POPULARITY
Happy new year everyone! There was a short break for Christmas + New Years the past two weeks, but this week I'm back with a fabulous episode with Wei Lien Dang, General Partner at Unusual Ventures and formerly co-founder of StackRox. I recorded this episode on-site at KubeCon Salt Lake City back in November 2024. This episode is particularly fabulous because Wei was willing to give some founder real talk. This is easier once you've sold your company, and especially easier when the ‘outcome' of your company's trajectory looks like an unmitigated success. And that is precisely why you hear so few founders willing and able to be honest about what the company's trajectory really looked like — and all the times when things did not look like a chart going up and to the right. Wei has also written an open source field guide, which is absolutely worth reading and is available here. We talked a lot about product-market fit, how hard it is to find and how important it is. From the risks from just going to your network for feedback to the difference between general, high-level feedback and a very specific idea of how and why your product is used, Wei talked about both recognizing that you have a product-market fit problem and how to fix it. We also talked about empathy as a founder, recovering from building the wrong product, and managing the hearts and minds of your team. Are you struggling with product-market fit, or feel like you have project-market fit but can't translate it into commercial success? You might want to work with me, and / or come to Open Source Founders Summit to chat with other open source founders.
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
Material Security is an email security company that protects an organization's users and data particularly across Microsoft 365 and Google Workspace. Last valued at $1.1B, Material has over 100 enterprise customers, including Doordash, Lyft, and Fox. In this episode, Sandhya Hegde and Wei Lien Dang chat with Abhishek Agrawal, CEO and co-founder of Material Security. Join us as we discuss: 00:00 Preview: Seeking validation for a B2B product 1:36 Founding Material Security 5:31 Identifying the Gap in Existing Solutions 10:00 Validating the Thesis 12:41 Product Vision and Initial MVP 19:56 Go-to-Market Strategy for the First Million in ARR 25:40 Product Vision and Impact of AI 31:50 Advice for Founders Starting Companies in 2024 Sandhya Hegde is a General Partner at Unusual Ventures, leading investments in modern SaaS companies with a focus on AI. Previously an early executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. She can be reached at sandhya@unusual.vc. Wei Lien Dang is a General Partner at Unusual Ventures and leads investments in infrastructure software, security, and developer tool. Wei was a co-founder of Stackrox, a cloud-native security company prior to its acquisition by Red Hat. He can be reached at wei@unusual.vc Abhishek Agrawal is the co-founder and CEO of Material Security Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood, and Harness. Learn more about us at https://www.unusual.vc/.
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
Domino Data Lab was founded in 2013 and was one of the early innovators in the space known as MLOps. It delivers a unified platform for enterprises to build, deploy, and manage machine learning workloads and provides access to data, tools, compute, models across any environment. Domino enables ML and data teams to collaborate, ensure governance, and reduce costs at scale. In this episode, Wei Lien Dang chats with Chris Yang, co-founder and CTO of Domino Data. Join us as we discuss: 00:00 Introduction to Domino Data Lab 02:04 The Origin Story of Domino Data Lab 06:58 Balancing Authenticity and Customer Feedback 10:52 Open Communication and Collaboration Among Co-founders 14:24 The Importance of Engaging with Users 16:19 Building the First Feature: Enabling Compute Workloads in the Cloud 22:42 Discovering Unexpected Use Cases and Features 33:20 The Importance of Choosing a Target Market 35:44 The Evolution of MLOps and the Current AI Wave Sandhya Hegde is a General Partner at Unusual Ventures, leading investments in modern SaaS companies with a focus on AI. Previously an early executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. She can be reached at sandhya@unusual.vc. Wei Lien Dang is a General Partner at Unusual Ventures and leads investments in infrastructure software, security, and developer tool. Wei was a co-founder of StackRox, a cloud-native security company prior to its acquisition by Red Hat. He can be reached at wei@unusual.vc. Chris Yang is the co-founder and CTO of Domino Data. Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood, and Harness. Learn more about us at https://www.unusual.vc/.
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
In this episode, Sandhya Hegde and Wei Lien Dang chat about everything that happened in the world of AI Startups in 2023. 2023 was very much an Act 2 for Generative AI as GPT became a household name. We had a long Act 1 during Covid ending with some incredible launches in the second half of 2022 including Stable Diffusion and of course ChatGPT. We take a closer look at what the pivotal moments have been this year and more importantly what they mean for the startups ecosystem. Join us as we discuss: 00:00 Preview: Strategy to defeat incumbent software companies 3:39 January 2023 — ChatGPT's Success and Consumer Adoption 7:16 February 2023 — Controversies and Legal Issues 12:09 March 2023 — GPT-4 Launch and Multimodal AI 16:04 April and May 2023 — Large infrastructure providers' AI strategy 20:04 June 2023 — GPU Shortage and Infrastructure Challenges 22:41 July and August 2023 — Fine-Tuning and New Modalities 29:46 September 2023 — Governance and Safety Concerns 32:06 October 2023 — Revenue Generation and Open Source 33:18 November 2023 — OpenAI Leadership Changes 37:17 December 2023 — Google's Gemini and Future Predictions Sandhya Hegde is a General Partner at Unusual Ventures, leading investments in modern SaaS companies with a focus on AI. Previously an early executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. Wei Lien Dang is a General Partner at Unusual Ventures and leads investments in infrastructure software, security, and developer tool. Wei was a co-founder of StackRox, a cloud-native security company prior to its acquisition by Red Hat. Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood, and Harness. Learn more about us at https://www.unusual.vc/. Further reading from Unusual Ventures: Whose responsibility is responsible AI? How do you navigate AI security in an evolving landscape? Autonomous AI agents could change the world, but what do they actually do well?
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
MosaicML is the developer of open source infrastructure for training LLMs. The company was acquired by Databricks for $1.3 billion in July 2023. and has gone from 0 to over $30M in revenue this year in just 6 months. In this episode, Sandhya Hegde and Wei Lien Dang chat with Naveen Rao, co-founder of MosaicML and now the head of Generative AI at Databricks Join us as we discuss: 00:00 Preview: Future of foundation model companies 2:16 How Naveen's previous experiences led to MosaicML 7:29 The core insight behind the founding of MosaicML 9:52 MosaicML's approach to building an end-to-end platform 12:09 Why MosaicML focused on open models and LLMs 14:25 Why most foundation model companies will fail 15:52 How MosaicML found early adopters 18:14 Early use cases for MosaicML's product 21:27 Impact of early feedback on MosaicML's product roadmap 25:21 Why Naveen decided to move ahead with the Databricks acquisition 31:44 How Naveen sees the AI ecosystem evolving 34:08 Regulation of AI and the importance of open source 41:15 Advice for founding building AI infrastructure Sandhya Hegde is a General Partner at Unusual Ventures, leading investments in modern SaaS companies with a focus on AI. Previously an early executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. Wei Lien Dang is a General Partner at Unusual Ventures and leads investments in infrastructure software, security, and developer tool. Wei was a co-founder of StackRox, a cloud-native security company prior to its acquisition by Red Hat. Naveen Rao is the co-founder of MosaicML (now a Databricks company) and currently the head of Generative AI at Databricks Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood, and Harness. Learn more about us at https://www.unusual.vc/. Further reading from Unusual Ventures: Starting an open source company Open source customer development
Get 50 Free Lessons From 50 Top Entrepreneurs From Season 1: https://www.ehandbook.com/subscribeEach week, we interview real experts about topics you need to know about.Today we have Wei Lien Dang, who is a General Partner at Unusual Ventures and before that was an exited cofounder at StackRox which got acquired by RedHat.We're covering How To Scale An Open Source Startup - And Should You?Our Website: https://www.ehandbook.comUnusual Ventures: https://www.unusual.vc/Wei Lien Dang: https://www.linkedin.com/in/weiliendang/
This week's guest is Shashank Tiwari, a seasoned engineer and product leader who started with algorithmic systems of Wall Street before becoming Co-founder & CEO of Uno.ai, a pathbreaking autonomous security company. He started with algorithmic systems on Wall Street and then transitioned to building Silicon Valley startups, including previous stints at Nutanix, Elementum, Medallia, & StackRox. In this conversation, we discuss ML/AI, large language models (LLMs), temporal knowledge graphs, causal discovery inference models, and the Generative AI design & architectural choices that affect privacy. Topics Covered:Shashank describes his origin story, how he became interested in security, privacy, & AI while working on Wall Street; & what motivated him to found UnoThe benefits to using "temporal knowledge graphs," and how knowledge graphs are used with LLMs to create a "causal discovery inference model" to prevent privacy problemsThe explosive growth of Generative AI, it's impact on the privacy and confidentiality of sensitive and personal data, & why a rushed approach could result in mistakes and societal harm Architectural privacy and security considerations for: 1) leveraging Generative AI, and those to avoid certain mechanisms at all costs; 2) verifying, assuring, & testing against "trustful data" rather than "derived data;" and 3) thwarting common Generative AI attack vectorsShashank's predictions for Enterprise adoption of Generative AI over the next several yearsShashank's thoughts on proposed and future AI-related legislation may affect the Generative AI market overall and Enterprise adoption more specificallyShashank's thoughts on the development of AI standards across tech stacksResources Mentioned:Check out episode S2E29: Synthetic Data in AI: Challenges, Techniques & Use Cases with Andrew Clark and Sid Mangalik (Monitaur.ai)Guest Info:Connect with Shashank on LinkedInLearn more about Uno.ai Privado.ai Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.Shifting Privacy Left Media Where privacy engineers gather, share, & learnDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Copyright © 2022 - 2024 Principled LLC. All rights reserved.
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
Open source AI models have become key drivers of innovation and collaboration. An increasing number of developers and end users are leveraging open source technologies. There is immense potential in the long-term impact of open source AI. In this episode, we are releasing a conversation on the future of open source AI between Wei Lien Dang (Unusual Ventures), and Reynold Xin (Databricks) and Vipul Ved Prakash (Together). Join us as we discuss:3:16: The rise of open source LLMs and foundation models 7:23 Building open source AI platforms to serve customers 10:35 Why Together and Databricks decided to build with open source 13:33 LLMs and the need for standardization 21:09 The role of academia in AI research and innovation 26:57 Innovations in training data 30:55 Making the decision to choose open source models 36:52 Growing Accessibility of Machine Learning with LLMs 40:31 How the open source ecosystem will evolve in the future 47:18 Best practices for parameterizing LLMs over timeWei Lien Dang is a General Partner at Unusual Ventures and leads investments in infrastructure software, security, and developer tool. Wei was a co-founder of StackRox, a cloud-native security company prior to its acquisition by Red Hat. He can be reached at wei@unusual.vc and Twitter LinkedIn Vipul Ved Prakash is the co-founder and CEO of Together. He was also the founder of Topsy and Cloudmark. Reynold Xin is the co-founder of Databricks. Last valued at $43B, Databricks has been a juggernaut data infrastructure business built on Apache Spark analytics engine. They recently launched multiple AI products including Lakehouse AI and their own open source LLM — Dolly. Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood, and Harness. Learn more about us at https://www.unusual.vc/.Further reading from Unusual Ventures: Why the future of AI-native infrastructure will be open How good is your LLM? Nobody know yet What AI builders should know about data protection and privacy
Ali Golshan is the cofounder and CEO of Gretel AI, a synthetic data platform for ML developers. They have raised $65M in funding so far from investors such as Greylock and Anthos. He was previously the cofounder of StackRox, which was acquired by Red Hat for about $450M. Prior to that, he was the cofounder of Cyphort, which was acquired by Juniper Networks. In this episode, we cover a range of topics including: - The need for synthetic data - Techniques to generate synthetic data - How can AI enhance the synthetic data generation process - Computational irreducibility - Differential privacy - Measuring the performance of the engine that generates synthetic data Ali's favorite books: - The Order of Time (Author: Carlo Rovelli) - The Coddling of the American Mind (Authors: Greg Lukianoff and Jonathan Haidt) --------Where to find Prateek Joshi: Newsletter: https://prateekjoshi.substack.com Website: https://prateekj.com LinkedIn: https://www.linkedin.com/in/prateek-joshi-91047b19 Twitter: https://twitter.com/prateekvjoshi
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
Sysdig is a cloud native application protection platform that helps stop cloud and container security attacks. In this episode, Sysdig's founder and CTO, Loris Degioanni chats with Wei Lien Dang about why he founded Sysdig and how he leveraged the power of open source for growth and industry disruption. Join us as we discuss: (1:39) How Loris leveraged market and tech stack changes to build Sysdig (7:46) Sysdig's journey as an early pioneer in containerization technology (12:16) Sysdig's pivot from monitoring to cybersecurity (17:48) The power of open source in building Sysdig (21:48) The nuances and commitment necessary for a successful open source project: (28:33) Finding product-market fit in an open source context (30:42) The role of an open-source project as a brand, marketing tool, and source of lead generation (31:45) Balancing community involvement and establishing a solid business model (33:34) Commercializing an open source project (37:32) Advice for founders building open source companies Sandhya Hegde is a General Partner at Unusual Ventures, leading investments in modern SaaS companies with a focus on AI. Previously an early executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. She can be reached at sandhya@unusual.vc and Twitter LinkedIn Wei Lien Dang is a General Partner at Unusual Ventures and leads investments in infrastructure software, security, and developer tools. Wei was a co-founder of StackRox, a cloud-native security company prior to its acquisition by Red Hat. He can be reached at wei@unusual.vc and Twitter Linkedin Loris Degioanni is the founder and CTO of Sysdig. Prior to founding Sysdig, Loris co-created Wireshark, an open source network analyzer. Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood, and Harness. Learn more about us at https://www.unusual.vc/. Further reading from the Startup Field Guide: Starting an open source company Developing open-source software customers Building GTM for an open source company
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
Gretel is a synthetic data platform that allows developers to generate artificial data sets with the same characteristics as real data so they can test AI models without compromising sensitive customer information or privacy. Gretel has a community of over 75,000 developers working with accurate, synthetic data. In this episode, Sandhya Hegde and Weil Lien Dang chat with Ali Golshan, CEO and co-founder of Gretel about the company's path to product-market fit. Join us as we discuss: (1:48) Ali's background in US Intelligence and how it shaped his approach as a founder (3:17) The founding insight that led to the creation of Gretel (6:35) Ali and his co-founders' “why now” for building a privacy engineering product (8:15) Why Gretel decided to focus on developers (10:47) How Ali and his co-founders narrowed in on early use cases (15:55) The industries where Gretel found early adopters (20:20) How Gretel anticipated and adapted to increasingly popular AI models (27:24) Why Gretel decided to create a multimodal platform for synthetic data (29:18) The reasoning behind building Gretel GPT (31:48) How Gretel's co-founders work together to adapt to the changing tech landscape (38:05) What Ali sees as the key drivers for adoption within traditional enterprise companies (40:19) Why they built their ICP around the developer cloud stack (45:45) Advice for early-stage founders currently building in AI Sandhya Hegde is a General Partner at Unusual Ventures, leading investments in modern SaaS companies with a focus on AI. Previously an early executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. She can be reached at sandhya@unusual.vc and Twitter LinkedIn Wei Lien Dang is a General Partner at Unusual Ventures and leads investments in infrastructure software, security, and developer tool. Wei was a co-founder of StackRox, a cloud-native security company prior to its acquisition by Red Hat. He can be reached at wei@unusual.vc and Twitter Linkedin Ali Golshan is the CEO and co-founder of Gretel. Prior to Gretel, Ali was the Co-founder and CTO at StackRox (acquired by Red Hat), and previously the Founder & CTO of Cyphort (acquired by Juniper Networks). Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood, and Harness. Learn more about us at https://www.unusual.vc/.Further reading from the Startup Field Guide: Defining your ICP Finding early adopters Finding co-founders
An airhacks.fm conversation with James Falkner (@schtool) about: TRS 80, TI-99/4A, enjoying assembly, starting at Solaris QA department, switching to Java Enterprise System (JES) group, working at liferay, starting at RedHat, becoming a Technical Product Marketing Manager at Red Hat, the ideal Java stack at RedHat, RHEL, ansible, quarkus, Watson X, ChatGPT is like an Autopilot in a car, Event-Driven Ansible, keycloak, prometheus, PostgreSQL, strimzi, Open Cluster Management, securing openshift clusters with StackRox, jenkins vs. ansible, OpenShift Pipelines with tekton, JBoss EAP on Azure, JBoss EAP on Azure App Service, business metrics on Azure, software updates on Azure App Service James Falkner on twitter: @schtool
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
Vercel is an open-source platform that helps front-end developers build and ship dynamic web applications leveraging Jamstack (https://jamstack.org/). Last valued at $2.5B, Vercel was founded in 2015 by CEO Guillermo Rauch and now serves over 30,000 companies. In this episode, guest host Wei Lien Dang (General Partner at Unusual Ventures) interviews Vercel CEO and Founder Guillermo Rauch about their path to product-market fit. Join us as we cover: (1:24) How Guillermo came up with idea for creating Vercel (7:31) How Guillermo identified the opportunity for dynamic front-end development by analyzing gaps within the existing technology and infrastructure (12:43) Why he decided to pursue the open source path for Vercel (17:16) How Vercel drove adoption and built an early enthusiastic user base (24:25) The use cases and aha! moments for early adopters using Vercel (30:18) How Vercel built a go-to-market strategy aimed at developers (33:31) Vercel's content marketing strategy for developers which includes details about how their technology works (34:56) Guillermo's perspective on the current open source ecosystem and market (36:45) How to build a commercially viable business using open source technologies Sandhya Hegde is a General Partner at Unusual Ventures, leading investments in modern SaaS companies with a focus on AI. Previously an early executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. She can be reached at sandhya@unusual.vc and Twitter: https://twitter.com/sandhya LinkedIn: https://www.linkedin.com/in/sandhyahegde/ Wei Lien Dang is a General Partner at Unusual Ventures, leading investments in open source software, developer tools and cybersecurity. Previously the co-founder of Stackrox, Wei can be reached at wei@unusual.vc and Twitter: https://twitter.com/weiliendang LinkedIn: https://www.linkedin.com/in/weiliendang/ Guillermo Rauch is the CEO and founder of Vercel. He was the CTO and co-founder of LearnBoost and Cloudup, acquired by Automattic in 2013. He's the creator of several popular Node.JS open-source libraries like socket.io, mongoose and slackin. Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building the next generation of software companies. Unusual has invested in category-defining companies like Webflow, Arctic Wolf Networks, Carta, Robinhood and Harness. Learn more about us at https://www.unusual.vc/. Further reading from the Startup Field Guide: Starting an open-source company: https://www.field-guide.unusual.vc/field-guide-enterprise/start-an-open-source-software-company Developing open-source customers: https://www.field-guide.unusual.vc/field-guide-enterprise/developing-open-source-customers Building open-source GTM: https://www.field-guide.unusual.vc/field-guide-enterprise/open-source-gtm
Jan en Ronald blikken terug op een geweldig Kubernetes Community Event. Ze bespreken de keynotes die ze hebben gezien en de leuke bedrijven die aanwezig waren op de beursvloer.Interview met Joran Bergfeld van Redhat:Joran is Solutions Architect bij Redhat en vertelt over zijn keynote met als onderwerp StackRox, een security platform voor Kubernetes. Daarnaast vertelt hij hoe Redhat nauw samenwerkt met de community, OpenShift, MicroShift, de toekomst van Kubernetes en wat zijn leukste project met Kubernetes is.Rebranded Stackrox:Red Hat Advanced Cluster Security for Kubernetes
Startup Field Guide by Unusual Ventures: The Product Market Fit Podcast
StackRox is a security startup born in 2015. After many initial setbacks, StackRox went on to become a leader in container security, riding the Kubernetes wave and helping cloud-native companies secure their software. Wei Lien Dang joins us today to discuss how StackRox found product-market fit. Wei Lien Dang is a General Partner at Unusual Ventures. Before joining the venture capital firm, Wei was the Co-Founder of StackRox. StackRox became one of the first startups in the container security world to offer a Kubernetes-native solution and in 2021, was acquired by Red Hat. Join us as we discuss: What drew Wei to StackRox and his transition from being a product executive to a founder? StackRox's product-market fit journey and the indicators that they had found product-market fit after their pivot. How did StackRox define its product strategy? How StackRox leveraged open source as a critical part of its go-to-market strategy and Wei's advice for founders going open source. About Unusual Ventures — Unusual Ventures is a seed-stage venture capital firm designed from the ground up to give a distinct advantage to founders building infrastructure software and application-level companies. Unusual was founded in 2018 with the mission to reinvent the venture capital engagement model by serving entrepreneurs with an unprecedented level of hands-on services. Described as a partner versus a top-down stakeholder by its portfolio companies, Unusual is laser-focused on serving exceptional founders and teams building innovative products. With offices in Menlo Park, San Francisco, and Boston, Unusual has invested in category-defining companies like Arctic Wolf Networks, Carta, Robinhood, Harness, and Vivun. About Sandhya Hegde — Sandhya is a General Partner at Unusual Ventures, leading investments in enterprise SaaS companies. Previously an early employee and executive at Amplitude, Sandhya is a product-led growth (PLG) coach and mentor. She can be reached at sandhya@unusual.vc and on Twitter (https://twitter.com/sandhya) and LinkedIn (https://www.linkedin.com/in/sandhyahegde/).
In this episode, Ryan and Bhavin talk about Kubecon + CloudNativeCon Europe 2022 and discuss all the vendor announcements from the past couple of weeks. Kubecon Europe had close to 7500 attendees and shows a continuous increase in the adoption of containers and Kubernetes. Below, you can find links to the things discussed during the podcast: The State of Cloud-Native Development Report - Q3 2021 (came out in May 2022): https://www.cncf.io/wp-content/uploads/2022/05/Q3-2021-State-of-Cloud-Native-development_FINAL.pdf Akuity raises $20M Series A to take Argo project next level: https://siliconangle.com/2022/05/16/kubernetes-startup-akuity-raises-20m-take-argo-project-next-level/ Teleport raises $110M series C to $1.1B evaluation: https://goteleport.com/blog/series-c/ Snapt launches Nova - https://aithority.com/it-and-devops/cloud/snapt-announces-the-one-security-package-to-run-kubernetes-in-public-cloud/ Kasten K10 - v5: https://www.storagereview.com/news/kasten-k10-v5-0-offers-enhanced-kubernetes-security-and-more Datadog https://containerjournal.com/news/news-releases/datadog-enhances-monitoring-and-security-for-kubernetes/ Sysdig launches Sysdig Advisor: https://containerjournal.com/kubecon-cnc-eu-2022/sysdig-introduces-sysdig-advisor-to-drastically-simplify-kubernetes-troubleshooting/ Red Hat open sources StackRox: https://techcrunch.com/2022/05/17/red-hat-open-sources-stackrox-the-kubernetes-security-platform-it-acquired-last-year Portworx - PDS and BaaS - https://portworx.com/blog/announcing-general-availability-of-portworx-data-services/ https://portworx.com/blog/fast-and-simple-data-protection-with-portworx-backup-as-a-service/ Datacore launches Bolt - based on OpenEBS after Mayadata acquisition - https://blocksandfiles.com/2022/05/18/datacore-bolt-kubernetes/ Kubecost - 1 click Request Sizing to Automatically Optimize Kubernetes Clusters and Eliminate Wasted Spend - https://www.yahoo.com/now/kubecost-launches-1-click-request-060000724.html SUSE open sources NeuVector container security platform - https://containerjournal.com/features/suse-integrates-container-security-platform-with-rancher/ Lacework - https://containerjournal.com/features/lacework-dives-deeper-into-kubernetes-security/ NetApp Astra Data Store - https://blocksandfiles.com/2022/05/25/netapp-per-ardua-ad-as
Last January, Red Hat announced that it was acquiring Kubernetes security startup StackRox, a company that had raised over $65 million since it was founded in 2014.
Bruno Andrade is founder and CEO of Shipa, delivering applications and policy “as code” to Kubernetes with a SaaS model. We discuss founding companies in Canada vs the USA, abstractions for deploying apps, and whether Kubernetes will really ever disappear. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Jimmy Fallon and Jimmy Kimmel One show The other show One behind-the-scenes video Another one Ron Gilbert does not like April Fools Just kidding: Return to Monkey Island “If I ever get to make another Monkey Island, I’m going to announce it on April 1st.” News of the week Grafana Mimir FAQ/Interview with the CEO Hacker News discussion Can Grafana run Doom? Open source StackRox is now available GitHub link Dagger Public launch announcement Series A finance round CUE Fermyon introduces Spin Episode 102, with Matt Butcher Google Distributed Cloud Edge IstioCon 2022 program announced PlatformCon 2022 Chainguard: It’s all about that base image by John Speed Meyers and Zack Newman Docker raises $105m Series C TechCrunch coverage Garden.io raises $16m Series A VentureBeat coverage The Ever Forward container ship is still not going forward Links from the interview Shipa IBM WebSphere and WebSphere Application Server Juniper acquires HTBASE Shipa launch press release Ketch Why Kubernetes Will Disappear The English way Bernese mountain dog Application CRD Application API for Kubernetes Sidecar containers Bruno Andrade on Twitter
This week on Cloud Native Startup, I talked with Wei Dang, founder of cloud native security company StackRox which was acquired by RedHat in 2020. Highlights: How Wei met his co-founder and how the two of them saw the need for new types of security tools. Why talking to people throughout the Kubernetes ecosystem led to a series of a realizations that security in a cloud native world was going to me an increasingly important part of the conversations as more people adopted Kubernetes. Where the name StackRox came from. How even understanding if there was a market for a container security product. The moments wondering ‘are we building the right product' was the scary. Why it's important to focus at the beginning. How StackRox evolved from container security to Kubernetes security as the broader conversation shifted and the industry consolidated around Kubernetes. The moment Wei felt like there was product-market fit for StackRox. How Wei would define Kubernetes Security. The ways in which starting and growing a company forced Wei to learn new skills and gain knowledge. Why community is so important for companies in the Kubernetes ecosystem. How things have changed — and how they haven't — since becoming part of Red Hat. Linkshttps://twitter.com/weiliendanghttps://www.linkedin.com/in/weiliendang/
Kamal was the CEO of StackRox, recently acquired by RedHat, where he now runs the Cloud platforms. Before StackRox, Kamal ran products and marketing at Skyhigh Networks.Kamal’s got the golden touch; a unique combination of product & marketing skills that’s helped him build category-leading products. In this episode, we discuss category creation, transitioning from an operator role to a CEO, and the future of cloud and container security.
A small army of community volunteers is necessary to host a KubeCon, but behind them is a professional events team. Colleen Mickey is Director of Event Services at the Linux Foundation and is responsible for KubeCon + CloudNativeCon, as well as other events like Hyperledger Global Forum and cdCon. She talks to us about hosting, feeding and watering 10,000 people, as well as the change to virtual events. We also bring the round-up of the KubeCon news, including our famous Lightning Round. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 29, with Janet Kuo Looking back at KubeCon Shanghai 2018 News of the week New Relic and Pixie Labs blogs on Pixie being open sourced New Relic joins CNCF as a Platinum Member Red Hat launches the Stackrox community at stackrox.io OpenShift GitOps and OpenShift Pipelines Snyk’s State of Cloud Native Application Security report announcement and results OCI Distribution Specification reaches 1.0 Prometheus to launch conformance program New CNCF sandbox projects: Vineyard, an in-memory immutable data manager WasmEdge Runtime, a WebAssembly Virtual Machine for cloud, AI, and blockchain applications ChaosBlade, an open-source version of Alibaba’s chaos tools Fluid, a data and storage abstraction for AI and cloud-native applications Submariner, a cross-cluster overlay of overlay networks Antrea, a Kubernetes CNI plugin Episode 128, with Antonin Bas CNCF Edge survey results and free Kubernetes on Edge Training Episode 116, with Alex Ellis Inclusive Naming Initiative receives Honorable Mention at Fast Company’s 2021 World Changing Ideas Awards ‘Master,’ ‘Slave’ and the Fight Over Offensive Terms in Computing by Kate Conger of the New York Times Episode 130, with Stephen Augustus Spotify wins CNCF Top End User Award Episode 50, with David Xia Episode 136, with Lee Mills and Matt Clarke. Lightning round Accuknox secured $4.6m in seed funding Accurics announced Terrascan integrates with Argo CD Ambassador introduced a Developer Control Plane Armory introduced mini-Spinnaker installation Minnaker, built on k3s Arrikto announced MiniKF 1.3 and Eenterprise Kubeflow for Azure Avesha launched Smart Application Cloud Framework Bridgecrew published security trends from analyzing Helm charts CAST AI announced Amazon EKS cost optimizer Civo launched K3s-as-a service to early adopters Cloudical introduced version 1.8 of VanillaStack DataStax announced that k8ssandra supports all distributions Dynatrace added the ability to ingest OpenTelemetry traces HAProxy launched version 1.6 Kubernetes ingress controller Kasten added ransomware protection with v4.0 of K10 Kubermatic Kubernetes Platform 2.17 Kubernative says that KubeOps is now a full-fledged Managed Kubernetes Framework Netdata has added Kubernetes monitoring features to their Cloud service Nirmata announced Nirmata Policy Manager, based on Kyverno OpenNebula released a new K3s Virtual Appliance for running Edge Clouds Portainer raised $6M in a Series A round to Accelerate their global expansion Portworx pre-announced PX-Backup 2.0 with support for external auth services Rancher launched a new Rancher Desktop tool in Alpha for Windows and Mac Rafay launched new features to its Kubernetes Management Cloud Splunk announced their Observability Cloud is Generally Available StackPulse announced a Kubernetes-centric operations center StorageOS version 2.4 brings encryption at rest and rapid application recovery StormForge introduced automatic scanning of in-cluster resources StreamNative open sourced Function Mesh for running Apache Pulsar functions Sysdig added runtime detection and response for AWS Fargate Tigera released Calico Enterprise 3.5 with Dynamic Service Graph and eBPF data plane Timescale raised $40m Series B for Postgres-based TSDB and Prometheus cloud Trilio announced Kubernetes Backup Monitoring for Velero users Vitess launched version 10, with support for the Ruby on Rails framework Wanclouds launched multi-cloud Disaster Recovery as a Service Weaveworks launched Weave Kubernetes Platform 2.5 with multi cluster observability platform Zebrium now automatically perform Root Cause Analysis with integration into Opsgenie Links from the interview The first KubeCon in 2015 KubeCon donated to the CNCF CNCF presents CloudNativeCon and hosts future KubeCon events (2016) Dreamforce brings in cruise ships KubeCon NA 2017 in Austin, TX Linux Foundation Climate Finance Foundation Diamond sponsor lottery Diversity and inclusion at KubeCon EU Sponsorship open for KubeCon NA 2021 Event platforms: Intrado MeetingPlay KubeCon + CloudNativeCon Europe 2021 KubeCon + CloudNativeCon North America 2021 GopherCon EU 2018 in Iceland Colleen Mickey on LinkedIn
We have the pleasure to have Steve Giguere and Michael Foster, the hosts from Clust3rF8ck, to share with us their experience cramming in all the relevant materials to take both the CKA (Kubernetes Administrator) and CKS (Kubernetes Security Specialist) examshttps://www.twitch.tv/clust3rf8ckhttps://www.cncf.io/certification/cka/https://www.cncf.io/certification/cks/Speakers Bio:Steve Giguere is a dedicated DevSecOps community champion, securing cloud native applications. In addition to Clust3rF8ck, he has a podcast called CoSeCast and represents the UK at playing Ultimate Frisbee.https://www.linkedin.com/in/stevegiguere/https://twitter.com/_SteveGiguere_Michael Foster is a Cloud Native Advocate at StackRox, a Kubernetes native security application. Michael's consulting background instilled the importance of selecting the right tool for the job and creating healthy communities for growth. His work allows him to review, discuss, and contribute to the CNCF ecosystem through various media forms.As a co-organizer of the Kubernetes & Cloud Native Security Meetups, Michael enjoys helping people become more security-focused during their Cloud native journey.https://www.linkedin.com/in/mfosterche/https://twitter.com/IdealUsrname
# Podcast S02-E01: Up and runnning... Amazon se esta pasando? - Conducido por @_marKox, @domix ## Revisión de las noticias - [Amazon: NOT OK - why we had to change Elastic licensing](https://www.elastic.co/blog/why-license-change-AWS) - [Certified Kubernetes Security Specialist (CKS)](https://www.cncf.io/certification/cks/) - [Kubernetes Security Essentials Course Now Available](https://www.cncf.io/blog/2021/01/08/kubernetes-security-essentials-course-now-available/) - [Enroll in CKS Prep Skool by StackRox](https://security.stackrox.com/CKS.html) - [AWS re:Invent 2020 – Top Announcements](https://aws.amazon.com/blogs/aws/aws-reinvent-announcements-2020/) - [Announcing HashiCorp Waypoint 0.2.0](https://www.hashicorp.com/blog/announcing-hashicorp-waypoint-0-2-0) - [Announcing HashiCorp Boundary](https://www.hashicorp.com/blog/hashicorp-boundary) - [Announcing CDK for Terraform 0.1](https://www.hashicorp.com/blog/announcing-cdk-for-terraform-0-1) - [Shifting Modes: Creating a Program to Support Sustained Resilience](https://www.infoq.com/articles/series-enhancing-resilience-2/) - [97 things every SRE should know - Part 01](https://www.unixdaemon.net/sysadmin/97-things-every-sre-01/) ## Referencias y Recursos - [Cloud Native Computing Foundation (CNCF) annual report for 2020](https://www.cncf.io/wp-content/uploads/2021/01/CNCF-Annual-Report-2020.pdf) ## Repos chingones de código - [kube-linter](https://github.com/stackrox/kube-linter) ### Créditos de música Music by Scott Buckley – www.scottbuckley.com.au
This week, Beyond Security partners with Vicarius, Amazon’s Parler removal and what it means for Cloud onfidence, Kount sold to Equifax, McAfee vs Crowdstrike, JumpCloud raises some funds, Red Hat acquires StackRox, and SolarWinds warnings of weak security and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw213
This week, Beyond Security partners with Vicarius, Amazon’s Parler removal and what it means for Cloud onfidence, Kount sold to Equifax, McAfee vs Crowdstrike, JumpCloud raises some funds, Red Hat acquires StackRox, and SolarWinds warnings of weak security and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw213
All links and images for this episode can be found on CISO Series https://cisoseries.com/our-hope-it-doesnt-happen-to-me-security-strategy/ We're thinking it just might be possible to wish our security problems away. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our sponsored guest this week is Steve Giguere, (@_SteveGiguere_) director of solution architecture and community, StackRox. Thanks to this week’s podcast sponsor, Stackrox StackRox is the industry’s first Kubernetes-native security platform that enables organizations to securely build, deploy, and run cloud-native applications anywhere. The StackRox Kubernetes Security Platform delivers lower operational cost, reduced operational risk, and greater developer productivity through a Kubernetes-native approach that supports built-in security across the entire software development lifecycle. On this week's episode That’s something I would like to avoid Security theater is a security placebo. We're being told that it's effective, and we may fool ourselves into believing it is, but the reality is there's no real security medicine there. Over on Infosecurity Magazine, Danny Bradbury has identified a few key ones I want to call out. In particular, technology buzzwords - like getting a solution with AI, data collection - more data, more insights, right?, and endless security alerts - for practitioners and end users. All of these seem to be in regular practice today. Does calling out security theater result in pushback? And if so, how do you handle calling it out and how would you shift each of these security placebos into a more medicated version? There’s got to be a better way to handle this On reddit, kautica0 asks, "If a company becomes aware of a 0-day vulnerability and it impacts their production web application serving customers, what actions should be taken? Should it even be considered an incident?" Just because it's a 0-day vulnerability does that make it more threatening than any of the known vulnerabilities? There was a lot of logical advice that was akin to how we would handle any vulnerability, but the 0-day nature had the looming feeling of this could be an incident very quickly and would require an incident response plan. "What's Worse?!" A "What's Worse?!" entry from our youngest listener. Please, enough. No, more. The topic is Kubernetes Security. We discuss what we have heard enough about when it comes to Kubernetes security and what we would like to hear more. Where does a CISO begin Is being cloud first a security strategy? Over on the UK's National Cyber Security Centre, an article argues that we should not ask if the cloud is secure, but whether it is being used securely. What does that mean? And is there an argument for and against cloud first being a valid security strategy?
Learn all about Kubernetes, its possible misconfigurations and vulnerabilities, and how it applies to cloud security on today's episode, featuring Michael Foster, a Cloud Native Advocate at StackRox. Michael discusses intrinsic Kubernetes security issues compared with those that come from improper use, the work of a Cloud Security Advocate, his time in the Chicago Cubs and more.0:00 Intro 2:03 Getting started in tech4:09 From Cubs to security8:10 What is Kubernetes?10:45 Kubernetes issues & CNCF roadmap14:50 Types of vulnerabilities19:10 Kubernetes checklist and wishlist23:30 Role and duties at StackRox25:30 Cloud security skills & careers31:30 Future of Kubernetes33:28 What is StackRox?35:35 OutroWe're also excited to share the new hands-on Cyber Work training series, Cyber Work Applied. Each week on Cyber Work Applied, expert Infosec instructors teach a new cybersecurity skill and show you how that skill applies to real-world scenarios. Get demos of different cyberattacks, learn how to use common cybersecurity tools, explore how major breaches occurred and more. Check out the link below to start learning, for free!– Learn cybersecurity with our FREE Cyber Work Applied training series: https://www.infosecinstitute.com/learn/ – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastMichael Foster is a passionate tech enthusiast and open-source advocate with a multidisciplinary background. As a Cloud Native Advocate at StackRox, Michael understands the importance of building an inclusive community. Michael embraces all forms of automation, focusing on Kubernetes security, DevOps, and infrastructure as code. He is continually working to bridge the gap between tech and business and focus on sustainable solutions. About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
Chris Porter is the director of solutions engineering at StackRox, makers of the industry’s first Kubernetes-native container security platform. Previously, Chris worked as the director of field sales engineers at Bracket Computing, a technical solutions architect and senior manager of systems engineering at Cisco, and a software engineer at VA Software, iBeam Broadcasting, and Silicon Graphics, among other positions. He is also an author and a certified AWS solutions architect and security specialist. Join Corey and Chris as they talk about bringing security to Kubernetes while touching upon how nobody really manages application security—they just pretend to; why security needs to think the same way as microservices; how a lot of people end up using the container model incorrectly by thinking they’re the same as VMs; what billing and security have in common; why security needs to be baked into the foundation vs. treated as an afterthought; why you should aim for incremental security improvements; what Chris thinks the business value of Kubernetes is; why Chris doesn’t think moving applications to containers automatically makes them more secure, and more.
In this show Steve speaks with application security specialist and educator Tanya Janca to talk about her new book "Alice and Bob Learn Application Security",as well as the struggles to educate developers about secure development, creating a positive and inclusive community and a slice of just about everything else.The Book!https://www.amazon.com/Alice-Bob-Learn-Application-Security/dp/1119687357https://www.wiley.com/en-us/Alice+and+Bob+Learn+Application+Security-p-9781119687351Who are Allison and Bobhttps://en.wikipedia.org/wiki/Alice_and_BobTanya gets a book!https://www.youtube.com/watch?v=6OaYA5nuI4A&ab_channel=SheHacksPurpleMeet Tanya JancaTanya Janca, also known as WehackPurple, is the author of ‘Alice and Bob Learn Application Security'. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion, and kindness, which shines through in her countless initiatives.Founder: We Hack Purple (Academy, Community, and Podcast), WoSEC International (Women of Security), OWASP DevSlop, OWASP Victoria, #CyberMentoringMondayFollow Tanya on Twitter: https://twitter.com/shehackspurpleFollow Tanya on LinkedIn:https://www.linkedin.com/in/tanya-jancaFollow Tanya on Medium: https://medium.com/@shehackspurpleFollow Tanya on YouTube:https://www.youtube.com/shehackspurpleFollow Tanya on Twitch:https://www.twitch.tv/shehackspurpleCoSeCast is powered by StackRox SecurityThe only Kubernetes-native container security platformStackRox has set the standard in container and Kubernetes security, protecting cloud-native apps across the full life cycle — build, deploy, and runtime.Steve GiguereSteve is the Director of Solutions and Community for EMEA for StackRox.He is a serial podcaster having hosted his solo editorial podcast called Codifyre, as well as podcasts for Synopsys and Aqua Security called Hacking Security and BeerSecOps.He's a fun and entertain public speaker on application, cloud native and kubernetes security and when he's not doing that he loves music. He's composed and played the theme music for this and each of his other podcasts.Learn more...https://stevegiguere.com/
Hello DevOps, Security, Kubernetes, Application and Continuous Security friends, this is the intro show to CoSeCast! It's a short one so why not listen and get a taster for what's to come.Hosted by Steve Giguerehttps://cosecast.comPowered by StackRoxhttps://stackrox.com
Temos aqui o resumo do primeiro dia de KubeConNA 2020.Pelo menos o que o João Brito e seu chará João Freire conseguiram acompanhar na largada dessa maratona. Entre os assuntos tivemos Benchmark de Ingress, GitOps para fortalecer o hype, Capture the Flag e um pouco sobre Cassandra.Alguns links que citamos no episódio:Cassandra 101 - https://www.youtube.com/watch?v=DI1bJ1tggmk&ab_channel=DataStaxDevelopersHey - tiny program that sends some load to web applications - https://github.com/rakyll/heyCassandra Demo https://github.com/DataStax-Academy/kubecon2020Fleet - Ci/CD by Rancher - https://github.com/rancher/fleetKubernetes Attack Matrix - by StackRox- https://www.stackrox.com/post/2020/05/guide-to-evaluating-your-container-security-maturity/Intro to Jaeger - https://medium.com/jaegertracingEsperamos que curta.Nos vemos no dia 2.
How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177
How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177
Listen to more from The New Stack here: https://thenewstack.io/podcasts Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week's episode, we spoke with Liran Tal, a developer advocate at container security platform provider Snyk and a member of the Node.js security working group, about who should own security in the DevOps process — the security team or the development? TNS editorial and marketing director Libby Clark hosted this episode, alongside founder and TNS publisher Alex Williams and TNS managing editor Joab Jackson. Tal wrote an article for us recently, “‘DevSecOps Insights 2020': Who Really Owns Security in DevOps,”which summarized the results of a survey the company carried out covering security, development and operations. The post included a couple of surprising survey results, namely that only 14% of respondents reported that they test for known vulnerabilities in container images, and 38% of respondents don't integrate automated security scanning into their DevOps pipeline. As Tal writes in the post: When that many respondents agree security is a major concern when trying to deliver software quickly, it means we need to scale up security to enable fast delivery of security fixes. The key to doing that is developers, as they ultimately fix security issues in an application's source code. We also get Tal's views on incorporating security into the a Continuous Integration/Continuous Delivery (CI/CD), the need for development speed, as well as his thoughts on the recent purchase of npm by GitHub. Then, later in the show, we discuss some of the top podcasts and news stories from the site. An episode of The New Stack Analysts podcast provides fodder for discussing service mesh adoption. Also on the agenda: Frustrations mount over Python 3 migrations; Project Calico offers a faster data plane with the help of eBPF; and an excellent side-by-side comparison offered by StackRox's Karen Bruner of the managed Kubernetes offerings from Amazon Web Services, Microsoft Azure and Google Cloud.
Listen to more from The New Stack here: https://thenewstack.io/podcasts Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week's episode, we spoke with Liran Tal, a developer advocate at container security platform provider Snyk and a member of the Node.js security working group, about who should own security in the DevOps process — the security team or the development? TNS editorial and marketing director Libby Clark hosted this episode, alongside founder and TNS publisher Alex Williams and TNS managing editor Joab Jackson. Tal wrote an article for us recently, “‘DevSecOps Insights 2020': Who Really Owns Security in DevOps,”which summarized the results of a survey the company carried out covering security, development and operations. The post included a couple of surprising survey results, namely that only 14% of respondents reported that they test for known vulnerabilities in container images, and 38% of respondents don't integrate automated security scanning into their DevOps pipeline. As Tal writes in the post: When that many respondents agree security is a major concern when trying to deliver software quickly, it means we need to scale up security to enable fast delivery of security fixes. The key to doing that is developers, as they ultimately fix security issues in an application's source code. We also get Tal's views on incorporating security into the a Continuous Integration/Continuous Delivery (CI/CD), the need for development speed, as well as his thoughts on the recent purchase of npm by GitHub. Then, later in the show, we discuss some of the top podcasts and news stories from the site. An episode of The New Stack Analysts podcast provides fodder for discussing service mesh adoption. Also on the agenda: Frustrations mount over Python 3 migrations; Project Calico offers a faster data plane with the help of eBPF; and an excellent side-by-side comparison offered by StackRox's Karen Bruner of the managed Kubernetes offerings from Amazon Web Services, Microsoft Azure and Google Cloud.
Today we have one of the top performers that I met recently, Daniil Krets from Skilljar, who consistently reaches 120% of quota at StackRox. We will learn about some techniques and methods to use on LinkedIn and how to nurture your prospects over time to get as many meetings as possible. If want to see the screenshare, here is the link to the Youtube video: https://youtu.be/6zcAUGbKPAw The topics covered, are indexed below. If you don't have time to listen to the whole interview, just jump around. If you want to join the series or nominate a colleague, please send an email to podcast@altisales.com. Welcome Daniil! Topics covered: 0:00 -> Intros 1:05 -> What is Skilljar and who do they sell to? 2:30 -> Inbound vs. outbound? 2:55 -> How are you being measured? 4:20 -> Daniil's LinkedIn techniques (very detailed) 20:40 -> How to nurture prospects 36:00 -> What tools do you use and how do you use them? 40:05 -> How to get in touch with Daniil and Tito https://www.linkedin.com/in/daniilkrets/ https://www.linkedin.com/in/titobohrt/
More than ever, application security is a top priority. Beyond secure coding practices, a holistic app security strategy addresses the full application and infrastructure stack. This includes containers, microservices, orchestration, infrastructure software, and the cloud. Bolting on the next security tool may not be the answer. Kamal Shah, StackRox CEO, joins us on this episode of DevOps Chats, diving into the need for a systemic security approach across the lifecycle of cloud-native, even "Kubenative", applications. We explore how Kubernetes and cloud-native apps bring access to rich configuration information, usage visibility, runtime context, inherent security controls, and compliance. It's a fascinating conversation that will open up new paths to secure Kubernetes and cloud-native applications.
StackRox CEO talks about what organizations must consider to keep their Kubernetes and container applications secure.
In the news, ThreatConnect released Enhanced Integration with Flashpoint, ObserveIT unveils crowdsourced insider threat analytics solution, Thycotic launches automated solution for managing service accounts, and StackRox Kubernetes Security Platform is offered on the GCP! Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!
In the news, ThreatConnect released Enhanced Integration with Flashpoint, ObserveIT unveils crowdsourced insider threat analytics solution, Thycotic launches automated solution for managing service accounts, and StackRox Kubernetes Security Platform is offered on the GCP! Full Show Notes: https://wiki.securityweekly.com/ES_Episode150 Visit https://www.securityweekly.com/esw for all the latest episodes!
The best sales people aren’t on your sales team. In fact, the best sales people don’t even work at your company. Hint: They pay you. Customers are, time and again, the best sales resources your company has access to. Nothing will sell your product more (and faster) than a referral from someone who already uses it. Melinda Marks joined us on the B2B Revenue Acceleration podcast to tell us all about building a customer referral program. Melinda is the VP of Marketing at Armorblox, the first cybersecurity company to utilize NLU to stop cyber attacks. Melinda has an extensive background in marketing at Styra, StackRox, VMware, and others.
Today we will talk to Nick Bieszczat, who consistently reaches 120% of quota at StackRox. He will explain how he gets around 90% of his results via email and social for a very technical product. The topics covered, are indexed below the video. If you don't have 30 minutes to listen to the whole interview, just jump around. If you want to join the series or nominate a colleague, please send an email to podcast@altisales.com. We've already had Grant Horvath, Val Moisland, Brandon Ferris, Jeremy Levielle, Hope O Baker, Jess Wilson (video), Mikey Pawell (direct mail), Louise Trump (email), Allie Hudson (cold calling), Jackie Lipnicki (cold calling) and Sam Silverman (Strategy) participate. Welcome Nick! Topics covered: 0:00 -> Intros 0:50 -> What is StackRox and who do they sell to? 2:00 -> Inbound vs. outbound? 3:00 -> How are you being measured? 4:20 -> How are you at 120% of quota? 6:00 -> Where do the majority of your demos come from? 9:10 ->What is your email strategy? 10:30 -> What companies do you go after? 11:30 -> What is your LinkedIn strategy? 14:20 -> How many SDR's vs AE's? 16:00 -> What tools do you use? 19:00 -> How do you distribute accounts? 22:10 -> Training 24:00 -> What keeps you motivated? 26:20 -> More about Grant's email strategy 30:40 -> How to get in touch with NIck and Tito
In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode136 Visit https://securityweekly.com/esw for all the latest episodes!
In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode136 Visit https://securityweekly.com/esw for all the latest episodes!
This week, we welcome Nik Whitfield, CEO at Panaseer, to talk about Continuous Controls Monitoring! In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! In our final segment, we have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium! Full Show Notes: https://wiki.securityweekly.com/ES_Episode136 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Nik Whitfield, CEO at Panaseer, to talk about Continuous Controls Monitoring! In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! In our final segment, we have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium! Full Show Notes: https://wiki.securityweekly.com/ES_Episode136 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Gabi is back with Mark this week in an interview with Connor Gilbert of StackRox, a Kubernetes security company. StackRox uses Kubernetes and containers to maximize security for customers across the container lifecycle. Connor explains how they monitor your containers through building, deploying, and finally the running of the application, and keep your project secure through all stages. StackRox identifies risks and weak areas, then responds in real time. Connor’s advice for our listeners is to understand what’s going on with your containers and your application. Look at the data, the specs, and your options and then, if-needed, adjust the defaults to optimize the security of your app. Connor Gilbert Connor Gilbert is a product manager at StackRox, a Kubernetes security company, where he contributes to product vision and advocates for customer needs. Connor previously worked in architecture and engineering roles at StackRox. Before that, as Security Research Scientist at Qadium, he built tools to uncover network perimeter exposures and conducted DARPA Internet security research. He first discovered Kubernetes in 2015 and has been using it on GCP ever since. Cool things of the week Simplify reporting with the Sheets data connector for BigQuery, and voila: automated content updates for G Suite blog 6 standout serverless sessions at Google Cloud Next ‘19 blog 9 mustn’t-miss machine learning sessions at Next ‘19 blog Don’t miss these must-see G Suite sessions at Google Cloud Next ‘19 blog Next On Air live show Interview StackRox site StackRox Overview site StackRox Data Sheet data sheet Kubernetes site GKE site Google Container Registry site Google Cloud Security Command Center site Go site Istio site Kubernetes Documentation site Kubernetes Blog blog Kubernetes Blog: A Guide to Kubernetes Admission Controllers blog CNCF site CNCF Webinar: Operationalizing Kubernetes Security Best Practices video BSidesSF 2019 Talk: “Containers: Your Ally in Improving Security” video Nine Kubernetes Security Best Practices Everyone Should Follow site Top 5 Kubernetes RBAC Mistakes to Avoid white paper Question of the week How do I migrate my traditional data warehouse platform to BigQuery? Migrating your traditional data warehouse platform to BigQuery: announcing the data warehouse migration offer Warehouse Migration Where can you find us next? Mark will be at Cloud NEXT, ECGC, and IO. Gabi will be at Cloud NEXT and PyTexas StackRox will be at Cloud NEXT, KubeCon, FS-ISAC, DockerCon, Red Hat Summit, and Black Hat.
Today Google and CloudBees, along with 20 other companies, launch the Continuous Delivery Foundation (CDF). Tracy Miranda is the Director of Open Source Community at CloudBees, who coordinated donating Jenkins and Jenkins X to the CDF. She talks to Adam and Craig about why it the CDF been formed, and what to expect in this space in the future. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week John Wilkes’ series of simulations Kubernetes Podcast from Google Cloud Next - live show at Google Cloud Next! News of the week Continuous Delivery Foundation Tekton Red Hat introduces Quarkus Web site and GitHub GraalVM Give-me-Gin-and-Tonic The service mesh era: Using Istio and Stackdriver to build an SRE service How Red Hat are changing deployment topology in OpenShift 4 Quickfire container security news: StackRox won an award for Best Emerging Technology from SC Media Alcide won the Breakout Cloud Security infosec award from Cyber Defense Magazine Capsule8 made it into the RSA innovation sandbox Aqua 4.0 now does function vulnerability scanning Twistlock 19.03 adds host forensics and runtime self-protection functionality for VMs SSH.com extended their tech to manage SSH keys for containers CNCF joins Google Summer of Code Fill out the State of DevOps Report Read last year’s results Links from the interview CloudBees Kohsuke Kawaguchi The population of Greece Jenkins Jenkins X Throwing an X Throwing an axe Tekton Spinnaker Continuous Delivery Summit at KubeCon EU in May CDF members Fastlane, continuous delivery for mobile, is on Tracy’s wishlist Tracy Miranda on Twitter or at tracymiranda.com
In today’s T-Suite Podcast, Bill Raymond and StackRox CEO Kamal Shah discuss containers, Kubernetes, and keeping modern applications secure.
Container adoption has gone mainstream. It seems everyone is moving to a Kubernetes/Docker model. Part and parcel with that is the challenge of how do we secure these environments. There are many companies that claim to offer container security solutions, but many of them have "container washed" their existing solutions. There are few "container native" security companies. StackRox is one of these companies. In this chat we speak with Ali Golsha, CEO of StackRox.
Alert Logic transforms Container Security, McAfee announces new enterprise security portfolio, ThreatConnect updates its Playbooks, Optiv Security launches new managed identity service, CA Technologies to become part of Broadcom, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode99 Visit http://securityweekly.com/esw for all the latest episodes!
Alert Logic transforms Container Security, McAfee announces new enterprise security portfolio, ThreatConnect updates its Playbooks, Optiv Security launches new managed identity service, CA Technologies to become part of Broadcom, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode99 Visit http://securityweekly.com/esw for all the latest episodes!
Tanium expands their security platform, Carbon Black and IBM team up, improved container threat detection from StackRox, Illusive Networks introduces new mainframe deception, and more enterprise security news! Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit http://securityweekly.com/esw for all the latest episodes!
Tanium expands their security platform, Carbon Black and IBM team up, improved container threat detection from StackRox, Illusive Networks introduces new mainframe deception, and more enterprise security news! Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit http://securityweekly.com/esw for all the latest episodes!
Richard Moulds of Whitewood Security joins us to discuss the return of the ROCA crypto bug. In the news, Tanium expands their security platform, Carbon Black and IBM team up for a rapid response tool, improved container threat detection from StackRox, Illusive Networks introduces new mainframe deception, and more on this episode of Enterprise Security Weekly!Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit https://www.securityweekly.com/esw for all the latest episodes!
Richard Moulds of Whitewood Security joins us to discuss the return of the ROCA crypto bug. In the news, Tanium expands their security platform, Carbon Black and IBM team up for a rapid response tool, improved container threat detection from StackRox, Illusive Networks introduces new mainframe deception, and more on this episode of Enterprise Security Weekly!Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit https://www.securityweekly.com/esw for all the latest episodes!
Learn about containers, Docker, CoreOS and more in this interview with Ali Golshan, the Co-founder & CTO of StackRox. We discuss security approaches to containers and microservices, real-world threats against this environment and how to apply security models to it all! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode48 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!
Learn about containers, Docker, CoreOS and more in this interview with Ali Golshan, the Co-founder & CTO of StackRox. We discuss security approaches to containers and microservices, real-world threats against this environment and how to apply security models to it all! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode48 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!
Ali Golshan of StackRox and special guest host Doug White join us on this containerized episode of Startup Security Weekly! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode48Visit https://www.securityweekly.com for all the latest episodes!
Ali Golshan of StackRox and special guest host Doug White join us on this containerized episode of Startup Security Weekly! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode48Visit https://www.securityweekly.com for all the latest episodes!
In this episode of the ARCHITECHT Show, StackRox co-founders Sameer Bhalotra and Ali Golshan break down the state of container security and the new technology they have built to solve it. Bhalotra and Golshan have deep histories doing cybersecurity everywhere from startups to Google to the White House, which they draw on to discuss the security threats and opportunities that microservices present, as well as best practices for cybersecurity in general. This week, StackRox emerged from stealth mode after building the product and company for nearly 3 years.