AWS for Software Companies Podcast

Andrea Malagodi, CTO of Sonar, discusses how the company successfully transitioned from on-premise to SaaS, leveraging AWS partnership and maintaining focus on developer-centric code quality and security solutions.Topics Include:Andrea Malagodi is CTO of Sonar, guest on podcastSonar founded 16+ years ago by three software engineersFounders wanted to help developers understand code quality issuesFocus on giving developers precise, actionable insights for improvementProducts include SonarQube Server, Cloud, and IDE versionsRecent acquisitions: ACR, Tidelift, and Structure 101 companiesSaaS journey began seven years ago with SonarQube CloudInitially targeted individual developers, then expanded to enterprisesNow multi-region with comprehensive enterprise features availableSeven million developers rely on Sonar's solutions globally400,000 organizations and 28,000 enterprise customers use SonarStarted SaaS to test market demand, not assumptionsEngaged customers early to understand migration requirements neededRecommends alpha versions with design customers for feedbackFree tier for open-source code enables quick trialEnterprise certifications (ISO 27001, SOC 2) build trustAWS partnership includes enterprise support and technical resourcesUsed CDK for infrastructure-as-code, experienced early adoption challengesMulti-region strategy should be considered from the beginningAWS Learning partnership certified all engineers in cloudCloud enables faster development cycles than traditional infrastructureRecommends avoiding architectural one-way doors during transitionConsider data residency requirements for global customer baseAI-generated code creates productivity gains but needs validationSonar provides deterministic rules for AI-generated code reviewWorking on MCP protocol and AI code quality solutionsSecurity approach is "start left" not "shift left"Advanced Security offering includes dependency scanning and vulnerabilitiesAvailable on sonarsource.com and AWS MarketplaceFree tier offers 50,000 lines of code analysisParticipants:Andrea Malagodi – Chief Technical Officer, SonarFurther Links:Website: www.sonarsource.comSonar in the AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Kanaiya Vasani, Chief Product Officer, explains how ExtraHop leverages AWS services and generative AI to help enterprise customers address the growing security challenges of uncontrolled AI adoption.Topics Include:ExtraHop reinventing network detection and response categoryPlatform addresses security, performance, compliance, forensic use casesBehavioral analysis identifies potential security threats in infrastructureNetwork observability and attack surface discovery capabilities includedApplication and network performance assurance built-in featuresTraditional IDS capability with rules and IOCs detectionPacket forensics for investigating threats and wire evidenceCloud-native implementations and compromised credential investigation supportExtraHop partnership with AWS spans 35-40 different servicesAWS handles infrastructure while ExtraHop focuses core competenciesExtraHop early adopter of generative AI in NDRNatural language interface enables rapid data access queriesEnglish questions replace complex query languages for usersAgentic AI experiments focus on SOC automation workflowsL1 and L2 analyst workflow automation improves productivityShadow AI creates major risk concern for customersUncontrolled chatbot usage risks accidental data leakageGovernance structures needed around enterprise gen AI usageVisibility required into LLM usage across infrastructure endpointsAI innovation pace challenges security industry keeping upModels evolved from billion to trillion parameters rapidlyTraditional security tools focus policies, miss real-time activity"Wire doesn't lie" - network traffic reveals actual behaviorExtraHop maps baseline behavior patterns across infrastructure endpointsAnomalous behavioral patterns flagged through network traffic analysisMCP servers enable LLM access through standardized protocolsStolen tokens allow adversaries unauthorized MCP server accessMachine learning identifies anomalous traffic patterns L2-L7 protocolsGen AI automates incident triage, investigation, response workflowsBest practices include clear policies, governance, monitoring, educationParticipants:Kanaiya Vasani – Chief Product Officer, ExtraHop NetworksSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Cribl’s Field CISO Ed Bailey discusses how customers can manage the quality and quantity of data by providing intelligent controls between data sources and destinations.Topics Include:Cribl company name originCompany helps organizations screen data to find valuable insightsEd Bailey was Cribl's first customer back in 2018Data growth of 25% yearly created seven-figure cost increasesCEOs and CIOs complained about explosive data storage costsUsers demanded more data while budgets remained constrainedBailey discovered Cribl through a random Facebook advertisementCribl Stream sits between data sources and destinationsNo new agents required, uses existing infrastructure connectionsReduced data growth from 28% to 8% within yearDevelopment cycles shortened from six weeks to two weeksBailey managed global security and telemetry data systemsOperated large Splunk instance across forty different countriesTeam spent time collecting data instead of extracting valueCribl provided consistent data control plane for operationsSmart engineers could focus on machine learning solutionsMigrated from terrible SIEM to better security platformData strategy should focus on business requirements firstNot all data has the same business valueTier one: Critical data goes to expensive platformsTier two: Important data stored in cheaper lakesTier three: Compliance data in low-cost object storageSIEM costs around one dollar per gigabyte storedData lakes cost twelve to eighteen cents per gigabyteObject storage costs fractions of pennies per gigabyteAWS partnership provides scalable infrastructure for rapid growthEC2, EKS, and S3 are heavily utilized servicesCribl Search finds data directly in object storageAvoids costly data movement for search and analysisParticipants:Edward Bailey – Field CISO, CriblSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Saviynt Co-Founder Amit Saha discusses how their AWS partnership has enabled the identity security company to deliver comprehensive identity protection while minimizing organizational friction.Topics Include:Saviynt is leading identity security provider in marketSecures human, non-human, workforce, and privileged access identitiesEliminates friction while automating organizational access management processesBiggest challenge: reducing friction in new access processesSecond challenge: visibility into accumulated technical debt problemsLost business context makes access permissions difficult to unwindSaviynt provides quick visibility to prioritize identity risksShadow IT creates ungoverned workloads and cloud applicationsNeed integration with asset management and cloud providersMust derive intelligence from multiple disconnected information sourcesAWS partnership provides access to prolific customer baseAWS security owners are same buyers for SaviyntEleven-year AWS relationship with early security competencyISV Accelerate program connects with sellers and architectsRising Star program helps stand out in crowded marketplaceFind mutual customers for successful AWS partnership storiesGenAI in bad actors' hands compromises customer securityProduct engineering uses GenAI tools for better qualityAgentic AI creates new paradigm between human/non-human identitiesAgentic AI requires dynamic, fluid access management approachesAI agents can generate their own bots needing accessZero trust principles needed at broader scale for AINext twelve months: getting ahead of GenAI curveNew AWS services launch daily in GenAI spaceContributing to new standards like MCP and A2A protocolsAWS Marketplace simplifies procurement and buyer discovery processesEDP program and migration incentives benefit ISV transactionsAWS developer-friendly startup programs accelerate time to marketCloud-native approach enables predictable scaling and AWS integrationAWS-Saviynt partnership aims for once-in-generation security impactParticipants:Amit Saha – Co-Founder and Chief Growth Officer, SaviyntSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Chief Architect Russell Leighton discusses how Panther's cloud platform revolutionizes security operations by treating detections as Python code and AI enabled alert vetting turning responses from hours into minutes. Topics Include:Panther is a cloud security monitoring tool (cloud SIEM)Works at massive scale, more cost-effective than legacy systemsKey differentiator: "detections as code" written in PythonBrings software engineering best practices to security operationsEnables unit testing and version control for security detectionsRecently adopted generative AI to improve security workflowsSOC burnout is renowned due to tedious ticket processingAI has intelligence of security engineer, works much fasterExample: Alert shows "Russ Leighton removed branch protection"Old way: Manual log analysis, checking user profiles manuallyTakes hours of squinting at detailed log dataNew AI way: Automatic vetting happens in minutesAI checks user profile in Okta or IDPDetermines engineer status, assesses typical behavior patternsProvides risk assessment based on historical alert dataLow risk for engineers, high risk for unusual usersExample: HR person accessing production code is escalatedCustomer quote: Takes vetting "from hours to seconds"Panther customers get dedicated AWS accounts for securityCompany can't see customer data, only self-reported metricsAI provides summaries, risk assessments, timelines, visualizationsAlso suggests remediations like human security engineer wouldInitial concerns about putting AI in production environmentCustomer feedback exceeded expectations with feature requestsAWS Bedrock integration addresses customer security concernsUses Anthropic Claude as base LLM through BedrockCustomers can enable additional Bedrock guardrails independentlyAI transparency prevents hallucination concerns through explanationsClaude's extended thinking mode shows reasoning processAI visualizes thinking with flowcharts explaining decision processParticipants:Russell Leighton – Chief Architect, PantherFurther Links:Website: Panther.comAWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Security leaders from Anthropic and AWS discuss how agentic AI is transforming cybersecurity functions to autonomously handle everything from code reviews to SOC operations.Topics Include:Agentic AI differs from traditional AI through autonomy and agencyTraditional AI handles single workflow nodes, agents collapse multiple stepsHigher model intelligence enables understanding of broader business contextsAgents make intelligent decisions across complex multi-step workflows processesEnterprise security operations are seeing workflow consolidation through GenAIOrganizations embedding GenAI directly into customer-facing production applicationsSoftware-as-a-service transitioning to service-as-software through AI agentsSecuring AI requires guardrails to prevent hallucinations in applicationsNew vulnerabilities appear at interaction points between system componentsAttackers target RAG systems and identity/authorization layers insteadLLMs hallucinate non-existent packages, attackers create malicious honeypotsGovernance frameworks must be machine-readable for autonomous agent reasoningAmazon investing in automated reasoning to prove software correctnessAnthropic uses Claude to write over 50% of codeAutomated code review systems integrated into CI/CD pipelinesSecurity design reviews use MITRE ATT&CK framework automationLow-risk assessments enable developers to self-approve security reviews40% reduction in application security team review workloadAnthropic eliminated SOC, replaced entirely with Claude-based automationIT support roles transitioning to engineering as automation replaces frontlineCompliance questionnaires fully automated using agentic AI workflowsISO 42001 framework manages AI deployment risks alongside securityExecutive risk councils evaluate AI risks using traditional enterprise processesAWS embeds GenAI into testing, detection, and user experienceFinding summarization helps L1 analysts understand complex AWS environmentsAmazon encourages teams to "live in the future" with AIInterview candidates expected to demonstrate Claude usage during interviewsSecurity remains biggest barrier to enterprise AI adoption beyond POCsVirtual employees predicted to arrive within next 12 monthsModel Context Protocol (MCP) creates new supply chain security risksParticipants:Jason Clinton – Chief Information Security Officer, AnthropicGee Rittenhouse – Vice President, Security Services, AWSHart Rossman – Vice President, Global Services Security, AWSBrian Shadpour – GM of Security and B2B Software Sales, AWSSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Spryker’s Chief Product Officer, Elena Leonova, discusses the Spryker Business Intelligence platform and how working with AWS as a strategic advisor unlocked deeper opportunities for transformative growth.Topics Include:Elena Leonova introduces Spryker as digital commerce platformSpryker focuses on sophisticated B2B commerce transactionsTraditional industries: manufacturing, industrial goods, med techCustomers sell complex equipment like MRI machines, tractorsProducts are custom-built to order through procurement processesExtensive negotiation and aftermarket servicing are requiredCompetitors focus on fashion, food - not complex equipmentSpryker exclusively hosted on AWS cloud infrastructureAWS partnership enables new capabilities and customer innovationBusiness intelligence tools and AI capabilities now availableRicoh example: global manufacturer of industrial-grade printersRicoh sells through dealers and distributors worldwideS-Diverse: new automotive software marketplace partnership platformConnects automotive manufacturers with embedded software producersSpryker Business Intelligence powered by Amazon QuickSight launchedCommerce becoming more intelligent than traditional repeat purchasesComplex equipment buyers don't purchase MRI machines weeklyPlatform provides insights into customer portal navigation patternsCombines commerce data with search, CRM, competitive intelligenceHelps merchants identify revenue optimization signals from noiseBusiness intelligence integrated directly within Spryker platformCustomers should evaluate platform's future scalability and flexibilityRevenue optimization requires understanding what metrics to improveEasy-to-use data analysis prevents information overload problemsQuickSight's GenAI capabilities enable faster executive decision-makingAWS partnership provided cost optimization and innovation confidenceElena initially viewed AWS as just hosting providerBuilding shared vision with AWS unlocked deeper collaborationAWS became trusted advisor for strategy and partnershipsGenerative AI enables multi-persona communication across customer typesParticipants:Elena Leonova – Chief Product Officer, SprykerSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

ActiveFence CEO Noam Schwartz discusses how his company evolved from protecting platforms against user-generated harmful content to helping companies deploy public-facing AI safely at scale.Topics Include:Noam Schwartz introduces himself as ActiveFence CEOFormer intelligence officer specializing in open source intelligenceMission: protect online experiences for everyone everywhereOnline platforms constantly hammered by various attacksAttacks include cybersecurity, abuse, hate speech, spamCompanies playing endless whack-a-mole game with violationsNeed scalable solution that works across languages/formatsDeveloped enterprise-grade technology for sophisticated companiesAmazon became customer and great partner early onGenerative AI introduction changed the game completelyLLMs non-deterministic unlike traditional programmed chatbotsSame input produces different outputs each timeAI deployed in customer support, healthcare, airlinesNew risks when models speak on company's behalfOne bad output creates legal and reputational damageCompanies need to deploy public-facing AI safelyTransition affects healthcare, finance, gaming, government sectorsBuilding on years of user-generated content expertiseNo specific ChatGPT moment triggered their AI pivotActiveFence was AI company since day oneModel companies like Amazon, Nvidia asked for helpRealized their expertise perfectly suited for AI safetyStaying on top of AI developments is impossibleFocus on customer adoption, not every new releaseMain enterprise challenge is trusting AI technologyUnrealistic expectations for 100% accuracy from AIMost companies will license existing models, not buildSecurity solutions remain independent like traditional cybersecurityParticipants:Noam Schwartz – CEO and Co-Founder, ActiveFenceOfer Oringher – Software and Technology Account Manager, AWSSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Jeff Moncrief discusses Sonrai Security's Cloud Permissions Firewall, and the best practices for using AI-powered summaries and orchestration to ensure security at all points.Topics Include:Jeff Moncrief introduces Sonrai Security and Cloud Permissions FirewallFocus on achieving least privilege access in AWS quicklyLightweight orchestration layer secures IAM from inside outEliminates need to write hundreds of individual policiesCustomers struggle with identity risk in CNAP/CSPM toolsGenerative AI adoption driving top security use casesBedrock and AI agents mentioned daily by customersProduct managers should consider underlying platform security risksAI models have control over infrastructure they run onIdentity is fundamental infrastructure enabling AWS AI modelsSonrai uses Bedrock capability inside Cloud Permissions FirewallJust-in-time access provides temporary, time-boxed AWS accessBedrock generates session summaries from audit logs automaticallyPlain English insights show what happened during sessionsSession summaries improve audit compliance and incident responseCustomer with 1000 accounts manually deployed service controlsFriday afternoon deployment caused very bad weekend disasterPolicy inheritance issues broke child accounts and OUsPlanning and orchestration essential for scaling AI securitySonrai platform built 100% cloud-native on AWSCoordinates service control policies and resource control policiesJust-in-time access relies on IAM Identity CenterParticipates in ISV Accelerate and AWS MarketplaceSecurity best practices start with identity as foundation"Hackers don't hack, they just log in" philosophyEliminate standing privileges with just-in-time access patternsRestrict AI services by user, location, and accountReview over-permissioned or inactive third-party vendor accessActionable insights through useful logging and AI summarizationFuture focus on protecting new services and permissionsParticipants:Jeff Moncrief – Field CTO & Director of Sales Engineering, Sonrai SecurityLinks:Website – Sonraisecurity.comAWS Marketplace – Sonrai SecuritySee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Akanksha Bilani of Intel shares how businesses can successfully adopt generative AI with significant performance gains while saving on costs.Topics Include:Akanksha runs go-to-market team for Amazon at IntelPersonal and business devices transformed how we communicateForrester predicts 500 billion connected devices by 20265,000 billion sensors will be smartly connected online40% of machines will communicate machine-to-machineWe're living in a world of data delugeAI and Gen AI help make data effectiveGoal is making businesses more profitable and effectiveVarious industries need Gen AI and data transformationIntel advises companies as partners with AWSThree factors determine which Gen AI use cases adoptFactor one: availability and ease of use casesHow unique and important are they for business?Does it have enough data for right analytics?Factor two: purchasing power for Gen AI adoption70% of companies target Gen AI but lack clarityLeaders must ensure capability and purchasing power existFactor three: necessary skill sets for implementationNeed access to right partnerships if lacking skillsIntel and AWS partnered for 18 years since inceptionIntel provides latest silicon customized for Amazon servicesEngineer-to-engineer collaboration on each processor generation92% of EC2 runs on Intel processorsIntel powers compute capability for EC2-based servicesIntel ensures access to skillsets making cloud aliveAWS services include Bedrock, SageMaker, DLAMIs, KinesisPerformance is the top three priorities for successNot every use case requires expensive GPU acceleratorsCPUs can power AI inference and training effectivelyEvery GPU has a CPU head node component Participants:Akanksha Bilani – Global Sales Director, IntelSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon/isv/