The SoftwarePlaza IT Podcast

Joe Carder, Enterprise Architect at OpenLogic (a Perforce company), breaks down how OpenLogic provides long-term support across 400+ open source packages — including new LTS offerings for Kafka 3.8 and 3.9. He shares highlights from their 2023 State of Open Source report, digs into why open source is the silent foundation powering AI, and makes a compelling case for why enterprise leadership needs to stop free-riding and start contributing. A candid, expert take you won't want to miss.

Filip Verloy, CTO EMEA & APJ at Rubrik X, Rubrik, joins us to unpack the real risks of agentic AI — from shadow AI and rogue agents deleting production data, to the identity challenges that come with autonomous systems. He walks through how Rubrik Agent Cloud uses an SLM-as-a-judge to govern, monitor, and block agent actions in real time — and even rewind mistakes. If you're running AI agents in production, this one's essential listening.

Jim Bugwadia, Founder & CEO of Nirmata, joins us to explore how AI is reshaping Kubernetes policy management — from writing YAML to delivering real outcomes. Jim shares his journey from AI skeptic to true believer, unpacks the philosophy of "guardrails, not gates," and demos Nirmata's new Platform Assistant live. If you want to see what agentic, outcome-driven software actually looks like in production, this one's worth your time.

Jonny Rivera, Sr. Director of Product at ActiveState, breaks down why the "scanner-only" approach to open source security is leaving enterprises dangerously exposed. He covers supply chain risk, the hidden threat of transitive dependencies, multi-language coverage across 12+ ecosystems, and how tightening government regulations are forcing companies to take real accountability. If your team is still pulling open source from the wild west of the public internet, this one's a wake-up call.

Ryan Schwartz, Senior Manager of Product Marketing at Abnormal AI, joins us to break down the evolving email security landscape and why traditional rule-based defenses are no longer enough. He unpacks how attackers have shifted from "breaking in" to "blending in" — using stolen credentials, token replay attacks, and AI-generated content to look indistinguishable from legitimate users. The episode includes a live product walkthrough showing how Abnormal's behavioral AI analyzes tens of thousands of signals to detect threats that have no malicious links, no attachments, and pass every authentication check. If you're anywhere near a security function, this one will change how you think about your inbox.

In this episode, Natan Yellin, CEO of Robusta, shares why platform engineering is no longer about building for developers—but for AI agents. As the creator of HolmesGPT, Natan explains how AI agents can now investigate incidents, review their own code, cut cloud costs, and even generate PRs autonomously.He dives into Robusta’s bold pivot from Kubernetes monitoring to an AI-driven reliability agent, the internal debate that almost stopped it, and why listening to customers doesn’t always mean following them. Natan also warns of a coming “AI tsunami” in tech, arguing that teams must learn to work 10–20x faster with AI or risk being displaced.From reducing logging bills by 30% to rethinking CI/CD pipelines for agent-generated code, this conversation explores how AI is reshaping platform engineering, DevOps, and the future of software jobs.

In this episode, we sit down with Lana Malikova, Channel Partnership Manager EMEA at Superhuman, alongside Kseniia Shalyhina, Solutions Architect at Superhuman. The conversation explores how Superhuman is uniting Grammarly, Coda, and Superhuman Mail into a single AI-powered platform for enterprise collaboration.Lana shares deep insights into channel partnerships, ecosystem strategy, and what it takes to scale AI solutions across EMEA. Together, they discuss the shift from standalone tools to an integrated AI platform, real enterprise use cases, and how partners can drive adoption responsibly. A must-listen for anyone interested in AI, partnerships, and the future of enterprise productivity.

Kat explains how security risks, mounting technical debt, and maintainer burnout made the shutdown unavoidable.The conversation explores what the retirement means for platform teams, why there is no true drop-in replacement, and what migration to alternatives like Gateway API really involves.The episode also offers insight into Kubernetes governance and the hard decisions required to protect critical open source infrastructure.

In this episode, we speak with Gerrit Schumann, CEO & Co-Founder of mogenius, about treating internal developer platforms as real software products. Gerrit shares lessons from decades in software and cloud transformation, and explains why platform engineering must focus on reducing cognitive load for both developers and platform teams.The conversation explores Kubernetes maturity, GitOps with Argo CD, build vs buy decisions, and how mogenius helps teams create golden paths without hiding complexity. Gerrit also offers a look ahead at how AI will reshape platform operations and developer experience.

In this episode of the Software Plaza Podcast, Twain Taylor speaks with William Morgan, CEO & Co-Founder of Buoyant, the company behind the popular service mesh Linkerd. William shares hard-earned lessons on building a profitable business around open source, why “free” isn’t sustainable, and how Buoyant transitioned from VC-backed growth to profitability. The discussion also explores service mesh adoption, cutting AWS networking costs, and how Linkerd is evolving to support AI workloads and MCP traffic in Kubernetes. A must-listen for platform engineers, founders, and open-source builders navigating scale and sustainability.

In this episode, we speak with Sanjay Kosuri, Senior Product Marketing Manager at Egnyte, about how AI is transforming the way organizations manage, understand, and act on content. Sanjay shares why content sits at the heart of every business decision and how Egnyte blends collaboration, intelligence, and governance into a single platform.The conversation explores generative AI, agent-based workflows, and how technology teams can move faster by extracting insights from complex, mission-critical content. A deep dive into the future of intelligent content-driven work.

In this episode Nir Valtman, Co-Founder & CEO of Arnica, elaborates how application security is evolving in an AI-driven development world. Nir shares his journey as a security practitioner and the motivation behind building Arnica, an Application Security Posture Management (ASPM) platform focused on real developer workflows. The conversation dives deep into AI-generated code risks, meaning-based vs rule-based security findings, and how embedding security directly into Git workflows can dramatically reduce vulnerabilities before code review. Nir also explains Arnica’s bold approach to offering visibility for free while driving real impact through automation and developer-first adoption.

In this episode, Colin Griffin, Founder and CEO of Krumware, talks about how platform engineering has evolved beyond DevOps and internal developer platforms. Colin shares a practical, experience-driven perspective on building platforms as products that support developers, infrastructure, security, and data teams, drawing on real-world lessons and ideas aligned with the CNCF Platform Engineering White Paper: https://tag-app-delivery.cncf.io/whit.... The conversation explores why platform engineering is as much about culture and user experience as it is about technology, and what organizations should consider when starting or evolving their platform journey. Colin also discusses common pitfalls teams face when adopting platforms and how treating platforms as long-term products can drive better adoption, collaboration, and business outcomes.

In this episode we welcome Sonal Khanna, the Co-Founder at Secure Blink, to unpack how AI is reshaping application and API security. Sonal shares her journey of building Secure Blink and the thinking behind THREATSPY, a developer-first, AI-powered security platform. The conversation dives into why traditional security tools fall short, how reachability-based prioritization changes remediation, and why security must move at the speed of development. Sonal also discusses Secure Blink’s global recognition, including its selection for an AI accelerator in Paris, and what the future holds for API-first security teams.

In this episode, Kerim Satirli, Senior Developer Advocate II at IBM, who walks us through the major developments happening across the HashiCorp ecosystem since we last spoke. Kerim breaks down key updates such as Terraform Stacks, Actions, Search, and Infragraph, along with the debut of Vault Radar, which scans codebases and collaboration tools to uncover leaked or unmanaged secrets before they become incidents. He also reflects on industry trends—from the surge of MCP-powered AI agents to the growing urgency around supply-chain security highlighted by the ongoing Shi Hulud NPM attack, offering a clear view of how modern infrastructure and security practices are evolving.

In this episode, Taylor Dolezal, Head of Open Source at Dosu.dev, for a thoughtful deep dive into the evolving world of documentation and knowledge management. Taylor shares his journey from the CNCF to Dosu.dev, why he returned to his open-source roots, and how Dosu is reimagining documentation as a living, dynamic system. We discuss the fragmentation of knowledge across tools, AI’s role in documentation, and the emerging need for context-aware, fact-driven docs tailored to each user. Taylor also walks us through Dosu.dev’s unique approach—bringing structured facts, citations, and automation into docs to help maintainers and enterprises stay sane in an accelerating world.Check out a rich conversation on the past, present, and future of docs in open source and beyond.

In this episode, Eric Herzog, Chief Marketing Officer at Infinidat, shares how the company is transforming enterprise storage with a blend of performance, resilience, and simplicity. From the power of InfiniSafe’s cyber-storage capabilities to the intelligence behind InfiniVerse and AI-driven automation, Eric explains how Infinidat delivers unmatched reliability and scalability while tackling modern IT challenges like skill shortages and data protection.

In this episode, Steve Flanders, Senior Director of Engineering at Splunk, shares how the company is driving the next wave of innovation in observability through OpenTelemetry.Steve dives into how open standards are eliminating vendor lock-in, streamlining telemetry data, and delivering unified visibility across today’s cloud-native environments. He discusses best practices for scalable data pipelines, auto-instrumentation, and semantic conventions that enhance monitoring precision. The conversation also looks ahead to the future of observability, covering performance profiling, real-user experience, and AI-driven workloads. This led to showcasing how OpenTelemetry is redefining how teams measure and optimize system reliability.

In this episode Itiel Shwartz‏, Co-founder and CTO at Komodor, shares how his team is reimagining site reliability with Claudia AI, an autonomous system that detects, investigates, and remediates Kubernetes issues in real time. Itiel discusses the evolution from early AIOps concepts to today’s multi-agent architectures, where AI handles repetitive operations and frees engineers to focus on innovation. He also explores the challenges of accuracy, hallucination control, and balancing automation with human oversight. The conversation offers a deep look at how Komodor’s AI agents are shaping the next generation of reliability engineering in the age of large language models.

Weaviate CEO & Co-Founder Bob van Luijt talks about how vector databases evolved into AI-native databases and why that matters for engineers building production AI.The conversation covers core use cases (vector search, RAG), the new wave of database-level agents (query & transformation agents), multi-tenancy and storage optimizations, and practical notes on getting started with Weaviate’s cloud and free tier. Expect clear explanations, a short demo video walkthrough, and product lessons from scaling an open-source database.

In this episode of The Software Plaza Podcast, we speak with Brad Micklea, Co-Founder and CEO of Jozu, a platform built to simplify and secure AI/ML deployment. Brad shares his journey from Red Hat and AWS to founding Jozu, diving deep into the challenges of taking AI models from experimentation to production. He explains how Jozu bridges the gap between data science, engineering, and operations, ensuring models are compliant, secure, and production-ready. Tune in to explore how open source, Kubernetes, and model packaging standards like KitOps are shaping the future of enterprise AI.

In this episode, Pavlo Baron, Co-founder & CEO of Platform Engineering Labs, shares how Formae is transforming platform engineering by replacing brittle YAML/JSON configs with smart, codified abstractions. Built on an agent-based system, Formae simplifies collaboration, reduces toil, and bridges the gap between developers and ops ushering in a faster, more reliable era of infrastructure management. He explains how Formae enables granular, patch-based changes to minimize blast radius and why modern infrastructure tools must evolve for speed, collaboration, and simplicity. It’s a fresh take on platform engineering designed for the realities of today’s distributed systems and teams.

In this episode, Sarah Polan, Transformational CTO and Consultant in Digital Infrastructure & Scalability, explores how large financial institutions are rethinking modernization in the era of AI. Sarah shares insights from real-world transformation projects, from navigating compliance-driven change under DORA regulations to tackling AI integration challenges and infrastructure modernization. She also unpacks why 95% of AI pilots fail, the importance of cultural leadership in tech transformations, and what it takes to future-proof an organization’s infrastructure for AI scalability.

Chris Lentricchia, Product Marketing Manager at Upwind, explains how runtime context turns thousands of scan alerts into the few that actually matter. Learn how Upwind’s eBPF-powered platform detects live exploits, reduces false positives, and helps teams secure production workloads efficiently. He also shares how organizations can move beyond static scanning, balance shift-left and shift-right practices, and achieve real-time visibility without adding system overhead. This conversation is packed with insights for cloud-native, DevOps, and security teams aiming to modernize runtime protection.

Jake Moshenko, Co-founder & CEO of AuthZed, gives a deep dive into relationship-based access control — the model behind SpiceDB and inspired by Google’s Zanzibar. This episode explains how modeling relationships (people↔data↔teams) unlocks fine-grained, portable policies and why treating auth as a database matters for caching, consistency, and scale. Jake also contrasts RBAC/ABAC tradeoffs, shows how centralized auth speeds product iteration, and outlines when teams should stop DIYing permissions. Ideal for architects and security leads rethinking access control.

Steve Fenton, Head of DevRel & Principal DevEx Researcher at Octopus, shares findings from Octopus’ Platform Engineering Pulse research. He explains why making security and operational policies mandatory often drives healthier platform adoption, how GitOps and Argo are shaping deployments, and which metrics (DORA / Monk) actually matter for platform success. Short, practical, and research-backed takeaways for platform teams and engineering leaders.

In this episode, Abdel SGHIOUAR, Senior Cloud Developer Advocate at Google and CNCF Ambassador, unpacks the technical and cultural shifts happening in the Kubernetes ecosystem. As co-host of the Kubernetes Podcast, he shares how enterprises, from LinkedIn to CERN, are pushing Kubernetes beyond microservices into powering GenAI workloads. Abdel dives into the hardware bottlenecks, operational hurdles, and community-driven innovations shaping the future of Kubernetes.

In this conversation with Luca Forni, CEO, and Stefano Doni, CTO of Akamas, we explore how enterprises can achieve massive savings and reliability improvements through AI-driven optimization. They share why configuration tuning is often overlooked, how Akamas addresses the “butterfly effect” across the stack, and why optimization must be continuous. From Black Friday load spikes to everyday workloads, they explain how organizations can balance cost, performance, and reliability seamlessly.

In this episode, Matt Butcher, CEO of Fermyon, talks about the surprising realities of running serverless at scale. They cover how WebAssembly unlocks faster cold starts, higher density, and massive cost savings, plus the challenges of AI-driven bot traffic, Cloudflare outages, and edge reliability. Learn why Fermyon’s Spin project at CNCF and their Akamai partnership could shape the next wave of serverless.

In this episode, Mahmoud El Magdoub, Director of Product at Instabug, explains why mobile teams need to move beyond crash reporting to a broader definition of app quality.He breaks down the difference between mobile and web debugging, shares real customer stories, and introduces Instabug’s approach to proactive and reactive monitoring, frustration-free sessions, and performance metrics that actually matter.

Or Weis, CEO of Permit.io, explains why AI agents need a new approach to identity and access control.He introduces just-in-time derived permissions, dives into relationship-based access (ReBAC), and shares how their new Agent Security platform helps manage consent, delegation, and risk in a world of fast-evolving LLM agents.

In this episode, Joe Karlsson, Senior Developer Advocate, CloudQuery talks about the hidden complexities of cloud data management.From API rate limits and syncing issues to data privacy and performance. Joe walks us through how CloudQuery simplifies data movement and makes your cloud data usable, secure, and accessible, even for AI agents.With a live demo and thoughtful insights on where the data and AI space is headed, this episode is a must-listen for data engineers, platform teams, and AI builders alike.

Sebastian Scheele, CEO of Kubermatic, shares insights on running Kubernetes at scale, the evolution of platform engineering, and the power of using the Kubernetes API to build developer self-service platforms.He discusses managing thousands of clusters, simplifying infrastructure for developers, and integrating AI workloads.Plus, get a live demo of how Kubermatic enables seamless multi-cloud Kubernetes management, all while staying true to open-source principles.

Discover Akka.io's unique architecture and concurrency model for building and scaling agentic systems efficiently. Tyler Jewell, CEO of Akka.io, details real-world use cases, emerging design patterns, and his vision for self-improving, autonomous AI.Hear how Akka.io is delivering "certainty in the face of uncertainty" in the agentic AI revolution.

In this deep-dive with Alistair Russell, Co-founder and CTO of Tray.ai, we explore the evolution from semantic web research with Tim Berners-Lee to building Merlin, an agentic AI platform that's transforming business automation.Discover how Tray enables large language models to not just think, but act, with context, governance, and composability at scale.  

Join Roy Barda, Director and Head of CloudGuard WAF at Checkpoint, for a comprehensive look at securing web applications and APIs in today's complex environment.Roy explains Checkpoint's unique AI-driven WAF solution that moves beyond static signatures to proactively identify zero-day threats and reduce false positives. He also discusses their robust API security platform, offering automated discovery, strong enforcement, and future plans for detecting misuse anomalies.Learn about the power of contextual AI in enhancing security measures and get a live demonstration of CloudGuard WAF's intuitive interface and powerful threat prevention capabilities.  

Sarah Elkaim, the Head of Product Marketing at Sweet Security breaks down how their real-time, eBPF-powered runtime protection is transforming cloud-native security.From dynamic baselining to proprietary LLMs, discover how Sweet is cutting incident response times to minutes and eliminating false positives, redefining what CNAPP can do.

Join us for an insightful conversation with Neil Levine, SVP Product at Anchore, as we dive into the evolving world of Software Bill of Materials (SBOMs).Discover how SBOMs are transitioning from mere compliance necessities to powerful tools for enhancing software supply chain security. Neil shares Anchore's latest product release, focusing on critical features like "Bring Your Own SBOM" for diverse SBOM management, and the innovative Anchore Rank for prioritizing vulnerabilities.Learn about the operational challenges organizations face with SBOM sprawl and quality, and get a glimpse into the future of SBOM insights and automation.  

Join Alex Olivier, Co-founder & CPO at Cerbos, as he uncovers the massive growth of non-human identities (NHIs) in modern systems. From ephemeral AI agents to IoT devices.Discover why traditional identity management falls short and how Cerbos enables a true zero-trust architecture by authorizing every machine and workload identity in real-time. Alex also shares insights into Cerbos' flexible, stateless approach and their upcoming release.  

Hear from Bar-El Tayouri, Head of Mend AI, about the urgent need for a new approach to securing AI-driven applications.From understanding novel AI components and their risks to implementing a comprehensive AppSec program, this episode provides actionable insights for organizations building with AI.

Kyle Campos, CTO of CloudBolt, joins us to talk about the failure of the 'report factory' model in FinOps. Too many teams generate dashboards, but few actually remediate waste.CloudBolt is changing that with an orchestration-first approach that closes the loop from insight to action. Kyle also explains how the StormForge acquisition supercharges Kubernetes optimization with real-time automation.

Join us for a fascinating conversation with Alex Zenla, Co-founder & CTO of Edera, as she shares her unconventional journey from the Minecraft community and IoT to building a cutting-edge Kubernetes security solution.Learn about the "aha" moments that led to Edera's unique approach to container isolation, their focus on security and efficiency, and their plans for the future of cloud-native infrastructure.

Traditional security measures often fall short when it comes to the evolving world of agent-based and shadow AI.Discover the power of network-based observability in this insightful conversation with Trevor Welsh, VP Product at Witness AI.Learn how Witness AI provides unprecedented visibility into AI interactions, enabling enterprises to identify risks, enforce policies, and protect sensitive data across all AI usage.

Learn about the current state of cloud security and the impact of artificial intelligence in this conversation with Jeff Leder, CTO of Dot Security. We explore common security challenges, the "shift left" philosophy, and the evolving threats and opportunities presented by AI in the cyber landscape.

We had a chat with Nils Karn, Co-Founder & CEO, Mitigant, and Thomas Fricke, Co-Founder & Advisor, Mitigant about the concept of cloud attack emulation.It involves simulating attacks like ransomware to test the resilience of a system, emphasizing that it's not a simulation but an actual attack executed in a controlled environment.Mitigant conducts these attack emulations  on pre-production systems rather than simulations or exact copies, to ensure the results are highly accurate.

Scott Leatherman, CMO, Aviatrix, joins us to highlight the challenges of securing cloud-native environments, and the need for modern firewall solutions.Aviatrix's Kubernetes Firewall helps reduce IP exhaustion and provides east-west and egress security. A surprising offshoot of doing cloud and Kubernetes firewalls the right way is being able to modernize your applications.Tune in to hear a unique take on cloud network security.

Reza Ramezanpour, Developer Advocate at Tigera joins us to talk about v3.30 of Project Calico.This release focuses on enhanced observability and a staged network policy feature that allows for non-enforcing policy testing without impacting cluster performance. Calico 3.30 introduces integration with the Gateway API, enabling advanced ingress traffic control and micro-segmentation capabilities.Tune in to hear from one of the innovators in the Kubernetes networking security space.

Today's podcast features OX Security, a company revolutionizing application security. OX Security covers the entire application lifecycle, from design to runtime, ensuring comprehensive protection. Their advanced verification system identifies and validates security threats with hard evidence, eliminating guesswork. Boaz Barzel, Field CTO, demonstrates how their dashboard dramatically reduces noise, filtering over 500,000 security alerts down to the most critical 2.08%. Tune in for an insightful conversation about ASPM.

ActiveState has been working on managing open source dependencies and builds for over 20 years. They take an 'SBOM-first' approach, generating Software Bills of Materials (SBOMs) first before building applications, providing visibility into dependencies. Active State's platform can discover open source components used across an organization, prioritize vulnerabilities, and provide intelligent remediation recommendations. Tune in as Scott Robertson, CTO, and Pete Garcin, Senior Director of Product at ActiveState talk about all things open source security.

Florian Forster, CEO & Co-Founder, Zitadel, joins us in this episode to discuss the challenges of authentication in cloud-native and Kubernetes environments, such as managing token expiration, revocation, and scalability. Forster highlights some common anti-patterns in authentication, like cramming too much data into access tokens and running expensive operations against the identity infrastructure. He shares his vision for the future of authentication, including consolidation with authorization solutions and providing analytical capabilities on identity data. Tune into this episode for a deep dive into authentication.