Ep111: The Architecture of Growth: Sonar's Evolution to Multi-Region SaaS
Andrea Malagodi, CTO of Sonar, discusses how the company successfully transitioned from on-premise to SaaS, leveraging AWS partnership and maintaining focus on developer-centric code quality and security solutions.Topics Include:Andrea Malagodi is CTO of Sonar, guest on podcastSonar founded 16+ years ago by three software engineersFounders wanted to help developers understand code quality issuesFocus on giving developers precise, actionable insights for improvementProducts include SonarQube Server, Cloud, and IDE versionsRecent acquisitions: ACR, Tidelift, and Structure 101 companiesSaaS journey began seven years ago with SonarQube CloudInitially targeted individual developers, then expanded to enterprisesNow multi-region with comprehensive enterprise features availableSeven million developers rely on Sonar's solutions globally400,000 organizations and 28,000 enterprise customers use SonarStarted SaaS to test market demand, not assumptionsEngaged customers early to understand migration requirements neededRecommends alpha versions with design customers for feedbackFree tier for open-source code enables quick trialEnterprise certifications (ISO 27001, SOC 2) build trustAWS partnership includes enterprise support and technical resourcesUsed CDK for infrastructure-as-code, experienced early adoption challengesMulti-region strategy should be considered from the beginningAWS Learning partnership certified all engineers in cloudCloud enables faster development cycles than traditional infrastructureRecommends avoiding architectural one-way doors during transitionConsider data residency requirements for global customer baseAI-generated code creates productivity gains but needs validationSonar provides deterministic rules for AI-generated code reviewWorking on MCP protocol and AI code quality solutionsSecurity approach is "start left" not "shift left"Advanced Security offering includes dependency scanning and vulnerabilitiesAvailable on sonarsource.com and AWS MarketplaceFree tier offers 50,000 lines of code analysisParticipants:Andrea Malagodi – Chief Technical Officer, SonarFurther Links:Website: www.sonarsource.comSonar in the AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
--------
28:17
Ep110: Redefining Network Detection & Response with Generative AI – The Partnership of ExtraHop Networks and AWS
Kanaiya Vasani, Chief Product Officer, explains how ExtraHop leverages AWS services and generative AI to help enterprise customers address the growing security challenges of uncontrolled AI adoption.Topics Include:ExtraHop reinventing network detection and response categoryPlatform addresses security, performance, compliance, forensic use casesBehavioral analysis identifies potential security threats in infrastructureNetwork observability and attack surface discovery capabilities includedApplication and network performance assurance built-in featuresTraditional IDS capability with rules and IOCs detectionPacket forensics for investigating threats and wire evidenceCloud-native implementations and compromised credential investigation supportExtraHop partnership with AWS spans 35-40 different servicesAWS handles infrastructure while ExtraHop focuses core competenciesExtraHop early adopter of generative AI in NDRNatural language interface enables rapid data access queriesEnglish questions replace complex query languages for usersAgentic AI experiments focus on SOC automation workflowsL1 and L2 analyst workflow automation improves productivityShadow AI creates major risk concern for customersUncontrolled chatbot usage risks accidental data leakageGovernance structures needed around enterprise gen AI usageVisibility required into LLM usage across infrastructure endpointsAI innovation pace challenges security industry keeping upModels evolved from billion to trillion parameters rapidlyTraditional security tools focus policies, miss real-time activity"Wire doesn't lie" - network traffic reveals actual behaviorExtraHop maps baseline behavior patterns across infrastructure endpointsAnomalous behavioral patterns flagged through network traffic analysisMCP servers enable LLM access through standardized protocolsStolen tokens allow adversaries unauthorized MCP server accessMachine learning identifies anomalous traffic patterns L2-L7 protocolsGen AI automates incident triage, investigation, response workflowsBest practices include clear policies, governance, monitoring, educationParticipants:Kanaiya Vasani – Chief Product Officer, ExtraHop NetworksSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/Notes:
--------
18:01
Ep109: Sustaining Data Quality and Quantity: How Cribl is helping Customers Control Costs and Unlock Value
Cribl’s Field CISO Ed Bailey discusses how customers can manage the quality and quantity of data by providing intelligent controls between data sources and destinations.Topics Include:Cribl company name originCompany helps organizations screen data to find valuable insightsEd Bailey was Cribl's first customer back in 2018Data growth of 25% yearly created seven-figure cost increasesCEOs and CIOs complained about explosive data storage costsUsers demanded more data while budgets remained constrainedBailey discovered Cribl through a random Facebook advertisementCribl Stream sits between data sources and destinationsNo new agents required, uses existing infrastructure connectionsReduced data growth from 28% to 8% within yearDevelopment cycles shortened from six weeks to two weeksBailey managed global security and telemetry data systemsOperated large Splunk instance across forty different countriesTeam spent time collecting data instead of extracting valueCribl provided consistent data control plane for operationsSmart engineers could focus on machine learning solutionsMigrated from terrible SIEM to better security platformData strategy should focus on business requirements firstNot all data has the same business valueTier one: Critical data goes to expensive platformsTier two: Important data stored in cheaper lakesTier three: Compliance data in low-cost object storageSIEM costs around one dollar per gigabyte storedData lakes cost twelve to eighteen cents per gigabyteObject storage costs fractions of pennies per gigabyteAWS partnership provides scalable infrastructure for rapid growthEC2, EKS, and S3 are heavily utilized servicesCribl Search finds data directly in object storageAvoids costly data movement for search and analysisParticipants:Edward Bailey – Field CISO, CriblSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
--------
20:54
Ep108: Getting Ahead of the Curve - How Saviynt Automates Identity Security at Scale
Saviynt Co-Founder Amit Saha discusses how their AWS partnership has enabled the identity security company to deliver comprehensive identity protection while minimizing organizational friction.Topics Include:Saviynt is leading identity security provider in marketSecures human, non-human, workforce, and privileged access identitiesEliminates friction while automating organizational access management processesBiggest challenge: reducing friction in new access processesSecond challenge: visibility into accumulated technical debt problemsLost business context makes access permissions difficult to unwindSaviynt provides quick visibility to prioritize identity risksShadow IT creates ungoverned workloads and cloud applicationsNeed integration with asset management and cloud providersMust derive intelligence from multiple disconnected information sourcesAWS partnership provides access to prolific customer baseAWS security owners are same buyers for SaviyntEleven-year AWS relationship with early security competencyISV Accelerate program connects with sellers and architectsRising Star program helps stand out in crowded marketplaceFind mutual customers for successful AWS partnership storiesGenAI in bad actors' hands compromises customer securityProduct engineering uses GenAI tools for better qualityAgentic AI creates new paradigm between human/non-human identitiesAgentic AI requires dynamic, fluid access management approachesAI agents can generate their own bots needing accessZero trust principles needed at broader scale for AINext twelve months: getting ahead of GenAI curveNew AWS services launch daily in GenAI spaceContributing to new standards like MCP and A2A protocolsAWS Marketplace simplifies procurement and buyer discovery processesEDP program and migration incentives benefit ISV transactionsAWS developer-friendly startup programs accelerate time to marketCloud-native approach enables predictable scaling and AWS integrationAWS-Saviynt partnership aims for once-in-generation security impactParticipants:Amit Saha – Co-Founder and Chief Growth Officer, SaviyntSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
--------
17:36
Ep107: Cloud-Scale Security Monitoring – How Panther and AI are Revolutionizing Cybersecurity
Chief Architect Russell Leighton discusses how Panther's cloud platform revolutionizes security operations by treating detections as Python code and AI enabled alert vetting turning responses from hours into minutes. Topics Include:Panther is a cloud security monitoring tool (cloud SIEM)Works at massive scale, more cost-effective than legacy systemsKey differentiator: "detections as code" written in PythonBrings software engineering best practices to security operationsEnables unit testing and version control for security detectionsRecently adopted generative AI to improve security workflowsSOC burnout is renowned due to tedious ticket processingAI has intelligence of security engineer, works much fasterExample: Alert shows "Russ Leighton removed branch protection"Old way: Manual log analysis, checking user profiles manuallyTakes hours of squinting at detailed log dataNew AI way: Automatic vetting happens in minutesAI checks user profile in Okta or IDPDetermines engineer status, assesses typical behavior patternsProvides risk assessment based on historical alert dataLow risk for engineers, high risk for unusual usersExample: HR person accessing production code is escalatedCustomer quote: Takes vetting "from hours to seconds"Panther customers get dedicated AWS accounts for securityCompany can't see customer data, only self-reported metricsAI provides summaries, risk assessments, timelines, visualizationsAlso suggests remediations like human security engineer wouldInitial concerns about putting AI in production environmentCustomer feedback exceeded expectations with feature requestsAWS Bedrock integration addresses customer security concernsUses Anthropic Claude as base LLM through BedrockCustomers can enable additional Bedrock guardrails independentlyAI transparency prevents hallucination concerns through explanationsClaude's extended thinking mode shows reasoning processAI visualizes thinking with flowcharts explaining decision processParticipants:Russell Leighton – Chief Architect, PantherFurther Links:Website: Panther.comAWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
Stay current on new cloud trends. Top software companies, respected industry analysts, and experienced consultants join Amazon Web Services leaders to talk about the cloud topics that matter to you—including the latest in AI, migration, Software-as-a-Service, and more. We produce new episodes regularly.
France