The Cloudcast

In this podcast, Mike Long discusses the challenges of enabling Governance and Compliance in DevOps teams. They talk about the bottlenecks in deploying software quickly, the purpose of Governance and Compliance, the importance of tracking and documentation, and implementing automated governance in DevOps. They emphasize the need for process adherence, proof of following the process, and technology's role in enforcing controls and recording decisions.

Explore the challenges of transitioning from a technical to managerial role, regain passion for technology while excelling in people management, evaluate job opportunities based on lifestyle, salary, and growth potential, and navigate career crossroads with advice on making informed decisions.

Discussing the possibility of another major cloud provider emerging, the hosts explore the changing dynamics of the cloud market and the challenges faced by large entities. They also delve into the power of AI and GPUs, the potential of NVIDIA building their own cloud, and the difficulties of building and training models in the cloud. The episode concludes with the hosts expressing gratitude to the guest and listeners.

The podcast explores the historical context of internet infrastructure development and its potential as a marketplace. It discusses the concerns of VCs regarding the high costs of cloud providers and the threat to their business model. The chapter also highlights the initial wave of the internet boom, the challenges faced by businesses, and the emergence of new business models.

In this podcast, Alex Ratner discusses labeling and training LLMs, the challenges faced by LLM today, and the importance of data labeling for training. The podcast also explores the process of fine-tuning foundational AI models and the significance of purpose-built AI models in scaling AI.

As OSS projects continue to look for ways to balance community, sustainability and profitability, let’s explore some alternative considerations for companies and communities. SHOW: 754CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Datadog Synthetic Monitoring: Frontend and Backend Modern MonitoringEnsure frontend issues don’t impair user experience by detecting user-facing issues with API and browser tests with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt. AWS Insiders is an edgy, entertaining podcast about the services and future of cloud computing at AWS. Listen to AWS Insiders in your favorite podcast player. Cloudfix HomepageCloudZero – Cloud Cost Visibility and Savings​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendSHOW NOTES:Troubles with Open Source Gig Economy (Chris Aniszczyk, CNCF)Open Source Needs Maintainers, How Do They Get Paid? (TNS)A New Way to Think about Open Source Sustainability (InfoWorld)OPEN SOURCE HAS BECOME CRITICAL INFRASTRUCTURE FOR BUSINESSESDocker, Kubernetes, Terraform, Ansible, Kafka, MongoDB, ElasticSearch, Java are all mission-critical to businesses. Cloud providers have disrupted the previous OSS models - operationalize vs. contributionsHow to pay contributors?How to avoid unpredictable changes to licensing?How to provide better transparency to customers and communities?DO OSS PROJECT NEED MORE STRUCTURE TO SUCCEED OR SUSTAIN?Establish “types” of projects: Business, Community, Any - Years to ActionEstablish some timelines around various types of projectsPatents have a timeline to explore - can there be OSS licenses that have timelinesGovernment tax credits for paying OSS contributorsShould governance foundations create forks at established times?Should groups like CNCF be more active in recruiting forks after a period of time?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Matt Spitz (@mattspitz, Head of Engineering at @TrustVanta) talks about the challenges of developer security and compliance. SHOW: 753CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle.  Learn more about Panoptica at panoptica.appSHOW NOTES:Vanta (homepage)Topic 1 - Welcome to the show. Tell us a little bit about your background. What made you join Vanta and did your experience at Dropbox factor into this decision?Topic 2 - Our topic today is developer security and compliance. Let’s start by helping our listeners understand the problem. We hear all the time about developers wanting to go fast. Things like security and compliance can be an afterthought. Do you agree and is this the root of the problem or is it something else?Topic 3 - Most organizations, especially smaller orgs or startups just getting going, they just want to get to MVP, what advice to you have for them in building security and compliance into their CI/CD pipelines so this becomes more programmatic?Topic 4 - Security is certainly one angle, but probably just as important, if not more so is compliance. To make it slightly more difficult, compliance can mean many different things based on geography (SOC in US for instance). How do organizations staff for this and keep up with regulation changes? Or, maybe on the flip side, is this a common area where they are understaffed and need outside assistance?Topic 5 - In security and compliance worlds there is often the concept of identification and discovery as one part, but remediation as the second part. Where and how does Vanta work with organizations to solve for both vectors?Topic 6 - Automation, especially into CI/CD pipelines seems like a no-brainer here, but I would also add is this an area where AI/ML will come into play in the future?Topic 7 - If folks want to dig in and learn more, how do you suggest they get started?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Exploring legal issues arising from digital transformation in various industries, including ride sharing, monetary systems, and AI. Open source licensing and generative AI models impact liability, property ownership, and fair use. New technologies and diverse data sets raise questions about accuracy, liability, and consequences. Incorporating legal aspects and frameworks in digital transformation initiatives is crucial, involving legal experts from the outset.

Joe Duffy, CEO of PulumiCorp, discusses the evolution of infrastructure as code, challenges of multi-cloud, and the use of generative AI in Ops. They also touch on standardizing IaC, changes in license for open-source projects, and resources for learning IaC.

Exploring the push for people to return to the office and the impact of AI on labor. Discussing the advantages and challenges of remote work, as well as the ongoing labor-versus-management battle. Examining the benefits of working in an office, such as collaboration and visibility. Emphasizing the importance of considering both labor and management perspectives.