351: IAM the One Spending All Your AI Money

Welcome to episode 351 of The Cloud Pod, where the weather is always cloudy! Justin, Matt, and Ryan are in the studio today and ready to bring you the latest in cloud and AI news. And it’s that time of year again – we’re coming up quickly on Google Next, place your AI money bets, so we’ve got our yearly predictions for what’s coming from Vegas, as well as more news about Mythos, Amazon finally becoming a utility, and even an aftershow where we discuss the computing power of Artemis. It’s a great show, so let’s get started! 

Titles we almost went with this week

• 🚶 Three StorageClasses Walk Into an AI Workload
• 📲 Deprecated Models Don’t Die, They Just Fail Your API Calls
• 📊 SQL Walks Into a Graph Bar and Stays
• 🧑‍💻 Too Many Agents Spoil the Workflow
• 📋 One Registry to Rule All Your Rogue AI Agents
• 🖥️ Eight CPUs Walk Into Space, Only One Comes Back
• 🧑‍💼 Stop Retyping the Same Gemini Prompt Like a Caveman
• 🛌 Claude Code Routines Let AI Work While You Sleep
• 📖 AWS Builds a Yellow Pages for Your AI Agents
• 🖲️ GPT Finally Stops Refusing to Talk About Hacking
• 🎙️ None of the hosts is ready for Next
• 🔮 We are once again trying to look into our next next next crystal ball and failing
• 🤖 Google is gonna announce AI, it’s just mandatory now
• 🎰 Las Vegas is calling, our Livers are crying

A big thanks to this week’s sponsors:

There are a lot of cloud cost management tools out there, but only Archera provides insured commitments. It sounds fancy, but it’s really simple. Archera gives you the cost savings of a 1 or 3-year AWS Savings Plan with a commitment as short as 30 days. If you do not use all the cloud resources you have committed to, Archera will literally cover the difference. Other cost management tools may say they offer “insured commitments”, but remember to ask: Will you actually give me my rebate? Because Archera will. 

Check out thecloudpod.net/archera to schedule a demo today. 

We also wanted to tell you about something coming to the US for the first time — WeAreDevelopers World Congress! 

They’ve been doing this in Europe for years, 15,000-plus attendees in Berlin, it’s one of the biggest developer events over there. Coté from Software Defined Talk is actually speaking at their Berlin event this summer, so we’ve got some firsthand context here. In September, they’re launching the North America edition. San José, September 23 to 25. 500-plus speakers, 18 tracks — cloud, infrastructure, DevOps, security, AI, data engineering, all of it. Speakers from Datadog, Honeycomb, Sentry, Google, LinkedIn, and Stack Overflow. Olivier Pomel, Christine Yen, Milin Desai, Kelsey Hightower – plus workshops and masterclasses, not just talks. These are people who know how to do a developer conference at scale. wearedevelopers.us, code DEVPOD26 for 15% off. Group rates on top of that for 4 or more.

Follow Up

01:47 AI Cybersecurity After Mythos: The Jagged Frontier 

• Since the original Mythos/Project Glasswing announcement, AISLE published follow-up testing showing that small, inexpensive open-weight models can replicate much of the vulnerability detection work Anthropic attributed to Mythos, with all 8 tested models detecting the flagship FreeBSD NFS buffer overflow, including a 3.6B parameter model costing $0.11 per million tokens.
• A notable correction to the framing of the original announcement: cybersecurity AI capability does not scale smoothly with model size or cost. 
• Model rankings reshuffle completely across different security tasks, meaning there is no single best model for cybersecurity work, which challenges the narrative that a restricted frontier model is required for this category.
• The current status of the broader AI security space is that AISLE reports 180-plus externally validated CVEs across 30-plus projects since mid-2025, predating Project Glasswing, and their system now runs on OpenSSL and curl pull requests in production, suggesting the category was already operational before the Anthropic announcement.
• A practical update for cloud practitioners is that specificity, meaning correctly identifying patched or safe code, remains a significant weak point across most models tested. Only one model was reliable in both directions, which reinforces that the orchestration layer and triage pipeline around the model matter more than the model itself for production security tooling.
• The broader ecosystem implication is that defensive AI security capabilities are accessible today with open or low-cost models, meaning organizations do not need to wait for access to restricted frontier models to begin building vulnerability discovery pipelines, though the scaffolding, security expertise, and maintainer trust-building remain the harder problems to solve.

03:09 📢 Justin – “If you’re in the security space and you want to have it poke holes at your app, it uses really complicated patterns to basically figure out different attack vectors and can actually link different vulnerabilities together.” 

General News 

06:11 AWS boss explains why investing billions in both Anthropic and OpenAI is an OK conflict

• Amazon has invested $8 billion in Anthropic and $50 billion in OpenAI, creating a situation where it holds significant financial stakes in two directly competing AI model companies.
• AWS CEO Matt Garman frames this as consistent with Amazon’s long-standing practice of partnering with companies it also competes against, citing Oracle selling its database services on AWS as an established precedent.
• The dual investment was partly driven by competitive necessity, as both Anthropic and OpenAI models were already available on Microsoft Azure, AWS’s primary rival in the cloud market.
• AI model-routing services are emerging as a key battleground, where cloud providers let customers automatically select different models for different tasks, which also creates a path for cloud providers to insert their own first-party models into customer workflows.
• Investor loyalty in AI is broadly eroding, with at least a dozen OpenAI backers also investing in Anthropic’s recent $30 billion round, including Microsoft, suggesting this multi-sided investment pattern is becoming standard across the industry.

07:34 Google Next Predictions

Justin

1. Wiz + Google Cloud Security/Product Offering
2. Antigravity IDE + Gemini CLI (agent mode) enhancements
3. Ironwood TPU GA and/or dedicated Inference-based CHIP

Ryan

1. Gemini 3.1 Pro GA & Teasing Gemini 3.5 or 4 or future model
2. Enhancements with agents and Agentic
3. VMware interruption based on Kubernetes? (Opposite of Tanzu)

Matt

1. Default Guardrails in AI in general. How Gemini will have guard rails via Vertex. 
2. Agentic coding tooling and how developers are leveraging Agentic (SDLC)
3. 3 Non AI Announcements

Runner Ups

• A2A protocol 1.0 released
• Turboquant Ships in Vertex AI
• Something waymo
• Biqquery AI Agents
• Gemini 3.1 Flash GA
• Axion Gen 2
• Nano bananas updates
• Sovereign Cloud AI
• Gemini Robotics API Preview
• Hugging Face
• AWS Activate type program 
• AP2 Payment Protocol
• AI in Android
• Gemini + Boston Dynamics
• Glasswing Answer

How many times is AI said on stage? 

• Matt- 99
• Ryan- 75
• Justin- 115

AI Is Going Great – Or How ML Makes Money 

24:35 Claude Managed Agents: get to production 10x faster

• Anthropic launched Claude Managed Agents in public beta on April 8, 2026, a suite of composable APIs that handle production infrastructure like sandboxed code execution, state management, credential handling, and end-to-end tracing so developers can focus on defining tasks and guardrails rather than building backend systems.
• The platform includes long-running autonomous sessions, multi-agent coordination (in research preview), and trusted governance with scoped permissions and identity management, with internal testing showing up to 10 percentage points improvement in task success over standard prompting loops on structured file generation tasks.
• Pricing is consumption-based at standard Claude Platform token rates plus $0.08 per session-hour for active runtime, which positions this as a managed alternative to self-hosted agent infrastructure where teams would otherwise spend months on setup before shipping anything to users.
• Early adopters include Rakuten, which deployed specialist enterprise agents across five business functions within a week each, and Sentry, which shipped a bug-to-PR pipeline in weeks instead of months by pairing their existing Seer debugging agent with a Claude-powered patching agent.
• Developers can get started via the Claude Console, the new CLI, or by using Claude Code with the built-in claude-api Skill, with multi-agent coordination and self-evaluation features still gated behind a research preview access request form.

25:51 📢 Ryan – “So I don’t have to get a fleet of Mac Minis to run all my AI things?” 

26:41 The next phase of enterprise AI

• OpenAI reports enterprise now accounts for more than 40% of revenue and is projected to reach parity with consumer revenue by the end of 2026, with APIs processing over 15 billion tokens per minute and Codex reaching 3 million weekly active users.
• OpenAI Frontier is positioned as a company-wide agent deployment and management layer, distinct from single-product agent implementations, allowing agents to operate across an organization’s tools, systems, and data with centralized governance and permissions.
• A Stateful Runtime Environment being co-developed with AWS is designed to give agents persistent context and memory across sessions, addressing a core limitation for complex enterprise workflows that span multiple tools and data sources.
• OpenAI is building toward a unified AI superapp that consolidates ChatGPT, Codex, and agentic browsing into a single employee-facing interface, with the stated goal of reducing enterprise rollout friction by leveraging ChatGPT’s existing 900 million weekly users who are already familiar with the interface.
• Frontier Alliances‘ partnerships with McKinsey, BCG, Accenture, Capgemini, Databricks, and Snowflake indicate OpenAI is pursuing an integration-first enterprise strategy, meeting customers within existing data infrastructure rather than requiring migration to new platforms.

27:44 📢 Ryan – “This sounds great; all these AI models are only as good as the data they have access to, and when you get into the Enterprise, you’re trying to integrate with all the IT services and other platforms that are used for development or other parts of the business, design tools – there’s all kinds of stuff. And it’s really tricky to sort of manage that. I’ve seen two models where you’re kind of left to your own devices, setting up your own MCP server or your own local integration somehow, or, if there is a platform, you know, sort of a sparse support of that. So I’m really happy to see this developed, and I’m really eager for this type of framework to be more prevalent.”

29:11 Introducing Muse Spark: Scaling Towards Personal Superintelligence

• Meta launched Muse Spark, the first model from its new Meta Superintelligence Labs division, available now at meta.ai with a private API preview opening to select users. 
• It is a natively multimodal reasoning model supporting tool-use, visual chain of thought, and multi-agent orchestration.
• A new Contemplating mode orchestrates multiple agents reasoning in parallel, achieving 58% on Humanity’s Last Exam and 38% on FrontierScience Research, positioning it alongside extreme reasoning modes from Gemini Deep Think and GPT Pro.
• Meta claims its new pretraining stack reaches equivalent capabilities with over an order of magnitude less compute than Llama 4 Maverick, which has direct implications for infrastructure costs and efficiency at scale, including their new Hyperion data center investment.
• The model uses a multi-agent test-time scaling approach that delivers stronger performance at comparable latency versus single-agent extended thinking, and applies token compression via thinking time penalties to optimize reasoning efficiency for serving at scale.
• A notable safety finding from Apollo Research identified that Muse Spark showed the highest rate of evaluation awareness of any model they have tested, frequently identifying scenarios as alignment traps. Meta concluded this was not a blocking concern for release but acknowledged it warrants further research.

33:22 📢 Justin – “So the thing about what’s on Humanity’s last exam right now is that the last update is from February 20th. So we’re just waiting to see when Mythos and this new Meta one get added to it, so that’ll be interesting.”

33:41 Introducing routines in Claude Code

• Anthropic launched routines in Claude Code as a research preview, letting developers configure automated workflows once with a prompt, repo, and connectors, then run them on a schedule, via API call, or in response to GitHub events without requiring a local machine to be running.
• Three trigger types are supported: scheduled cadences (hourly, nightly, or weekly), API-triggered endpoints where each routine gets its own URL and auth token, and GitHub webhook events that spin up a new session per matching PR and continue feeding it updates like comments and CI failures.
• The cloud-hosted infrastructure removes the need for developers to manage their own cron jobs, MCP servers, or additional tooling, since routines ship with built-in access to repos and connectors.
• Daily routine limits are tiered by plan: Pro users get 5 per day, Max users get 15, and Team and Enterprise users get 25, with additional runs available through extra usage at the same subscription usage rate as interactive sessions.
• Practical use cases already emerging include nightly bug triage that pulls from Linear and opens draft PRs, on-call alert summarization posted to Slack, and automated PR review flagging for sensitive code modules like authentication providers.

38:32 Trusted access for the next era of cyber defense

• OpenAI launched GPT-5.4-Cyber, a fine-tuned variant of GPT-5.4 specifically designed for cybersecurity work, with reduced refusal boundaries for legitimate defensive tasks and new binary reverse engineering capabilities that let security professionals analyze compiled software without source code access.
• The Trusted Access for Cyber program is expanding from a limited pilot to thousands of individual verified defenders and hundreds of teams, with tiered access levels based on identity verification through chatgpt.com/cyber for individuals and a separate enterprise request process for organizations.
• Codex Security, which has been in preview, has contributed to fixing over 3,000 critical and high-severity vulnerabilities across the ecosystem, and OpenAI is positioning it as a shift from periodic security audits to continuous automated vulnerability detection integrated into developer workflows.
• Access to GPT-5.4-Cyber comes with notable tradeoffs for cloud and API users, specifically that Zero-Data Retention options may be restricted for higher-tier cyber-permissive access, which is a meaningful consideration for enterprises that rely on ZDR for compliance or data privacy requirements.
• OpenAI is framing this as a dual-use risk management challenge rather than a simple model release, explicitly acknowledging that cyber capabilities depend on user context and trust signals rather than model capability alone, and building automated verification systems to scale that judgment without manual review.

33:52 📢 Justin – “So weird. A week after Mythos.” 

41:53 Redesigning Claude Code on desktop for parallel agents 

• Anthropic released a redesigned Claude Code desktop app built specifically for managing parallel agentic coding sessions, with a new sidebar that lets developers run simultaneous tasks across multiple repos and filter sessions by status, project, or environment.
• The app introduces a drag-and-drop layout system where developers can arrange the terminal, diff viewer, file editor, and chat in custom grid configurations, reducing the need to switch between external tools during code review and shipping.
• A side chat feature (Command/Ctrl + semicolon) lets developers ask questions mid-task without polluting the main session context, a practical way to keep long-running agentic tasks on track.
• The redesign adds three view modes (Verbose, Normal, Summary) to control how much detail is shown about Claude’s tool calls, plus a usage indicator showing both context window and session consumption at a glance, which matters for teams managing API costs.
• The updated app is now available for Pro, Max, Team, and Enterprise plan users, as well as via the Claude API, with SSH support now extended to Mac in addition to Linux for pointing sessions at remote machines.

43:05 📢 Ryan – “So this is everything I was just complaining about earlier. This is perfect. This is why – not having this level of tools – why I haven’t really adopted Claude Code for my main workflows. Because everything that they’re announcing here is exactly what I use GitHub Copilot for.” 

AWS

46:02 Manage AI costs with Amazon Bedrock Projects 

• Amazon Bedrock Projects lets organizations attribute AI inference costs to specific workloads by passing a project ID in API calls, which then flows into AWS Cost Explorer and AWS Data Exports for analysis. 
• This addresses a real operational gap for teams doing chargebacks or investigating cost spikes across multiple AI applications.
• The feature works by attaching resource tags to projects and activating them as cost allocation tags in AWS Billing, using the same tagging and cost management tools organizations already use for other AWS services. 
• Tags can cover dimensions like application, environment, team, and cost center.
• Bedrock Projects currently supports the OpenAI-compatible APIs, including the Responses API and Chat Completions API, meaning teams already using the OpenAI SDK can adopt this with minimal code changes by simply adding a project ID parameter. Requests without a project ID automatically fall to a default project, which could create attribution gaps if not managed carefully.
• Organizations can create up to 1,000 projects per AWS account, and there is a 24-hour delay before tags propagate to Cost Explorer and Data Exports, so activating tags immediately after creating the first project is recommended to avoid gaps in billing data.
• Pricing for this feature is not separately itemized since it layers on top of existing Bedrock inference costs, but the value is in visibility rather than new spend, helping teams identify where AI budget is actually going before costs scale further.
• https://aws.amazon.com/about-aws/whats-new/2026/04/bedrock-iam-cost-allocation/ 

46:19 📢 Justin – “I can tell you that this is a must-have. Every cloud provider needs to provide this capability. This is a major problem in Vertex. It’s a major problem in Bedrock. And even the project level is probably not granular enough. I need it at IAM identity level.”     

50:56 Introducing stateful MCP client capabilities on Amazon Bedrock AgentCore Runtime

• Amazon Bedrock AgentCore Runtime now supports stateful MCP servers, enabling bidirectional communication between MCP servers and clients. 
• The key change is a single flag, stateless_http=False, which provisions a dedicated microVM per user session lasting up to 8 hours.
• Three new client capabilities are now available: elicitation for pausing tool execution to collect user input mid-workflow, sampling for delegating LLM generation back to the client without the server needing its own model credentials, and progress notifications for streaming real-time status updates during long-running operations.
• The sampling capability is particularly notable for enterprise use cases because it allows MCP servers to leverage the client’s connected LLM without holding API keys or model credentials directly, keeping model access control on the client side.
• Each stateful session gets CPU, memory, and filesystem isolation via microVMs, with sessions tracked through an Mcp-Session-Id header. 
• Sessions expire after 15 minutes of inactivity or a maximum of 8 hours, after which clients must reinitialize.
• Practical use cases include multi-step financial workflows that confirm transactions before writing to DynamoDB, travel booking tools that search options and then ask users to choose, and batch processing jobs that report incremental progress rather than leaving users waiting on a blank screen.

51:53 📢 Justin – “This can be dangerous. So definitely this one, if you’re implementing stateful MCPs, I would make sure you have a very good security model for them.” 

54:53 AWS Agent Registry for centralized agent discovery and governance is now available in Preview

• AWS Agent Registry, part of Amazon Bedrock AgentCore, is now in preview as a centralized catalog for discovering and governing AI agents, tools, MCP servers, and custom resources within an organization, helping teams avoid rebuilding capabilities that already exist.
• The registry supports URL-based discovery that automatically pulls metadata like tool schemas from live agent endpoints, plus an approval workflow so admins can gate what becomes discoverable, with CloudTrail providing full audit trails for compliance.
• Developers can search the registry using natural language semantic search or keyword search, and can access it via the console, AWS CLI, SDK, or directly from their IDEs as an MCP server, supporting both IAM and OAuth with custom JWT.
• The preview is available in five regions: US East (N. Virginia), US West (Oregon), Europe (Ireland), Asia Pacific (Tokyo), and Asia Pacific (Sydney), with no pricing details published yet for this preview feature.
• For organizations running multiple AI agent projects across teams, this addresses a practical governance gap by providing visibility into what agents exist and enforcing policies before new ones are deployed or discovered.

55:44 📢 Ryan – “It’s funny cause I don’t really think about Bedrock AgentCore for Enterprise, but maybe it would allow that, maybe in a sideways kind of way.”

56:46 Kiro CLI 2.0: a new look and feel, headless CI/CD pipelines, and Windows support

• Kiro CLI 2.0 introduces headless mode, allowing developers to run the agentic terminal programmatically via API key and environment variables, enabling integration into CI/CD pipelines and build scripts without user interaction.
• Native Windows support removes the need for workarounds like WSL, letting developers use Kiro agents directly in Windows Terminal for tasks like codebase navigation, bug tracing, and workflow automation.
• The updated TUI is now generally available after an experimental period, adding a subagent monitoring view accessible via Ctrl+G, real-time task lists, and parallel subagent execution that protects parent agent context on complex tasks.
• The headless mode is particularly relevant for teams looking to automate pull request generation and deployment troubleshooting workflows, reducing the need for continuous manual monitoring in release pipelines.
• Pricing details are not specified in the announcement, so listeners interested in production use should check kiro.dev for current plan information before building automation workflows around the headless API.

58:37 Amazon.com, Inc. – Amazon to Acquire Globalstar and Expand Amazon Leo Satellite Network

• Amazon is acquiring Globalstar in a deal expected to close in 2027, gaining its LEO satellite fleet, MSS spectrum licenses with global authorizations, and direct-to-device technology to expand the Amazon Leo satellite network beyond its current broadband focus.
• Starting in 2028, Amazon Leo will deploy a next-generation Direct-to-Device satellite system enabling voice, text, and data services on standard mobile phones without specialized hardware, targeting coverage gaps where terrestrial cellular networks cannot reach.
• Amazon and Apple have signed an agreement for Amazon Leo to power satellite features on iPhone 14 and later and Apple Watch Ultra 3, continuing services like Emergency SOS, Messages, Find My, and Roadside Assistance via satellite that Globalstar currently provides to Apple.
• The combined network is designed to support hundreds of millions of endpoints globally, with practical applications spanning consumer emergency messaging, enterprise IoT, fleet tracking, disaster response fallback connectivity, and rural broadband extension.
• For AWS customers and partners, this positions Amazon as a vertically integrated connectivity provider competing directly with Starlink and other satellite operators, which could eventually influence how edge computing, IoT, and hybrid cloud architectures are designed for remote and mobile deployments.

59:28 📢 Justin – “I guess we can finally say that the conversion from Amazon the bookstore to Amazon the utility is finally complete.” 

GCP

1:03:02  Optimize AI/ML workloads with GKE Cloud Storage FUSE Profiles 

• GKE Cloud Storage FUSE Profiles, now generally available in GKE version 1.35.1-gke.1616000, automate storage configuration for AI/ML workloads by replacing manual tuning with three pre-built StorageClasses: gcsfusecsi-training, gcsfusecsi-serving, and gcsfusecsi-checkpointing.
• The feature addresses a real operational pain point where customers were leaving performance on the table or experiencing Pod Out-of-Memory kills due to misconfigured Cloud Storage FUSE settings that previously required navigating dozens of pages of documentation.
• The system dynamically scans your bucket and analyzes node resources, including RAM, Local SSD, and accelerator type, to calculate optimal cache sizes at deployment time, removing the need to manually account for these variables across different infrastructure configurations.
• The serving profile includes automated Rapid Cache integration, and Google reports a notable real-world result: model loading time for a Qwen3-235B-A22B workload on TPUs dropped from 39 hours to 14 minutes using the inference profile.
• Pricing for this feature follows standard GKE and Cloud Storage pricing since the profiles are pre-installed StorageClasses within the CSI driver, though teams should factor in Local SSD and RAM usage costs that the system may allocate automatically based on node resources.

1:04:12 Generate 3D models and interactive charts with the Gemini app

• Gemini now generates interactive 3D models and charts directly in chat at gemini.google.com, moving beyond static text and diagrams to functional simulations users can manipulate in real time. 
• This is available by selecting the Pro model and prompting Gemini to “show me” or “help me visualize” a concept.
• The feature supports adjustable parameters like sliders and numeric inputs, so users can modify variables such as gravity or velocity and immediately see updated results. 
• This makes it practical for exploring scientific concepts, physics simulations, and molecular structures without external tools.
• The rollout is global for standard Gemini app users, though Education and Workspace accounts are currently excluded. No additional cost is mentioned beyond existing Gemini Pro access, so pricing appears to be included within current subscription tiers.
• Likely use cases include education, research, and data analysis workflows where visual exploration of complex systems adds clarity. 
• Industries like life sciences, engineering, and academic institutions stand to benefit most from interactive molecular and physics visualizations.
• For GCP customers, this signals Google’s direction toward embedding richer, interactive AI outputs into its Gemini ecosystem, which could eventually extend to Workspace and enterprise tools once the Education and Workspace exclusion is lifted.

1:04:56 📢 Ryan – “This is something that makes me think about actively getting a Gemini Pro account, which I don’t have today. Just the amount of stuff that I do with 3D printing, and being able to generate a model that I can then import into a tool, and fuse and tweak it, or maybe just would generate G code directly. So this is, I like this, and it’s definitely something I can see myself using.”

1:06:59 Essential AI and cloud security now on by default

• Google Cloud is automatically enabling an enhanced Security Command Center Standard tier for eligible customers at no cost, adding AI protection features, including a unified dashboard that detects unprotected Gemini inference and reports on LLM guardrail violations, with general availability expected by the end of June 2025.
• The free Standard tier now includes more than 44 misconfiguration checks based on the Google Cloud Security Essentials compliance framework, up from the previous count by 21 checks, along with agentless critical vulnerability scanning and graph-driven risk prioritization.
• Data security posture management has been added to the free tier, allowing teams to discover and visualize data across Vertex AI, BigQuery, and Cloud Storage, with Compliance Manager included for automated monitoring against the GCSE framework.
• SCC now surfaces in-context security findings directly inside Cloud Hub, GCE, and GKE dashboards, giving infrastructure administrators security insights without switching between tools, which should reduce time to remediation.
• Organizations needing advanced capabilities like threat intelligence, virtual red team risk analysis, or malware scanning can start a 30-day free trial of SCC Premium directly from the console, with the Standard tier serving as a no-cost baseline for teams not yet ready for premium features.

1:07:52 📢 Ryan – “I really like this, and especially the free tier aspect of this, just because it is already such a challenge to know where your AI workloads are. And then having the specific configuration checks is great. I do think that the checks themselves – I played around with the 21 – they were a little basic, so it wasn’t that great. I do think it’s a great thing to have. The data scanning is super key, because that’s typically been really expensive to run and classify your data, and know where your sense of data is. So very cool.” 

1:08:40 Looker Studio is Data Studio 

• Google is rebranding Looker Studio back to its original name, Data Studio,  positioning it as a hub for personal data exploration and ad-hoc reporting across Google data sources, including BigQuery, Google Sheets, and Google Ads.
• The platform now serves as a single location for multiple asset types beyond traditional reports, including BigQuery conversational agents and data apps built in Colab notebooks, reflecting a broader shift toward AI-era analytics workflows.
• Data Studio will coexist with Looker rather than replace it, with Looker remaining the enterprise BI platform focused on governed data and semantic modeling, while Data Studio targets individual and small team use cases.
• Pricing follows a two-tier model: the standard Data Studio remains free for individual use, while Data Studio Pro adds AI features, enterprise security, and compliance capabilities at a paid tier purchasable through the Google Cloud console or Google Workspace Admin Console (specific Pro pricing was not disclosed in the announcement).
• Existing users should see no disruption, as all current reports, data sources, and assets will migrate automatically to the new experience without any required action.

1:09:34 📢 Justin – “That was one of the big problems with Looker Studio, was that it wasn’t really meant for enterprise. So this Data Studio Pro version gives you that capability, finally.” 

1:10:51 Introducing BigQuery Graph

• BigQuery Graph is now in preview, bringing native graph analytics into BigQuery using the ISO GQL standard. 
• This lets analysts run multi-hop relationship queries without leaving BigQuery or learning a separate graph database system.
• The key technical distinction is that graph schemas are created on top of existing relational tables with no data duplication or movement. Users can mix SQL and GQL in the same queries, which lowers the barrier for teams already invested in SQL skills.
• Integration with Spanner Graph is a notable addition, allowing federated queries that combine real-time Spanner data with historical BigQuery data in a single virtual graph. This addresses a common pain point where operational and analytical graph data live in separate systems.
• Real-world results from early adopters give some concrete numbers to consider: Curve reported roughly 9.1 million pounds in fraud savings by replacing SQL-based network analysis with graph queries, and Virgin Media O2 is running 4-hop queries to map relationships between accounts, devices, and activities.
• Pricing is not explicitly stated in the announcement, as this is a preview feature, so listeners should check the BigQuery documentation here for current details. 
• Primary use cases include fraud detection, supply chain analysis, drug discovery, and customer relationship modeling.

1:12:40 Turn your best AI prompts into one-click tools in Chrome

• Google launched Skills in Chrome, a feature that lets users save custom Gemini prompts and rerun them with a single click using the forward slash or plus button interface, eliminating the need to retype repeated prompts across browsing sessions.
• Skills can operate across multiple tabs simultaneously, which makes it practical for tasks like comparing product specs or scanning several documents at once without manual prompt repetition.
• Google is also shipping a pre-built Skills library for common workflows like ingredient breakdowns, gift selection, and macro calculations, with options to customize any library Skill by editing the underlying prompt.
• On the privacy and security side, Skills inherits Chrome’s existing Gemini safeguards, including automated red-teaming and confirmation prompts before sensitive actions like sending email or adding calendar events.
• Saved Skills sync across signed-in Chrome desktop devices, making this more of a persistent personal workflow tool than a one-off browser feature, though it is limited to desktop, and there is no mention of separate pricing beyond existing Gemini in Chrome access.

1:14:42 📢 Ryan – “I’m trying to figure out whether I like this or not, right? Because I can think of some things that are kind of cool. And I’m trying to get around the, you know, the silliness of just executing things without really knowing what’s going on. That’s usually how security problems get introduced.”

Azure

1:17:36 Microsoft’s Agent Stack Confuses Developers While Rivals Simplify

• Microsoft released Agent Framework 1.0 on April 3, merging Semantic Kernel and AutoGen into a single SDK after maintaining them as incompatible parallel frameworks. 
• AutoGen will now receive only bug fixes and security patches, meaning developers on either framework face meaningful migration work to adopt the new unified tool.
• The Azure agent stack still spans multiple distinct surfaces, including Agent Framework for pro-code development, Copilot Studio for low-code, Foundry Agent Service as the managed runtime, and the Microsoft 365 Agents SDK for Teams distribution. Each surface has its own documentation and deployment model, requiring enterprise teams to make platform decisions before writing any agent logic.
• Agent 365, a governance and compliance control plane for monitoring agents at enterprise scale, reaches general availability on May 1 at $15 per user per month. This adds another procurement decision on top of the existing build and runtime layers rather than consolidating them.
• By comparison, Google Cloud’s Agent Development Kit feeds directly into Agent Engine on Vertex AI with a single CLI command for deployment, and AWS positions Strands Agents SDK as a thin framework that pairs cleanly with AgentCore as its managed runtime. Both competitors offer a more direct path from local development to production without requiring lateral platform decisions.
• Enterprise teams evaluating Azure for agentic workloads should map which surfaces their development, operations, and security teams will standardize on at each layer and account for the organizational cost of those decisions, including migration effort from Semantic Kernel or AutoGen.

1:19:11 📢 Matt – “Microsoft making things harder and more confusing? Never. ”\

After Show

54:04 How NASA Built Artemis II’s Fault-Tolerant Computer – Communications of 

the ACM

• Artemis II’s Orion capsule runs eight CPUs in parallel across four Flight Control Modules, using a fail-silent design where faulty processors drop out rather than transmit bad data, and the system can lose three of four modules within 22 seconds and still operate safely on the remaining one.
• The architecture enforces strict determinism through time-triggered Ethernet and an ARINC653 scheduler, ensuring all processors see identical inputs and produce identical outputs, which is a notable contrast to modern Agile and DevOps practices, where this level of architectural discipline is increasingly uncommon.
• NASA uses dissimilar redundancy for the backup system, meaning different hardware, a different operating system, and independently written, simplified software, specifically to prevent a common software bug from taking down both primary and backup systems simultaneously.
• The verification process relies on supercomputer-scale fault injection and Monte Carlo stress testing to simulate full mission timelines with catastrophic hardware failures introduced, which offers a practical model for how cloud and infrastructure teams might approach resilience testing at scale.
• The broader industry implication is that as software takes over functions previously handled by mechanical or manual controls, whether in spacecraft, autonomous vehicles, or industrial systems, the engineering patterns developed here around fail-silent design and layered redundancy become increasingly relevant outside of aerospace.