are in your organization? I found that in many cases, you'll have a SaaS-style company where there's one primary workload that is usually bearing the name of the company, and that's the thing that they provide to everyone. And then you have the enterprise side of the world where they have 1500 or 2000 distinct application teams working on different things, and the only thing they really have in common is, well, that all gets billed to the same company, eventually.Levi: They are fairly diverse in how… they're currently created. We've gone through a few acquisitions, we've pulled a bunch of those into our ecosystem, if you will. So, not everything has been completely modernized or brought over to, you know, standards, if you will, if such a thing even exists in companies. You know [laugh], you may pretend that they do, but you're probably lying to yourself, right? But you know, there are varying platforms, we've got a whole laundry list of languages that are being used, we've got some containerized, some VM-based, some serverless workloads, so it's all over the place. But you nailed it. Like, you know, the majority of our footprint lives in maybe a handful of, you know, SaaS offerings.Corey: Right. It's sort of a fun challenge when you start taking a looser approach to these things because someone gets back from re:Invent, like, “Well, I went to the keynote and now I have my new shopping list of things I'm going to wind up deploying,” and ehh, that never goes well, having been that person in a previous life.Levi: Yeah. And you don't want to apply too strict of governance over these things, right? You want people to be able to play, you want them to be inspired and start looking at, like, what would be—what's something that's going to move the needle in terms of our cloud architecture or product offerings or whatever we have. So, we have sandbox accounts that are pretty much wide open, we've got some light governance over those, [laugh] moreso for billing than anything. And all of our internal tooling is available, you know, like if you're using containers or whatever, like, all of that stuff is in those sandbox accounts.And that's where our kind of service offering comes into play, right? Sandbox is still an account that we tried to vend, if you will, out of our service. So, people should be building in your sandbox environments just like they are in your production as much as possible. You know, it's a place where tools can get the tires kicked and smooth out bugs before you actually get into, you know, roadmap-impacting problems.Corey: One of the fun challenges you have is, as you said, the financial aspect of this. When you've got a couple of workloads that drive most things, you can reason about them fairly intelligently, but trying to predict the future—especially when you're dealing with multi-year contract agreements with large cloud providers—becomes a little bit of a guessing game, like, “Okay. Well, how much are we going to spend on generative AI over the next three years?” The problem with that is that if you listen to an awful lot of talking heads or executive types, like, “Oh, yeah, if we're spending $100 million a year, we're going to add another 50 on top of that, just in terms of generative AI.” And it's like, press X to doubt, just because it's… I appreciate that you're excited about these things and want to play with them, but let's make sure that there's some ‘there' there before signing contracts that are painful to alter.Levi: Yeah, it's a real struggle. And we have all of these new initiatives, things people are excited for. Meanwhile, we're bringing old architecture into a new platform, if you will, or a new footprint, so we have to constantly measure those against each other. We have a very active conversation with finance and with leadership every month, or even weekly, depending on the type of project and where that spend is coming from.Corey: One of the hard parts has always been, I think, trying to get people on the finance side of the world, the engineering side of the world, and the folks who are trying to predict what the business was going to do next, all speaking the same language. It just feels like it's too easy to wind up talking past each other if you're not careful.Levi: Yeah, it's really hard. Recently taken over the FinOps practice. It's been really important for me, for us to align on what our words mean, right? What are these definitions mean? How do we come to common consensus so that eventually the communication gets faster? But we can't talk past each other. We have to know what our words mean, we have to know what each person cares about in this conversation, or what does their end goal look like? What do they want out of the conversation? So, that's been—that's taken a significant amount of time.Corey: One of the problems I have is with the term FinOps as a whole, ignoring the fact entirely that it was an existing term of art within finance for decades; great, we're just going to sidestep past that whole mess—the problem you'll see is that it just seems like that it means something different to almost everyone who hears it. And it's sort of become a marketing term more so that it has an actual description of what people are doing. Just because some companies will have a quote-unquote, “FinOps team,” that is primarily going to be run by financial analysts. And others, “Well, we have one of those lying around, but it's mostly an engineering effort on our part.”And I've seen three or four different expressions as far as team composition goes and I'm not convinced any of them are right. But again, it's easy for me to sit here and say, “Oh, that's wrong,” without having an environment of my own to run. I just tend to look at what my clients do. And, “Well, I've seen a lot of things, and they all work poorly in different ways,” is not uplifting and helpful.Levi: Yeah. I try not to get too hung up on what it's called. This is the name that a lot of people inside the company have rallied around and as long as people are interested in saving money, cool, we'll call it FinOps, you know? I mean, DevOps is the same thing, right? In some companies, you're just a sysadmin with a higher pay, and in some companies, you're building extensive cloud architecture and pipelines.Corey: Honestly, for the whole DevOps side of the world, I maintain we're all systems administrators. The tools have changed, the methodologies have changed, the processes have changed, but the responsibility of ‘keep the site up' generally has not. But if you call yourself a sysadmin, you're just asking him to, “Please pay me less money in my next job.” No, thanks.Levi: Yeah. “Where's the Exchange Server for me to click on?” Right? That's the [laugh]—if you call yourself a sysadmin [crosstalk 00:11:34]—Corey: God. You're sending me back into twitching catatonia from my early days.Levi: Exactly [laugh].Corey: So, you've been paying attention to this whole generative AI hype monster. And I want to be clear, I say this as someone who finds the technology super neat and I'm optimistic about it, but holy God, it feels like people have just lost all sense. If that's you, my apologies in advance, but I'm still going to maintain the point.Levi: I've played with all the various toys out there. I'm very curious, you know? I think it's really fun to play with them, but to, like, make your entire business pivot on a dime and pursue it just seems ridiculous to me. I hate that the cryptocurrency space has pivoted so hard into it, you know? All the people that used to be shilling coins are now out there trying to cobble together a couple API calls and turn it into an AI, right?Corey: It feels like it's just a hype cycle that people are more okay with being a part of. Like, Andy Jassy, in the earnings call a couple of weeks ago saying that every Amazon team is working with generative AI. That's not great. That's terrifying. I've been playing with the toys as well and I've asked it things like, “Oh, spit out an IAM policy for me,” or, “Oh, great, what can I do to optimize my AWS bill?” And it winds up spitting out things that sound highly plausible, but they're also just flat-out wrong. And that, it feels like a lot of these spaces, it's not coming up with a plausible answer—that's the hard part—is coming up with the one that is correct. And that's what our jobs are built around.Levi: I've been trying to explain to a lot of people how, if you only have surface knowledge of the thing that it's telling you, it probably seems really accurate, but when you have deep knowledge on the topic that you're interacting with this thing, you're going to see all of the errors. I've been using GitHub's Copilot since the launch. You know, I was in one of the previews. And I love it. Like, it speeds up my development significantly.But there have been moments where I—you know, IAM policies are a great example. You know, I had it crank out a Lambda functions policy, and it was just frankly, wrong in a lot of places [laugh]. It didn't quite imagine new AWS services, but it was really [laugh] close. The API actions were—didn't exist. It just flat-out didn't exist.Corey: I love that. I've had some magic happen early on where it could intelligently query things against the AWS pricing API, but then I asked it the same thing a month later and it gave me something completely ridiculous. It's not deterministic, which is part of the entire problem with it, too. But it's also… it can help incredibly in some weird ways I didn't see coming. But it can also cause you to spend more time chasing that thing than just doing it yourself the first time.I found a great way to help it—you know, it helped me write blog posts with it. I tell it to write a blog post about a topic and give it some bullet points and say, “Write in my voice,” and everything it says I take issue with, so then I just copy that into a text editor and then mansplain-correct the robot for 20 minutes and, oh, now I've got a serviceable first draft.Levi: And how much time did you save [laugh] right? It is fun, you know?Corey: It does help because that's better for me at least and staring at an empty page of what am I going to write? It gets me past the writer's block problem.Levi: Oh, that's a great point, yeah. Just to get the ball rolling, right, once you—it's easier to correct something that's wrong, and you're almost are spite-driven at that point, right? Like, “Let me show this AI how wrong it was and I'll write the perfect blog post.” [laugh].Corey: It feels like the companies jumping on this, if you really dig into what we're talking about, it seems like they're all very excited about the possibility of we don't have to talk to customers anymore because the robots will all do that. And I don't think that's going to go the way you want to. We just have this minor hallucination problem. Yeah, that means that lies and tries to book customers to hotel destinations that don't exist. Think about this a little more. The failure mode here is just massive.Levi: It's scary, yeah. Like, without some kind of review process, I wouldn't ship that straight to my customers, right? I wouldn't put that in front of my customer and say, like, “This is”—I'm going to take this generative output and put it right in front of them. That scares me. I think as we get deeper into it, you know, maybe we'll see… I don't know, maybe we'll put some filters or review process, or maybe it'll get better. I mean, who was it that said, you know, “This is the worst it's ever going to be?” Right, it will only get better.Corey: Well, the counterargument to that is, it will get far worse when we start putting this in charge [unintelligible 00:16:08] safety-critical systems, which I'm sure it's just a matter of time because some of these boosters are just very, very convincing. It's just thinking, how could this possibly go the worst? Ehhh. It's not good.Levi: Yeah, well, I mean, we're talking impact versus quality, right? The quality will only ever get better. But you know, if we run before we walk, the impact can definitely get wider.Corey: From where I sit, I want to see this really excel within bounded problem spaces. The one I keep waiting for is the AWS bill because it's a vast space, yes, and it's complicated as all hell, but it is bounded. There are a finite—though large—number of things you can see in an AWS bill, and there are recommendations you can make based on top of that. But everything I've seen that plays in this space gets way overconfident far too quickly, misses a bunch of very obvious lines of inquiry. Ah, I'm skeptical.Then you pass that off to unbounded problem spaces like human creativity and that just turns into an absolute disaster. So, much of what I've been doing lately has been hamstrung by people rushing to put in safeguards to make sure it doesn't accidentally say something horrible that it's stripped out a lot of the fun and the whimsy and the sarcasm in the approach, of I—at one point, I could bully a number of these things into ranking US presidents by absorbency. That's getting harder to do now because, “Nope, that's not respectful and I'm not going to do it,” is basically where it draws the line.Levi: The one thing that I always struggle with is, like, how much of the models are trained on intellectual property or, when you distill it down, pure like human suffering, right? Like, this is somebody's art, they've worked hard, they've suffered for it, they put it out there in the world, and now it's just been pulled in and adopted by this tool that—you know, how many of the examples of, “Give me art in the style of,” right, and you just see hundreds and hundreds of pieces that I mean, frankly, are eerily identical to the style.Corey: Even down to the signature, in some cases. Yeah.Levi: Yeah, exactly. You know, and I think that we can't lose sight of that, right? Like, these tools are fun and you know, they're fun to play with, it's really interesting to explore what's possible, but we can't lose sight of the fact that there are ultimately people behind these things.Corey: This episode is sponsored in part by Panoptica.  Panoptica simplifies container deployment, monitoring, and security, protecting the entire application stack from build to runtime. Scalable across clusters and multi-cloud environments, Panoptica secures containers, serverless APIs, and Kubernetes with a unified view, reducing operational complexity and promoting collaboration by integrating with commonly used developer, SRE, and SecOps tools. Panoptica ensures compliance with regulatory mandates and CIS benchmarks for best practice conformity. Privacy teams can monitor API traffic and identify sensitive data, while identifying open-source components vulnerable to attacks that require patching. Proactively addressing security issues with Panoptica allows businesses to focus on mitigating critical risks and protecting their interests. Learn more about Panoptica today at panoptica.app.Corey: I think it matters, on some level, what the medium is. When I'm writing, I will still use turns of phrase from time to time that I first encountered when I was reading things in the 1990s. And that phrase stuck with me and became part of my lexicon. And I don't remember where I originally encountered some of these things; I just know I use those raises an awful lot. And that has become part and parcel of who and what I am.Which is also, I have no problem telling it to write a blog post in the style of Corey Quinn and then ripping a part of that out, but anything that's left in there, cool. I'm plagiarizing the thing that plagiarized from me and I find that to be one of those ethically just moments there. But written word is one thing depending on what exactly it's taking from you, but visual style for art, that's something else entirely.Levi: There's a real ethical issue here. These things can absorb far much more information than you ever could in your entire lifetime, right, so that you can only quote-unquote, you know, “Copy, borrow, steal,” from a handful of other people in your entire life, right? Whereas this thing could do hundreds or thousands of people per minute. I think that's where the calculus needs to be, right? How many people can we impact with this thing?Corey: This is also nothing new, where originally in the olden times, great, copyright wasn't really a thing because writing a book was a massive, massive undertaking. That was something that you'd have to do by hand, and then oh, you want a copy of the book? You'd have to have a scribe go and copy the thing. Well then, suddenly the printing press came along, and okay, that changes things a bit.And then we continue to evolve there to digital distribution where suddenly it's just bits on a disk that I can wind up throwing halfway around the internet. And when the marginal cost of copying something becomes effectively zero, what does that change? And now we're seeing, I think, another iteration in that ongoing question. It's a weird world and I don't know that we have the framework in place even now to think about that properly. Because every time we start to get a handle on it, off we go again. It feels like if they were doing be invented today, libraries would absolutely not be considered legal. And yet, here we are.Levi: Yeah, it's a great point. Humans just do not have the ethical framework in place for a lot of these things. You know, we saw it even with the days of Napster, right? It's just—like you said, it's another iteration on the same core problem. I [laugh] don't know how to solve it. I'm not a philosopher, right?Corey: Oh, yeah. Back in the Napster days, I was on that a fair bit in high school and college because I was broke, and oh, I wanted to listen to this song. Well, it came on an album with no other good songs on it because one-hit wonders were kind of my jam, and that album cost 15, 20 bucks, or I could grab the thing for free. There was no reasonable way to consume. Then they started selling individual tracks for 99 cents and I gorged myself for years on that stuff.And now it feels like streaming has taken over the world to the point where the only people who really lose on this are the artists themselves, and I don't love that outcome. How do we have a better tomorrow for all of this? I know we're a bit off-topic from you know, cloud management, but still, this is the sort of thing I think about when everything's running smoothly in a cloud environment.Levi: It's hard to get people to make good decisions when they're so close to the edge. And I think about when I was, you know, college-age scraping by on minimum wage or barely above minimum wage, you know, it was hard to convince me that, oh yeah, you shouldn't download an MP3 of that song; you should go buy the disc, or whatever. It was really hard to make that argument when my decision was buy an album or figure out where I'm going to, you know, get my lunch. So, I think, now that I'm in a much different place in my life, you know, these decisions are a lot easier to make in an ethical way because that doesn't impact my livelihood nearly as much. And I think that is where solutions will probably come out of. The more people doing better, the easier it is for them to make good decisions.Corey: I sure hope you're right, but something I found is that okay we made it easy for people to make good decisions. Like, “Nope, you've just made it easier for me to scale a bunch of terrible ones. I can make 300,000 more terrible decisions before breakfast time now. Thanks.” And, “No, that's not what I did that for.” Yet here we are. Have you been tracking lately what's been going on with the HashiCorp license change?Levi: Um, a little bit, we use—obviously use Terraform in the company and a couple other Hashi products, and it was kind of a wildfire of, you know, how does this impact us? We dove in and we realized that it doesn't, but it is concerning.Corey: You're not effectively wrapping Terraform and then using that as the basis for how you do MDM across your customer fleets.Levi: Yeah. You know, we're not deploying customers' written Terraform into their environments or something kind of wild like that. Yeah, it doesn't impact us. But it is… it is concerning to watch a company pivot from an open-source, community-based project to, “Oh, you can't do that anymore.” It doesn't impact a lot of people who use it day-to-day, but I'm really worried about just the goodwill that they've lit on fire.Corey: One of the problems, too, is that their entire write-up on this was so vague that it was—there is no way to get an actual… piece of is it aimed at us or is it not without very deep analysis, and hope that when it comes to court, you're going to have the same analysis as—that is sympathetic. It's, what is considered to be a competitor? At least historically, it was pretty obvious. Some of these databases, “Okay great. Am I wrapping their database technology and then selling it as a service? No? I'm pretty good.”But with HashiCorp, what they do is so vast in a few key areas that no one has the level of certainty. I was pretty freaking certain that I'm not shipping MongoDB with my own wrapper around it, but am I shipping something that looks like Terraform if I'm managing someone's environment for them? I don't know. Everything's thrown into question. And you're right. It's the goodwill that currently is being set on fire.Levi: Yeah, I think people had an impression of Hashi that they were one of the good guys. You know, the quote-unquote, “Good guys,” in the space, right? Mitchell Hashimoto is out there as a very prominent coder, he's an engineer at heart, he's in the community, pretty influential on Twitter, and I think people saw them as not one of the big, faceless corporations, so to see moves like this happen, it… I think it shook a lot of people's opinions of them and scared them.Corey: Oh, yeah. They've always been the good guys in this context. Mitch and Armon were fantastic folks. I'm sure they still are. I don't know if this is necessarily even coming from them. It's market forces, what are investors demanding? They see everyone is using Terraform. How does that compare to HashiCorp's market value?This is one of the inherent problems if I'm being direct, of the end-stages of capitalism, where it's, “Okay, we're delivering on a lot of value. How do we capture ever more of it and growing massively?” And I don't know. I don't know what the answer is, but I don't think anyone's thrilled with this outcome. Because, let's be clear, it is not going to meaningfully juice their numbers at all. They're going to be setting up a lot of ill will against them in the industry, but I don't see the upside for them. I really don't.Levi: I haven't really done any of the analysis or looked for it, I should say. Have you seen anything about what this might actually impact any providers or anything? Because you're right, like, what kind of numbers are we actually talking about here?Corey: Right. Well, there are a few folks that have done things around this that people have named for me: Spacelift being one example, Pulumi being another, and both of them are saying, “Nope, this doesn't impact us because of X, Y, and Z.” Yeah, whether it does or doesn't, they're not going to sit there and say, “Well, I guess we don't have a company anymore. Oh, well.” And shut the whole thing down and just give their customers over to HashiCorp.Their own customers would be incensed if that happened and would not go to HashiCorp if that were to be the outcome. I think, on some level, they're setting the stage for the next evolution in what it takes to manage large-scale cloud environments effectively. I think basically, every customer I've ever dealt with on my side has been a Terraform shop. I finally decided to start learning the ins and outs of it myself a few weeks ago, and well, it feels like I should have just waited a couple more weeks and then it would have become irrelevant. Awesome. Which is a bit histrionic, but still, this is going to plant seeds for people to start meaningfully competing. I hope.Levi: Yeah, I hope so too. I have always awaited releases of Terraform Cloud with great anticipation. I generally don't like managing my Terraform back-ends, you know, I don't like managing the state files, so every time Terraform Cloud has some kind of release or something, I'm looking at it because I'm excited, oh finally, maybe this is the time I get to hand it off, right? Maybe I start to get to use their product. And it has never been a really compelling answer to the problems that I have.And I've always said, like, the [laugh] cloud journey would be Google's if they just released a managed Terraform [laugh] service. And this would be one way for them to prevent that from happening. Because Google doesn't even have an Infrastructure as Code competitor. Not really. I mean, I know they have their, what, Plans or their Projects or whatever they… their Infrastructure as Code language was, but—Corey: Isn't that what Stackdriver was supposed to be? What happened with that? It's been so long.Levi: No, that's a logging solution [laugh].Corey: That's the thing. It all runs together. Not it was their operations suite that was—Levi: There we go.Corey: —formerly Stackdriver. Yeah. Now, that does include some aspects—yeah. You're right, it's still hanging out in the observability space. This is the problem is all this stuff conflates and companies are terrible at naming and Google likes to deprecate things constantly. And yeah, but there is no real competitor. CloudFormation? Please. Get serious.Levi: Hey, you're talking to a member of the CloudFormation support group here. So, I'm still a huge fan [laugh].Corey: Emotional support group, more like it, it seems these days.Levi: It is.Corey: Oh, good. It got for loops recently. We've been asking for basically that to make them a lot less wordy only for, what, ten years?Levi: Yeah. I mean, my argument is that I'm operating at the account level, right? I need to deploy to 250, 300, 500 accounts. Show me how to do that with Terraform that isn't, you know, stab your eyes out with a fork.Corey: It can be done, but it requires an awful lot of setting things up first.Levi: Exactly.Corey: That's sort of a problem. Like yeah, once you have the first 500 going, the rest are just like butter. But that's a big step one is massive, and then step two becomes easy. Yeah… no, thank you.Levi: [laugh]. I'm going to stick with my StacksSets, thank you.Corey: [laugh]. I really want to thank you for taking the time to come back on and honestly kibitz about the state of the industry with me. If people want to learn more, where's the best place for them to find you?Levi: Well, I'm still active on the space normally known as—formerly known as Twitter. You can reach out to me there. DMs are open. I'm always willing to help people learn how to cloud better. Hopefully trying to make my presence known a little bit more on LinkedIn. If you happen to be over there, reach out.Corey: And we will, of course, put links to that in the [show notes 00:30:16]. Thank you so much for taking the time to speak with me again. It's always a pleasure.Levi: Thanks, Corey. I always appreciate it.Corey: Levi McCormick, Director of Cloud Engineering at Jamf. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, and along with an insulting comment that tells us that we completely missed the forest for the trees and that your programmfing is going to be far superior based upon generative AI.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

Yaniv Ben Hemo (@yanivbh1, Founder/CEO at @memphis_Dev) talks about Memphis Cloud, an alternative architecture to delivering streaming data for applications.  SHOW: 747CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appCloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendAWS Insiders is an edgy, entertaining podcast about the services and future of cloud computing at AWS. Listen to AWS Insiders in your favorite podcast player. Cloudfix HomepageSHOW NOTES:Memphis.dev (homepage)Getting Started with Memphis (docs page)Apache Kafka vs. MemphisMemphis on GitHubTopic 1 - Welcome to the show. Tell us a little bit about your background, and what brought you to create Memphis.DevTopic 2 - Let's start at the beginning. Most folks will want to know why a streaming alternative. Isn't Kafka good enough? What challenges did you personally encounter?Topic 3 - In reviewing the architecture, it mentions differences between a broker and a streaming stack. Can you elaborate on what that means? What components are typically needed for a proper data streaming solution?Topic 4 - One of the common issues with Kafka I hear about is operations complexity over time. It isn't uncommon that the more a system scales, the more complex it is to operate and also maybe the harder it is to get insights and mine for key data for instance. Have you seen this in your experience?Topic 5 - Let's talk use cases. How do you envision organizations using Memphis Cloud? What problems are you trying to solve in the market? Is Memphis Cloud a SaaS offering? How would it be implemented in an organization?Topic 6 - The data management side of all of this to always be problematic. Where and how is the data managed? What does the lifecycle of the data look like and what design considerations went into this aspect?Topic 7 - When building large distributed streaming systems, I'm sure there are trade offs and optimizations of features to consider. What are you optimizing for and what are the design tradeoffs developers need to consider?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Gaetan Castelein (@gaetcast, VP Marketing at @tectonai) talks about the complexities of building AI models, features and deploying AI into production for real-time applications. SHOW: 745CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:AWS Insiders is an edgy, entertaining podcast about the services and future of cloud computing at AWS. Listen to AWS Insiders in your favorite podcast player. Cloudfix HomepageFind "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:Tecton (homepage)State of Applied Machine Learning 2023 ReportHello Fresh adopts Tecton - Good article on features and feature storesWhat is real-time machine learning?Feature Platform vs. Feature StoreTopic 1 - Welcome to the show. Tell us a little bit about your backgroundTopic 2 - Let's start with some terminology. A lot of our listeners might be relatively new to Machine Learning. I'm still coming up to speed and I actually spent more time than usual just wrapping my head around the concepts and terms and piecing them all together. What is a feature? Why is it important? How many features does ChatGPT 3 have or ChatGPT4?Topic 3 - How is a feature different from a model? Both are needed, why?Topic 4 - I've always wondered exactly what a data scientist does. Is this where the term Feature Engineering comes into play? Who turns the data into features and picks the appropriate model? Topic 5 - Early Machine Learning was analytical ML (offline/batch), correct? How is that different from operational ML (online/batch) and real-time ML?Topic 6 - Now that we have all that out of the way. What is a Feature Platform? How does it integrate into an organization's existing Devops workflows and/or CI/CD pipelines? (Features as Code) How is it different from a Feature Store?Topic 7 - How do you know if the features + model yield a good result? How is prediction accuracy typically measured?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Josh Doody, Owner of Fearless Salary Negotiation, joins Corey on Screaming in the Cloud to discuss how important tonality and communication is, both in salary negotiations and everyday life. Josh describes how important it is to have a positive padding to your communications in order to make the person on the other end of the negotiation feel like a collaborator rather than a combatant. Corey and Josh also describe scenarios where tonality made a huge difference in the outcome, and Josh gives some examples of where and when to be mindful of how you're coming across in modern communication methods. Josh also reveals how negotiating with companies multiple times allows him to understand their recruiters more than a person who is encountering their negotiation process for the first time.About JoshJosh is a salary negotiation coach who works with senior software engineers and engineering managers to negotiate job offers with big tech companies. He also wrote Fearless Salary Negotiation: A Step-by-Step Guide to Getting Paid What You're Worth, and recently launched Salary Negotiation Mastery to help folks who aren't able to work with Josh 1-on-1.Links Referenced: Fearless Salary Negotiation website: https://fearlesssalarynegotiation.com Fearless Salary Negotiation: https://www.amazon.com/Fearless-Salary-Negotiation-step-step/dp/0692568689/ Twitter: https://twitter.com/joshdoody LinkedIn: https://www.linkedin.com/in/joshdoody/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Human-scale teams use Tailscale to build trusted networks. Tailscale Funnel is a great way to share a local service with your team for collaboration, testing, and experimentation.  Funnel securely exposes your dev environment at a stable URL, complete with auto-provisioned TLS certificates. Use it from the command line or the new VS Code extensions. In a few keystrokes, you can securely expose a local port to the internet, right from the IDE.I did this in a talk I gave at Tailscale Up, their first inaugural developer conference. I used it to present my slides and only revealed that that's what I was doing at the end of it. It's awesome, it works! Check it out!Their free plan now includes 3 users & 100 devices. Try it at snark.cloud/tailscalescream Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I'm joined by recurring guest and friend Josh Doody, who among oh, so many things, is the owner of fearlesssalarynegotiation.com, and basically does exactly what it says on the tin. Josh, great to talk to you again.Josh: Hey, Corey. Thanks for having me back. I appreciate it and I'm glad to be here.Corey: So, you are, for those who have not heard me evangelize what you do—which is fine. No one listens to all of the backlog of episodes and whatnot—you are a salary negotiation coach, and you emphasize working with high earners who are negotiating new job offers, which is basically awesome. How did you stumble into this?Josh: Yeah, a good question. Really, it started as what I would say is a series of interesting career choices that I made, where I started as an engineer. I was pretty quickly bored in engineering and I switched to—I wanted to be customer-facing and do stuff that had impact on the business, so I did that and ended up working for a software company that made HR software that happened to do among other things, compensation planning. And so, I kind of started learning how it worked behind the scenes.And then over time, I started wising up and negotiating my own job offers. And noticed that wow that kind of worked pretty well, and I decided to write a book about it, a hundred percent just because I like to write stuff. I've been writing for 20 years on the internet, and I decided, why not just write a book about this? You know, five or six people will buy it, my mom will love it, I'll get it out there and it'll feel really good.And then people started reading the book and asking me if they could hire me to do the methodology in the book for them. And I said, “Sure.”Corey: When people try to give you money, say yes.Josh: Yeah. Okay, you know, whatever, you know? My first person that ever hired me asked me what my rate was, and I didn't have a rate because I had never considered doing that before. But she was a freelance writer and I said, “Well, whatever your rate is, that's my rate.” [laugh]. So, that was my first rate that I charged someone.And yeah, from there just, it took off as more people started hiring me. A number of friends were chirping in my ear that hey, you know, this seems like a really valuable thing that you're doing and people are coming out of the woodwork to ask you to do it for them. Maybe you should do that thing instead of the other things you're doing and trying to sell copies of the book and stuff like that. Like, why don't you just be a salary negotiation coach? That was, I don't know, like, seven years ago now, and here I am.Corey: I don't know if I ever told you this, but back when we met in the fall of 2016, I was trying to figure out what windmill I was going to tilt at before I stumbled upon the idea of AWS billing as being one of them. I thought that writing a book and being a sort of a coach of sorts on how to do job interviews with an emphasis, of course, on salary negotiation, would be a great topic for me because I've done it an awful lot. This is a byproduct of getting fired all the time because of my mouth. And then I started talking to you and my reaction was, “Oh, Josh is way better at this than I am. No, I'm going to go find something else instead.”And now the world is what it is, and honestly, at this point, all the cloud providers really wish you hadn't been there at that point in time because then they wouldn't have to deal with the nonsense that I present to them now. But I always had a high opinion of what you do, just because it is in such a sweet spot where if I were to shut this place down and get a quote-unquote, “Real job” somewhere, I would hire you. And it's not that I intellectually don't know how to negotiate. Half my consulting now is negotiating large AWS contracts on behalf of AWS customers with AWS. A lot of these things tend to apply and go very hand-in-glove.But there's something to be said for having someone who sees this all the time in a consistent ongoing basis, who is able to be dispassionate. Because when you're coaching someone, it's not you in the same boat. For you, it's okay, you want to have a happy customer, obviously, but for your client, it's suddenly, wow, this is the next stage of my career. This matters. The stakes are infinitely higher for them than they are for you.And that means you have the luxury of taking a step back and recognizing a bad deal when you see one. There is such value to that I can't imagine not engaging you or someone like you the next time that I would go about changing jobs. Although these days, it's probably an acquisition or I finally succumb to a cease and desist. I don't really know that I'm employable anymore.Josh: [laugh]. Yeah, I mean, you said a lot of really interesting things there. I think a common theme—you know, to work with me, there's a short application that people fill out, and very frequently in the application, there are a couple of open-ended questions about you know, how can I help you? What's your number one concern? That kind of stuff.And frequently, they'll say, “Yeah, I've negotiated before and I actually did okay, but I want to work with a professional this time,” is the gist of it, for I think reasons that you mentioned. And one of them is, there's just a difference between negotiating for yourself and feeling all of that pressure and having somebody who can just objectively look at it and say, “No, I think you should ask for this instead.” Or, “No, I don't think that you should give that information to the recruiter.” And the person instead of feeling, you know, personal subjective pressure can just say, “Well, the objective person that I hired and paid money to help me with this says, ‘don't do that,' or ‘do this instead,' and it's easier for me to just trust what they're doing as a professional and let me be a professional at the other things that I'm a professional at.”And so yeah, I think that's a lot of—you know, for some people, it's, “I have no idea how to negotiate. I don't want to screw this up. Please help me, Josh.” And for some people, it's, “Yeah, I've done this before. I did, okay, but I want you here to help me do this.”And that includes people who come back and work with me two or three times. They know the methodology. They've been through it literally with me, and I'm very open about what we're doing and why I'm collaborative with my clients. We're talking about the decisions we make. I will bounce things off of them.I'll say, “Here's what I think we should do. What does your intuition tell you about that? How do you feel about it?” Because it's important to me because they're in the game and I need to know what they think. And they'll come back to me and we'll do it again. They already know the playbook. And I think that's because it's easier to just have somebody who's a professional there to objectively tell you, “You're not asking for enough.” Or, “Did you think about asking for this instead?” Or, “Do you really care about that thing?” Stuff like that.Corey: There is so much value to that, just because it's a what's normal in this? Because I'm sure you've seen before where—I'm probably—I should put this in more of a question, but I already know the answer because I've seen it just from people randomly sending me things out on the internet—of their times for companies say or ask for things that are just absolute clown shoes. It's, I would barely consider it professional at that. It always feels like there's value in being able to talk to someone who sees this all the time who can say, “Hold on. That is absolutely not normal. That is not a reasonable question. That is not an expectation that any sensible person is going to have.” Because the failure mode otherwise is you think it's you.Josh: Yeah, part of my value prop is, you know, I know how to negotiate with companies. I'm not afraid of them. I've negotiated with Fortune 5 companies, come out way ahead—just as you do frequently—and I know the playbook that they're running. But part of it also is, you know, I have a compendium of recruiter responses. I know what they say, I know what their words mean, and so I can say things like, “Oh, here's what they actually mean when they ask you for that.”Or I can say, “That's weird.” Which, you know, if I've done 20 negotiations with this company and all of a sudden a recruiter says something that's weird, that makes my ears perk up and makes me wonder why. And so, I can dig in on my side and try and figure out what's going on, see if we tripped some wire that I didn't see or, you know, something like that. So, that's part of the value too, is just all the reps that I've had, even like you said, I'm sure that you would do a wonderful job negotiating; I've talked to you about negotiating online and off, and I know that you know the game, you know how to do it, for your day job but also for compensation. But I probably have more reps negotiating with those companies than you do and therefore my compendium is a little bit deeper, so there might be things that I could recognize that you would not recognize that I could see, right, in the similar way that in your negotiation world that there are things that I certainly would not recognize that you would catch on to.And I think that can be a very valuable thing. There could be something a recruiter says where I recognize, “Aha. That's a technical term or that's a key phrase that we can grab onto. And that is an opportunity to get more.”Corey: Or, “What are you making now?” It's like, yes, that's the industry accepted one free pass that's screwing the candidate. Yeah—Josh: Right.Corey: —let's not do that.Josh: Right. And we're—here's how to sidestep it and here's what happens when they ask for it for the fourth time, and here's what happens when they say the magic words and, you know, all that stuff. So yeah, a lot of it is just getting reps. It started with let me just run my playbook and then as I run the playbook, I get more data every time I do it, and I get to learn what the edge cases look like, and how to spot, you know, weird funky stuff coming from recruiters and that sort of thing.Corey: One aspect of this that has been, I guess, capturing my imagination since you first talked to me about it, and I am certain I'm going to butcher this into something that sounds insulting and demeaning, which sort of cuts against the entire point. Specifically, the idea of a positive language, or, the term you used was ‘Positively Persuasive.' What is that? Because it sounds like it's just someone who's setting me up, like, waving raw steak in front of a tiger, like, “Please maul me on this.” But there is more to it than that.Josh: [laugh]. Yeah, so this is something that, to be honest with you, I have done almost intuitively throughout my career, but certainly as a salary negotiation coach. And what it is, is a tendency to use positive, meaning, you know, not negative words. So like, essentially, if you're familiar at all with improv, which I would say probably half of the people listening probably have some idea what I'm talking about, you take improv classes, and they teach you an exercise called Yes, And. And the reason you do Yes, And is, you know, Corey says something wacky and I could shut it down.I could say, “That's not true.” You know, “My hair isn't red.” And then we're done improving. But if Corey says, “Josh your hair is red,” even if my hair is not red and I say, “Yes, and… it's on fire right now,” then we have something going, right? And so, using those positive words—yes, and is a positive way of responding to that—opens up a further dialog and also makes it easier for you to engage with me in that improvisation. In a way, a negotiation is an improvisation; they're all going to be different.A business conversation is going to be an improvisation. It's rare that you're going to have a conversation where you could write the script completely before the conversation starts. Often there will be an opportunity to improv, to do something different. And so, positively persuasive is essentially my way of thinking about how to use those positive words to accomplish an objective while building rapport with the person that you're talking to, and leaving the door open for that kind of positive collaboration and improvisation where you can work together with your co-party, with the person that you're talking to in the negotiation. And so, that's super abstract, and a concrete example of this would be for example, in a counteroffer email.Frequently people will, kind of unsolicited, just send me their counteroffer emails. “I'm writing up this email. What do you think?” Somebody on my newsletter or my email list or something. And sometimes they're okay, and sometimes it's like, they're giving an ultimatum and they're saying, “You promised this when we first talked on the phone and you're not giving me that. You offered me this and I want what you offered to start with.”And they're using all these negative words: “You promised this and didn't give it to me.” “That's not what I expected.” Whereas in the counteroffers that I'm writing, it says, “Hey, thanks for the offer.” Starts right away with something that looks like a throwaway line, a platitude, but really what it is is saying, “Hey, we're on the same team here. We're collaborating. Thanks for the offer. I appreciate it and I hope you're having a good week so far.”And then as it goes on, it says, “Here are the reasons that I'm super valuable to your team. I can't wait to join this team and, you know, express that value.” And then, “You offered $100,000. I would be more comfortable if we could settle on $115,000.” And so, that's a counteroffer. In some cases, the counter will be more than 15%. That's kind of a middle-of-the-road one, but the way I say it is, “I would be more comfortable if,” and so there's no sort of in-your-face, there's no ultimatum, there's no fist pounding on the desk—Corey: There's no, “No.” There's no, “This is not acceptable.” There's no, “I won't accept this.” It's a very soft approach that generally doesn't put people on edge.Josh: Puts it—it not only doesn't put them on edge, but you're sort of putting your arm around them saying, “Hey, you know, I'd be more comfortable if we could do this.” And they're like, “Okay, you know, let me see what I can do for you.” So, you're not making—you're not turning them into, you know, an enemy combatant; you're turning them into a collaborator. And now it's you and then working together to try to make you comfortable so that you can join their team. So, that's a subtle thing that happens in a counteroffer email and numerous other places.But that's the idea is that when you can, you're choosing positive language so that your requests will be received better, so you build rapport with the person that you're negotiating with, and so that they perceive you to be a collaborator and not an opponent.Corey: It sounds hokey, but I've also watched it work. It's weird in that we hear about things like this, we think, “Oh, that wouldn't work on me at all,” except it the evidence very clearly shows that it does. There's a reason that some people are considered charismatic and I think this is a large part of it. And I also wonder, I mean, you focus on salary negotiation for high earners, and that, historically at least, as included, you know, a fair few number of software developers and whatnot. And these days, let's be very clear that communicating what you want, clearly, concisely, and in an understandable way that something or someone can action is such a lost foreign skill for some of these people that they call the entire field ‘prompt engineering' because just communicate clearly is apparently a microaggression when you ask an engineer to do it without giving it a fancy name. Improved communication really feels like it has been part of a dawning awareness lately that, wait, this is actually important, not just one of those box-checking items that you say so that people don't spit in your food.Josh: I think you're a hundred percent right about that. I mean, it's interesting is you think about, you know, forms of communication that we have kind of experienced over the past, you know, however many years. But you know, at first, there was no writing, over, you know, thousands of years ago, or whatever, it was just all kind of oral tradition. And then we had writing and it was, like, long-form writing. And then, you know, fast forward to today and it's like you're sending a text with two letters and that means something right, or I'm about to head to my friend's house, and I text him three letters: OMW, right?It's like, extremely terse, direct, and to the point. And there is a place for that, I think. I think that efficiency probably has some benefits. I mean, there's not a lot of reason for me to spend six minutes, you know, writing a text to tell somebody that I'm heading to their house. But on the other hand, I think that sort of concision, that terse writing can also lose a lot in translation, and as we're using more media that look like Slack, or Discord, or these other chat-based ways of communicating—including email, by the way; I mean, email can be a place where you can be as terse, or I guess, as pleonastic as you'd like—and you get more and more words in there.And so, I think it's important to be intentional with those words in contexts where tone and meaning and intent can matter. And a lot of that is in interpersonal communication. And again, it's about how messages are received and what you're conveying. I use a lot of—this is [laugh] not directly related—I use a lot of emoji and emoticons and stuff like that and I do that because I'm trying to convey tone in a medium that doesn't really facilitate it, right?If I'm talking to you, you and I can see each other's faces right now, so you know if I'm being sarcastic, or telling a joke, or being very serious. And so, in emails, I'll put a smiley face. And that's me saying, “Hey, I'm not laying this on real thick. I'm just letting you know.” Right? So anyway, there are so many media that are available to us now that make it hard to convey tone that I think a lot of it is you've got to be intentional with your tone.Corey: I have worked with more people over the course of my career that have what I've taken the call being the asshole-in-email problem, where I have—I think these people are just these absolute jerks. They are completely onerous to deal with and I despise dealing with these people, but then I'll sit down with them and they are the nicest people and they are incredibly competent and effective. They just have a challenge where whatever they write an email, it sounds like there's an implicit, “Listen up here dickhead…” that they're starting the email with.Josh: [laugh]. Yeah.Corey: And, “You know what your problem is…” may as well be how they open these things. And it feels like effectively communicating and tone is becoming something of a lost art. I've talked to multiple people now who will wind up using Chat-Gippity to construct the bones of a work email and then they'll just change a sentence or two in the center that actually is the substantive thing that they want to send so it winds up handling all the window-dressing there. Now, I'm wondering what the other side is going to look like when you have someone using Chat-Gippity to paste a work email into it. It's like, “Okay, strip out the flattery. What are they actually asking from me here?” So, you effectively have, like, an API layer of padding provided by computers, where you could just like, say, the direct thing, but it comes with all the flowerly accouterments that has become expected in business correspondence.Josh: Yeah. I mean, I love everything that you said there. It's true. I mean, I've worked with people in the past where they would send me an email, or I would email with them frequently and then we were talking in person, I realized that oh, I totally misread what they were saying. Like, I misread what they meant to say, I misread what their outcome, their preferred outcome was, and it's because the tone is just lost in email.And I don't think it was necessarily due to any sort of deficiency on their side. It was on—they have a way of communicating, I have a way of perceiving communications, and they were different, and so the message that I got was different. So, I think a lot of what I'm talking about with positively persuasive is how do I communicate in a way where it is not ambiguous, where it is very clear what I'm saying, what my intent is, what my tone is. And sometimes, like you said, [laugh] use ChatGPT to, like, strip out the flattery. I put the flattery in because I want them to know, like, “Look, I know that you're a person. You and I are on the same team here. We're working together.”So, a lot of my emails will open with, “Hey, hope you're having a good day.” And it's like, do I care if they're having a good day? Yeah, but I don't need to say that out loud. The reason I'm saying it out loud is I want them—the opposite of everything you just described where I want them to read that email and think, “Okay, Josh isn't coming at me. Even if he does have critiques of something that I'm doing, or he has a suggestion to improve something, he's coming at it from the place of, ‘Hey, I hope you're having a good day so far.'” Whatever I say at the beginning of the email.And so, that's filler, a hundred percent, but it's filler with a purpose that is meant to convey the tone of the email, that is, I'm not coming down on you too hard. I'm trying to convey a message or ask a question and sincerely curious, and can we come together on this to figure out what the solution is or to move forward or to find the next steps or whatever the thing is that we're trying to do?Corey: It feels like this is an area that has massive application beyond the obvious negotiation piece of it, which is fundamentally where we sit down and try and convince people to do a thing that we want them to do that is in our interest. But it's like, okay, well, that's not just negotiation. That is, on some level, a disturbing number of human interactions that we tend to have. Where do you see this being applied? Is it something that just—that you're looking at just through a lens of communicating effectively in a salary negotiation, or does it extend beyond that to your worldview?Josh: I think it can get pretty broad. I mean, as you were describing, I was thinking kind of, as you were talking, like, when else do I use this? And the answer is a lot. But one place that I use this kind of thing a lot is when I'm emailing people who I don't know, and trying to get them to either just give me something or to allow me more leeway than they otherwise necessarily have to allow. And so for—here, I'll give you an example, which is, I recently switched homeowners insurance providers because I live in Florida and homeowner's insurance in Florida is a nightmare.And so, I changed providers. I thought I had crossed all my t's and dotted all my I's, but there was something that fell between the cracks, and that is that the mortgage holder—the bank that holds my mortgage—hadn't sent the premium check to my new insurance provider. They didn't get that memo. And it was essentially my responsibility, but I kind of goofed. So, the bank writes me an email and they say, “Hey, we see you changed providers but we don't have an address for them. We can't send them a check. Can you give it to me?”And so, now I'm—there are two parties that I have to kind of keep on my side. One of them is obviously the bank, but also the insurance provider, who might be mad at me because I'm ten days late on this premium or whatever. So, my emails to them are places where I use this where it's like, I'm basically going to make it so that the person who could get mad at me and cause me some kind of detriment is going to have to do it through a really thick cloud of, “Josh is a nice guy who isn't trying to be a jerk to anybody here. He's not trying to pull one over on anybody. There was an honest mistake that was made, he's just trying to make everything right, and he's hoping that I can help them.”And they're going to have to look at the way that I communicate with them and they're going to have to push through it and say, “Nope. I'm going to be a jerk. I'm going to follow the letter of the law or I'm going to be as punitive as I can be.” That's really hard to do when somebody like me is emailing, say, “Hey, listen, I know that we were supposed to get a check out to you last week. I'm working on it right now. I've already got everything to the bank. It's going to be overnighted to you tonight. Is there anything else I could do to make this easy for you on your side?”And then they're going to be like, “No, just, you know, as soon as we get it, we'll let you know.” Whereas if I'm, like, you know, mad at them or I'm mad at somebody or I'm being a jerk in email, then they don't really have any reason to not be as punitive as they can be to me. And so, that's just—it's a little manipulative, I guess, but it's also the way that I see life, right? Like, I'm like that with everyone, including people who are on the other side of that equation. I'm going to give them grace when I can.And so, it's a way of me saying, “Hey, can you extend some grace to me? I think you're a human being who's on the other side of this and you have a job to do and I understand that, and if you could be a little bit kind to me, that would be great.” And it works almost every time.Corey: This episode is sponsored in part by Panoptica.  Panoptica simplifies container deployment, monitoring, and security, protecting the entire application stack from build to runtime. Scalable across clusters and multi-cloud environments, Panoptica secures containers, serverless APIs, and Kubernetes with a unified view, reducing operational complexity and promoting collaboration by integrating with commonly used developer, SRE, and SecOps tools. Panoptica ensures compliance with regulatory mandates and CIS benchmarks for best practice conformity. Privacy teams can monitor API traffic and identify sensitive data, while identifying open-source components vulnerable to attacks that require patching. Proactively addressing security issues with Panoptica allows businesses to focus on mitigating critical risks and protecting their interests. Learn more about Panoptica today at panoptica.app.Corey: There's value as well, even everyday customer service interactions, if I have a bad customer experience buying something off of Amazon—I know, imagine that.j could that ever happen? Of course not. But in a magical world in which in hypothetically did, I can call up and they answer the phone, I'm probably going to be pretty steamed going into that conversation because this is effort I didn't want to have to deal with. But stop and think about it for a second. Usually, when I call Amazon for a variety of things, it's not Andy Jassy who's answering the phone. Those are atypical moments for me.Instead, it is generally some poor customer service schmo, who is basically given zero amount of autonomy to speak of in the course of their job, and surprisingly, does not set Amazon's strategic priorities for them. And if I unload on this person, maybe I make myself feel better, I've made someone else's day actively worse, but even if you want to set aside the story of being a good person—which I don't suggest people do—but view it in a purely Machiavellian self-serving way, you're still going to have a better outcome if you inspire people to like you by making yourself likable. Because when you're a jerk—and I used to work helpdesk; I remember how this works—Josh: Me, too.Corey: Suddenly, I will fall back on every policy that I can have, “Oh, we're not allowed to sit through a reboot. Bye.” As opposed to, “Eh, [unintelligible 00:22:31] say ever not to, but I'm enjoying this and I want to help you out and make sure you get there, so hang out. Why not?” There are ways people can bend the rules in your favor, but if you give them an excuse to fall back on that, they're not going to go out of their way to help you at all. They're going to make you go through every bit of procedural red tape they can possibly come up with. And again, you've made their day worse and that should not be lost on you. The outcomes are better for everyone when you're a nice person.Josh: As you were talking, it's funny because I remembered, maybe the most frustrated I've ever been talking to customer service. This is several years—many years ago, but I had some student loan stuff going on. I don't even remember specifically what it was, but it had to do with, you know, who was servicing the loan and I'm trying to pay off a loan and I can't get the right person on the phone and they say, you know, “It's this other place that owns that holds the loan.” Or, “You need to call this person,” and I'm getting the runaround and I'm not able to do the thing I want to do.And after I think I've been hung up on, like, three times, and I was really steamed. Like you said, I'm legitimately, like, very frustrated. My voice had been cracking a little bit, which is how I know I'm, like, really getting heated is my [laugh] voice will start to crack a little bit. But I said to the person—and I became conscious in that moment of like, okay, I'm very frustrated. I could say something I regret I could really, like, hurt this person that I'm talking to.As you said, they're just somebody who's a customer service representative for this bank or loan servicer, whoever they were. So, I said something like, “Listen, you can't hear it in the tone of my voice right now, but I need you to know that I'm extremely frustrated and I'm going to [laugh] I'm going to get really upset, and so I'm asking you to help me before I do that before I escalate. I don't want to talk to your manager, but I'm going to ask you to do that if you don't help me right now. And you should know that I'm super frustrated. My voice is not betraying that right now, but understand that I am.”And they snapped in and they were like, “Okay, I get it, I get it,” you know? And right there even as a place where I could have just started shouting at them or whatever it takes, you know, “I want to talk to your manager,” and, “I'm going to escalate,” and all this stuff. And instead, I was like, well, I'm going to give them one last chance, which is, let me just tell them how frustrated I am without using colorful language or mean words. And it worked. It was a subtle thing that actually, I think it got their attention more than anything else. They said, “Oh, this person is really angry. I should actually listen to them.”Corey: Now, there is a dark side to this as well and that is human nature. I have done experiments on this over the years, most notably on Twitter, back when that was the central place people went to, and when I would say something nice about an AWS service, it got in most cases two likes and maybe a bot would retweet it. Whereas if I say, “This AWS service is a piece of garbage,” and I come up with some reason for it, it went around the internet three times and it was misconstrued, with me saying, “The entirety of AWS is terrible.” Not usually, no. There are some frustrating elements, but yeah, there's context. It doesn't fit into a single tweet.The snarky negativity blows up and responds to—and resonates with something in human nature that the people love spreading that around and engaging with it, whereas the happy positivity does not work that way. On Twitter. I've noticed what seems to be the opposite effect on LinkedIn. Snark doesn't do well over there, but almost saccharine-sweet sincerity does. And I don't know what this says about various social media channels or human nature or what. All I know is that I'm confused.Josh: I think you're right. You know, I mean, as you were talking, I was thinking about clickbait, right? Like, there's a reason that clickbait is called what it is, and it's because you read it and you get annoyed or frustrated or angry, and I'm going to hate-read this article right now and I'm going to send it to six friends. There is something in human nature. I mean, you know, we talked—for decades, I've heard about how the local news is our news, “If it bleeds, it leads,” in news, right?We're not talking about how great the planet is or how things—like, this bad thing happened in New Orleans yesterday and you should be really upset about it, or wherever that place happens to be on that particular day. I do think there is something innate in us that allows us to gravitate towards those kinds of things and I have no idea what it is. But it is interesting, as you said, that there are places where either that's frowned upon or there's just a different mode of communication, which tells me that there's something sort of in the cultural water there that causes people to perceive stuff differently in different kinds of social media environments, right? Twitter definitely is a place where things can go pretty negative. And there are other places that are significantly more negative, right, on the internet, if you want to go, they get really bad, and then there's places that are really positive.And it's interesting how it's like a maybe people self-select into those places, but also, I think, you know, I think there's a big difference if you think about, like, who's using Twitter and why and who's using LinkedIn and why. I think that people correctly perceive on LinkedIn that for the most part, you're probably not going to be somebody that's at the top of a bunch of lists to be hired if your whole thing on LinkedIn is just being negative all the time and doom and gloom and snark and that kind of thing. It'll be entertaining to some people, but you're probably not going to get many job offers based on that because people are going to ask, “Do I want to work with this person 24 hours a day?” And they'll read your posts and say, “No,” whereas at least a saccharine sweet person, everybody knows those people who are like that in real life, and they can be I don't know, a little bit much, but also can generally be very good people to work with and it's not difficult to sort of like manage that.Corey: There's a lot that can be done just by having people want to help you. It's weird. Like, I take a look at some of the people that I identify publicly as the nicest in tech—Mark [unintelligible 00:27:48] is a good example. Kelsey Hightower is sort of the canonical example of all of this. These are just genuinely nice people. Ashley Willis, another good example.There are so many different folks out there who are just beacons of positivity. And I look at that, and it's like, first, that is admirable. Second, holy hell that is absolutely not me. No one is ever going to say, “That's what I love about Corey. He's so uplifting and positive all the time.” You know, I do strive to be a better person and inspire others to be better people, but I'm also willing to spare no quarter for corporate tomfoolery either. Which apparently means a lot of people think you're a jerk as a result. I'll take it.Josh: Yeah, I think it's, you know, everybody—that's the nice thing about humans, right, is we're all different. And there are lots of different types of person—if everybody had the same personality, what a boring place that we would live. And that's true for, more or less, any human characteristic. If we were all the same and vanilla, I think it would be pretty boring. So, I think that having really positive people out there is great, and having some people who are snarky is great, and having people who have, you know, an ability to just point out absurdity is great. If everyone is pointing out absurdity all the time, then we're not left with too much.So, I do think it's good that those people are out there and they're very positive. And I think that, you know, even for myself, like, I try to be positive and helpful. Like, we were talking about customer service. I'm like, overly nice to customer service people. I tip more than I should most of the time. And a lot of that is just, you know, that's a human; they have needs and feelings and this is a way for me to be kind to them.And I know most people don't think that way that I do. And I like that. And I think that some people don't think that way and I think that's totally fine, too. I think the variety is the spice of life and I think that makes it interesting and useful. I also think that being intentional with those different modes, having them all available to you, and exercising them in different environments can be, like, a level-up, right? It can be a superpower.You can either be a person with a personality who exercises that same personality all the time, or you can choose to exercise, sort of, different personalities or different ways of communicating or different levels of positivity or negativity in different environments. And I think that makes it even more interesting where you're able to essentially be a chameleon and find the right mode of communication for the environment or the situation that you're in, which can enhance that situation for you or for other people that are around you.Corey: I have to ask, do you find that this is something you do all the time or do you put on your negotiating phrasing the same way that I do when my children accuse me of putting on ‘podcast voice.'Josh: All the time, definitely not. I am aware of it as a way of communicating that's available to me and I do consciously use it a lot of the time. But you know, if I'm just sitting around with my buddies on, you know, Wednesday night watching the game, probably not. And a lot of that is because, you know, part of this is, it's a default to positive because you don't know sort of who's on the other end of the line, whereas if you're communicating with somebody that you've communicated with for hundreds of hours, you don't need all that stuff, you don't need all the tonal indicators and the padding and all that stuff because you know that person. So, a lot of what I'm describing, even like in a salary negotiation, I'm basically working from the default of I don't know the counterparty, I don't know the recruiter, and therefore we're going to default to positive, and that's going to essentially, you know, make things smoother.It's going to remove friction because there are things that I don't know, whereas, you know, if I'm communicating with somebody I know really well for 20 years, we don't need all that stuff. We can—that's where the shorthand can come in handy. It can be really useful because we already know all of the background there. One place that I'm very conscious of this is, you know, every now and then somebody, with a personal friend or somebody that I know, well, I'll have, like, a difficult conversation where they'll say, “Hey, you know, this is something that happened to me recently. Can you help me out?” Or, “This is a difficult thing that I'm going through.”And that's a place where I am very conscious of this and it comes in different ways. One of them is using positive words, but one of them is also just, like, exercising extreme sympathy or empathy if it's appropriate. Which is, again, it's a conscious decision to say, this isn't a time to point out, you know, for example, errors, or like, this person just needs someone that they want to talk to and I'm going to listen to them carefully, I'm going to try to give them reassurance that the situation will be resolved eventually, and that kind of thing, but it's not a time for you know, critique or, you know, negative words or pointing out flaws and that kind of thing. And so, I think that's also kind of a conscious place that I will exercise it. But to answer your question, no, I don't do this all the time.I would say without having ever thought about this before, the less familiar I am with the person or the situation, the more I will default to this, and the more familiar I am with the person or the situation, the less I will default to it. And I will just use more plain, kind of, direct language because that familiarity is there, and it assumes a lot that isn't there when I don't know the person well.Corey: I really want to thank you for taking the time to speak with me about this. Where can people go to learn more?Josh: Maybe follow me on Twitter [laugh], @joshdoody on Twitter.Corey: It's a harder problem these days than it once was.Josh: Yeah. I really paused there. I am pretty active on LinkedIn these days. And fearlesssalarynegotiation.com isn't explicitly about positive language or being positively persuasive, but you'll see even just reading the articles that I write there that underlying most of what I write is this sort of implicit understanding that positivity is the way to make progress and to get closer to what your goals are. So, @joshdoody on Twitter; joshdoody on LinkedIn, of course, and then fearlesssalarynegotiation.com.Corey: And we will, of course, put links to all of this in the show notes. Thank you so much for taking the time to speak with me. I appreciate it.Josh: Thanks for having me on, Corey. This was a lot of fun. I always like talking to you.Corey: I do, too. Josh [laugh] Doody, owner of Fearless Salary Negotiation. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an angry comment that rants itself sick, but also only uses positive language.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

Matthew Prince, Co-founder & CEO at Cloudflare, joins Corey on Screaming in the Cloud to discuss how and why Cloudflare is working to solve some of the Internet's biggest problems. Matthew reveals some of his biggest issues with cloud providers, including the tendency to charge more for egress than ingress and the fact that the various clouds don't compete on a feature vs. feature basis. Corey and Matthew also discuss how Cloudflare is working to change those issues so the Internet is a better and more secure place. Matthew also discusses how transparency has been key to winning trust in the community and among Cloudflare's customers, and how he hopes the Internet and cloud providers will evolve over time.About MatthewMatthew Prince is co-founder and CEO of Cloudflare. Cloudflare's mission is to help build a better Internet. Today the company runs one of the world's largest networks, which spans more than 200 cities in over 100 countries. Matthew is a World Economic Forum Technology Pioneer, a member of the Council on Foreign Relations, winner of the 2011 Tech Fellow Award, and serves on the Board of Advisors for the Center for Information Technology and Privacy Law. Matthew holds an MBA from Harvard Business School where he was a George F. Baker Scholar and awarded the Dubilier Prize for Entrepreneurship. He is a member of the Illinois Bar, and earned his J.D. from the University of Chicago and B.A. in English Literature and Computer Science from Trinity College. He's also the co-creator of Project Honey Pot, the largest community of webmasters tracking online fraud and abuse.Links Referenced: Cloudflare: https://www.cloudflare.com/ Twitter: https://twitter.com/eastdakota TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. One of the things we talk about here, an awful lot is cloud providers. There sure are a lot of them, and there's the usual suspects that you would tend to expect with to come up, and there are companies that work within their ecosystem. And then there are the enigmas.Today, I'm talking to returning guest Matthew Prince, Cloudflare CEO and co-founder, who… well first, welcome back, Matthew. I appreciate your taking the time to come and suffer the slings and arrows a second time.Matthew: Corey, thanks for having me.Corey: What I'm trying to do at the moment is figure out where Cloudflare lives in the context of the broad ecosystem because you folks have released an awful lot. You had this vaporware-style announcement of R2, which was an S3 competitor, that then turned out to be real. And oh, it's always interesting, when vapor congeals into something that actually exists. Cloudflare Workers have been around for a while and I find that they become more capable every time I turn around. You have Cloudflare Tunnel which, to my understanding, is effectively a VPN without the VPN overhead. And it feels that you are coming at building a cloud provider almost from the other side than the traditional cloud provider path. Is it accurate? Am I missing something obvious? How do you see yourselves?Matthew: Hey, you know, I think that, you know, you can often tell a lot about a company by what they measure and what they measure themselves by. And so, if you're at a traditional, you know, hyperscale public cloud, an AWS or a Microsoft Azure or a Google Cloud, the key KPI that they focus on is how much of a customer's data are they hoarding, effectively? They're all hoarding clouds, fundamentally. Whereas at Cloudflare, we focus on something of it's very different, which is, how effectively are we moving a customer's data from one place to another? And so, while the traditional hyperscale public clouds are all focused on keeping your data and making sure that they have as much of it, what we're really focused on is how do we make sure your data is wherever you need it to be and how do we connect all of the various things together?So, I think it's exactly right, where we start with a network and are kind of building more functions on top of that network, whereas other companies start really with a database—the traditional hyperscale public clouds—and the network is sort of an afterthought on top of it, just you know, a cost center on what they're delivering. And I think that describes a lot of the difference between us and everyone else. And so oftentimes, we work very much in conjunction with. A lot of our customers use hyperscale public clouds and Cloudflare, but increasingly, there are certain applications, there's certain data that just makes sense to live inside the network itself, and in those cases, customers are using things like R2, they're using our Workers platform in order to be able to build applications that will be available everywhere around the world and incredibly performant. And I think that is fundamentally the difference. We're all about moving data between places, making sure it's available everywhere, whereas the traditional hyperscale public clouds are all about hoarding that data in one place.Corey: I want to clarify that when you say hoard, I think of this, from my position as a cloud economist, as effectively in an economic story where hoarding the data, they get to charge you for hosting it, they get to charge you serious prices for egress. I've had people mishear that before in a variety of ways, usually distilled down to, “Oh, and their data mining all of their customers' data.” And I want to make sure that that's not the direction that you intend the term to be used. If it is, then great, we can talk about that, too. I just want to make sure that I don't get letters because God forbid we get letters for things that we say in the public.Matthew: No, I mean, I had an aunt who was a hoarder and she collected every piece of everything and stored it somewhere in her tiny little apartment in the panhandle of Florida. I don't think she looked at any of it and for the most part, I don't think that AWS or Google or Microsoft are really using your data in any way that's nefarious, but they're definitely not going to make it easy for you to get it out of those places; they're going to make it very, very expensive. And again, what they're measuring is how much of a customer's data are they holding onto whereas at Cloudflare we're measuring how much can we enable you to move your data around and connected wherever you need it. And again, I think that that kind of gets to the fundamental difference between how we think of the world and how I think the hyperscale public clouds thing of the world. And it also gets to where are the places where it makes sense to use Cloudflare, and where are the places that it makes sense to use an AWS or Google Cloud or Microsoft Azure.Corey: So, I have to ask, and this gets into the origin story trope a bit, but what radicalized you? For me, it was the realization one day that I could download two terabytes of data from S3 once, and it would cost significantly more than having Amazon.com ship me a two-terabyte hard drive from their store.Matthew: I think that—so Cloudflare started with the basic idea that the internet's not as good as it should be. If we all knew what the internet was going to be used for and what we're all going to depend on it for, we would have made very different decisions in how it was designed. And we would have made sure that security was built in from day one, we would have—you know, the internet is very reliable and available, but there are now airplanes that can't land if the internet goes offline, they are shopping transactions shut down if the internet goes offline. And so, I don't think we understood—we made it available to some extent, but not nearly to the level that we all now depend on it. And it wasn't as fast or as efficient as it possibly could be. It's still very dependent on the geography of where data is located.And so, Cloudflare started out by saying, “Can we fix that? Can we go back and effectively patch the internet and make it what it should have been when we set down the original protocols in the '60s, '70s, and '80s?” But can we go back and say, can we build a new, sort of, overlay on the internet that solves those problems: make it more secure, make it more reliable, make it faster and more efficient? And so, I think that that's where we started, and as a result of, again, starting from that place, it just made fundamental sense that our job was, how do you move data from one place to another and do it in all of those ways? And so, where I think that, again, the hyperscale public clouds measure themselves by how much of a customer's data are they hoarding; we measure ourselves by how easy are we making it to securely, reliably, and efficiently move any piece of data from one place to another.And so, I guess, that is radical compared to some of the business models of the traditional cloud providers, but it just seems like what the internet should be. And that's our North Star and that's what just continues to drive us and I think is a big reason why more and more customers continue to rely on Cloudflare.Corey: The thing that irks me potentially the most in the entire broad strokes of cloud is how the actions of the existing hyperscalers have reflected mostly what's going on in the larger world. Moore's law has been going on for something like 100 years now. And compute continues to get faster all the time. Storage continues to cost less year over year in a variety of ways. But they have, on some level, tricked an entire generation of businesses into believing that network bandwidth is this precious, very finite thing, and of course, it's going to be ridiculously expensive. You know, unless you're taking it inbound, in which case, oh, by all means back the truck around. It'll be great.So, I've talked to founders—or prospective founders—who had ideas but were firmly convinced that there was no economical way to build it. Because oh, if I were to start doing real-time video stuff, well, great, let's do the numbers on this. And hey, that'll be $50,000 a minute, if I read the pricing page correctly, it's like, well, you could get some discounts if you ask nicely, but it doesn't occur to them that they could wind up asking for a 98% discount on these things. Everything is measured in a per gigabyte dimension and that just becomes one of those things where people are starting to think about and meter something that—from my days in data centers where you care about the size of the pipe and not what's passing through it—to be the wrong way of thinking about things.Matthew: A little of this is that everybody is colored by their experience of dealing with their ISP at home. And in the United States, in a lot of the world, ISPs are built on the old cable infrastructure. And if you think about the cable infrastructure, when it was originally laid down, it was all one-directional. So, you know, if you were turning on cable in your house in a pre-internet world, data fl—Corey: Oh, you'd watch a show and your feedback was yelling at the TV, and that's okay. They would drop those packets.Matthew: And there was a tiny, tiny, tiny bit of data that would go back the other direction, but cable was one-directional. And so, it actually took an enormous amount of engineering to make cable bi-directional. And that's the reason why if you're using a traditional cable company as your ISP, typically you will have a large amount of download capacity, you'll have, you know, a 100 megabits of down capacity, but you might only have a 10th of that—so maybe ten megabits—of upload capacity. That is an artifact of the cable system. That is not just the natural way that the internet works.And the way that it is different, that wholesale bandwidth works, is that when you sign up for wholesale bandwidth—again, as you phrase it, you're not buying this many bytes that flows over the line; you're buying, effectively, a pipe. You know, the late Senator Ted Stevens said that the internet is just a series of tubes and got mocked mercilessly, but the internet is just a series of tubes. And when Cloudflare or AWS or Google or Microsoft buys one of those tubes, what they pay for is the diameter of the tube, the amount that can fit through it. And the nature of this is you don't just get one tube, you get two. One that is down and one that is up. And they're the same size.And so, if you've got a terabit of traffic coming down and zero going up, that costs exactly the same as a terabit going up and zero going down, which costs exactly the same as a terabit going down and a terabit going up. It is different than your home, you know, cable internet connection. And that's the thing that I think a lot of people don't understand. And so, as you pointed out, but the great tragedy of the cloud is that for nothing other than business reasons, these hyperscale public cloud companies don't charge you anything to accept data—even though that is actually the more expensive of the two operations for that because writes are more expensive than reads—but the inherent fact that they were able to suck the data in means that they have the capacity, at no additional cost, to be able to send that data back out. And so, I think that, you know, the good news is that you're starting to see some providers—so Cloudflare, we've never charged for egress because, again, we think that over time, bandwidth prices go to zero because it just makes sense; it makes sense for ISPs, it makes sense for connectiv—to be connected to us.And that's something that we can do, but even in the cases of the cloud providers where maybe they're all in one place and somebody has to pay to backhaul the traffic around the world, maybe there's some cost, but you're starting to see some pressure from some of the more forward-leaning providers. So Oracle, I think has done a good job of leaning in and showing how egress fees are just out of control. But it's crazy that in some cases, you have a 4,000x markup on AWS bandwidth fees. And that's assuming that they're paying the same rates as what we would get at Cloudflare, you know, even though we are a much smaller company than they are, and they should be able to get even better prices.Corey: Yes, if there's one thing Amazon is known for, it as being bad at negotiating. Yeah, sure it is. I'm sure that they're just a terrific joy to be a vendor to.Matthew: Yeah, and I think that fundamentally what the price of bandwidth is, is tied very closely to what the cost of a port on a router costs. And what we've seen over the course of the last ten years is that cost has just gone enormously down where the capacity of that port has gone way up and the just physical cost, the depreciated cost that port has gone down. And yet, when you look at Amazon, you just haven't seen a decrease in the cost of bandwidth that they're passing on to customers. And so, again, I think that this is one of the places where you're starting to see regulators pay attention, we've seen efforts in the EU to say whatever you charge to take data out is the same as what you should charge it to put data in. We're seeing the FTC start to look at this, and we're seeing customers that are saying that this is a purely anti-competitive action.And, you know, I think what would be the best and healthiest thing for the cloud by far is if we made it easy to move between various cloud providers. Because right now the choice is, do I use AWS or Google or Microsoft, whereas what I think any company out there really wants to be able to do is they want to be able to say, “I want to use this feature at AWS because they're really good at that and I want to use this other feature at Google because they're really good at that, and I want to us this other feature at Microsoft, and I want to mix and match between those various things.” And I think that if you actually got cloud providers to start competing on features as opposed to competing on their overall platform, we'd actually have a much richer and more robust cloud environment, where you'd see a significantly improved amount of what's going on, as opposed to what we have now, which is AWS being mediocre at everything.Corey: I think that there's also a story where for me, the egress is annoying, but so is the cross-region and so is the cross-AZ, which in many cases costs exactly the same. And that frustrates me from the perspective of, yes, if you have two data centers ten miles apart, there is some startup costs to you in running fiber between them, however you want to wind up with that working, but it's a sunk cost. But at the end of that, though, when you wind up continuing to charge on a per gigabyte basis to customers on that, you're making them decide on a very explicit trade-off of, do I care more about cost or do I care more about reliability? And it's always going to be an investment decision between those two things, but when you make the reasonable approach of well, okay, an availability zone rarely goes down, and then it does, you get castigated by everyone for, “Oh it even says in their best practice documents to go ahead and build it this way.” It's funny how a lot of the best practice documents wind up suggesting things that accrue primarily to a cloud provider's benefit. But that's the way of the world I suppose.I just know, there's a lot of customer frustration on it and in my client environments, it doesn't seem to be very acute until we tear apart a bill and look at where they're spending money, and on what, at which point, the dawning realization, you can watch it happen, where they suddenly realize exactly where their money is going—because it's relatively impenetrable without that—and then they get angry. And I feel like if people don't know what they're being charged for, on some level, you've messed up.Matthew: Yeah. So, there's cost to running a network, but there's no reason other than limiting competition why you would charge more to take data out than you would put data in. And that's a puzzle. The cross-region thing, you know, I think where we're seeing a lot of that is actually oftentimes, when you've got new technologies that come out and they need to take advantage of some scarce resource. And so, AI—and all the AI companies are a classic example of this—right now, if you're trying to build a model, an AI model, you are hunting the world for available GPUs at a reasonable price because there's an enormous scarcity of them.And so, you need to move from AWS East to AWS West, to AWS, you know, Singapore, to AWS in Luxembourg and bounce around to find wherever there's GPU availability. And then that is crossed against the fact that these training datasets are huge. You know, I mean, they're just massive, massive, massive amounts of data. And so, what that is doing is you're having these AI companies that are really seeing this get hit in the face, where they literally can't get the capacity they need because of the fact that whatever cloud provider in whatever region they've selected to store their data isn't able to have that capacity. And so, they're getting hit not only by sort of a double whammy of, “I need to move my data to wherever there's capacity. And if I don't do that, then I have to pay some premium, an ever-escalating price for the underlying GPUs.” And God forbid, you have to move from AWS to Google to chase that.And so, we're seeing a lot of companies that are saying, “This doesn't make any sense. We have this enormous training set. If we just put it with Cloudflare, this is data that makes sense to live in the network, fundamentally.” And not everything does. Like, we're not the right place to store your long-term transaction logs that you're only going to look at if you get sued. There are much better places, much more effective places do it.But in those cases where you've got to read data frequently, you've got to read it from different places around the world, and you will need to decrease what those costs of each one of those reads are, what we're seeing is just an enormous amount of demand for that. And I think these AI startups are really just a very clear example of what company after company after company needs, and why R2 has had—which is our zero egress cost S3 competitor—why that is just seeing such explosive growth from a broad set of customers.Corey: Because I enjoy pushing the bounds of how ridiculous I can be on the internet, I wound up grabbing a copy of the model, the Llama 2 model that Meta just released earlier this week as we're recording this. And it was great. It took a little while to download here. I have gigabit internet, so okay, it took some time. But then I wound up with something like 330 gigs of models. Great, awesome.Except for the fact that I do the math on that and just for me as one person to download that, had they been paying the listed price on the AWS website, they would have spent a bit over $30, just for me as one random user to download the model, once. If you can express that into the idea of this is a model that is absolutely perfect for whatever use case, but we want to have it run with some great GPUs available at another cloud provider. Let's move the model over there, ignoring the data it's operating on as well, it becomes completely untenable. It really strikes me as an anti-competitiveness issue.Matthew: Yeah. I think that's it. That's right. And that's just the model. To build that model, you would have literally millions of times more data that was feeding it. And so, the training sets for that model would be many, many, many, many, many, many orders of magnitude larger in terms of what's there. And so, I think the AI space is really illustrating where you have this scarce resource that you need to chase around the world, you have these enormous datasets, it's illustrating how these egress fees are actually holding back the ability for innovation to happen.And again, they are absolutely—there is no valid reason why you would charge more for egress than you do for ingress other than limiting competition. And I think the good news, again, is that's something that's gotten regulators' attention, that's something that's gotten customers' attention, and over time, I think we all benefit. And I think actually, AWS and Google and Microsoft actually become better if we start to have more competition on a feature-by-feature basis as opposed to on an overall platform. The choice shouldn't be, “I use AWS.” And any big company, like, nobody is all-in only on one cloud provider. Everyone is multi-cloud, whether they want to be or not because people end up buying another company or some skunkworks team goes off and uses some other function.So, you are across multiple different clouds, whether you want to be or not. But the ideal, and when I talk to customers, they want is, they want to say, “Well, you know that stuff that they're doing over at Microsoft with AI, that sounds really interesting. I want to use that, but I really like the maturity and robustness of some of the EC2 API, so I want to use that at AWS. And Google is still, you know, the best in the world at doing search and indexing and everything, so I want to use that as well, in order to build my application.” And the applications of the future will inherently stitch together different features from different cloud providers, different startups.And at Cloudflare, what we see is our, sort of, purpose for being is how do we make that stitching as easy as possible, as cost-effective as possible, and make it just make sense so that you have one consistent security layer? And again, we're not about hording the data; we're about connecting all of those things together. And again, you know, from the last time we talked to now, I'm actually much more optimistic that you're going to see, kind of, this revolution where egress prices go down, you get competition on feature-by-features, and that's just going to make every cloud provider better over the long-term.Corey: This episode is sponsored in part by Panoptica.  Panoptica simplifies container deployment, monitoring, and security, protecting the entire application stack from build to runtime. Scalable across clusters and multi-cloud environments, Panoptica secures containers, serverless APIs, and Kubernetes with a unified view, reducing operational complexity and promoting collaboration by integrating with commonly used developer, SRE, and SecOps tools. Panoptica ensures compliance with regulatory mandates and CIS benchmarks for best practice conformity. Privacy teams can monitor API traffic and identify sensitive data, while identifying open-source components vulnerable to attacks that require patching. Proactively addressing security issues with Panoptica allows businesses to focus on mitigating critical risks and protecting their interests. Learn more about Panoptica today at panoptica.app.Corey: I don't know that I would trust you folks to the long-term storage of critical data or the store of record on that. You don't have the track record on that as a company the way that you do for being the network interchange that makes everything just work together. There are areas where I'm thrilled to explore and see how it works, but it takes time, at least from the sensible infrastructure perspective of trusting people with track records on these things. And you clearly have the network track record on these things to make this stick. It almost—it seems unfair to you folks, but I view you as Cloudflare is a CDN, that also dabbles in a few other things here in there, though, increasingly, it seems it's CDN and security company are becoming synonymous.Matthew: It's interesting. I remember—and this really is going back to the origin story, but when we were starting Cloudflare, you know, what we saw was that, you know, we watched as software—starting with companies like Salesforce—transition from something that you bought in the box to something that you bought as a service [into 00:23:25] the cloud. We watched as, sort of, storage and compute transition from something that you bought from Dell or HP to something that you rented as a service. And so the fundamental problem that Cloudflare started out with was if the software and the storage and compute are going to move, inherently the security and the networking is going to move as well because it has to be as a service as well, there's no way you can buy a you know, Cisco firewall and stick it in front of your cloud service. You have to be in the cloud as well.So, we actually started very much as a security company. And the objection that everybody had to us as we would sort of go out and describe what we were planning on doing was, “You know, that sounds great, but you're going to slow everything down.” And so, we became just obsessed with latency. And Michelle, my co-founder, and I were business students and we had an advisor, a guy named Tom [Eisenmann 00:24:26] in business school. And I remember going in and that was his objection as well and so we did all this work to figure it out.And obviously, you know, I'd say computer science, and anytime that you have a problem around latency or speed caching is an obvious part of the solution to that. And so, we went in and we said, “Here's how we're going to do it: [unintelligible 00:24:47] all this protocol optimization stuff, and here's how we're going to distribute it around the world and get close to where users are. And we're going to use caching in the places where we can do caching.” And Tom said, “Oh, you're building a CDN.” And I remember looking at him and then I'm looking at Michelle. And Michelle is Canadian, and so I was like, “I don't know that I'm building a Canadian, but I guess. I don't know.”And then, you know, we walked out in the hall and Michelle looked at me and she's like, “We have to go figure out what the CDN thing is.” And we had no idea what a CDN was. And even when we learned about it, we were like, that business doesn't make any sense. Like because again, the CDNs were the first ones to really charge for bandwidth. And so today, we have effectively built, you know, a giant CDN and are the fastest in the world and do all those things.But we've always given it away basically for free because fundamentally, what we're trying to do is all that other stuff. And so, we actually started with security. Security is—you know, my—I've been working in security now for over 25 years and that's where my background comes from, and if you go back and look at what the original plan was, it was how do we provide that security as a service? And yeah, you need to have caching because caching makes sense. What I think is the difference is that in order to do that, in order to be able to build that, we had to build a set of developer tools for our own team to allow them to build things as quickly as possible.And, you know, if you look at Cloudflare, I think one of the things we're known for is just the rapid, rapid, rapid pace of innovation. And so, over time, customers would ask us, “How do you innovate so fast? How do you build things fast?” And part of the answer to that, there are lots of ways that we've been able to do that, but part of the answer to that is we built a developer platform for our own team, which was just incredibly flexible, allowed you to scale to almost any level, took care of a lot of that traditional SRE functions just behind the scenes without you having to think about it, and it allowed our team to be really fast. And our customers are like, “Wow, I want that too.”And so, customer after customer after customer after customer was asking and saying, you know, “We have those same problems. You know, if we're a big e-commerce player, we need to be able to build something that can scale up incredibly quickly, and we don't have to think about spinning up VMs or containers or whatever, we don't have to think about that. You know, our customers are around the world. We don't want to have to pick a region for where we're going to deploy code.” And so, where we built Cloudflare Workers for ourself first, customers really pushed us to make it available to them as well.And that's the way that almost any good developer platform starts out. That's how AWS started. That's how, you know, the Microsoft developer platform, and so the Apple developer platform, the Salesforce developer platform, they all start out as internal tools, and then someone says, “Can you expose this to us as well?” And that's where, you know, I think that we have built this. And again, it's very opinionated, it is right for certain applications, it's never going to be the right place to run SAP HANA, but the company that builds the tool [crosstalk 00:27:58]—Corey: I'm not convinced there is a right place to run SAP HANA, but that's probably unfair of me.Matthew: Yeah, but there is a startup out there, I guarantee you, that's building whatever the replacement for SAP HANA is. And I think it's a better than even bet that Cloudflare Workers is part of their stack because it solves a lot of those fundamental challenges. And that's been great because it is now allowing customer after customer after customer, big and large startups and multinationals, to do things that you just can't do with traditional legacy hyperscale public cloud. And so, I think we're sort of the next generation of building that. And again, I don't think we set out to build a developer platform for third parties, but we needed to build it for ourselves and that's how we built such an effective tool that now so many companies are relying on.Corey: As a Cloudflare customer myself, I think that one of the things that makes you folks standalone—it's why I included security as well as CDN is one of the things I trust you folks with—has been—Matthew: I still think CDN is Canadian. You will never see us use that term. It's like, Gartner was like, “You have to submit something for the CDN-like ser—” and we ended up, like, being absolute top-right in it. But it's a space that is inherently going to zero because again, if bandwidth is free, I'm not sure what—this is what the internet—how the internet should work. So yeah, anyway.Corey: I agree wholeheartedly. But what I've always enjoyed, and this is probably going to make me sound meaner than I intend it to, it has been your outages. Because when computers inherently at some point break, which is what they do, you personally and you as a company have both taken a tone that I don't want to say gleeful, but it's sort of the next closest thing to it regarding the postmortem that winds up getting published, the explanation of what caused it, the transparency is unheard of at companies that are your scale, where usually they want to talk about these things as little as possible. Whereas you've turned these into things that are educational to those of us who don't have the same scale to worry about but can take things from that are helpful. And that transparency just counts for so much when we're talking about things as critical as security.Matthew: I would definitely not describe it as gleeful. It is incredibly painful. And we, you know, we know we let customers down anytime we have an issue. But we tend not to make the same mistake twice. And the only way that we really can reliably do that is by being just as transparent as possible about exactly what happened.And we hope that others can learn from the mistakes that we made. And so, we own the mistakes we made and we talk about them and we're transparent, both internally but also externally when there's a problem. And it's really amazing to just see how much, you know, we've improved over time. So, it's actually interesting that, you know, if you look across—and we measure, we test and measure all the big hyperscale public clouds, what their availability and reliability is and measure ourselves against it, and across the board, second half of 2021 and into the first half of 2022 was the worst for every cloud provider in terms of reliability. And the question is why?And the answer is, Covid. I mean, the answer to most things over the last three years is in one way, directly or indirectly, Covid. But what happened over that period of time was that in April of 2020, internet traffic and traffic to our service and everyone who's like us doubled over the course of a two-week period. And there are not many utilities that you can imagine that if their usage doubles, that you wouldn't have a problem. Imagine the sewer system all of a sudden has twice as much sewage, or the electrical grid as twice as much demand, or the freeways have twice as many cars. Like, things break down.And especially the European internet came incredibly close to just completely failing at that time. And we all saw where our bottlenecks were. And what's interesting is actually the availability wasn't so bad in 2020 because people were—they understood the absolute critical importance that while we're in the middle of a pandemic, we had to make sure the internet worked. And so, we—there were a lot of sleepless nights, there's a—and not just at with us, but with every provider that's out there. We were all doing Herculean tasks in order to make sure that things came online.By the time we got to the sort of the second half of 2021, what everybody did, Cloudflare included, was we looked at it, and we said, “Okay, here were where the bottlenecks were. Here were the problems. What can we do to rearchitect our systems to do that?” And one of the things that we saw was that we effectively treated large data centers as one big block, and if you had certain pieces of equipment that failed in a way, that you would take that entire data center down and then that could have cascading effects across traffic as it shifted around across our network. And so, we did the work to say, “Let's take that one big data center and divide it effectively into multiple independent units, where you make sure that they're all on different power suppliers, you make sure they're all in different [crosstalk 00:32:52]”—Corey: [crosstalk 00:32:51] harder than it sounds. When you have redundant things, very often, the thing that takes you down the most is the heartbeat that determines whether something next to it is up or not. It gets a false reading and suddenly, they're basically trying to clobber each other to death. So, this is a lot harder than it sounds like.Matthew: Yeah, and it was—but what's interesting is, like, we took it all that into account, but the act of fixing things, you break things. And that was not just true at Cloudflare. If you look across Google and Microsoft and Amazon, everybody, their worst availability was second half of 2021 or into 2022. But it both internally and externally, we talked about the mistakes we made, we talked about the challenges we had, we talked about—and today, we're significantly more resilient and more reliable because of that. And so, transparency is built into Cloudflare from the beginning.The earliest story of this, I remember, there was a 15-year-old kid living in Long Beach, California who bought my social security number off of a Russian website that had hacked a bank that I'd once used to get a mortgage. He then use that to redirect my cell phone voicemail to a voicemail box he controlled. He then used that to get into my personal email. He then used that to find a zero-day vulnerability in Google's corporate email where he could privilege-escalate from my personal email into Google's corporate email, which is the provider that we use for our email service. And then he used that as an administrator on our email at the time—this is back in the early days of Cloudflare—to get into another administration account that he then used to redirect one of Cloud Source customers to a website that he controlled.And thankfully, it wasn't, you know, the FBI or the Central Bank of Brazil, which were all Cloudflare customers. Instead, it was 4chan because he was a 15-year-old hacker kid. And we fix it pretty quickly and nobody knew who Cloudflare was at the time. And so potential—Corey: The potential damage that could have been caused at that point with that level of access to things, like, that is such a ridiculous way to use it.Matthew: And—yeah [laugh]—my temptation—because it was embarrassing. He took a bunch of stuff from my personal email and he put it up on a website, which just to add insult to injury, was actually using Cloudflare as well. And I wanted to sweep it under the rug. And our team was like, “That's not the right thing to do. We're fundamentally a security company and we need to talk about when we make mistakes on security.” And so, we wrote a huge postmortem on, “Here's all the stupid things that we did that caused this hack to happen.” And by the way, it wasn't just us. It was AT&T, it was Google. I mean, there are a lot of people that ended up being involved.Corey: It builds trust with that stuff. It's painful in the short term, but I believe with the benefit of hindsight, it was clearly the right call.Matthew: And it was—and I remember, you know, pushing ‘publish' on the blog post and thinking, “This is going to be the end of the company.” And quite the opposite happened, which was all of a sudden, we saw just an incredible amount of people who signed up the next day saying, “If you're going to be that transparent about something that was incredibly embarrassing when you didn't have to be, then that's the sort of thing that actually makes me trust that you're going to be transparent the future.” And I think learning that lesson early on, has been just an incredibly valuable lesson for us and made us the company that we are today.Corey: A question that I have for you about the idea of there being no reason to charge in one direction but not the other. There's something that I'm not sure that I understand on this. If I run a website, to use your numbers of a terabit out—because it's a web server—and effectively nothing in—because it's a webserver; other than the request, nothing really is going to come in—that ingress bandwidth becomes effectively unused and also free. So, if I have another use case where I'm paying for it anyway, if I'm primarily caring about an outward direction, sure, you can send things in for free. Now, there's a lot of nuance that goes into that. But I'm curious as to what the—is their fundamental misunderstanding in that analysis of the bandwidth market?Matthew: No. And I think that's exactly, exactly right. And it's actually interesting. At Cloudflare, our infrastructure team—which is the one that manages our connections to the outside world, manages the hardware we have—meets on a quarterly basis with our product team. It's called the Hot and Cold Meeting.And what they do is they go over our infrastructure, and they say, “Okay, where are we hot? Where do we have not enough capacity?” If you think of any given server, an easy way to think of a server is that it has, sort of, four resources that are available to it. This is, kind of, vast simplification, but one is the connectivity to the outside world, both transit in and out. The second is the—Corey: Otherwise it's just a complicated space heater.Matthew: Yeah [laugh]. The other is the CPU. The other is the longer-term storage. We use only SSDs, but sort of, you know, hard drives or SSD storage. And then the fourth is the short-term storage, or RAM that's in that server.And so, at any given moment, there are going to be places where we are running hot, where we have a sort of capacity level that we're targeting and we're over that capacity level, but we're also going to be running cold in some of those areas. And so, the infrastructure team and the product team get together and the product team has requests on, you know, “Here's some more places we would be great to have more infrastructure.” And we're really good at deploying that when we need to, but the infrastructure team then also says, “Here are the places where we're cold, where we have excess capacity.” And that turns into products at Cloudflare. So, for instance, you know, the reason that we got into the zero-trust space was very much because we had all this excess capacity.We have 100 times the capacity of something like Zscaler across our network, and we can add that—that is primar—where most of our older products are all about outward traffic, the zero-trust products are all about inward traffic. And the reason that we can do everything that Zscaler does, but for, you know, a much, much, much more affordable prices, we going to basically just layer that on the network that already exists. The reason we don't charge for the bandwidth behind DDoS attacks is DDoS attacks are always about inbound traffic and we have just a ton of excess capacity around that inbound traffic. And so, that unused capacity is a resource that we can then turn into products, and very much that conversation between our product team and our infrastructure team drives how we think about building new products. And we're always trying to say how can we get as much utilization out of every single piece of equipment that we run everywhere in the world.The way we build our network, we don't have custom machines or different networks for every products. We build all of our machines—they come in generations. So, we're on, I think, generation 14 of servers where we spec a server and it has, again, a certain amount of each of those four [bits 00:39:22] of capacity. But we can then deploy that server all around the world, and we're buying many, many, many of them at any given time so we can get the best cost on that. But our product team is very much in constant communication with our infrastructure team and saying, “What more can we do with the capacity that we have?” And then we pass that on to our customers by adding additional features that work across our network and then doing it in a way that's incredibly cost-effective.Corey: I really want to thank you for taking the time to, basically once again, suffer slings and arrows about networking, security, cloud, economics, and so much more. If people want to learn more, where's the best place for them to find you?Matthew: You know, used to be an easy question to answer because it was just, you know, go on Twitter and find me but now we have all these new mediums. So, I'm @eastdakota on Twitter. I'm eastdakota.com on Bluesky. I'm @real_eastdakota on Threads. And so, you know, one way or another, if you search for eastdakota, you'll come across me somewhere out there in the ether.Corey: And we will, of course, put links to that in the show notes. Thank you so much for your time. I appreciate it.Matthew: It's great to talk to you, Corey.Corey: Matthew Prince, CEO and co-founder of Cloudflare. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an angry, insulting comment that I will of course not charge you inbound data rates on.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

In this episode:

Filip Verloy (@filipv, Field CTO at @NonameSecurity) talks about the latest trends in API security, how you could be a victim of a Moveit attack, and moreSHOW: 743CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Reduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appFind "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBESHOW NOTES:Noname Security (homepage)Moveit attack blogNoname academy - Learn about API securityTopic 1 - Welcome to the show. We've worked together in the past at previous companies, it's great to catch up again. For those out there that don't know you, tell us a little bit about your background, and how you got involved in API security.Topic 2 - We keep hearing about APIs and API security but in a roundabout way. We hear on tech news that data has been leaked, customer accounts and info got out. There have been many high profile, well known instances. What often isn't reported is the way in which the breaches happen. More times than not it is API's and improper security, correct?Topic 3 - What are the most common problems you see in organizations? What problems do folks bring you in to solve? Why isn't a WAF (web application firewall) enough?Topic 4 - Security, no matter the type, can be a tough sell sometimes. It's hard to do an ROI on something that hasn't happened for instance. What are your thoughts on this?Topic 5 - As a followup, who is the audience that has the budget? CISO's don't typically come from a developer background, true?Topic 6 - What are the typical steps on a journey towards securing APIs. Where do most folks start (assuming nothing, maybe a WAF at best) and how far does it go. Identification, automated remediation, etc.Topic 7 - It seems every industry is being impacted in some way by AI/ML. How do you see this playing a role in the future of API security?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

New Missions for your Horus Heresy games? ✅Horus Heresy Narrative Crusade System? ✅30k rules for the plastic Admech range to flesh out your mechanicum? ✅Playable Eldar in the Horus Heresy? ✅Oli from the Panoptica team is back on the podcast and talking about all the projects they've been up to to help bring some spice to your 30k games! Check it out as we cover all this in our latest episode!Timestamps:0:00 - Introduction5:49 - New Missions & a 30k crusade system to help flesh out your campaigns59:14 - Liber Ingenium: Unlocking the plastic Admech range for The Horus Heresy1:22:09 - Liber Antiquia: The Eldar have entered the 30k chat 2:00:07 - OutroPanoptica Links:Panoptica Missions & Campaign: https://hh-ageofdarkness.itch.io/liberpanopticaLiber Centura: https://hh-ageofdarkness.itch.io/libercenturaLiber Ingenium - 30k rules for the Plastic Admech range: https://hh-ageofdarkness.itch.io/liberingeniumLiber Antiquia - 30k Eldar Rules: https://hh-ageofdarkness.itch.io/liberantiquiaSponsors: Oil Spill Painting Studiohttps://linktr.ee/OilSpillPaintingStudioHangar 18 Hobbieshttps://www.hangar18hobbies.comMusic:Fall of Titan — Composer: Tim N Audio / Producer: SparksArtifexDark Side — Composer: Rafael FrostOutro — theo.schwertle@gmx.net

Dave Vellante (@dvellante, Cofounder & Co-CEO SiliconANGLE Media, co-host of @theCUBE) gives an update on the status of SuperClouds and talks about the recent SuperCloud 3 event. SHOW: 741CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:GCore - Global Hosting, CDN, Edge and Cloud ServicesUse promocode “CLOUDCAST” to receive a €100 credit on Gcore servicesFind "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:2022 Look Ahead to SuperClouds (Cloudcast Eps.586)SuperCloud 3 (event)SuperCloud 2 (event)The Rise of SuperCloud (2021)theCUBE (homepage)Topic 1 - Welcome back to the show. You cover everything, but where are your main focuses these days?Topic 2 - For anyone that's new to Cloudcast, or new to this concept of SuperCloud (which has evolved over time), give us the high-level overview of the concept.Topic 3 - Let's dive right into SuperCloud, since you just finished the SuperCloud 3 event. What were the big trends within the event?Topic 4 - The new focus on AI seems to have shown a new light on the location of data, and how well isolated data (and models) are from other companies. How do you see the concept of SuperCloud playing with new AI demands around data locality? Topic 5 - It seems like nobody is going to be able to afford the CAPEX required to do AI (GPUs) at scale except the big three hyperclouds. They are all going through various levels of economic challenges. Do you expect to see infrastructure becoming an AI bottleneck soon? Topic 6 - Are you seeing any companies or technologies breaking away from the pack with regard to the SuperCloud capabilities? Topic 7 - Where are you focusing on the next SuperCloud event and research? FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

At Cisco Live 2023, Cisco unveiled a range of solutions for SSE, network management, observability, and a new cloud-native application security solution called Panoptica. The event, which includes a performance by comedian Jim Gaffigan, highlighted Cisco's focus on simplifying user experiences and addressing the evolving needs of organizations. The security service edge (SSE) solution aims to streamline access and enhance hybrid work experiences, while the integration of generative AI into the Security Cloud improves security operations and efficiency. Cisco Networking Cloud offers a unified platform for network management, addressing challenges of complexity and fragmentation. The Full-Stack Observability (FSO) Platform brings together data from multiple domains, enabling comprehensive insights, while Panoptica provides end-to-end lifecycle protection for cloud native applications. We're getting more details on all of these products as part of Tech Field Day at Cisco Live, which included presentations from Cisco Security, ThousandEyes, and Enterprise Networking yesterday and cloud and compute, secure policy, and IoT today. Time Stamps: 0:00 - Welcome to the Rundown 1:03 - Riverbed Technology to be Acquired by Vector Capital 2:36 - China Cyber Actor Living Off The Land 6:30 - NetApp and Pure Storage Report Declines 9:43 - Cisco to Acquire Armorblox 12:53 - Nvidia briefly joins $1 trillion valuation club 16:04 - BlueCat Acquires Indeni 19:06 - Cisco Live Announcements 30:10 - The Weeks Ahead 32:11 - Thanks for Listening Follow our Hosts on Social Media Tom Hollingsworth: https://www.twitter.com/NetworkingNerd Stephen Foskett: https://www.twitter.com/SFoskett Jeff Ton: https://www.linkedin.com/in/jtonindy/ Follow Gestalt IT Website: https://www.GestaltIT.com/  Twitter: https://www.twitter.com/GestaltIT  LinkedIn: https://www.linkedin.com/company/GestaltIT Tags: #Rundown, @Riverbed @VectorCapitalAE, #China, @NetApp, @Cisco, @Armorblox, #AISecurity, #Cloud, @NVIDIA, @BlueCatNetwork, @Indeni, #CiscoLive, #CiscoLive2023, #TFDx

Join Josh and Daniel in this episode where we delve into the Liber Panoptica ruleset! In this episode, we are joined by Walrus, the team leader of the Panoptica project, to get a firm understanding of what the Liber Panoptica and Liber Centura rules are as well as a peak under the hood in the process of how rules are developed.We hope you enjoy the episode and see if Liber Panoptica would be useful to you!Links to the Episode: HH: Age of Darkness Discord serverhttps://discord.gg/Yu27ErP4Liber Panoptica PDF (FREE)https://hh-ageofdarkness.itch.io/liberpanopticaLiber Centura PDF (FREE)https://hh-ageofdarkness.itch.io/libercenturaSponsors:Oil Spill Painting Studiohttps://linktr.ee/OilSpillPaintingStudioMusic:Fall of Titan — Composer: Tim N Audio / Producer: SparksArtifexDark Side — Composer: Rafael FrostOutro — theo.schwertle@gmx.net

Businesses are shifting to microservice-based application architectures, which support rapid development with their flexibility, stability, security, and scale. At the same time, these architectures present new connectivity and security challenges that require us to move away from traditional approaches. In this session, we'll show how Cisco is applying its 30 years of networking leadership to cloud-native application architectures with Calisti, Cisco's new Service Mesh Manager. You'll also hear about Panoptica, the Cisco Secure Application Cloud, which applies Cisco security leadership to cloud-native architectures. Finally, we will have an open discussion about additional technology development initiatives led by Cisco's Emerging Technologies & Incubation team. Learn more Cisco Emerging Technologies & Incubation: https://eti.cisco.com/ Calisti (Cisco's Service Mesh Manager): https://calisti.app/ Panoptica (Cisco's Secure Application Cloud): https://panoptica.app/ Follow us https://twitter.com/CiscoChampion Hosts Dan Kelcher (twitter.com/ipswitch), Merdian IT, Enterprise Network and Cybersecurity Solutions Architect Richard Atkin (twitter.com/UKRichA), ITGL, Solution Architect Guest Tim Szigeti, Cisco, Principal Technical Marketing Engineer, ET&I Moderator Amilee San Juan (twitter.com/amileesan1), Cisco, Customer Voices and Cisco Champion Program

A conversation with Ariel Shuper about the need for Shift Left security and how Panoptica solves these challenges

Sintonía: "The Maestro" - Vigil "U.B. Jesus" (Loveshack Remix) - David Byrne; "Güero Canelo" (Nortec Mix by Panoptica, remixed by Roberto Mendoza) - Calexico; "En Movimiento" - Mr. Confuse; "E Nana" - Brasil Tropical; "Bagira" - Marta Szirmai; "Fool Moon in Gemini" - Vagabon; "Going Somewhere" - Mr. Confuse; "Whistling in Tongues" (Todd Terje Remix) - Felix Laband; "Forgotten Places" (Moodymann Remix) - Alif Tree; "Rugged Individuals" (feat. Count Bass D) - Harvey Lindo; "I See a Different You" - Koop; "Pacific Grand Orchestra" - Vigil  Escuchar audio

Down to only two usable mechs, Blitz and Noir do their best to hold off the remaining mechs, while Panoptica enters the APC to discover a horrific scene. “All This”, “Unseen Horrors”, “Chase Pulse”, “No Frills Salsa”, “Quirky Dog”, “Satiate Strings”, “Black Vortex”, "The Cannery" Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 creativecommons.org/licenses/by/3.0

In the heat of battle Panoptica is faced with a dangerous decision, Noir breaks down barriers and Blitz cuts the enemies down to size. “Space Explorers ”, “Chase ”, “Clash Defiant”, "The Cannery" Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 creativecommons.org/licenses/by/3.0

CEO Paul Chaney details the company’s plans to move forward with $11 million in new capital. He also recounts how his unplanned entry into ophthalmology led him to appreciate how special the specialty truly is. Chaney also explains why PanOptica’s pursuit of an eye-drop-based treatment for AMD and DR is personal.

391.org dadacast 37, featuring Escha, orrisroot, Burstbot, zedexx, Dental Dames, Panoptica, Jess and#9733;, babel and Anchor Mandeacute;jans. Read more at https://391.org/audio/391-org-dadacast-37/

El Festival 212 de RMX se llevó a cabo el día 10 de Septiembre de 2011, y aqui esta el cartel completo de los Artistas que se presentaron en la Av. Chapultepec de Guadalajara.Divididos en 4 escenarios, con una afluencia aproximada de 50,000 asistentes, fue un total exito.Programa Palitroche, estuvo presente en distintas carpas del Festival, tuvimos platicas con La Gusana Ciega, Los Angeles Negros, Descartes A Kant, Panoptica.Algunas canciones presentadas en este especial de 2 horas son versiones en vivo.Esperemos les guste este programa a los que lo escucharon, y si quieren revivir Ecos del Festival, no duden en escucharlo. =DEscucharDescargar

391.org dadacast 23 (New Year Jam), featuring Malcolm Laycock, Richard Huelsenbeck, Der Kinderbauernhof, Panoptica, Isham Jones, Bob Dobbs, antitram, Escha, Monkey, babel/binnorie, Marcel Duchamp, zedexx and The Menagerie. Read more at https://391.org/audio/391-org-dadacast-23/

391.org dadacast 16, featuring fauxpress, ReadeOnly, Wolfsinger, Syna Max, babel, suonho, Piano Orchestra Twin, Ben Dumbauld, zedexx, Der Kinderbauernhof, Binnorie, Escha and Panoptica. Read more at https://391.org/audio/391-org-dadacast-16/

391.org dadacast 6, featuring Escha, babel, Panoptica, Crna Trava, Iner Souster, zedexx and Watchman Nee. Read more at https://391.org/audio/391-org-dadacast-6/

391.org dadacast 3, featuring Seki Satake, Die Kinderbauernhof, Zwischenraumlich, The 404, Panoptica, Escha Romain, St.Lucy-du-Haha and babel. Read more at https://391.org/audio/391-org-dadacast-3/