Summary5 min read

Podcast Summary: The Digital Executive

Episode: Ata Ulaş Güler: Secure AI for Regulated Industries | Ep 1254
Date: May 22, 2026
Host: Ryan (Coruzant Technologies)
Guest: Ata Ulaş Güler, COO & Co-founder, NOAA Labs

Episode Overview

In this episode, host Ryan sits down with Ata Ulaş Güler, COO and Co-founder of NOAA Labs, to discuss the challenges and breakthroughs in bringing AI innovation to regulated industries. The episode centers on Sentinel, NOAA Labs' flagship air-gapped AI IDE designed for environments with strict compliance such as IL5 and NIST. Ata shares personal insights from his unique journey, the technical and organizational hurdles he’s witnessed, how Sentinel approaches legacy code modernization—and how secure, compliance-native AI will shape the industry's next decade.

Key Discussion Points & Insights

Ata’s Career Journey and Perspective

[02:20–05:20]

Ata describes a nonlinear journey blending computer engineering (Purdue, AI/ML focus) with business and consulting.
Early work at Lotus AI (London HQ) gave him exposure to the "massive gap" between AI capabilities and the real needs of highly regulated, legacy-heavy industries.
Noted the misalignment: "Most of the tools that they used, they were designed for a different world—a world with like clean data, modern infrastructure, no regulatory constraints basically." [03:44 – Ata]
Emphasized empathy for end users from having been "across the table"—key to his effectiveness as COO: “I wasn’t coming in as this pure technologist...I kind of understood their pain because of my previous experience.” [04:53 – Ata]

The Problem: AI & Legacy Code in Regulated Environments

[06:10–09:01]

Sentinel started with "code translation" for companies with mission-critical, legacy codebases (COBOL, Fortran, ADA, etc.).
Outlined why traditional dev tools ignore these firms:
- Dependence on Internet access/cloud.
- Assumption of modern codebases (e.g., Python/TypeScript).
- Inadequacy for offline, high-security, and huge codebases often controlled by a single, soon-to-retire expert.
The innovation: “Sentinel mitigates that and it does all of that offline without any internet connection. So that’s the gap we’re closing.” [08:23 – Ata]
Sentinel was purpose-built, air-gapped, and able to accommodate entire legacy codebases, serving needs ignored by cloud-native solutions.

IL5, NIST Compliance & Technical Complexity

[09:53–13:23]

Regulated environments require absolute data security; data must never leave site (e.g., defense, financial sectors).
Ata explains why strict compliance "shapes everything": “People…underestimate just how deep those constraints go. It’s not like you can just take an existing AI IDE and…make it compliant. You have to rethink the entire architecture.” [10:07 – Ata]
Key challenges:
- Models must run on-premise or fully air-gapped.
- Model performance tradeoffs: “The models that run locally tend to be smaller and smaller models tend to perform worse.” [10:48 – Ata]
- Extra investment: custom model building/fine-tuning for rarely-seen legacy languages in public training data.
- Mandatory traceability and audit trails for every model output—the ability to explain what was generated and why: “It’s a baseline requirement for us for these IL5+tools requirements.” [12:00 – Ata]
The need to build entire infrastructure from the ground up for compliance—core differentiator versus mainstream solutions.

The Future: Secure AI Development and Agentic Systems

[13:50–16:19]

Ata reflects on the "pivotal moment": Modern AI has proven its value, but highly regulated domains haven't yet been able to capture these gains due to specific constraints.
“Over the next decade…you’re going to see a real challenge…On one side, you’ll have a commercial AI tooling ecosystem, which will keep moving incredibly fast…But on the other side, you’ll see a whole category of just secure compliance native AI infrastructure, specifically for these regulated environments.” [14:41 – Ata]
NOAA Labs is building for this "barely existent" market—secure, compliant AI for high-stakes environments.
Sentinel’s roadmap: Moving beyond code translation to a full IDE (code generation, verification, multiple features), with an eye toward "Autonomous Software Operators (ASOs)”—AI agents for air-gapped, regulatory-compliant environments.
"The market is becoming agentic…We want to bring those agents to these regulator spaces." [16:07 – Ata]

Notable Quotes & Memorable Moments

On legacy industry needs:
“What I kept running into over and over was this massive gap between the AI…what the industry was building and what these Goldman Sachs organizations actually needed.”
[03:29 – Ata Güler]
On Sentinel’s purpose:
"Those companies want to use AI, but they can't because most of these tools connect to the Internet... Sentinel mitigates that and it does all of that offline without any Internet connection."
[08:08 – Ata Güler]
On compliance shaping every technical decision:
"They shape like everything, literally everything...It's not like you can just take an existing AI IDE and just flip a switch to make it compliant. You have to rethink the entire architecture."
[10:03 – Ata Güler]
On software engineering’s next era:
“We just haven’t figured out yet as an industry how to bring those gains to the parts of the software world where the stakes are highest…That’s the space NOAA Labs is building into.”
[14:24 – Ata Güler]
On the rise of agentic AI in secure settings:
“The market is becoming agentic. Everything is turning into agents right now. And we want to bring those agents to these regulator spaces. Air gapped offline optimization space.”
[16:10 – Ata Güler]

Important Timestamps

[02:20] Ata’s background and journey to COO at NOAA Labs
[06:10] The genesis of Sentinel and the legacy code translation challenge
[08:08] Explanation of Sentinel’s air-gapped, offline approach
[10:03] Why compliance transforms the design (IL5/NIST), and auditability
[14:24] The future divide: commercial rapid AI vs. compliance-native secure AI
[16:07] The rise of agentic systems and Sentinel’s strategic direction

Tone and Style

The conversation is friendly and collegial, with Ryan frequently expressing appreciation and understanding of the technical challenges, while Ata shares insights in a straightforward, technically-informed, and practical manner. The focus remains on real-world impact, organizational challenges, and technical nuances, with both participants staying grounded in the realities of enterprise and regulated spaces.

Summary by: The Digital Executive Podcast Summarizer

Loading summary

Transcript22 lines

[00:01]
A
So good, so good so good.
[00:03]
B
Everything you want for summer is at Nordstrom Rack stores now and up to 60% off. Stock up and save on the brands you love like Vince Sam, edelman frame and free people. Join the NordicLub to unlock exclusive discounts. Shop new arrivals first and more. Plus buy online and pick up at your favorite Rack store for free. Great brands, great prices. That's why you Rack,
[00:28]
A
study and play come together on a Windows 11 PC and for a limited time, college students
[00:34]
C
get the best of both worlds.
[00:37]
A
Get the unreal college deal everything you need to study and play with select Windows 11 PCs. Eligible students get a year of Microsoft 365 Premium and a year of Xbox Game. Pass ultimate with a custom color Xbox wireless controller. Learn more@windows.com studentoffer while supplies last ends June 30th terms at aka mscollegepc.
[01:06]
C
Welcome to Coruscant Technologies, home of the Digital Executive Podcast. Do you work in emerging tech? Working on something innovative? Maybe an entrepreneur? Apply to be a guest at www.corusant.com brand welcome to the Digital Executive. Today's guest is Ata Ulashgula. Ata Ulashgula is the co founder and COO of NOAA Labs where the team is building Sentinel, an air gapped AI IDE purpose built for regulated industries. ATA leads business initiatives across growth, operations and partnerships with a focus on legacy code modernization in Cobol, ADA, Fortran, ET, as well as multi agent architectures designed for IL5 and NIST compliant environments. His work spans product strategy, go to market and building the early relationships that position Noah Labs at the frontier of secure AI software development. Alongside his work at NOAA Labs, ATA brings experience from Lotus AI where he is a senior consultant advising financial services and private equity clients including Goldman Sachs portfolio companies on AI strategy and value realization. Well, good afternoon ata. Welcome to the show.
[02:19]
D
Hi, good afternoon Ryan.
[02:21]
C
Nice to meet you my friend. I really appreciate it you're navigating just a couple of time zones. You're up in Palo Alto, California. I'm in Kansas City. So again, I won't hold that against you. You know, Chiefs and 49ers play some football in some past crazy playoff games, but I appreciate you really making the time. I know it's hard sometimes. So ata, let's jump into your first question. You've built your career at the intersection of engineering, AI strategy and operations. Now serving as the Chief Operating Officer of NOAA Labs. What experiences shaped your journey to where you are today?
[02:57]
D
Yeah, first of all, thank you so much for the opportunity yeah, to answer the question, yeah, it's kind of like a bit of a winding road, honestly. So I studied computer engineering at Purdue with a concentration in AI and machine learning. And I was just always drawn to the intersection of like, just technical depth and like real world application. And I wasn't just interested in, okay, building things. I wanted to understand how they actually created value on these huge complex organizations. So that curiosity is basically what pulled me forward. Consulting pretty early off. And I joined a firm, Lotus AI, that's London headquartered, while I was finishing my degree. And that experience was very beneficial and formative in ways, I mean, I didn't fully appreciate at the time. So I was working like directly with private equity firms and financial institutions and some of them were like Goldman Sachs portfolio companies. We helped them cut through, like the noise around AI and figure out what actually moves that needle for their business. And what I kept running into over and over was this massive gap between the AI, it's like what the industry was building and what these Goldman Sachs organizations actually needed. And the tools that were designed, most of the tools that they used, they were designed for a different world. And we use this in our startup, this kind of analogy. A world with like clean data, modern infrastructure, no regulatory constraints basically. And those clients, they lived in the opposite world. So by the time Murat, our CEO, brought me into the early conversations around no Labs and I had a good picture right, of the problem that we were going after, I wasn't coming in as this pure technologist or pure engineer for Purdue or pure business person I had set across the table from customers were now selling to and I kind of understood their pain because of my prior previous experience. And that background, I would say, is what shapes how I approach my role today as the coo, whether that's gtm, right. Go to market partnerships or the early pilots we're running with these prime companies or financial institutions making me feel.
[05:21]
C
Thank you. Really appreciate that. Love the background. We always start these podcasts out with kind of where you started and where you are today. And I liked that your education was heavily immersed in AI and engineering and you had an insatiable curiosity in this space which obviously helped kind of lead you where you are today. So in your experience in building AI systems, you found this gap, especially around security and compliance. And again, big gap. There's still a gap there. But I'm glad what you're doing today working with NOAA Labs, which we're going to just dive in here to in a second. So at no Labs, you're building Sentinel and air gapped AI IDE for regulated industries. What problem did you see in traditional software development that led you to this innovation?
[06:10]
D
Yeah, so we, so we started with code translation. I guess the simplest way I can put it is. So the organizations with the most critical software in the world are also the ones that have been most completely. I've been most completely ignored by the modern developer tools. So we started with code translation. Most of these huge companies, they have a legacy code basis, Copal, Fortran, Ste and they are the. They work with these code bases because one, yes, they work well, but they're not memory safe or very slow. And companies want to modernize these codebases and most modern companies, like they use cursier, windchills, GitHub, copilot. These are incredible. But they must have them assume you have Internet access. They assume your code base is relatively modern. Or probably Python or TypeScript. Right. They've been probably posted on GitHub, probably a few hundred thousand lines at most. So they assume your developers can just start using a cloud connected tool without any security review. But these client companies, let's say, let's take a government software team, for example, they might be maintaining a site control system written in, let's say an old language, let me say, like Adapt, for example, or a logistics platform or a financial institution, like those companies that I mentioned with Lotus AI, like cobo, very famous old legacy code base that nobody has touched in 15 years. Because that one person is this one person who understood. They retired. Right. We, we wanted to focus on those codes and wanted to translate them with AI. That's how we started Sentinel. Those companies want to use AI, but they can't because most of these tools connect to the Internet. They connect to cloud, they send data out of your computer, Sentinel mitigates that and it does all of that offline without any Internet connection. So that's the gap we're closing with Sentinel, basically. And we built it from the ground up for those constraints. Like I said, it's AIR adapt by default. It's optimized for these legacy languages and it's capable of holding an entire code based in context at once. I would say that that's the problem we saw. And honestly, once you see it, it's really hard to honestly, because these regulated spaces, they're very important for the economy. The market is huge and Murat Salzfor CEO has had prior experience in this space. So that's what we wanted to address.
[09:02]
C
Yeah, that's awesome. Thank you. And I'll Just highlight a few things here. Obviously the gap you're looking to solve there. You used AI, you developed this co translation for these companies in the regulated space that are running legacy platforms and code bases like Fortran and Cobalt, which I think is cool. I have some experience back in the day with some of those and I migrated a lot of systems from those platforms. But yeah, doing it without Internet is obviously a challenge and you guys were able to solve that obviously. And of course in these very secure and regulated environments, you do need to have top security and I know that's why you also had this stuff, air gap. So I appreciate you unpacking that. And Ata, your platform Sentinel is designed for IL5 and NIST compliant environments.
[09:53]
D
Yes.
[09:54]
C
How do you, how do strict compliance requirements shape the way AI tools are designed and deployed?
[10:01]
D
They shape like everything, literally everything. Because I think the people outside of the space, regulated space, they underestimate just how deep those constraints go. It's not like you can just take an existing AI IDE and just flip it, flip a switch to make it compliant. Right. You have to rethink the entire architecture, the orchestrator of the AI of the models that you're using. So I guess I could talk about something as basic as like model inference in a standard consumer AI tool. When you type a question so that, so what happens is like that prompt, it leaves your machine, it goes to a data center somewhere and then it gets processed by a large model and then you get a response, response comes back. So it's the whole model. Now in an IL5 environment which most government agencies, most defense companies, most companies in these regulated spaces require that data cannot leave them. Yeah. Degree like you just can't call out to OpenAI, you can't call out to Entropy, you can't call out to anyone. The model has to live on locally, on premise or arrogant. So those three terms we use and that creates a whole cascade of technical challenges. Right? Because the models that run locally tend to be smaller and smaller models tend to perform, tend to perform worse. So we've had to invest heavily in building and fine tuning those custom models that are optimized specifically for the languages and patterns you find in those code bases, government code bases. I mentioned in my previous response, ATTO or trunk Global C. So languages that frontier models have very little training data because most of them, most of the open source code on the Internet is Python and JavaScript. Most of those models are not, they are not constrained with these legacy code bases. And then beyond the model itself, you have things like Audit trails, code attributes and formal verification. And in these industries, regulated industries specifically. So if an AI writes a piece of code and it ends up in a production system, you need to know exactly what the model did and why. You need to be able to trace it. The level of traceability is something consumer tools like commercial tools weren't built to provide. But it's a baseline requirement for us for these IL5+tools requirements. So in a lot of ways, combined business that slows us down. It's actually the core of what I would say differentiates Sentinel from everything else on the market, like cloud code. Cursor, windserve.
[12:51]
C
Yeah, thank you, really appreciate that. And I know it does take a lot. You're as you started to say at the beginning there a lot of times you have to redesign these environments from the ground up due to the regulatory requirements of IL5 and NIST. But you did spend a lot of time investing in developing for these fine tuned, highly complex environments. And of course what I heard was important was that traceability, that auditing guardrails. And it's a totally different game when you're in these types of environments that have so much regulations.
[13:24]
D
Yeah, totally different battlefield. Most tools, modern tools, they just don't operate well. They're very good models, but they're mostly focused on the consumer side, commercial side.
[13:35]
C
Yeah, exactly. Thank you so much. And ata, as we look ahead to the future, how do you see secure AI development evolving over the next decade? And what role will platforms like Sentinel play in shaping the future of software engineering in regulated industries?
[13:51]
D
Yeah, I'm at. So I came to an event today in San Francisco. It's posted by Coda Capital, one of the big venture capital firms here in San Francisco. And a lot of the portfolio companies here are just presenting their ideas, presenting their products, presenting market research, where the AI is going, where the market is leading to. I just genuinely, I've just been impressed constantly and I think we're generally at a pivotal moment. The last few years have just proven that AI can dramatically accelerate software development. It's no longer a hypothesis, it's been demonstrated, but I would say, I guess to tie it to Sentinel, we just haven't figured out yet as an industry was how to bring those gains to the parts of the software world where the stakes are highest. Defense systems, healthcare infrastructure, financial systems, energy, like critical governance software. That's where the work is still undone. And I would say over the next decade, I think you're going to see a real, a real challenge. On one side, you'll have a commercially AI tooling ecosystem which will keep moving incredibly fast. We're still getting better and better for modern scene field development. But on the other side, you'll see a whole category of just secure compliance native AI infrastructure, specifically for these regulated environments. And that category, that gap. I'm sorry, that category that still, I mean, barely exists right now. That's the space that NOAA Labs is building into. Yeah, I would say that. And what I found really exciting about where Sentinel fits is that we're just not building an IDE backend. Right? Yes. Also, we started with code translation, but now it evolved into a fully packaged IDE. It can do code generation, global verification. We have 15 features. And code translation is just one of the. But our future vision was to build ASOs autonomous software operators, do an intervention AI agents for these regulated spaces. And I'm sure you know that the market is becoming agentic. Everything is turning into agents right now. And we want to bring those agents to these regulator spaces. Air gapped offline optimization space.
[16:20]
C
Thank you. I appreciate that. You talked about a couple things here that really resonated with me. You see the future expanding and advancing to a point where compliance native AI development is commonplace, which I think is pretty cool. And then you talked about those ASOS autonomous software operators. And you're absolutely right. Gentic AI has been probably the top keyword listed out on the Internet for the past 18 months. And it's only getting busier as we look at agentic systems and where they're going today. So I appreciate that. And ata, it was such a pleasure having you on today and I look forward to speaking with you real soon.
[16:59]
D
The pleasure was. Thank you so much, Brian. I appreciate it.
[17:03]
C
Bye for now.