Alex Kreilein, VP of Product Security at Qualys, discusses the shift from vulnerability management to risk operations at the company's Risk Operations Conference (ROCon). He explains why focusing solely on vulnerability counts misses the point and how organizations can achieve better security outcomes through risk-based approaches.

Kreilein breaks down the practical challenges of the concept of the SBOM (Software Bill of Materials), introducing VEX (Vulnerability Exploitability Exchange) as the missing piece for effective vulnerability communication. He shares insights on developer friction points, the real reasons for vulnerability debt, and why test efficacy matters more than compliance checkboxes.

Key takeaways:
• Why risk operations differs fundamentally from vulnerability management
• How SBOMs become actionable with VEX status messages (affected, not affected, under investigation, fixed)
• The hidden cost of technical debt and fragile applications
• Real-world approaches to secure by design and developer productivity
• How agentic AI can help security teams focus on strategic outcomes
• Why compliance is a floor, not a ceiling for security

0:07 - Introduction to Qualys RiskOps Conference
0:33 - Understanding risk versus vulnerabilities
2:21 - The role of VP Product Security
3:03 - Software bills of materials explained
9:08 - VEX for vulnerability communication
10:51 - Agentic AI in security
13:38 - Building secure protocols
15:58 - Developer challenges with security

We discuss Workday's acquisition of Pipedream with Gabe Monroy, SVP and GM Platform at Workday. Pipedream is an iPaaS platform competing with Zapier and Make. The acquisition supports Workday's ambitious AI strategy, enabling enterprise insights to trigger actions across 3,000+ third-party connectors. Monroy explains how Workday plans to maintain Pipedream as an open ecosystem while integrating it into their agentic AI vision. He also covers the recent Flowwise acquisition, Workday Go for SMB expansion, and the new EU sovereign cloud offering to meet European regulatory requirements.

The interview reveals Workday's accelerated innovation pace through strategic acquisitions and organic development, positioning the platform to compete with major enterprise SaaS players while addressing multi-platform agent governance challenges.

Key Takeaways:
• Pipedream will remain available to existing users and startups
• Workday is building agent capabilities using Pipedream connectors for use cases like automated performance review feedback
• The company is targeting SMB markets with Workday Go
• EU sovereign cloud addresses data residency and AI regulation requirements
• Workday is increasing development velocity through both acquisitions and internal improvements

Chapters:
0:59 - Pipedream acquisition announcement
3:29 - Integration and ecosystem strategy
6:36 - Managing agents across platforms
8:29 - Workday Go for SMB market
10:45 - Competition and innovation velocity
14:43 - EU sovereign cloud initiative
16:59 - Future acquisition plans

Keywords: Workday, Pipedream, iPaaS, agentic AI, enterprise integration, API automation, Flowwise, EU sovereign cloud, Workday Go, platform strategy, Peter Bayless, enterprise SaaS, agent orchestration, SMB expansion

Richard Smith, EVP and GM EMEA Cloud Infrastructure at Oracle, sits down with us during Oracle AI World to discuss the company's strategic move to go all-in on AI. Not only the name of its flagship event has changed from Cloud World to AI World, it is much more fundamental.

Our conversation covers, among other things, Oracle's AI data platform. One of the goals of this platform is to allow customers to use their own data for AI workloads without moving it. With data data sovereignty and security front and center nowadays, this is an important feature of Oracle's approach.

The conversation meanders from high-level strategic to rather fine-grained and specific. On the one hand we talk about the importance of database vectorization in the latest version of the Oracle database and about how Oracle handles scale-across workloads. On the other, we ask Smith questions about Oracle's massive infrastructure investments, including the Abilene data center project and Stargate initiatives, but also European sovereignty concerns, DORA compliance. Oracle being a key player in the 'AI bubble' discussion that is going on at the moment, we don't shy away from that discussion either.

At SuiteWorld in Las Vegas, Oracle NetSuite EVP and founder Evan Goldberg unveils NetSuite Next, the most significant transformation of the platform since its inception. This next-generation version, built on five years of development, centers around conversational AI and the powerful Ask Oracle assistant.

Goldberg explains how NetSuite Next leverages technologies such as SuiteAnalytics, Redwood user experience, and the Model Context Protocol to create an AI-first business application. The platform enables users to interact with structured business data through natural language, moving beyond traditional point-and-click interfaces. Suite Agents, built through prompt engineering, promise to revolutionize how business users automate workflows.

The interview explores integration with Oracle Fusion applications, the evolution from Text Enhance to comprehensive AI capabilities, and how NetSuite is inviting its 8,000 SuiteWorld attendees to help shape the future of AI-powered business software. Preview mode launches in just a few months, with general availability expected within 6-12 months.

0:10 - Meeting NetSuite founder Evan Goldberg
0:34 - Announcing NetSuite Next
2:08 - Five years in the making
3:48 - Ask Oracle assistant integration
5:16 - Evolution of generative AI
6:36 - Suite agents and prompt engineering
8:17 - Oracle Fusion apps integration

Keywords: NetSuite Next, Oracle NetSuite, Evan Goldberg, Ask Oracle, AI business applications, Suite Agents, generative AI, conversational AI, SuiteWorld, Oracle Fusion, ERP transformation, Model Context Protocol, prompt engineering, SuiteAnalytics, Redwood user experience

For this episode of the Techzine TV podcast, we discuss the evolution of data center architecture driven by AI workloads Steve Carlini, Chief Advocate for AI in Data Centers at Schneider Electric. From 5 kilowatts to 1 megawatt per rack, this conversation explores the technical challenges and innovations in this industry.

Key topics include the shift from CPU to GPU-based computing, the move to 800V DC power distribution, liquid cooling requirements, and how data centers are becoming grid stabilization assets. We also dig a bit deeper into things like microfluidic cooling, photonics integration, and why power densities are skyrocketing with each new GPU generation from Nvidia.

Learn how Schneider Electric collaborates with chip manufacturers to design power and cooling systems six months ahead of new GPU releases, why the water consumption issues that data centers have are a temporary thing, and how SMRs (Small Modular Reactors) could transform data center energy infrastructure.

Topics
0:00 - Introduction
1:33 - Road to 1 megawatt per rack
5:19 - Leap-frogging to 800V DC architecture
7:23 - Liquid cooling requirements
9:43 - Future of data center design
12:15 - Water usage and cooling loops
14:03 - SMRs and grid stabilization
17:01 - Microfluidic cooling technology
18:08 - Flexible power allocation models

At NetApp Insight in Las Vegas, Gavin Moore, CTO for EMEA and Latin America, discusses NetApp's new AFX disaggregated storage platform and comprehensive AI data management strategy. Moore explains how the EU AI Act influences technology adoption, why 95% of AI projects fail due to poor data foundations, and how NetApp's unified data platform addresses these challenges.

Key topics include the AFX announcement combining massive scale-out with enterprise-grade capabilities, the data engine that brings AI to data rather than moving data to AI, and NetApp's partnership ecosystem with Cisco, Nvidia, Lenovo, and Intel. Moore also covers the importance of Keystone storage-as-a-service and how NetApp differentiates from closed ecosystem competitors through open partnerships.

Chapters:
0:53 - European AI regulation impact
6:53 - Data foundation for AI success
7:44 - AFX disaggregated storage announcement
9:29 - Data engine bringing AI to data
11:52 - Partnership strategy
14:13 - Keystone storage as a service

Sumedh Thakar, CEO of Qualys, discusses the company's evolution from vulnerability management to comprehensive risk operations. He explains why organizations need a Risk Operations Center (ROC) separate from their SOC, focusing on proactive risk management rather than reactive breach detection.

Thakar talks about how Qualys is standardizing risk scores across vulnerabilities, misconfigurations, and identities to give organizations a single view of their security posture. He also addresses the balance between prevention and detection, the role of AI in accelerating security operations, and why profitability matters as much as growth in cybersecurity.

Key Takeaways:
• ROC focuses on proactive risk management while SOC handles reactive breach detection
• Standardized risk scoring helps organizations prioritize what actually matters to their business
• AI and agentic automation can help defenders match attacker speed
• Consolidation is possible without abandoning best-of-breed tools
• Risk management ultimately comes down to money: potential loss vs. mitigation cost

Chapters:
0:05 - ROCon Conference Introduction
0:27 - What is ROC (Risk Operations Center)
1:52 - Why ROC is different from SOC
3:43 - Rethinking prevention and detection
4:59 - Standardizing risk scores
8:54 - True Risk Score and prioritization
14:15 - Qualys Business strategy
16:05 - AI and agentic automation in security

Interview recorded at Qualys ROCon 2024

This episode of the Techzine TV Podcast comes to you from Atlassian Team Europe, Atlassian's annual event in Barcelona. Sander and Atlassian CTO Rajeev Rajan discuss the company's pragmatic approach to AI. A key part of that is that Atlassian maintains strict data privacy principles. That is, it doesn't train its AI on customer data. Still, it aims to deliver powerful AI capabilities through Rovo.

Rajan explains how the Teamwork Graph technology connects work data across 80+ applications, enabling permission-aware search and intelligent agents. He addresses the reality that only 4% of companies see company-wide AI benefits today, emphasizing the need for both C-level commitment and grassroots experimentation. The conversation covers AI model selection, data sovereignty, automation strategies, and why Atlassian focuses on end-user scenarios rather than building LLMs.

Key takeaways:
• Atlassian doesn't train AI on customer data - they're custodians, not owners
• The Teamwork Graph connects data across 80+ apps with permission-aware access
• Rovo offers three capabilities: search, chat, and autonomous agents
• AI adoption requires both top-down goals and bottom-up experimentation
• Only 4% of companies currently see broad AI benefits
• Atlassian uses multiple models (OpenAI, Claude, open source) for different use cases
• Data residency available in 11 regions for sovereignty requirements

Chapters:
0:09 - Introduction to Atlassian's AI Strategy
1:06 - Rovo AI Platform Overview
2:16 - Data Privacy and Responsible AI
3:09 - The Teamwork Graph Technology
9:04 - AI Adoption Challenges in Enterprises
11:16 - Top-Down vs Bottom-Up AI Strategy
15:17 - The Future Impact of AI
17:00 - Background and Building World-Class Teams