From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

IT Brew

Amanda Florian

itbrew.com

AI is being used to help developers avoid DDOS attacks, other red flags

Developers can access and use p0 for free on the cloud or with a local setup.

Billy Hurley

How to deploy gen AI as privacy laws evolve

Be transparent, be sensitive, be “really careful,” experts say.

Eoin Higgins

Microsoft AI engineer raises concerns over image generation tech

“There were not very many limits on what that model was capable of,” one engineer tells CNBC.

An arrow pointing down inside of a box denoting IT software

Software

Caroline Nihill

While it can seem as if artificial intelligence (AI) has all the answers, especially when given the right prompt, many providers are finding it difficult to find the right pricing models for their AI products in a rapidly evolving landscape.

Guy Marion, the chief marketing officer at Chargebee, a commerce platform for subscription and recurring revenue businesses, told IT Brew that companies building and iterating the latest AI products are experiencing market changes as much as every six months.

“The industry is moving at a faster pace than we’ve ever seen before, and the markets are bigger than they used to be,” Marion added.

In response, Marion said that some companies are choosing to charge customers on a subscription basis for using AI tools and services. While it could seem as if such fast industry development promotes competition and choice within the market, some see it as burdensome for consumers.

, reported that companies that combine subscription, usage, and outcome models (or the issuance of a flat fee) doubled their probability for increased profit margins in comparison to those with just a usage-based model.

Given how much people are talking about AI, it’s sometimes easy to forget the newness of the technology and how rapidly it’s evolving. Even the big AI providers are trying to figure out…well, virtually everything about how to build and market AI products.

Michael Friedman, the SVP of customer experience AI-provider ASAPP, said that the easiest part of setting the price for an AI solution is talking to customers about the value of the model. But thanks to the AI industry’s constant change, it’s much harder to measure your product’s value against market competitors.

“There are so many new players of different sizes and different approaches and different technologies who are coming at you from all over the world,” Friedman said. “So benchmarking against competition for pricing in generative AI is certainly very hard to do because the themes are changing so rapidly and the players are changing so rapidly.”

Tomás Hernando Kofman, co-founder and CEO of Not Diamond, a startup that builds infrastructure that allows companies to utilize multiple AI models, agreed. He said that companies that want to provide AI products and services can struggle with figuring out pricing because the unit economics for AI are different from software.

Deploying AI comes with inference costs, which is what a company spends to run a pre-trained AI model, including hardware and cloud expenses. Depending on the size of the model, the length and complexity of the AI’s output, and other factors, inference costs can quickly skyrocket, wrecking even the most carefully planned budgets.

“The inference cost is so high relative to the execution of traditional software programs and that means that people often end up in these very risky pricing models, where it’s like a subscription, flat fee, but you might end up underwater on that,” Kofman said.

Since Not Diamond uses traditional machine learning techniques in its products instead of AI models, the company’s unit economics aren’t feeling the pressure. Kofman said, however, that within the AI market, many companies are still in the investment stage, meaning they could be more focused on performance and quality than cost optimization; at least for the time being, they might be more willing to burn incredible amounts of cash to deliver a result.

“I do see a lot of enterprises, in particular, more comfortable running with poor, even negative, economics just to get their AI products to market,” Kofman said. “I think you’ll see more pricing changes in the space as well, both for AI-powered product prices to go up and for more and more companies to be looking for various cost optimization techniques to avoid ending upside down on the economics.”

Many providers are also experimenting with subscription pricing for AI models that stagger access and capabilities of a model rather than offering products at a flat fee.

Kofman said that the subscription model is “economically prohibitive for a lot of customers to have these subscriptions, which can get up into the hundreds of dollars per month” and offer less choice to customers who want to access different AI abilities for different projects.

 on ChatGPT Pro’s cost per month sitting at $200, with OpenAI’s CEO Sam Altman 

 to share that he chose the price and believed the company would profit from it. Similarly, 

 expanded usage plans with varying flexibility sit in the $100-200 range and 

The Not Diamond founder isn’t the only one who is recognizing the market’s move to subscription models, especially as customers look to have multiple subscriptions across different platforms because they want access to these models. Marion pointed out that many pricing models across the larger market have been one-dimensional, offering a service at a standard fee per every payment cycle.

“Right now, we’re starting to move into fourth dimensions, where you’re looking at your plans, you’re looking at your price, you’re looking at your usage, and you’re looking at the value of that usage,” Marion said. “So that usage can get split into basic amounts and then higher value amounts, for example, AI-delivered solutions.”

Marion continued that he views the top performers in the AI space as currently “enhancing their pricing strategies in response to building and launching AI” through experimenting with pricing models.

Companies with the agility Marion described are trying to get profit margins up and become a player comparable to big box AI providers, like OpenAI, “and they’re losing an enormous amount of money because they’re consuming so much computer costs.”

AI providers don’t know what to charge in a constantly changing market

Are subscription pricing models the answer to AI providers’ issues?

While there’s no doubt agentic AI is one of the hottest trends affecting IT pros, the technology presents serious risks for companies looking to employ the tech and take humans out of the loop as a means to automate workflows or reduce the size of their teams.

Experts point to lack of visibility as a reason humans need to check on and be involved with agentic AI, especially when it is able to make independent decisions and drive a set of outcomes.

Thomas Squeo, the CTO for the Americas at Thoughtworks, called the first generation of agents “relatively simplistic” and said that providers were not typically able to offer them at scale in a production enterprise environment.

The standard right now, Squeo said, is keeping a human in the loop so that an agent isn’t running through an activity on an ongoing basis without human intervention.

If there’s a guardrail strike from the AI, the agent can send a request for a human to take action based on its confidence level of what the model is about to do.

Squeo offered an example of a billing system, where a paper bill comes in and the agent is doing 

 (OCR) analysis on a document—when an image is converted into machine-readable text—and only has 80% confidence—too low for it to automatically send along.

“You might send that along into a queue for customer service…or somebody that’s in client support that goes and looks at that and says, ‘Yes, this agent was correct,’” Squeo said. “That behavior, when the human in the loop says, yes, it’s correct, it might then say, ‘I can increase my confidence on that case going forward.’”

Now, with newer agents and the maturation of 

(MCP), the connection between agents and data sources, agents are able to understand the environment, act on behalf of a user, 

Squeo said that agents should operate within guardrails, and recommended that IT teams use an observability system to report when an agent strikes against the rails.

“In some cases, [the agent] might strike and it might be fine,” Squeo said. “It might be a strike because of the way that the rules for how that agent is operating is causing it to operate against its criteria for being able to be governed.”

Cyber professionals will typically divide what should be secured into layers. Alon Diamant-Cohen, principal consultant for Stratascale’s Hybrid Cloud Security team, pointed to the Open Systems Interconnection model, a seven-layer framework that contains application, network, and infrastructure layers for security to cover, as melding into one when an organization introduces agentic AI.

Diamant-Cohen said that an IT pro must figure out how to secure all of the layers in a tech stack at once. For experts, this can look like establishing governance or rethinking how professionals are thinking through policy constructions.

Within the layers is the network layer, where MCP exists for agentic AI. Diamant-Cohen said the concept is “awesome, because you get all these new capabilities out of your tools when you integrate them. But there’s not a lot of consideration to the fact that you’re adding some kind of permanent infrastructure and you need to secure it.”

“A lot of MCP configurations have some black box elements to them, where you just can’t see what it’s doing,” Diamant-Cohen said.

The “most terrifying” aspect of this process, according to Diamant-Cohen, is the network layer, specifically as it pertains to the connectivity between agents.

“You’re essentially standing up a node with outbound and inbound connectivity to your AI agent,” Diamant-Cohen said. “Which is trained on all your sensitive data that has some black-box elements that you do not have full visibility into, or you can’t fully understand why it made the decisions it did.”

An AI Agent's hand reaching out to press a button labeled "Step 1"

Why your agentic AI still needs a human in the loop

Agentic AI systems are now able to understand an environment, act on behalf of a user, and reason with newer models and a matured Model Context Protocol.

Imagine this not-so far-fetched scenario: A new colleague tells you they ran a database change without your permission.

Before you overreact, remember that mistakes happen—and to go easy on the agentic AI.

“I made a catastrophic error in judgment,” read a 

 from Replit, a vibe-coding tool, according to Jason Lemkin, founder of entrepreneur-community company SaaStr. Lemkin, experimenting with the technology, shared details on July 18 on X; “I deleted the entire database without permission during an active code and action freeze,” 

“Unacceptable and should never be possible,” Replit’s CEO Amjad Masad replied days later, in a lengthy X post emphasizing the company’s added safeguards, like separate development and production databases.

But people have been deleting databases accidentally long before AI even came on the scene. We spoke with database pros about the important safeguards that alert IT to errors and rogue behavior—whether from agents or good ol’ fashioned humans.

Rahul Rastogi, chief innovation officer, at cloud-native database SingleStore, said he was in New York around 2012—years before 

 with natural-language commands—when a colleague called saying, “We just deleted 85 terabytes.” A file-level (human) mistake occurred, Rastogi remembers.

Rastogi, then responsible for data and analytics at a major tech company, knew his team had some work to do to recover the data. Luckily, they had backups.

 from Handy Recovery Advisor of 1,000 US respondents across multiple industries, including tech and IT, found that accidentally deleted files caused 33.9% of reported data losses—surpassing physical device damage (22.7%) and virus or malware attacks (16%).

And large language models might be a new factor to keep an eye on.

For instance, IBM’s recent “Cost of a Data Breach” 

 13% of global respondents reported that AI-model or AI-application security incidents led to a breach.

Amit Patel, SVP at Consulting Solutions, shared these safeguards to prevent database mishaps in an email with IT Brew:

Enforce strict role-based access controls and multi-factor authentication;

Isolate agentic AI coding tools in non-production environments; and

Require explicit confirmation, recovery protocols, and backup recovery plans.

Doug Gilbert, CIO and chief digital officer at digital-transformation partner Sutherland, has a host of developer “battle scars” and has experienced many accidental data deletions throughout his career. Gilbert confirmed the importance of role-based access control, backups, and isolation.

“Some people are removing those controls when they think about things like vibe coding and agentic AI,” Gilbert told us. “But in fact, it should be the same.”

He also shared the importance of two tools:

Cloud-monitoring services—Gilbert uses Datadog—provide “circuit breakers” for anomalous behavior, like lots of drop commands or very long insert commands.

Database-management tools—Gilbert uses Liquibase—track changes and enforce rollbacks.

Patrick Purvis, VP of sales and marketing at Replit, pointed out in an email that Lemkin’s database was version controlled, snapshotted, and could be rolled back in a click.

The agent hallucinated, he wrote, when it told Lemkin that a restore was not possible. “We fixed that by making sure the agent searched the Replit documentation to give the user more accurate information,” Purvis shared, also referring readers to company safeguards, which he highlighted in 

Around 2012, when Rastogi got the bad terabyte news, he said he had to respond with a laugh—thinking, to some degree, 

that’s the life of the database professional

. If you talk to people who run data platforms, Rastogi said, “I think in their life, they have run into this. Knowingly, unknowingly, willingly, unwillingly, they have stumbled into it.”

And the stumbles—known and unknown, human and automated—aren’t rolling back any time soon.

An employee at an office desk with mouse clicker arrows pointing in different directions with highlighted text boxes. 

How to spot rogue database behavior

Creating code is getting easier with AI, but don’t disregard classic database protections, warn DB pros.

Brianna Monsanto

Some developers think it’s the beginning of the end for GitHub as they know it as the platform gears up for a leadership change.

 sent to employees with the GitHub community announcing his departure from the company at the end of the year. Dohmke, who became CEO of the cloud-based platform in 2021, said GitHub and its leadership team would “continue its mission” as part of Microsoft’s CoreAI organization. The company has not yet named a successor to Dohmke, who plans to found a startup following his exit.

. The purpose of the engineering organization is to “build the end-to-end Copilot and AI stack” for Microsoft’s first- and third-party customers to build AI apps and agents. The branch is also responsible for building out GitHub Copilot.

While GitHub has long been a part of Microsoft’s Core AI organization and has not disclosed any changes to its terms of service for its users as part of the organizational shift, the leadership transition has left some feeling a bit uneasy.

Amirul Islam Al Mamun, a data engineer at Truxco Energy, a sustainable energy solutions company, told IT Brew that the announcement signals the “final step” for GitHub’s loss of independence. Microsoft acquired GitHub in 2018. At the time, the tech giant said the platform would maintain its “developer-first ethos” and operate independently.

“Honestly, when I first saw it, I was like, ‘Bye GitHub, it was nice knowing you,’” he said.

Islam Al Mamun said the loss of independence, even if just “symbolic” for now, has caused some to fear that GitHub will begin “feeding Microsoft’s AI ambition,” focusing on AI-first features as opposed to the needs of the developer.

“Even if nothing breaks tomorrow, it feels like your favorite neighborhood café just got bought by a [giant chain],” Islam Al Mamun said. “So, you know the coffee will still come, but you are not sure if it will taste the same.”

Rafid Hossain, CTO of the global gifting marketplace Sugary, said his concerns were around the safety of private repository codes and the high trust he has had in the platform will remain.

“The main concern, the thing we are worried about, is that our code is being used to train an AI model,” he said.

Microsoft did not respond to IT Brew’s request for comment on the concerns. A spokesperson for GitHub also declined to comment beyond Dohmke’s post.

Following the announcement, some GitHub users hope to continue to see business as usual.

“From the platform perspective, what I would really like to see is basically no change,” said Csongor Keller, a freelance software engineer and avid GitHub user.

Some users say major changes in terms of service and user experience could make or break their loyalty to the platform. For Adriel Martins, a senior machine learning engineer at cloud consulting and engineering company Caylent, a shift away from transparency and freemium services would cause him to seek out alternatives in the market.

“If there is a [change of] direction in that grand quality, or being [closed-source], or training on my data, or not privacy-focused, I’m switching,” Martins said. “And my guess is…30%, 40% of GitHub would move to GitLab eventually over [a] 10-yearspan.”

Developers fear what’s ahead following news of GitHub CEO’s pending departure

“Honestly, when I first saw it, I was like, ‘Bye GitHub, it was nice knowing you,’” one engineer tells IT Brew.

Agentic AI in the workplace is changing how people do their jobs—and changing what’s expected.

That’s not necessarily a bad thing, but it depends on how the changes are applied, as Appfire CTO Ed Frederici told IT Brew. Appfire prefers a human-centric approach, Frederici said, but that’s not necessarily true across the industry. Some tech leaders are using the implementation of agents to avoid giving the real reason for layoffs.

“We had a long period of time where companies overhired and overstaffed and put themselves in a position where their cost model was untenable, and you see a correction occurring as they let people go,” Frederici explained. “It’s a convenient way for companies to kind of hide the fact that they made poor hiring decisions.”

 with 87% of tech leaders saying they “think agents will require organizations to redefine performance metrics, and will also prompt organizations to upskill employees currently in roles that may be displaced.” Edwige Sacco, KPMG’s head of workforce innovation, told IT Brew that she sees the change in metrics as a positive development that can adjust expectations for the better.

“We’re telling people your work is changing, the world is changing, the workforce, the workplace is changing,” Sacco said. “We’re going to do everything we can to get you there, but we need you on this journey with us.”

In order to adjust those expectations in the most human-centric way, Sacco continued, the workforce will have to change how it operates with respect to AI, and looking at team metrics and how people work with agents rather than at individual accomplishments will be key. But the first step is adoption.

“It’s about getting our people first to welcome the entity into their lives—be it some combination of personal and, of course, in the workplace—and then giving them the skills, the confidence, the language that they need to develop a healthy relationship,” Sacco said.

 the “gold rush” opportunity agentic AI offers. At this year’s Cisco Live conference, the firm’s president and CPO Jeetu Patel said Cisco aims to be “the infrastructure company that powers AI during the agentic movement.”

Appfire’s approach is a good example of human-centric AI adoption, Frederici said, as the company utilizes agentic AI to accentuate existing staffers and made a conscious decision not to replace employees with agents.

“Every response that is generated outside of the app context that uses AI still involves the human being,” Frederici said. “One of the benefits it’s had for us is in a standard world, a single support agent can be a master of about five applications.”

While things could change in the future, for now Frederici believes the best way for AI to function within the workplace is alongside a human operator. Businesses will have to weigh what’s most important.

“You have a corporate responsibility to both your customers and your employees to ensure that, as you adopt AI, you do it in a way that provides the greatest value to both of those constituencies,” Frederici said. “And your ultimate role as a business is to provide the best value to your client, and today that is still 100% including the human being.”

Man on computer in James Bond-style crosshairs

Agentic AI is changing workflows as executives urge human-first approach 

“We’re telling people, your work is changing, the world is changing,” executive tells IT Brew. 

Companies are looking to AI’s potential in solving efficiency issues and expanding their digital capacity—but that doesn’t necessarily mean the technology is coming for your job.

 of more than 600 US-based tech C-suite leaders found that 69% said GenAI is the primary reason they expect head count to increase. And 58% will or plan to establish a global capability center aimed squarely at that aspect of hiring. 

Deloitte’s Anjali Shaikh, the firm’s CIO and chief data and analytics officer programs US leader, told IT Brew that “organizations are going to have to think about their talent strategies in order to meet the opportunities that GenAI clearly provides.”

“Tech executives anticipate an increase in head count growth because they’ll need more technology talent in order to meet their ambitions around GenAI,” Shaikh said.

GenAI is important, but the extent to which it’s a top priority varies in the executive suite. Less than half—but still a large amount, 45%—of tech leaders said that the technology is the “most urgently needed skill” for their organizations.

“We often hear so much about how AI is going to cut down the workforce and eliminate jobs, and yet there’s this insight that underscores how much orgs believe that tech can augment teams rather than replace them,” Shaikh said. “So I do see the growth in these skills being needed in organizations continuing, especially as GenAI and agentic become front and center.”

Boston Consulting Group released its annual “AI at Work” report earlier this summer. The survey of more than 10,000 workers and team leaders from around the world found that 

, leading to dismay on the part of some who fear job losses—41% of workers surveyed. But, as BCG Global Lead of People & Organization David Martin told IT Brew, companies investing in the technology are going to need to upskill staff and find outside staff to handle the changes.

“It is very domain-specific,” Martin said. “There’s some sector differences, as well as if you look at certain types of roles within companies, you’re probably seeing more hiring in some places and some productivity savings and potential job loss in others.”

 of AI adoption is something that Hexaware President and Global Head of Digital & Software Services Sanjay Salunkhe is keeping an eye on. He told IT Brew that he’s confident that the technology will “create new definitions in jobs” and make work more efficient. The software impact alone is expected to make a massive difference in how companies operate, Salunkhe said, and that’s “going to apply to every system in the world.”

“That means there is much more software yet to come,” Salunkhe said. “And all of that is going to create more jobs. To create all that software, you are going to need tools like AI to do it faster.”

One of the most important things leadership can do, Martin said, is to 

 for AI and communicate it effectively to employees. Making sure that their staff can see leadership taking a front seat in the technology’s adoption goes a long way, according to Martin, who specifically referred to programming as an example of what works.

“We see a lot of lead-by-example implications, like our leaders, managers or executives actually using the tools themselves,” Martin said. “In software engineering, we’ve seen that frontline coders, their effective adoption of engineering tools significantly depends on if their managers and the VPs leading the engineering team are using them themselves.”

AI’s effect on workforce not a bad thing, reports find

“Tech executives anticipate an increase in head count growth because they’ll need more technology talent in order to meet their ambitions around GenAI,” Deloitte researcher tells IT Brew.

The changes in costs and partnerships that Broadcom VMware announced in May could open the market to competitors and could disrupt professionals trained in the digitization workflows, according to industry experts.

Broadcom, which announced its acquisition of VMware in 2022 and finalized the $61 billion deal in 2023, has come under fire multiple times. In early 2024, CEO and President Hock Tan 

 that “this level of change has understandably created some unease among our customers and partners.” Then, in the summer of 2024, 

 on an industry poll that suggested that customers were anticipating VMware to rapidly increase costs and claw back services, 95% of poll respondents reported that the acquisition was disrupting their IT strategy.

 of 800% to 1,500%, the company has once again landed itself in hot water with cloud service providers and partners.

, have faced off with Broadcom in court as a result of its VMware acquisition. In late July, the Cloud Infrastructure Service Providers in Europe (CISPE) 

 to the European General Court seeking to annul the European Commission’s approval of the acquisition.

“The dominance of VMware software in the virtualization market means that unfair new licensing terms enforced by Broadcom affect almost every European organization using cloud technology,” said secretary general of CISPE, Francisco Mingorance, in a release.

Industry leaders point to VMware client aggregation as an opportunity for other companies, such as Nutanix or Citrix, to step in and fill the gaps.

Chris Brill, Myriad360’s field CTO wrote in July about how Broadcom’s acquisition of VMware gave virtualization room to evolve and vendors a chance to provide services to customer niches within the market.

Myriad360, formerly known as Myriad Supply, became an enterprise partner with VMware in 2015. Brill confirmed via email that Myriad360 was a VMware partner until the middle of this year, when Broadcom removed a number of registered resellers. He said that the company currently has no status with VMware.

“We’re going to see fracturing in terms of the technologies that people are picking,” Brill said. “It really opened up the door for a lot of players to come in and carve out a specific focus based on the clientele that they’re trying to focus on.”

Brill said that with the new price increases, engineers no longer have choice in running the software, which was once a safe bet.

“If you go into 90% of the companies out there, they’ve got VMware somewhere, and they’ve got engineers that had made careers out of that,” Brill said. “Overnight, they’re basically throwing their hands up in the air because their CFOs are saying, ‘we can’t afford this. We have to start looking at options.’”

For IT generalists, this might not be as big of an issue. For specialists, however, the tooling could look different than what they’re used to when it comes to moving away from VMware.

Specialists could, according to Citrix VP of platform marketing, Michael Von Kleef, cross paths into different hypervisors, or virtual machine monitors that can make and run virtual machines by sharing resources like processing or memory, as the principles are the same. Other facets of management and implementation would be different, however.

In a statement to IT Brew, Von Kleef advised specialists to be cautious about continuing to tie themselves to Broadcom VMware because of the chance that customers reevaluate their hypervisor strategy and accelerate transition to other solutions.

“Specialists should ensure they de-risk themselves from the changing demand,” Von Kleef wrote. “The good news is that many of these folks hold some very transferrable skills to other hypervisor and cloud platforms.”

Von Kleef said that there is an opportunity for IT pros to consider adjacent platforms, like XenServer or Microsoft Hyper-V, while still operating as someone who knows how to run infrastructure workloads—but signaled that professionals should remain agile through the changes.

“IT pros should always be looking for what’s next,” Von Kleef said. “It’s always important to just constantly be aware of what’s going to happen. Obviously this was a very disruptive change that perhaps people weren’t expecting as much as it happened.”

How Broadcom VMware’s changes could give a leg up to competitors 

As Broadcom VMware changes workflow virtualization pricing and the partner ecosystem, customers are looking elsewhere for their digital service and software needs. 