AWS for Software Companies Podcast – Détails, épisodes et analyse

Yashodha Bhavnani, Head of AI at Box, reveals Box's vision for intelligent content management that transforms unstructured data into actionable insights.

Topics Include:

• Yashodha Bhavnani leads AI products at Box.
• Box's mission: power how the world works together.
• Box serves customers globally across various industries.
• Works with majority of Fortune 500 companies.
• AI agents will join workforce for repetitive tasks.
• Workflows like hiring will become easily automated with AI.
• Content will work for users, not vice versa.
• Customers demand better experiences with generative AI.
• Box calls this shift "intelligent content management."
• 90% of enterprise content is unstructured data.
• AI thrives on unstructured data.
• Current content systems are unproductive and unsecured.
• AI can generate insights from scattered company knowledge.
• AI extracts metadata automatically from documents like contracts.
• Automated workflows triggered by AI-extracted data.
• Box provides enterprise-grade AI connected to your content.
• AI follows same permissions as the content itself.
• Customer data never used to train AI models.
• AI helps classify sensitive data to prevent leaks.
• Box offers choice of AI models to customers.
• AI is seamlessly connected with customer content.
• Administrators control AI deployment across their organization.
• Partnership with AWS Bedrock brings frontier models to Box.
• Box supports customers using their own custom models.
• Box preparing for AI agents to join workforce.
• Introduced "AI Units" for flexible pricing.
• Basic AI included free with Business Plus tiers.
• Both horizontal and vertical multi-agent architectures planned.
• Working toward agent-to-agent communication protocols.

Participants:

• Yashodha Bhavnani - VP of Product Management, AI products, Box

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Tech leaders from RingCentral, Zoom and AWS discuss how generative AI is transforming business communications while balancing challenges & regulatory concerns in this rapidly evolving landscape.

Topics Include:

• Introduction of panel on generative AI's impact on businesses.
• How to transition AI from prototypes to production.
• Understanding value creation for customers through AI.
• Introduction of Khurram Tajji from RingCentral.
• Introduction of Brendan Ittleson from Zoom.
• How generative AI fits into Zoom's product offerings.
• Zoom's AI companion available to all paid customers.
• Zoom's federated approach to AI model selection.
• RingCentral's new AI Receptionist (AIR) launch.
• How AIR routes calls using generative AI capabilities.
• AI improving customer experience through sentiment analysis.
• The disproportionate value of real-time AI assistance.
• Economics of delivering real-time AI capabilities.
• Real-time AI compliance monitoring in banking.
• Value of preventing regulatory fines through AI.
• Voice cloning detection through AI security.
• Democratizing AI access across Zoom's platform.
• Monetizing specialized AI solutions for business value.
• Challenges in taking AI prototypes to production.
• Importance of selecting the right AI models.
• Privacy considerations when training AI models.
• Maintaining quality without using customer data for training.
• Co-innovation with customers during product development.
• Scaling challenges for AI businesses.
• Case study of AI in legal case assessment.
• Ensuring unit economics work before scaling AI applications.
• Zoom's approach to scaling AI across products.
• Importance of centralizing but federating AI capabilities.
• Breaking down data silos for effective AI context.
• Navigating evolving regulations around AI.
• EU AI Act restrictions on emotion inference.
• Balancing regulations with customer experience needs.
• Future of AI agents interacting with other agents.
• How AI enhances human connection by handling routine tasks.
• Impact of AI on company valuations and M&A activity.

Participants:

• Khurram Tajji – Group CMO & Partnerships, RingCentral
• Brendan Ittleson – Chief Ecosystem Officer, Zoom
• Sirish Chandrasekaran – VP of Analytics, AWS

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Box's Chief Product Officer Diego Dugatkin discusses how the enterprise content management platform is leveraging AI through partnerships with AWS Bedrock and continuing to innovate for their customers.

Topics Include:

• Introduction of Diego Dugatkin as Box's Chief Product Officer
• Box provides cloud content management for enterprise customers
• Focus on Intelligent Content Management
• Box serves 115,000 customers including 70% of Fortune 500
• Company manages approximately one exabyte of enterprise data
• Box expanding product portfolio to offer more customer value
• Partnership with AWS Bedrock for AI implementation announced
• Collaboration with Anthropic for LLM technology integration
• Box offers neutral approach letting customers choose preferred LLMs
• Common misconceptions about generative AI capabilities and limitations
• Generative AI helps accelerate contract analysis and classification processes
• Box Hubs enables content curation and multi-document queries
• Success measured through hub creation and query accuracy metrics
• Long-term AWS partnership continues expanding with new technologies
• Amazon is major Box customer while Box uses AWS
• API integration important for third-party developer implementations
• AI development exceeding speed expectations in efficiency improvements
• Challenges remain in defining AI agent roles and capabilities
• Content strategy crucial for deploying intelligent content management
• Companies must prepare for AI agents in workplace
• Flexibility in tech stack recommended over single-vendor approach
• Next 12-24 months will see accelerated industry changes
• Box maintains innovative culture through intrapreneurship approach
• Company regularly hosts internal and external hackathons
• Focus on maintaining integrated platform while acquiring companies
• Partnership between Box and AWS continues growing stronger

Participants:

• Diego Dugatkin – Chief Product Officer, Box

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Through case studies of Graviton implementation and GPU integration, Justin Fitzhugh, Snowflake’s VP of Engineering, demonstrates how cloud-native architecture combined with strategic partnerships can drive technical innovation and build business value.

Topics Include:

• Cloud engineering and AWS partnership
• Traditional databases had fixed hardware ratios for compute/storage
• Snowflake built cloud-native with separated storage and compute
• Company has never owned physical infrastructure
• Applications must be cloud-optimized to leverage elastic scaling
• Snowflake uses credit system for customer billing
• Credits loosely based on compute resources provided
• Company maintains cloud-agnostic approach across providers
• Initially aimed for identical pricing across cloud providers
• Now allows price variation while maintaining consistent experience
• Consumption-based revenue model ties to actual usage
• Performance improvements can actually decrease revenue
• Company tracked ARM's move to data centers
• Initially skeptical of Graviton performance claims
• Porting to ARM required complete pipeline reconstruction
• Discovered floating point rounding differences between architectures
• Amazon partnership crucial for library optimization
• Graviton migration took two years instead of one
• Achieved 25% performance gain with 20% cost reduction
• Team requested thousands of GPUs within two months
• GPU infrastructure was new territory for Snowflake
• Needed flexible pricing for uncertain future needs
• Signed three to five-year contracts with flexibility
• Team pivoted from building to fine-tuning models
• Partnership allowed adaptation to business changes
• Emphasizes importance of leveraging provider expertise
• Recommends early engagement with cloud providers
• Build relationships before infrastructure needs arise
• Maintain personal connections with provider executives

Participants:

• Justin Fitzhugh – VP of Engineering, Snowflake

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

In this AWS panel discussion, Naveen Rao, VP of AI of Databricks and Vijay Karunamurthy, Field CTO of Scale AI share practical insights on implementing generative AI in enterprises, leveraging private data effectively, and building reliable production systems.

Topics Include:

• Sherry Marcus introduces panel discussion on generative AI adoption
• Scale AI helps make AI models more reliable
• Databricks focuses on customizing AI with company data
• Companies often stressed about where to start with AI
• Board-level pressure driving many enterprise AI initiatives
• Start by defining specific goals and success metrics
• Build evaluations first before implementing AI solutions
• Avoid rushing into demos without proper planning
• Enterprise data vastly exceeds public training data volume
• Customer support histories valuable for AI training
• Models learning to anticipate customer follow-up questions
• Production concerns: cost, latency, and accuracy trade-offs
• Good telemetry crucial for diagnosing AI application issues
• Speed matters more for prose, accuracy for legal documents
• Cost becomes important once systems begin scaling up
• Organizations struggle with poor quality existing data
• Privacy crucial when leveraging internal business data
• Role-based access control essential for regulated industries
• AI can help locate relevant data across legacy systems
• Models need organizational awareness to find data effectively
• Private data behind firewalls most valuable for AI
• Customization gives competitive advantage over generic models
• Current AI models primarily do flexible data recall
• Next few years: focus on deriving business value
• Future developments in causal inference expected post-5 years
• Complex multi-agent systems becoming more important
• Scale AI developing "humanity's last exam" evaluation metric
• Discussion of responsibility and liability in AI decisions
• Companies must stand behind their AI system outputs
• Existing compliance frameworks can be adapted for AI

Participants:

• Naveen Rao – VP of AI, Databricks
• Vijay Karunamurthy – Field CTO, Scale AI
• Sherry Marcus Ph.D. - Director, Applied Science, AWS

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Suresh Vasudevan, CEO of Sysdig, discusses the evolving challenges of cloud security incident response and the need for new approaches to mitigate organizational risk.

Topics Include:

• Cybersecurity regulations mandate incident response reporting.
• Challenges of cloud breach detection and response.
• Complex cloud attack patterns: reconnaissance, lateral movement, exploit.
• Rapid exploitation - minutes vs. days for on-prem.
• Importance of runtime, identity, and control plane monitoring.
• Limitations of EDR and SIEM tools for cloud.
• Coordinated incident response across security, DevOps, executives.
• Criticality of pre-defined incident response plans.
• Increased CISO personal liability risk and mitigation.
• Documenting security team's diligence to demonstrate due care.
• Establishing strong partnerships with legal and audit teams.
• Covering defensive steps in internal communications.
• Sysdig's cloud-native security approach and Falco project.
• Balancing prevention, detection, and response capabilities.
• Integrating security tooling with customer workflows and SOCs.
• Providing 24/7 monitoring and rapid response services.
• Correlating workload, identity, and control plane activities.
• Detecting unusual reconnaissance and lateral movement behaviors.
• Daisy-chaining events to identify potential compromise chains.
• Tracking historical identity activity patterns for anomaly detection.
• Aligning security with business impact assessment and reporting.
• Adapting SOC team skills for cloud-native environments.
• Resource and disruption cost concerns for cloud agents.
• Importance of "do no harm" philosophy for response.
• Enhancing existing security data sources with cloud context.
• Challenges of post-incident forensics vs. real-time response.
• Bridging security, DevOps, and executive domains.
• Establishing pre-approved incident response stakeholder roles.
• Maintaining documentation to demonstrate proper investigation.
• Evolving CISO role and personal liability considerations.
• Proactive management of cyber risk at board level.
• Developing strong general counsel and audit relationships.
• Transparency in internal communications to avoid discovery risks.
• Security teams as business partners, not just technicians.
• Sysdig's cloud security expertise and open-source contributions.

Participants:

·        Suresh Vasudevan – CEO, Sysdig

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

From hard-coded credentials to boardroom buy-in, join four tech security leaders from Clumio, Mongo DB, Symphony and AWS, as they unpack how building the right security culture can be your organization's strongest defense against cyber threats.

Topics Include:

• Security culture is crucial for managing organizational cyber risk
• Good culture enables quick decision-making without constant expert consultation
• Many security incidents occur from well-meaning people getting duped
• Panel includes leaders from AWS, Symphony, MongoDB, and Clumio
• Measuring security culture requires both quantitative and qualitative metrics
• Board-level engagement indicates organizational security culture maturity
• Self-reporting of security incidents shows positive cultural development
• Security committees' participation helps measure cultural engagement
• Hard-coded credentials remain persistent problem across organizations
• Internal audits and risk committees strengthen security governance
• Public security incidents change board conversations about priorities
• Leadership vulnerability and transparency help build trust
• Being pragmatic beats emotional responses in security leadership
• Security programs should align with business revenue goals
• Customer security requirements drive program improvements
• Excessive security questionnaires drain resources from actual security
• Security culture started as exclusionary, evolved toward collaboration
• Financial institutions often create unnecessary compliance burden
• Early security involvement in product development prevents delays
• Security teams must match development team speed
• Trust between security and development teams enables efficiency
• Small security teams can support large enterprise requirements
• Vendor partnerships help scale security capabilities
• Process changes work better than adding security tools
• Security leaders need deep business knowledge
• Technical depth and breadth remain essential skills
• Evangelism capability critical for security leadership success
• Influencing without authority key for security effectiveness
• Crisis moments create opportunities for security improvement
• Socializing between security and development teams builds trust
• DEF CON attendance helps developers understand security perspective
• Bug bounty programs provide continuous security feedback
• Regular informal meetings between teams improve collaboration
• Building personal relationships improves security outcomes
• Modern security leadership requires balance of IQ and EQ

Participants:

• Jacob Berry – Head of Information Security, Clumio
• George Gerchow – Interim CISO, Head of Trust, Mongo DB
• Brad Levy – Chief Executive Officer, Symphony
• Brendan Staveley – Global Sales Leader, Security Services, Amazon Web Services

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

AWS executive Giancarlo Casella explains how organizations can navigate global privacy regulations and achieve compliant international expansion using AWS's privacy reference architecture.

Topics Include:

• Welcome to executive forum on security and Gen AI
• Introduction of Giancarlo Casella from AWS Security Assurance Services
• AWS helps organizations with compliance and audit readiness
• Global expansion requires understanding local privacy laws
• Germany and France interpret GDPR differently
• Germany has Federal Data Protection Act (BDSG)
• France focuses on consumer privacy through CENIL
• Risk of non-compliance includes fines and reputation damage
• Privacy laws existed in only 10 countries in 2000
• EU Privacy Directive of 1990 was prominent
• By 2010, forty countries had privacy laws
• HIPAA and GLBA introduced in United States
• Now over 150 countries have privacy regulations
• 75% of world population under privacy laws soon
• Regulations are vague and open to interpretation
• GDPR example: encryption requirements lack specificity
• Need right stakeholders for privacy compliance
• Legal team must lead privacy interpretation
• Engineering implements technical privacy aspects
• Risk and compliance teams coordinate evidence gathering
• Data Protection Officer oversees entire program
• CIO, CTO, CISO alignment creates strong foundation
• Security transforms from bureaucratic to revenue enabler
• AWS develops cloud-specific privacy reference architecture
• Industry standards provide guidance frameworks
• AWS privacy reference architecture focuses on cloud specifics
• Data minimization and individual autonomy are key
• Case study: Middle Eastern AI company expands to Canada
• Company used CCTV at gas stations
• Created privacy baseline and roadmap
• Data flow documentation essential for compliance
• Continuous compliance strategy helps enable success
• Aligning stakeholders across different organizational lines
• Future of US federal privacy regulation discussed
• Discussion of responsible AI usage requirements

Participants:

• Giancarlo Casella - Head of Business Development and Growth Strategies, AWS Security Assurance Services

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Haggai Polak – Chief Product Officer, Securonix and a veteran cybersecurity expert examines how artificial intelligence, quantum computing, and resource constraints are fundamentally transforming the threat landscape for security leaders

Topics Include:

• AI transformation of cybersecurity landscape from past tactical focus
• CISO accountability and regulatory pressures increasing significantly
• Attack surface expanding beyond traditional network boundaries
• Quantum computing threatens current cryptographic protections
• Defenders remain understaffed and outmatched against sophisticated threats
• Securonix leads SIEM/SOAR space with 1000+ global customers
• World Economic Forum identifies misinformation/disinformation as major crisis
• AI benefits attackers more than defenders currently
• Small/medium enterprises falling below cyber poverty line
• AI enables faster, more sophisticated malware development
• Deepfakes caused $25M loss in Hong Kong CFO impersonation
• Digital tsunami: broadband, IoT, cloud everywhere expanding attack surface
• 50+ democracies face election security challenges in 2024
• Cloud intrusions increased 75% between 2022-2023
• Quantum-resistant cryptography transition needed within 10 years
• SEC regulations require specific cybersecurity incident disclosure guidelines
• 4 million unfilled cybersecurity positions globally
• Cybercrime-as-a-Service growing, estimated $1.6B annual revenue
• 81% of organizations faced ransomware attacks in 2023
• Insider threats increasing with remote work adoption
• 30,000+ vulnerabilities published last year, half critical/high
• Mean time to exploit now 44 days
• Securonix Eon leverages AI to increase analyst efficiency
• Dark web selling corporate credentials for $10,000
• Balance needed between protection and detection/response investments

Participants:

• Haggai Polak – Chief Product Officer, Securonix

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Dr. Yanbing Li, Chief Product Officer at Datadog, outlines how the company has integrated AI and automation into its incident response framework, helping customers manage both traditional security challenges and emerging AI-specific risks.

Topics Include:

• Introduced talk about incident response and CISO liability
• Datadog founded 14 years ago for cloud-based development
• Platform unifies observability and security for cloud applications
• Current environment has too many fragmented security products
• SEC requires material incident reporting within four days
• Datadog's incident response automates Slack room creation
• Response team includes Legal, Security, Engineering, and Product
• System tracks non-material incidents to identify concerning patterns
• Real-time telemetry data drives incident management automation
• On-call capabilities manage escalation workflows
• Datadog uses own products internally for incident response
• Company focuses on reducing time to incident detection
• AI brings new risks: hallucination, data leaks, design exploitation
• Bits.ai launched as LLM-based incident management co-pilot
• Tool synthesizes events and generates incident summaries
• Bits.ai suggests code remediation and creates synthetic tests
• Security built into AI products from initial design
• Prompt injection prevented through structured validation approach
• Sensitive data anonymized before LLM processing
• Engineering and security teams collaborate closely on AI
• LLM observability becoming critical for production deployments
• Customers need monitoring for hallucinations and token usage
• Datadog extends infrastructure monitoring into security naturally
• Company maintains strong partnership with AWS
• Q&A covered Bits.ai proactive capabilities and enterprise differentiation

Participants:

Yanbing Li – Chief Product Officer - Datadog

See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/