 Welcome back everyone to the CUBE's live coverage here in Chicago, CUBECon, Cloud Native Conference, CNCF, CUBE's coverage. Every single CUBECon that the CNCF has put on, the CUBE has been there, except for the early days, we had a couple of guests here that have been to every single CUBECon. We've got David Aronchek with Expanso, formerly with Microsoft, Google, CUBE alumni, been around the block many times, and Omri Gazette, co-founder of Cerato, industry veterans, Dustin Kirkland, my co-host, guest analyst, also the VP of Engineering at ChainGuard. This segment really is about people who have been in the industry multiple cycles, and to look at what's going on now in this world of CUBECon, as Kubernetes starts to go mainstream and operational technology, what's at enablement, look at great guests, guys. Thanks for coming on, I appreciate you. Coming on to you. Thank you so much for having us. All right, so you've been around the industry a few cycles, guys. Web services, the day, now cloud, now AIs here. What do you guys see here at CUBECon that's the most interesting story relative to this next level of enablement? Yeah, it's interesting how, you know, kind of everybody's trying to look at AI and try to find the angle here. You know, it seems like AI is now dominated by people who can afford buying NVIDIA gear, and that's not a lot of us. But for us, we actually continue to be really excited about kind of building the next layer on top of kind of the core infrastructure. So identity and access are kind of next in mind, and specifically the access piece feels really exciting. I've seen more awareness now of the fact that you can externalize authorization than any time I've ever seen in the past. Hey, what's your take on CUBECon this year? You've seen from the beginning as it starts to flower out and grow. You know, I think there's kind of an immutable truth that always happens, right? You get these pendulum swings that go back and forth. It goes way, way, way over to the infrastructure side, and it comes way, way, way back to the application side. You go to the control slide on one side, you go to the data side on the other. I think we are seeing a pretty big swing back. Exactly like you just said, you know, H100s and so on NVIDIA is really, really expensive. People are starting to have to be thinking about their application layer and their data layer and being much more thoughtful about it. Kubernetes will be an incredible innovator around that. There's no question to help things pack together and so on, but people, organizations that want to succeed, that take advantage of all these models, will have to think about how to schedule against data, how to think about data, move data, and at that application layer. What's interesting, Dustin, is that we, you know, we, actually we, I think your first interview with CUBE was open stack in like 2015. Now you've got multiple hyperscalers in market. You have a lot more scale at that level. And then you've got now this app dev community coming in, developer productivity is the buzzword, like a whole other generation coming in. The scale and the data tsunami coming in is just unprecedented. It's a whole different game now, like, because you have now new power dynamics in the industry. Yeah, without a doubt. I want to compliment Dave here and say that I've known Dave a long time and he was the first person who really clued me into how big machine learning could be one day. And I think we're there and, you know, I certainly woke up to a whole, a whole different world with that. I'm really curious about your take on something Omri just said, and Dave came to as well with, you know, the expense around H100s. Do you think there's a world that emerges where there are haves and have nots when it comes to AI, ML, inferencing, you know, smarter decision making? Omri? Well, honestly, I think that, you know, the big players here are, you know, driving down costs so much and democratizing the technology. You know, I don't think that there are going to be a lot of infrastructure players outside of- You think it will be democratized then? I do think that, you know, like, the level of scale that they have is unmatchable by small companies. You know, so if you are a startup that's trying to innovate at the AI infrastructure level, you're going to have to find your niche. But there's so many applications. You know, LLIM is, of course, all the rage. You know, I'm excited about just, like, playing old machine learning, you know, where, you know, you take a bunch of, you know, access logs, for example, and you run, like, anomaly detection on them and figure out, oh, this user signed a purchase order, but they're in the engineering group. How does that work, right? Like, that is a classic application of machine learning. It doesn't need, you know, H100s. You don't have to buy one of those. You know, all you need is actually to have some capability that's available from a cloud provider. That's all you need. You know, what's interesting about that is that, you know, there's an old expression in the Silicon Valley entrepreneurial world is, that's a feature, not a company. Remember that saying? Yes, exactly. Now, you can actually make a company out of a feature because the solo entrepreneur model's coming back where you can pick a vertical and go deep on something and be very successful. Absolutely. You know, to a dozen's point earlier, like, I think you're exactly right. There's basically two players in the world, not the haves and the have-nots. Those that sell, I like to joke, specialized electricity and those that don't. Specialized electricity looks like storage, compute, and networking. Everyone else is a layer outside. And exactly like you said, I think there's gonna be half a dozen at most who do the former. There's plenty of room and business in the second. And to your point about the speed of innovation, the thing that ML, like these larger models do is they really transform the way you store knowledge and access it. So now, you can say, hey, you know what? Here's a ridiculous amount of structured, unstructured, semi-structured data. I want you to compress it into a place where you can store it in, I don't know, even if it's large, 10 gigabytes of memory or disk. And then I'm gonna give you arbitrary questions against that. Was that available before? Sure, but you had to like build this very deep structure and things like that. Now you can say to your prototype example, hey, you know what? I'd like to build a website. I'd like to have three buttons on it. I'd like to have this. You have a way that you can interact with that body of knowledge in a really straightforward way, human way, and get an output. That output's not going to be a company, but it's going to be a prototype for a thing really quickly. I want to, before we get to what you guys are working on in your companies, because I think it's compelling. You guys had two amazing opportunities. I want to get you guys' thoughts on a reaction to this idea of platforms. I remember about 10 years ago, platform wars were a kind of big conversation. Then the tool market came out. Everyone had tools, whether it's cybersecurity. You're seeing now this idea of platforms emerging, whether it's cybersecurity. Are there too many platforms? Can companies over-rotate on platforms? Or what is a platform in this model? We have all this hyper-scale layers, because you're starting to see, I remember, I'm going to see Adam Sileski in a week preview of a re-invent. Last year I met him, I'm like, he's like talking to ISV. So I'm like, well, they're ISV. Well, that's an old term. Snowflake has an ecosystem on top of AWS. So there's Databricks. And they're on Azure. So you start to see companies have platforms without buying any hardware to your point about. Is that just super specialized electricity? Yeah, exactly. What is the platform conversation? Because a lot's going on in this complexity of this world. It's a digital distributed system. An enterprise has to run. So I guess my take on it is, obviously the cloud providers all have a whole bunch of services that make it available to you. And of course there are other, kind of infrastructure vendors like the Snowflakes of the world that produce really, really useful stuff. But I'm now seeing a whole bunch of enterprises basically saying, you know what, we now have a platform services team and it's not just about running Kubernetes. It's actually about assembling a set of capabilities that we think are going to be, kind of like the capabilities that all of our application developers need. And in the same way that back in the, I'm old, like back in the 90s, like these enterprises said, we only support Oracle and DB2. That's all the databases that we support. I was at Microsoft at the time, it was a little hard to get SQL Server in there, but eventually we did. But the point was that these IT departments basically had a set of standards. And I think that's the same as happening now with enterprises where they say, we have a standard platform. We use things, they use Terraform, they use Crossplane, they use Bloomy, they use a lot of different things to try to assemble all these different services. And they're trying to create these paths, these like rails for their application developer team so that they don't have to cobble together their own stuff or reinvent the wheel. Are they building their own, are they using vendors to help them? That's the question. I think they're doing it some and some, right? So like wherever possible, they're trying to use mature open source and vendor-supported technology. And in some places they have to still build their own, but it's almost like, you remember, like the platform days, Cloud Foundry, was this idea of you had a layer and you had all these services underneath and you had a common way and an easy way for developers to actually get code out. And we're now, I think seeing that, each of these enterprises are trying to create their own specialized platform using all this technology that's now available. To reference another old school, Microsoftism, basically if someone else makes money off of what you're selling and making money off of, then you have a platform. And in Microsoft days it was like, Steve Ballmer would stand up and say like, if we are so happy that for every $10 spent on the Windows ecosystem, someone else makes nine. We make a dollar. And that's a really, really important thing. And then you mentioned a key word in there, capabilities, right? You can have any API in the world you want, you can have anything like that, but ultimately it does come down to, what does the end user need? And a platform for platform sake, Kubernetes for Kubernetes sake is not enough. Like people need to do things. They want to host websites or databases, APIs, whatever they want to like, do billing systems, you know, all these various things. That's the capability that you're solving. And most platforms are not enough. People need to build solutions on top in order for them to be a complete picture. One final point I want to get your reaction to is the AI wave obviously is a generational shift. We see it, everyone loves it. The younger generation coming in, I've met a couple people here just out of college. They're quitting their jobs and whatever they were in coming into tech. So they have a migration of younger talent coming in. They don't have the scar tissue or the, what was the web again? So as veterans, you look at the AI, what gets you most excited about what's going to happen with AI? What does that enable? Knowing what we've seen through the old school as you look at the future, what do you guys see as the most exciting opportunity? If you were 25 again, what would you be doing? Like, cause that's what I always say like, I wish I was 25 again another 20 years of just grabbing this wave and taking it, what do you guys see? Well, for me, I think that when I was back in school, studying computer science, I always looked through that lens of an engineer because I'll always be an engineer at heart. I was excited about going from assembler to high level languages, building compilers. Those are the tools that I think about. And today, the tools are just so vastly different, right? You can, just like David said, you can envision an application, describe it to a computer, and the computer will generate a pretty good first draft of what you actually want. It's mind blowing, right? For people who've kind of tried to build this stuff, kind of like bridge like Rick. Exactly, the level of capability that you now have as a developer is staggering. And so, just like back in the day, I learned computer science stuff and some of it was useful, of course, but when I actually went to build my first startup, a lot of what was really useful was kind of like much higher level than that. I think that today's university grads really would be served well to go look at all the amazing stuff available to them. Copilot is a small example of that, but every student should actually go use the latest and greatest tools because that will make them so much more productive and then they can be without them. Yeah. Yeah, I couldn't agree more. I think you touched on the key word there, it's productivity. And the idea that you're going to be able to, at any point in the near future, I'm like, I have been absolutely floored with the progress that has happened so far, but even if in 10 years, a entire solution, an essay, a journal article, an app, you name it, is created without the interaction of a human seems highly unlikely. Like you're always going to want, no matter how good it is, you're always going to want that last human bridge to take it to market in order to make it real. Now that said, I'm from a productivity side, it's enormous, right? I say like, I was telling someone last night, about 100% of what I write, and I write a lot, PRDs, blog posts and stuff, about 100% of what I write. I started at an outline in some GPT, right? Some model. 100% of my unit testing has been pre-written by co-pilot. That's great, but it's just a start. At the end of it, code is pretty good, right? Probably 80% of it still remains. With the essays, I don't know, 10, 15% remains, but it gets me past the writer's block, and now I'm like, oh, that sentence doesn't make any sense at all. They're talking about whatever, welding, what the hell? It's the scaffolding you stand up from basic stuff. So I personally think it goes back to that thing that I was saying earlier. You now have an opportunity to interact with these things in new and interesting ways. They're able to pull information in that is really valuable for you, that you may not even know is out there, or a particular structure that you weren't thinking about, and then you can kind of go from there. So it gets you past the cold start problem. Sorry. So I'd, can I jump in? I'd like to hear a little bit from each of you. You're both startup founders, certainly in the middle of this space. How are you helping your customers with some of these problems? So for us, we get really excited about the access part of identity and access like I talked about. And this is a classic example of something that everybody rolls their own. Just like 10 years ago, people rolled their own login. Just like my previous startup, we tried to do speech to text. And I literally kind of stood up a service based on Microsoft's speech API, running on some kind of Windows server thing. And I created an API in front of it because there was no web service to do it. Today we have all this stuff. We have Google Translate. We have Twilio. We have Stripe. There's all these things that we don't have to build anymore. And so the thing that I'm really excited about for developers is helping them get out of the business of building access control, which is 20% of the logic of every application. It's boilerplate logic. It's like, it's manual. It's error-prone. It's mind-numbing. It's soul-crushing. And yet, if you get it wrong, you have a serious problem. And it turns out that 94% of the applications that OOSP tests have some form of broken access control. You know, we're so... Victim of that, I'm telling you. That's the piece that we get excited about is like taking something that is just so dumb to continue to go reinvent and actually making it available as a standard developer API. Yeah. So we're really on the kind of other end of the spectrum. We're on the platform side. Our platform is the open-source product Baca Yao. It means cod in Portuguese because we're all about computer-over-data. So how do you take these jobs? Kubernetes is amazing, but it is very centralized. It normally works best in a single zone. When you think about 57% of all data being created outside of core data centers and with network growth, nowhere near keeping up as much, how do you take these containers, wasm, binaries, and move them to the place where the data is being created? And so... Like the edge. Could be the edge. Could be, like a lot of people don't even realize when the second you get outside of a single zone or a single region, even if you're entirely on a single cloud, you're likely going to have to start having problems. So if I have images in South Korea and Brazil and Belgium, maybe I have regulations, GDPR, that doesn't allow them to move. Maybe I just want to leave them there because I don't want to pay the ingress, egress, cross zone fees. How do you take a model, for example, deploy it to all of those places, build intelligence around it, and then get only the results back? That's what our platform is designed to build for. That's a hard problem. It is a hard problem. And you know, I joke, I happen to know from my Google days, Eric Brewer, the inventor of CAP Theorem, and I was pitching him on this idea. I'm like, am I being crazy about this? He's like, no, you're not being crazy. You're taking the, instead of doing the C and the A portion of CAP Theorem, which is Consistency and Availability, you're focusing on A and P, support for network partitioning. It is 40 years of distributed systems knowledge. We're just trying to, like, you know, break through a little bit. And all kinds of real time. Absolutely. So how far along are you? When did this company start? Where are you guys in the progress? Are you raising money? What's the status? We started a year and a half ago in February. That was the first line of code written. We just hit 1.0 in May and 1.1 in August. We will have some very big announcements next week, which we're really excited to come in. Looking like you got a little fat check coming, can't say yet. I wouldn't be, I'm not saying no, I'm not saying no. But, you know, we're growing like mad and we're going to talk about some customers we have next week as well. So we, you know, we've been really, really lucky. Coming to a conference like this, that's the one thing that, you know, I've been like you to most of the KubeCon's and just the ecosystem, the inclusion, the way that it brings everyone together, it's just so wonderful. And, you know, I leave here with 10 times as many ideas as I had coming in because there's just so much. And you guys have great relationships. You've got good work there. Congratulations on your venture. Thank you. Looking forward to tracking that news. Talk about us here, to where you guys at now. What's the status there? What's your update? Yeah, this month it's our third birthday and the first birthday of Topaz, our open source project. We just shipped, we announced on Monday we launched our version 0.30. So we're not quite at one oh, you know, like we basically take the like the terraform approach, you know, kind of like takes a little bit of time to get to one oh, but super excited about this particular release. It basically brings together, you know, the best ideas that we know about in authorization. One of them is open policy agent policy as code. The other one we actually got from Google with the Zanzibar project over there. They wrote the Zanzibar paper now about three years ago. We read it just when we started the company and we decided that we're going to be the first platform that brings policy as code and policy as data together in a single open source project. I really love what you guys are doing. And every time I chat with you, I think of how inadequate our law is. I sign on it, still can angle it. Got four different sites, tokens, and what? We're going to fix that, believe me. Being self-funded is always the last thing you're going to get to. Guys, thanks for coming on theCUBE. Really appreciate it. Congratulations on your new venture and your success, continued success. And thanks for coming on theCUBE, appreciate it. Thanks so much, John. Thanks so much. All right, we'll be back with more live coverage after this short break. Stay with us.