Jake Moshenko Podcast Transcript
Jake Moshenko joins host Brian Thomas on The Digital Executive Podcast.
Welcome to Coruzant Technologies, home of The Digital Executive podcast.
Brian Thomas: Welcome to The Digital Executive. Today’s guest is Jake Moshenko. Jake Moshenko has been an innovator in the cloud native ecosystem for over 15 years. After engineering roles at Amazon and Google, Jake founded Quay, the first private Docker registry, which was acquired by CoreOS.
Jake then became an engineering leader at CoreOS, which was acquired by Red Hat, and subsequently by IBM. He is now the co-founder and CEO of AuthZed, the company commercializing SpiceDB, the industry leading cloud native permissions database. Well, good afternoon, Jake. Welcome to the show.
Jake Moshenko: Thanks for having me.
Brian Thomas: You bet. This is awesome. Get it, get it. Talk a little bit about technology again, of course you know, my background, I cut my teeth in development as a developer, and this is the stuff that really jives me and jazzes me outside of podcasts, of course, but Jake, I appreciate your time. Let’s just jump right into it.
As you being the co-founder and CEO of offset, could you elaborate on the company’s mission to simplify permissions for developers? And the vision behind commercializing Spice DB.
Jake Moshenko: Sure. So, the vision is basically to make this problem that we’ve lived several times less of a challenge and something that developers can add to their platform and really have fine grained, powerful, flexible permissions models.
that they can use to take their app to any scale that they want. And the way, like I say, we’ve, we’ve lived this problem before. So, in the past, we built a company called Quay, which was the first private Docker registry. And over at that company, we had the same challenge, right? So, we had this product and we were adding permissions to it and we were following sort of like best practices or well-known models.
And those models just didn’t survive first contact with the customer. So, the customers were asking us to go in different and interesting ways that the models didn’t support. And we didn’t feel that we had a permissions platform to support us through that journey. So, we decided to go off and build one.
And spice DB is our open core, but it is something that our company created, and our company are the chief maintainers of. And spice DB is essentially bringing relational relation-based access control to other developers and to other products.
Brian Thomas: Thank you. I love the story. You know, again, at the end of the day, it seems like every story here on the podcast is about there’s a problem that needs to be solved in out of that problem comes obviously a lot of hard work, sweat and ingenuity, but love the story.
Appreciate that. And Jake, what are some of the biggest challenges you’ve observed in the cloud native ecosystem over the past 15 years? And how is offset addressing these challenges?
Jake Moshenko: Yeah, sure. So obviously we’ve been living in the cloud native ecosystem pretty natively for the last 15 years. So, Quay being the first private docker registry that was a huge part of that whole shift to cloud native and to Kubernetes and this whole world.
And then with our time at CoreOS and Red Hat, we just sort of continued that journey to try to bring secure technologies to the cloud native ecosystem. I think the biggest challenges that I’ve seen for people outside of permissions are just How you actually operationalize building and delivering software to these cloud platforms and to things like Kubernetes.
And then of course, permissions is a big challenge as well, right? If you’ve got, you’ve decomposed your application into microservices, for example, how do all of those microservices agree on what any particular actor, right? That being a user or a, like a machine in the infrastructure, how can they agree on what that actor should be allowed to do?
And the answer to that is a term that we call authorization. And permissions are a very specific way of doing authorization in an application in such a way that you’re deciding what the end user can actually do. So that is, you know, we’re addressing this problem because we do think it is a huge challenge.
Permissions are always one of those things where people think it’s easy at first. And as they start building and as they start iterating, they realize, Oh, Actually, permissions are kind of difficult, and we need to make sure that we’re doing it right and that we’re doing it in a secure way and that we’re doing it in a way that’s flexible for our users’ needs going into the future.
Brian Thomas: Love that again, addressing that security or permissions issue in that environment, which sometimes is challenging, and I appreciate you sharing that and also being one of the really the. Pioneers in leveraging that cloud system for so many years. Appreciate that. And Jake, are AI and machine learning part of AuthZed’s strategy for enhancing cloud native permissions management? And if so, how?
Jake Moshenko: Yeah, I think if you ask anybody any kind of entrepreneur or executive in the industry, whether AI is part of their story. I think they have to say yes, right? Like I think it’s too powerful and it adds too much value to ignore. But each company has to figure out where they fit in the whole AI landscape, right?
Are you going to be the kind of company who develops a foundational model and tries to do something really innovative? Are you going to be the kind of company who takes an existing model or an existing API, like what open API offers or Mistral? Are you going to take one of these things and use it to build something into your product or for your product?
Or are you going to kind of just be on the sidelines and purchase AI solutions from another company? And I think we’re mainly exploring in that central category, right? It’s not our core competency to develop a core model, but we think that there is a lot of opportunity for us to use AI and specifically LLMs of the code generating variety to alleviate and to accelerate a lot of the pains that our customers feel when they’re first dipping their toes into modeling permissions.
And when they’re first trying to figure out. Their permission and authorization strategy, so I would be, you know, I would be remiss as the CEO of offset if I wasn’t looking at AI, but I wouldn’t say that we’re going to go off and generate a new core model. That’s going to revolutionize the AI world.
Brian Thomas: Thank you, and I appreciate your perspective on that. Obviously, your core focus is to work on your platform offset. And there are a lot of other Companies and platforms that you can obviously leverage or APIs for that matter to enhance your product. So, I appreciate your perspective and Jake, last question of the day – What are your future goals and aspirations for offset, especially in the evolving landscape of cloud native technologies and permissions databases?
Jake Moshenko: Yeah, that’s a great question. Our future goals are to basically make offset ubiquitous when it comes to permissions. And we think that there’s some really great network effects that we can get from having a lot of different applications that maybe your company is.
Developing, or maybe that your company is purchasing all using the same permissions database, the same underlying permissions database. And we think that there’s really an opportunity for various pieces of software, even if they’re from different vendors to sort of collaborate and to form a suite of software, like a cohesive suite.
So, one of the examples that I like to bring up when we talk about why permissions are important is if you’ve ever tried to send an email through Gmail. With a link to a Google document and the recipient of the link does not have access to that document. Gmail will tell you; it will warn you. And it’ll say one of your recipients doesn’t have access to this, and that would be super powerful right at the front, right?
But then it also allows you to remediate it right there within Gmail. And you’re allowed to share that document or give access to the recipients of the email in a very seamless, integrated way. And I think that this is a really interesting, cool workflow that we see coming from Google and their first party software, and I think we can start to replicate that, and we can start to get those kinds of experiences that are currently limited by permissions. Across software out in the ecosystem.
Brian Thomas: I love that. And, you know, being in media like me I run into that issue all the time of not having permission to download a headshot or a bio or something. And it’s very frustrating, time consuming and it’s a back and forth. So, I love this stuff. I love how people like you entrepreneurs are.
Looking to innovate and solve problems, making the world a better place. Love it. Love it. Love it. So, Jake, it was such a pleasure having you today and I look forward to speaking with you real soon.
Jake Moshenko: All right. Thanks for having me.
Brian Thomas: Bye for now.
Jake Moshenko Podcast Transcript. Listen to the audio on the guest’s podcast page.
