Guest: Laurent Gil (LinkedIn)
Company: CAST AI (Twitter)
Show: Let’s Talk

CAST AI aims to streamline cloud operations by automating resource management, reducing costs, and enhancing the performance of applications through AI technology. In this episode, Laurent Gil, Co-Founder and Chief Product Officer at CAST AI, discusses the company’s evolution from automating DevOps tasks for Kubernetes to focusing on application performance optimization and cost reduction. Gil also talks about their new cybersecurity product that automates Kubernetes Security Posture Management (KSPM).

Gil explains that what sets CAST AI’s solution apart from other Kubernetes security offerings is its ability to not only identify issues but also fix them automatically. While it includes monitoring to detect vulnerabilities like other security solutions, the key difference is that by the time the issues are flagged, they’ve already been resolved. “We identify all the vulnerabilities and issues you may have, but the big difference is that by the time you see them, they have already been fixed,” says Gil.

CAST AI’s key focus and how it is helping enterprises optimize their cloud-native applications

• Gil provides an overview of CAST AI’s origins, explaining that its initial focus was on automating DevOps processes, especially for Kubernetes-based infrastructures. The platform uses AI to improve performance and cost management of cloud applications.
• CAST AI’s AI-powered engine is designed to automatically detect the optimal compute resources required for any given application, significantly reducing cloud waste while ensuring maximum performance and cost savings for users.
• CAST AI has garnered substantial interest from major enterprises, particularly Fortune 500 companies, that are looking to optimize their containerized or cloud-native applications through the platform’s automation capabilities.

Inspiration behind CAST AI and its vision to make cloud infrastructures more efficient and cost-effective

• Gil’s experiences at Zenedge, a cybersecurity company that was later acquired by Oracle, served as the inspiration behind founding CAST AI. The project was born from his frustrations over rapidly rising cloud costs following the acquisition, and the lack of tools available to effectively manage them.
• Gil discusses the challenges of identifying and managing cloud cost inefficiencies during that time, which led to the idea of creating a solution that could automatically detect and eliminate resource waste, giving rise to CAST AI’s core concept.
• CAST AI’s AI engine monitors and manages virtual machines (VMs) and compute resources in real-time, dynamically adjusting allocations to ensure businesses only use what they need—resulting in substantial cost savings.
• The company’s mission is rooted in making cloud infrastructures more efficient and cost-effective by leveraging automation to minimize resource waste and optimize application performance.

How CAST AI’s AI engine drives real-time cloud resource management

• Gil goes into further detail about the AI engine’s operation, describing how it continuously monitors and analyzes the workloads of cloud applications, adjusting resource allocation in real-time to fit the application’s precise needs.
• This capability allows companies to achieve dramatic reductions in their cloud spending, with typical savings ranging from 30% to 60%, depending on the complexity and demands of their cloud infrastructure.
• Gil gives the example of a banking application that sees fluctuating user activity throughout the day, which would typically require manual oversight to adjust resources. CAST AI’s AI engine automates this process, scaling resources up or down as needed to maintain performance and efficiency.
• By automating these processes, the AI engine ensures that cloud applications run with exactly the amount of compute resources necessary, eliminating overspending while maximizing application performance.

CAST AI’s introduction of KSPM to enhance its platform

• Gil announces the next step in CAST AI’s evolution: integrating Kubernetes security posture management into their platform, which adds a critical layer of automation to the platform by addressing security vulnerabilities as they arise.
• Unlike traditional security solutions that primarily report vulnerabilities and rely on manual intervention, CAST AI’s new feature automates the process of identifying and fixing these issues in real-time, reducing the operational burden on security teams.
• Gil highlights the critical role that automation plays in modern security practices, especially within the context of cloud-native applications, where the speed and complexity of operations can make manual security oversight unfeasible.

Practical examples of how CAST AI’s AI engine mitigates security risks

• Gil shares several examples of how the platform has proactively addressed security threats, such as ensuring that all cloud nodes remain updated with the latest security patches.
• Gil explains how the AI engine automatically detects outdated nodes, which is one of the most common attack vectors for hackers, and rotates them with newer, patched versions, removing the vulnerability without manual intervention.
• Gil shares a case study where the AI engine successfully detected and blocked crypto-mining operations that were covertly using cloud resources, highlighting the platform’s ability to detect and halt anomalous activities.
• The platform’s real-time monitoring and automated response system allows it to act swiftly and effectively against security threats, ensuring ongoing protection without overloading users with constant alerts or manual tasks.

CAST AI’s automation strategy for reducing cloud costs and waste

• Gil talks about two of the key drivers behind cloud cost inefficiencies: insufficient automation in managing cloud resources and human error in resource allocation, which often leads to overprovisioning and unnecessary spending.
• CAST AI addresses these inefficiencies using its AI engine to consolidate and optimize cloud containers, essentially “defragging” the infrastructure to ensure resources are used as efficiently as possible, reducing the number of machines needed to run applications.
• The AI engine dynamically adjusts resource allocations in real-time, which prevents businesses from overspending on unnecessary resources and ensures that only the required amount of computing power is used, delivering significant cost savings.

The rise of DevSecOps and its impact on cloud-native security

• Gil discusses the emerging trends in the security landscape, particularly within the context of cloud-native and Kubernetes environments. The traditional model, where security was handled by dedicated security teams, is being replaced by the DevSecOps approach.
• CAST AI’s platform provides DevSecOps teams with the automated tools they need to efficiently manage security vulnerabilities, improve application efficiency, and maintain robust security postures without being overwhelmed by manual tasks.

How CAST AI balances automation with robust cloud security

• Gil explains how organizations can strike the right balance between automation and security in increasingly complex cloud-native environments.
• CAST AI’s philosophy is to automate as much of the security process as possible, allowing teams to focus on more strategic tasks. By automating vulnerability fixes, CAST AI helps reduce the number of critical alerts and simplifies security management.
• While many Kubernetes security tools offer automation, they are often underutilized, leaving organizations vulnerable to threats that could have been prevented with more proactive management.
• CAST AI’s focus on proactive, AI-driven automation ensures that security vulnerabilities are addressed quickly and efficiently, preventing issues from escalating into larger problems and allowing companies to maintain both security and operational efficiency.

This summary was written by Emily Nicholls.