Sign up to save your podcasts
Or
Share Comcast's Platform Engineering: Guardrails and Scale in the Age of AI
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Comcast's Platform Engineering: Guardrails and Scale in the Age of AI
The rise of AI has dramatically increased code velocity. Join us as Comcast Platform DevOps Engineer Curtis Cook breaks down the shift to platform-level controls and a "zero trust" mindset to secure the future of Platform Engineering.
In this episode of the AI Kubernetes show, Curtis Cook shares his expert insights on how the accelerating pace of code development driven by AI tooling is forcing platform teams to completely rethink code quality and security management. He explains that the massive amount of AI-generated code is like "hiring thousands of junior developers," creating a significant scaling problem. Drawing lessons from Kubernetes, Comcast is implementing platform-level controls to automate mundane tasks and enforce standards, adopting the cultural shift of "guardrails, not gates."
Curtis dives into Security in the age of AI, where the concern moves beyond infrastructure because AI actively makes decisions, making securing AI workloads absolutely crucial. Comcast’s strategy involves a "zero trust by default" mindset and applying the least privileged access model to AI agents to combat risks like mitigating hallucinations and "context bloat." In the section "The non-deterministic world of AI," he discusses the profound change presented by non-deterministic AI outputs and security threats like prompt injection and model drift. This shift requires new testing methods like statistical validation instead of traditional unit tests. Curtis also highlights the importance of the CNCF community for aspiring platform engineers, noting how AI can help newcomers learn Kubernetes fundamentals.
Find all resources and more in the blog post:
Takeaways
✓ The increase in code velocity from AI-generated code requires a move from policing individual commits to implementing robust platform-level controls.
✓ AI is treated as a critical system at Comcast, secured with a "zero trust by default" mindset.
✓ Mitigating hallucinations and context bloat is achieved by applying the least privileged access model to AI tools.
✓ Non-deterministic AI systems introduce security threats and require advanced testing methods like statistical validation and confidence scoring.
✓ The Kubernetes and CNCF community is essential for platform engineers, and AI-powered tools can help new members get started.
What is your biggest security concern with generative AI in your software development lifecycle? Let us know in the comments below!
If you found this discussion valuable, please like this video, share it with your team, and subscribe for more deep dives into Platform Engineering and cloud-native technology!
#PlatformEngineering #GenerativeAI #Kubernetes #ComcastTech #CNCF #ZeroTrust #AIsecurity #CodeVelocity #DevOps
View all episodes
By The AI Kubernetes ShowThe rise of AI has dramatically increased code velocity. Join us as Comcast Platform DevOps Engineer Curtis Cook breaks down the shift to platform-level controls and a "zero trust" mindset to secure the future of Platform Engineering.
In this episode of the AI Kubernetes show, Curtis Cook shares his expert insights on how the accelerating pace of code development driven by AI tooling is forcing platform teams to completely rethink code quality and security management. He explains that the massive amount of AI-generated code is like "hiring thousands of junior developers," creating a significant scaling problem. Drawing lessons from Kubernetes, Comcast is implementing platform-level controls to automate mundane tasks and enforce standards, adopting the cultural shift of "guardrails, not gates."
Curtis dives into Security in the age of AI, where the concern moves beyond infrastructure because AI actively makes decisions, making securing AI workloads absolutely crucial. Comcast’s strategy involves a "zero trust by default" mindset and applying the least privileged access model to AI agents to combat risks like mitigating hallucinations and "context bloat." In the section "The non-deterministic world of AI," he discusses the profound change presented by non-deterministic AI outputs and security threats like prompt injection and model drift. This shift requires new testing methods like statistical validation instead of traditional unit tests. Curtis also highlights the importance of the CNCF community for aspiring platform engineers, noting how AI can help newcomers learn Kubernetes fundamentals.
Find all resources and more in the blog post:
Takeaways
✓ The increase in code velocity from AI-generated code requires a move from policing individual commits to implementing robust platform-level controls.
✓ AI is treated as a critical system at Comcast, secured with a "zero trust by default" mindset.
✓ Mitigating hallucinations and context bloat is achieved by applying the least privileged access model to AI tools.
✓ Non-deterministic AI systems introduce security threats and require advanced testing methods like statistical validation and confidence scoring.
✓ The Kubernetes and CNCF community is essential for platform engineers, and AI-powered tools can help new members get started.
What is your biggest security concern with generative AI in your software development lifecycle? Let us know in the comments below!
If you found this discussion valuable, please like this video, share it with your team, and subscribe for more deep dives into Platform Engineering and cloud-native technology!
#PlatformEngineering #GenerativeAI #Kubernetes #ComcastTech #CNCF #ZeroTrust #AIsecurity #CodeVelocity #DevOps