Sunday, March 31, 2024

The $69B bet against replacement

Let’s dig into the mindset behind the VMware price increases that have been happening since Broadcom acquired the company in 2023. 

SHOW: 808

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:


SHOW NOTES:


BROADCOM IS FITTING VMWARE INTO THEIR BUSINESS MODEL

  • At least with acquisitions, Broadcom has a well-defined set of business metrics they expect from their companies
  • Broadcom acts somewhere like private equity in terms of investment, innovation, revenue generation

IT'S A BOLD STRATEGY BROADCOM, LET’S SEE IF IT PAYS OFF FOR THEM

  • In essence, the bet is that there is no replacement for VMware in the Enterprise
  • The timing is interesting with the shifting of budgets for AI projects
  • It puts customers in a position to pay more for limited upside, but having to distinctly cut other areas of their technology budget (risk the business)
  • Customers have some options, but again they risk the business (e.g. hold off on security patches)
  • Once a company accepts the new pricing, what guarantees are there about no additional big increases in the future? 
  • How much will this impact the longer-term vendor-customer relationship?

FEEDBACK?



Posted by
Labels: , , , , ,

Wednesday, March 27, 2024

LLM Security and Privacy

Sean Falconer (@seanfalconer, Head of Dev Relations @SkyflowAPI, Host @software_daily) talks about security and privacy of LLMs and how to prevent PII (personally identifiable information) from leaking out

SHOW: 807

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

NEW TO CLOUD? CHECK OUT OUR OTHER PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

SHOW NOTES:

Topic 1 - Our topic for today is the security and privacy LLMs. What’s Sean’s origin story?

Topic 2 - Let’s dig into LLM security and privacy. We see this concern a lot on the podcast and we’ve touched on it with various past shows, but we haven’t dug in deep. First, let’s frame the problem. What are we talking about when we talk about LLM security and privacy?

Topic 3 - First, there is a fear that customer PII information might leak out. Second, company IP or confidential into might leak out related to products or offerings. We’ve seen examples of both to date. This could be exposed in the form of integration into a model (query it for the answer) or in the fine-tuning or RAG stage. Either one could lead to compliance issues, lost rev etc. But, that same data at risk is the potential differentiation of the models. How do you both mask the data but take advantage of the data?

Topic 4 - One thing I’ve noticed is many orgs only think about privacy in relation to the fine-tuning stage where they are taking a broad model and making it company specific. It is about much more than that though. Just like standard software development, we have different stages. How is the data collected and stored, how is it used for training and fine-tuning, how is it used after deployment and during interaction stage, etc. How should security and privacy be handled across all phases?

Topic 5 - Let’s talk beyond LLMs for a bit. What about Data Lakes and Data Warehousing? I see this as a problem across all big data, correct?

Topic 6 - How does API security fit into this? Much of what we are talking about is at the storage and retrieval level. But, increasingly we see API issues exposing data. How does that fit in here?

Topic 7 - Let’s talk podcasts, we had Jeff, the previous host of Software Engineering Daily on a few times. How are things over at Software Engineering Daily? Tell everyone a bit about the show.

FEEDBACK?

Posted by
Labels: , , , , , ,

Sunday, March 24, 2024

Cloud Fundamentals needed for AI

If you’re planning to deploy AI for your business, here’s 5 important capabilities your business needs from the cloud era in order to be successful. 

SHOW: 806

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

SHOW NOTES:


IF YOU WANT TO DO AI WELL, YOU NEED TO HAVE DONE CLOUD WELL

  • When we first started doing cloud, the smart people would say, “If you don’t do IT well today, you won’t do cloud well in the future”.
  • The same pattern will repeat itself with AI

5 IMPORTANT CLOUD CAPABILITIES NEEDED TO SUCCEED WITH AI

  1. Automate everything - Make automation mission-critical
  2. Build the right abstractions and flexibilities (e.g. sharing GPUs, Devtools, etc.)
  3. Leverage platforms to bring together Data Science, MLOps and AppDev
  4. Know how much things cost (e.g. FinOps)
  5. Socialize success, and socialize learnings across teams

FEEDBACK?

Posted by
Labels: , , , , , , , ,

Wednesday, March 20, 2024

Building an AI Product Company with Fireflies.ai

Krish Ramineni (@krishramineni, CEO/Founder of @Firefliesai) talks about what it is like to build an AI product company in both the pre-LLM era as well as post-LLMs. We also discuss privacy and security concerns and AI behind the scenes.

SHOW: 805

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

NEW TO CLOUD? CHECK OUT OUR OTHER PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

SHOW NOTES:

Topic 1 - Welcome to the show. Before diving into today’s discussion, tell us a little about your background.

Topic 2 - Our show and listeners tend to be interested and employed in the Enterprise infrastructure and AI/ML space. Some may find it surprising that we are talking today, but we wanted to really dig into how an up-and-coming AI company provides value at scale from individuals all the way to large enterprises. What goes into both building the product as well as taking that product to market? So, let’s start there. You recently posted about “Free AI” on LinkedIn. What was the problem you were trying to solve, and how did that influence the product you built?

Topic 3 - As the foundational models in the industry keep improving and are going multi-modal, do you worry that the LLMs of the world might push out specialized models? How do you think about staying ahead of the curve? How does something like GPU shortages or big companies like Meta purchasing thousands at a time impact your decisions?

Topic 4 - Fireflies.ai is all about the abstraction of the technology away from the user. They have no idea (and shouldn’t) about the back end and everything “behind the curtain”. How do you think about this abstraction layer from a product standpoint?

Topic 5 - Now, let’s talk about PLG vs. traditional Enterprise software sales models. You did another post about that recently. We’ve worked in environments selling both (sometimes at the same time), and they are very different motions. Do you feel both are needed to build an AI company?

Topic 6 - How does Security and compliance with IT departments fit into all of this? I’ve spoken to customers that have a policy of no AI tools at the personal level for instance or maybe client, company and private data might be at risk and only certain tools are vetted and approved. I’ve seen other companies only allow tools licensed by their corp IT. How do you navigate this issue? How does something like GDPR play here?

Topic 7 - Last question, another AI specific concern we hear about is companies training models on user data. What is your thoughts here? How does a company fine tune and train new models and products but keep customer and company privacy from leaking out?

FEEDBACK?

Posted by
Labels: , , , , ,

Sunday, March 17, 2024

What if the CNCF was private equity?

For years, the CNCF has been the central governance body for cloud-native projects. But are there too many projects now? What if the CNCF was less governance and more like private equity?

SHOW: 804

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

SHOW NOTES:

WHY DOESN’T THE CNCF RECOMMEND A CLOUD-NATIVE STACK? 

  • Originally the CNCF was just trying to get projects to use them for governance. 
  • Many people wanted them to “define” a cloud-native stack. 
  • Defining a stack would have held back their business model - accepting projects and adding sponsors

HOW MANY PROJECTS WOULD GET “CNCF APPROVED” IF THEY TOOK A PRIVATE EQUITY APPROACH?

  • CNCF currently has 184 projects, up 4x over the last 4 years. 
  • 14% graduates, 20% incubating, 62% sandbox 
  • Does the CNCF suffer from the “Big Tent” problem that caused so many issues with OpenStack? 
  • KubeCon keynotes are just a list of projects giving status updates - they could be an email. 
  • How many projects should the CNCF sponsor? How many categories should remain?
  • How would a private equity group apply metrics to CNCF projects? 

FEEDBACK?

Posted by
Labels: , , , , , ,

Wednesday, March 13, 2024

Integration and Observability of 3rd Party APIs

Eyal Solomon (@EyalSolomo44643, CEO/Founder of @lunardevapi) talks about integrating, controlling, and observability into 3rd party APIs and services. We discuss the trade-offs of integrating a 3rd party API and how it impacts simplicity and potential loss of insight.

SHOW: 803

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

NEW TO CLOUD? CHECK OUT OUR OTHER PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

SHOW NOTES:

Topic 1 - Welcome to the show. Before diving into today’s discussion, tell us a little about your background.

Topic 2 - Controlling 3rd party APIs is increasingly becoming an issue for many organizations. As the world gets built on APIs, consumption of another company's APIs to ingest services is critical. But, this leads to all sorts of control and potentially cost issues. Please give everyone an introduction to the problem.

Topic 3 - Does this mean 3rd Party APIs are a tradeoff? Yes, you might be able to integrate APIs for a payment system for instance quickly, or maybe the latest AI SaaS service, but in doing so won’t an organization potentially lose oversight? Where do most organizations run into problems first? This reminds me of the early days of cloud and people leaving instances running and then getting huge bills and not knowing until it was too late. Is this similar?

Topic 4 - We’ve seen a lot of products and companies tackling the issue of internal company APIs, but not 3rd party APIs. Once an organization determines they have a problem, maybe an observability problem, perhaps a cost problem, maybe a compliance issue, etc. how would they get started gaining API observability and control in their org? 

Topic 5 - Is this a solution that sits in traffic flow? Does this potentially introduce latency? Is this almost like a WAF for 3rd party APIs? What kinds of policies or restrictions can be put in place?

Topic 6 - What are some of the most common use cases you’ve seen and how do you solve them? What business decisions have to be made if they decide to restrict access in some way?

FEEDBACK?

Posted by
Labels: , , , , ,

Sunday, March 10, 2024

The End of the Free Tiers

2024 is the year of business accountability across all aspects of the software industry. This means that all variations of the free tier are going away in one way or another. 

SHOW: 802

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

SHOW NOTES:

WHY DID THE FREE TIER(S) EXIST IN THE FIRST PLACE?

  • Why do free tiers exist? Marketing awareness, experimentation, 
  • Why is talking about making money, or profitability considered taboo?
  • Why do we reconcile the love of employees and the hatred of paying for software?

WHAT ARE THE TRADE-OFFS WHEN THE FREE TIER GOES AWAY?

  • Are free tiers and free open source software the same thing?
  • Are “wants” and “value” the same thing? 
  • What should be free in the software world? 
  • Should end-users want the backers of a project or company to be successful?
  • Will VCs continue to back companies that have free tiers, or companies that spend on marketing, or is the game needing new (undefined) rules? 

FEEDBACK?

Posted by
Labels: , , , , , ,
Subscribe to: Posts (Atom)