Jeffery D Smith, author of Operations Anti-Patterns, DevOps Solutions, talks about how things can go wrong in development organizations and what DevOps has to offer with host Robert Blumen.

Michael Ashburne and Maxwell Huffman discuss Quality Assurance with Jeremy Jung.

Casey Aylward, Principal at Costanoa Ventures discusses Venture capital with a focus on early stage investing from the perspective of the entrepreneur and the VC with host Kanchan Shringi.

Kim Carter of BinaryMist discusses Dynamic Application Security Testing (DAST) and how the OWASP purpleteam project can improve early defect detection. Host Justin spoke with Carter about how DAST can provide meaningful feedback loops to developers...

Networking researcher Iljitsch van Beijnum discusses internet routing and the border gateway protocol (BGP) with host Robert Blumen.

Liram Haimovitch talks about how a business handles customer issues with a software product. How issues start out with a dedicated customer-facing team and when they may be escalated to engineering.

Chris Riccomini and Dmitriy Ryaboy discuss their book, The Missing Readme, which is intended to be the missing manual for new software engineers. Felienne spoke with Riccomini and Ryaboy about a range of topics that new software engineers might not have..

Tim McNamara, author of Rust in Action, discusses the top three benefits of Rust and why they make it a performant, reliable and productive programming language.

Chase Kocher, the Founder and CEO of aim4hire, a technology recruitment agency, discusses the recruiting lifecycle from the candidate, the company and the recruiter’s point of view with host Kanchan Shringi.

Vaughn Vernon, author of the book “Strategic Monoliths and Microservices” discusses his book with host Akshay Manchale about strategies for purposeful architecture from the perspective of both business decision makers and technical leaders.

Richard L. Sites discusses his new book Understanding Software Dynamics, which offers expert methods and advanced tools for understanding complex, time-constrained software dynamics in order to improve reliability and performance. Philip Winston spoke with Sites about the five fundamental computing resources CPU, Memory, Disk, Network, and Locks, as well as methods for observing and reasoning when investigating performance problems using the open-source utility KUtrace.

Sergey Gorbunov of Axelar discusses blockchain interoperability, a technology that enables decentralized applications to work across multiple blockchain ecosystems. Host Philip Winston spoke with Gorbunov about programmable blockchains, distributed vs. centralized changes, the Ethereum virtual machine, Axelar's Cross-Chain Gateway Protocol and Cross-Chain Transfer Protocol, security issues, delegated proof of stake...

Daniel Stenberg, founder and lead developer of cURL and libcurl, and winner of the Polhem Prize, discusses the history of the project, key events in the project timeline, war stories, favorite command line options and various experiences from 25 years of developing an Open Source project.

Daniel Stenberg, founder and lead developer of cURL and libcurl, and winner of the Polhem Prize, discusses the history of the project, key events in the project timeline, war stories, favorite command line options and various experiences from 25 years of developing an Open Source project.

Kevin Hu, co-founder and CEO at Metaplane discusses "Data Observability" with host Priyanka Raghavan. The discussion touches upon Data observability roots, components, differences with software observability and tooling.

In this episode, Deepthi Sigireddi of the Cloud Native Computing Foundation (CNCF) spoke with SE Radio host Nikhil Krishna about how Vitess scales MySQL. They discuss the design and architecture of the product; how Vitess impacts modern data problems;...

In this episode, we explore the popular pytest python testing tool with author Brian Okken, author of Python Testing with pytest. We start by discussing why pytest is so popular in the Python community: its focus on simplicity, readability, and developer ease-of-use; what makes pytest unique; the setup and teardown of tests using fixtures, parameterization, and the plugin ecosystem; mocking; why we should design for testing, and how to reduce the need for mocking; how to set up a project for testability; test-driven development, and designing your tests so that they support refactoring. Finally, we consider some complementary tools that can improve the python testing experience.

Randy Shoup of eBay discusses the evolution of eBay's tech stack. SE Radio host Jeremy Jung speaks with Shoup about eBay's origins as a single C++ class with an Oracle database, a five-year migration to multiple Java services, sharing a database...

Adrian Kennard and Kevin Hones, Founders of FireBrick routers and firewalls, discuss how to design, build, test and support a hardware router and network operating system from scratch, while sharing the lessons learned. You'll also learn that in certain..

Eddie Aftandilian, Principal researcher at GitHub discusses GitHub copilot and how it can improve developer productivity with host Priyanka Raghavan. The discussion explores various subtopics such as the history of copilot, how it can improve developer...

Andy Dang, Head of Engineering at WhyLabs discusses observability and data ops for AI/ML applications and how that differs from traditional observability. SE Radio host Akshay Manchale speaks with Andy about running an AI/ML model in production and how...

Adam Dymitruk, CEO and founder of Adaptech Group, joins host Jeff Doolittle for an exploration of the event modeling approach to discovering requirements and designing software systems. Adam explains how the structured approach eliminates the specifics of implementation details and technology decisions, enabling clearer communication for all stakeholders while keeping conversations focused on the business opportunity. Using concrete examples of event modeling in practice, they examine event modeling in the context of other related approaches and methodologies, including event sourcing, event storming, CQRS, and domain-driven design.

Ganesh Datta, CTO and cofounder of Cortex, joins SE Radio's Priyanka Raghavan to discuss site reliability engineering (SRE) vs DevOps. They examine the similarities and differences and how to use the two approaches together to build better software...

Nicholas Manson, a SaaS Architect with more than 2 decades of experience building cloud applications, speaks with host Kanchan Shringi about identity and access management requirements for cloud applications. They begin by examining what a digital...

Vidal Graupera, an Engineering Manager at LinkedIn, speaks with SE Radio’s Brijesh Ammanath about the importance of managers' one-on-one meetings with direct reports. They start by considering how a 1:1 meeting differs from other meetings...

Sugu Sougoumarane discusses how to face the challenges of horizontally scaling MySQL databases through the Vitess distribution engine and Planetscale, a service built on top of Vitess. The journey began with the growing pains of scale at YouTube around the time of Google’s acquisition of the video service. This episode explores ideas about topology management, sharding, Paxos, connection pooling, and how Vitess handles large transactions while abstracting complexity from the application layer.

Dave Cross, owner of Magnum Solutions and author of GitHub Actions Essentials (Clapham Technical Press), speaks with SE Radio host Gavin Henry about GitHub actions, the value they provide, and the best practices for using them in your projects. Cross describes the vast range of things that developers can do with GitHub Actions, including some use cases you might never have thought about. They start with some general discussion of CI/CD and then consider the three main types of events that drive GitHub actions before digging in to details about fine-grained action events, Action Marketplace, contexts, yaml, docker base images, self-hosted runners, and more. They further explore identity management, permissions, dependency management, saving money, and how to keep your secrets secret.

Simon Bennetts, a distinguished engineer at Jit, discusses one of the flagship projects of OWASP: the Zed Attack Proxy (ZAP) open source security testing tool. As ZAP’s primary maintainer, Simon traces the tool's origins and shares some anecdotes with SE Radio host Priyanka Raghavan on why there was a need for it. They take a deep dive into ZAP’s features and its ability to integrate with CI/CD, as well as shift security left. Bennetts also considers what it takes to build a successful open source project before spending time on ZAP’s ability to script to provide richer results. Finally, the conversation ends with some questions on ZAP’s future in this AI-powered world of bots.

Nir Valtman, co-Founder and CEO at Arnica, discusses pipelineless security with SE Radio host Priyanka Raghavan. They start by defining pipelines and then consider how to add security. Nir lays out the key challenges in getting good code coverage with the pipeline-based approach, and then describes how to implement a pipelineless approach and the advantages it offers. Priyanka quizzes him on the concept of "zero new hardcoded secrets," as well as some ways to protect GitHub repositories, and Nir shares examples of how a pipelineless approach could help in these scenarios. They then discuss false positives and handling developer fatigue in dealing with alerts. The show ends with some discussion around the product that Arnica offers and how it implements the pipelineless methodology.

Arun Gupta, Vice President and General Manager of Open Ecosystem Initiatives at Intel Corporation, discusses open-source strategy and community with SE Radio host Kanchan Shringi. They explore the business case and business model for why and how big tech participates in the open-source ecosystem. Arun describes ways to foster a culture of engagement with open source within companies such as Intel, Amazon, and Apple. They then consider how the principles can be applied to closed-source software within a company. Finally, they discuss some of the benefits that Intel has gained from more than 20 years of open source contributions and look at the company’s plan for the year ahead. SE Radio is rought to you by IEEE Software magazine and IEEE Computer Society.

Dr. Daniel Zingaro and Dr. Leo Porter, co-authors of the book Learn AI-Assisted Python Programming, speak with host Jeremy Jung about teaching programming with the aid of large language models (LLMs). They discuss writing a book to use in Leo's introductory CS class and explore how GitHub Copilot de-emphasizes syntax errors, reduces the need to memorize APIs, and why they want students to write manual test cases. They also discuss possible ethical concerns of relying on commercial tools, their impact on coursework, and why they aren't worried about students cheating with LLMs.

Lukas Fittl of pganalyze discusses the performance of Postgres, one of the world’s most popular database systems. SE Radio host Philip Winston speaks with Fittl about database indexing, queries, maintenance, scaling, and stored procedures. They also discuss some features of pganalyze, such as the index and vacuum advisors.

Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad description of the approach, which is based on Weir's research and on a free Developer Security Essentials workshop he created. Charles presents some examples from real-world projects, his view on AI's impact on security, and information about the workshop and where to find the materials. During the conversation, they consider several related topics including the concept of "good enough" security; security as a product decision; risk assessment, classification, and prioritization; and how to approach security in startups, greenfield, and legacy systems.

Yeckezkel Rabinovich, CTO of Groundcover, speaks with host Philip Winston about observability and eBPF as it applies to Kubernetes. Rabinovich was previously the chief architect at the healthcare security company CyberMDX and spent eight years in the cyber security division of the Israeli Prime Minister’s Office. This episode explores the three pillars of observability, extending the Linux Kernel with eBPF, the basics of Kubernetes, and how Groundcover uses eBPF as the basis for its observability platform.

Eric Olden talks with host Giovanni Asproni about identity orchestration, a software approach for managing distributed identity and access management (IAM) and integrating multiple identity systems or providers (IDPs) to make them look like a single system from a user perspective. The episode starts with a refresher in identity and access management, then introduces identity orchestration and some of the challenges it helps to address, such as integrating disparate identity management systems after company mergers or acquisitions; managing identities in situations where some of the IAM systems are unreachable; and implementing more secure identity management in legacy applications. Brought to you by IEEE Computer Society and IEEE Software magazine.

Sean Moriarity, creator of the Axon deep learning framework, co-creator of the Nx library, and author of Machine Learning in Elixir and Genetic Algorithms in Elixir, published by the Pragmatic Bookshelf, speaks with SE Radio host Gavin Henry about what deep learning (neural networks) means today. Using a practical example with deep learning for fraud detection, they explore what Axon is and why it was created. Moriarity describes why the Beam is ideal for machine learning, and why he dislikes the term “neural network.” They discuss the need for deep learning, its history, how it offers a good fit for many of today’s complex problems, where it shines and when not to use it. Moriarity goes into depth on a range of topics, including how to get datasets in shape, supervised and unsupervised learning, feed-forward neural networks, Nx.serving, decision trees, gradient descent, linear regression, logistic regression, support vector machines, and random forests. The episode considers what a model looks like, what training is, labeling, classification, regression tasks, hardware resources needed, EXGBoost, Jax, PyIgnite, and Explorer. Finally, they look at what’s involved in the ongoing lifecycle or operational side of Axon once a workflow is put into production, so you can safely back it all up and feed in new data. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode sponsored by Miro.

Maxim Fateev, the CEO of Temporal, speaks with SE Radio's Philip Winston about how Temporal implements durable execution. They explore concepts including workflows, activities, timers, event histories, signals, and queries. Maxim also compares deployment using self-hosted clusters or the Temporal Cloud.

Lane Wagner of Boot.dev speaks with host Philip Winston about Go, the programming language that's popular for web, cloud, devops, networking, and other types of development. In addition to discussing existing features such as structs, interfaces, concurrency, and error handling, Lane and Philip take a deep look at generics, a recent addition to the language. They also explore the developer experience with Go.

Phillip Carter, Principal Product Manager at Honeycomb and open source software developer, talks with host Giovanni Asproni about observability for large language models (LLMs). The episode explores similarities and differences for observability with LLMs versus more conventional systems. Key topics include: how observability helps in testing parts of LLMs that aren't amenable to automated unit or integration testing; using observability to develop and refine the functionality provided by the LLM (observability-driven development); using observability to debug LLMs; and the importance of incremental development and delivery for LLMs and how observability facilitates both. Phillip also offers suggestions on how to get started with implementing observability for LLMs, as well as an overview of some of the technology's current limitations. This episode is sponsored by WorkOS.

Shahar Binyamin, CEO and co-founder of Inigo, joins host Priyanka Raghavan to discuss GraphQL security. They begin with a look at the state of adoption of GraphQL and why it's so popular. From there, they consider why GraphQL security is important as they take a deep dive into a range of known security issues that have been exploited in GraphQL, including authentication, authorization, and denial of service attacks with references from the OWASP Top 10 API Security Risks. They discuss some mitigation strategies and methodologies for solving GraphQL security problems, and the show ends with discussion of Inigo and Shahar's top three recommendations for building safe GraphQL applications. Brought to you by IEEE Software and IEEE Computer Society.

Ori Saporta, co-founder and Systems Architect at vFunction, joins host Jeff Doolittle for a conversation about the role of the software architect. The episode begins with Ori’s thoughts on what is typically missed or overlooked regarding this role. The conversation then explores aspects of both hard and soft skills required of software architects. Other topics include the relationship of the software architect to other roles, to design and process, and to quality. The show concludes by addressing the importance of dependency management by software architects. Brought to you by IEEE Software magazine and IEEE Computer Society.

Jonathan Schneider, the cofounder of Moderne and the creator of OpenRewrite, talks with SE Radio's Gregory Kapfhammer about automated software maintenance. In addition to exploring the design and implementation of OpenRewrite, Schneider explains how the tool can automatically support software maintenance tasks such as framework migration and security fixes for programs implemented in languages like Java. The episode also explores how OpenRewrite uses the lossless semantic tree to support automated refactoring though the use of recipes. Brought to you by IEEE Computer Society and IEEE Software magazine.

Ipek Ozkaya, Principal Researcher and Technical Director of the Engineering Intelligent Software Systems group at the Software Engineering Institute, Carnegie Mellon, discusses generative AI for Software Architecture with SE Radio host Priyanka Raghavan. The episode delves into fundamental definitions of software architecture and explores use cases in which gen AI can enhance architecture activities. The conversation spans from straightforward to challenging scenarios and highlights examples of relevant tooling. The episode concludes with insights on verifying the correctness of output for software architecture prompts and future trends in this domain. Brought to you by IEEE Computer Society and IEEE Software magazine.

Hans Dockter, the creator of the Gradle build tool and founder of Gradle Inc, the company behind the developer productivity platform Develocity, joins SE Radio host Giovanni Asproni to talk about developer productivity. They start with some definitions and an explanation of the importance of developer productivity, its relationship with cognitive load, and the big impact that development tools have on it. Hans describes how to implement developer productivity metrics in an organization, as well as warns about some pitfalls. The episode closes with some discussion on Hans's views on the future of this discipline, as well as some near-term developments and expectations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Itamar Friedman, the CEO and co-founder of CodiumAI, speaks with host Gregory M. Kapfhammer about how to use generative AI techniques to support automated software testing. Their discussion centers around the design and use of Cover-Agent, an open-source implementation of the automated test augmentation tool described in the Foundations of Software Engineering (FSE) paper entitled “Automated Unit Test Improvement using Large Language Models at Meta“ by Alshahwan et al. The episode explores how large-language models (LLMs) can aid testers by automatically generating test cases that increase the code coverage of an existing testing suite. They also investigate other automated testing topics, including how Cover-Agent compares to different LLM-based tools and the strengths and weaknesses of using LLM-based approaches in software testing.

Stevie Caldwell, Senior Engineering Technical Lead at Fairwinds, joins host Priyanka Raghavan to discuss zero-trust network reference architecture. The episode begins with high-level definitions of zero-trust architecture, zero-trust reference architecture, and the pillars of Zero Trust. Stevie describes four open-source implementations of the Zero Trust Reference Architecture: Emissary Ingress, Cert Manager, LinkerD, and the Policy Engine Polaris. Each component is explored to help clarify their roles in the Zero Trust journey. The episode concludes with a look at the future direction of Zero Trust Network Architecture.

This episode is sponsored by QA Wolf.

Steve Smith, founder and principal architect at Nimble Pros, joins host Jeff Doolittle for a conversation about software quality. The episode begins with a discussion of why software quality matters for businesses, customers, and developers. Steve explains some patterns and practices that help teams design for quality. They discuss in detail the practices of testing and quality assurance, and the conversation wraps up with suggestions for fostering a culture of quality in teams and organizations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Nick Tune and Jean-Georges Perrin join host Giovanni Asproni to talk about their proposed approach to modernizing legacy systems. The episode starts with some high-level perspective to set context for the approach described in their book, Architecture Modernization (Manning, 2024). From there, the discussion turns to important details, including criteria for deciding which aspects to revisit; some of the activities, processes, and tools; and the importance of data engineering in modernization efforts. Nick and Jean-Georges describe how to successfully implement an architecture-modernization effort, and how to fit that work with the teams' other priorities. The episode finishes with some warnings about the typical risks associated with modernizing a legacy system, and suggestions on how to mitigate them.

This episode is sponsored by QA Wolf.

Jonathan Horvath of Z-bit discusses physical access control systems (PACS) with host Jeremy Jung. They start with an overview of PACS components and discuss the proprietary nature of the industry, the slow pace of migration to open standards, and why Windows is commonly used. Jonathan describes the security implications of moving from isolated networks to the cloud, as well as credential vulnerabilities, encryption using symmetric keys versus asymmetric keys, and the risks related to cloning credentials. They also consider several standards, including moving from Wiegand to the Open Supervised Device Protocol (OSDP), as well as the Public Key Open Credential (PKOC) standard, and the open source OSDP implementation that Jonathan authored.

Brought to you by IEEE Computer Society and IEEE Software magazine.

_{-- Delivered by Feed43 service}