0:00

Cloudcast Media presents from the Massive

0:02

Studios in Raleigh, North Carolina. This

0:04

is the Cloudcast with Aaron Delb

0:06

and Brian Gracely, bringing you the

0:08

best of cloud computing from around

0:10

the world. Good

0:14

morning, good evening, Brian. Welcome back to the Cloudcast.

0:16

We're coming to you live from our Massive Cloudcast

0:18

Studios here in Raleigh, North Carolina. And

0:20

we're going to jump right into our topic

0:22

for this week, LLM security and privacy. Now,

0:25

this is the first in a few

0:27

interviews we have coming up talking about

0:29

PII or personally identifiable information. And

0:31

we're going to be talking about in the context of AI. There's

0:35

a few different ways to really tackle

0:37

this topic. And it is certainly top

0:39

of mind for most organizations that I

0:42

speak to. So we hope you

0:44

enjoy this conversation and we'll get started right after

0:46

this quick break. Are

0:48

you getting pressure from finance to justify or reduce

0:50

your cloud bill? Cloud Zero is

0:52

the only cloud cost platform loved by

0:55

engineers and trusted by finance. Cloud Zero

0:57

can identify unused, idle or over provisioned

0:59

resources, alert you to spend anomalies and

1:01

organize 100% of your spend

1:04

into a framework that mirrors your business

1:06

structure, like cost per customer, product feature

1:08

or team. It's the most

1:10

powerful platform ever built to provide accurate Regular

1:12

visibility in your total cloud spent

1:15

without the typical pitfalls of legacy

1:17

cloud cost management tools like enlist

1:19

tagging or clunky Cuban a support.

1:21

Manage. Cost optimized development and

1:23

maximize profit. All and one

1:25

platform. Join. Companies like Rapid

1:27

Seven drift in seat geek

1:29

by visiting Cloud zero.com/cloud Cast

1:31

to get started. That's. Cloud

1:34

your.com/cloud Cast Visit today to

1:36

experience immediate ongoing savings on

1:38

your Cloud bill. Are

1:43

you ready for the ultimate coding challenge? Stay

1:45

in a chance to win a Tesla Cyber truck or

1:47

a hundred thousand dollars. All you

1:49

have to do is build an app with

1:51

a front end and back end and deploy

1:53

it on WSO2's Corio, an internal

1:56

developer platform. The more you do with

1:58

Corio, the more chances you have to win. For

2:00

all the details, go

2:03

to korio.dev.cybertruck. Sign up,

2:05

get started, and possibly win a Tesla

2:08

Cybertruck or $100,000. Plus,

2:10

10 more winners get MacBook Pros. But

2:12

hurry, because the challenge ends on April

2:15

30th. Good luck! And

2:19

we're back. And our topic

2:21

for today is security and

2:24

privacy of LLMs. Something

2:26

we've kind of hinted at

2:28

here and there previously, but we

2:31

wanted to dedicate a show to it. So

2:34

today we have Sean

2:36

Falconer. And Sean, you

2:39

are head of marketing developer relations

2:41

at Skyflow, but also fellow podcaster,

2:43

podcast host for both partially redacted,

2:45

as well as software engineering daily.

2:48

You've taken the reins over there.

2:50

So first of all, welcome to the show. And

2:53

give everyone a quick introduction, if you don't

2:55

mind. Yeah, thank you so much. Yeah, so

2:57

as Aaron said, my name is Sean Falconer.

2:59

I lead marketing and developer relations at Skyflow,

3:01

but don't let the, I guess like the

3:03

title sway you. My

3:05

background is engineering. I studied

3:07

computer science for a decade, have a

3:10

PhD in computer science and postdoc and

3:12

bioinformatics. And was actually going to be

3:14

a professor and or professional researcher for

3:16

a while. And it was kind of on

3:18

that path. And then I ended up raising money

3:20

and starting a company and left

3:23

the world of academics, the BTS CTO

3:25

and founder of a company that

3:27

I ran for about seven years, sold that company,

3:30

joined Google where I was an engineer

3:32

and team lead for a number of years

3:34

before joining Skyflow. And I've been here for

3:36

the last two and a half years and

3:38

having an awesome time trying to make

3:41

the startup go again. Fantastic. And

3:43

so let's dig into LLM

3:45

security and privacy. So we

3:48

see a lot of concern here on the podcast.

3:50

And I talked to customers in my day job.

3:53

And we've touched on it again in various

3:55

past shows as I've mentioned, but we've

3:57

never really dug in deep. So let's hopefully... dig

4:00

into specifically about this. First, let's

4:02

frame the problem. What

4:05

are we talking about at the

4:07

end of the day when we talk about LLM security

4:09

and privacy? It sounds like a vague high level term.

4:11

Like give us a little more on that, Sean. Yeah,

4:14

so I mean, I think there's

4:16

several things that raise concern and

4:19

I see sort of security and

4:21

privacy as two like related but

4:23

slightly different things. So if you

4:26

think about security, like a lot of times like

4:28

security, that goal is like, let's put up like

4:30

a brick wall and not allow anybody

4:32

through the brick wall. But for privacy,

4:34

sometimes you have to essentially like punch holes

4:36

in that brick wall in order to lack

4:39

certain amount of information through because it's one

4:41

thing to secure data and throw away the

4:43

key but that's not super useful to businesses

4:45

and we don't essentially store data to just

4:47

like lock it up and never use it.

4:49

So we need ways of essentially making it

4:51

useful while not exposing too much of it.

4:54

And that's really the sort of the balance that we've had

4:56

in security and privacy for 20 years. And

4:59

especially in the last like half decade

5:01

or so with the introduction of GDPR

5:03

and all the privacy regulations around the

5:05

world. But things get way more complicated

5:07

when we start to move from things

5:10

like databases and structured data, rows

5:12

and columns, things that we understand

5:14

to some degree, there's challenges there,

5:17

but we like understand that, okay, well, if I

5:19

need to delete information or I need to find

5:21

it, I gotta find the row, the column of

5:23

information with that. That doesn't exist in the world

5:25

of essentially AI models, especially when we're talking about

5:27

like deep learning and neural networks and a lot

5:29

of the things that are powering large

5:31

language models today is the big

5:34

problem from like a privacy's

5:36

perspective is there's simply no practical

5:38

delete model, delete button of a

5:40

LOM. So as soon as

5:42

I leak customer

5:44

data, proprietary information, employee information

5:47

into a model through training,

5:50

through inference or some other process, then there's

5:52

no real way to get that back. And

5:55

that becomes a big problem when we live

5:57

in the world of GDPR and the right to be forgotten data

5:59

subject. it requests, data residency, all these different

6:01

regulations that we need to try to

6:03

navigate. How do you actually be

6:06

compliant, make sure that only the right people have access

6:08

to the information when they should have access in

6:11

the world of LMS? That's a very, very difficult problem to

6:13

solve. Yeah, yeah. And let

6:15

me even take that one step further because there

6:18

is the whole concept of the

6:21

data and the, say privacy data,

6:24

and you of course don't want it to get out there,

6:26

but at the same time, a lot

6:28

of times what customers and a lot

6:30

of enterprises are doing is they're taking,

6:32

say a broad based LLM, generic LLM

6:34

off the shelf, and then they're

6:36

gonna fine tune it, or they're gonna do rag against

6:39

it, or they're gonna in some way take their customer

6:41

data and make that the differentiator.

6:44

And so you have this weird almost balance

6:46

then I see of like, hey, if you

6:48

mask everything, well then

6:50

it becomes undifferentiated. And

6:52

so how do you handle this

6:55

concept of masking the data, but

6:57

also still being able to potentially

7:00

differentiate? Yeah,

7:02

so I think there's a couple of different things,

7:04

like the, you

7:07

know, when we think about masking, like the idea

7:09

there is like, how do we show some limited

7:12

amount of information? So if for some reason we

7:14

needed to train an LLM on, I

7:16

don't know, like our employees, like social security

7:18

numbers were part of that data set, then

7:20

clearly we wouldn't want, you know, you to

7:23

be able to pull up my social security

7:25

number as part of a prompt or something

7:27

like that. So how do we make sure

7:29

that, you know, Aaron who only has access

7:32

to see certain types of information.

7:34

So a lot of it comes down to not

7:36

only masking information, but how do you like govern

7:38

access in a way that essentially controls who sees what,

7:40

when and where. And I think this is some of

7:42

the sort of downside

7:45

of limited viewing of some of the

7:47

approaches that we've taken in the space

7:49

so far around what's great private LLMs,

7:51

private LLMs have value, but they don't

7:53

really control that governance piece

7:55

essentially. But going back to your question in

7:57

terms of like masking information, there are ways

7:59

of... essentially de-identifying certain types of

8:01

information and still making it useful

8:03

for training because if I

8:06

think about someone's name, even

8:08

social security number, these types of information,

8:10

these identifiers that are potentially sensitive, the

8:14

LLM doesn't really care that it's my name

8:16

or my social security number or my credit

8:18

card number or some value like that, my

8:20

address, that's part of the training data. It

8:22

just needs a representation of that data because

8:24

eventually it's just going to become vectorized data

8:26

that's numbers in space anyway. If

8:28

I can essentially automatically detect my name

8:30

as part of the training data, replace

8:32

it with a de-identified form of data

8:35

that's consistently generated, like every time it

8:37

sees Sean Faulkner, it's replacing it with

8:39

both the entity recognizing that it's a

8:41

name plus some random value

8:43

like ABC123, then

8:46

training could still essentially occur

8:48

as expected because you have

8:50

contextual values there. The

8:53

LLM can recognize that it's a name being used.

8:55

It doesn't really matter that it's actually the raw

8:57

value. That essentially allows

8:59

us to keep a

9:03

gateway, a privacy gateway is what we refer

9:05

to it at Skyflow around the LLM to

9:07

prevent essentially PII going into the model, preventing

9:09

that problem of once it's shared, we can't

9:11

really get it back. Then we're

9:13

only ever sharing de-identified data. Then

9:16

we can even use things like governance on

9:18

the inference process so that we can control

9:20

who sees what, when, and where. That way

9:22

if a response has de-identified values in it,

9:24

I can check to see who was the

9:26

person who put the prompt in, what

9:29

essentially policies are in place to allow them

9:31

to see this information. If they're not able

9:33

to see that information, then we can essentially

9:35

keep it redacted so that you can't pull

9:37

up my social security number essentially. Okay.

9:40

Yeah. That makes perfect

9:42

sense because I was actually going to ask you

9:44

like, okay, in my head I see this difference

9:46

between a lot of folks when

9:48

they talk about this, they talk about the fine

9:50

tuning stage if you will, the training stage. That

9:54

makes perfect sense. But then when

9:56

you go to implementation phase or inferencing

9:58

phase, a lot of folks are going folks

10:00

might be using RAG for

10:02

something like that. And some

10:04

folks may be thinking about one piece, some

10:06

folks may be thinking about another piece, how

10:10

do organizations stitch together the end-to-end

10:13

compliance of all of this, because it gets

10:15

to be different

10:17

problems at different stages of

10:20

the journey, if you will, or different stages of the

10:22

life cycle of an LLM. And so

10:24

how do you talk through folks when they

10:26

ask that question about how do I do

10:29

end-to-end? Yeah, I

10:31

mean, I think that's one of the big challenges that

10:33

companies have right now is that we're

10:35

looking a little bit too narrowly at this problem,

10:37

if we're looking at it at all. Essentially,

10:40

we're thinking like, okay, well, how do I

10:42

do this at the, let's say the fine

10:44

tuning phase, or I'm taking these, and then

10:46

I can apply some sort of point solution

10:48

or maybe I DIY some sort of solution,

10:50

but that's not looking at the full life

10:52

cycle of the data, because this data that

10:54

you're using for training or even building something

10:57

like a RAG model, it's sitting somewhere as

10:59

well within like an S3 bucket or somewhere

11:01

in your infrastructure, wherever you're sort of pulling

11:03

that information from, and it's gonna go through

11:05

some sort of pipeline down to eventually ending

11:07

up in a model. And that entire pipeline,

11:09

you need to be able to control essentially

11:13

who has access to that, how is the data

11:15

viewed, do your engineers

11:17

have full access to the raw data? It's

11:19

probably not a good idea. It's kind of

11:22

like allowing them to have full access to

11:24

the production database. So how do you essentially

11:26

allow people to do their jobs while not

11:28

potentially compromising the privacy of your

11:31

customers or violating some sort of

11:33

compliance privacy regulation? And

11:35

that full spectrum is I think where you

11:37

need a more holistic sort of privacy

11:40

platform approach, which is what we provide

11:42

at Skyflow. So this is

11:45

a Skyflow provides a technology known as a data

11:47

privacy vault as a service, which

11:49

gives you isolation, protection and governance over sensitive

11:51

customer data. Especially like you get to give

11:53

it like a shared service for secure

11:57

PII management and use. Some

11:59

more. like using a shared service for like identity provider.

12:02

Like I'm going to use Okta for managing my

12:04

identities or something like that across all

12:06

my services. Well, you can essentially use

12:09

Skyflow for that as a way to

12:11

manage customer data across all your

12:13

different services, including your own. So that way, if

12:15

you're building a RAG model, and

12:17

I'm going to take a bunch of training

12:20

data or documents that are internal in my

12:22

company, and I want to vectorize

12:24

that, turn that into embeddings, I'm going to then

12:26

use as part of like an information retrieval step

12:28

as part of the inference process. I want to

12:30

make sure that the

12:32

rules that govern access to the

12:34

raw files are also the

12:36

same rules that get applied at the inference

12:39

layer and at the RAG model layer. And

12:41

I'm then also holistically across the stack. That way,

12:43

a customer service rep

12:45

that's using the LLM can

12:49

generate essentially has the same controlled

12:51

access as they do at

12:53

their CRM or at their

12:55

application level. And that's essentially a service

12:57

that we can build and help customers

12:59

provide. Yeah. And you mentioned there too

13:01

earlier, like, made me think of

13:04

this, you said, hey, you know, somebody who has

13:06

full access to a customer database kind of thing

13:08

there, there's lots of areas here beyond LLMs. I

13:10

mean, we're talking about that mainly today. But I

13:13

mean, there's data lakes,

13:15

there's data warehousing, there's, you know, all

13:17

kinds of just production databases in general.

13:21

How does this extend out,

13:23

if you will, this whole concept of the vault, and

13:26

I almost think of it as like

13:28

a filter or a gateway kind of

13:30

thing for but specifically for PII information.

13:33

Is that a good way to think about this? And does

13:35

it apply everywhere? You know, basically everywhere

13:37

there's data is going to apply. Thinking

13:45

about starting or possibly wanting to advance

13:47

your career in the IT field. Well,

13:49

look no further than the IT Career Podcast,

13:51

your ultimate guide to success in the

13:53

IT industry. Every week we bring you expert

13:56

advice and insider information. You have to

13:58

learn to learn on your own. The

14:00

number one thing you can do to get

14:02

out of the help desk or out of

14:04

any inter-level position is be exceedingly good at

14:07

your current position. The elephant in the room,

14:09

right? Money is obviously certain barrier in roadblock.

14:11

There are so many resources available for free

14:13

on the internet. Whether you're looking to get

14:16

into cybersecurity, networking, data analytics, or any of

14:18

the other exciting career fields within IT, we're

14:20

here to give you the advice and insight

14:22

you need on the IT Career Podcast. Yeah,

14:28

I mean, that's the idea. I think

14:32

if you're doing this right, and you're

14:34

building some sort of infrastructure from scratch,

14:36

I think you would want to start

14:38

with using a vault as

14:40

your core PII storage, secure storage

14:44

and management. Similar to how

14:46

you're going to have at the base level,

14:48

you're probably going to have some sort of

14:51

warehousing solution, maybe you have a database, these

14:53

sort of core components. I think the data

14:55

privacy vault is becoming the standard in

14:57

the industry for managing sensitive data.

15:00

The IEEE came out with an article about a

15:02

year and a half ago about the future of

15:04

privacy engineering. Essentially, that article

15:06

talks about how the future privacy engineering

15:09

is this privacy by architecture approach through

15:11

applying this pattern of the data privacy

15:13

vault. There's been a

15:15

number of leading technology companies like Google, Netflix,

15:17

Apple, a handful of others that sort of

15:19

pioneered this approach. It's

15:22

something that's been done, but it's mostly

15:24

been done by very heavily resourced, well

15:26

funded companies that can throw hundreds of engineers

15:28

at different things. It hasn't necessarily been

15:31

done by the smaller companies because it's hard to

15:33

build, takes a lot of time. If

15:35

it's not your core product, it doesn't make

15:37

sense to divert all your engineering resources to

15:39

build it. That was sort of some of

15:41

the inspiration for the company I work for,

15:43

Skyflow was, let's take this idea and essentially

15:45

build that as a service for everyone else.

15:48

What that gives you if

15:50

you're thinking about like a data lake or a

15:52

data warehouse, some of the challenges that companies run

15:54

into there is I want to make

15:56

sure that my analysts or my data science team

15:58

can do their jobs. and have

16:01

access to the data, or even from an

16:03

analyst standpoint, maybe my marketing

16:05

team needs some level of access as well so

16:07

that they can do analysis to figure out, hey,

16:10

how are we performing in

16:12

certain geographies based on the

16:14

marketing data that we're collecting? So

16:16

then how do I do that

16:19

in a way that doesn't essentially risk customer

16:21

data falling into the wrong hands within

16:23

my own company? It's either accidentally,

16:26

not even necessarily someone doing

16:28

something that they shouldn't be

16:30

doing, but do I run a query and

16:32

essentially get back Aaron's home address

16:34

when I shouldn't have that? We want to

16:37

stop that kind of stuff. So a

16:39

lot of customers use us in

16:41

combination with their Databricks, Snowflake, whatever

16:43

they're using as part of their

16:45

warehousing data lake solutions and analytics

16:47

platform. And Skypo could be integrated

16:49

at different places, but you could essentially start at

16:52

the ETL layer. And like you're saying, it could

16:54

act like sort of a privacy layer or gateway

16:56

to the services where as part of

16:58

that ETL pipeline, Skypo would sit at the head

17:00

of it and you would essentially, it

17:02

would either detect the data automatically, which data

17:04

elements are PII, if it's unstructured data or

17:06

if it's structured data, you could essentially tell

17:08

it like, hey, this is someone's name, this

17:11

is someone's home address. And

17:14

your Skypo vote can essentially hold onto that

17:16

and transform it into de-identified values that then

17:19

you can run your analytics and data science

17:21

and so forth on. And as well as

17:23

control at a governance level, a

17:25

fine-grained access level holistically across

17:27

all your services. Fantastic. Now, Sean,

17:30

let me ask a follow-up to this because

17:32

I've been thinking about, we've talked to a

17:34

number of API security companies here recently and

17:36

that topic has come up on the podcast

17:39

before, but this may

17:41

or may not fit in, but I felt

17:43

it was worth asking. Like everything we're kind

17:45

of talking about is tokenization and depersonalization

17:48

of the data, if you will.

17:51

And I think of that at like the storage level and

17:53

retrieval level, but what about

17:55

the whole concept of bad APIs, right?

17:57

API security itself, like I do an

17:59

API. I call that potentially calls

18:01

information that it shouldn't. Does

18:04

that fit in as an

18:06

additional layer or additional vector to think

18:08

about in all of this? I

18:11

don't think it's necessarily something like fundamentally different

18:14

than some of the other services that would

18:16

have access to the data. Like ideally from

18:18

a security perspective, the privacy perspective, you

18:21

always want to de-identify data as early in the life

18:23

cycle as possible. So most of the time when we

18:25

think about our modern system, where are we getting customer

18:27

data? It's usually going to be some sort of collection

18:29

point as part of an application. So it's like a

18:31

front end form. I asked you to

18:33

sign up with your account information, your banking information,

18:35

whatever it is that I need to collect about

18:37

you. And ideally what we're doing

18:40

there, if we're following sort of this data

18:42

privacy vault shared service model, is I'm going

18:44

to essentially take the data from your front end,

18:47

put it in the vault, replace it with

18:49

de-identified values, and then send that downstream. So

18:51

that way all your downstream services, whether it's

18:54

your database, your log files, your

18:56

API calls, whatever it's going to be, doesn't

18:59

actually need to see any of the

19:01

raw customer data. Because

19:04

very, like what is the use

19:06

case where our internal services need

19:08

to see someone's name? They

19:11

don't necessarily, it's very rare that there's a

19:13

use case for that. They just need a

19:15

representation of that. So by doing

19:17

that, you're automatically taking a lot

19:19

of your backend downstream services sort of out of

19:22

scope and de-risking them, because they're never ever

19:24

handling any of the sensor data. So that way,

19:26

even if something, like a mistake

19:28

happens, coding error where

19:30

an API pulls

19:33

data that it shouldn't or dumps something to a

19:35

log file that it shouldn't, it's

19:37

only ever dumping essentially de-identified values. So

19:40

that way, if it gets compromised, no

19:42

one's seeing your raw name or other

19:44

values, they're seeing essentially just random strings

19:46

that don't mean anything. It's similar to

19:48

how things like PCI

19:51

tokenization works when we're accepting a credit card.

19:54

We leverage payment

19:56

service providers like Stripe and Adjutant and so

19:58

forth in order to essentially. we take

20:00

our systems out of PCI scope and make it

20:02

so that we're not handling, you know, raw credit

20:05

card data, we're offloading that to a third party

20:07

provider. And in a sense, like

20:09

a Skyflow vault works similarly, although you have

20:11

more control of the data and

20:13

it works essentially for any kind of information that you

20:15

might be storing. Yeah. Maybe

20:18

a follow on to that and when it comes to compliance

20:20

things, because of course, you know, anytime

20:22

we think about compliance and privacy, I think

20:24

GDPR comes up first, but now California Privacy

20:27

Act, you know, becomes second. Right.

20:29

What's your thoughts on kind

20:31

of the state of the compliance industry and where we're

20:34

going and is there more things we should be aware

20:36

of when it comes to privacy? What's

20:38

kind of the general trends with all of that lately?

20:41

So I think one of the big

20:43

things that people have to be aware

20:46

of is that more and more countries

20:48

are basically building into their regulations, some

20:50

sort of data residency requirement and those

20:52

have different flavors, but the kind of

20:54

like, and it's very nuanced

20:56

and gets complicated, but the gist of it is that

20:59

different regions in the world want

21:02

to have some say about

21:04

where you're holding their citizens

21:06

information. So, you know, Canada,

21:08

India, Australia, Germany, all

21:12

these different countries essentially have some sort of data

21:14

residency requirement and there's different strictness

21:17

around what that means, as well

21:19

as guidelines around, are

21:21

you able to take data, transfer data of the

21:23

country? What kind of data are you able to

21:26

transfer? So I guess it's really complicated and difficult

21:28

to sort of navigate as a business and it

21:30

also can become a barrier to go to market

21:32

because like if I want to move into, let's

21:34

say China, then and

21:36

my company depends on SaaS products that don't

21:38

operate in China, how do I do that?

21:41

Like how do I essentially have

21:43

my marketing team collect information on HubSpot,

21:46

but HubSpot doesn't have a deployment in China. Like

21:48

these things start to get really complicated and difficult

21:50

to deal with. So that's one of the use

21:52

cases, one of popularly use

21:54

cases of Skyflow is essentially we

21:56

can deploy vaults to various regions around

21:59

the world. and make sure that your

22:01

customer data, the regulated data stays within those

22:03

countries as well as the compute on it,

22:05

while essentially taking your centralized

22:08

cloud system or SaaS products out of

22:10

scope from that. So that helps simplify

22:12

some of the compliance regulations. The other

22:15

big one that people

22:17

need to be aware of is, just

22:19

last week, the EU

22:21

passed their AI act. So because

22:24

of all the, obviously all the

22:26

growth and interest in generative

22:28

AI and large language models and everything that's happened

22:31

in the world of open AI and chat GPT,

22:33

which is like the center for all tech drama

22:35

right now, is there's

22:37

gonna be more regulations around

22:39

AI. Like President Biden had

22:41

his executive order last year where a lot of

22:44

it was around, it wasn't

22:46

necessarily like heaters and regulations, but they're clearly thinking

22:48

about going that way. Things are moving a lot

22:50

faster than they did in the social media era

22:52

where it took a decade or so for the

22:54

world to catch up and put for things like

22:57

GDPR. The AI

22:59

regulations are happening now. So the first

23:02

one to pass was Europe. It

23:05

probably take a few years before it's

23:07

actually in place where they're actually starting

23:09

to find companies for violations or hold

23:11

companies accountable, but these things are definitely

23:13

coming. So if you're a company that's

23:15

operating in that space or thinking about

23:17

investing in it, you need to be

23:19

thinking about these things now, or it's

23:21

gonna be back to 2018 when everyone was

23:23

scrambling to try to be compliant with

23:26

GDPR. Yeah, yeah, that makes sense. Thank you for that, Sean. Now,

23:29

let's switch gears for a second. Let's

23:31

start podcasts. So

23:34

you also host Software Engineering Daily

23:37

and as we mentioned, we had

23:39

good relationships with Jeff, the previous

23:41

host, and there's probably a good

23:44

bit of crossover between our audiences

23:46

as well. So how

23:48

are things going over at Software Engineering Daily and

23:50

give everyone a little bit about the show and

23:52

a little bit update of what's going on over

23:54

there? Yeah, absolutely. So Software

23:56

Engineering Daily is one of the three

23:58

podcasts I actually host. But

24:03

as the name would apply, it's focused on primarily

24:06

talking to engineering leaders or some nice

24:08

product leads. And there are usually 45 minutes

24:11

to an hour long sort of deep dive

24:13

into particular technology, or maybe some

24:16

sort of problem solution that a company went

24:18

through. I think some of our most popular

24:20

episodes are things that have focused that like,

24:22

how did Pinterest scale Kafka or something like

24:24

that? Deeply nerdy technical

24:27

topics. And

24:30

essentially Jeff Meyerson was the original host

24:32

and creator. Unfortunately, he passed

24:34

away now almost two years ago. And

24:37

his brothers took over the

24:39

show and then run things behind the scenes. And then

24:41

they brought myself and a couple other folks

24:43

in to help guest host the show. So I started

24:46

out originally writing for their blog,

24:48

as well as I had been on

24:50

an episode, one of Jeff's last hosted

24:52

episodes as a guest. So I'd

24:54

just been a fan of the show for years and

24:57

I got involved that way. And they approached me about

24:59

coming in and starting the host shows. And I started

25:01

with just a few shows and now I host a

25:03

show every Tuesday. So every Tuesday is

25:05

my day. And there's a couple other hosts

25:08

that are sort of the core hosts that make up

25:10

the show. And we essentially release

25:12

a podcast almost every day of the work week.

25:15

Yeah. Yeah. And I will say this, it's

25:17

just a heroic effort

25:20

to even get

25:23

a daily podcast scheduled and produced

25:26

it out there. I mean, it's just an amazing effort.

25:28

So definitely everyone go check it out if you haven't.

25:32

Yeah. I mean, it's a lot of fun for

25:34

me, especially as my career, I've moved somewhat further

25:36

away from sort of day to day coding and

25:38

engineering. So it's a great way. It's like a

25:40

forcing function for me to kind of stay tapped

25:43

in and learn about what's going on in the

25:45

industry and always be learning something new and get

25:47

to talk to like amazing people. And I'm sure

25:49

you have a similar experience with your job.

25:51

Absolutely. Absolutely. So we're going to wrap

25:53

it up there then. Sean, other than

25:56

Software Engineering Daily, any other

25:58

places, everyone, if they want to learn more about... all of

26:00

this, where can they follow you, where can they learn more

26:02

about everything going on? Yeah, absolutely. So

26:04

if anything I said around, you

26:07

know, data privacy vaults and privacy and security interests

26:09

you, feel free to check us out at skyflow.com.

26:11

And you can always connect with me on LinkedIn,

26:13

that's probably the best place and most active place

26:15

for me. And if you just search my name,

26:17

Sean Faulkner, there's not too many of us out

26:19

there. So you'll find me and I'm happy to

26:21

connect. Fantastic. All right. Well, Sean, thank

26:24

you very much for your time. And on behalf

26:26

of Brian and myself, thank you

26:28

everyone out there for listening. We certainly appreciate

26:30

it. If you enjoy the show, please tell

26:32

a friend, please, please leave us a review

26:34

wherever you get your podcasts. For

26:36

that, I'm going to close this out for this week and

26:38

we will talk to everyone next week.