theCUBE + NYSE Wired: Mixture of Experts Series | David DeSanto, Anaconda

Clips
More from theCUBE + NYSE Wired: Mixture of Experts Series

David DeSanto

Chief Product Officer

GitLab

play_circle_outline Broadening of 'builders': hobbyists, nontraditional developers, and coding agents

play_circle_outline Anaconda: Making Python the Enterprise AI Standard — Secure Supply Chains, Curated Models, and NVIDIA CUDA Support

play_circle_outline Acquisition of Outerbounds/Metaflow to add production control plane

play_circle_outline Probabilistic AI-Native vs Deterministic DevOps: Accelerating Time-to-Production and ROI

play_circle_outline Risks: governance, data sovereignty, compliance, and air-gapped deployments

Info

David DeSanto, Anaconda

David DeSanto

Chief Product Officer GitLab

search

John Furrier

>> Palo Alto studio, connecting Silicon Valley and Wall Street. I'm John Furrier, host of theCUBE here with Dave Vellante, my co-host.

Gemma Allen

>> Welcome back to theCUBE Studio here at the New York Stock Exchange. I'm Gemma Allen with NYSE Wired's Mixture of Experts, and joining me now is a man whose company claimed made Python the language of data science and now wants to make it the language of AI. Welcome David DeSanto, CEO of Anaconda. Welcome, David.

David DeSanto

>> Thank you. Great being here. Thank you for having me.

Gemma Allen

>> So that's a pretty, I guess, big broad goal there, right? Let's start a little bit with Anaconda, the company, the point that you're at. Like I said in my opening there, you guys want to make Python the language of AI. What exactly does that mean to you and your team?

David DeSanto

>> Yeah, so Anaconda's goal through its entire life has been to really meet enterprises where they're at and then help them achieve their goals. And that started with just traditional data science and Python, but today Python has become the language for AI, and because of that, we're leaning into that to make sure enterprises can build their AI-native applications securely.

Gemma Allen

>> And David, you're about a year in the role of CEO.

David DeSanto

>> Correct.

Gemma Allen

>> You were chief product officer at GitLab. So you've spent a solid chunk of your career in DevOps. I don't know what you did before at GitLab, but you're certainly a DevOps guy. Interesting time in the world of DevOps though, right? A lot is changing very fast, even who is the dev in DevOps. What are you seeing there?

David DeSanto

>> Yeah, so you're right. Most of my career has been spent in security, both straight and vulnerability research or within developer tooling. And so what we're seeing at Anaconda is a very interesting trend. It's becoming more about the builder. That builder does not have to be a technical person who knows how to write software. It could be someone over the weekend who's a hobbyist who's like, "I have this really great idea for an application." Or it could even be a relative who maybe hasn't really understood what you did in your career, but now all of a sudden they know because they've picked up say Claude Code and they're building themselves an app. And so the trend of what we're seeing is that who is the builder is expanding, but we're also seeing the, we'll call it the threat landscape also expanding with that because when you move from traditional developers or data scientists into hobbyists, whether it's vibe coding or something similar, they don't really understand maybe necessarily what the AI application is building for them and what that infrastructure looks like. And that just introduces a lot of risk.

Gemma Allen

>> And in the hobbyist space, I mean, we know a lot of these hobbyists are often folks that work full-time jobs that just love tech. They love building. They're like tinkerers, right? For the most part. What does the Anaconda platform bring? Let's say you are working on something, somewhat of a side project, you've got a big idea, you're like, "Okay, I would actually like to bring this into production in a team I'm on." Talk me to the before and after of using a platform like yours.

David DeSanto

>> Yeah, it's a great question. So Anaconda is known for providing the trusted foundation for building AI. And what that means is that we provide the largest collection of secure open source packages for Python. That includes all the CUDA packages needed to run on top of an NVIDIA GPU and that allows people to build up trust in a way they wouldn't have before. And so prior to using our platform, you may be pulling packages from a standard open source package manager. A good example of this was earlier in the year, the light LLM package got compromised and if you tried to download it from Pip, which is the most popular package manager, you were getting vulnerable code. Whereas if you're buying that and pulling that from Anaconda, you're getting what we built off of our secure build system and that vulnerability was not actually there. The other thing is that as we move more into AI over the last 18 months, we're applying the exact same thing to AI models. And so we have a curated list of open source models that we performance-tested, security-tested, gave you all that information, as well as different quant sizes so you can run it on a local computer all the way to running it within your cloud data center.

Gemma Allen

>> Wow. Okay. So give me the commercials here. I know you're a year in almost as CEO. What kind of stage are you at? What size are you guys at? And also I think you've had an acquisition recently. Maybe talk to us a little bit about that and the thinking behind that.

David DeSanto

>> Yeah. So last year we announced our Series C, it was right before I started, and we were at 150 million in revenue. That number continues to go up as well as what we're doing with the money that we have. And so a good example of that is our acquisition. We acquired a company named Outerbounds. They were started by people who actually were working at Netflix. Netflix was struggling to get AI at scale and this team built what is called Metaflow. Netflix open sourced it and then they left to build the company named Outerbounds that runs on top of that. And what we really liked about the acquisition, and I've done over a dozen acquisitions in my career, they're usually like a decent amount of overlap and this one there's always almost no overlap. When I met with their founder, Ville Tuulos, CEO, he's like, "Here's everything we want to do at Outerbounds over the next two years." And I said, "Here's what I want to do at Anaconda for the next two years." And we were building what they had and they were building what we had. And so by coming together, you can now actually have visibility and security from the idea you have all the way through building that AI application and then monitoring it once it's deployed into production.

Gemma Allen

>> Wow. So like the perfect meeting of minds and time and circumstance really for you folks, right?

David DeSanto

>> It is. And the one thing I don't know everyone truly appreciates, and you mentioned DevOps. DevOps had this rigid seven-stage delivery for an application. Everyone always saw it as that infinite affinity symbol. AI-native development is not that. It's actually a lot less steps. It's because of the agents, it's because of the agenda workflows you can have. And having that visibility and security is very key, especially if you're a regulated industry, which is where a lot of our customers are.

Gemma Allen

>> Well, I definitely want to get into that, the kind of condensing of timelines around DevOps and even the expectations in the market. But before I do, just to go back to Outerbounds for a second. So really what this gives a company like Anaconda is not just the distribution, but the control plane, right? The production element.

David DeSanto

>> Correct.

Gemma Allen

>> It shortens, I guess, you build something great, you know it's going to work and then you need to actually land it, and it shortens that timeframe. Give me some sort of like customer scenario, bring that to life for us a little bit, the before and after this acquisition opportunity.

David DeSanto

>> Yeah, that's a great question. So I generally start by just mentioning stats that are happening in the world. In 2026, right, we're halfway through, the first is 76% of organizations say they're using AI weekly, but only 20% of those prototypes actually make it to production. And so that means 80% are failing. And why are they failing? It's because people are applying traditional software techniques, software development techniques to AI. And DevOps is built for deterministic outcomes. AI is probabilistic outcomes. And so it leaves a lot of companies spending a lot on AI but not getting the ROI in their investment. And so if you were to look at building an application, Anaconda is always living the development side. Outerbounds lived on the production side. And so by taking that trusted foundation and trusted models and then connecting it to AI workflows at scale, you're actually able to remove that barrier and get your ideas into production much faster. It ties into Outerbounds' control plane, but it's also about that experience and technology that became Metaflow. Netflix runs millions of data pipelines simultaneously. That's a scale that organizations sometimes never even see. And by being able to help them do that with AI and shorten that cycle down, whether that's leveraging agents or the developers writing code, you actually get to an outcome that's a lot more powerful, a lot faster for your users.

Gemma Allen

>> Let's go back to this seven-point stage process of old and the fact that now there's an expectation that things can happen in a blink, right? They need to happen yesterday. That is certainly the pace of the market and I'm sure that puts a huge amount of pressure on folks who know the risks of doing something. Act now think later tends to be the ethos that is almost encouraged at this moment in 2026. It's kind of hard to believe actually as someone who spent 20 years in tech that we're where we're at, but we are. What are you seeing in way of risk, in way of some of these projects that are coming in that are being basically, I guess, filtered out to your platform? What sorts of threats and vulnerabilities do you think people are not realizing? Try and bring that to life a bit.

David DeSanto

>> Yeah. So I have actually spent at least 50%, probably close to 75% of my time since starting being on the road and talking to our customers, both existing and now new customers. And it really comes down to a handful of things for them. Being that we primarily work within a regulated industry, there's concern about connecting their applications and their developers to AI models that are running outside their boundary. It gets back to data sovereignty, data isolation, and is that provider actually providing that for me. It gets into, I want to use AI in my development side, but I'm unsure whether or not that's actually going to build secure code. And then they're sitting there asking themselves, do I allow them to use a coding agent or do I let them leave because they want to use a coding agent and I won't let them? And really, everything comes back to trust and governance in those conversations. And one of the things that made GitLab so popular is the fact that we could run self-managed, so you can actually run the entire thing within your boundary. And you can do that with Anaconda too, but we take it to where you can actually run AI agents within that environment, fully air-gapped. You can deploy the latest versions of models staying within that boundary. And so for our customers, especially customers who've become an Anaconda customer over the last several quarters, what they're seeing is that that trust they really need is actually there with Anaconda and that they don't have to risk a compliance concern by connecting out to a third party API service for that model. And so whether it's their developers writing code, agents are writing code, they can have that same trusted foundation, which means they're not having to do the trade-off. The big thing I hear is, "I either need to go fast or I need to be secure." And then we meet at that intersection because we can give them the trust and whether it's a human or an agent, let them move fast. And really the hesitation ties into, are you building in the right environment? And you've probably seen this as well. Coding agents are amazing at writing code. They suck at building the environment that the code needs to run in, and that's where that risk comes in. And so being able to remove that allows enterprises to move at the pace they need to move at.

Gemma Allen

>> What are you seeing in way of envision to deployment timelines? I again started my career in an 18-month timeframe. That was even aggressive back then, right? What is the norm these days? What are you seeing folks actually deliver safely? What's the average?

David DeSanto

>> Yeah. So I think it depends on the industry. If you're in telecom, you have really broad cycles because that's when new hardware comes out. But if you're an enterprise, let's say a bank since we're here at New York Stock Exchange, you know that a person moving banks as a consumer is really easy. And what do you do to keep them interested? You've got to give them newer and newer technology to use and better services that leverage that technology. And so what we're seeing is that if you're in a consumer or business to business type of relationship and you're not in a regulated industry like telecom, you begin to try to compress those cycles down. A customer was telling me last week when I was in London that they've gone from shipping their updates to their customers from being months to being within a week, and that's because they have the guardrails needed to be successful and lean into what AI can do for them versus be concerned it's going to cause a major issue for the institution.

Gemma Allen

>> Okay. Macro level. This is definitely an interesting time. There's been a lot of conversations about what the world would look like two years from now in way of Frontier Labs, LLMs, releases, who should deploy when and how. I know you've got some thoughts on that from the perspective of security and DevOps. Maybe give me your thoughts, especially as we see more and more government intervention and discussion on the space.

David DeSanto

>> Yeah. So to kind of give you a little history, I was actually on theCUBE at KubeCon a couple of years ago, and the question was, "Did you expect this to be moving this quickly?" And my answer was yes and no. Yes, we're always pushing in technology to get to the next unlock, but no one two or three years prior to that would've thought there'd be something called ChatGPT that hundreds of millions of people are talking to weekly. And so today when looking at the trends of where things are going, I'm always surprised day after day how much faster something is moving. You're talking about over your career, I'm not young. I tell people-

Gemma Allen

>> I won't say I'm young either, but-

David DeSanto

>> I tell people I'm in my 20s, but I don't anymore.

Gemma Allen

>> The beard gives it away.

David DeSanto

>> Yeah, yeah. But as part of that, it's been like, okay, things move fast when internet started, but not this fast. Breakthroughs in technology for mobile phones, fast. GPUs, that sort of thing, fast, but this is literally like every day there's a new open source model available. Every week, there's a new vulnerability that could be tied to something that's been built. We're moving at a pace that's really neck-breaking. And so when I think about how do you help people be secure, I think of things like the executive order that got released last week. Now, I will tell you, my personal opinion is like we need actual legislation and not an executive order, so that's easy to throw out at any point, but we need to help people understand that they need to move at the pace that's important for their business, but also realize that they can't wait on a central body to kind of tell them it's ready because the technology's moving fast enough that they could actually lose their market cap by sitting around for 60, 90, 120 days waiting for a report to come out on is it secure, is it safe or not? They need to take their own guardrails they have, their own compliance checks, and run it through that lens and then make decision whether or not they want to accept the risk of deploying something new.

Gemma Allen

>> On, I guess, somewhat of an associated topic, token-maxing, right? This idea that again, you just can't be doing enough, right? It's almost, what are your thoughts on that? And this, people are quite divided on it, right? Some folks think it's great, some folks think it's idiotic. What do you think?

David DeSanto

>> Yeah. So I have the opinion that setting a target of who used the most amount of tokens over a period of time, it's not really measure of value. You can say it's the time in DevOps directly. At GitLab or company named Spirent where we were doing things similar, it's about the business outcome. And so let's say you use 10,000 tokens in the month and I use 300,000 tokens in the month. What did I do that is 10 times better than what you did? Usually the answer is not that much. And so for me, what I've been looking at is, and I'll tell you, I'm trying to coin this word, so if you want to help with that, it'd be great, but it's more like a Tokenpocalypse because people are throwing buckets of money at a problem rewarding something that's controlled by the user, how many tokens they're actually using, and they're not getting the same business outcome they could be getting. And so in those conversations with enterprises, especially again, heavily regulated, the conversation goes to one thing which is like, I want to keep it within my boundary, but I also want some of my predictable outcomes on my spend. A friend was telling me a developer at his company hit 300,000 tokens in a day and the question was, what did we get from that? That was a lot of money in tokens. And the answer was, it's felt like everything else everyone else was doing. And so if you can bring in an open source model, you run it on something like AWS Bedrock or maybe on top of Kubernetes, you now are paying for the compute and not the tokens, and then you get into a more streamlined understanding of your expenses. And I think that as enterprises continue to mature in AI, I think we're going to see a lot more of that. Open source taught me that. I've been working in open source since I was at ICSA Labs late aughts, early 2010s, that open source is really sometimes the best way to accomplish your goal and sometimes it's also the most secure way to accomplish it as well.

Gemma Allen

>> The future of open source, final question to you, especially as we think about this fast-changing and also these competing narratives, right? We're certainly at a kind of collision point, I think, old tech meets new tech and new tech meets new tech too, right? Those guys are fighting out as well. What are your thoughts? Where do you see it going?

David DeSanto

>> Yeah. So I see open source more important today than ever. And the reason why, and I'll give you a little of an analogy. I learned early in my career that thinking that you have your code hidden makes you secure is really like the ostrich shaking its head in the sand to avoid someone attacking it, because if the ostrich kept its head out of the sand, it'd be able to see everywhere, whereas with its head in the sand, it can't see anything. And that's how open source works too. If you were to say you're at a company, would you rather implement code that's been looked at by hundreds of thousands, if not millions of eyes? Or you want the one that someone wrote who just started the company and you haven't even seen them get to a point where they've had a review of their code yet? Nine times out of 10, people would choose that first thing. And then when you tell them that's open source, it helps them understand it and be more comfortable with it. And so I see open source today more important than ever and not just the software packages, but the AI models as well. And I think that's going to continue to grow over the coming years. And I think everyone's going to learn what Anaconda learned 10 years ago when we started, that open source is going to be the future and it's going to help get us there a lot more securely.

Gemma Allen

>> Well, David, I'm certainly envisioning maybe a Substack for you called Tokenpocalypse with-

David DeSanto

>> There we go....

Gemma Allen

>> a thumbnail of an ostrich with its head in the sand. I feel like that could do really well. You can have that one on me. Last question. What's ahead? 10, 15 seconds. What's ahead for you and the team? What's the focus for the rest of this year?

David DeSanto

>> Yeah. So our goal is to get our new appliance, our new platform out this year. We're shooting for a fall release. That will be taking the Anaconda AI platform, the Outerbounds platform, and shipping them as a single platform. Our first beta is available for people who want to try it, and then the GA will be in the fall. So that's our big focus around that, making sure that ships and how agents interact with it.

Gemma Allen

>> Available on your website for download?

David DeSanto

>> If you just go to Anaconda.com, you can go and say contact us. You can read about the platform there as well. And yeah, if you've not, I tell everyone, check out our blog. We're constantly posting about what we're doing, and I'm working on a blog series myself with NVIDIA.

Gemma Allen

>> Oh, great.

David DeSanto

>> We're a strategic partner of theirs, and so you can learn all about how to do secure enterprise AI with Anaconda and NVIDIA.

Gemma Allen

>> Great. And now CUDA is just completely unbreakable. Thanks so much for joining us, David.

David DeSanto

>> Thank you very much for having me.

Gemma Allen

>> I'm Gemma Allen with theCUBE at the NYSE studio. This is Mixture of Experts. Thanks for watching.

David DeSanto, Anaconda

search

John Furrier

>> Palo Alto studio, connecting Silicon Valley and Wall Street. I'm John Furrier, host of theCUBE here with Dave Vellante, my co-host.

Gemma Allen

>> Welcome back to theCUBE Studio here at the New York Stock Exchange. I'm Gemma Allen with NYSE Wired's Mixture of Experts, and joining me now is a man whose company claimed made Python the language of data science and now wants to make it the language of AI. Welcome David DeSanto, CEO of Anaconda. Welcome, David.

David DeSanto

>> Thank you. Great being here. Thank you for having me.

Gemma Allen

>> So that's a pretty, I guess, big broad goal there, right? Let's start a little bit with Anaconda, the company, the point that you're at. Like I said in my opening there, you guys want to make Python the language of AI. What exactly does that mean to you and your team?

David DeSanto

>> Yeah, so Anaconda's goal through its entire life has been to really meet enterprises where they're at and then help them achieve their goals. And that started with just traditional data science and Python, but today Python has become the language for AI, and because of that, we're leaning into that to make sure enterprises can build their AI-native applications securely.

Gemma Allen

>> And David, you're about a year in the role of CEO.

David DeSanto

>> Correct.

Gemma Allen

>> You were chief product officer at GitLab. So you've spent a solid chunk of your career in DevOps. I don't know what you did before at GitLab, but you're certainly a DevOps guy. Interesting time in the world of DevOps though, right? A lot is changing very fast, even who is the dev in DevOps. What are you seeing there?

David DeSanto

>> Yeah, so you're right. Most of my career has been spent in security, both straight and vulnerability research or within developer tooling. And so what we're seeing at Anaconda is a very interesting trend. It's becoming more about the builder. That builder does not have to be a technical person who knows how to write software. It could be someone over the weekend who's a hobbyist who's like, "I have this really great idea for an application." Or it could even be a relative who maybe hasn't really understood what you did in your career, but now all of a sudden they know because they've picked up say Claude Code and they're building themselves an app. And so the trend of what we're seeing is that who is the builder is expanding, but we're also seeing the, we'll call it the threat landscape also expanding with that because when you move from traditional developers or data scientists into hobbyists, whether it's vibe coding or something similar, they don't really understand maybe necessarily what the AI application is building for them and what that infrastructure looks like. And that just introduces a lot of risk.

Gemma Allen

>> And in the hobbyist space, I mean, we know a lot of these hobbyists are often folks that work full-time jobs that just love tech. They love building. They're like tinkerers, right? For the most part. What does the Anaconda platform bring? Let's say you are working on something, somewhat of a side project, you've got a big idea, you're like, "Okay, I would actually like to bring this into production in a team I'm on." Talk me to the before and after of using a platform like yours.

David DeSanto

>> Yeah, it's a great question. So Anaconda is known for providing the trusted foundation for building AI. And what that means is that we provide the largest collection of secure open source packages for Python. That includes all the CUDA packages needed to run on top of an NVIDIA GPU and that allows people to build up trust in a way they wouldn't have before. And so prior to using our platform, you may be pulling packages from a standard open source package manager. A good example of this was earlier in the year, the light LLM package got compromised and if you tried to download it from Pip, which is the most popular package manager, you were getting vulnerable code. Whereas if you're buying that and pulling that from Anaconda, you're getting what we built off of our secure build system and that vulnerability was not actually there. The other thing is that as we move more into AI over the last 18 months, we're applying the exact same thing to AI models. And so we have a curated list of open source models that we performance-tested, security-tested, gave you all that information, as well as different quant sizes so you can run it on a local computer all the way to running it within your cloud data center.

Gemma Allen

>> Wow. Okay. So give me the commercials here. I know you're a year in almost as CEO. What kind of stage are you at? What size are you guys at? And also I think you've had an acquisition recently. Maybe talk to us a little bit about that and the thinking behind that.

David DeSanto

>> Yeah. So last year we announced our Series C, it was right before I started, and we were at 150 million in revenue. That number continues to go up as well as what we're doing with the money that we have. And so a good example of that is our acquisition. We acquired a company named Outerbounds. They were started by people who actually were working at Netflix. Netflix was struggling to get AI at scale and this team built what is called Metaflow. Netflix open sourced it and then they left to build the company named Outerbounds that runs on top of that. And what we really liked about the acquisition, and I've done over a dozen acquisitions in my career, they're usually like a decent amount of overlap and this one there's always almost no overlap. When I met with their founder, Ville Tuulos, CEO, he's like, "Here's everything we want to do at Outerbounds over the next two years." And I said, "Here's what I want to do at Anaconda for the next two years." And we were building what they had and they were building what we had. And so by coming together, you can now actually have visibility and security from the idea you have all the way through building that AI application and then monitoring it once it's deployed into production.

Gemma Allen

>> Wow. So like the perfect meeting of minds and time and circumstance really for you folks, right?

David DeSanto

>> It is. And the one thing I don't know everyone truly appreciates, and you mentioned DevOps. DevOps had this rigid seven-stage delivery for an application. Everyone always saw it as that infinite affinity symbol. AI-native development is not that. It's actually a lot less steps. It's because of the agents, it's because of the agenda workflows you can have. And having that visibility and security is very key, especially if you're a regulated industry, which is where a lot of our customers are.

Gemma Allen

>> Well, I definitely want to get into that, the kind of condensing of timelines around DevOps and even the expectations in the market. But before I do, just to go back to Outerbounds for a second. So really what this gives a company like Anaconda is not just the distribution, but the control plane, right? The production element.

David DeSanto

>> Correct.

Gemma Allen

>> It shortens, I guess, you build something great, you know it's going to work and then you need to actually land it, and it shortens that timeframe. Give me some sort of like customer scenario, bring that to life for us a little bit, the before and after this acquisition opportunity.

David DeSanto

>> Yeah, that's a great question. So I generally start by just mentioning stats that are happening in the world. In 2026, right, we're halfway through, the first is 76% of organizations say they're using AI weekly, but only 20% of those prototypes actually make it to production. And so that means 80% are failing. And why are they failing? It's because people are applying traditional software techniques, software development techniques to AI. And DevOps is built for deterministic outcomes. AI is probabilistic outcomes. And so it leaves a lot of companies spending a lot on AI but not getting the ROI in their investment. And so if you were to look at building an application, Anaconda is always living the development side. Outerbounds lived on the production side. And so by taking that trusted foundation and trusted models and then connecting it to AI workflows at scale, you're actually able to remove that barrier and get your ideas into production much faster. It ties into Outerbounds' control plane, but it's also about that experience and technology that became Metaflow. Netflix runs millions of data pipelines simultaneously. That's a scale that organizations sometimes never even see. And by being able to help them do that with AI and shorten that cycle down, whether that's leveraging agents or the developers writing code, you actually get to an outcome that's a lot more powerful, a lot faster for your users.

Gemma Allen

>> Let's go back to this seven-point stage process of old and the fact that now there's an expectation that things can happen in a blink, right? They need to happen yesterday. That is certainly the pace of the market and I'm sure that puts a huge amount of pressure on folks who know the risks of doing something. Act now think later tends to be the ethos that is almost encouraged at this moment in 2026. It's kind of hard to believe actually as someone who spent 20 years in tech that we're where we're at, but we are. What are you seeing in way of risk, in way of some of these projects that are coming in that are being basically, I guess, filtered out to your platform? What sorts of threats and vulnerabilities do you think people are not realizing? Try and bring that to life a bit.

David DeSanto

>> Yeah. So I have actually spent at least 50%, probably close to 75% of my time since starting being on the road and talking to our customers, both existing and now new customers. And it really comes down to a handful of things for them. Being that we primarily work within a regulated industry, there's concern about connecting their applications and their developers to AI models that are running outside their boundary. It gets back to data sovereignty, data isolation, and is that provider actually providing that for me. It gets into, I want to use AI in my development side, but I'm unsure whether or not that's actually going to build secure code. And then they're sitting there asking themselves, do I allow them to use a coding agent or do I let them leave because they want to use a coding agent and I won't let them? And really, everything comes back to trust and governance in those conversations. And one of the things that made GitLab so popular is the fact that we could run self-managed, so you can actually run the entire thing within your boundary. And you can do that with Anaconda too, but we take it to where you can actually run AI agents within that environment, fully air-gapped. You can deploy the latest versions of models staying within that boundary. And so for our customers, especially customers who've become an Anaconda customer over the last several quarters, what they're seeing is that that trust they really need is actually there with Anaconda and that they don't have to risk a compliance concern by connecting out to a third party API service for that model. And so whether it's their developers writing code, agents are writing code, they can have that same trusted foundation, which means they're not having to do the trade-off. The big thing I hear is, "I either need to go fast or I need to be secure." And then we meet at that intersection because we can give them the trust and whether it's a human or an agent, let them move fast. And really the hesitation ties into, are you building in the right environment? And you've probably seen this as well. Coding agents are amazing at writing code. They suck at building the environment that the code needs to run in, and that's where that risk comes in. And so being able to remove that allows enterprises to move at the pace they need to move at.

Gemma Allen

>> What are you seeing in way of envision to deployment timelines? I again started my career in an 18-month timeframe. That was even aggressive back then, right? What is the norm these days? What are you seeing folks actually deliver safely? What's the average?

David DeSanto

>> Yeah. So I think it depends on the industry. If you're in telecom, you have really broad cycles because that's when new hardware comes out. But if you're an enterprise, let's say a bank since we're here at New York Stock Exchange, you know that a person moving banks as a consumer is really easy. And what do you do to keep them interested? You've got to give them newer and newer technology to use and better services that leverage that technology. And so what we're seeing is that if you're in a consumer or business to business type of relationship and you're not in a regulated industry like telecom, you begin to try to compress those cycles down. A customer was telling me last week when I was in London that they've gone from shipping their updates to their customers from being months to being within a week, and that's because they have the guardrails needed to be successful and lean into what AI can do for them versus be concerned it's going to cause a major issue for the institution.

Gemma Allen

>> Okay. Macro level. This is definitely an interesting time. There's been a lot of conversations about what the world would look like two years from now in way of Frontier Labs, LLMs, releases, who should deploy when and how. I know you've got some thoughts on that from the perspective of security and DevOps. Maybe give me your thoughts, especially as we see more and more government intervention and discussion on the space.

David DeSanto

>> Yeah. So to kind of give you a little history, I was actually on theCUBE at KubeCon a couple of years ago, and the question was, "Did you expect this to be moving this quickly?" And my answer was yes and no. Yes, we're always pushing in technology to get to the next unlock, but no one two or three years prior to that would've thought there'd be something called ChatGPT that hundreds of millions of people are talking to weekly. And so today when looking at the trends of where things are going, I'm always surprised day after day how much faster something is moving. You're talking about over your career, I'm not young. I tell people-

Gemma Allen

>> I won't say I'm young either, but-

David DeSanto

>> I tell people I'm in my 20s, but I don't anymore.

Gemma Allen

>> The beard gives it away.

David DeSanto

>> Yeah, yeah. But as part of that, it's been like, okay, things move fast when internet started, but not this fast. Breakthroughs in technology for mobile phones, fast. GPUs, that sort of thing, fast, but this is literally like every day there's a new open source model available. Every week, there's a new vulnerability that could be tied to something that's been built. We're moving at a pace that's really neck-breaking. And so when I think about how do you help people be secure, I think of things like the executive order that got released last week. Now, I will tell you, my personal opinion is like we need actual legislation and not an executive order, so that's easy to throw out at any point, but we need to help people understand that they need to move at the pace that's important for their business, but also realize that they can't wait on a central body to kind of tell them it's ready because the technology's moving fast enough that they could actually lose their market cap by sitting around for 60, 90, 120 days waiting for a report to come out on is it secure, is it safe or not? They need to take their own guardrails they have, their own compliance checks, and run it through that lens and then make decision whether or not they want to accept the risk of deploying something new.

Gemma Allen

>> On, I guess, somewhat of an associated topic, token-maxing, right? This idea that again, you just can't be doing enough, right? It's almost, what are your thoughts on that? And this, people are quite divided on it, right? Some folks think it's great, some folks think it's idiotic. What do you think?

David DeSanto

>> Yeah. So I have the opinion that setting a target of who used the most amount of tokens over a period of time, it's not really measure of value. You can say it's the time in DevOps directly. At GitLab or company named Spirent where we were doing things similar, it's about the business outcome. And so let's say you use 10,000 tokens in the month and I use 300,000 tokens in the month. What did I do that is 10 times better than what you did? Usually the answer is not that much. And so for me, what I've been looking at is, and I'll tell you, I'm trying to coin this word, so if you want to help with that, it'd be great, but it's more like a Tokenpocalypse because people are throwing buckets of money at a problem rewarding something that's controlled by the user, how many tokens they're actually using, and they're not getting the same business outcome they could be getting. And so in those conversations with enterprises, especially again, heavily regulated, the conversation goes to one thing which is like, I want to keep it within my boundary, but I also want some of my predictable outcomes on my spend. A friend was telling me a developer at his company hit 300,000 tokens in a day and the question was, what did we get from that? That was a lot of money in tokens. And the answer was, it's felt like everything else everyone else was doing. And so if you can bring in an open source model, you run it on something like AWS Bedrock or maybe on top of Kubernetes, you now are paying for the compute and not the tokens, and then you get into a more streamlined understanding of your expenses. And I think that as enterprises continue to mature in AI, I think we're going to see a lot more of that. Open source taught me that. I've been working in open source since I was at ICSA Labs late aughts, early 2010s, that open source is really sometimes the best way to accomplish your goal and sometimes it's also the most secure way to accomplish it as well.

Gemma Allen

>> The future of open source, final question to you, especially as we think about this fast-changing and also these competing narratives, right? We're certainly at a kind of collision point, I think, old tech meets new tech and new tech meets new tech too, right? Those guys are fighting out as well. What are your thoughts? Where do you see it going?

David DeSanto

>> Yeah. So I see open source more important today than ever. And the reason why, and I'll give you a little of an analogy. I learned early in my career that thinking that you have your code hidden makes you secure is really like the ostrich shaking its head in the sand to avoid someone attacking it, because if the ostrich kept its head out of the sand, it'd be able to see everywhere, whereas with its head in the sand, it can't see anything. And that's how open source works too. If you were to say you're at a company, would you rather implement code that's been looked at by hundreds of thousands, if not millions of eyes? Or you want the one that someone wrote who just started the company and you haven't even seen them get to a point where they've had a review of their code yet? Nine times out of 10, people would choose that first thing. And then when you tell them that's open source, it helps them understand it and be more comfortable with it. And so I see open source today more important than ever and not just the software packages, but the AI models as well. And I think that's going to continue to grow over the coming years. And I think everyone's going to learn what Anaconda learned 10 years ago when we started, that open source is going to be the future and it's going to help get us there a lot more securely.

Gemma Allen

>> Well, David, I'm certainly envisioning maybe a Substack for you called Tokenpocalypse with-

David DeSanto

>> There we go....

Gemma Allen

>> a thumbnail of an ostrich with its head in the sand. I feel like that could do really well. You can have that one on me. Last question. What's ahead? 10, 15 seconds. What's ahead for you and the team? What's the focus for the rest of this year?

David DeSanto

>> Yeah. So our goal is to get our new appliance, our new platform out this year. We're shooting for a fall release. That will be taking the Anaconda AI platform, the Outerbounds platform, and shipping them as a single platform. Our first beta is available for people who want to try it, and then the GA will be in the fall. So that's our big focus around that, making sure that ships and how agents interact with it.

Gemma Allen

>> Available on your website for download?

David DeSanto

>> If you just go to Anaconda.com, you can go and say contact us. You can read about the platform there as well. And yeah, if you've not, I tell everyone, check out our blog. We're constantly posting about what we're doing, and I'm working on a blog series myself with NVIDIA.

Gemma Allen

>> Oh, great.

David DeSanto

>> We're a strategic partner of theirs, and so you can learn all about how to do secure enterprise AI with Anaconda and NVIDIA.

Gemma Allen

>> Great. And now CUDA is just completely unbreakable. Thanks so much for joining us, David.

David DeSanto

>> Thank you very much for having me.

Gemma Allen

>> I'm Gemma Allen with theCUBE at the NYSE studio. This is Mixture of Experts. Thanks for watching.