Podcasts about rbac

Andrew Ambrosino leads development of the Codex desktop app at OpenAI. Nearly 100% of OpenAI employees—not just engineers—now use Codex weekly. A lifelong builder with a background spanning engineering, design, product management, and founding companies, he is now responsible for turning the Codex desktop experience into what he calls “the best desktop app that has ever existed, full stop.”In our in-depth conversation, we discuss:1. Why AI has completely flipped the product development process2. What “taste” really means as a professional skill, and why it is emerging as the most valuable capability in an AI-first workplace3. Why Andrew believes the Codex app would have failed if they launched it last November (vs. in February)4. The “zone defense” model for how product managers at OpenAI operate when everyone can build anything5. How roles are collapsed on Andrew's team, and why eliminating the concept of roles entirely is a big mistake6. How Andrew uses Codex to run his own workflows7. The vision for a home base that coordinates work across ChatGPT, Codex, and the tools people already use.—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and moreMercury—Radically different banking, now with Command—Episode transcript: https://www.lennysnewsletter.com/p/openais-codex-lead-on-the-new-shape—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Andrew Ambrosino:• X: https://x.com/ajambrosino• LinkedIn: https://www.linkedin.com/in/ajambrosino• Website: https://ambrosino.io—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Andrew Ambrosino(02:30) How AI is changing the shape of product work(06:32) When to use documents vs. prototypes(10:25) What “taste” actually means(12:06) Why AI is still bad at design(16:18) Is the design process really dead?(21:35) What the design process looks like on the Codex team(23:41) Are product functions disappearing?(27:22) Team structure(30:12) IC vs. management(31:37) Planning roadmaps(35:16) Building features that don't work yet(38:13) The ambition problem: when you're too AGI-pilled(39:17) The latest frontier: loops and autonomous development(52:05) How Andrew uses Codex to automate his entire job(46:52) The power of computer use and browser automation(49:10) Will we run all our SaaS apps inside Codex?(52:05) The future vision for Codex(57:20) The videographer who built a Premiere Pro extension with Codex(59:30) Failure corner(1:01:50) Lightning round(1:07:03) BTS: How our producer uses Codex for editing—References: https://www.lennysnewsletter.com/p/openais-codex-lead-on-the-new-shape—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

My guest today is Vlad Barbalat, the Chief Investment Officer of Liberty Mutual Investments, the $120 billion investment platform that sits within one of the largest insurance companies in the world.  Vlad grew up in Soviet Moldova, came to America in 1990, and built a career that eventually led him to one of the most distinctive capital allocator seats anywhere in finance.  Today we talk about how the mutual insurance structure creates a unique investment platform, what Liberty looks for in a new deal or partner, and what it means to build a career and a life in a country that gave you opportunities you never would have had anywhere else.  Please enjoy my conversation with Vlad Barbalat. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgeline.ai⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Timestamps: (00:00:00) Welcome to Invest Like The Best (00:00:53) Vlad Barbalat (00:01:28) The Most Interesting Seat in the Market (00:05:53) Breaking Down the $120B (00:10:41) How the Portfolio Is Constructed (00:11:00) The House View (00:13:49) What Liberty Looks for in a GP (00:16:32) Why Not Just Buy Bonds (00:18:30) Benefits of the Mutual Structure (00:23:40) The Luxury of the American Citizen Through Immigrant Eyes (00:30:26) How Immigration Shaped His Worldview (00:32:45) Direct Deals vs. GP Allocations (00:35:23) Branded Capital (00:39:07) Geopolitics & Investing (00:43:48) AI's Impact on Investing (00:46:22) The Valuation Debate (00:50:47) Public vs. Private Markets (00:53:53) Lessons from Goldman (00:54:41) Why Excellence Matters (00:57:30) Managing Permanent Capital (01:03:54) The Kindest Thing 

Shane Tews — Non-Resident Senior Fellow at AEI and the person who explained the internet to Capitol Hill No Password Required Season 7: Episode 7 – Shane Tews Shane Tews is a Non-Resident Senior Fellow at the American Enterprise Institute, where she focuses on cybersecurity, privacy, artificial intelligence, and internet governance. She is also President of Logan Circle Strategies, a strategic advisory firm working at the intersection of technology and policy. Before her think tank work, Shane helped introduce modems to the George H.W. Bush White House, walked the halls of Capitol Hill explaining the internet to blank-staring legislators, and spent years at VeriSign helping shape the foundational frameworks of how the internet would be governed. In this episode, Shane traces her unlikely path from the Bush administration to becoming one of Washington's most trusted voices on tech policy. She breaks down why regulating outcomes rather than inputs is the only sensible approach to technology governance, why the US and EU are operating from fundamentally different innovation philosophies, and why a national privacy bill is long overdue. She also explains why most organizations and individuals are far less protected than they think and why nobody knows who to call when something goes wrong. Jack Clabby and co-host Kayley Melton talk with Shane about legacy system vulnerabilities, the cybersecurity implications of agentic AI, and what policymakers absolutely must get right over the next decade. She also reflects on what the CISA reauthorization limbo means for companies that don't even know they've lost liability protection. In the Lifestyle Polygraph, Shane reveals she has 20,000 emails across eight accounts, admits she fakes laughs at bad jokes out of Midwestern politeness, shares her obsession with The Bear and Peaky Blinders, and tells us about her children's book project using Google Omni called "Shane on a Train." Follow Shane on LinkedIn and on X at @ShaneTews. Find her work at AEI.org and TechPolicyDaily.com. No Password Required is presented by ThreatLocker   In this episode: Shane's path from the George H.W. Bush White House to becoming Capitol Hill's go-to internet explainer (00:34 - 02:22) Why the Clinton-era multi-stakeholder model got internet governance right and what that means for policy today (04:40 - 06:13) The case for a national privacy bill and why 50 state standards aren't working (07:24 - 09:27) What AEI covers and how Shane thinks about riding the top of the wave across the entire tech policy stack (09:35 - 11:23) Legacy systems, vendor debt, and why outdated software is the easiest entry point for bad actors (11:30 - 13:34) The gap between how protected people think they are and how exposed they actually are, including a generational perspective on MFA (14:07 - 16:25) The biggest disconnect between everyday cyber reality and the policy world (16:59 - 20:35) Government readiness for a major cyber attack and why most people don't have a plan (20:54 - 22:32) How the US and EU innovation philosophies differ and why Europe's banking system is the real tech problem (22:41 - 25:38) The DeepSeek false narrative and where the US is leading vs. reacting on AI (25:45 - 29:21) The shift from AI features to AI coordination and what agentic AI means for cybersecurity permissions (29:28 - 32:16) What policymakers must get right on AI over the next 10 years (32:25 - 34:11) The Lifestyle Polygraph: inbox chaos, fake laughs, The Bear, and Shane on a Train (00:04 - 12:48)   Timestamp Highlights: (00:34) Shane's origin story: modems at the White House and blank stares on the Hill (04:40) Why the internet got policy right early on and what we can learn from it (07:24) The case for harmonizing breach standards with a national framework (11:30) Legacy systems and vendor debt as the easiest attack vectors (14:07) The real gap between how protected people think they are and how exposed they actually are (20:54) Government cyber readiness: do you know who to call when something goes wrong? (22:41) US vs. EU innovation: why Europe's banking system is the real tech problem (29:28) Agentic AI and the cybersecurity risks of permissions you forgot you gave (32:25) What policymakers must get right on AI over the next decade (06:44) Shane on a Train: using Google Omni to write a children's book series   Resources & Links: AEI.org — Shane's think tank home base TechPolicyDaily.com — Daily tech policy coverage ThreatLocker — Supporter of this podcast Cyber Florida — The Mother Ship  

Fiona Fung leads the teams behind Claude Code and Cowork at Anthropic (overseeing Boris Cherny and the entire engineering and PM team). Before Anthropic, she spent 11 years at Microsoft building Visual Studio and TypeScript and then moved to Meta, where she started Facebook Marketplace (now generating over $100 billion in GMV annually), worked on Meta's first smart glasses and AR glasses, and led infrastructure, growth, integrity, and safety teams at Instagram. She's been an engineer for over 25 years and has a unique perspective on how the role of building software is changing.In our in-depth conversation, we discuss:1. What she's learned about running a team that's shipping 8x more code than before2. Which roles AI will transform next3. Specific ways her team uses AI4. How Claude “routines” have changed how she operates as a manager5. The context-switching problem no one has solved yet6. The biggest unsolved problem in AI7. What keeps her up at night—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and more: https://workos.com/lennyMercury—Radically different banking, now with Command: https://mercury.com/—Where to find Fiona Fung:• LinkedIn: linkedin.com/in/fionafung—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Fiona Fung(02:31) How the engineering role has transformed over 25 years(09:28) What an AI-pilled software team looks like in 2026(12:26) Using Claude to manage and review team output(14:40) The evolution of code review and verification(16:55) Who to hire: creative builders and deep systems experts(18:18) The shift to ambitious thinking(19:40) The growth mindset required to thrive in AI-native teams(25:52) Helping small businesses adopt AI tools(31:46) How Anthropic spots latent demand and builds for it(35:08) The next frontier: asynchronous work with AI routines(38:06) Agency and accountability in AI-native teams(39:40) The vibe shift from token-maxing to ROI measurement(44:24) The “bad vs. sad” quality framework(49:34) Why all managers start as ICs at Anthropic(55:24) Preventing skill atrophy(58:43) Managing context switching with 20 AI agents running(1:00:08) How PM and data science roles are transforming(1:03:40) The importance of dogfooding and using your own product(1:08:36) Outstanding questions(1:12:48) The future of engineering jobs and education(1:17:59) What keeps Fiona up at night: team culture at scale(1:22:53) From six-month roadmaps to JIT (just-in-time) monthly planning(1:27:03) Lightning round—References: https://www.lennysnewsletter.com/p/building-the-most-ai-pilled-engineering—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

My guest today is Kareem Amin, co-founder and CEO of Clay. Clay has become one of the fastest-growing software companies of the last few years, valued at over four billion dollars. It helps companies find their best customers and reach them at scale. But this conversation is about a lot more than Clay. Kareem is one of the most original thinkers I know.  We talk about the statues he keeps at the center of how he runs Clay — truth, justice, and courage — and what those words demand of him in practice. We talk about risk, ambition, and what he learned about both on a ten-day silent meditation retreat.  I've had a lot of conversations with Kareem over the years. This is one I'll remember. Please enjoy this unique conversation with Kareem Amin. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Kareem Amin (00:03:07) Clay's Origin (00:10:50) Truth, Courage and Justice (00:16:09) Adulation (00:18:28) Risk, Courage & Self-Respect (00:21:14) Jony Ive & Steve Jobs (00:21:42) Role of Introspection (00:23:08) Lack to Wholeness (00:27:27) The Day Five Insight (00:29:57) Running a Startup Unusually (00:34:41) Learning from Magicians (00:36:27) Music's Role in Your Life (00:39:38) Making People Feel Something New (00:41:20) Vision in Company Building (00:44:29) Wealth & What It's Taught You (00:47:40) All Problems Are Communication Problems (00:52:14) Death Doula & Scaling (00:55:06) The Kindest Thing

Business relationships are complex and traditional IAM wasn't built for them. In this episode, Matthias Reinwarth sits down with Principal analyst John Tolbert, author of KuppingerCole Analysts' first-ever B2B IAM Leadership Compass, to explore why Business-to-Business Identity and Access Management is emerging as its own distinct market and what it takes to get it right. Key Topics:✅ Why B2B IAM sits between workforce IAM and CIAM — and why neither alone is sufficient✅ Delegated administration: handing identity governance to partner and supplier organizations✅ Federation, lifecycle management, and the risks of trusting external HR processes✅ "Know Your Business" — vetting organizations, sanctions screening, and org-level trust✅ Fine-grained authorization: why RBAC falls short and ABAC/RBAC are taking over✅ Agentic AI in B2B IAM: agents acting on behalf of external organizations Supply chains with thousands of partner organizations, freelancers with hour-long access windows, and AI agents acting on behalf of external companies B2B IAM has to handle all of it. KuppingerCole Analysts' first B2B IAM Leadership Compass is out now read it alongside this episode to get the full picture of an emerging market you can't afford to ignore.

Business relationships are complex and traditional IAM wasn't built for them. In this episode, Matthias Reinwarth sits down with Principal analyst John Tolbert, author of KuppingerCole Analysts' first-ever B2B IAM Leadership Compass, to explore why Business-to-Business Identity and Access Management is emerging as its own distinct market and what it takes to get it right. Key Topics:✅ Why B2B IAM sits between workforce IAM and CIAM — and why neither alone is sufficient✅ Delegated administration: handing identity governance to partner and supplier organizations✅ Federation, lifecycle management, and the risks of trusting external HR processes✅ "Know Your Business" — vetting organizations, sanctions screening, and org-level trust✅ Fine-grained authorization: why RBAC falls short and ABAC/RBAC are taking over✅ Agentic AI in B2B IAM: agents acting on behalf of external organizations Supply chains with thousands of partner organizations, freelancers with hour-long access windows, and AI agents acting on behalf of external companies B2B IAM has to handle all of it. KuppingerCole Analysts' first B2B IAM Leadership Compass is out now read it alongside this episode to get the full picture of an emerging market you can't afford to ignore.

Mark Pincus founded Zynga—the company behind Words With Friends, FarmVille, and Zynga Poker—and has arguably created more hit consumer products than anyone in history. At Zynga, eight of 10 major game launches became massive hits, reaching over a billion players. Over the past five years, Mark has been synthesizing everything he's learned about building successful consumer products and turning it into a book, Life at the Speed of Play, which comes out on June 23. This is the first interview he's done about the book.In our in-depth conversation, we discuss:1. His “Proven, Better, New” framework: copy what's proven, make it better so that 10 out of 10 people say “f*ck yes, I'll use this”—then add something new2. Why being less ambitious is the path to the most ambitious ideas3. His rule of thumb that your instincts are right 95% of the time, but your ideas are wrong 75% of the time4. “Kill hope before hope kills you”5. How to raise kids in the age of AI—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and moreVanta—Automate compliance, manage risk, and accelerate trust with AI—Episode transcript: https://www.lennysnewsletter.com/p/the-common-pattern-behind-successful—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Mark Pincus:• X: https://x.com/markpinc• LinkedIn: https://www.linkedin.com/in/markpincus• Website: https://www.lifeatthespeedofplay.com—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Mark Pincus(02:46) The Proven Better New framework overview(07:29) Earning the right to innovate(08:30) What “better” really means(12:03) Quick summary of the framework(12:40) Examples of the framework in action(13:30) How to use proven correctly on your platform(15:13) The moral arbitrage of copying(23:55) Be less ambitious(28:25) The Bolt.new story and staying humble(33:15) Kill hope before hope kills you(37:00) Using AI as a failure machine(40:08) Why Zynga's games succeeded (it wasn't virality)(48:36) The future of consumer social apps(57:05) How to know if your product is a B+(1:01:25) Distribution in the age of AI(1:15:39) Make everyone a CEO(1:18:18) Stay close to the metal(1:21:35) Why Mark says micromanagement is beautiful(1:23:35) The expert witness(1:25:05) The number one job of a CEO is to be right(1:26:35) What Mark is teaching his five kids(1:35:14) Mark's “why”(1:37:08) Mark's new book: Life at The Speed of Play—Referenced:• Tribe.net: https://en.wikipedia.org/wiki/Tribe.net• Zynga: https://www.zynga.com• Sid Meier: https://en.wikipedia.org/wiki/Sid_Meier• Electronic Arts: https://www.ea.com• CityVille: https://en.wikipedia.org/wiki/CityVille• Words With Friends: https://wordswithfriends.com/• Scrabble: https://playscrabble.com• Reddit: https://www.reddit.com• TED Radio Hour, MIT Media Lab founder, 1984 TED talk.: https://www.ted.com/talks/nicholas_negroponte_5_predictions_from_1984• Peter Thiel on LinkedIn: https://www.linkedin.com/in/peterthiel• FarmVille: https://en.wikipedia.org/wiki/FarmVille• Craig Newmark: https://en.wikipedia.org/wiki/Craig_Newmark• How to consistently go viral: Nikita Bier's playbook for winning at consumer apps (co-founder of TBH, Gas, advisor, investor): https://www.lennysnewsletter.com/p/how-to-consistently-go-viral-nikita-bier• Angry Birds: https://www.angrybirds.com/• OMGPop: https://en.wikipedia.org/wiki/OMGPop• Draw Something: https://en.wikipedia.org/wiki/Draw_Something• Slack founder: Mental models for building products people love ft. Stewart Butterfield: https://www.lennysnewsletter.com/p/slack-founder-stewart-butterfield• Brian Chesky's new playbook: https://www.lennysnewsletter.com/p/brian-cheskys-contrarian-approach• Garry Tan on LinkedIn: https://www.linkedin.com/in/garrytan• Brian Armstrong on LinkedIn: https://www.linkedin.com/in/barmstrong• Jason Citron on X: https://x.com/jasoncitron• Stanislav Vishnevskiy on LinkedIn: https://www.linkedin.com/in/svishnevskiy• Jeff Bezos on X: https://x.com/JeffBezos• Andy Jassy on X: https://x.com/ajassy• Niantic: https://nianticlabs.com• Pokémon Go: https://pokemongo.com• Bing Gordon on LinkedIn: https://www.linkedin.com/in/binggordon—Recommended book:• Life at the Speed of Play: Launch Products People Love!: https://www.amazon.com/Life-Speed-Play-Launch-Products/dp/0063352575/ref=tmm_hrd_swatch_0—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

Invest Like the Best: Read the notes at at podcastnotes.org. Don't forget to subscribe for free to our newsletter, the top 10 ideas of the week, every Monday --------- My guest today is Alex Sacerdote, founder of Whale Rock Capital Management.  Whale Rock is a technology focused investment firm that manages more than $17 billion across hedge fund, long only, and hybrid strategies. Over the past three years it has been one of the best performing hedge funds, compounding at roughly 44 percent a year. Alex invests through a single lens that he has refined over twenty years. He looks for technology S-curves, durable competitive advantages, and underappreciated earnings power.  This conversation is a tour through how he applies that framework right now. We start with his highest conviction position, which is Anthropic, and use it to work through the entire AI stack from chips to models to applications.  Please enjoy my conversation with Alex Sacerdote. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:00:00) Welcome to Invest Like The Best (00:02:29) Alex Sacerdote (00:03:08) Anthropic: Highest Conviction Position (00:13:23) Investing in Private Markets at Scale (00:19:08) S-Curves: The Full Framework (00:25:08) When to Buy Tech Companies (00:30:20) Identifying the Leader from the Pack (00:34:04) Anthropic & OpenAI's Competitive Moats (00:37:31) AI's Threat to Enterprise Software (00:43:18) Network Effects in the Agent Era (00:44:22) The Hardware Renaissance: Chips & Infrastructure (00:53:56) Why So Few Investors Get This Right (00:55:36) Key Risks to the AI Bull Case (00:57:47) The Application Layer (00:59:40) How AI Is Changing Research at WhaleRock (01:02:53) The Role of Investor Networks & Idea Sharing (01:03:40) Building a Multi-Product Firm (01:07:58) WhaleRock as a Learning Machine (01:09:15) The Kindest Thing

My guest today is Alex Sacerdote, founder of Whale Rock Capital Management.  Whale Rock is a technology focused investment firm that manages more than $17 billion across hedge fund, long only, and hybrid strategies. Over the past three years it has been one of the best performing hedge funds, compounding at roughly 44 percent a year. Alex invests through a single lens that he has refined over twenty years. He looks for technology S-curves, durable competitive advantages, and underappreciated earnings power.  This conversation is a tour through how he applies that framework right now. We start with his highest conviction position, which is Anthropic, and use it to work through the entire AI stack from chips to models to applications.  Please enjoy my conversation with Alex Sacerdote. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:00:00) Welcome to Invest Like The Best (00:02:29) Alex Sacerdote (00:03:08) Anthropic: Highest Conviction Position (00:13:23) Investing in Private Markets at Scale (00:19:08) S-Curves: The Full Framework (00:25:08) When to Buy Tech Companies (00:30:20) Identifying the Leader from the Pack (00:34:04) Anthropic & OpenAI's Competitive Moats (00:37:31) AI's Threat to Enterprise Software (00:43:18) Network Effects in the Agent Era (00:44:22) The Hardware Renaissance: Chips & Infrastructure (00:53:56) Why So Few Investors Get This Right (00:55:36) Key Risks to the AI Bull Case (00:57:47) The Application Layer (00:59:40) How AI Is Changing Research at WhaleRock (01:02:53) The Role of Investor Networks & Idea Sharing (01:03:40) Building a Multi-Product Firm (01:07:58) WhaleRock as a Learning Machine (01:09:15) The Kindest Thing

Tony Fadell created the iPod, co-created the iPhone, and founded Nest (which he sold to Google for $3.2 billion). He's co-authored over 300 patents, was part of the legendary team at General Magic, and wrote one of the most important and inspiring books for builders, called Build.In our in-depth conversation, we discuss:1. The heated internal debates about whether the iPhone should have a physical keyboard2. Why opinion-based decisions are essential for v1 products3. Why marketing matters as much as the product itself, and how the iPod almost failed4. Why voice will eventually become the primary interface with AI5. Why cognitive surrender to AI is the biggest risk facing product builders today—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and more: https://workos.com/lennyVanta—Automate compliance, manage risk, and accelerate trust with AI: https://vanta.com/lenny—Episode transcript: https://www.lennysnewsletter.com/p/father-of-the-ipod-and-iphone-on—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Tony Fadell:• X: https://x.com/tfadell• LinkedIn: https://www.linkedin.com/in/tonyfadell• Website: https://www.buildc.com—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Tony Fadell(02:23) The Blackberry vs. iPhone keyboard debate(07:50) Micromanaging vs. kind lies: what great products actually need(15:57) The Nest thermostat and smoke alarm story(21:22) How to decide what's worth building: pain plus new technology(27:36) The three-generation rule: why nothing works the first time(34:20) The full customer journey: why marketing defines your product(40:53) The power of storytelling and the press-release-first approach(48:37) The evolution of product management and the builder role(50:27) Why AI-generated code creates brittle, unmaintainable products(58:00) Storytelling techniques(1:05:45) The next iPhone(1:13:15) Hardware is back(1:17:01) What Tony is most excited about(1:21:38) Working with Tony(1:25:36) Ethics, morals, and the responsibility of product builders(1:32:40) How to connect with Tony and Build Collective—References: https://www.lennysnewsletter.com/p/father-of-the-ipod-and-iphone-on—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

How do all your devices connect and stay safe in the cloud? In this episode, Lois Houston and Nikita Abraham talk with OCI instructors about the basics of how networks work and the simple steps that help protect them. You'll learn how information gets from one place to another, why tools like switches, routers, and firewalls are important, and what goes into keeping access secure. The discussion also covers how organizations decide who can enter their systems and how they keep track of activity.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Radhika Banka, and the OU Studio Team for helping us create this episode.   ---------------------------------------------------------   Episode Transcript:  00:00 Hi there! We're hitting rewind for the next few weeks and bringing back some of our most popular episodes. So, sit back and enjoy these highlights from our archive. 00:12 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:38 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hi everyone! In the last episode, we spoke about local area networks and domain name systems. Today, we'll continue our conversation on the fundamentals of networking, covering a variety of important topics.  01:03 Lois: That's right, Niki. And before we close, we'll also touch on the basics of security. Joining us today are two OCI instructors from Oracle University: Sergio Castro and Orlando Gentil. So glad to have you both with us guys. Sergio, with so many users and devices connecting to the internet, how do we make sure everyone can get online? Can you break down what Network Address Translation, or NAT, does to help with this? Sergio: The world population is bigger than 4.3 billion people. That means that if we were to interconnect every single human into the internet, we will not have enough addresses. And not all of us are connected to the internet, but those of us who are, you know that we have more than one device at our disposal. We might have a computer, a laptop, mobile phones, you name it. And all of them need IP addresses. So that's why Network Address Translation exists because it translates your communication from a private IP to a public IP address. That's the main purpose: translate. 02:18 Nikita: Okay, so with NAT handling the IP translation, how do we ensure that the right data reaches the right device within a network? Or to put it differently, what directs external traffic to specific devices inside a network? Sergio: Port forwarding works in a reverse way to Network Address Translation. So, let's assume that this PC here, you want to turn it into a web server. So, people from the outside, customers from the outside of your local area network, will access your PC web server. Let's say that it's an online store. Now all of these devices are using the same public IP address. So how would the traffic be routed specifically to this PC and not to the camera or to the laptop, which is not a web server, or to your IP TV? So, this is where port forwarding comes into play. Basically, whenever it detects a request coming to port, it will route it and forward that request to your PC. It will allow anybody, any external device that wants to access this particular one, this particular web server, for the session to be established. So, it's a permission that you're allowing to this PC and only to this PC. The other devices will still be isolated from that list. That's what port forwarding is. 03:48 Lois: Sergio, let's talk about networking devices. What are some of the key ones, and what role do they play in connecting everything together? Sergio: There's plenty of devices for interconnectivity. These are devices that are different from the actual compute instances, virtual machines, cameras, and IPTV. These are for interconnecting networks. And they have several functionalities. 04:11 Nikita: Yeah, I often hear about a default gateway. Could you explain what that is and why it's essential for a network to function smoothly? Sergio: A gateway is basically where a web browser goes and asks a service from a web server. We have a gateway in the middle that will take us to that web server. So that's basically is the router. A gateway doesn't necessarily have to be a router. It depends on what device you're addressing at a particular configuration. So, a gateway is a connectivity device that connects two different networks. That's basically the functionality.  04:47 Lois: Ok. And when does one use a default gateway? Sergio: When you do not have a specific route that is targeting a specific router. You might have more than one router in your network, connecting to different other local area networks. You might have a route that will take you to local area network B. And then you might have another router that is connecting you to the internet. So, if you don't have a specific route that will take you to local area network B, then it's going to be utilizing the default gateway. It directs data packets to other networks when no specific route is known. In general terms, the default gateway, again, it doesn't have to be a router. It can be any devices. 05:34 Nikita: Could you give us a real-world example, maybe comparing a few of these devices in action, so we can see how they work together in a typical network? Sergio: For example, we have the hub. And the hub operates at the physical layer or layer 1. And then we have the switch. And the switch operates at layer 2. And we also have the router. And the router operates at layer 3. So, what's the big difference between these devices and the layers that they operate in? So, hubs work in the physical layer of the OSI model. And basically, it is for connecting multiple devices and making them act as a single network segment. Now, the switch operates at the data link layer and is basically a repeater, and is used for filtering content by reading the addresses of the source and destination. And these are the MAC addresses that I'm talking about. So, it reads where the packet is coming from and where is it going to at the local area network level. It connects multiple network segments. And each port is connected to a different segment. And the router is used for routing outside of your local area network, performs traffic directing functions on the internet. A data packet is typically forwarded from one router to another through different networks until it reaches its destination node. The switch connects multiple network segments. And each port of the switch is connected to a different segment. And the router performs traffic directing functions on the internet. It takes data from one router to another, and it works at the TCP/IP network layer or internet layer. 07:34 Lois: Sergio, what kind of devices help secure a network from external threats? Sergio: The network firewall is used as a security device that acts as a barrier between a trusted internal network and an untrusted external network, such as the internet. The network firewall is the first line of defense for traffic that passes in and out of your network. The firewall examines traffic to ensure that it meets the security requirements set by your organization, or allowing, or blocking traffic based on set criteria. And the main benefit is that it improves security for access management and network visibility. 08:23 Are you keen to stay ahead in today's fast-paced world? We've got your back! Each quarter, Oracle rolls out game-changing updates to its Fusion Cloud Applications. And to make sure you're always in the know, we offer New Features courses that give you an insider's look at all of the latest advancements. Don't miss out! Head over to mylearn.oracle.com to get started.  08:48 Nikita: Welcome back! Sergio, how do networks manage who can and can't enter based on certain permissions and criteria? Sergio: The access control list is like the gatekeeper into your local area network. Think about the access control list as the visa on your passport, assuming that the country is your local area network. Now, when you have a passport, you might get a visa that allows you to go into a certain country. So the access control list is a list of rules that defines which users, groups, or systems have permissions to access specific resources on your networks.  It is a gatekeeper, that is going to specify who's allowed and who's denied. If you don't have a visa to go into a specific country, then you are denied. Similar here, if you are not part of the rule, if the service that you're trying to access is not part of the rules, then you cannot get in. 09:49 Lois: That's a great analogy, Sergio. Now, let's turn our attention to one of the core elements of network security: authentication and authorization. Orlando, can you explain why authentication and authorization are such crucial aspects of a secure cloud network? Orlando: Security is one of the most critical pillars in modern IT systems. Whether you are running a small web app or managing global infrastructure, every secure system starts by answering two key questions. Who are you, and what are you allowed to do? This is the essence of authentication and authorization. Authentication is the first step in access control. It's how a system verifies that you are who you claim to be. Think of it like showing your driver's license at a security checkpoint. The guard checks your photo and personal details to confirm your identity. In IT systems, the same process happens using one or more of these factors. It will ask you for something you know, like a password. It will ask you for something that you have, like a security token, or it will ask you for something that you are, like a fingerprint. An identity does not refer to just a person. It's any actor, human or not, that interacts with your systems. Users are straightforward, think employees logging into a dashboard. But services and machines are equally important. A backend API may need to read data from a database, or a virtual machine may need to download updates. Treating these non-human identities with the same rigor as human ones helps prevent unauthorized access and improves visibility and security. After confirming your identity, can the system move on to deciding what you're allowed to access? That's where authorization comes in. Once authentication confirms who you are, authorization determines what you are allowed to do. Sticking with the driver's license analogy, you've shown your license and proven your identity, but that doesn't mean that you can drive anything anywhere. Your license class might let you drive a car, not a motorcycle or a truck. It might be valid in your country, but not in others. Similarly, in IT systems, authorization defines what actions you can take and on which resources. This is usually controlled by policies and roles assigned to your identity. It ensures that users or services only get access to the things they are explicitly allowed to interact with. 12:47 Nikita: How can organizations ensure secure access across their systems, especially when managing multiple users and resources?  Orlando: Identity and Access Management governs who can do what in our systems. Individually, authentication verifies identity and authorization grants access. However, managing these processes at scale across countless users and resources becomes a complex challenge. That's where Identity and Access Management, or IAM, comes in. IAM is an overarching framework that centralizes and orchestrates both authentication and authorization, along with other critical functions, to ensure secure and efficient access to resources.  13:35 Lois: And what are the key components and methods that make up a robust IAM system? Orlando: User management, a core component of IAM, provides a centralized Identity Management system for all user accounts and their attributes, ensuring consistency across applications. Key functions include user provisioning and deprovisioning, automating account creation for new users, and timely removal upon departure or role changes. It also covers the full user account lifecycle management, including password policies and account recovery. Lastly, user management often involves directory services integration to unify user information. Access management is about defining access permissions, specifically what actions users can perform and which resources they can access. A common approach is role-based access control, or RBAC, where permissions are assigned to roles and users inherit those permissions by being assigned to roles. For more granular control, policy-based access control allows for rules based on specific attributes. Crucially, access management enforces the principle of least privilege, granting only the minimum necessary access, and supports segregation of duties to prevent conflicts of interest. For authentication, IAM systems support various methods. Single-factor authentication, relying on just one piece of evidence like a password, offers basic security. However, multi-factor authentication significantly boosts security by requiring two or more distinct verification types, such as a password, plus a one-time code. We also have biometric authentication, using unique physical traits and token-based authentication, common for API and web services. 15:46 Lois: Orlando, when it comes to security, it's not just about who can access what, but also about keeping track of it all. How does auditing and reporting maintain compliance? Orlando: Auditing and reporting are essential for security and compliance. This involves tracking user activities, logging all access attempts and permission changes. It's vital for meeting compliance and regulatory requirements, allowing you to generate reports for audits. Auditing also aids in security incident detection by identifying unusual activities and providing data for forensic analysis after an incident. Lastly, it offers performance and usage analytics to help optimize your IAM system.  16:35 Nikita: That was an incredibly informative conversation. Thank you, Sergio and Orlando, for sharing your expertise with us. If you'd like to dive deeper into these concepts, head over to mylearn.oracle.com and search for the Cloud Tech Jumpstart course. Lois: I agree! This was such a great conversation! Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 16:58 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.  

My guest today is Dara Khosrowshahi, the CEO of Uber. Before Uber, Dara ran Expedia for thirteen years. We start with why he took this job in 2017, and a big part of that story is Daniel Ek, who told him that life is not about happiness, it is about impact. We talk about what the chaos felt like on day one, and how his family leaving Iran when he was nine shaped the way he handles pressure today.  We spend most of our time on autonomous vehicles and Uber's role as the demand aggregator in a world of physical AI. Dara explains why Uber is a supply-led company, what it will take to win, and why he expects many winners in AVs rather than one.  We also discuss Uber's $10 billion in free cash flow, the push toward a single app for everything, and what he has learned from Allen & Co, Barry Diller and Reed Hastings. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Intro to Dara Khosrowshahi (00:03:37) How Daniel Ek Convinced Dara to Take the Uber Job (00:06:54) Bringing Order to Chaos (00:09:20) Managing Stress as a Leader (00:11:22) The Chip on His Shoulder (00:12:53) Parenting Lessons (00:17:01) Mandate for AI Adoption (00:21:21) Uber's Role in Physical AI (00:22:48) Winning the AV Demand Race (00:27:41) Partnering vs. Competing with Waymo (00:32:05) AV Success Unlocks New Markets (00:35:09) Why Drones Haven't Arrived Yet (00:36:27) Regional AV Rollout Differences (00:37:35) Uber Eats International Winning Formula (00:39:44) Key to Aggregating Supply Well (00:44:34) Adding Hotels to Uber Platform (00:50:46) Lessons in Marketing at Scale (00:52:59) Apps vs. AI Agents in Seven Years (00:54:08) What Dara Learned from Barry Diller (00:56:52) What Dara Learned from Allen & Co (01:00:09) Buybacks vs. Growth Investing (01:04:17) Lessons from Reed Hastings (01:05:49) The Kindest Thing

Benedict Evans is an independent analyst and former partner at Andreessen Horowitz, where he spent years as their in-house “thinker” tracking the most important technology trends. For the past six years, he's been publishing deeply researched presentations on where tech is heading, most recently focused on AI's transformation of the economy. His work is read by founders, investors, and operators trying to make sense of a noisy field. His most controversial opinion: AI is as big a deal as the internet or mobile—and only as big.In our in-depth conversation, we discuss:1. Why we're in “1997” for AI—early, exciting, and deeply uncertain about what comes next2. Where value will actually accrue in the AI stack3. The anti-AI backlash, and where it may lead4. The surprising boom in consulting and professional services at AI companies5. Why distribution is becoming the ultimate moat as software gets easier to build6. Why the right question about your job isn't “What percent can AI do?” but “Is this a task or a job?”7. Why things will probably be okay—and what you need to do to prepare—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and more: https://workos.com/lennyVanta—Automate compliance, manage risk, and accelerate trust with AI: https://vanta.com/lenny—Episode transcript: https://www.lennysnewsletter.com/p/a-rational-conversation-on-where—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Benedict Evans:• LinkedIn: https://www.linkedin.com/in/benedictevans• Newsletter: https://www.ben-evans.com/newsletter• Website: https://www.ben-evans.com—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Benedict Evans(02:19) What people aren't pricing in about AI's impact(06:24) Why we're in the 1997 moment of AI(09:44) The unexpected boom in professional services and consultants(17:44) Why distribution is becoming the ultimate moat(23:17) The coming job transformation: what's real vs. panic(27:33) Why AGI definitions keep shifting(38:11) Where value will accrue: models vs. applications(42:55) Distribution wars: Google, Meta, Apple, and OpenAI(48:12) The anti-AI sentiment and backlash(53:11) How to raise kids in an AI future(58:27) What jobs to steer toward or away from(59:20) The question nobody's asking about AI(1:06:25) How to be successful in this coming future(1:08:43) AI corner(1:11:43) Lightning round—Referenced: https://www.lennysnewsletter.com/p/a-rational-conversation-on-where—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

My guest today is Dan Loeb, the founder and CEO of Third Point.  Dan started Third Point in 1995 with a few million dollars, and today the firm manages over 24 billion across equities, corporate and structured credit, venture, and insurance.  He is best known for his activist work at companies like Sotheby's, Sony, and Yahoo, and for the public letters he has written to boards over the years. What I find most interesting about Dan is how much his approach has evolved across thirty years.  He came up as a credit and event-driven investor at Warburg Pincus and Jefferies, built Third Point, then layered in quality investing, thematic technology investing, and now a very large credit business that sits alongside the hedge fund. We cover how he thinks about the AI stack and the companies inside it he believes matter most, the difference between good and bad governance, what FTX taught him about due diligence, the Sony and Sotheby's stories, and the power of writing. Please enjoy my conversation with Dan Loeb. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Dan Loeb (00:03:21) Mental Models Information Overload (00:06:50) Dan's Identity as an Investor (00:11:24) The End of Classic Event-Driven Investing (00:13:52) Evolving Strategy Over 30 Years (00:17:48) Return Opportunities in Today's Market (00:21:12) Sources of Alpha for Fundamental Investors (00:22:10) Good vs. Bad Governance (00:26:17) Writing as an Investing Tool (00:27:29) The Sotheby's Story (00:30:04) Activism Opportunities Today (00:31:03) Third Point's Evolution to 60% Credit (00:36:10) Dan as Sole Portfolio Manager (00:38:09) Value Investor Perspective on Today's Market (00:39:23) Investing Outside the US (00:40:33) The Sony Activism Story (00:43:59) Lessons from 30 Years of Investing (00:46:26) Danaher and Operational Excellence (00:48:48) Building the Insurance Liability Business (00:51:19) The FTX Story (00:53:07) Leading a Team Through Uncertainty (00:54:29) Where Third Point Is Most Contrarian (00:56:22) What Makes a Great Analyst Today (00:58:12) The Next 10 Years (01:00:24) The Kindest Thing

My guest today is Darren Farber, and this is his second appearance on the show. Darren is a Managing Partner of Albion River, a defense-focused investment firm and he previously served as a special advisor to the Deputy Under Secretary of Defense. We recorded this conversation in the middle of the Iranian contingency, and we spent most of our time on what winning actually means in a theater like Iran. We discuss why magazine depth matters for the American industrial base, lessons from Ukraine, and what the rise of neo-prime defense companies will require from Congress. Please enjoy my second conversation with Darren Farber. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Darren Farber Intro (00:02:59) Defining What Winning Looks Like in Iran (00:12:16) The Strait of Hormuz (00:13:27) Eisenhower vs. Taylor: Two Military Doctrines Explained (00:17:12) US Military Readiness vs. the Pentagon Era (00:20:05) America's Magazine Depth (00:21:36) China's Vulnerability (00:25:28) Trading Freedom for Security (00:27:31) Today's Industrial Base (00:29:30) Lessons from the Ukraine War (00:31:11) Impact of Iran Conflict on Taiwan Risk (00:33:02) What Neo-Prime Defense Companies Need to Succeed (00:39:53) Can We Win Without Full Regime Change in Iran? (00:45:46) AI's Impact on Modern Warfare

Dan Shipper is the co-founder and CEO of Every, a media and software company that's become a living laboratory for the future of work. Everyone at his company of about 30 people is an AI early adopter; from editors to ops people, they use AI to do much of their work, giving Every a unique lens into where the world is heading. A year ago on this show, Dan predicted that people were sleeping on Claude Code for nontechnical work, which proved to be remarkably prescient. Today he's back with another set of calls: the SaaS apocalypse is dumb, CLIs are over, the forward deployed engineer is the most valuable new hire, and the only thing you need to do to stay employed is ride the models.Dan's predictions:1. The future of work will happen inside Codex or Claude Code.2. Every company will have one “super-agent” inside their Slack that every employee talks to regularly.3. SaaS is not dead—in fact, Dan is bullish on SaaS stocks. His contrarian take: “I would buy SaaS stocks right now.”4. SaaS economics will shift: users will bring their own AI tokens into apps, which actually improves SaaS margins.5. PMs will thrive in the AI era.6. Full-stack designers will become superheroes.7. The AI job apocalypse is not happening.8. Forward deployed engineer is the new most essential role.9. CLIs are over.10. Automation is a lie.11. We will read way more AI-generated writing and we will like it.12. We'll be building software for humans and agents to use together.—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and more: https://workos.com/lennyVanta—Automate compliance, manage risk, and accelerate trust with AI: https://vanta.com/lenny—Episode transcript: https://www.lennysnewsletter.com/p/the-ai-paradox-dan-shipper—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Dan Shipper:• X: https://x.com/danshipper• LinkedIn: https://www.linkedin.com/in/danshipper/• Podcast: https://every.to/podcast• Website: https://danshipper.com—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Dan Shipper(02:56) Dan's unique position living in the AI future(09:17) How the way we work will change in the coming year(16:39) The case for general agents(18:08) Codex and Claude Code as the new operating system for work(25:39) How Cursor fits in(27:42) How this changes what SaaS companies should build(31:13) Why CLI is already over(33:34) Two agents are better than one(36:22) Why Dan is bullish on SaaS stocks(39:01) Why automation doesn't reduce human work(47:00) The value of human-written code(48:36) Quick recap(50:15) How work is changing(56:17) Why data scientists are drowning in bad analysis(58:24) Which product/tech roles are least changed by AI(1:02:17) We will read way more AI-generated writing and we will like it(1:08:28) Why product managers will dominate the AI era(1:11:05) Full-stack designers are the other big winners(1:13:11) The AI job apocalypse won't happen(1:16:00) How to “ride the models” to stay relevant(1:21:02) Final predictions and advice(1:25:24) Lightning round—References: https://www.lennysnewsletter.com/p/the-ai-paradox-dan-shipper—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

My guest today is Gavin Baker, founding partner and CIO of Atreides Management, and this is our sixth conversation. The central theme is watts and wafers, the two physical constraints that in Gavin's view will dictate the next phase of AI. On power, he thinks the near-term shortage starts to ease in 2027 and 2028 as new sources of energy come online, and that orbital compute solves it in the long term. On wafers, he explains what is different this time from the dotcom bubble and why TSMC's capacity decisions may be the single most important variable to watch. We also discuss Elon's Terrafab, the disaggregation of GPUs, the role of new chip companies, and whether the economic value of AI will keep accruing to frontier models. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Gavin Baker Intro (00:03:32) Anthropic's Record ARR Growth (00:11:49) Should OpenAI and Anthropic Raise at a Much Higher Valuation? (00:13:23) How Elon Preserves Investor Trust (00:14:00) Watts & Wafers (00:15:45) Data Centers in Space Explained (00:20:51) Orbital Compute's Impact on Terrestrial Data Centers (00:26:24) TSMC Supply Discipline & Bubble Risk (00:30:50) Demand for Frontier Tokens & The Bitter Lesson (00:35:33) Continual Learning & Memory (00:40:01) New Chip Companies & Startups (00:42:49) Prefill vs. Decode Disaggregation (00:48:40) AI-Native Founders: Different & Hard (00:51:27) Token Path & Application Layer (00:56:13) How Gavin Uses AI in Atreides (01:00:06) Signs of a Diversity Breakdown (01:05:42) Google, Meta, Amazon, Microsoft (01:11:42) Broader Knock-On Effects of AI

Caitlin Kalinowski was most recently at OpenAI helping build their robotics and hardware teams from scratch. Prior to that, she was head of AR glasses and VR hardware at Meta, where she led the teams building every generation of the Quest, Rift, and Orion, and was Meta's first consumer electronics hire. Before this, she was technical lead on MacBook Air and Mac Pro at Apple, and helped engineer the original unibody MacBook Pro. She's designed and engineered some of the hardest and most beloved consumer hardware products in history and is now focused on the next frontier: robotics.In our in-depth conversation, we discuss:1. VR—what happened?2. The coming memory price shock and why she's telling startups to pre-buy now3. How the technologies built for VR became the foundation of modern warfare4. Why humanoid robots are still just prototypes, and what's actually gating mass deployment5. Lessons from Steve Jobs, Mark Zuckerberg, and Sam Altman6. Why she left OpenAI—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and more: https://workos.com/lennyVanta—Automate compliance, manage risk, and accelerate trust with AI: https://vanta.com/lenny—Episode transcript: https://www.lennysnewsletter.com/p/why-were-at-the-beginning-of-the—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Caitlin Kalinowski:• X: https://x.com/kalinowski007• LinkedIn: https://www.linkedin.com/in/ckalinowski• Website: https://www.caitlinkalinowski.com—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/In this episode, we cover:(00:00) Introduction to Caitlin Kalinowski(02:32) Why VR didn't take off despite incredible hardware(04:55) The future of AR glasses and physical AI(08:45) Why robotics and hardware are suddenly hot(13:33) Why humanoid robots aren't ready yet(16:13) Supply chain bottlenecks threatening robotics(17:31) Why magnets and actuators are critical dependencies(20:51) The geopolitical implications of hardware supply chains(24:48) AI safety concerns with physical robots(26:50) Apple's approach to hardware excellence(30:10) Building a hardware program from scratch at Meta(31:39) The Quest 2 cost reduction story(33:07) Critical principles for hardware development(39:58) The MacBook Air manila envelope moment(41:01) The butterfly keyboard situation(41:43) Lessons from Apple on customer feedback(44:46) The memory price crisis coming for hardware(49:31) How many components go into a robot(52:53) When to use off-the-shelf vs. custom components(55:02) How AI is changing hardware engineering(1:00:27) Why humanoids aren't the answer for most use cases(1:03:05) When robots will build other robots(1:06:23) What makes a robot feel human and connected(1:09:15) Robots in the home(1:12:00) What the next five years look like(1:15:38) Why she left OpenAI(1:18:09) How to hire exceptional hardware teams(1:23:42) Lessons from Steve Jobs, Mark Zuckerberg, and Sam Altman(1:27:27) Failure corner(1:32:33) Lightning round—References: https://www.lennysnewsletter.com/p/why-were-at-the-beginning-of-the—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

AI agents are entering enterprise AI faster than CIOs can govern them. Line-of-business users are vibe-coding their own tools, agents are operating with employee credentials, and foundation models are changing under running systems. In CXOTalk episode 919, Anthony Scriffignano, PhD, a prominent data scientist, and Tim Crawford, a strategic advisor to CIOs at the world's largest companies, examine what enterprise AI governance, shadow AI, and agentic risk require of technology leaders today. The discussion grounds the AI agent conversation in practical decisions: what to keep from established IT governance, what is genuinely new, and where the CIO role must evolve.YOU'LL LEARN:✅ Why traditional regression testing breaks when foundation models, training data, and environments all change at once✅ How shadow AI and vibe-coding by non-developers expand the threat paradigm beyond the enterprise perimeter✅ Why HR-style policies do not transfer to AI agents, and what changes when super-agents call sub-agents through an orchestration layer✅ Specific controls for shadow AI: sandboxes, token counting, personal Identifying Information (PII) guardrails, and watching for value leaving the organization✅ Red, blue, and green teaming for autonomous agents, including why red teams need a defined target list, not a license to break things✅ The three governance layers CIOs must now reconcile: user role-based access controls (RBAC), agent governance, and knowledge governance, across ServiceNow, Salesforce, and SAP✅ When human in the loop is meaningful and when it becomes theater, including the limits of audited-sample review at machine speed✅ How the transformational CIO mindset differs from the traditional one, and why business depth is now the prerequisite skill⏱️ TIMESTAMPS0:00 AI agents are running wild: framing the problem3:11 From automation to autonomy: how CIOs should reframe risk5:21 What old governance disciplines still apply, and what is new6:12 Shadow AI, vibe coding, and the limits of control9:11 Practical controls: sandboxes, token counting, PII guardrails11:53 Why HR policies do not work for AI agents15:24 Regression testing for misuse and misadventure18:43 The aspiring CIO: traditional vs. transformational mindset21:07 Disciplined red, blue, and green teaming23:30 When mandatory automation becomes the only option32:03 Human in the loop: meaningful or theater?34:09 What AI governance actually looks like in practice38:10 New roles: context engineers, AI FinOps, and value frameworks40:30 Talent and jobs inside IT: what changes

Mock-интервью с Николаем Лебедевым - DevOps/SRE-инженер, 17 лет в Linux, 4 года AWS EKS. Stack: Terraform, Flux, Cassandra, Kafka, Vault, SOPS. Два часа - много практики, много каверзных вопросов. ЧТО СПРАШИВАЛИ ☁️ AWS: EKS и IRSA, VPC с нуля (CIDR, multi-AZ, multi-region), managed K8s vs self-hosted, Elasticache, Golden Signals и метрики SRE.

In this episode of XenTegra's Nutanix Weekly, Andy Greene, Chris Calhoun, and Marcus Barton explore the emerging world of AI agents, MCP (Model Context Protocol) servers, and what they mean for the future of enterprise automation. Inspired by Dwayne Lessner's blog post, “The Agent Stops Writing the Script, It Becomes the Script,” the discussion dives into how Nutanix v4 APIs and NCM 2.0 are enabling a new model where AI agents interact directly with infrastructure instead of simply generating scripts.The team breaks down the differences between traditional scripting, code generation, and agentic AI workflows, while also discussing security guardrails, RBAC controls, hybrid multi-cloud implications with NC2 and GC2, and how AI-driven operations may fundamentally reshape enterprise IT management.If you're interested in Nutanix, automation, AI infrastructure, hybrid cloud, or the future of intelligent operations, this episode delivers practical insights into where the industry is heading next.

My guest today is Krishna Rao, the CFO of Anthropic. The center of our conversation is how he navigates the decision around procuring and allocating compute, which he describes as the canvas on which everything else gets built. We talk about what he calls the cone of uncertainty, the three chip platforms Anthropic uses fungibly across Trainium, TPUs, and GPUs, and the daily meetings they run to allocate compute between model development, internal use, and serving customer demand. He explains why the returns to frontier intelligence keep getting higher, especially in enterprise, and how Anthropic thinks about the line between platform and application and why they choose to build their own products like Claude Code. Krishna has such a unique seat watching one of the fastest growing businesses in history, and he is generous in sharing what he has learned since joining the company two years ago. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Episode Intro: Krishna Rao (00:03:14) Compute as Anthropic's Lifeblood (00:05:17) Three Fungible Chip Platforms (00:07:31) The Cone of Uncertainty (00:09:08) Competing Ways to Allocate Compute (00:10:36) What Drives Compute Efficiency (00:12:38) Why Frontier Returns Are So High (00:16:32) How Claude Code Writes Its Own Code (00:18:46) Will Talent Become Obsolete? (00:20:07) How Scaling Laws Are Holding (00:21:54) Exponential Thinking (00:23:17) The Layer Cake of Compute (00:26:36) How Anthropic Deploys New Compute (00:27:53) Platform v. Application Layer (00:32:42) Why Model Pricing Has Stayed Stable (00:35:26) Measuring Return on Compute (00:37:22) Working With Chip Providers (00:38:32) How Anthropic's Finance Team Uses Claude (00:41:32) The Jevons Paradox for Labor (00:43:08) Anthropic's Fundraising & Growth Journey (00:47:31) The Exponential Revenue Curve (00:49:02) The Hardest Thing to Explain to Investors (00:52:15) AI's Public Perception Problem (00:55:38) Mythos (00:57:31) Relationship With Government (00:58:51) Inside Anthropic's Culture (01:03:48) The Next Frontier: Virtual Collaborators (01:06:22) How Leaders Scale With a Business (01:10:55) The Biggest Risks to Continued Progress (01:12:09) What Krishna is Excited About  (01:13:45) The Kindest Thing

Eric Ries is the author of The Lean Startup, a book that reshaped how a generation of founders think about building companies. His new book, Incorruptible, explains how successful companies are destroyed by failing to protect what makes them valuable, and how to change it.In our in-depth conversation, we discuss:1. Why 80% of venture-backed founders are ousted within three years of going public2. The governance structures that protect companies like Anthropic, Costco, and Novo Nordisk3. The simple legal filing that takes two pages and could save your company4. Financial gravity: why successful companies predictably get corrupted into mediocrity5. Why mission-aligned companies like Anthropic reap major benefits from protecting their mission through governance6. Why success won't protect you—it instead makes you a bigger target—Brought to you by:WorkOS—Make your app enterprise-ready, with SSO, SCIM, RBAC, and more: https://workos.com/lennyVanta—Automate compliance, manage risk, and accelerate trust with AI: https://vanta.com/lenny—Episode transcript: https://www.lennysnewsletter.com/p/how-to-build-a-company-that-withstands—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Eric Ries:• X: https://x.com/ericries• LinkedIn: https://www.linkedin.com/in/eries• Website: https://www.incorruptible.co• Newsletter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://news.theleanstartup.com/• Podcast:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ https://ericriesshow.com• YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/@theericriesshow⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Eric Ries(02:26) Introducing Incorruptible(06:26) Protecting what you've built(11:35) Why founders get ousted(14:58) Too early, too late(19:32) The blueprint: ethos plus integrity(20:49) Novo Nordisk's 100-year governance fortress(26:41) The Vectura Group and Philip Morris(33:16) The “harder is easier” principle(37:22) Cloudflare's mission emergence story(42:43) Groupon's email frequency death spiral(45:37) How to define your purpose(51:09) Mission-driven vs. mission-hopeful companies(54:46) Integrity: structural and personal(57:47) Shareholder primacy: the 40-year-old “natural law”(01:00:04) Public benefit corporations: the easiest protection(01:04:24) Downsides and objections(01:06:08) The Anthropic example: fastest-growing company ever(01:08:39) The torchbearers in every organization(01:10:37) The culture bank: deposits and withdrawals(01:12:28) OpenAI and Anthropic governance(01:16:21) Mission guardians explained(01:18:29) Spiritual holding companies(01:21:53) The founder control trap(01:25:25) Three things to do this week(01:30:10) AI alignment and human alignment(01:34:00) Conway's law: org charts in architecture(01:37:31) Book resources and farewell—References: https://www.lennysnewsletter.com/p/how-to-build-a-company-that-withstands—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

Managing Servers, and Kubernetes across on-prem, and multiple clouds, can quickly become complex, especially when you're juggling multiple tools. In this video, we explore how Azure Arc simplifies hybrid and multi-cloud operations by providing a single, consistent control plane for managing your entire infrastructure across Linux and Windows, on-prem, in Azure, or in any cloud. Once connected, you can patch Windows and Linux together with Azure Update Manager, enforce CIS benchmarks and Azure Security Baselines through Azure Policy, and pull consistent inventory, tags, and RBAC across your whole estate. Auto-recover unbootable Windows Server 2025 machines with Quick Machine Recovery, audit and configure WinRE using built-in Azure Policy. Run your virtual machines as Azure Virtual Desktop session hosts on Nutanix, VMware, Hyper-V, or using physical Windows hardware. Satya Vel, Azure Arc Principal Group PDM Manager (https://x.com/satya_vel) shares how to make Azure your operational standard for every workload, anywhere it runs. Learn more about Azure Arc at https://aka.ms/AzureArcServer, or join the community at https://aka.ms/ArcServerForumSignup ► QUICK LINKS: 00:00 - Azure Arc in hybrid environments 00:46 - Transitioning to Azure Arc 02:35 - Unified management 03:43 - How to bring in servers and containers 04:48 - Inventory management 05:30 - Patching 06:48 - Auto-manage future updates 08:25 - One-time update 09:32 - Configuration in a hybrid environment 11:05 - Auditing Windows machines 11:34 - Microsoft Defender for Cloud 13:06 - Desktop virtualization 13:51 - Wrap up  ► Link References For more information go to https://aka.ms/AzureArc ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Host Kieran Devlin (UC Today) sits down with Mike Frayne, CEO at Voss, for the 2026 Big UC Update. They unpack what's changed over the last 12 months—from AI adoption to platform consolidation—and why digital workplace management is becoming mission-critical as tool sprawl, data silos, and policy complexity accelerate.Voss started in UC automation—but in this conversation, Mike Frayne explains how the company is widening the lens: bringing migration, automation, analytics, and telemetry data into a single platform that helps organizations manage not just UC, but the broader Microsoft ecosystem too.AI is a major theme, but not as hype: Mike outlines why good AI depends on accurate, up-to-date telemetry, how Voss is building agents on top of that data, and why customers also need the freedom to build their own agents. The big watch-out? Agent governance—access control, policy compliance, duplication, adoption, and proving ROI—may be the next management frontier.Key points we cover:Voss's shift to a unified platform (not siloed products) to unlock richer telemetryExpanding beyond UC into Microsoft 365, security, auditing, and governanceAI enablement: internal acceleration + customer-facing agents built on trusted data“Take back control” via discovery, hierarchy, RBAC, and spend/licence optimization

My guest today is Brian Chesky, the co-founder and CEO of Airbnb. Our conversation traces the path from his early training as an industrial designer at RISD through the pandemic moment that forced him into founder mode.  He explains why he thinks AI founder mode will demand even more attention to the details and why founders are rarely good early CEOs. He walks through his eleven-star exercise, which is a way of imagining the most absurd version of a customer experience to achieve product market fit.  We also talk about what changed for him when he stopped chasing adulation and started making things for the love of making them.  For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Episode Intro: Brian Chesky (00:03:07) Studying Industrial Design at RISD (00:08:30) Why Founders Don't Make Good CEOs (00:09:02) Founder Mode (00:12:51) AI Founder Mode (00:14:41) The End of Pure People Managers (00:18:42) Consumer AI (00:21:45) Project Hawaii (00:25:49) Make the Problem as Small as Possible (00:29:46) Becoming a Good CEO (00:32:11) What Brian Learned From Hiroki Asai (00:36:32) The Eleven-Star Experience (00:38:48) AI and Creativity (00:41:44) Making Things for the Love of It (00:43:36) The Adulation Trap (00:46:38) The Ham Sandwich Paradox (00:52:38) Why Founder-Led Businesses Endure (00:55:14) The Person as the Atomic Unit of Airbnb (00:59:40) Disrupting Yourself With AI (01:02:11) Lessons from Bodybuilding (01:07:55) Hiring as the Most Important Job (01:09:16) Are Founders Born or Made? (01:11:04) The Motivation of an Artist (01:11:47) The Kindest Thing

Max Schoening is head of product at Notion, where he's been especially effective at getting designers and PMs to ship code, prototype in the terminal, and launch extremely successful AI products. He was previously a PM at Google, ran design at Heroku, was VP of Design (and a part-time engineer) at GitHub, and is a two-time founder. He's one of the most AI-forward product leaders out there and one of the deepest thinkers on how AI changes how we build and use software.We discuss:1. What's most worked in getting designers and PMs to embrace AI2. Why agency—not skills—is the thing that separates people who thrive from those who fall behind3. How the first 10% of every project is now “free,” and what that means for product development4. Max's “tiny core” theory of great products: iPhone multitouch, the GitHub pull request, Notion blocks, Dropbox's menu bar icon5. Why the SaaSpocalypse is overstated6. Why the amount of software has exploded but the quality hasn't, and why that gap creates opportunity—Brought to you by:WorkOS—Make your app Enterprise Ready, with SSO, SCIM, RBAC, and more: https://workos.com/lennyVanta—Automate compliance, manage risk, and accelerate trust with AI: https://vanta.com/lenny—Episode transcript: https://www.lennysnewsletter.com/p/why-cultivating-agency-matters-more—Archive of all Lenny's Podcast transcripts: https://www.dropbox.com/scl/fo/yxi4s2w998p1gvtpu4193/AMdNPR8AOw0lMklwtnC0TrQ?rlkey=j06x0nipoti519e0xgm23zsn9&st=ahz0fj11&dl=0—Where to find Max Schoening:• X: https://x.com/mschoening• LinkedIn: https://www.linkedin.com/in/max-schoening• Website: https://max.dev—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Max Schoening(01:55) The origin story of designers coding at Notion(06:30) How much designers and PMs are shipping today(08:24) The balance between shipping code and strategic work(10:32) Why agency will help you thrive in the AI era(11:49) Examples of high agency at Notion(13:52) What we might lose as roles merge(15:56) Advice for developing agency(17:42) Malleable software explained(20:43) The Dieter Rams video and design philosophy(24:00) The SaaS apocalypse debate(28:25) How product building has changed in the past two years(30:27) What's next in how we build products(34:16) Token spend and ROI conversations(37:39) Getting people to change how they work(39:04) Max's AI stack(41:41) Which roles AI will transform next(44:26) When companies will start caring about ROI(48:38) Why Notion AI is so successful(51:47) How to ship more quickly while maintaining quality(56:40) Building taste through iterations(1:00:09) What matters most in building successful products(1:05:06) Using the jobs-to-be-done framework(1:07:28) Hot take on universal basic income(1:09:26) What Max would do with AGI(1:10:53) Contrarian corner(1:13:14) Failure corner(1:16:20) Advice for young people in Silicon Valley(1:19:20) Lightning round and final thoughts—Referenced: https://www.lennysnewsletter.com/p/why-cultivating-agency-matters-more—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. To hear more, visit www.lennysnewsletter.com

Invest Like the Best: Read the notes at at podcastnotes.org. Don't forget to subscribe for free to our newsletter, the top 10 ideas of the week, every Monday --------- My guest today is Paul Tudor Jones. Paul is the founder of Tudor Investment Corporation and one of the greatest macro traders of all time, known for calling and profiting from the 1987 crash and compounding capital at extraordinary rates over more than four decades. Paul is also one of the most entertaining and interesting people I have ever met. He is full of stories and hard-earned lessons from a lifetime in markets that feels like several lifetimes compressed into one. In this conversation, he shares how he thinks about trading as a constant battle of risk management and patience, why he still wakes up in the middle of the night to watch global markets, and how he identifies the rare moments where he can take a truly big swing. We discuss whether we are in a bubble, why he sees AI as one of the greatest risks in history, and why he believes Bitcoin is the best inflation hedge. We also spend time on the difference between trading and investing, the importance of passion and discipline, and the ideas that have shaped his life both inside and outside of markets. Please enjoy this conversation with Paul Tudor Jones. This conversation was recorded in mid-February 20, 26 weeks before the geopolitical conflicts now shaping the global economy. Please enjoy this great conversation with Paul Tudor Jones.  For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Episode Intro: Paul Tudor Jones (00:04:44) Paul's Incredible Kindest Thing Story (00:06:50) Discovering a Passion for Philanthropy (00:13:12) Paul's Commencement Speech Address (00:15:24) Trading v. Investing (00:19:23) Lessons from Warren Buffet (00:23:48) The AI Industry Lacks Proper Risk Management (00:26:54) The One Regulation AI Needs (00:28:51) What Paul Learned from Eli Tullis (00:30:39) Why Trading is Like Boxing (00:32:16) The Bull Case for the Yen (00:34:30) Why Bitcoin is the Best Inflation Hedge (00:36:06) Lessons from Historical Bubbles (00:38:57) Are We in a Bubble? (00:42:10) Paul's Daily Routine (00:44:12) Managing Information Overload (00:45:35) What Exquisite Execution Means (00:46:37) Paul's Love of Games (00:48:13) The Secret to Longevity (00:50:51) Starting Robin Hood After the 1987 Crash (00:55:33) The Importance of Studying Journalism (00:57:12) Communicating Effectively in Today's World (00:59:13) The Four Components of a Great Life (01:01:10) Paul's Relationship with God and Nature (01:03:53) Kill ‘Em With Kindness

My guest today is Paul Tudor Jones. Paul is the founder of Tudor Investment Corporation and one of the greatest macro traders of all time, known for calling and profiting from the 1987 crash and compounding capital at extraordinary rates over more than four decades. Paul is also one of the most entertaining and interesting people I have ever met. He is full of stories and hard-earned lessons from a lifetime in markets that feels like several lifetimes compressed into one. In this conversation, he shares how he thinks about trading as a constant battle of risk management and patience, why he still wakes up in the middle of the night to watch global markets, and how he identifies the rare moments where he can take a truly big swing. We discuss whether we are in a bubble, why he sees AI as one of the greatest risks in history, and why he believes Bitcoin is the best inflation hedge. We also spend time on the difference between trading and investing, the importance of passion and discipline, and the ideas that have shaped his life both inside and outside of markets. Please enjoy this conversation with Paul Tudor Jones. This conversation was recorded in mid-February 20, 26 weeks before the geopolitical conflicts now shaping the global economy. Please enjoy this great conversation with Paul Tudor Jones.  For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Invest Like the Best listeners get a special offer of $1,000 off Vanta when you go to ⁠vanta.com/invest⁠.  ----- WorkOS⁠ is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Episode Intro: Paul Tudor Jones (00:04:44) Paul's Incredible Kindest Thing Story (00:06:50) Discovering a Passion for Philanthropy (00:13:12) Paul's Commencement Speech Address (00:15:24) Trading v. Investing (00:19:23) Lessons from Warren Buffet (00:23:48) The AI Industry Lacks Proper Risk Management (00:26:54) The One Regulation AI Needs (00:28:51) What Paul Learned from Eli Tullis (00:30:39) Why Trading is Like Boxing (00:32:16) The Bull Case for the Yen (00:34:30) Why Bitcoin is the Best Inflation Hedge (00:36:06) Lessons from Historical Bubbles (00:38:57) Are We in a Bubble? (00:42:10) Paul's Daily Routine (00:44:12) Managing Information Overload (00:45:35) What Exquisite Execution Means (00:46:37) Paul's Love of Games (00:48:13) The Secret to Longevity (00:50:51) Starting Robin Hood After the 1987 Crash (00:55:33) The Importance of Studying Journalism (00:57:12) Communicating Effectively in Today's World (00:59:13) The Four Components of a Great Life (01:01:10) Paul's Relationship with God and Nature (01:03:53) Kill ‘Em With Kindness

This is my second conversation with Dylan Patel. Dylan is the founder and CEO of SemiAnalysis, where he tracks the semiconductor supply chain and AI infrastructure buildout. This conversation is about the supply and demand of tokens. On demand, Dylan describes something completely explosive. He explains why the frontier model is the only model anyone wants, and willingness to pay for it is nearly unbounded. His own firm has gone from tens of thousands of dollars in AI spend last year to seven million this year. On supply, we walk through the bottlenecks across memory, logic, and fab equipment that will determine how fast any of this can scale. We also cover Claude Mythos and what the leading labs need to do to fix their growing public perception problem. For the full show notes, transcript, and links to mentioned content, check out the episode page ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠here⁠⁠⁠⁠⁠.  ----- Become a Colossus member to get our quarterly print magazine and private audio experience, including exclusive profiles and early access to select episodes. Subscribe at ⁠colossus.com/subscribe⁠. ----- ⁠Ramp's⁠ mission is to help companies manage their spend in a way that reduces expenses and frees up time for teams to work on more valuable projects. Go to⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ramp.com/invest⁠⁠ to sign up for free and get a $250 welcome bonus. ----- Trusted by thousands of businesses, ⁠Vanta⁠ continuously monitors your security posture and streamlines audits so you can win enterprise deals and build customer trust without the traditional overhead. Visit ⁠vanta.com/invest⁠.  ----- WorkOS is the infrastructure B2B and AI-native companies use to sell to enterprise. It covers everything enterprise security requires: SSO, SCIM, RBAC, Audit Logs, AI governance, and more. Trusted by 2,000+ fast-growing companies, including OpenAI, Anthropic, Cursor, and Vercel. ----- Rogo is the AI platform for finance. They're building agents for Wall Street that are trained to understand how bankers and investors actually do work: from diligence and modeling, to turning analysis into deliverables. To learn more, visit rogo.ai/invest. ----- ⁠Ridgeline⁠ has built a complete, real-time, modern operating system for investment managers. It handles trading, portfolio management, compliance, customer reporting, and much more through an all-in-one real-time cloud platform. Visit⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ridgelineapps.com⁠. ----- Editing and post-production work for this episode was provided by The Podcast Consultant (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://thepodcastconsultant.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠). Timestamps: (00:00:00) Welcome to Invest Like The Best (00:02:29) Intro: Dylan Patel (00:03:09) Semi Analysis AI Spend: Zero to $7M (00:05:16) Real-World Examples of Claude Code (00:11:41) Token Demand: “Completely Explosive” (00:14:48) Why Everyone Wants the Frontier Model (00:15:36) Mythos: Biggest Model Capability Jump in Two Years (00:20:54) Fear of Rapid Model Progress (00:23:45) Robotics as the Next Demand Wave (00:26:03) Scaling Laws & Compute Efficiency (00:27:24) OpenAI vs. Anthropic (00:31:33) Supply Side: Bottlenecks Across the Stack (00:33:26) TSMC CapEx Could Cause a Shortage (00:36:45) CPUs, ASICs, and FPGAs (00:40:12) Tokenomics (00:42:20) Protests & AI Backlash

If agents are eating the systems of engagement, what is actually left to defend — and who gets to defend it?The conversation covers:The SaaSpocalypse thesis in Patrick's own words — multiples from 7–8x to 40x to 2–3x in under a decade, the shift from systems of record to systems of work, and why he thinks fewer than a quarter of incumbent SaaS companies have the appetite to genuinely burn the boatsDefensibility after the foundation models — why single-player workflows are fragile against OpenAI and Anthropic's distribution, why multiplayer workflows (governance, RBAC, iteration, judgment across stakeholders) may hold, and why two of the three classic data-moat pitches no longer survive first-principles scrutinyThe pivot problem — Gigya hit ten million ARR and had to pivot, hit thirty million ARR and had to pivot again, and Patrick's retrospective conviction that both should have happened earlier; a useful frame for a market where capital is letting teams defer the questionProfessional services as differentiation rather than embarrassment — how Gigya ran services at ~30% of revenue, recurring and profitable, and why Patrick thinks the FDE renaming is obscuring a durable truth about trustMayfield's own shape — seventeenth early-stage fund, ~$1.2B across the two vehicles, roughly 70% first-institutional-check, two or three investments per partner per year, and the deliberate refusal to index a categoryThe battlefield promotion to CEO on Patrick's thirtieth birthday, five months of runway, a million-dollar monthly burn, and what he actually learned from Naveen Chawda about the difference between being founder-friendly and being usefulPatrick is a GP at Mayfield. Before investing he spent eleven years at Gigya, joining as the first business hire in 2007, becoming CEO at thirty, leading the company through multiple pivots and past a hundred million in ARR, and selling to SAP in 2017 for three hundred and fifty million. He now invests at seed and Series A in enterprise and AI, with board seats at Docket AI, Duplo Cloud, BigPanda, and Scrunch AI, and writes The CEO Field Guide on Substack.Worth the hour if you think about where the defensibility actually lives.

Madhav Nakar — AI Security Researcher and Documentarian of Spirituality and Play   No Password Required Season 7: Episode 3 - Madhav Nakar   Madhav Nakar is a Security Researcher at BeyondTrust specializing in identity threats, endpoint security, and cloud attack paths. With a background in theoretical mathematics, his current research focuses on analyzing attacker behavior to build practical systems of detection.   In this episode, Madhav shares the pivotal moments that shaped his career, including his first experience witnessing a nation-state attack unfold in real time from his seat in a SOC. He explains how mathematical thinking sharpens security strategy and why strong research is rooted in exploration, not predetermined outcomes.   Jack Clabby of Carlton Fields, joined by co-host Kayley Melton of the Cognitive Security Institute, welcomes Madhav for a conversation on modern cyber defense. From AI-driven attacks and agentic systems to privilege escalation risks in role-based access environments, Madhav breaks down what teams are getting wrong about AI and why defending against AI increasingly requires AI-powered tools.   The conversation turns to Madhav's philosophy of “serious play,” where curiosity, experimentation, and failure fuel better research and resilience. He also shares insights from his spiritual and philosophy project, The Fire of Knowing, exploring consciousness and belief through a neutral lens.   In the Lifestyle Polygraph, Madhav pitches a cybersecurity documentary, debates growth versus comfort, and reflects public dancing experiments.  Follow Madhav Nakar here: https://www.linkedin.com/in/madhav-nakar/ Follow "The Fire of Knowing" on Instagram and Youtube!  CHAPTERS:  00:00 Introduction with Kayley and Jack 08:08 Transition from Theoretical Math to Cybersecurity 16:13 Exploring Spiritual Traditions and Madhav's Documentary 19:48 The Intersection of Art and Science in Content Creation 25:20 The Lifestyle Polygraph: Challenging Perspectives on Security

Security teams are under more pressure than ever, reacting at human speed while systems, identities, and AI agents operate at machine speed. In this episode of Security Matters, host David Puner sits down with cybersecurity leader and former FBI executive MK Palmore to explore why defenders struggle to keep pace and what it takes to regain control.From AI agents that overshare sensitive data to cloud misconfigurations that never seem to disappear to the persistent success of ransomware, MK explains how complexity, vendor sprawl, and overloaded teams create gaps that attackers continue to exploit. The conversation highlights how identity across human, machine, and emerging agent types has become the center of modern security and why fundamentals, prioritization, and platform thinking matter more than ever.Listeners will hear insight on: • Identity at machine speed and the rise of autonomous access • Why attackers still win more than 51 percent of the time • How ransomware continues to succeed despite industry progress • Why SMBs face “mission impossible” expectations • The true cost of vendor sprawl and operational overload • What effective security leadership looks like in the current threat environmentIf you work in identity, security operations, strategy, or leadership, this discussion cuts through hype and focuses on the realities defenders face and how to push back against the constant pressure of the tyranny of the now.

Are you ready to earn one of the most respected certifications in cybersecurity? In this episode, we break down the fundamental concepts, practical demonstrations, and exam-passing strategies for the 2026 CompTIA Security+ (SY0-701).We move beyond theory into practice, demonstrating how integrity is protected through MD5 hashing and how phishing attacks are launched using tools like ZFisher. We also clarify common exam pitfalls, such as the difference between tailgating and piggybacking, and why "Risk Acceptance" is often a calculated business decision rather than a security failure. Whether you're struggling with PKI architecture or trying to distinguish between MAC, DAC, and RBAC, this episode is your ultimate audio study guide.

This episode is sponsored by PlainID. Visit plainid.com/idac to learn more.In this sponsored episode, Jim McDonald and Jeff Steadman talk with Gal Helemski, CTO and co-founder of PlainID, about the evolving landscape of authorization. The conversation covers the transition from traditional roles and attributes to a modern policy-based access control (PBAC) approach. Gal explains how PlainID helps organizations centralize authorization logic, improve security posture, and simplify the management of access across complex hybrid and multi-cloud environments. The discussion also touches on the importance of visibility into who has access to what and the role of standards like Cedar and Rego in the future of authorization.Connect with Gal: https://www.linkedin.com/in/gal-helemski-b9542231/Learn more about PlainID: plainid.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comTimestamps:00:00 Introduction to the Sponsor Spotlight02:15 Meet Gal Helemski from PlainID05:30 The shift from RBAC to PBAC10:45 Challenges with traditional authorization methods15:20 How PlainID centralizes authorization logic22:10 Integrating with existing identity providers28:45 The role of visibility and auditing in authorization35:30 Discussion on authorization standards: Cedar and Rego42:15 Future trends in identity and access management50:00 Final thoughts and where to learn moreKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, PlainID, Authorization, Policy-Based Access Control, PBAC, RBAC, Cybersecurity, IAM, Access Management, Gal Helemski, Identity Security

Send us a textA surprising number of security leaders admit they're flying blind on hardware and firmware. We start by exposing how shared BIOS passwords, slow maintenance cycles, and careless e‑waste practices create avoidable risk, then lay out the fixes: privileged vaulting, disciplined asset disposition, and practical ways to repurpose gear without leaking data. That real-world foundation sets the stage for a focused tour through CISSP Domain 5—Identity and Access Management—built for practitioners who want clarity over jargon.We break down least privilege in plain terms and show how to reduce the initial friction with cleanly defined roles and entitlement catalogs. From there, we compare RBAC and ABAC: when baseline roles are enough, and when context-aware attributes like device, location, and data sensitivity should drive policy. Authentication gets the same treatment. Multi-factor authentication, biometrics, and phishing-resistant methods raise the bar, while single sign-on and identity federation streamline access across cloud apps using standards like OAuth, OpenID Connect, and SAML. In modern cloud environments, token-based models win for scalability and security, and we explain why.Governance ties it all together. We walk through identity proofing for solid onboarding, separation of duties to curb fraud, and IGA workflows that make approvals, recertifications, and audits far less painful. Regular access reviews emerge as the unsung hero that prevents privilege creep before it becomes an incident. If you're prepping for the CISSP—or just tightening your IAM program—this episode gives you the why behind the what, with steps you can apply today.Enjoyed the conversation and want more deep dives? Subscribe, share with a teammate who needs a quick IAM refresher, and leave a review to help others find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Join hosts Jeff Steadman and Jim McDonald for a special live episode recorded on location at Identiverse DC! In this interactive session, Jeff and Jim host a game of "Majority Rules," where the audience competes not to answer correctly, but to guess the most popular answer in the room.The game covers a wide range of topics, from the trivial (worst conference swag and the official uniform of an IAM architect) to the technical (securing API keys, the biggest bottlenecks in IGA, and the primary causes of role explosion).Things get intense halfway through with the introduction of the Battle Royale rules, where picking the minority answer sends a player's score back to zero. Watch to see who survives the explosions and takes home the grand prize.Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapter Timestamps00:00 Intro to Identity at the Center Live00:36 Explaining the Rules of Majority Rules04:25 Question 1: The Worst Conference Swag06:00 Question 2: Replying to Access Denied07:05 Question 3: AI in Identity Management08:40 Question 4: Favorite MFA Method10:12 Question 5: Least Favorite Auth Factor11:15 Turning up the Heat: Battle Royale Mode12:10 Question 6: Why RBAC is Difficult at Scale13:30 Question 7: The IAM Architect Uniform14:50 Question 8: Best Place to Hide a Secret16:15 Question 9: Protocols You Secretly Miss17:25 Question 10: Most Hated Specialized Key18:40 Question 11: Conference Responsibilities20:00 Question 12: Securing API Keys21:20 Question 13: Secrets to Surviving Keynotes22:55 Question 14: The Biggest Bottleneck in IGA24:45 Question 15: Causes of Role Explosion25:50 Question 16: What Breaks First After a Schema Update26:40 Final Question: Fastest Way to Confuse a User27:40 Crowning the WinnerKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Identiverse, Identiverse DC, IAM, Identity and Access Management, Cybersecurity, InfoSec Game Show, Live Podcast, Majority Rules, MFA, IGA, API Security, RBAC, Role Explosion, Tech Humor, Cyberrisk Alliance

Kubernetes has relied on role-based access control (RBAC) since 2017, but its simplicity limits what developers can express, said Micah Hausler, principal engineer at AWS, on The New Stack Makers. RBAC only allows actions; it can't enforce conditions, denials, or attribute-based rules. Seeking a more expressive authorization model for Kubernetes, Hausler explored Cedar, an authorization engine and policy language created at AWS in 2022 and later open-sourced. Although not designed specifically for Kubernetes, Cedar proved capable of modeling its authorization needs in a concise, readable way. Hausler highlighted Cedar's clarity—nontechnical users can often understand policies at a glance—as well as its schema validation, autocomplete support, and formal verification, which ensures policies are correct and produce only allow or deny outcomes.Now onboarding to the CNCF sandbox, Cedar is used by companies like Cloudflare and MongoDB and offers language-agnostic tooling, including a Go implementation donated by StrongDM. The project is actively seeking contributors, especially to expand bindings for languages like TypeScript, JavaScript, and Python.Learn more from The New Stack about Cedar:Ceph: 20 Years of Cutting-Edge Storage at the Edge The Cedar Programming Language: Authorization SimplifiedJoin our community of newsletter subscribers to stay on top of the news and at the top of your game.  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

How do all your devices connect and stay safe in the cloud? In this episode, Lois Houston and Nikita Abraham talk with OCI instructors Sergio Castro and Orlando Gentil about the basics of how networks work and the simple steps that help protect them.   You'll learn how information gets from one place to another, why tools like switches, routers, and firewalls are important, and what goes into keeping access secure.   The discussion also covers how organizations decide who can enter their systems and how they keep track of activity.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. -------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hi everyone! In the last episode, we spoke about local area networks and domain name systems. Today, we'll continue our conversation on the fundamentals of networking, covering a variety of important topics.  00:50 Lois: That's right, Niki. And before we close, we'll also touch on the basics of security. Joining us today are two OCI instructors from Oracle University: Sergio Castro and Orlando Gentil. So glad to have you both with us guys. Sergio, with so many users and devices connecting to the internet, how do we make sure everyone can get online? Can you break down what Network Address Translation, or NAT, does to help with this? Sergio: The world population is bigger than 4.3 billion people. That means that if we were to interconnect every single human into the internet, we will not have enough addresses. And not all of us are connected to the internet, but those of us who are, you know that we have more than one device at our disposal. We might have a computer, a laptop, mobile phones, you name it. And all of them need IP addresses. So that's why Network Address Translation exists because it translates your communication from a private IP to a public IP address. That's the main purpose: translate. 02:05 Nikita: Okay, so with NAT handling the IP translation, how do we ensure that the right data reaches the right device within a network? Or to put it differently, what directs external traffic to specific devices inside a network? Sergio: Port forwarding works in a reverse way to Network Address Translation. So, let's assume that this PC here, you want to turn it into a web server. So, people from the outside, customers from the outside of your local area network, will access your PC web server. Let's say that it's an online store. Now all of these devices are using the same public IP address. So how would the traffic be routed specifically to this PC and not to the camera or to the laptop, which is not a web server, or to your IP TV? So, this is where port forwarding comes into play. Basically, whenever it detects a request coming to port, it will route it and forward that request to your PC. It will allow anybody, any external device that wants to access this particular one, this particular web server, for the session to be established. So, it's a permission that you're allowing to this PC and only to this PC. The other devices will still be isolated from that list. That's what port forwarding is. 03:36 Lois: Sergio, let's talk about networking devices. What are some of the key ones, and what role do they play in connecting everything together? Sergio: There's plenty of devices for interconnectivity. These are devices that are different from the actual compute instances, virtual machines, cameras, and IPTV. These are for interconnecting networks. And they have several functionalities. 03:59 Nikita: Yeah, I often hear about a default gateway. Could you explain what that is and why it's essential for a network to function smoothly? Sergio: A gateway is basically where a web browser goes and asks a service from a web server. We have a gateway in the middle that will take us to that web server. So that's basically is the router. A gateway doesn't necessarily have to be a router. It depends on what device you're addressing at a particular configuration. So, a gateway is a connectivity device that connects two different networks. That's basically the functionality.  04:34 Lois: Ok. And when does one use a default gateway? Sergio: When you do not have a specific route that is targeting a specific router. You might have more than one router in your network, connecting to different other local area networks. You might have a route that will take you to local area network B. And then you might have another router that is connecting you to the internet. So, if you don't have a specific route that will take you to local area network B, then it's going to be utilizing the default gateway. It directs data packets to other networks when no specific route is known. In general terms, the default gateway, again, it doesn't have to be a router. It can be any devices. 05:22 Nikita: Could you give us a real-world example, maybe comparing a few of these devices in action, so we can see how they work together in a typical network? Sergio: For example, we have the hub. And the hub operates at the physical layer or layer 1. And then we have the switch. And the switch operates at layer 2. And we also have the router. And the router operates at layer 3. So, what's the big difference between these devices and the layers that they operate in? So, hubs work in the physical layer of the OSI model. And basically, it is for connecting multiple devices and making them act as a single network segment. Now, the switch operates at the data link layer and is basically a repeater, and is used for filtering content by reading the addresses of the source and destination. And these are the MAC addresses that I'm talking about. So, it reads where the packet is coming from and where is it going to at the local area network level. It connects multiple network segments. And each port is connected to a different segment. And the router is used for routing outside of your local area network, performs traffic directing functions on the internet. A data packet is typically forwarded from one router to another through different networks until it reaches its destination node. The switch connects multiple network segments. And each port of the switch is connected to a different segment. And the router performs traffic directing functions on the internet. It takes data from one router to another, and it works at the TCP/IP network layer or internet layer. 07:22 Lois: Sergio, what kind of devices help secure a network from external threats? Sergio: The network firewall is used as a security device that acts as a barrier between a trusted internal network and an untrusted external network, such as the internet. The network firewall is the first line of defense for traffic that passes in and out of your network. The firewall examines traffic to ensure that it meets the security requirements set by your organization, or allowing, or blocking traffic based on set criteria. And the main benefit is that it improves security for access management and network visibility. 08:10 Are you keen to stay ahead in today's fast-paced world? We've got your back! Each quarter, Oracle rolls out game-changing updates to its Fusion Cloud Applications. And to make sure you're always in the know, we offer New Features courses that give you an insider's look at all of the latest advancements. Don't miss out! Head over to mylearn.oracle.com to get started.  08:36 Nikita: Welcome back! Sergio, how do networks manage who can and can't enter based on certain permissions and criteria? Sergio: The access control list is like the gatekeeper into your local area network. Think about the access control list as the visa on your passport, assuming that the country is your local area network. Now, when you have a passport, you might get a visa that allows you to go into a certain country. So the access control list is a list of rules that defines which users, groups, or systems have permissions to access specific resources on your networks.  It is a gatekeeper, that is going to specify who's allowed and who's denied. If you don't have a visa to go into a specific country, then you are denied. Similar here, if you are not part of the rule, if the service that you're trying to access is not part of the rules, then you cannot get in. 09:37 Lois: That's a great analogy, Sergio. Now, let's turn our attention to one of the core elements of network security: authentication and authorization. Orlando, can you explain why authentication and authorization are such crucial aspects of a secure cloud network? Orlando: Security is one of the most critical pillars in modern IT systems. Whether you are running a small web app or managing global infrastructure, every secure system starts by answering two key questions. Who are you, and what are you allowed to do? This is the essence of authentication and authorization. Authentication is the first step in access control. It's how a system verifies that you are who you claim to be. Think of it like showing your driver's license at a security checkpoint. The guard checks your photo and personal details to confirm your identity. In IT systems, the same process happens using one or more of these factors. It will ask you for something you know, like a password. It will ask you for something that you have, like a security token, or it will ask you for something that you are, like a fingerprint. An identity does not refer to just a person. It's any actor, human or not, that interacts with your systems. Users are straightforward, think employees logging into a dashboard. But services and machines are equally important. A backend API may need to read data from a database, or a virtual machine may need to download updates. Treating these non-human identities with the same rigor as human ones helps prevent unauthorized access and improves visibility and security. After confirming your identity, can the system move on to deciding what you're allowed to access? That's where authorization comes in. Once authentication confirms who you are, authorization determines what you are allowed to do. Sticking with the driver's license analogy, you've shown your license and proven your identity, but that doesn't mean that you can drive anything anywhere. Your license class might let you drive a car, not a motorcycle or a truck. It might be valid in your country, but not in others. Similarly, in IT systems, authorization defines what actions you can take and on which resources. This is usually controlled by policies and roles assigned to your identity. It ensures that users or services only get access to the things they are explicitly allowed to interact with. 12:34 Nikita: How can organizations ensure secure access across their systems, especially when managing multiple users and resources?  Orlando: Identity and Access Management governs who can do what in our systems. Individually, authentication verifies identity and authorization grants access. However, managing these processes at scale across countless users and resources becomes a complex challenge. That's where Identity and Access Management, or IAM, comes in. IAM is an overarching framework that centralizes and orchestrates both authentication and authorization, along with other critical functions, to ensure secure and efficient access to resources.  13:23 Lois: And what are the key components and methods that make up a robust IAM system? Orlando: User management, a core component of IAM, provides a centralized Identity Management system for all user accounts and their attributes, ensuring consistency across applications. Key functions include user provisioning and deprovisioning, automating account creation for new users, and timely removal upon departure or role changes. It also covers the full user account lifecycle management, including password policies and account recovery. Lastly, user management often involves directory services integration to unify user information. Access management is about defining access permissions, specifically what actions users can perform and which resources they can access. A common approach is role-based access control, or RBAC, where permissions are assigned to roles and users inherit those permissions by being assigned to roles. For more granular control, policy-based access control allows for rules based on specific attributes. Crucially, access management enforces the principle of least privilege, granting only the minimum necessary access, and supports segregation of duties to prevent conflicts of interest. For authentication, IAM systems support various methods. Single-factor authentication, relying on just one piece of evidence like a password, offers basic security. However, multi-factor authentication significantly boosts security by requiring two or more distinct verification types, such as a password, plus a one-time code. We also have biometric authentication, using unique physical traits and token-based authentication, common for API and web services. 15:33 Lois: Orlando, when it comes to security, it's not just about who can access what, but also about keeping track of it all. How does auditing and reporting maintain compliance? Orlando: Auditing and reporting are essential for security and compliance. This involves tracking user activities, logging all access attempts and permission changes. It's vital for meeting compliance and regulatory requirements, allowing you to generate reports for audits. Auditing also aids in security incident detection by identifying unusual activities and providing data for forensic analysis after an incident. Lastly, it offers performance and usage analytics to help optimize your IAM system.  16:22 Nikita: That was an incredibly informative conversation. Thank you, Sergio and Orlando, for sharing your expertise with us. If you'd like to dive deeper into these concepts, head over to mylearn.oracle.com and search for the Cloud Tech Jumpstart course. Lois: I agree! This was such a great conversation! Don't miss next week's episode, where we'll continue exploring key security concepts to help organizations operate in a scalable, secure, and auditable way. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 16:56 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.  

In this episode of Energy Newsbeat – Conversations in Energy, Stu Turley sits down with Cyrus Brooks of RBAC and Anne Atkinson Hyre, Executive Director of the Bettering Human Lives Foundation, to tackle the global energy poverty crisis. Over 2 billion people still rely on firewood, charcoal, or dung for cooking, facing severe health risks, environmental damage, and lost economic opportunities. Anne explains how the foundation provides low-interest loans to local LPG entrepreneurs, helping households and schools transition to safer, cleaner, and more efficient cooking fuels. Cyrus discusses how energy access enables entrepreneurship, economic growth, and improved quality of life. Learn how practical, sustainable energy solutions are transforming communities and truly bettering human lives.???? Links / Resources:Bettering Human Lives Foundation:https://betteringhumanlives.orgRBAC: https://rbac.com/Connect with Cyrus on his LinkedIn here:https://www.linkedin.com/in/cyrus-brooks-03274713/Connect with Anne here:https://www.linkedin.com/in/anne-atkinson-hyre-a6b1848/Thank you, Anne and Cyrus, for stopping by the podcast - I had an absolute blast, and this is making a difference in people's lives - StuHighlights of the Podcast 00:00 - Intro1:05 – Cyrus Brooks on RBAC & GasTech Milan4:28 – Anne Hyre on Bettering Human Lives & energy poverty6:16 – LPG impact on African households & jobs9:45 – Economic approach to solving energy poverty10:00 – Foundation's low-interest loans explained13:46 – Scaling LPG businesses in Kenya, Ghana, Zambia15:18 – Goal: 1M households & 1,000 schools by 203017:51 – Loan benefits vs commercial banks18:39 – How to donate & support the foundation21:06 – Success stories & African Energy Chamber model24:25 – Cyrus: energy drives commerce & prosperity25:49 – Environmental impact: deforestation & emissions26:30 – LPG cookstoves improve health, time & environment27:32 – Anne shares personal experience & passion28:20 – Upcoming trips & speaking events28:55 – Closing thoughts from Anne & Cyrus30:19 – Show notes & links

Artificial intelligence (AI) is rapidly reshaping the cybersecurity landscape across Ireland. While it's unlocking new efficiencies and accelerating innovation, it's also giving cybercriminals new evasive tools to launch faster and more sophisticated attacks. Across Ireland, organisations are navigating a new era of cyber risk defined by speed, sophistication, and AI. As Dell Technologies continues to work closely with Irish businesses to modernise their digital infrastructure, it's clear that cybersecurity must evolve in tandem, as a strategic enabler of trust and resilience. Threat actors are using AI to enhance ransomware, zero-day vulnerabilities, Distributed Denial of Service (DDoS) all making advanced spear-phishing much harder to identify, outpacing conventional security measures. According to the latest Dell Technologies Innovation Catalyst Study, 84% of Irish organisations view security as a key part of their business strategy, yet many continue to struggle with balancing innovation and security. Almost all respondents (96%) admitted that integrating security into wider business strategies is proving difficult. These figures highlight that organisations must rethink their cybersecurity strategies to adopt proactive, intelligent, and resilient approaches that keep pace with the evolving threat environment. Here are five ways to stay resilient against cyber threats: 1. Adopt zero trust for AI Security As threat actors use AI to scout, steal credentials and adapt attack techniques, traditional perimeter-based defences fall short. That's why more Irish organisations are adopting a Zero Trust model built on the principle of "never trust, always verify" ensuring that every user, device, and application is continuously authenticated, regardless of location. The benefits are clear; the latest Innovation Catalyst Study revealed a 100% increase in confidence levels among Irish organisations that have adopted zero trust principles, underscoring its growing value as a security framework. By implementing zero trust principles, organisations can help reduce risk by continuously verifying every access request and implementing strict authentication processes. Using role-based access controls (RBAC) and network segmentation, organisations can minimise the risk of an attack and reduce the impact radius if an attack occurs. Zero trust is more than a security philosophy. It's a unified and adaptive strategy for identity and access management. Through a zero trust approach, organisations not only reduce their attack surface, but also strengthen their ability to detect, respond to and contain threats. 2. Reduce the attack surface In an environment where AI-powered threat actors are constantly probing for weaknesses, reducing the attack surface is a critical line of defence. Every exposed endpoint, unsecured API, or overlooked supply chain vulnerability represents an opportunity for adversaries to infiltrate systems, deploy malware and exfiltrate sensitive data. To mitigate these risks, Irish organisations should begin with assessing and understanding their attack surface and related vulnerabilities. From there, they should have a layered defence strategy focused on securing entry points and minimising exposure. This includes strengthening authentication, encrypting data, regularly testing for vulnerabilities and actively monitoring endpoints. Keeping systems patched and devices hardened further limits risks. By reducing the attack surface, organisations make themselves a harder target, thereby decreasing the likelihood of an attack. 3. Continuously detect and respond to threats AI-powered attacks are capable of mimicking legitimate behaviour and evading traditional security tools, and organisations need to combine advanced threat detection with rapid response capabilities. Leveraging AI and machine learning, organisations can monitor operational data, detect anomalies, and trigger automated responses in real time. This AI-powered threat...

Send us a textQuantum isn't a distant sci‑fi threat—it's shaping security decisions right now. We open with what NIST's new post‑quantum FIPS 203/204/205 actually mean for your crypto roadmap, why “harvest now, decrypt later” raises the stakes for long‑lived data, and how the 2035 federal mandate will ripple through contractors, audits, and CMMC. Then we get practical, translating policy pressure into the access decisions you make every day and the concepts you'll see on the CISSP exam.We break down mandatory access control (labels, clearance, strict need‑to‑know), discretionary access control (owner grants, permission creep), role‑based access control (job functions, least privilege at scale), attribute‑based access control (context, dynamic conditions), and rule‑based control (fine‑grained logic and exceptions). Along the way, we highlight the keywords that unlock tricky multiple‑choice items—“classification,” “owner,” “job role,” “attributes,” “rules”—so you can map questions to the correct model fast. More importantly, we explain how to combine models without creating chaos: use RBAC for baseline entitlements, layer ABAC for context and risk signals, lean on rule-based policies for surgical exceptions, and reserve MAC for highly classified domains where enforcement must be absolute.If attackers are stockpiling ciphertext for a quantum tomorrow, the answer is a two‑track plan: crypto agility to adopt quantum‑resistant algorithms and disciplined access governance to limit blast radius today. We share actionable cues for exam success, practical design tips for avoiding privilege escalation, and a reminder that good security is repeatable security—clear roles, auditable policies, and continuous review.Subscribe for weekly CISSP prep you can use on the job, share this with a teammate who's wrangling access models, and leave a review to help others find the show. Your support also fuels our charity‑funded training that gives back while you level up.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Send us a textLeadership churn is reshaping security from the top down. We open the door on why CISO tenures are shrinking to 18–26 months and what that says about pressure, culture, compensation, and board-level risk literacy. From startups that stretch leaders thin to enterprises that treat security as a cost center until the breach, we map the real incentives behind the “revolving door”—and share what actually extends tenure: clear mandates, aligned executives, and measurable outcomes.Then we flip to hands-on security with a crisp CISSP Domain 5 deep dive. You'll hear real-world IAM scenarios and how to reason through them: federated identity where users authenticate but can't access apps (hint: attribute-to-role mapping at the service provider), RBAC implementations that quietly violate least privilege, and when mandatory access control beats RBAC or ABAC for classified environments. We also dissect deprovisioning gaps that leave terminated users active in SaaS platforms and outline the operational fixes—source-of-truth integration, event-driven provisioning, and reconciliation from the SaaS side. To cap it off, we tackle a red-team classic: static admin creds in scripts. The modern answer isn't longer passwords; it's just-in-time privilege through PAM and secret vaulting so nothing sensitive sits on disk.If you're a senior technologist eyeing the CISO seat—or a CISO seeking sustainability—you'll get a blueprint for aligning authority, resources, and risk. And if you're prepping for the CISSP exam, these identity and access patterns will sharpen your instincts for both test day and production. Enjoy the conversation, and if it helps, subscribe, share it with a teammate, and leave a quick review so others can find it too.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Send us a textReady to master the critical domain of Identity and Access Management for your CISSP exam? This comprehensive rapid review demystifies Domain 5, which accounts for 13% of all exam questions—knowledge you absolutely cannot skip.Dive deep into the fundamentals as we explore controlling physical and logical access to assets—from information systems to facilities. Discover how properly implemented controls protect your most sensitive data through classification, encryption, and permissions. As one cybersecurity veteran wisely notes, "It's all about the data," and this episode equips you with the frameworks to protect it.The podcast meticulously unpacks identity management implementation, breaking down authentication types, session management, and credential systems. You'll grasp the differences between single-factor and multi-factor authentication and understand why accountability through proper logging and auditing is non-negotiable in today's security landscape.We explore deployment models that fit various organizational needs—from on-premise solutions offering complete control to cloud-based options providing scalability, along with the increasingly popular hybrid approach. The episode clarifies authorization mechanisms including role-based access control (RBAC), rule-based access control, mandatory access controls (MAC), and discretionary access controls (DAC)—essential knowledge for implementing proper security boundaries.Particularly valuable is our breakdown of authentication systems and protocols—OAuth, OpenID Connect, SAML, Kerberos, RADIUS, and TACACS+—demystifying their purposes and applications in real-world scenarios. Whether you're a seasoned security professional or preparing for your certification, this episode delivers the practical knowledge you need.Ready to accelerate your CISSP journey? Visit CISSPcybertraining.com for free resources including podcasts, study plans, and 360 practice questions—plus premium content with over 50 hours of focused training. This episode isn't just exam prep; it's a masterclass in identity and access management principles you'll apply throughout your cybersecurity career.Support the showGain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvThe effective management of digital identities throughout their lifecycle is perhaps the most crucial yet overlooked aspect of organizational cybersecurity. This episode dives deep into CISSP Domain 5.5, offering practical insights on building robust identity and access management (IAM) governance frameworks that protect against insider threats while streamlining compliance efforts.We begin by examining a real-world case study of how one company transformed its third-party risk management using AI-driven consolidation of security alerts, establishing clear accountability through a security champions program. This approach demonstrates how proper governance structures can turn overwhelming data into actionable intelligence.The heart of our discussion centers on the identity lifecycle – from provisioning to deprovisioning and everything between. Learn why automated account creation processes dramatically reduce security risks while improving operational efficiency. We share cautionary tales, including one where improper deprovisioning allowed an ex-employee to deploy a devastating logic bomb costing millions in damages and legal fees.Role-based access control (RBAC) emerges as a critical strategy for maintaining least privilege principles at scale. However, we warn against common pitfalls like overly complex role structures that become unmanageable or so simplified they create security gaps. The episode provides clear guidance on achieving the right balance for organizations of any size.Perhaps most importantly, we expose the hidden dangers of service accounts – those often-forgotten credentials with extensive privileges that rarely change and receive minimal monitoring. These accounts represent prime targets for attackers seeking to escalate privileges, yet many organizations fail to properly secure them.Whether you're studying for the CISSP exam or implementing IAM best practices in your organization, this episode delivers actionable strategies to strengthen your security posture through proper identity lifecycle management. Visit CISSPCyberTraining.com for additional resources to support your cybersecurity journey.Support the showGain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Multi-Tenant-Systeme sind besser Single-Tenant-SystemeMultitenant Architekturen sind oft eine unterschätzte Herausforderung in der Softwareentwicklung. Stell dir vor, du betreibst eine Plattform, die tausende Kunden gleichzeitig sauber, performant und sicher bedienen soll – und ein einziger Fehler könnte im schlimmsten Fall alle Daten gleichzeitig gefährden. Klingt nach einem echten Albtraum? Ist es auch! Und genau deshalb tauchen wir in dieser Episode tief in die Welt von Multitenant-Systemen ein.Mit dabei ist Max Schellhorn, AWS Solutions Architect und Experte für SaaS, Cloud und serverless Architekturen. Gemeinsam diskutieren wir, warum Multitenant-Systeme mehr sind als nur ein WHERE-Klausel im SQ-StatementL, wie du echte Daten- und Sicherheitsisolation erreichst, welche Cloud-nativen Mechanismen relevant sind und wie cell-basierte Architekturen im Praxiseinsatz funktionieren.Wir klären was ein klassisches Single-Tenant-Setup ist wann moderne Cell- und Shuffle-Sharding-Konzepte zum Einsatz kommen sollten, räumen mit Mythen auf und liefern handfeste Tipps, wie du als Developer, Cloud Engineer oder CTO dein System flexibel, resilient und kostenoptimiert skalierst – ohne dabei den Fokus auf Security, Margen und Ops zu verlieren. Am Ende weißt du, wie sich Multitenancy modelliert, was wirklich zählt und warum „Multitenant ist das bessere Single Tenant“ mehr als ein Tech-Buzzword ist.Bonus: Im Outro gibt's den vermutlich schlechtesten Gemini-Witz zu Multitenancy.Unsere aktuellen Werbepartner findest du auf https://engineeringkiosk.dev/partnersDas schnelle Feedback zur Episode:

Погружаемся в мир GitOps и ArgoCD вместе с Александром Матюшенцевым — соавтором Argo и лидом проекта ArgoCD. Узнаем, как родился один из самых популярных инструментов для Kubernetes, зачем он нужен в 2025 году и когда его лучше не использовать. Разберём архитектуру, обсудим подводные камни, реальные кейсы и будущее GitOps. ССЫЛКИ

Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM

In this episode of Tech Talks Daily, I'm joined by Glen Shok, VP of Product Marketing at Panzura, for a detailed look into how the company is rethinking hybrid cloud storage with the release of CloudFS 8.5 Adapt. CloudFS 8.5 isn't just another update. Built in direct response to customer feedback, it introduces powerful new features like Instant Node and Regional Store that redefine performance, availability, and business continuity. Instant Node allows failed systems to be replaced or migrated in under five minutes.  Regional Store brings high-speed data access closer to end users around the world while reducing latency and cloud egress costs. As Glen explains, the latest release meets the growing demand for flexibility in the face of geopolitical uncertainty, rising cloud costs, and evolving IT infrastructure. Panzura is helping organizations maintain uptime, protect data, and adapt quickly, whether moving away from VMware or modernizing a global IT footprint. CloudFS 8.5 Adapt enables this without forcing customers to compromise on control, performance, or security. We also explore how Panzura's vision for autonomic data infrastructure is becoming a reality. With every CloudFS node sharing full configuration metadata, new nodes can spin up almost instantly. AI plays a central role here too. Through Panzura Data Services, AI tracks behavioral anomalies to detect early signs of data exfiltration, ransomware, or internal threats. This provides not just alerts, but the ability to interdict and isolate risky behavior in real time. Looking ahead, Glen shares how Panzura is preparing to support AI workloads directly where unstructured data lives. Instead of migrating terabytes to external platforms, organizations can train language models in place, reducing cost and complexity. With features like enhanced RBAC, native Entra ID support, and a virtual data lake model on the horizon, Panzura is clearly positioning itself at the intersection of enterprise storage and AI innovation. If you work in cloud infrastructure, cybersecurity, data governance, or AI deployment, this episode offers practical insights into the challenges IT teams face today and the technologies that are solving them.