AWS for Software Companies Podcast

Kui Jia, Sumo Logic's Vice President of Engineering and Head of AI, shares how their AWS-powered AI agents transform chaotic security investigations into streamlined workflows.Topics Include:Kui Jia leads AI Engineering at Sumo LogicSREs and SOC analysts work under chaotic, high-pressure conditionsTeams constantly switch between different vendor tools and platformsInvestigation requires quick hypothesis formation and complex query writingSumo Logic processes petabytes of data daily across enterprisesCompany serves 2,000+ enterprise customers for 15 yearsPlatform focuses on observability and cybersecurity use casesInvestigation journey: discover, diagnose, decide, act, learn phasesData flows from ingestion through analytics to human insightsTraditional workflow relies heavily on tribal domain knowledgeSenior engineers create queries that juniors struggle to understandWar room situations demand immediate answers, not learning curvesContext switching between tools wastes time and creates frictionMultiple AI generations deployed: ML anomaly detection to GenAIAgentic AI enables reasoning, planning, tools, and evaluation capabilitiesMo Copilot launched at AWS re:Invent as AI agent suiteNatural language converts high-level questions into Sumo queriesSystem provides intelligent autocomplete and multi-turn conversationsInsight agents summarize logs and security signals automaticallyKnowledge integration combines foundation models with proprietary metadataAI generates playbooks and remediation scripts for automated actionsThree-tier architecture: Infrastructure, AI Tooling, and Application layersBuilt on AWS Bedrock with Nova models for performanceFocus on reusable infrastructure and AI tooling componentsData differentiation more important than AI model selectionGolden datasets and contextualized metadata are development challengesGuardrails and evaluation frameworks critical for enterprise deploymentAI observability enables debugging and performance monitoringEnterprise agents achievable within one year development timelineFuture vision: multiple AI agents collaborating with human investigatorsParticipants:Kui Jia – Vice President of AI Engineering, Head of AI, Sumo LogicFurther Links:Website: https://www.sumologic.com/Sumo Logic in the AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Wilson Patton, Solutions Architect for Trellix, demonstrates how their four-pillar Gen-AI framework transforms incident alerts into actionable intelligence.Topics Include:Wilson Patton: Trellix Solutions Architect, 20 years government experienceWitnessed evolution from basic firewalls to zero trust architecturesTrellix combines McAfee and FireEye heritage and capabilitiesAI integration isn't new - machine learning embedded for yearsPartnership with AWS Bedrock accelerates Gen-AI development capabilities2014: Developed Impossible Travel Analytic for anomaly detection2016: Launched Guided Investigations framework for SOC analysts2023: Introduced AI Guided Investigations with contextual understanding64% of public sector exploring AI adoption activelyOnly 21% have requisite data ready for trainingGen-AI won't magically clean up messy, siloed data74% of executives doubt AI information accuracy currentlyMonday morning alert queue: 76 high, 318 medium alertsAdversaries steal credentials 90 days before major incidentsCritical breadcrumbs hidden in low-priority informational alerts1000+ data-driven investigative questions developed over eight yearsSkilled analysts take too long reading all answersAutomate analysis, distill thousands down to ten critical alertsFour foundational pillars for effective, trustworthy Gen-AI implementationCybersecurity expertise essential - Gen-AI is just a toolFrameworks ensure reliability and consistent prompting for productionMultiple LLM models tested through AWS Bedrock platformQuality diverse datasets required for accurate question answeringGood prompts combine evidence, context, and comprehensive informationTesting shows order of magnitude price differences between modelsNova Micro provides cost-effective results for many scenariosPrompt engineering superior to fine-tuning for avoiding biasAgentic AI performs multi-step investigations with live dataStrategic model choice based on specific requirements and costsTransparent audit trails mandatory for government compliance requirementsParticipants:Wilson Patton – Solutions Architect, TrellixFurther Links:Website: https://www.trellix.comTrellix in the AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Jeff Chow, Chief Product and Technology Officer at Miro, explores how harnessing AI — in addition to reshaping teams and workflows — accelerates the product development lifecycle. He also shares insight into how Miro is embracing new technology and ways of working to transform its Innovation Workspace.Topics Include:Platform & PartnershipMiro serves 250,000+ customers with 90+ million knowledge workers using their Innovation WorkspacePlatform supports discovery, definition, and delivery phases of innovation processReal-time multiplayer canvas enables team co-creation across multiple formats, including seamless transitions between structured and unstructured work.Three-tier AWS partnership: infrastructure backbone, AI services (Bedrock/Q), and joint customer solutionsInnovation Challenges & FrictionProduct development lifecycle bottlenecks: separate tools per function create process delays and collaborative frictionPain points include stalled product kickoffs, lengthy design ideation cycles, and process delays from engineering architecture discussions.Leadership struggles with project visibility and strategic alignment across initiativesAI TransformationAI fundamentally shifts workflows with universal knowledge access at fingertipsCraft democratization blurs traditional role boundaries (PMs prototyping, developers designing)Agentic workflows and agents collapse traditional development stack layersAI shortcuts enable one-button synthesis of workshops into product briefsProduct development lifecycle compression from 20 steps to 5 key phasesBedrock and Q services create significant business accelerationOrganizational DesignCommon organizational rhythms and rituals create shared working languageDriving maximum impact by aligning on big initiatives vs. distributed prioritiesCollaborating across all functions — product, engineering, design — and at all organizational levelsBottom-up innovation requiring clear problem communication throughout organizationInclusive environments welcoming ideas from junior and introverted team membersWorking backwards planning and PR FAQs adopted from Amazon methodologiesCreating the next big thing with MiroLarge enterprises use Miro for strategic planning, OKR planning, capacity planning, roadmappingVisual proof-of-concepts and live demos make abstract concepts tangibleSame-day product brief delivery improves team collaboration and ownershipVoice of customer integration: automated synthesis of feedback into feature developmentMiro uses Miro internally to build next-generation featuresEnhanced employee engagement alongside improved business outcomesCustomers consistently achieve 2-3x time-to-market improvementsParticipants:Jeff Chow – Chief Product and Technology Officer, MiroJohan Broman – EMEA ISV Head of Solutions Architecture, AWSFurther Links:Website: https://miro.com/page/product-leaders/Miro in the AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Andrea Malagodi, CTO of Sonar, discusses how the company successfully transitioned from on-premise to SaaS, leveraging AWS partnership and maintaining focus on developer-centric code quality and security solutions.Topics Include:Andrea Malagodi is CTO of Sonar, guest on podcastSonar founded 16+ years ago by three software engineersFounders wanted to help developers understand code quality issuesFocus on giving developers precise, actionable insights for improvementProducts include SonarQube Server, Cloud, and IDE versionsRecent acquisitions: ACR, Tidelift, and Structure 101 companiesSaaS journey began seven years ago with SonarQube CloudInitially targeted individual developers, then expanded to enterprisesNow multi-region with comprehensive enterprise features availableSeven million developers rely on Sonar's solutions globally400,000 organizations and 28,000 enterprise customers use SonarStarted SaaS to test market demand, not assumptionsEngaged customers early to understand migration requirements neededRecommends alpha versions with design customers for feedbackFree tier for open-source code enables quick trialEnterprise certifications (ISO 27001, SOC 2) build trustAWS partnership includes enterprise support and technical resourcesUsed CDK for infrastructure-as-code, experienced early adoption challengesMulti-region strategy should be considered from the beginningAWS Learning partnership certified all engineers in cloudCloud enables faster development cycles than traditional infrastructureRecommends avoiding architectural one-way doors during transitionConsider data residency requirements for global customer baseAI-generated code creates productivity gains but needs validationSonar provides deterministic rules for AI-generated code reviewWorking on MCP protocol and AI code quality solutionsSecurity approach is "start left" not "shift left"Advanced Security offering includes dependency scanning and vulnerabilitiesAvailable on sonarsource.com and AWS MarketplaceFree tier offers 50,000 lines of code analysisParticipants:Andrea Malagodi – Chief Technical Officer, SonarFurther Links:Website: www.sonarsource.comSonar in the AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Kanaiya Vasani, Chief Product Officer, explains how ExtraHop leverages AWS services and generative AI to help enterprise customers address the growing security challenges of uncontrolled AI adoption.Topics Include:ExtraHop reinventing network detection and response categoryPlatform addresses security, performance, compliance, forensic use casesBehavioral analysis identifies potential security threats in infrastructureNetwork observability and attack surface discovery capabilities includedApplication and network performance assurance built-in featuresTraditional IDS capability with rules and IOCs detectionPacket forensics for investigating threats and wire evidenceCloud-native implementations and compromised credential investigation supportExtraHop partnership with AWS spans 35-40 different servicesAWS handles infrastructure while ExtraHop focuses core competenciesExtraHop early adopter of generative AI in NDRNatural language interface enables rapid data access queriesEnglish questions replace complex query languages for usersAgentic AI experiments focus on SOC automation workflowsL1 and L2 analyst workflow automation improves productivityShadow AI creates major risk concern for customersUncontrolled chatbot usage risks accidental data leakageGovernance structures needed around enterprise gen AI usageVisibility required into LLM usage across infrastructure endpointsAI innovation pace challenges security industry keeping upModels evolved from billion to trillion parameters rapidlyTraditional security tools focus policies, miss real-time activity"Wire doesn't lie" - network traffic reveals actual behaviorExtraHop maps baseline behavior patterns across infrastructure endpointsAnomalous behavioral patterns flagged through network traffic analysisMCP servers enable LLM access through standardized protocolsStolen tokens allow adversaries unauthorized MCP server accessMachine learning identifies anomalous traffic patterns L2-L7 protocolsGen AI automates incident triage, investigation, response workflowsBest practices include clear policies, governance, monitoring, educationParticipants:Kanaiya Vasani – Chief Product Officer, ExtraHop NetworksSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Cribl’s Field CISO Ed Bailey discusses how customers can manage the quality and quantity of data by providing intelligent controls between data sources and destinations.Topics Include:Cribl company name originCompany helps organizations screen data to find valuable insightsEd Bailey was Cribl's first customer back in 2018Data growth of 25% yearly created seven-figure cost increasesCEOs and CIOs complained about explosive data storage costsUsers demanded more data while budgets remained constrainedBailey discovered Cribl through a random Facebook advertisementCribl Stream sits between data sources and destinationsNo new agents required, uses existing infrastructure connectionsReduced data growth from 28% to 8% within yearDevelopment cycles shortened from six weeks to two weeksBailey managed global security and telemetry data systemsOperated large Splunk instance across forty different countriesTeam spent time collecting data instead of extracting valueCribl provided consistent data control plane for operationsSmart engineers could focus on machine learning solutionsMigrated from terrible SIEM to better security platformData strategy should focus on business requirements firstNot all data has the same business valueTier one: Critical data goes to expensive platformsTier two: Important data stored in cheaper lakesTier three: Compliance data in low-cost object storageSIEM costs around one dollar per gigabyte storedData lakes cost twelve to eighteen cents per gigabyteObject storage costs fractions of pennies per gigabyteAWS partnership provides scalable infrastructure for rapid growthEC2, EKS, and S3 are heavily utilized servicesCribl Search finds data directly in object storageAvoids costly data movement for search and analysisParticipants:Edward Bailey – Field CISO, CriblSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Saviynt Co-Founder Amit Saha discusses how their AWS partnership has enabled the identity security company to deliver comprehensive identity protection while minimizing organizational friction.Topics Include:Saviynt is leading identity security provider in marketSecures human, non-human, workforce, and privileged access identitiesEliminates friction while automating organizational access management processesBiggest challenge: reducing friction in new access processesSecond challenge: visibility into accumulated technical debt problemsLost business context makes access permissions difficult to unwindSaviynt provides quick visibility to prioritize identity risksShadow IT creates ungoverned workloads and cloud applicationsNeed integration with asset management and cloud providersMust derive intelligence from multiple disconnected information sourcesAWS partnership provides access to prolific customer baseAWS security owners are same buyers for SaviyntEleven-year AWS relationship with early security competencyISV Accelerate program connects with sellers and architectsRising Star program helps stand out in crowded marketplaceFind mutual customers for successful AWS partnership storiesGenAI in bad actors' hands compromises customer securityProduct engineering uses GenAI tools for better qualityAgentic AI creates new paradigm between human/non-human identitiesAgentic AI requires dynamic, fluid access management approachesAI agents can generate their own bots needing accessZero trust principles needed at broader scale for AINext twelve months: getting ahead of GenAI curveNew AWS services launch daily in GenAI spaceContributing to new standards like MCP and A2A protocolsAWS Marketplace simplifies procurement and buyer discovery processesEDP program and migration incentives benefit ISV transactionsAWS developer-friendly startup programs accelerate time to marketCloud-native approach enables predictable scaling and AWS integrationAWS-Saviynt partnership aims for once-in-generation security impactParticipants:Amit Saha – Co-Founder and Chief Growth Officer, SaviyntSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Chief Architect Russell Leighton discusses how Panther's cloud platform revolutionizes security operations by treating detections as Python code and AI enabled alert vetting turning responses from hours into minutes. Topics Include:Panther is a cloud security monitoring tool (cloud SIEM)Works at massive scale, more cost-effective than legacy systemsKey differentiator: "detections as code" written in PythonBrings software engineering best practices to security operationsEnables unit testing and version control for security detectionsRecently adopted generative AI to improve security workflowsSOC burnout is renowned due to tedious ticket processingAI has intelligence of security engineer, works much fasterExample: Alert shows "Russ Leighton removed branch protection"Old way: Manual log analysis, checking user profiles manuallyTakes hours of squinting at detailed log dataNew AI way: Automatic vetting happens in minutesAI checks user profile in Okta or IDPDetermines engineer status, assesses typical behavior patternsProvides risk assessment based on historical alert dataLow risk for engineers, high risk for unusual usersExample: HR person accessing production code is escalatedCustomer quote: Takes vetting "from hours to seconds"Panther customers get dedicated AWS accounts for securityCompany can't see customer data, only self-reported metricsAI provides summaries, risk assessments, timelines, visualizationsAlso suggests remediations like human security engineer wouldInitial concerns about putting AI in production environmentCustomer feedback exceeded expectations with feature requestsAWS Bedrock integration addresses customer security concernsUses Anthropic Claude as base LLM through BedrockCustomers can enable additional Bedrock guardrails independentlyAI transparency prevents hallucination concerns through explanationsClaude's extended thinking mode shows reasoning processAI visualizes thinking with flowcharts explaining decision processParticipants:Russell Leighton – Chief Architect, PantherFurther Links:Website: Panther.comAWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Security leaders from Anthropic and AWS discuss how agentic AI is transforming cybersecurity functions to autonomously handle everything from code reviews to SOC operations.Topics Include:Agentic AI differs from traditional AI through autonomy and agencyTraditional AI handles single workflow nodes, agents collapse multiple stepsHigher model intelligence enables understanding of broader business contextsAgents make intelligent decisions across complex multi-step workflows processesEnterprise security operations are seeing workflow consolidation through GenAIOrganizations embedding GenAI directly into customer-facing production applicationsSoftware-as-a-service transitioning to service-as-software through AI agentsSecuring AI requires guardrails to prevent hallucinations in applicationsNew vulnerabilities appear at interaction points between system componentsAttackers target RAG systems and identity/authorization layers insteadLLMs hallucinate non-existent packages, attackers create malicious honeypotsGovernance frameworks must be machine-readable for autonomous agent reasoningAmazon investing in automated reasoning to prove software correctnessAnthropic uses Claude to write over 50% of codeAutomated code review systems integrated into CI/CD pipelinesSecurity design reviews use MITRE ATT&CK framework automationLow-risk assessments enable developers to self-approve security reviews40% reduction in application security team review workloadAnthropic eliminated SOC, replaced entirely with Claude-based automationIT support roles transitioning to engineering as automation replaces frontlineCompliance questionnaires fully automated using agentic AI workflowsISO 42001 framework manages AI deployment risks alongside securityExecutive risk councils evaluate AI risks using traditional enterprise processesAWS embeds GenAI into testing, detection, and user experienceFinding summarization helps L1 analysts understand complex AWS environmentsAmazon encourages teams to "live in the future" with AIInterview candidates expected to demonstrate Claude usage during interviewsSecurity remains biggest barrier to enterprise AI adoption beyond POCsVirtual employees predicted to arrive within next 12 monthsModel Context Protocol (MCP) creates new supply chain security risksParticipants:Jason Clinton – Chief Information Security Officer, AnthropicGee Rittenhouse – Vice President, Security Services, AWSHart Rossman – Vice President, Global Services Security, AWSBrian Shadpour – GM of Security and B2B Software Sales, AWSSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Spryker’s Chief Product Officer, Elena Leonova, discusses the Spryker Business Intelligence platform and how working with AWS as a strategic advisor unlocked deeper opportunities for transformative growth.Topics Include:Elena Leonova introduces Spryker as digital commerce platformSpryker focuses on sophisticated B2B commerce transactionsTraditional industries: manufacturing, industrial goods, med techCustomers sell complex equipment like MRI machines, tractorsProducts are custom-built to order through procurement processesExtensive negotiation and aftermarket servicing are requiredCompetitors focus on fashion, food - not complex equipmentSpryker exclusively hosted on AWS cloud infrastructureAWS partnership enables new capabilities and customer innovationBusiness intelligence tools and AI capabilities now availableRicoh example: global manufacturer of industrial-grade printersRicoh sells through dealers and distributors worldwideS-Diverse: new automotive software marketplace partnership platformConnects automotive manufacturers with embedded software producersSpryker Business Intelligence powered by Amazon QuickSight launchedCommerce becoming more intelligent than traditional repeat purchasesComplex equipment buyers don't purchase MRI machines weeklyPlatform provides insights into customer portal navigation patternsCombines commerce data with search, CRM, competitive intelligenceHelps merchants identify revenue optimization signals from noiseBusiness intelligence integrated directly within Spryker platformCustomers should evaluate platform's future scalability and flexibilityRevenue optimization requires understanding what metrics to improveEasy-to-use data analysis prevents information overload problemsQuickSight's GenAI capabilities enable faster executive decision-makingAWS partnership provided cost optimization and innovation confidenceElena initially viewed AWS as just hosting providerBuilding shared vision with AWS unlocked deeper collaborationAWS became trusted advisor for strategy and partnershipsGenerative AI enables multi-persona communication across customer typesParticipants:Elena Leonova – Chief Product Officer, SprykerSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/