The InfoQ Podcast

Marina Moore, a research scientist at Adara and co-chair of the CNCF Security & Compliance TAG, dives into the vulnerabilities of container security. She discusses the risks tied to sharing the host kernel and advocates for micro-VMs as a solution to reduce attack surfaces. Marina highlights the dangers of GPU inference in multi-tenant environments and critiques current isolation techniques. She also emphasizes the potential of using memory-safe languages like Rust to enhance security in cloud architectures.

In a compelling discussion, Randy Shoup, a seasoned distributed-systems architect with experience at eBay and Google, delves into the importance of learning from software failures. He advocates for blameless postmortems to foster culture and resilience. Randy shares practical strategies, like a five-step postmortem framework for understanding outages. He emphasizes modeling real-world asynchronous systems through workflows and events for better reliability, and discusses how shared trauma can enhance team cohesion in the wake of failures.

Magdalena Picariello, an AI practitioner and academic, emphasizes making AI development more business-impactful. She discusses the need to shift from traditional metrics to evaluating real-world business outcomes. Magdalena talks about implementing iterative testing systems for generative AI and prioritizing high-value edge cases. She shares insights on a data-driven, test-first approach, the importance of human-crafted tests, and tools for effective evaluation. Lastly, she highlights translating business KPIs into code to ensure alignment with user needs.

Jenish Shah, a backend engineer at Netflix with expertise in distributed systems, shares insights on effective error handling in complex environments. He discusses the evolution of microservices and the significance of clear error messages for user experience. Jenish introduces his centralized exception library, designed for uniformity across various protocols like HTTP and gRPC. He emphasizes the importance of observability metrics in error detection and offers advice on building reusable solutions to enhance engineering consistency.

Shweta Vohra, a lead architect at Booking.com and cloud-native expert, joins Stefian Weas, InfoQ lead editor, and Matt Saunders, head of DevOps at Adaptavist, to discuss pivotal trends in cloud and DevOps. They explore the rapid AI adoption in cloud services and the challenges of integrating legacy systems. Shweta emphasizes the rise of FinOps and Kubernetes' dominance, while Matt reflects on the growing executive interest in developer platforms. The panel predicts a shift towards maturing digital sovereignty and the significance of optimizing cloud costs amidst AI budgeting pressures.

Nimisha Asthagiri, Global Director in Data and AI at ThoughtWorks, chats about the significance of systems thinking and mental models in architecture. She reveals how misalignments in technology can lead to societal issues, emphasizing responsible AI practices. Nimisha discusses scaling multi-agent systems and the delicate balance of human involvement in tech operations. She envisions a harmonious relationship with AI that respects human agency, and shares her passion for simplifying complex designs while advocating for better architectural outcomes.

Elena Samuylova, Co-founder and CEO of Evidently AI, shares her expertise in LLM-powered application evaluation. She highlights the importance of distinguishing between model and system evaluations. Elena introduces the concept of using an LLM as a judge, discussing its benefits and limitations. She emphasizes the workflow for LLM evaluation, including iterative checks and stress testing. Furthermore, she advises on designing custom LLM judges and stresses the significance of team roles in this process, encouraging developers to adapt their skills as the field evolves.

Brian Fox, CTO and co-founder of Sonatype and a key figure in open-source projects like Maven, dives into the implications of the EU Cyber Resilience Act. He discusses the hidden risks it poses to open-source maintainers, highlighting potential legal liabilities and sustainability challenges for registries. Fox reveals how major cloud providers account for much of Maven Central's traffic and suggests innovative solutions like repository managers and cost-structures to tackle inefficiencies in software consumption. His insights are critical for navigating today’s complex software landscape.

Savannah Kounowski, Managing Director at IDEO, explores how human-centered design influences technology, emphasizing the need for simpler interfaces in generative AI adoption. Daniel Dominguez, managing partner at SunX Labs, discusses the importance of on-device models for privacy and cost. They delve into the rise of multimodal AI, everyday robotics, and the role of language models in robotic planning. Insights include AI's impact on software development, the shift to no-code platforms, and the need for trust in AI products.

In this conversation, Suhail Patel, a Principal Engineer at Monzo, discusses the rapid scaling of the fintech platform and the core infrastructure. He shares insights on the evolution of microservices and the importance of automation in supporting growth. Patel emphasizes securing buy-in from teams to showcase true platform value and the necessity of minimum viable architectures. He also dives into team dynamics, highlighting communication's role in leadership and the integration of AI in enhancing engineering practices.