43. Evan Driscoll & Dion Almaer Unleash Augment's Software Engineering Revolution with Secure AI

Hello everyone, and welcome to another episode of the security podcast of Silicon Valley. I'm here today with two very special guests and co-host Sasha Sienkiewicz. Hi everyone. It's a pleasure to co-host this episode.

And we have two amazing leaders from Augment Computing, Evan Driscoll and Deanne Almere. Hey folks. Hi guys. Thanks for inviting us.

Welcome to the show, guys. Thank you. Evan, you are VP of Engineering. You have started your career about 32 years ago, and you've held many different leadership roles throughout many different companies.

Your most recent role was at Pure Storage, and you were VP of Engineering for about a decade. And today, Augment is happy to have you as VP of Engineering. What would you say is the most interesting part of your career, and what has led you to be a VP of Eng at Augment today? How did you arrive here?

So you're really dating me, so thank you for that. People on the podcast can't see the gray hair. Remember the punch gods? Was it the punch god era that you most enjoyed?

Thanks, Deans. Always the most exciting thing is the thing currently in front of me, the challenge around the corner. How do you reinvent yourself for the next big problem? So at Pure Storage, I didn't know a lick about storage when I initially joined, but I saw a really amazing team of solid engineers in that interesting market.

And so that was a lot of fun. And it was through Pure Storage that I met Igor Afstromsky. He's one of the co-founders at Augment. And when Igor became an engineer in residence of Southern Hill, and he got funding, he called me.

And that was, in some ways, like a super exciting point of, I don't know anything about AI, or at least I didn't at the very beginning. And yet, you could already see the potential for how this was going to impact the world and how it's going to impact specifically our craft, software engineering. It was just a really exciting point to say, okay, is it time for me to reinvent myself again and to get into that type of leadership? I've always steered towards more leadership plays.

And I think it's predominantly because I'm not the smartest guy in the room, right? So typically the engineers are, but I do have a decent common sense about how to get really highly effective teams. And I follow a leader-servant type of model. So I really get tons of joy out of seeing engineers do amazing work.

And how do you build an environment where they can be amazing? And Augment has just taken us to the next level with like, okay, not only are we building an engineering team, but we're also building a research capability, which is a whole new, exciting challenge. And you have to build a product with AI that has to be a solid SaaS service with all the security and privacy guarantees. That is still a new surface area for this entire technology.

So there's just lots of interesting hard problems here, nothing to be bored about. So yeah, for me, it's what motivates me is that next hard problem. And certainly if I get too comfortable in a place, that means I've stopped learning. So I'm always weary of getting too comfortable.

Augment, I've not had a comfortable day yet. And I feel like in your AI space in general, there's a lot for all of us to learn. And in general, it's just a great mindset is to always learn. Dian, what about you?

What's your story and how did you land at Augment? So my career has been bouncing between startups and big companies. I've been at Google twice and other large companies always focused on building developer platforms and ecosystems. And it was actually fun how I got to Augment.

And I was two major things in my career that kind of somewhat link into what we're doing here. One was I got to work with a team in what used to be called X at Google, doing all of the moonshots. And this team had built some models focused on code. They were all about, could we help with some toil where like our internal software engineers, highly skilled, of course, at Google, highly paid.

And they're spending a bunch of time on stuff that's grunt work. What if we could like help them? And so I started to build some models that would nudge you along so you could stay tip of tree. Google was famously mono repos.

And got to learn a lot with that team on what we could potentially do. And this was pre-LLM. So it wasn't quite at the quality that we're able to do now. Then fast forward, my last role was I was a VP of Shopify.

And we built a bunch of developer tools using LLMs. And that's where I got to see that you could do the cool demo and like a week or two. But it wasn't just about the foundational models, right? Like they're foundational, obviously.

But like what's all of the infrastructure around it? What's special about code? You can run code as AST. There's so much about code that's different than just putting out text.

And I felt, well, the team there felt restricted in the beginning. We were just calling into the black box of GPT. And it's amazing as a foundational model. But there were all these things we wanted to tweak that we just couldn't at the time.

And so I actually came into Sutter Hill, as Evan mentioned earlier. And I started to chat with a couple of friends that we all have there now. Someone called Luke Robolsky, who I worked with at Google. He was a UX director there.

Amazing UX thinker. And Sam Pilara, who's the CTO at Sutter Hill, and was chatted about like, kind of want to start another DX Inc. Developer tools startup with all of the new coolness that we have with LLMs and a bunch of ideas. And they both looked at each other and grinned.

I'm like, you need to talk to some people that are in this building, in fact. And that's what led me to Igor, the other co-founder guy who worked on research at Google, did really world-class work there with LLMs and reasoning. There's a Minerva paper that talks all about that. And Evan, who was being humble about, you know, I'm not the smartest in the room, but immediately saw how capable he was and just really resonated as a peer with product and engineering.

You have seen different relationships in the past. They become siloed worlds, pointing at each other. A product is like, hey, this is the thing. I just want you to build it.

I don't want any of your input. And engineering is like, what the hell? These bozos are just like telling us the stuff. And so after spending time with Evan, I knew like, okay, we can really be a team on.

Yeah, this could work. It's just good. And that's definitely been true from my side. So I was just super excited about like being able to really tackle these problems, really getting rid of toil for developers.

You can be so much more productive, especially if you just marry the kind of like the best of the humans and developers with the best of computers. Yeah, it's a huge testament to the founders putting all of the talent together in the same room and securing the vision. That's what company literally is. Company is, it's all about people.

And putting this amazing team to execute on the vision is extremely awesome. Could you give us an overview of our. . .

Or like, what's the problem that was like? Aha. Yeah, so Augment in the name itself tells a lot about the philosophy, right? Like we're here to augment the humans, not to replace the humans, right?

Like we feel like there's a lot of power with computing, with this new capability and capabilities that AI is bringing to the table. And obviously we've only just begun with these capabilities. So how can we dramatically change software engineering, right? Not just like a few percentage points of productivity and the like, like how can we really rethink this?

And being an, you know, I was an engineer early on in most of my career and I actually love coding. Like that's the part that's really fun. And then I'd be at some larger companies where there's lots of other stuff that wasn't as fun. And so what if you could change the way it is for developers at a company where they can feel productive, they can solve problems.

They can work. It's a team sport. It's not a solo thing, right? We like to sometimes think of the engineer in the basement hacking on some problem, but delivering software is a team sport.

So what can we bring in a system that would allow teams to be able to be incredibly productive? And I've been in one environment in particular that was a non-tech company. There was a large enterprise company. And to be honest, it was a little bit painful to see how slow everything is.

But the developers were trying to build stuff, just like all of the waste that was happening. And I think we can totally change the game there. Here we are today. Augment exists.

We're augmenting the total developer experience. There's, it's a, I don't want to say crowded marketplace, but there's a few players. What does Augment do better than everyone else? Yeah.

So I think when Igor was an entrepreneur in residence, like Evan mentioned, he started going really deep on to actually pull off something that reaches its potential. We need an AI and a system, a platform that can deeply understand a code base and deeply understand a really large code base. And a code base that has lots of dependencies that kind of get their tentacles into all kinds of different repos that are out there. And so what would it take to really get that deep expertise of a code base, right?

We want it to feel like some systems, it feels like I'm pair programming with a smart engineer that understands the language I'm using, or maybe the framework I'm building a web app in React. But we want something where it feels like you're pairing with the principal engineers, the most senior engineers at your company that understand the domain, understand the best practices. And that just delivers a very different experience. So I think at our core, that deep understanding is the beginning.

The other part of it is speed is incredibly important. So like with search engines, there were tons of search engines, and then Google comes along and it was a very different experience, right? And it married the very simple UX, the performance, and the quality of the results that you got. And by having this vertical AI team and building the entire stack kind of soup to nuts, we can deliver something that's at the kind of speed of thought as you're writing code.

It's right there, able to give you suggestions, keep you in the flow at the highest possible quality. And then the third part of the triangle is from the beginning, as I'm sure we'll talk about, having security and IP protection at its core, right from daily one. And so having these different pieces where it's not a trade-off of like, oh, I can only do cap theorem, which one can I do? Everything was baked in right from the beginning, secure by default, high speed, high quality.

We believe when you can own the entire stack, you could deliver that. Yeah, user experience in any product is crucial. A good and a strong, well-designed product is what supports the user experience. Evan, can we drill down a little bit more in the data security side of Augment and how Augment handles data security tasks?

Sure. So for us at Augment, security is just ingrained in our culture, right? It has to be. For many products, data security is a bit of an apathot, something you do after you get market traction.

For all we knew at the very beginning, this had to be a core value, right? So the notion of large language model that has the context of your code base means that we need, in some ways, unfettered access to your code base. We have to have that context. And we have to do that in such a way that companies feel comfortable giving us that access.

And that's an incredible responsibility that we have. And so this has to be a core value for us. And we have an amazing team of engineers and researchers, and we're building tools for other engineers. And so the expectations are off the charts, right?

In terms of what would other engineers, if we were selling this product to ourselves, what would our expectations for security and privacy be? Right? And we would have very high expectations. And so that's like the core team.

The people that we brought on in the very core team at the very beginning, security was one of the main thoughts that we've had. In practice, that means that even though you're at the very start of this journey, you have to be thinking longer term. But you have to start with an architecture that has layers of security with tightly controlled access, operating on principles of least privilege, works listed about data categorization, what can and can't be logged. And we minimize data collection wherever possible.

All data obviously is encrypted on the wire and rest. And we built things like MTLS, OpenID Connect, and a non-extractable API. And that's just like the thought and care that has to go in the architecture. And that's, again, something that if you start with those types of principles, it takes you a longer time to build the end solution.

But you end up with a really solid foundation, right? And that's because we had a great team, senior staff that knew the importance of this, and we had all internalized it. Now, this doesn't all make you believe until you try to have a third party prove it otherwise, right? So that third party attestations is super important.

So we've done SOC 2. We partnered with an extremely rigorous third party pen tester, a pen testing firm that we gave access to our source code, access to our cloud. And they were unable to break us, right? They were unable to like penetrate that framework that we have.

And again, it's all make believe until you actually have a very well-informed red team try to break you. So that's just like where we've come from, where we're going. But we believe that you can build a secure AI system and unlock the future of software development without compromising security or data privacy. It sounds like the layered approach of security has been taken from day zero.

The multiple layers that protect infrastructure, that protect the application itself, and many different corporate controls have been in place from day zero. You've mentioned a lot of very important concepts, and one of them was non-extractable API. Can we drill down into that? Explain to our listeners what does it mean and why is it important?

Yeah. So it's pretty much how it sounds, right? So in this case, it's an API where effectively our system will upload information, say about your code base, but there's no corresponding API to actually download said information, right? Because we don't, there's no need to.

As a client, you already know your code base. You don't need to download it. We don't need to provide an API for others to download it, certainly. But we do provide that for the inference time of solving engineering tasks.

The nice thing about having this sort of type of API is that it really reduces the attack surface area of your public API. And so in this case, it's needed for accessing that developer code. And we have to do it as you're working on it. So the state of your code exactly when you're working on it is what we need to reflect.

And we have to do this in a very low latency manner, but it provides a crucial context for us to do code completions or solving other tasks. Trust is a big part of doing business in 2024. And Augment is being proactive about building the trust. Augment is very transparent about the architecture and the system design.

And it sounds like there is a continuous testing by third party. There is attestation processes that are continuous and are ongoing. Nerve wracking. Nerve wracking.

Big football. Yeah. No, I heard that one of the pen testers came away with a little bit of imposter syndrome because the pen test was so clean. Yeah, that was one of the biggest compliments I've ever had in my professional career.

Granted, it wasn't me. It was the engineers around me. But to have a pen tester say, wow, we can't find a critical was pretty, pretty fun. To start a company on day zero with such a strong and focused commitment to security seems really novel, actually.

And absolutely appreciated by the security community and those of us who are in a position where we care deeply about security. Dion, when Augment prioritizes security, there is a sure that there's really good reason. There's a context in the marketplace. There's other things that are happening.

There's a bigger discussion around what does it even mean to have secure AI. As we innovate, sometimes there's a tension, a very natural and healthy tension between wanting to move fast, quote, quote, break things, experiment, push the envelope, just focus on almost like chasing the white rabbit and seeing how deep the rabbit hole goes. Right. And Augment seems to be taking a little bit more of a more mature approach.

And from a product perspective, how does that change things from your point of view? Or why does Augment do that? Yeah, you mentioned trust earlier. And like the minute you lose trust, all bets are off.

Right. So we all understand, as Evan's saying, like the crew that we've got together, we're always just thinking about like, how would we want a third party to treat our gold? Right. Our IP, which is source code.

And we want to treat it in the same way that they would. So it's just something that you can't compromise on. There's lots of areas that you can experiment on. Right.

We experimented on the UI all the time. There's tons of areas for us to experiment. And we definitely move fast as a startup. But I don't think that has to come up with the break things side of things.

And so it's just really important for us to, by baking it into the architecture, like everyone was saying, it just changes everything. Right. I've done the retrofits. It's really hard.

Whereas now I think that the team does move really fast. I think there's a bit of a myth on just, oh, if you have to do something securely, then everything has to move about a hundred times slower. So if you get the basic layers in place, we can move plenty fast as I think we've already shown. And so, yeah, I don't think that has to be a compromise.

Yeah. If you start it early, like if you have that mindset at the very beginning and you just bake that into your original plane and every new hire that you add to the team understands the importance of this because it's a core value, you can still go fast. It's not always easy. You have lots of debates of how do we deal with this PII or how do we deal with that?

But again, we know how important this is. If we don't get this right, we don't deserve to play in this market. And so it's super important. Yeah.

And it's important to start early having these discussions, what type of data flows through the systems and what do we put in place to make sure that these data types are protected? And I'm sure as our listeners are thinking about this specific space, one of the questions that customers and potential customers and listeners are asking is, does Augment train models on the customer data? No, we absolutely do not train on customer data. We have a strong commitment there.

We would never want to take any action that could potentially result in leaking a customer's IP. And we're slightly horrified at the idea of even doing fine tuning on customer data for the purpose of knowing their grid base. I think that's an architectural bad direction. We don't train on customer data.

That's just not an option. Where does the training data come from? So we're using permissive open source data. We're very cognizant of the licensing.

And we are using foundation models and doing fine tuning to add new capabilities to those models. And we prefer open source models that have a very clear public record of what training data sets that they have accessible. We care very deeply that these models are using permissive licenses. I think permissive licenses are going to be one of those big pieces of AI that are going to sneak around the corner and maybe surprise folks later.

The question of all of these great models, they're outputting all of this interesting content, helping us with our day-to-day jobs, our responsibilities. But the question is who owns that output? And it's a little bit of a gray space. And when things are undecided or a little bit gray, it does present risk.

But if all of the models are coming from permissive open source licenses, it sounds like that was also carefully thought through and addressed even from the very early days. We take it one step further because a lot of what we're pulling from, we're pulling this sort of coding expertise from these foundational models. But we are actually weighing very heavily your code base. When we see great code completions, they're often lifting reasoning and logic from your code base, following your conventions, using your libraries.

And so the risk of copying code from, say, an open source project is even less. Like a bit of the market distinguisher that Dion was pointing out, that augment uses the power of context. And so if I have a particularly large code base or an existing code base, it sounds like the paradigms that I've already used, the libraries that I'm already referencing can naturally be part of the suggestions that are coming out of augment. From that, with all of these great data security commitments around IP, is there anything in the contracts that helps present a little bit more peace of mind in a business sense?

Indemnification. Oh, nice. How does that protect the potential customers of augment? Well, we just want to make sure that legally, contractually, everything's squared there, that no one's going to be coming after them with their using suggestions that are coming out of augment.

So we want to stand by that very clearly. So everywhere we can, we don't want to be just talking the talk, right? We want to contractually put it out there to show how important it is to us and to show that we know how important it is to you. And we've found that this is vital in the market.

When we first were starting and talking to the folks responsible for internal development, like a VP, director of developer infrastructure or what have you, they were in a tough spot in that they, on the one hand, want to innovate, know that these AI tools are going to potentially really help their developer teams be more productive, be more satisfied or all of these things around it. But at the same time, they were super nervous because they had to know what was going to be happening on things that we've talked about here on the IP side, the security side, the legal side. And so they were caught a little bit between two places.

And it was kind of fun to see at first, you know, sometimes like when some of these tools first started to come out right from the top, they'd get told, do not use any of this. Do not allow anyone on the team to use this. Like there's just no way. And then four to six months later from the top, after that, everyone on the ground is telling them, it's like, Hey, I've been using these tools for like a side personal project.

I can't use it at work. I feel like an arm is tied behind my back. And then suddenly from the top, they were saying to this, you know, that whoever was responsible, okay, find a way for us to enable this, but keeping the security and privacy and all of the other IP concerns together. And so that's why we just want to make sure that like, we understand that you've got these kind of two way concerns.

We want to help you innovate, but in a way that fits your business needs. Yeah. In a very crude sense, one way to think about a business is a giant money tree, especially one that's successful, right? And rule number one, when you have a giant money tree is don't mess up the money tree.

So the risk aversion that we see across successful businesses and larger enterprises, especially is absolutely understandable. And needless to say, you probably hear this question all the time, Dion, but I would never send data to a third party AI service. Never. Never.

Absolutely. None of this would make sense if we were just shipping it off to some other third party. So yeah, that's where we have a nice closed system with the full vertical stack that we can own so we can stand behind that. Own that entire stack, have all of this amazing talent in-house that allows Augment to deploy everything in the cloud and through the cloud delivering an amazing experience.

Do you ever have any customers, potential customers or deals asked to run the whole thing on-prem? Now and then, but not as much as I actually expected. There's been some interesting times when more and more research coming out that kind of points to the fact that it may not actually be more secure to run something on-premises for yourself. And that there's actually better ways to do it and get a lot more value from folks that are building systems that deeply understand all of the pain that it takes to do a really good job here.

And that you're actually safer if you go and partner with cloud in a way that you can access that. And we're seeing the market slowly understand that. Yeah. One of the exciting things about the use case of running either on-prem or behind someone's VPC is just there's a real scaling challenge there, right?

Not only is there a security and privacy challenges, but the scaling challenge of how do potential customers get access to the caliber of GPUs needed to run these models and run these models efficiently. Right. So I think there's some real challenges. How do you actually deploy this into someone's on-prem or VPC environment?

And if you were to do that, then you have to maintain it too. Right. And there's just a lot of, there's, this is a very fast moving space. And that's where I would place my bets on a fast moving team that has security at their center.

It's a challenging problem space right now. Hence, augment is built on the notion of security and trust from day zero. In general, it's quite common that if a product is deployed on-prem, you have to maintain internal teams that are well versed and trained in the product. You have to maintain security networking teams to make sure that they maintain the DMZ around that product.

And it just becomes operationally very expensive. Not only it moves much slower and lagging behind the latest and greatest, but it's just a lot more expensive to run in-house as well. Props for adding value, not overhead. It's so true.

Once something goes on-prem, you can't upgrade the thing. It's stuck in the old models. The space moves so quickly. I don't know why I would want to go on-prem, except maybe to make procurement go a little faster.

I would rather just do what you need to do to get the SaaS authorized for use. Let the folks who wrote the software run the software. Augment is in a very interesting space. There are so many opportunities that we as human society are faced with.

And there's just not enough people. And with products that are made available by Augment, the solution will be accelerated. And we look forward to the right future. So, Dion, do you think that AI will have a role in playing with respects to helping secure code?

Absolutely. Yeah. Like when I talked about how we want to have a system where it feels like pairing and collaborating with a set of the principal engineers, that includes the principal engineers that deeply understand security and how you're applying it and all of your best practices. And so whenever a developer is accepting code into their repo and shipping that code to production, you want to make sure it's following all of the best practices as possible.

And I was talking to a customer fairly recently who had one person on the team that was just really deep on the security side. And this person was saying like they felt a little bit sheepish at times because they would be as a reviewer on like roughly one out of 10 PRs. And so they felt like when they were added to it, they could do a review at a slightly different level of expertise as the other nine PRs that were coming in, which made them feel a little bit nervous. So what if you could have help for that person to be able to, you know, help them guide an AI that's always running 24 seven, always available, not having to handle the time limitations that a human does.

Humans and computers are different. As a human, I sometimes forget things. Pairing it up together allows the humans to like really focus on the novel problems and go deep on the areas that make sense and not have to spend a bunch of their time on the kind of nits of what's going in. So I think it's going to be, yeah, the more you invest in these different practices, codifying it literally in code, also in dark, different areas, different systems that you have, then the AI will have access to that and we'll be able to help the security there.

Our main metric is an amount of code created. More code doesn't mean better software. And so we want to make sure that we're really helping with code quality. And we would like augment to be able to delete bad code and be able to just help you in general.

So this is going to be interesting to see, not just for augment, but across the board. At first, there are a lot of people being like, oh my God, AI is going to create code and this is going to be bad. And it's like, nope, doesn't have to be that way. If we can, if we can do a good job with this, we can do the exact opposite and help secure the world more than humans could before.

I just have to ask a very fun question. Do we use augment to work on augment? Is it augmenting itself? Yeah.

And it's fun to see, like we just shipped a new website and as we came out of stealth as a company, it was fun looking at the, with the developers. They were just like using augment to generate a bunch of the components and pieces. It's very meta. It gets very meta in this way.

It's fun to see this is the amount of help the augment has had in helping augment create things like website type stuff, but also augment itself. Right. Which is really fun to see. Yeah.

That's amazing. That's just how the world should work. Right. We should be using IDEs to make the ID better.

We should be using augment to make the next version of augment better. If we fast forward into the future, what does success look like for augment? And how do you and your teams contribute to that? So I like to see happy developers.

For me personally, getting to a world where I've just got a lot of humans out there that are enjoying their work more than ever. They don't have to deal with the toil that conscious humans may not like that computers are totally happy with. And then having the kind of business results on the other side of that, right? Being able to have these enterprises just totally raise the game on the level of quality of software that they're building, right?

Like every company has become a software company. To be honest, there's variability in the quality of software that's created from these companies. And so we want to raise the floor as well as the ceiling. I look forward to a world where there's people who are just being more productive than ever, enjoying day-to-day and just churning out high-quality software.

Yeah, and solving like actual novel, interesting problems, right? Things that will engage people and where there's innovative business challenges as opposed to figuring out like, oh, I need to update this make file and I forgot about it. Right? It's just like who likes writing make files?

It's just a lot of great. We're at the very start of this roller coaster, right? You're at the beginning of the journey. And so I think there's just a lot in front of us, but it's going to be exactly how do we use the machines, what they're good at?

How do we remove toil from software engineering and ultimately enable companies to go faster, right? So we'll convert our problems, real business value, but ultimately go faster with higher quality. I love that. I especially love that adoption is at the center of success here.

And I think that's one of the pieces that sometimes is left by the wayside when we're innovating and we're playing with new technologies, thinking about the bigger picture and adoption and the role that security and our security posture protecting data. I can really feel the love for the security. Not only that, but it also enables creativity. We allow people to have more time on their hands to think about solving much bigger problems instead.

An example that Evan, you brought up, remembering updating readme or remembering updating the library or doing some basic functions that could be automated. Yeah, I do think that the interesting metric, if we could measure it, is the amount of cycles being spent on actual interesting problems versus the, I love Dion's use at 12. I think he introduced it here at Augment. But the notion of like the amount of mental cycles, am I paying attention to trying to understand what does this error message mean and what might be the problem?

Right. Where in many cases, an AI could potentially accelerate that entire process of debugging. So I think there's the amount of mental cycles I have for actually interesting problems would burn a lot of creativity. What's the best day you've had at Augment?

So, so they only got called to join. That was pretty exciting when Igor called me. No, the best day was, and this is shortly after Dion joined, I think, it was like in October, 2023, where we're a very heavy dog food company. So in the sense that we use our own software, you wind about the clock far enough.

We weren't really keen on using Augment a lot because it just wasn't that the quality that we wanted. But like sometime in that October, October timeframe, I think it was October, we started seeing the first jaw dropping code completions. What, how did the model get this right? And we'd done more than a year of research to actually get to that point where we started seeing that come together.

And for a startup guy, that's just like, that's like electricity. It's just like, it starts clicking and we really knew we had something. So that's a mountain of work. And you start seeing that initial signals like, wow, we were actually playing with light in the air.

This is exciting. Yeah. For me, it's probably when we had our first dog fooding moments of seeing these kind of mind blowing things, which was truly awesome. And then I think the next one for me is probably when we had our first external folks using it and having them witness the same things.

Right. And so we had this notion of pre alpha, how can we get it into people's hands as soon as possible? So we can start learning from their usage and what they're doing and everything else. And watching some of that happen.

And like, for me, I had a couple of friends who were amazing developers and hearing from them when they were just like, oh my God, this is so freaking fast. And like the qualities, like, how are you doing this? Like I was definitely felt a lot of pride for the team on what they've accomplished, even in kind of early times. That was a lot of fun.

It's exciting to see when innovation creates a positive impact on people's lives. Yeah. The human part is really important, right? We've all worked on really large systems and it's easy to get into your ivory tower.

I remember at one point I worked on Chrome at Google and you're looking at billions of users and it felt like staring at the matrix. But it's very different when you then go back to see an actual human customers, their experience and how it's helping them in their day. And so that part is really enjoyable. We started to see that every day now, which is great.

Does anyone have a challenging moment at Augment? I've got one. It's the thing that I keep coming back to time and time again is prioritizing what are we doing? And as the first product person, what was really awesome for me culturally was to have an engineering team that all wanted to really step up for all of these challenges.

So in our culture, we don't have an army of PMs that are off there defining all of the things and the engineers are twiddling their thumbs. Waiting for us, we talked about not having the silos. We've got the exact opposite. Like we've got this amazing engineering team that deeply cares about the outcomes, thinking through a lot of the product side of things, as well as how to build it.

And that has enabled us to really scale in a different way. Yeah, it's actually not an easy problem to say, where do we begin? Where do we focus? How do we start?

And that's why getting someone like Dion on the team was so critical. And he's right that the engineering team, a lot of us sort of, we're engineers, we're using this product ourselves. There's a lot of ideas and opinions as to what we should do next. The inside view at Augment is that you'd see a lot of people that enjoy prototyping, right?

So yeah, we build real systems, but yeah, people often have a little side approach. Like what if we could do this? Let's see, can we get a model to do that? What would that actually look like?

And so there is just this kind of ever challenge of trying to drive that focus and picking, yeah, we're going to make this investment. And really take it as far as we can go. But fundamentally, a lot of this also is bound by the research, right? So this isn't just, yes, we can engineer a solution here.

No, a lot of this is driven by AI research. So that's like one of the fundamental challenges in this space is we might have a great feature idea regardless of where it comes from. And when we actually try to get the models to behave that way, build the right data set, it may or may not work. And so that's where this is just in many ways, it's an entirely new form of software development where you're building these algorithms through training.

And it's just utterly fascinating. But there is risk here of, yeah, it might take you a couple of different tries to get the thing to work, which is completely foreign from a regular software engineering perspective. Yeah, I've been humbled in my career. And that's made me a believer in building like capabilities in a platform.

But so interesting things about done so many things are like, oh, the developers are going to use this API like this. And then like, whoa, they did, but wow, and this and that and the other. So it's been really fun to, how can we build things that allow us to see those things as developers use our platform? We can learn a lot from that.

And then we can go, oh, okay, well, here's how we can make that even better. Right. There's a lot of horizontal pieces to just understanding all of this, but there's also vertical pieces. They're trying to do this thing.

If we were a little bit smarter about understanding this, we could do that for them. And the most fun things are when you have that kind of like, I feel like there's two main pillars. There's the developer experience and there's the AI. And like when they work together and you have the team working together in that way, I'm like, man, but if we could do this, oh, we could try models to do that.

We're building the decor, a platform where we do build different models for different scenarios that are really custom, that enables just a totally different DX. And that's the bump up. And Augment helps organizations across multiple verticals. It doesn't matter what business you are in, whether it's writing software for financial institutions, or if it's writing software for healthcare, or if it's B2C software.

Any company, any organization can take advantage of this new technology that is built on trust and core security principles. How can our listeners reach out and ask for the partnership to start engaging with the technology Augment delivers to the market? So if you go to augmentcode. com, you'll see we have a few different things.

For example, if you're a software engineer that loves building things for software engineers, we are, of course, hiring. But there's also a waitlist area that will get you directly to us as well, so we can start talking to see if you're a good fit for what we're doing. But we would love to hear from you and understand what you need from these kind of systems, especially if you've got a bit of a feel for how we think about things from this podcast. Amazing.

Well, thank you so much for joining on the security podcast of Silicon Valley. Oh, yes. So I do have to give a shout out to YSecurity, just to make it very explicit. So John and Sasha have helped Augment tell the security story here.

They partnered up with us to help us achieve SOC 2 in blistering speed, I might add, SOC 2 Type 1. And I can think of no better partner in this journey and thrilled that we have YSecurity helping us. Part of the reason why we are able to tell the story so well is a lot of the work that YSecurity helped Augment with. They were able to see what we've done and get excited about it and help really raise our level to that next level as an org in terms of how we further and terminate this and be able to get credit for it.

So thank you. In all fairness, we stand on a strong foundation that has been built by the leadership and engineering teams. Yeah, but thanks so much, guys. You're a somewhat rare mix of capability and great people to work with.

We love working. So it's a pleasure. And we've only just started working together. Can't wait to do more.

It's absolutely a mutual feeling. It's very exciting for us to participate in the entrepreneurial journey as partners. We do get very excited about security. And it's just an absolute joy.

As Sasha mentioned, there was a great foundation already in place. Collaborate together to take those next steps. This is just the beginning of exciting journey for Augment. And as things happen, I'm confident there will be follow-up podcast recordings.

And we all look forward to them. And a huge congratulations on the successful exit from Stealth, along with all of the business successes. It's spectacular. It's amazing.

It's the beginning of a very humble journey. But I couldn't imagine a better team. So it's amazing to have both of you on the show. I'm one of your hosts, John McLaughlin.

I'm joined with Sasha Sienkiewicz, Dion and Evan. It's been an absolute pleasure. Thank you so much for the time. And thank you to all of our listeners for tuning in to another episode of the Security Podcast of Silicon Valley.

Thanks so much. Thanks, guys. Thank you. Thank you, guys.