Software Engineering Radio - the podcast for professional software developers

Sahaj Garg, co-founder and CTO of Wispr, a voice-to-text AI that turns speech into polished writing, talks with host Amey Ambade about designing systems for the ambiguity that's inherent in human input (text, voice, multimodal). Sahaj focuses on concrete architectural and training strategies for building robust AI systems. This episode examines the problem of ambiguity, where it shows up, building robust systems, personalization, communicating uncertainty, and evaluation. The conversation starts by exploring the difference between inherent and reducible ambiguity, major categories of ambiguity including lexical, syntactic, and pragmatic, and the additional sources of ambiguity in voice, such as homophones and accents. Garg details how to build systems through model training, including providing additional context and constructing datasets for good annotation. They discuss personalization with a focus on "revealed preferences"—learning from user behavior without explicit feedback—and fighting the problem of AI writing that "regresses to the mean." Finally, they consider how to communicate uncertainty to users without degrading the experience, as well as methods for evaluating ambiguity resolution through offline and online signals.

Costa Alexoglou, co-founder of the open source Hopp pair-programming application, talks with host Brijesh Ammanath about remote pair programming. They start with a quick introduction to pair programming and its importance to software development before discussing the various problems with the current toolset available and the challenges that tool developers face for enabling pair programming. They consider the key features necessary for a good pair-programming tool, and then Costa describes the journey of building Hopp and the challenges faced while building it.

Héctor Ramón Jiménez, creator of iced, an Elm-inspired, cross-platform GUI toolkit for Rust, speaks with SE Radio host Gavin Henry about building a GUI library in Rust. Héctor discusses why he created iced, what was needed, the process required to paint on the screen across different operating systems, how multi-operating systems are handled, and what the iced testing ecosystem is like. This episode explores the Elm architecture, how iced compares to other frameworks, what the core components of iced are, Elements, asynchronous functions, state, threads, 3d rendering, headless mode testing, end-to-end testing, test recorders, runtime emulators, ice test syntax, example apps, tiny-skia, DirectX, Vulkan, Metal, winit, wgpu, egui, tauri, comet, and why Android and iOS support is hard.

Dan Lorenc, co-founder and CEO of Chainguard, joins host Priyanka Raghavan to explore Sigstore and its role in securing the software supply chain. They unpack the challenges of supply chain security, including verifying the origin and integrity of software artifacts, and explain the problems Sigstore is designed to solve. The conversation goes under the hood to examine how Sigstore works, covering key components such as code signing, verification, the certificate authority model, and transparency logs—often compared conceptually to blockchain for their auditability. The episode also highlights real-world adoption, community resources for getting started, and closes with a discussion of Chainguard Images and how development teams can use them to build with more secure base images. This episode is sponsored by IEEE Computer Society.

Scott Hanselman, the VP of Developer Community at Microsoft, speaks with host Jeremy Jung about AI-assisted coding. They start by considering how the tools are a progression from syntax highlighting and autocomplete. Scott describes the ambiguity and non-determinism of agentic loops, why vague high-level prompts usually don't give good results, and the need to express intent and steer the models. He explains how knowing fundamentals helps you create better plans and know what to ask the models, and how to treat agents differently based on your knowledge level. He discusses his experience porting Windows Live Writer to a modern .NET stack, and defining success and providing tools for models to verify their work. Finally, he explains why you need to read and understand generated code in production environments, plus methods for sandboxing agents.

Marc Brooker, VP and Distinguished Engineer at AWS, joins host Kanchan Shringi to explore specification-driven development as a scalable alternative to prompt-by-prompt "vibe coding" in AI-assisted software engineering. Marc explains how accelerating code generation shifts the bottleneck to requirements, design, testing, and validation, making explicit specifications the central artifact for maintaining quality and velocity over time. He describes how specifications can guide both code generation and automated testing, including property-based testing, enabling teams to catch regressions earlier and reason about behavior without relying on line-by-line code review. The conversation examines how spec-driven development fits into modern SDLC practices; how AI agents can support design, code review, documentation, and testing; and why managing context is now one of the hardest problems in agentic development. Marc shares examples from AWS, including building drivers and cloud services using this approach, and discusses the role of modularity, APIs, and strong typing in making both humans and AI more effective. The episode concludes with guidance on rollout, evaluation metrics, cultural readiness, and why AI-driven development shifts the engineer's role toward problem definition, system design, and long-term maintainability rather than raw code production. Brought to you by IEEE Computer Society and IEEE Software magazine.

Bryan Cantrill, the co-founder and CTO of Oxide Computer company, speaks with host Jeremy Jung about challenges in deploying hardware on-premises at scale. They discuss the difficulty of building up Samsung data centers with off-the-shelf hardware, how vendors silently replace components that cause performance problems, and why AWS and Google build their own hardware. Bryan describes the security vulnerabilities and poor practices built into many baseboard management controllers, the purpose of a control plane, and his experiences building one in NodeJS while struggling with the runtime's future during his time at Joyent. He explains why Oxide chose to use Rust for its control plane and the OpenSolaris-based Illumos as the operating system for their vertically integrated rack-scale hardware, which is designed to help address a number of these key challenges. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jens Gustedt, author of Modern C, senior scientist at the French National Institute for Computer Science and Control (INRIA), deputy director of the ICube lab, and former co-editor of the ISO C standard, speaks with SE Radio host Gavin Henry about the past 5 years in C, C2Y, and C23. They discuss what has happened in the C world since we last spoke 5 years ago, including how the latest C standard is going and what to expect. Jens discusses how the latest changes in the Modern C book apply to you, how a C transition header can help you get up to C23 if you're not there already, and presents a comprehensive approach for program failure. This episode explores C2Y, C23, bit-precise types, stdckdint.h, stdbit.h, 128 bit types, enumeration types, nullptr, Syntactic annotations, auto and typeof keywords, if let, as well as what's being added and removed in C2Y (possibly called "C28"), and Gustedt's four categories of program failure. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode, Subhajit Paul joins SE Radio host Kanchan Shringi to discuss how enterprise resource planning (ERP) systems work in practice and where machine learning and generative AI are beginning to fit into real-world ERP environments. Subhajit grounds the conversation in ERP fundamentals, explaining core business flows such as order-to-cash, procure-to-pay, and plan-to-produce, and why ERP systems are central to running large enterprises. He then walks through the realities of ERP implementation, sharing examples of both successful and failed projects and highlighting common challenges around testing, process coverage, integrations, and change management. The discussion also explores how AI is being applied in ERP today, including practical ML use cases such as inventory optimization and anomaly detection, as well as emerging generative AI and agent-based approaches. Brought to you by IEEE Computer Society and IEEE Software magazine.

Yechezkel "Chez" Rabinovich, CTO and co-founder at Groundcover, joins SE Radio host Brijesh Ammanath to discuss the key challenges in migrating observability toolsets. The episode starts with a look at why customers might seek to migrate their existing Observability stack, and then Chez explains some approaches and techniques for doing so. The discussion turns to OpenTelemetry, including what it is and how Groundcover helps with the migration of dashboards, monitors, pipelines, and integrations that are proprietary to vendor products. Chez describes methods for validating a successful migration, as well as metrics and signals that engineering teams can use to assess the migration health. Brought to you by IEEE Computer Society and IEEE Software magazine.

Murat Erder, CTO for Financial Services at Valtech in Europe, and Eoin Woods, independent consultant in the field of software architecture, join host Giovanni Asproni to talk about Continuous Architecture—an approach to software design where architectural decisions are made and refined continuously throughout the lifecycle of a system, instead of up front in a big design phase. The show starts with a definition of Continuous Architecture and a description of the six principles underpinning it. Following that is an explanation of the main reasons and advantages of this approach, which finishes with some hints on how to get started using it. During the conversation, they explore several key points, including how to empower teams to take architectural decisions and recording those decisions; using feedback loops to refine the architecture; the role of software architects and architectural governance; the importance of focusing on quality requirements; and the impact of artificial intelligence on the field. Brought to you by IEEE Computer Society and IEEE Software magazine.

Sriram Panyam returns to the show to discuss the system design interview (SDI) with host Robert Blumen. This challenging part of the hiring process is included in the interview loop for many jobs across tech, including management and for all levels from entry to senior. The conversation starts with a look at what the SDI is, who will face it, and how critical this interview is for hiring and leveling. Sriram shares some common system design questions and what the interviewers are generally looking for, including stated versus unstated requirements and ambiguity in the questions. He offers recommendations on how candidates should disambiguate their designs and manage their time. He shares some personal stories of interview failures and successes, and even discusses some mistakes that interviewers make. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode, Sahaj Garg, CTO of wispr.ai, joins SE Radio host Robert Blumen to talk about the challenges of building low-latency AI applications. They discuss latency's effect on consumer behavior as well as interactive applications. The conversation explores how to measure latency and how scale impacts it. Then Sahaj and Robert shift to themes around AI, including whether "AI" means LLMs or something broader, as they look at latency requirements and challenges around subtypes of AI applications. The final part of the episode explores techniques for managing latency in AI: speed vs accuracy trade-offs; speed vs cost; latency vs cost; choosing the right model; reducing quantization; distillation; and guessing + validating. Brought to you by IEEE Computer Society and IEEE Software magazine.

Derick Schaefer, author of CLI: A Practical Guide to Creating Modern Command-Line Interfaces, talks with host Robert Blumen about command-line interfaces old and new. Starting with a short review of the origin of commands in the early unix systems, they trace the evolution of commands into modern CLIs. Following the historic rise, fall, and re-emergence of CLIs, they consider innovative examples such as git, github, WordPress, and warp. Schaefer clarifies whether commands are the same as CLIs and then discusses a range of topics, including implementation languages, packages in the golang ecosystem for CLI development, CLIs and APIs, CLIs and AIs, AI tooling versus MCP, the object-command pattern, command flags, API authentication, whether CLIs should be stateless, and output formats - json, rich text. Brought to you by IEEE Computer Society and IEEE Software magazine.

Max Geurnsey III and Luniel de Beer, co-authors of the book Ready: Why Most Software Projects Fail and How to Fix It, discuss the concept of readiness in software engineering with host Brijesh Ammanath. Although Agile workflows and technical practices help delivery, many software efforts still struggle to achieve desired outcomes. Rework, shifting requirements, delays, defects, and mounting technical debt can plague software delivery and impede or altogether halt progress toward goals. The problem is often that implementation begins prematurely, before the team is properly set up for success. A strict system of explicit readiness work and gating, called Requirements Maturation Flow (RMF), has the potential to solve this problem in an SDLC-independent way. Teams that adopt RMF can dramatically improve progress toward real goals while reducing stress on engineering teams. In this episode, Max and Luniel deep dive into RMF and explain its foundational pillars. Brought to you by IEEE Computer Society and IEEE Software magazine.

Mojtaba Sarooghi, a Distinguished Product Architect at Queue-it, speaks with host Jeremy Jung about virtual waiting rooms for high-traffic events such as concerts and limited-quantity product releases. They explore using a virtual queue to prevent overloading systems, how most traffic is from bots, using edge workers to reduce requests to the customer's origin servers, and strategies for detecting bots in cooperation with vendors. Mojtaba discusses using AWS services like Elastic Load Balancing, DynamoDB, and Simple Notification Service, and explains why DynamoDB's eventual consistency is a good fit for their domain. To explain the approach, he walks us through how his team resolved an incident in which a traffic spike overloaded their services. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode, Benjamin Brial, CEO and co-founder of Cycloid, speaks with host Sriram Panyam about internal developer platforms (IDPs) and internal developer portals. The conversation explores how these platforms address the growing challenges of DevOps scalability, multi-cloud complexity, and cloud waste, all of which organizations face as they grow. Benjamin begins by framing the core problems that IDPs solve: DevOps struggling to scale beyond small teams, the complexity of managing hybrid environments across on-premises, public cloud, and private cloud infrastructure, and the significant issue of cloud waste (averaging 35-45% according to major analysts). IDPs can serve as a bridge between DevOps teams and developers, providing access to tools, cloud resources, and automation for users who aren't DevOps or cloud experts. The technical discussion covers essential IDP components including service catalogs, versioning engines, platform orchestration, asset inventory, and FinOps/GreenOps modules. The episode concludes with Benjamin's practical advice: organizations should focus on understanding their specific pain points rather than following market trends, starting with simple use cases such as landing zones before building complex solutions, and adopt a GitOps-first approach as the foundation for any IDP implementation. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode of Software Engineering Radio, Srujana Merugu, an AI researcher with decades of experience, speaks with host Priyanka Raghavan about building LLM-based applications. The discussion begins by clarifying essential concepts like generative vs. predictive AI, pre-training vs. fine-tuning, and the transformer architecture that powers modern LLMs. Srujana explains diffusion models and vision transformers, highlighting how multimodal AI is reshaping content creation. The conversation then moves to practical aspects—where LLMs make sense, where they don't, and a decision framework for evaluating use cases. They explore common application patterns such as retrieval-augmented generation (RAG) and agentic architectures, breaking down components like planners, orchestrators, memory, and tools. Key considerations for model selection, evaluation metrics, and safety guardrails are discussed in depth. The episode also touches on prompting strategies, automated prompt optimization, and emerging trends like multi-sensory AI and the "Internet of Senses." Finally, Srujana shares tips on staying current in a fast-moving AI landscape and emphasizes lifelong learning and curated knowledge sources.

Philip Kiely, software developer relations lead at Baseten, speaks with host Jeff Doolittle about multi-agent AI, emphasizing how to build AI-native software beyond simple ChatGPT wrappers. Kiely advocates for composing multiple models and agents that take action to achieve complex user goals, rather than just producing information. He explains the transition from off-the-shelf models to custom solutions, driven by needs for domain-specific quality, latency improvements, and economic sustainability, which introduces the engineering challenge of inference engineering. Kiely stresses that AI engineering is primarily software engineering with new challenges, requiring robust observability and careful consideration of trust and safety through evals and alignment. He recommends an approach of iterative experimentation to get started with multi-agent AI systems. Brought to you by IEEE Computer Society and IEEE Software magazine.

Flavia Saldanha, a consulting data engineer, joins host Kanchan Shringi to discuss the evolution of data engineering from ETL (extract, transform, load) and data lakes to modern lakehouse architectures enriched with vector databases and embeddings. Flavia explains the industry's shift from treating data as a service to treating it as a product, emphasizing ownership, trust, and business context as critical for AI-readiness. She describes how unified pipelines now serve both business intelligence and AI use cases, combining structured and unstructured data while ensuring semantic enrichment and a single source of truth. She outlines key components of a modern data stack, including data marketplaces, observability tools, data quality checks, orchestration, and embedded governance with lineage tracking. This episode highlights strategies for abstracting tooling, future-proofing architectures, enforcing data privacy, and controlling AI-serving layers to prevent hallucinations. Saldanha concludes that data engineers must move beyond pure ETL thinking, embrace product and NLP skills, and work closely with MLOps, using AI as a co-pilot rather than a replacement. Brought to you by IEEE Computer Society and IEEE Software magazine.

Dave Thomas, author of The Pragmatic Programmer, The Manifesto for Agile Software Development, Programming Ruby, Agile Web Development with Rails, Programming Elixir, Simplicity, and co-founder of the Pragmatic Bookshelf, speaks with SE Radio host Gavin Henry about building infrastructure for eBooks. They discuss what an eBook is, the various formats, what infrastructure is needed to build them, how an author writes an book, the history of the Pragmatic Bookshelf, how they have evolved, how to handle links within eBooks, why humans are so important in the writing process, and why AI can help with your writing -- once you've written your content. Thomas discusses PDFs, eBooks, Mobi files, ePub files, CI/CD pipelines, WYSWYG, Markdown files, Pragmatic Markup Language, embedding code, AI agents, images, printing PDFs, JVMs, Java, jRuby, and how Markdown won the plain text writing format wars. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jennings Anderson, a Software Engineer with Meta Platforms, and Amy Rose, the Chief Technology Officer at Overture Maps Foundation, speak with host Gregory M. Kapfhammer about the Overture Maps project, which creates reliable, easy-to-use, and interoperable open map data. After exploring the foundations of geospatial information systems, Gregory and his guests dive deep into the implementation of Overture Maps through features like the Global Entity Reference System (GERS). In addition to discussing the organizational structure of the Overture Maps Foundation and the need for a unified database of geospatial data, Jennings and Amy explain how to implement applications using data from Overture Maps. Brought to you by IEEE Computer Society and IEEE Software magazine.

Mark Williamson, CTO of Undo, joins host Priyanka Raghavan to discuss AI-assisted debugging. The conversation is structured around three main objectives: understanding how AI can serve as a debugging assistant;  examining AI-powered debugging tools; exploring whether AI debuggers can independently find and fix bugs. Mark highlights how AI can support debugging with its ability to analyze vast amounts of data, narrow down issues, and even generate tests. From there, the discussion turns to AI debugging tools, with a particular look at ChatDBG's strengths and limitations, with a peek at time travel debugging. In the final segment, they consider several real-world scenarios and evaluate the feasibility and practicality of AI acting autonomously in debugging. Brought to you by IEEE Computer Society and IEEE Software magazine.

Sourabh Satish, CTO and co-founder of Pangea, speaks with SE Radio's Brijesh Ammanath about prompt injection. Sourabh begins with the basic concepts underlying prompt injection and the key risks it introduces. From there, they take a deep dive into the OWASP Top 10 security concerns for LLMs, and Sourabh explains why prompt injection is the top risk in this list. He describes the $10K Prompt Injection challenge that Pangea ran, and explains the key learnings from the challenge. The episode finishes with discussion of specific prompt-injection techniques and the security guardrails used to counter the risk. Brought to you by IEEE Computer Society and IEEE Software magazine.

Kacper Łukawski, a Senior Developer Advocate at Qdrant, speaks with host Gregory M. Kapfhammer about the Qdrant vector database and similarity search engine. After introducing vector databases and the foundational concepts undergirding similarity search, they dive deep into the Rust-based implementation of Qdrant. Along with comparing and contrasting different vector databases, they also explore the best practices for the performance evaluation of systems like Qdrant. Kacper and Gregory also discuss topics such as the steps for using Python to build an AI-powered application that uses Qdrant. Brought to you by IEEE Computer Society and IEEE Software magazine.

Florian Gilcher, co-founder of Ferrous Systems and the Rust Foundation, speaks with host Giovanni Asproni about the application of Rust in mission- and safety-critical systems. The discussion starts with a brief overview of such systems, and an introduction to Rust, emphasizing aspects that make it well-suited for critical environments. Florian and Giovanni then discuss how Rust compares to C and C++ — two widely used languages in this sector. They proceed to outline important factors that companies should consider when assessing whether to move from C or other languages to Rust. The episode also touches on Ferrocene, an open-source Rust toolchain qualified for safety- and mission-critical systems, which was developed and supported by Ferrous Systems. The conversation ends with some reflections on the future of Rust for mission- and safety-critical applications. Brought to you by IEEE Computer Society and IEEE Software magazine.

Amey Desai, the Chief Technology Officer at Nexla, speaks with host Sriram Panyam about the Model Context Protocol (MCP) and its role in enabling agentic AI systems. The conversation begins with the fundamental challenge that led to MCP's creation: the proliferation of "spaghetti code" and custom integrations as developers tried to connect LLMs to various data sources and APIs. Before MCP, engineers were writing extensive scaffolding code using frameworks such as LangChain and Haystack, spending more time on integration challenges than solving actual business problems. Desai illustrates this with concrete examples, such as building GitHub analytics to track engineering team performance. Previously, this required custom code for multiple API calls, error handling, and orchestration. With MCP, these operations can be defined as simple tool calls, allowing the LLM to handle sequencing and error management in a structured, reasonable manner. The episode explores emerging patterns in MCP development, including auction bidding patterns for multi-agent coordination and orchestration strategies. Desai shares detailed examples from Nexla's work, including a PDF processing system that intelligently routes documents to appropriate tools based on content type, and a data labeling system that coordinates multiple specialized agents. The conversation also touches on Google's competing A2A (Agent-to-Agent) protocol, which Desai positions as solving horizontal agent coordination versus MCP's vertical tool integration approach. He expresses skepticism about A2A's reliability in production environments, comparing it to peer-to-peer systems where failure rates compound across distributed components. Desai concludes with practical advice for enterprises and engineers, emphasizing the importance of embracing AI experimentation while focusing on governance and security rather than getting paralyzed by concerns about hallucination. He recommends starting with simple, high-value use cases like automated deployment pipelines and gradually building expertise with MCP-based solutions. Brought to you by IEEE Computer Society and IEEE Software magazine.

Daniel Stenberg, Swedish Internet protocol expert and founder and lead developer of the Curl project, speaks with SE Radio host Gavin Henry about removing Rust from Curl. They discuss why Hyper was removed from curl, why the last five percent of making it a success was difficult, what the project gained from the 5-year attempt to tackle bringing Rust into a C project, lessons learned for next time, why user support is critical, and the positive long-lasting impact this attempt had. Brought to you by IEEE Computer Society and IEEE Software magazine.

Elizabeth Figura, a Wine Developer at CodeWeavers, speaks with SE Radio host Jeremy Jung about the Wine compatibility layer and the Proton distribution. They discuss a wide range of details including system calls, what people run with Wine, how games are built differently, conformance and regression testing, native performance, emulating a CPU vs emulating system calls, the role of the Proton downstream distribution, improving Wine compatibility by patching the Linux kernel and other related projects, Wine's history and sustainment, the Crossover commercial distribution, porting games without source code, loading executables and linked libraries, the difference between user space and kernel space, poor Windows API documentation and use of private APIs, debugging compatibility issues, and contributing to the project. This episode is sponsored by Monday Dev

François Daoust, W3C staff member and co-chair of the Web Developer Experience Community Group, discusses the origins of the W3C, the browser standardization process, and how it relates to other organizations like TC39, WHATWG, and IETF. This episode covers a lot of ground, including funding through memberships, royalty-free patent access for implementations, why implementations are built in parallel with the specifications, why requestVideoFrameCallback doesn't have a formal specification, balancing functionality with privacy, working group participants, and how certain organizations have more power. François explains why the W3C hasn't specified a video or audio codec, and discusses Media Source Extensions, Encrypted Media Extensions and Digital Rights Management (DRM), closed source content decryption modules such as Widevine and PlayReady, which ship with browsers, and informing developers about which features are available in browsers. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode, Will Wilson, CEO and co-founder of Antithesis, explores Deterministic Simulation Testing (DST) with host Sriram Panyam. Wilson was part of the pioneering team at FoundationDB that developed this revolutionary testing approach, which was later acquired by Apple in 2015. After seeing that even sophisticated organizations lacked robust testing for distributed systems, Wilson co-founded Antithesis in 2018 to make DST commercially available. Deterministic simulation testing runs software in a fully controlled, simulated environment in which all sources of non-determinism are eliminated or controlled. Unlike traditional testing or chaos engineering, DST operates in a separate environment from production, allowing for aggressive fault injection without risk to live systems. The key breakthrough is perfect reproducibility -- any bug found can be recreated exactly using the same random seed. Antithesis built "The Determinator," a custom deterministic hypervisor that simulates entire software stacks including virtual hardware, networking, and time. The system can compress years of stress testing into shorter timeframes by running simulations faster than wall-clock time. All external interfaces that could introduce non-determinism (network calls, disk I/O, system time) are mocked or controlled by the simulator. The approach has proven effective with major organizations including MongoDB, Palantir, and Ethereum. For Ethereum's critical "Merge" upgrade in 2022, Antithesis found and helped fix several serious bugs that could have been catastrophic for the live network. The platform typically finds bugs that traditional testing methods miss entirely -- such as those arising from rare race conditions, complex timing issues, and unexpected system interactions. This episode is sponsored by Monday Dev

Daniel Deogun and Dan Bergh Johnsson -- two of the co-authors of the book, Secure by Design -- discuss the intersection of good software design and security with host Sam Taggart. They describe how following certain software design principles can help developers create secure software without needing to become security experts. They talked about how this is the continuation of developers taking on more responsibilities: Agile asked developers to become responsible for testing their code. DevOps asked developers to work together with operations in deploying their code. Secure by Design asks developers to incorporate security into their designs. Brought to you by IEEE Computer Society and IEEE Software magazine.

Artie Shevchenko, author of Code Health Guardian, speaks with host Jeff Doolittle about the crucial role of human programmers in the AI era, emphasizing that humans must excel at managing code complexity. Shevchenko discusses these concepts and key takeaways from his book, including the three problems caused by complexity: change amplification, cognitive load, and the most severe, unknown unknowns. He suggests that maintaining code health should be viewed pragmatically as a productivity question, requiring an ownership mentality and product focus to balance short-term delivery with long-term maintainability. The episode also covers vital processes such as using design documents for upfront analysis and code reviews, highlighting four goals: high code quality, knowledge sharing, delivery speed, and -- most important for team productivity -- psychological safety. This episode is sponsored by Monday Dev

Duncan McGregor and Nat Pryce, co-authors of Java to Kotlin: Refactoring Guidebook, speak with host Giovanni Asproni about their hands-on experiences migrating Java codebases. The episode starts by highlighting Kotlin's seamless interoperability with Java, allowing teams to incrementally adopt Kotlin without disrupting existing Java code. Duncan and Nat then describe some of the benefits of using Kotlin — including stronger type safety, non-nullable types, and better support for immutability — and some of the gotchas when refactoring from Java to Kotlin due to the different idioms supported by the two languages. Finally, they discuss the importance of testing and tooling, and the evolving role of AI-assisted tools in complex and large-scale refactorings — in the context of work done by teams, as opposed to individuals. This episode is sponsored by Monday Dev

Qian Li of DBOS, a durable execution platform born from research by the creators of Postgres and Spark, speaks with host Kanchan Shringi about building durable, observable, and scalable software systems, and why that matters for modern applications. They discuss database-backed program state, workflow orchestration, real-world AI use cases, and comparisons with other workflow technologies. Li explains how DBOS persists not just application data but also program execution state in Postgres to enable automatic recovery and exactly-once execution. She outlines how DBOS uses workflow and step annotations to build deterministic, fault-tolerant flows for everything from e-commerce checkouts to LLM-powered agents. Observability features, including SQL-accessible state tables and a time-travel debugger, allow developers and business users to understand and troubleshoot system behavior. Finally, she compares DBOS with tools like Temporal and AWS Step Functions. Brought to you by IEEE Computer Society and IEEE Software magazine.

Luke Hinds, CTO of Stacklok and creator of Sigstore, speaks with SE Radio's Brijesh Ammanath about the privacy and security concerns of using AI coding agents. They discuss how the increased use of AI coding assistants has improved programmer productivity but has also introduced certain key risks. In the area of secrets management, for example, there is the risk of secrets being passed to LLMs. Coding assistants can also introduce dependency-management risks that can be exploited by malicious actors. Luke recommends several tools and behaviors that programmers can adopt to ensure that secrets do not get leaked. Brought to you by IEEE Computer Society and IEEE Software magazine.

Wesley Beary of Anchor speaks with host Sam Taggart about designing APIs with a particular emphasis on user experience. Wesley discusses what it means to be an "API connoisseur"— paying attention to what makes the APIs we consume enjoyable or frustrating and then taking those lessons and using them when we design our own APIs. Wesley and Sam also explore the many challenges developers face when designing APIs, such as coming up with good abstractions, testing, getting user feedback, documentation, security, and versioning. They address both CLI and web APIs. This episode is sponsored by Fly.io.

Chris Love, co-author of the book Core Kubernetes, joins host Robert Blumen for a conversation about kubernetes security. Chris identifies the node layer, secrets management, the network layer, contains, and pods as the most critical areas to be addressed. The conversation explores a range of topics, including when to accept defaults and when to override; differences between self-managed clusters and cloud-service provider-managed clusters; and what can go wrong at each layer -- and how to address these issues. They further discuss managing the node layer; network security best practices; kubernetes secrets and integration with cloud-service provider secrets; container security; pod security, and Chris offers his views on policy-as-code frameworks and scanners. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jacob Visovatti and Conner Goodrum of Deepgram speak with host Kanchan Shringi about testing ML models for enterprise use and why it's critical for product reliability and quality. They discuss the challenges of testing machine learning models in enterprise environments, especially in foundational AI contexts. The conversation particularly highlights the differences in testing needs between companies that build ML models from scratch and those that rely on existing infrastructure. Jacob and Conner describe how testing is more complex in ML systems due to unstructured inputs, varied data distribution, and real-time use cases, in contrast to traditional software testing frameworks such as the testing pyramid. To address the difficulty of ensuring LLM quality, they advocate for iterative feedback loops, robust observability, and production-like testing environments. Both guests underscore that testing and quality assurance are interdisciplinary efforts that involve data scientists, ML engineers, software engineers, and product managers. Finally, this episode touches on the importance of synthetic data generation, fuzz testing, automated retraining pipelines, and responsible model deployment—especially when handling sensitive or regulated enterprise data. Brought to you by IEEE Computer Society and IEEE Software magazine.

Samuel Colvin, the CEO and founder of Pydantic, speaks with host Gregory M. Kapfhammer about the ecosystem of Pydantic's Python frameworks, including Pydantic, Pydantic AI, and Pydantic Logfire. Along with discussing the design, implementation, and use of these frameworks, they dive into the refactoring of Pydantic and the follow-on performance improvements. They also explore ways in which Python programmers can use these three frameworks to build, test, evaluate, and monitor their own applications that interact with both local and cloud-based large language models. Brought to you by IEEE Computer Society and IEEE Software magazine.

Brian Demers, Developer Advocate at Gradle, speaks with host Giovanni Asproni about the importance of having observability in the toolchain. Such information about build times, compiler warnings, test executions, and any other system used to build the production code can help to reduce defects, increase productivity, and improve the developer experience. During the conversation they touch upon what is possible with today's tools; the impact on productivity and developer experience; and the impact, both in terms of risks and opportunities, introduced by the use of artificial intelligence. Brought to you by IEEE Computer Society and IEEE Software magazine.

Vilhelm von Ehrenheim, co-founder and chief AI officer of QA.tech, speaks with SE Radio's Brijesh Ammanath about autonomous testing. The discussion starts by covering the fundamentals, and how testing has evolved from manual to automated to now autonomous. Vilhelm then deep dives into the details of autonomous testing and the role of agents in autonomous testing. They consider the challenges in adopting autonomous testing, and Wilhelm describes the experiences of some clients who have made the transition. Toward the end of the show, Vilhelm describes the impact of autonomous testing on the traditional QA career and what test professionals can do to upskill. This episode is sponsored by Fly.io.

In this episode of Software Engineering Radio, Abhinav Kimothi sits down with host Priyanka Raghavan to explore retrieval-augmented generation (RAG), drawing insights from Abhinav's book, A Simple Guide to Retrieval-Augmented Generation. The conversation begins with an introduction to key concepts, including large language models (LLMs), context windows, RAG, hallucinations, and real-world use cases. They then delve into the essential components and design considerations for building a RAG-enabled system, covering topics such as retrievers, prompt augmentation, indexing pipelines, retrieval strategies, and the generation process. The discussion also touches on critical aspects like data chunking and the distinctions between open-source and pre-trained models. The episode concludes with a forward-looking perspective on the future of RAG and its evolving role in the industry. Brought to you by IEEE Computer Society and IEEE Software magazine.

Luca Palmieri, author of Zero to Production in Rust and Principal Engineering Consultant at MainMatter, speaks with SE Radio host Gavin Henry about Rust in production. They discuss what production Rust means, how to get Rust code into production, specific Rust issues to think about when getting an application into production, what Rust profiles are, expected performance, telemetry options, error handling and what parts of Rust to use and avoid.  Palmieri discusses docker containers, tracing, robust Rust error handling, how performant Rust is in the real world, p50, p99, docker build techniques, project layouts, crates, speeding up Rust build times, unwrap(), panics, budgeting resources, inner development loops, the Facade Pattern, structured logging, and how to always use clippy. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode, SE Radio host Sriram Panyam explores HTMX with its creator, Carson Gross, who is also creator of Hyperscript, the mind behind the Grug Brained Developer, a professor of software engineering at Montana State University, and co-author of Hypermedia Systems. HTMX is a modern JavaScript library that allows developers to access AJAX, WebSockets, CSS Transitions, and Server-Sent Events directly in HTML using attributes. It represents a return to hypermedia-driven application architecture while supporting modern user experiences. The episode starts with a look at the current complexity in web development and how HTMX offers an alternative approach. Carson explains the core philosophy of "HTML as the interface" and how hypermedia principles influenced HTMX's design. From there, they dive into HTMX's technical concepts, including its attribute system, server-side integration, event handling, and state management approach. Carson shares some real-world implementation strategies, including migration paths from JavaScript frameworks, architectural patterns, and performance considerations -- as well as a few scenarios in which HTMX might not be the best fit. Finally, they look at the growing HTMX ecosystem, community contributions, and future development roadmap. Throughout the episode, Carson provides concrete examples and case studies of HTMX in production environments. Brought to you by IEEE Computer Society and IEEE Software magazine.

Matthias Endler, Rust developer, open-source maintainer, and consultant through his company Corrode, speaks with SE Radio host Gavin Henry about prototyping in Rust. They discuss prototyping and why Rust is excellent for prototyping, and Matthias recommends a workflow for it, including what parts of Rust to use, and what parts to avoid at this stage. He describes the key components that Rust provides to help us validate ideas via prototypes, as well as tips and tricks to reach for.  In addition, the conversation explores type inference, unwrap(), expect(), anyhow crate, bacon crate, cargo-script, Rust macros to use, generics, lifetimes, best practices, project layout styles, and how to design through types. Brought to you by IEEE Computer Society and IEEE Software magazine.

Will McGugan, the CEO and founder of Textualize, speaks with host Gregory M. Kapfhammer about how to use packages such as Rich and Textual to build text-based user interfaces (TUIs) and command-line interfaces (CLIs) in Python. Along with discussing the design idioms that enable developers to create TUIs in Python, they consider practical strategies for efficiently rendering the components of a TUI. They also explore the subtle idiosyncrasies of implementing performant TUI frameworks like Textual and Rich and introduce the steps that developers would take to create their own CLI or TUI. This episode is sponsored by Fly.io.

Steve Summers speaks with SE Radio host Sam Taggart about securing test and measurement equipment. They start by differentiating between IT and OT (Operational Technology) and then discuss the threat model and how security has evolved in the OT space, including a look some of the key drivers. They then examine security challenges associated with a specific device called a CompactRIO, which combines a Linux real-time CPU with a field programmable gate array (FPGA) and some analog hardware for capturing signals and interacting with real-world devices. Brought to you by IEEE Computer Society and IEEE Software magazine.

Ashley Peacock, the author of Serverless Apps on Cloudflare, speaks with host Jeremy Jung about content delivery networks (CDNs). Along the way, they examine dependency injection with bindings, local development, serverless, cold starts, the V8 runtime, AWS Lambda vs Cloudflare workers, WebAssembly limitations, and core services such as R2, D1, KV, and Pages. Ashley suggests why most users use an external database and discusses eventually consistent data stores, S3-to-R2 migration strategies, queues and workflows, inter-service communication, durable objects, and describes some example projects. Brought to you by IEEE Computer Society and IEEE Software magazine.

Eran Yahav, Professor of Computer Science at Technion, Israel, and CTO of Tabnine, speaks with host Gregory M. Kapfhammer about the Tabnine AI coding assistant. They discuss how the design and implementation allows software engineers to use code completion and perform tasks such as automated code review while still maintaining developer privacy. Eran and Gregory also explore how research in the field of natural language processing (NLP) and large language models (LLMs) has informed the features in Tabnine. Brought to you by IEEE Computer Society and IEEE Software magazine.

Malcolm Matalka, founder of Terrateam, joins host Giovanni Asproni to talk about the reasoning behind choosing a not-so-widespread language (OCaml) and (almost) totally avoiding frameworks for the development of Terrateam. While discussing the reasons for choosing this specific programming language and the advantages and disadvantages of using external frameworks, they also consider a range of related topics, including static vs. dynamic typing, the use of monorepos, and the advantages of choosing a single language that can be used both for web front ends and server back ends. The episode ends with lessons learned that can be applied to other contexts and projects. Brought to you by IEEE Computer Society and IEEE Software magazine.

Emre Baran, CEO and co-founder of Cerbos, and Alex Olivier, CPO and co-founder, join SE Radio host Priyanka Raghavan to explore "stateless decoupled authorization frameworks. The discussion begins with an introduction to key terms, including authorization, authorization models, and decoupled frameworks. They dive into the challenges of building decoupled authorization, as well as the benefits of this approach and the operational hurdles. The conversation shifts to Cerbos, an open-source policy-based access control framework, comparing it with OPA (Open Policy Agent). They also delve into Cerbos's technical workings, including specification definitions, GitOps integration, examples of usage, and deployment strategies. The episode concludes with insights into potential trends in the authorization space. This episode is sponsored by Penn Carey Law school

Tyler Flint, CEO of qpoint.io, joins host Robert Blumen for a conversation about managing external vendor dependencies, including several best practices for adoption. They start with a look at internal versus external services, including details such as the footprint of external services within a micro-services application, and difficulties organizations have tracking their service consumption, quantifying service consumption, and auditing external services. Tyler also discusses the security implications of external services, including authentication and authorization. They examine metrics and monitoring, with recommendations on the key metrics to collect, as well as acceptable error rates for external services. From there they consider what can go wrong, how to respond to external service outages, and challenges related to testing external services. The episode wraps up with a discussion of qPoint's migration from a proxy-based solution to one based on eBPF kernel probes. Brought to you by IEEE Computer Society and IEEE Software magazine.

Software architect and author Vlad Khononov joins host Jeff Doolittle for a discussion on balancing coupling in software design. They start by examining coupling and its relationship to complexity and modularity. Vlad explains the historical models for assessing coupling and introduces his updated approach, integration strength, which aims to simplify earlier frameworks and adapt them for modern practices. The episode explores three dimensions of coupling: integration strength (knowledge sharing), distance (proximity of components), and volatility (likelihood of change). Vlad illustrates how design decisions can lead systems toward complexity or modularity, and he emphasizes the importance of managing coupling to minimize cognitive load and cascading changes. The conversation wraps up with insights on applying these principles to real-world software projects and a reminder of coupling's critical role in software architecture. Brought to you by IEEE Computer Society and IEEE Software magazine.

Sunil Mallya, co-founder and CTO of Flip AI, discusses small language models with host Brijesh Ammanath. They begin by considering the technical distinctions between SLMs and large language models.  LLMs excel in generating complex outputs across various natural language processing tasks, leveraging extensive training datasets on with massive GPU clusters. However, this capability comes with high computational costs and concerns about efficiency, particularly in applications that are specific to a given enterprise. To address this, many enterprises are turning to SLMs, fine-tuned on domain-specific datasets. The lower computational requirements and memory usage make SLMs suitable for real-time applications. By focusing on specific domains, SLMs can achieve greater accuracy and relevance aligned with specialized terminologies. The selection of SLMs depends on specific application requirements. Additional influencing factors include the availability of training data, implementation complexity, and adaptability to changing information, allowing organizations to align their choices with operational needs and constraints. This episode is sponsored by Codegate.

Pete Warden, CEO of Useful Sensors and a founding member of the TensorFlow team at Google, discusses TinyML, the technology enabling machine learning on low-power, small-footprint devices. This innovation opens up applications such as voice-controlled devices, offline translation tools, and smarter embedded systems, which are crucial for privacy and efficiency. SE Radio host Kanchan Shringi speaks with Warden about challenges like model compression, deployment constraints, and privacy concerns. They also explore applications in agriculture, healthcare, and consumer electronics, and close with some practical advice from Pete for newcomers to TinyML development. Brought to you by IEEE Computer Society and IEEE Software magazine.

Brenden Matthews, a seasoned software engineer, entrepreneur, and author of the Idiomatic Rust and Code Like a Pro in Rust books (both from Manning), speaks with SE Radio host Gavin Henry about Idiomatic Rust. They start with a look at what "idiomatic" means, and then discuss Generics, Traits, common design patterns you'll see in well written Rust code, and anti-patterns to avoid. Matthews suggests some tools that can help you immediately write idiomatic Rust, as well as what building blocks can also help. This episode examines what Generics are and how they compare to other languages, as well as what Traits are, how macros help, what a Fluent Interface is, and why unwrap() is bad. They also discuss what code smells to look out for, Clone, Copy, and a really nice place to go read real-world Idiomatic Rust code. Brought to you by IEEE Computer Society and IEEE Software magazine.

Tanya Janca, author of Alice and Bob Learn Secure Coding, discusses secure coding and secure software development life cycle with SE Radio host Brijesh Ammanath. This session explores how integrating security into every phase of the SDLC helps prevent vulnerabilities from slipping into production. Tanya strongly recommends defining security requirements early, and discusses the importance of threat modeling during design, secure coding practices, testing strategies such as static, dynamic, and interactive application security testing (SAST, DAST and IAST), and the need for continuous monitoring and improvement after deployment. This episode is sponsored by Codegate.ai

Hong Minhee, an open source developer and creator of the Fedify ActivityPub library, discusses the ActivityPub protocol and the fediverse with SE Radio's Jeremy Jung. They explore ActivityPub use cases, including microblogging applications such as Mastodon and Misskey, as well as activities built into the specification such as Like, Follow, and Accept. They also discuss extending the specification to include properties like Discoverable and Suspended, how different implementations communicate when they don't implement the same extensions, ND the use of JSON-LD and why it is challenging to implement. Finally, they consider the HTTP-based inbox communication model, difficulties with scaling when using a push rather than a pull model, account migration, and resources for implementing the ActivityPub specification. Brought to you by IEEE Computer Society and IEEE Software magazine.

Ivett Ördög speaks with host Sam Taggart about rewrite versus refactor -- a choice that many projects face as they grow. It's a topic that inspires a lot of dogmatic feelings. They discuss how companies and projects end up at this crossroads and consider some strategies to try to avoid it. Ivett challenges the myth that you should never rewrite but points to two key factors that need to be present for a successful large-scale rewrite or refactor. They end by talking about how to get management on board for such large-scale rewrite or refactor projects. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode, Charles Humble speaks withhost Brijesh Ammanath about skills that can provide developers a grounding in systems thinking. Charles is a 30-year veteran of the IT industry, including as a former software engineer, architect, and CTO, as well as former editor in chief of InfoQ and chief editor for Container Solutions. He has published "Professional Skills for Software Engineers" as a series of 14 O'Reilly shortcuts covering communication, critical thinking, documentation, and networking. Underlying his work is the idea that as complexity increases in IT systems, the roles of architects and leaders move from linear thinking to something that might be more broadly defined as systems thinking -- looking at problems and systems as a whole rather than just the individual parts. This requires a skill set that isn't generally taught or widely valued as an industry -- in part, because it's hard to test in whiteboard interviews. It requires a mixture of communication skills; interpersonal skills; critical thinking; the ability to synthesize large amounts of information.  Brought to you by IEEE Computer Society and IEEE Software magazine.  

Chris Patterson, founder and principal architect of MassTransit, joins host Jeff Doolittle to discuss MassTransit, a message bus framework for building distributed systems. The conversation begins with an exploration of message buses, their role in asynchronous and durable application design, and how frameworks like MassTransit simplify event-driven programming in .NET. Chris explains concepts like pub/sub, durable messaging, and the benefits of decoupled architectures for scaling and reliability.  The discussion also delves into advanced topics such as sagas, stateful consumers for orchestrating complex processes, and how MassTransit supports patterns like outbox and routing slips for ensuring transactional consistency. Chris highlights the importance of observability in distributed systems, sharing how MassTransit integrates with tools like OpenTelemetry to provide comprehensive monitoring. The episode includes advice on adopting event-driven approaches, overcoming leadership hesitancy, and ensuring secure and efficient implementations. Chris emphasizes the balance between leveraging cutting-edge tools and addressing real-world challenges in software architecture. Brought to you by IEEE Computer Society and IEEE Software magazine.

Asanka Abeysinghe, CTO at WSO2, joins host Giovanni Asproni to discuss cell-based architecture -- a style that's intended to combine application, deployment, and team architecture to help organizations respond quickly to changes in the business environment, customer requirements, or enterprise strategy. Cell-based architecture is aimed at creating scalable, modular, composable systems with effective governance mechanisms. The conversation starts by introducing the context and some vocabulary before exploring details about the main elements of the architecture and how they fit together. Finally, Asanka offers some advice on how to implement a cell-based architecture in practice. Brought to you by IEEE Computer Society and IEEE Software magazine. Related Episodes SE Radio 396: Barry O'Reilly on Antifragile Architecture SE Radio 331: Kevin Goldsmith on Architecture and Organizational Design SE Radio 263: Camille Fournier on Real-World Distributed Systems SE Radio 236: Rebecca Parsons on Evolutionary Architecture SE Radio 213: James Lewis on Microservices SE Radio 210: Stefan Tilkov on Architecture and Micro Services SE Radio 203: Leslie Lamport on Distributed Systems

Christian Mesh, tech lead of the OpenTofu project, speaks with host Robert Blumen about OpenTofu. They start with the history of terraform, terraform providers, license changes to open source projects, the origin of OpenTofu as a fork of terraform, and the structure of the OpenTofu organization. They further explore compatibility issues for HCL, providers, and modules, performance issues, and adoption, as well as significant features in the OpenTofu-included dynamic-provider iteration, and the roadmap for the project going forward. Brought to you by IEEE Computer Society and IEEE Software magazine.

Paul Frazee, CTO of Bluesky, speaks with SE Radio's Jeremy Jung about the Authenticated Transfer Protocol (ATProto) used by the Bluesky decentralized social network. They discuss why ATProto was created, as well as how it differs from the ActivityPub open standard, the scaling limitations of peer-to-peer solutions, cryptographic decentralized identifiers, and creating a protocol based on experience with distributed systems. They also examine the role of personal data servers, relays, and app views, the benefits of using domain names, allowing users to create algorithmic feeds and moderation tools, and the challenges of content moderation. Brought to you by IEEE Computer Society and IEEE Software magazine.

Robert Seacord, the Standardization Lead at Woven by Toyota, the convenor of the C standards committee, and author of The CERT® C Coding Standard, Effective C, and Secure Coding in C and C++, speaks with SE Radio host Gavin Henry about What's New in the C Programming Language. They start with a review of the history of C and why it has a standard, and then they discuss what C23 brings and how programmers can take advantage of it. They consider the sectors in which C is most used and whether you should use C to start a brand new project in 2025. Seacord discusses 8 new things that C23 brings, use case examples, must haves, floating point numbers, how automotive systems use C, why C is used there, Rust vs C, compile time checks vs static analysis, all the various safety standards they can use, why you should use the right tool for the job and never trust user input no matter the language.  Brought to you by IEEE Computer Society and IEEE Software magazine.

Lukas Gentele, CEO of Loft Labs, joins host Robert Blumen for a discussion of kubernetes vclusters (virtual clusters). A vcluster is a kubernetes cluster that runs kubernetes application on a host kubernetes cluster. The conversation covers: vcluster basics; sharing models; what is owned by the vcluster and what is shared with the host; attached nodes versus shared nodes; the primary use case: multi-tenancy vcluster per tenant; alternatives - namespace per tenant, full cluster per tenant; trade-offs - isolation; less resource use; spin up time; scalability; how many clusters and how many vclusters should an org have? Deployment models for vclusters - helm chart with standard resources; vcluster operator; persistent storage models for vclusters; vcluster snapshotting, recovery, and migration. how many vclusters can run on a cluster? ingress, TLS and DNS. Brought to you by IEEE Computer Society and IEEE Software magazine.

Matthew Adams, Head of Security Enablement at Citi, joins SE Radio host Priyanka Raghavan to explore the use of large language models in threat modeling, with a special focus on Matthew's work, Stride GPT. The episode kicks off with an overview of threat modeling, its applications, and the stages of the development life cycle where it fits in. They then discuss the STRIDE methodology and strideGPT, highlighting practical examples, the technology stack behind the application, and the tool's inputs and outputs. The show concludes with tips and tricks for optimizing tool outputs and advice on other open source projects that utilize generative AI to bolster cybersecurity defenses. Brought to you by IEEE Computer Society and IEEE Software magazine.

Praveen Gujar, Director of Product at LinkedIn, joins SE Radio host Kanchan Shringi for a discussion on how generative AI (GenAI) is transforming digital advertising technology platforms. The conversation starts with a look at how GenAI facilitates scalable ad content creation, using self-attention mechanisms for customized ad generation. They explore AI's role in simplifying campaign management, automating tasks such as audience targeting and performance measurement. Praveen emphasizes that ad tech platforms use AI models tailored to different needs leveraging both first-party and third-party data sources, with privacy maintained through methods such as CAPI (conversion API). They also consider the differences between retrieval-augmented generation (RAG) and fine-tuning in AI models: Whereas RAG uses brand-specific data at runtime for precise ad content, fine-tuning focuses on broader model optimization. The segment highlights the importance of vector embeddings and vector search in storing and retrieving contextual content. Lastly, Praveen discusses the integration of AI teams within product development to improve collaboration and AI proficiency across organizations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Matthew Skelton joins host Giovanni Asproni to talk about team topologies—an approach to organizing teams for fast flow of value. The episode starts with a description of the underlying principles before exploring the approach in more detail. From there, they discuss when to consider implementing the approach; keys to a successful implementation; and some common mistakes to avoid. Brought to you by IEEE Computer Society and IEEE Software magazine.

Vinay Tripathi, a senior network engineer in Google Backbone Engineering and an 18-year network engineering veteran, discusses BGP optimization, a technique that's critical in achieving top goals in distributed applications. Host Philip Winston speaks with Tripathi about BGP, autonomous systems, peer grouping, router hardware and software, software-defined networks, and shared network optimization and debugging stories. Brought to you by IEEE Computer Society and IEEE Software magazine.

Tim McNamara, a well-known Rust educator, author of Rust in Action (Manning), and a recipient of a Rust Foundation Fellowship in 2023, speaks with SE Radio host Gavin Henry about error handling in Rust. They discuss the errors that Rust prevents, what an error is in Rust, what Tim classes as the "four levels of error handling," and the lifecycle of your journey reaching for them. McNamara explains why Rust handles errors as it does, how it differs from other languages, and what the developer experience is like in dealing with Rust errors. He advocates best practices for error handling, what Result is, the power of Rust Enums, what the question mark operator is, when to unwrap, what Box really means, how to deal with errors across the FFI boundary, and the various Rust error-handling crates that you can use to give you more control. Brought to you by IEEE Computer Society and IEEE Software magazine.

Ganesh Datta, co-founder of Cortex.io, joins host Robert Blumen for a conversation about production readiness. The conversation covers the history of production readiness; its relationship to microservice architecture; the Google SRE model's impact on production readiness; production readiness checklists; the process; and production readiness transparency.

Simon Wijckmans, founder of c/side -- a company that focuses on monitoring, securing, and optimizing third-party JavaScript -- joins SE Radio host Kanchan Shringi for a conversation about the security risks posed by third-party browser scripts. Through real-world examples and insights drawn from his work in web security, Simon highlights the dangers, including malicious attacks such as the recent Polyfill.io incident. He emphasizes the need for vigilant monitoring, as these third-party scripts remain essential for website functionalities like analytics, chatbots, and ads, despite their potential vulnerabilities. Simon explores the use of self-hosting solutions and content security policies (CSPs) to minimize risks, but he stresses that these measures alone are insufficient to fully safeguard websites.  As the discussion continues, they delve into the importance of layering security approaches. Simon advocates for combining techniques like CSPs, real-time monitoring, and AI-driven analysis, which his company c/side employs to detect and block malicious scripts. He also touches on the complexities of securing single-page applications (SPAs), which allow scripts to persist across pages without full reloads, increasing the attack surface for third-party vulnerabilities. Brought to you by IEEE Computer Society and IEEE Software magazine.

Catherine Nelson, author of the new O'Reilly book, Software Engineering for Data Scientists, discusses the collaboration between data scientists and software engineers -- an increasingly common pairing on machine learning and AI projects. Host Philip Winston speaks with Nelson about the role of a data scientist, the difference between running experiments in notebooks and building an automated pipeline for production, machine learning vs. AI, the typical pipeline steps for machine learning, and the role of software engineering in data science. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jonathan Horvath of Z-bit discusses physical access control systems (PACS) with host Jeremy Jung. They start with an overview of PACS components and discuss the proprietary nature of the industry, the slow pace of migration to open standards, and why Windows is commonly used. Jonathan describes the security implications of moving from isolated networks to the cloud, as well as credential vulnerabilities, encryption using symmetric keys versus asymmetric keys, and the risks related to cloning credentials. They also consider several standards, including moving from Wiegand to the Open Supervised Device Protocol (OSDP), as well as the Public Key Open Credential (PKOC) standard, and the open source OSDP implementation that Jonathan authored. Brought to you by IEEE Computer Society and IEEE Software magazine.

Cody Ebberson, CTO of Medplum, joins host Sam Taggart to discuss the constraints that working in regulated industries add to the software development process. They explore some general aspects of developing for regulated industries, such as healthcare and finance, as well as a range of specific considerations that can add complexity and effort. Cody describes how translating regulatory requirements into test specifications and automating those tests can help streamline software development in these regulated environments.  Brought to you by IEEE Computer Society and IEEE Software magazine.

Nick Tune and Jean-Georges Perrin join host Giovanni Asproni to talk about their proposed approach to modernizing legacy systems. The episode starts with some high-level perspective to set context for the approach described in their book, Architecture Modernization (Manning, 2024). From there, the discussion turns to important details, including criteria for deciding which aspects to revisit; some of the activities, processes, and tools; and the importance of data engineering in modernization efforts. Nick and Jean-Georges describe how to successfully implement an architecture-modernization effort, and how to fit that work with the teams' other priorities. The episode finishes with some warnings about the typical risks associated with modernizing a legacy system, and suggestions on how to mitigate them. This episode is sponsored by QA Wolf.

Steve Smith, founder and principal architect at Nimble Pros, joins host Jeff Doolittle for a conversation about software quality. The episode begins with a discussion of why software quality matters for businesses, customers, and developers. Steve explains some patterns and practices that help teams design for quality. They discuss in detail the practices of testing and quality assurance, and the conversation wraps up with suggestions for fostering a culture of quality in teams and organizations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Sriram Panyam, CTO at DagKnows, discusses SaaS Control Planes with SE Radio host Brijesh Ammanath. The discussion starts off with the basics, examining what control planes are and why they're important. Sriram then discusses reasons for building a control plane and the challenges in designing one. They explore design and architectural considerations when building a SaaS control plane, as well as the key differences between a control plane and a data plane. This episode is sponsored by QA Wolf.

Stevie Caldwell, Senior Engineering Technical Lead at Fairwinds, joins host Priyanka Raghavan to discuss zero-trust network reference architecture. The episode begins with high-level definitions of zero-trust architecture, zero-trust reference architecture, and the pillars of Zero Trust. Stevie describes four open-source implementations of the Zero Trust Reference Architecture: Emissary Ingress, Cert Manager, LinkerD, and the Policy Engine Polaris. Each component is explored to help clarify their roles in the Zero Trust journey. The episode concludes with a look at the future direction of Zero Trust Network Architecture. This episode is sponsored by QA Wolf.

Jim Bugwadia, CEO of Nirmata and a committer to the Kyverno projects, joins host Robert Blumen for a discussion of policy-as-code and the open source Kyverno project. The discussion covers the nature of policies; policies and security; policies and compliance to standards; security scans that generate reports compared to tools that allow or deny operations at run time; Kyverno as a kubernetes service; the Kyverno helm charts; the components of Kyverno; bootstrapping a kubernetes cluster with Kyverno; installing policies; implementing policies; customizing policies; packaging and installing policies; kubernetes dynamic admission controllers; the Kyverno admission controller; securing Kyverno itself; observability of Kyverno; types of reports and messages available to cluster users. This episode is sponsored by QA Wolf.

Itamar Friedman, the CEO and co-founder of CodiumAI, speaks with host Gregory M. Kapfhammer about how to use generative AI techniques to support automated software testing. Their discussion centers around the design and use of Cover-Agent, an open-source implementation of the automated test augmentation tool described in the Foundations of Software Engineering (FSE) paper entitled "Automated Unit Test Improvement using Large Language Models at Meta" by Alshahwan et al. The episode explores how large-language models (LLMs) can aid testers by automatically generating test cases that increase the code coverage of an existing testing suite. They also investigate other automated testing topics, including how Cover-Agent compares to different LLM-based tools and the strengths and weaknesses of using LLM-based approaches in software testing.

Goran Petrovic, a Staff Software Engineer at Google, speaks with host Gregory M. Kapfhammer about how to perform mutation testing on large software systems. They explore the design and implementation of the mutation testing infrastructure at Google, discussing the strategies for ensuring that it enhances both developer productivity and software quality. They also investigate the findings from experiments that quantify how mutation testing enables software engineers at Google to write better tests that can detect defects and increase confidence in software correctness. Brought to you by IEEE Computer Society and IEEE Software magazine.

Abhay Paroha, an engineering leader with more than 15 years' experience in leading product dev teams, joins SE Radio's Kanchan Shringi to talk about cloud migration for oil and gas production operations. They discuss Abhay's experiences in building a cloud foundation layer that includes a canonical data model for storing bi-temporal data. They further delve into his teams' learnings from using Kubernetes for microservices, the transition from Java to Scala, and use of Akka streaming, along with tips for ensuring reliable operations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Luis Rodríguez, CTO of Xygeni.io, joins host Robert Blumen for a discussion of the recently thwarted attempt to insert a backdoor in the SSH (Secure Shell) daemon. OpenSSH is a popular implementation of the protocol used in major Linux distributions for authentication over a network. Luis describes how a backdoor in a supporting library was recently discovered and removed before the package was published to stable releases of the Linux distros. The conversation explores the mechanism of the attack through modifying a function table in the runtime; how the attack was inserted during the build; how the attack was carefully staged in a series of modifications to the lz compression library; the nature of "Jia Tan," the entity who committed the changes to the open source project; social engineering that the entity used to gain the trust of the open source community; what forensics indicates about the location of the entity; hypotheses about whether criminal or state actors backed the entity; how the attack was detected; implications for other open source projects; why traditional methods for detecting exploits would not have helped find this; and lessons learned by the community. Brought to you by IEEE Computer Society and IEEE Software magazine.

Emily Bache, founder of the Samman Technical Coaching Society and author of several books about technical agile coaching, talks with SE Radio host Sam Taggart about katas and the importance of practice. They discuss how practicing in a safe environment helps developers to learn new skills and build new habits. They also talk about how Samman coaching combines this sort of deliberate practice with applying the lessons learned in practice to the production code base. They also touch briefly on the advantages of working in an ensemble fashion. Brought to you by IEEE Computer Society and IEEE Software magazine.

Hans Dockter, the creator of the Gradle build tool and founder of Gradle Inc, the company behind the developer productivity platform Develocity, joins SE Radio host Giovanni Asproni to talk about developer productivity. They start with some definitions and an explanation of the importance of developer productivity, its relationship with cognitive load, and the big impact that development tools have on it. Hans describes how to implement developer productivity metrics in an organization, as well as warns about some pitfalls. The episode closes with some discussion on Hans's views on the future of this discipline, as well as some near-term developments and expectations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Chuck Weindorf, a retired IT director and chief engineer with nearly 40 years' experience in software engineering, joins host Jeff Doolittle for a conversation about the concepts in Chuck's book, Leaders & Software Engineers. Through personal anecdotes and insights gleaned from his extensive career, Chuck underscores quality assurance's critical role in building trust with users and fostering a proactive culture of defect resolution within development teams. He highlights how ethical considerations underpin trust and integrity within the software engineering profession. Chuck and Jeff examine the significance of thorough documentation and the vital role of effective communication in overcoming silos within organizations, and ensuring that projects meet their intended objectives while maintaining high standards of quality and reliability. They discuss how to cultivate a positive, innovative culture within engineering teams. Chuck shares strategies for addressing challenges and opportunities presented by change, advocating for adaptability and continuous learning as essential qualities for both new and experienced engineers navigating the evolving technological landscape. He offers advice for those transitioning into leadership roles, emphasizing the importance of developing soft skills and the ability to empathize with and inspire team members. Finally, the episode explores the potential impact of emerging technologies, such as low-code platforms and artificial intelligence. Brought to you by IEEE Computer Society and IEEE Software magazine. 

Ipek Ozkaya, Principal Researcher and Technical Director of the Engineering Intelligent Software Systems group at the Software Engineering Institute, Carnegie Mellon, discusses generative AI for Software Architecture with SE Radio host Priyanka Raghavan. The episode delves into fundamental definitions of software architecture and explores use cases in which gen AI can enhance architecture activities. The conversation spans from straightforward to challenging scenarios and highlights examples of relevant tooling. The episode concludes with insights on verifying the correctness of output for software architecture prompts and future trends in this domain. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jonathan Schneider, the cofounder of Moderne and the creator of OpenRewrite, talks with SE Radio's Gregory Kapfhammer about automated software maintenance. In addition to exploring the design and implementation of OpenRewrite, Schneider explains how the tool can automatically support software maintenance tasks such as framework migration and security fixes for programs implemented in languages like Java. The episode also explores how OpenRewrite uses the lossless semantic tree to support automated refactoring though the use of recipes. Brought to you by IEEE Computer Society and IEEE Software magazine.

Marcelo Trylesinski, a senior software engineer at Pydantic and a maintainer of open-source Python tools including Starlette and Uvicorn, joins host Gregory M. Kapfhammer to talk about FastAPI. Their conversation focuses on the design and implementation of FastAPI and how programmers can use it to create web-based APIs. They also explore how to create and deploy a FastAPI implemented in the Python programming language. Brought to you by IEEE Computer Society and IEEE Software magazine.

Michael J. Freedman, the Robert E. Kahn Professor in the Computer Science Department at Princeton University, as well as the co-founder and CTO of Timescale, spoke with SE Radio host Gavin Henry about TimescaleDB. They revisit what time series data means in 2024, the history of TimescaleDB, how it integrates with PostgreSQL, and they take the listeners through a complete setup. Freedman discusses the types of data well-suited for a timeseries database, the types of sectors that have these requirements, why PostgreSQL is the best, Pg callbacks, Pg hooks, C programming, Rust, their open source contributions and projects, data volumes, column-data, indexes, backups, why it is common to have one table for your timeseries data, when not to use timescaledb, IoT data formats, Pg indexes, how Pg works without timescaledb, sharding, and how to manage your upgrades if not using Timescale Cloud. Brought to you by IEEE Computer Society and IEEE Software magazine.

Wolf Vollprecht, the CEO and founder of Prefix.dev, speaks with host Gregory M. Kapfhammer about how to implement Python tools, such as package managers, in the Rust programming language. They discuss the challenges associated with building Python infrastructure tooling in Python and explore how using the Rust programming language addresses these concerns. They also explore the implementation details of Rust-based tooling for the Python ecosystem, focusing on the cross-platform Pixi package management tool, which enables developers to easily and efficiently install libraries and applications in a reproducible fashion. Brought to you by IEEE Computer Society and IEEE Software magazine.

Xe Iaso of Fly.io discusses their hosting platform with host Jeremy Jung. They cover building globally distributed applications with Anycast, using Wireguard to encrypt inter-service communication, writing custom code to handle load balancing and scaling with fly-proxy, why serving EU customers has unique requirements, letting users use docker images without the docker runtime by converting them to firecracker and cloud hypervisor microVMs, the differences between regular VMs and microVMs, challenges of acquiring and serving GPUs to customers. when to use Kubernetes, and dealing with abuse on the platform. Brought to you by IEEE Computer Society and IEEE Software magazine.

Shannon Selbert, co-founder of Soren and developer of Oban, and Parker Selbert, creator of the Oban background job framework, chief architect at dscout, and co-founder of Soren, speak with SE Radio host Gavin Henry about robust job processing in Elixir. They explore the reliability, consistency, and observability in relation to job processing, to understand how Oban, Elixir, and PostgreSQL deliver them. The Selberts describe why Oban was created, its history, which parts of the Elixir ecosystem they use, and why this would not be possible without PostgreSQL and Elixir. They discuss the lessons learned in the 5 years since the first release, as well as use cases, job throughput, the hardest problem to solve so far, workers, queues, CRON, distributed architectures, retry algorithms, just-once methodologies, the reliability the beam brings, consistency across nodes, how PostgreSQL is vital, telemetry data, best use cases for Oban, and the most common issues that new users face. Brought to you by IEEE Computer Society and IEEE Software magazine.

Infrastructure engineer and Kubernetes ingress-Nginx maintainer James Strong joins host Robert Blumen to discuss the Kubernetes networking layer. The discussion draws on content from Strong's book on the topic and covers a lot of ground, including: the Kubernetes network's use of different IP ranges than the host network; overlay network with its own IP ranges compared to using expanded portions of the host network ranges; adding routes with kernel extension points; programming kernel extension points with IP tables compared to eBPF; how routes are updated as the host network gains or loses nodes, the use of the Linux network namespace to isolate each pod; routing between pods on the same host; routing between pods across the host network; the container-network interface (CNI); the CNI ecosystem; differences between CNIs; choosing a CNI when running on a public cloud service; the Kubernetes service abstraction with a cluster-wide IP address; monitoring and telemetry of the Kubernetes network; and troubleshooting the Kubernetes network. Brought to you by IEEE Software magazine and IEEE Computer Society.

Andreas Møller, founder of Toddle, a no-code tool for building scalable performant web applications, speaks with SE Radio's Brijesh Ammanath about no-code platforms. They discuss the role of developers in a no-code ecosystem and explore scalability and performance considerations, as well as enterprise adoption of no-code tools. Andreas also expands on why he built Toddle.dev and its unique features. Brought to you by IEEE Computer Society and IEEE Software.

Frances Buontempo, author of the new book Learn C++ by Example, discusses the C++ programming language, a widely used general-purpose programming language. Host Philip Winston spoke with Buontempo about where C++ fits into the landscape of existing programming languages and how recent C++ standards have changed things. They talk about specific language features such as lambdas, templates, concurrency, ranges, concepts along with tips for learning and using C++. Brought to you by IEEE Software and IEEE Computer Society.

Ori Saporta, co-founder and Systems Architect at vFunction, joins host Jeff Doolittle for a conversation about the role of the software architect. The episode begins with Ori's thoughts on what is typically missed or overlooked regarding this role. The conversation then explores aspects of both hard and soft skills required of software architects. Other topics include the relationship of the software architect to other roles, to design and process, and to quality. The show concludes by addressing the importance of dependency management by software architects. Brought to you by IEEE Software magazine and IEEE Computer Society.

Kent Beck, Chief Scientist at Mechanical Orchard, and inventor of Extreme Programming and Test-Driven Development, joins SE Radio host Giovanni Asproni for a conversation on software design based on his latest book "Tidy First?". The episode starts with exploring the reasons for writing the book, and introducing the concepts of tidying, cohesion, and coupling. It continues with a conversation about software design, and the impact of tidyings. Then Kent and Giovanni discuss how to balance design and code quality decisions with cost, value delivered, and other important aspects. The episode ends with some considerations on the impact of Artificial Intelligence on the software developer's job. Brought to you by IEEE Software and IEEE Computer Society.

Wouter Groeneveld, author of The Creative Programmer and PhD researcher at KU Leuven, discusses his research related to programming education with host Jeremy Jung. Topics include evaluating projects, constraints, social debt in teams, common fallacies in critical thinking, maintaining flow state, documenting and retaining knowledge, and creating environments that encourage creativity. Brought to you by IEEE Software and IEEE Computer Society.

Shahar Binyamin, CEO and co-founder of Inigo, joins host Priyanka Raghavan to discuss GraphQL security. They begin with a look at the state of adoption of GraphQL and why it's so popular. From there, they consider why GraphQL security is important as they take a deep dive into a range of known security issues that have been exploited in GraphQL, including authentication, authorization, and denial of service attacks with references from the OWASP Top 10 API Security Risks. They discuss some mitigation strategies and methodologies for solving GraphQL security problems, and the show ends with discussion of Inigo and Shahar's top three recommendations for building safe GraphQL applications. Brought to you by IEEE Software and IEEE Computer Society.

Eyal Solomon, CEO and co-founder of Lunar.dev, joins SE Radio's Kanchan Shringi for a discussion on tooling for API consumption management. The episode starts by examining why API consumption management is an increasingly important topic, and how existing tooling on the provider side can be inadequate for client-side issues. Eyal talks in detail about issues that are unique to API consumers, before taking a deep dive into the evolution of middleware built by teams and companies to address these issues and the gaps. Finally they consider how Lunar.dev seeks to solve these issues, as well as Eyal's vision of lunar.dev as a open source platform. This episode is sponsored by WorkOS.

Ines Montani, co-founder and CEO of Explosion, speaks with host Jeremy Jung about solving problems using natural language processing (NLP). They cover generative vs predictive tasks, creating a pipeline and breaking down problems, labeling examples for training, fine-tuning models, using LLMs to label data and build prototypes, and the spaCy NLP library.

Phillip Carter, Principal Product Manager at Honeycomb and open source software developer, talks with host Giovanni Asproni about observability for large language models (LLMs). The episode explores similarities and differences for observability with LLMs versus more conventional systems. Key topics include: how observability helps in testing parts of LLMs that aren't amenable to automated unit or integration testing; using observability to develop and refine the functionality provided by the LLM (observability-driven development); using observability to debug LLMs; and the importance of incremental development and delivery for LLMs and how observability facilitates both. Phillip also offers suggestions on how to get started with implementing observability for LLMs, as well as an overview of some of the technology's current limitations. This episode is sponsored by WorkOS.

Hyrum Wright, Senior Staff Engineer at Google, discusses the book he co-edited, "Software Engineering at Google," with host Gregory M. Kapfhammer. Wright describes the professional and technical best practices adopted by the software engineers at Google. The wide-ranging conversation investigates an array of topics, including measuring engineering productivity and writing effective test cases. This episode is sponsored by the Algorand Foundation.

Lane Wagner of Boot.dev speaks with host Philip Winston about Go, the programming language that's popular for web, cloud, devops, networking, and other types of development. In addition to discussing existing features such as structs, interfaces, concurrency, and error handling, Lane and Philip take a deep look at generics, a recent addition to the language. They also explore the developer experience with Go.

John Frandsen, Chief Product officer for Elebase, joins host Jeff Doolittle for an exploration of geospatial technologies. The conversation begins with a discussion of the history of mapping and global information systems (GIS) technologies. John describes the underlying technologies used in location-aware applications and the ways that developers can incorporate maps in their own applications. The conversation also highlights recent changes and innovations in the space, as well as the challenges and opportunities of incorporating your own data into existing base map providers. This episode is sponsored by WorkOS.

Charlie Jones, Director of Product Management at ReversingLabs and subject matter expert in supply chain security, joins host Priyanka Raghavan to discuss tackling third-party software risks. They begin by defining different types of third-party software risks and then take a deep dive into case studies where third-party components and software have had cascading effects on downstream systems. They consider some frameworks for secure software development that can be used to evaluate third-party software and components – both as a publisher or as a consumer – and end by discussing laws and regulations with final advise from Charlie on how enterprises can tackle third-party software risks. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode is sponsored by WorkOS.

Yingjun Wu, founder of RisingWave Labs and previously a software engineer at Amazon Web Services and researcher at IBM Almaden Research Center, speaks with SE Radio host Brijesh Ammanath about streaming databases. After considering the benefits and unique challenges, they delve into the architecture and design patterns of streaming databases, as well as the evolution and security considerations. Yingjun also talks about the future of streaming databases, including the potential impact that Amazon S3 Express One Zone will have on the streaming landscape, and how the unified batch and streaming might evolve in the database world. Brought to you by IEEE Computer Society and IEEE Software magazine.

Karl Wiegers, Principal Consultant with Process Impact and author of 14 books, and Candase Hokanson, Business Architect and PMI-Agile Certified Practitioner at ArgonDigital, speak with SE Radio host Gavin Henry about software requirements essentials. They explore five different parts of requirements engineering and how you can apply them to any ongoing project. Wiegers and Hokanson describe why requirements constantly change, how you can test that you're meeting them, and why the tools you have at hand are suitable to start straight away. They discuss the need for requirements in every software project and provide recommendations on how to gather, analyze, validate, and manage those requirements. Candase and Karl offer in-depth perspectives on a range of topics, including how to elicit requirements, speak with users, get to the source of the business or user goal, and create requirement sets, models, prototypes, and baselines. Finally, they look at specifications you can use, and how to validate, test, and verify them. Brought to you by IEEE Computer Society and IEEE Software magazine.

Rishi Singh, founder and CEO at Sapient.ai, speaks with SE radio's Kanchan Shringi about using generative AI to help developers automate test code generation. They start by identifying key problems that developers are looking for in an automated test-generation solution. The discussion explores the capabilities and limitations of today's large language models in achieving that goal, and then delves into how Sapient.ai has built wrappers around LLMs in an effort to improve the quality of the generated tests. Rishi also suggests how to validate the generated tests and outlines his vision of the future for this rapidly evolving area. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode is sponsored by WorkOS.

Nicolas Carlo talks with host Sam Taggart about Nicolas's recent book, Legacy Code First Aid Kit. They start by defining legacy code and the general issues that developers face when dealing with it. Nicolas describes some of the tools in his book and provides examples of where he has found them useful. The episode also touches briefly on the role of AI and some other tools Nicolas has discovered since writing the book. This episode sponsored by WorkOS.

Han Yuan, an accomplished Chief Product and Technology Officer, joins host Priyanka Raghavan to discuss reorganizations. The conversation starts with a broad discussion of reorganizations and reasons that companies choose to undertake them. They then consider organizational behavior and topics such as Conway's law and the theory of constraints. Han offers some advice on key steps to take when planning for a reorg, including how software teams could organize themselves based on technology, frameworks, or user journeys. The episode ends with some discussion of metrics and lessons learned. Brought to you by IEEE Computer Society and IEEE Software magazine.

William Morgan, founder of the Linkerd service mesh and CEO of Bouyant, joins SE Radio's Robert Blumen for a discussion of sidecars, service mesh, and a forthcoming enhancement to kubernetes to support sidecars natively. The conversation explores the origin of sidecars, sidecars and service mesh, and migrating service mesh to kubernetes. They take a deep dive into some aspects of running service mesh on kubernetes, the difficulties in running a sidecar container in a pod, and Kubernetes Enhancement Proposal (KEP) 753, which is intended to provide better native support for sidecar containers. William also gives some thoughts on the continuing relevance of service mesh.

Jason C. McDonald, author of the book Dead Simple Python, speaks with host Samuel Taggart about leveraging quantified tasks to improve estimation, particularly across projects. They discuss the origin of the concept and its relationship with story points, and Jason offers examples to show how quantified tasks can capture nuances in software tasks that are often lost with story points. He also points to the ability to compare them across projects as a major advantage of quantified tasks. Among other topics, they consider also how to use quantified tasks to analyze the stability of a codebase. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jonathan Crossland, software architect, author, and business owner, joins host Jeff Doolittle for a conversation about the AMMERSE framework of design principles. They start by discussing the agile manifesto as a statement of values, and Jonathan shares his perspective based on his experience as a software developer and business owner. They then explore the three layers of the AMMERSE framework and how they help business and engineering leaders to align their values, thereby improving their ability to collaborate and reach common goals. Brought to you by IEEE Computer Society and IEEE Software magazine.

Coral Calero Muñoz and Felix Garcia, professors at the University of Castilla-La Mancha, speak with host Giovanni Asproni about green and sustainable software—an approach to software development aimed at creating software systems that consume less energy and produce less CO2 during their entire lifetimes with minimal impact on their functionality and other qualities. The episode starts by describing why green software matters, particularly in the context of global warming, and introducing the key concepts. Continues discussing the current status of the field, in both academia and industry, and finishes with hints and tips that can be readily applied by development teams to make their systems greener. Brought to you by IEEE Computer Society and IEEE Software magazine.

Maxim Fateev, the CEO of Temporal, speaks with SE Radio's Philip Winston about how Temporal implements durable execution. They explore concepts including workflows, activities, timers, event histories, signals, and queries. Maxim also compares deployment using self-hosted clusters or the Temporal Cloud.

Llewelyn Falco, creator approval tests, talks with SE Radio host Sam Taggart about testing code in general and the various types of testing that developers perform. Llewelyn elaborates on how approval tests can help test code at a higher level than traditional unit tests. They also discuss using approval tests to help get legacy code under test. This episode sponsored by Data Annotation.

Sean Moriarity, creator of the Axon deep learning framework, co-creator of the Nx library, and author of Machine Learning in Elixir and Genetic Algorithms in Elixir, published by the Pragmatic Bookshelf, speaks with SE Radio host Gavin Henry about what deep learning (neural networks) means today. Using a practical example with deep learning for fraud detection, they explore what Axon is and why it was created. Moriarity describes why the Beam is ideal for machine learning, and why he dislikes the term "neural network." They discuss the need for deep learning, its history, how it offers a good fit for many of today's complex problems, where it shines and when not to use it. Moriarity goes into depth on a range of topics, including how to get datasets in shape, supervised and unsupervised learning, feed-forward neural networks, Nx.serving, decision trees, gradient descent, linear regression, logistic regression, support vector machines, and random forests. The episode considers what a model looks like, what training is, labeling, classification, regression tasks, hardware resources needed, EXGBoost, Jax, PyIgnite, and Explorer. Finally, they look at what's involved in the ongoing lifecycle or operational side of Axon once a workflow is put into production, so you can safely back it all up and feed in new data. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode sponsored by Miro.

Eric Olden talks with host Giovanni Asproni about identity orchestration, a software approach for managing distributed identity and access management (IAM) and integrating multiple identity systems or providers (IDPs) to make them look like a single system from a user perspective. The episode starts with a refresher in identity and access management, then introduces identity orchestration and some of the challenges it helps to address, such as integrating disparate identity management systems after company mergers or acquisitions; managing identities in situations where some of the IAM systems are unreachable; and implementing more secure identity management in legacy applications. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jaxon Repp of HarperDB speaks with Brijesh Ammanath about distributed data infrastructure, including what it is and why it's important. They discuss the key factors that make distributed data infrastructure attractive, as well as challenges to implementing it. The episode explores the architecture and design principles, the key security considerations, and the transition factors for distributed data Infrastructure. Brought to you by IEEE Computer Society and IEEE Software.

Yeckezkel Rabinovich, CTO of Groundcover, speaks with host Philip Winston about observability and eBPF as it applies to Kubernetes. Rabinovich was previously the chief architect at the healthcare security company CyberMDX and spent eight years in the cyber security division of the Israeli Prime Minister's Office. This episode explores the three pillars of observability, extending the Linux Kernel with eBPF, the basics of Kubernetes, and how Groundcover uses eBPF as the basis for its observability platform.

Andy Suderman, CTO of Fairwinds, joins host Robert Blumen to talk about standing up a kubernetes cluster. Their discussion covers build-your-own versus managed clusters provided by cloud services, and how to determine the number of kubernetes clusters an organization needs. Andy describes best practices for automating cluster provisioning, and offers recommendations about customizations and opinionation of cloud service providers, choice of container registry, and whether you should run complementary services such as CI and monitoring on the same cluster. The episode also examines the day 0/day 1/day 2 lifecycle, cluster auto-scaling at the cloud service level, integrating stateful services and other cloud services into your cluster, and kubernetes secrets and alternatives. Finally, they consider the container-network interface (CNI), ingress and load balancers, and provisioning external DNS and TLS certificates for cluster services.

Zac Hatfield-Dodds, the Assurance Team Lead at Anthropic, speaks with host Gregory M. Kapfhammer about property-based testing techniques and how to use them in an open-source tool called Hypothesis. They discuss how to define properties for a Python function and implement a test case in Hypothesis. They also explore some of the advanced features in Hypothesis that can automatically generate a test case and perform fuzzing campaigns.

José Valim, creator of the Elixir programming language, Chief Adoption Officer at Dashbit, and author of three programming books, speaks with SE Radio host Gavin Henry about what Elixir is today, what Livebook is, the five spearheads of the new machine learning ecosystem for Elixir, and how they all fit together. Valim describes why he created Elixir, what "the beam" is, and how he pitches it to new users. This episode examines things you can do with Livebook and how it is well-aligned with machine learning, as well as why immutability is important and how it works. They take a detailed look at a range of topics, including tensors with Nx, traditional machine learning with Scholar, data munging with Explorer, deep learning and neural networks with Axon, Bumblebee and Huggingface, and model creation basics. Brought to you by IEEE Computer Society and IEEE Software magazine.

M. Scott Ford, the CTO of Corgibytes and host of the Legacy Code Rocks podcast, discusses managing dependency freshness. SE Radio's Sam Taggart speaks with him about why dependency freshness is important to ensure that your code has all the latest bug fixes, how exactly to measure dependency freshness, and some of the insights that teams can gain from monitoring freshness over time. Brought to you by IEEE Computer Society and IEEE Software Magazine.

Nikhil Shetty, an expert in networking and distributed systems, speaks with SE radio's Kanchan Shringi about virtual private cloud (VPC) and related technologies. They explore how VPC relates to public cloud, private cloud, and virtual private networks (VPNs). The discussion delves into why VPC is fundamental to building on the cloud, as well as configuring a VPC, subnets, and the address space that can be assigned to the VPC. During this episode they look into route tables, network address translation, as well as security groups, network access control lists, and DNS. Finally, Nikhil helps compare VPC offerings from Amazon Web Services (AWS) and Oracle Cloud Infrastructure (OCI).

Adam Frank, SVP of Product and Marketing at Armory.io, speaks with SE Radio's Kanchan Shringi about continuous integration, continuous delivery, and continuous deployment – and how they differ. Frank suggests that organizations begin by identifying how the CI/CD process aligns best with their unique goals, noting that such goals might be different for B2C versus B2B SAAS (software as a service). They also discuss how the process can differ for monoliths compared to microservices-based products. Finally, they talk about continuous deployment as a service and some unique aspects of Armory's approach.

Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad description of the approach, which is based on Weir's research and on a free Developer Security Essentials workshop he created. Charles presents some examples from real-world projects, his view on AI's impact on security, and information about the workshop and where to find the materials. During the conversation, they consider several related topics including the concept of "good enough" security; security as a product decision; risk assessment, classification, and prioritization; and how to approach security in startups, greenfield, and legacy systems.

Lukas Fittl of pganalyze discusses the performance of Postgres, one of the world's most popular database systems. SE Radio host Philip Winston speaks with Fittl about database indexing, queries, maintenance, scaling, and stored procedures. They also discuss some features of pganalyze, such as the index and vacuum advisors.

Dr. Daniel Zingaro and Dr. Leo Porter, co-authors of the book Learn AI-Assisted Python Programming, speak with host Jeremy Jung about teaching programming with the aid of large language models (LLMs). They discuss writing a book to use in Leo's introductory CS class and explore how GitHub Copilot de-emphasizes syntax errors, reduces the need to memorize APIs, and why they want students to write manual test cases. They also discuss possible ethical concerns of relying on commercial tools, their impact on coursework, and why they aren't worried about students cheating with LLMs.

Zach Lloyd, CEO of Warp.dev, discusses how to implement and effectively use command-line terminals. Host Gregory Kapfhammer speaks with Lloyd about how command-line terminals work and how the Warp terminal uses the GPU and AI to enhance a software developer's productivity. They also discuss the trade-offs associated with using the Rust programming language to implement a command-line terminal. Brought to you by IEEE Computer Society and IEEE Software magazine.

Josh Doody, author of Mastering Business Email, speaks with host Brijesh Ammanath about how software engineers can master business communication. They begin with an exploration of various communication modes, including Slack, virtual meetings, emails, and presentations. Josh shares several strategies to improve communication skills and cross-cultural communication, but if there's one key take away from this episode, it might be: "use positive language for any medium of communication; be kind and use positive words." Brought to you by IEEE Software magazine and IEEE Computer Society.

Arun Gupta, Vice President and General Manager of Open Ecosystem Initiatives at Intel Corporation, discusses open-source strategy and community with SE Radio host Kanchan Shringi. They explore the business case and business model for why and how big tech participates in the open-source ecosystem. Arun describes ways to foster a culture of engagement with open source within companies such as Intel, Amazon, and Apple. They then consider how the principles can be applied to closed-source software within a company. Finally, they discuss some of the benefits that Intel has gained from more than 20 years of open source contributions and look at the company's plan for the year ahead. SE Radio is rought to you by IEEE Software magazine and IEEE Computer Society.

In this episode, Ori Mankali, senior VP of engineering at cloud security startup Akeyless, speaks with SE Radio's Nikhil Krishna about secrets management and the innovative use of distributed fragment cryptography (DFC). In the context of enterprise IT, 'secrets' are crucial for authentication in providing access to internal applications and services. Ori describes the unique challenges of managing these sensitive data, particularly given the complexities of doing so on a large scale in substantial organizations. They discuss the necessity for a secure system for managing secrets, highlighting key features such as access policies, audit capabilities, and visualization tools. Ori introduces the concept of distributed fragment cryptography, which boosts security by ensuring that the entire secret is never known to any single entity. The episode explores encryption and decryption and the importance of key rotation, as they consider the challenges and potential solutions in secrets management.

Casey Muratori caused some strong reactions with a blog post and an associated video in which he went through an example from the "Clean Code" book by Robert Martin to demonstrate the negative impact that clean code practices can have on performance. In this episode, he joins SE Radio's Giovanni Asproni to talk about the potential trade-offs between performance and the qualities that make for maintainable code, these qualities being the main focus of Clean Code. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jens Neuse, founder of Wundergraph, joins SE Radio host Jeff Doolittle for a conversation about back ends for front ends, or BFF. Jens begins by explaining how a heavy integration burden is often placed on front-end development teams. When multiple APIs must be integrated, it can be challenging for client development in web, mobile, and desktop environments. Explaining how APIs should be treated as dependencies, just like packages, the episode explores BFF patterns and use cases, as well as the future potential emergence of a "git for APIs" standard. This episode is sponsored by ClickSend. 

Nir Valtman, co-Founder and CEO at Arnica, discusses pipelineless security with SE Radio host Priyanka Raghavan. They start by defining pipelines and then consider how to add security. Nir lays out the key challenges in getting good code coverage with the pipeline-based approach, and then describes how to implement a pipelineless approach and the advantages it offers. Priyanka quizzes him on the concept of "zero new hardcoded secrets," as well as some ways to protect GitHub repositories, and Nir shares examples of how a pipelineless approach could help in these scenarios. They then discuss false positives and handling developer fatigue in dealing with alerts. The show ends with some discussion around the product that Arnica offers and how it implements the pipelineless methodology.

Chad Michel, Senior Software Architect at Don't Panic Labs and co-author of Lean Software Systems Engineering for Developers, joins host Jeff Doolittle for a conversation about treating software development as an engineering discipline. They begin by discussing the need for engineering rigor in the software industry. Chad points out that many developers lack awareness of good engineering practice and are often unaware of resources such as the Software Engineering Body of Knowledge (SWEBOK). Among the many topics explored in this episode are design methodologies such as volatility-based decomposition and the work of David Parnas, as well as important topics such as quality, how to address complexity, designing for change, and the role of the chief engineer. This episode is sponsored by ClickSend. SE Radio listeners can get a $50 credit by following the link.

In this episode, Varun Singh, Chief Products and Technology Officer at Daily.co, speaks with host Nikhil Krishna about the 30-year evolution of web protocols. In particular, they explore the impact of protocol ossification, which has supported the Internet's success but also limits the flexibility of evolving protocol suites such as TCP/IP and UDP by constraining future development. Varun points out how the end-to-end principle emphasizes full flexibility for end hosts, but the TCP implementation in the OS kernel as well as in "middle boxes" such as ISPs contributes to the constraints of ossification by blocking certain types of traffic. Further, the development of new protocols is challenging due to the need for backward compatibility with existing protocols. They discuss Google's efforts – and the challenges it has faced – in working to move the HTTP protocol forward. The role of standards bodies such as the IETF and collaboration between industry stakeholders is crucial for the evolution of internet protocols, requiring a balance between maintaining backward compatibility and introducing new protocols such as QUIC and HTTP/3 to address existing constraints and improve internet performance and security. indeed, QUIC includes features that seek to actively avoid ossification and encourage evolution.

Gregory Kapfhammer, associate professor at Allegheny College, discusses the common problem of 'flaky tests' with SE Radio's Nikhil Krishna. Flaky tests are test cases that unreliably pass or fail even when no changes are made to the source code under test or to the test suite itself, which means that developers can't tell whether the failures indicate bugs that needs to be resolved.  Flaky tests can hinder continuous integration and continuous development by undermining trust in the CI/CD environment. This episode examines sources of flaky tests, including physical factors such as CPU or memory changes, as well as program-related factors such as performance issues. Gregory also describes some common areas that are prone to flaky tests and ways to detect them. They discuss tooling to detect and automatically mark flaky tests, as well as how to tackle these issues to make tests more reliable and even ways to write code so that it's less susceptible to flaky tests.

Jeroen Mulder, author of Multi-Cloud Strategy for Cloud Architects, joins host Robert Blumen for a discussion of public cloud, private cloud, and multi-cloud computing architectures and trends. They start by considering what defines cloud computing and what differentiates the major cloud providers, including whether they are more alike or different in the services they offer.  Jeroen discusses governance, regulatory compliance, and data locality as drivers of where enterprises want to run their workload. They explore use cases for multi-cloud, and discuss architectural challenges in migrating to kubernetes, as well as issues with networking, security, and identity management with multi-cloud architectures. Finally, they discuss running public cloud compute on on-prem resources with Anthos, Outback, and related technologies.

Stanisław Barzowski of XTX Markets and a committer on the jsonnet project joins SE Radio's Robert Blumen for a conversation about the jsonnet programming language. A superset of JSON, jsonnet adds programming language capabilities, particularly to address the need to handle large but mostly repetitive JSON configurations. They discuss the project's history, use cases for Grafana and Kubernetes config, and interoperability with YAML. They examine jsonnet details, including the command line, constrained capabilities of the language, and objects and inheritance, and then consider the toolchain: compiler, formatter, and linter, as well as test frameworks and testing, package management, and the language's performance. Barzowski describes four implementations -- go, C++, Rust, and Scala -- as well as popular libraries and the standard library.

Vladyslav Ukis, author of the book Establishing SRE Foundations: A Step-by-Step Guide to Introducing Site Reliability Engineering in Software Delivery Organizations, discusses how to roll out SRE in an enterprise. SE Radio host Brijesh Ammanath speaks with Vlad about the origins of SRE and how it complements ITIL (Information Technology Infrastructure Library). They examine how firms can establish foundations for rolling out SRE, as well as how to overcome challenges they might face in adopting. Vlad also recommends steps that organizations can take to sustain and advance their SRE transformation beyond the foundations.

Simon Bennetts, a distinguished engineer at Jit, discusses one of the flagship projects of OWASP: the Zed Attack Proxy (ZAP) open source security testing tool. As ZAP's primary maintainer, Simon traces the tool's origins and shares some anecdotes with SE Radio host Priyanka Raghavan on why there was a need for it. They take a deep dive into ZAP's features and its ability to integrate with CI/CD, as well as shift security left. Bennetts also considers what it takes to build a successful open source project before spending time on ZAP's ability to script to provide richer results. Finally, the conversation ends with some questions on ZAP's future in this AI-powered world of bots.

Dave Cross, owner of Magnum Solutions and author of GitHub Actions Essentials (Clapham Technical Press), speaks with SE Radio host Gavin Henry about GitHub actions, the value they provide, and the best practices for using them in your projects. Cross describes the vast range of things that developers can do with GitHub Actions, including some use cases you might never have thought about. They start with some general discussion of CI/CD and then consider the three main types of events that drive GitHub actions before digging in to details about fine-grained action events, Action Marketplace, contexts, yaml, docker base images, self-hosted runners, and more. They further explore identity management, permissions, dependency management, saving money, and how to keep your secrets secret.

Ashley Peacock, author of the book Creating Software with Modern Diagramming Techniques, speaks with SE Radio host Akshay Manchale about diagrams in software engineering. They discuss the power of diagramming and some reasons we don't fully use it as often as we should. Ashley contrasts historical use of UML diagrams versus modern diagrams, which don't have hard rules about representations. The episode examines different types of diagrams through an example application and how it could be built with modern tools such as Streamy to simplify the building, versioning, and maintenance of diagrams.

Luca Galante, head of product at Humanitec, joins host Jeff Doolittle for a conversation about platform engineering. They begin by defining platform engineering and its relationship to, and distinction from, DevOps. Tracing platform engineering's history, Luca describes how internal developer platforms are fundamental, and then explores the goals of addressing complexity and reducing the cognitive load on developers by creating golden paths.

Paul Hammant, independent consultant, joins host Giovanni Asproni to speak about trunk-based development—a version control management practice in which developers merge small, frequent updates to a core "trunk" or main branch. The episode explores the technique in some detail, including its pros and cons and some examples from real projects, and offers suggestions on how to get started. The conversation touches on a set of related topics, including code reviews, feature flags, continuous integration, and testing.

In this episode, David Cramer, co-founder and CTO of Sentry, joins host Jeremy Jung for a conversation about error tracking. The discussion starts with treating performance problems as errors, why you might not need logs, and how most applications share the same problems. From there they consider other topics including capturing information by hooking into runtimes and frameworks, issues with the quality of Open Telemetry data, how front-end applications are constantly changing and why that makes them hard to instrument. Finally, they discuss how Sentry's architecture has evolved, and why they switched from a permissive license to the Business Source License.

Bastian Gruber, author of the book Rust Web Development, speaks with host Philip Winston about creating server-based web applications with Rust. They explore Rust language features, tooling, and web frameworks such as Warp and Tokio. From there, they examine the steps to build a simple web server and a RESTful API, as well as modules, logging and tracing, and other aspects of web development with Rust.

Dan DeMers of Cinchy.com joins host Jeff Doolittle for a conversation about data collaboration and dataware. Dataware platforms leverage an operational data fabric to liberate data from apps and other silos and connect it together in real-time data networks. They explore a range of key topics, including zero-copy integration, encapsulation and information hiding, handling changes to data models over time, and latency and access issues. The discussion also explores dataware management and security concerns, as well as the concept of 'data plasticity' as an analogy to neuroplasticity, which is where the nervous system can respond to stimuli such as injuries by reorganizing its structure, functions, or connections.

Sugu Sougoumarane discusses how to face the challenges of horizontally scaling MySQL databases through the Vitess distribution engine and Planetscale, a service built on top of Vitess. The journey began with the growing pains of scale at YouTube around the time of Google's acquisition of the video service. This episode explores ideas about topology management, sharding, Paxos, connection pooling, and how Vitess handles large transactions while abstracting complexity from the application layer.

Ross John Anderson, Professor of Security Engineering at University of Cambridge, discusses software obsolescence with host Priyanka Raghavan. They examine risks associated with software going obsolete and consider several examples of software obsolescence, including how it can affect cars. Prof. Anderson discusses policy and research in the area of obsolescence and suggests some ways to mitigate the risks, with special emphasis on software bills of materials. He describes future directions, including software policy and laws in the EU, and offers advice for software maintainers to hedge against risks of obsolescence.

Michael Fazio, Engineering Manager (Android) at Albert and author of Kotlin and Android Development featuring Jetpack from the Pragmatic Programmers, speaks with SE Radio's Gavin Henry about how the Android ecosystem looks today, and why it's an excellent time to write native Android apps. They explore a wide range of topics about modern Android development, including when to go native, how to keep a lot of decisions in your back-end API, Kotlin co-routines, Jetpack and Jetpack Compose, the MVVM design pattern, and threads, as well as activities, fragments, Dagger, room, navigation, Flutter, and improvements in simulators. They also examine details such as IDEs, API selection, how to choose a list of support devices, Java vs Kotlin, handset manufacturers, XML layouts, and why Jetpack is a safe bet for all your future Android development.

Timothy Beamish of BenchSci discusses React and Next.js, two of today's most popular front-end frameworks. Host Philip Winston speaks with Beamish about components, routing, JSX, client-side and server-side rendering, single-page applications, automatic code-splitting, image optimization, and more. Beamish also details his experience moving a real-world application to Next.js.  

Software engineer Alex Boten, author of Cloud Native Observability with Open Telemetry, joins SE Radio host Robert Blumen for a conversation about software telemetry and the OpenTelemetry project. After a brief review of the topic and the OpenTelemetry project's origins rooted in the need for interoperability between telemetry sources and back ends, they discuss the open telemetry server and its features, including transforms, filtering, sampling, and rate limiting. They consider a range of topics, starting with alternative topologies with and without the telemetry server, server pipelines, and scaling out the server, as well as a detailed look at extension points and extensions; authentication; adoption; and migration.

On Freund, founder of Wilco and former VP of Engineering at WeWork, speaks with SE Radio's Brijesh Ammanath about "upskilling" – going deeper or increasing the breadth of your skills. On has years of experience in helping developers master the skills needed to advance in their careers. This episode explores the importance of upskilling in a constantly evolving tech landscape. They focus particularly on how and why senior and expert developers should keep learning, upskilling, and reskilling throughout their careers. Freund offers suggestions on how to face some common challenges, especially for remote or distributed workers, and how and why engineering managers can help enable upskilling for their teams.

Adam Tornhill, founder and CTO of CodeScene, joins host Giovanni Asproni to speak about behavioral code analysis. Behavioral code analysis is a set of practical techniques aimed at identifying patterns in how a development organization interacts with the codebase they're building. It can be used to prioritize technical debt to maximize return on investment; to identify communication and team-coordination bottlenecks in code; to drive refactorings guided by data from how the system evolves; and to detect code quality problems before they become maintenance issues. The episode starts with a broad description of the techniques, providing some examples from real projects, and ends with suggestions on how to get started with applying them. During the conversation, Adam and Giovanni touch on a set of related topics, including the applicability of the techniques to legacy, green-, and brown-field projects; ethical and privacy implications; and the importance of context when judging code quality.

Luca Casonato joins SE Radio's Jeremy Jung for a conversation about Deno and Deno Deploy. They start with a look at JavaScript runtimes and their relation to Google's open source JavaScript and WebAssembly engine V8, and why Deno was created. They discuss the WinterCG W3C group for server-side JavaScript, why it's difficult to ship new features in Node, and the benefits of web standards. From there they consider the benefits of creating an all-inclusive toolset like Rust and Go rather than relying on separate solutions, Deno's node compatibility layer, use cases for WebAssembly, benefits and implementation of Deno Deploy, reasons to deploy on the edge, and what's coming next.

Matt Frisbie, author of Building Browser Extensions, speaks with host Kanchan Shringi about browser extensions, including key areas where they've been successful. Based on Matt's experience as a developer working for Google, Doordash, and a startup he founded, they examine tools for building extensions, as well as APIs they have access to. The conversation presents detailed issues such as cross-browser compatibilities to keep in mind when developing extensions and mechanisms in the browser to prevent security vulnerabilities, and finally examines how emerging platforms can help developers take advantage of exciting new possibilities with web extensions.

Vidal Graupera, an Engineering Manager at LinkedIn, speaks with SE Radio's Brijesh Ammanath about the importance of managers' one-on-one meetings with direct reports. They start by considering how a 1:1 meeting differs from other meetings...

J.R. Storment and Mike Fuller discuss cloud financial operations (FinOps) with host Akshay Manchale. They consider the importance of a financial operations strategy for cloud-based infrastructure. J.R. and Mike discuss the differences between operating your own data center and running in the cloud, as well as the problems that doing so creates in understanding and forecasting cloud spend. Mike details the Cloud FinOps lifecycle by first attributing organizational cloud spend through showbacks and chargebacks to individual teams and products. JR describes the two levers available for optimization once an organization understands where they're spending their cloud budget. They discuss complexities that arise from virtualized infrastructure and techniques to attribute cloud usage to the correct owners, and close with some recommendations for engineering leaders who are getting started on cloud FinOps strategy.

William Falcon of Lighting AI discusses how to optimize deep learning models using the Lightning platform, optimization is a necessary step towards creating a production application. Philip Winston spoke with Falcon about PyTorch, PyTorch Lightning...

Alex Hidalgo, principal reliability advocate at Nobl9 and author of Implementing Service Level Objectives, joins SE Radio's Robert Blumen for a discussion of service-level objectives (SLOs) and error budgets. The conversation covers the meaning...

Nicholas Manson, a SaaS Architect with more than 2 decades of experience building cloud applications, speaks with host Kanchan Shringi about identity and access management requirements for cloud applications. They begin by examining what a digital...

Nikhil Krishna speaks with Dietrich Ayala about IPFS in depth. They cover what it is, how it works in detail and how one could leverage IPFS and libp2p in one's own application or to host one's content. The discussion goes into the IPFS ecosystem...

We talk with John deVadoss about the philosophies underlying the development of .NET and Azure software. We discuss the "Fiefdoms and Emissaries" concept of building loosely coupled systems, talk about strengths and drawbacks and how to build services...

Ganesh Datta, CTO and cofounder of Cortex, joins SE Radio's Priyanka Raghavan to discuss site reliability engineering (SRE) vs DevOps. They examine the similarities and differences and how to use the two approaches together to build better software...

Jon Smart, author of the book Sooner Safer Happier: Patterns and Antipatterns for Business Agility, discusses patterns and anti-patterns for the success of enterprise software projects. Host Brijesh Ammanath speaks with him about the various common...

Brendan Callum, engineering manager for the Pinterest developer platform team, discusses the "spec first" approach to API development and how it's different from "API first." Brendan speaks with host Kanchan Shringi about the challenges and advantages...

Open source developers Jordan Harband and Donald Fischer join host Robert Blumen for a conversation about securing the software supply chain, especially open source. They start by reviewing supply chain security concepts, particularly as related to open..

Joe Nash of Twillio's TwilioQuest discusses the role of developer relations/advocate, which is a role at tech companies in-between developers, marketing, sales, and HR. Host Felienne speaks with Nash about the skills people need if they want to become...

Adam Dymitruk, CEO and founder of Adaptech Group, joins host Jeff Doolittle for an exploration of the event modeling approach to discovering requirements and designing software systems. Adam explains how the structured approach eliminates the specifics of implementation details and technology decisions, enabling clearer communication for all stakeholders while keeping conversations focused on the business opportunity. Using concrete examples of event modeling in practice, they examine event modeling in the context of other related approaches and methodologies, including event sourcing, event storming, CQRS, and domain-driven design.  

Roberto Di Cosmo, Computer Science professor at University Paris Diderot and founder of the Software Heritage initiative, discusses how to protect against sudden loss from the collapse of a "free" source code repository provider, how to protect...

Adam Warski, the co-founder and CTO of SoftwareMill, discusses Scala programming and the Tapir library. Scala is a general-purpose JVM language, and Tapir is a back-end library used to describe HTTP API endpoints as immutable Scala values. Host Philip Winston speaks with Warski about the implications of Scala being a JVM language, the Scala type system, the Scala community's view of functional vs. object-oriented programming, and the transition of the ecosystem from Scala 2 to Scala 3. The Tapir discussion explores why Tapir is a library and not a framework, how server interpreters work in Tapir, how interceptors work, and what observability features are included with Tapir.

Ryan Magee, postdoctoral scholar research associate at LIGO Laboratory – Caltech, joins host Jeff Doolittle for a conversation about how software is used by scientists in physics research. The episode begins with a discussion of gravitational waves...

Dan Lorenc, CEO of Chainguard, a software supply chain security company, joins SE Radio editor Robert Blumen to talk about software supply chain attacks. They start with a review of software supply chain basics; how outputs become inputs of someone else's supply chain; techniques for attacking the supply chain, including compromising the compilers, injecting code into installers, dependency confusion, and typo squatting. They also consider Ken Thompson's paper on injecting a backdoor into the C compiler. The episode then considers some well-known supply chain attacks: researcher Alex Birsan's dependency confusion attack; the log4shell attack on the Java Virtual Machine; the pervasiveness of compilers and interpreters where you don't expect them; the SolarWinds attack on a network security product; and CodeCov compromising the installer with code to insert exfiltration of environment variables into the installer. The conversation ends with some lessons learned, including how to protect your supply chain and the challenge of dependencies with modern languages.

Andy Dang, Head of Engineering at WhyLabs discusses observability and data ops for AI/ML applications and how that differs from traditional observability. SE Radio host Akshay Manchale speaks with Andy about running an AI/ML model in production and how...

Eddie Aftandilian, Principal researcher at GitHub discusses GitHub copilot and how it can improve developer productivity with host Priyanka Raghavan. The discussion explores various subtopics such as the history of copilot, how it can improve developer...

Peter Wyatt, CTO at PDF Association and project co-Leader of ISO 32000 (the core PDF standard), Duff Johnson CEO at PDF Association and ISO Project co-Leader and US TAG chair for both ISO 32000, discuss the 30 years' history of PDF, how to make a PDF...

Xe Iaso of Tailscale discusses how a VPN can be a useful tool when building software. SE Radio host Jeremy Jung spoke with Iaso about what VPNs are, onboarding, access control, authentication in the network vs individual services, peer-to-peer vs...

Tanmai Gopal, CEO of Hasura.io, joined SE Radio host Jeff Doolittle for a conversation about GraphQL. They discussed the history and rationale behind the original conception of GraphQL, as well as some of the use cases it is best suited for...

Jeff Perry, career coach with experience in multiple engineering and technology fields discusses how software engineers can be intentional and proactive in evaluating and pursuing career options, with host Kanchan Shringi.

Jonathan Shariat, coauthor of the book Tragic Design, discusses harmful software design. SE Radio host Jeremy Jung speaks with Shariat about how poor design can kill in the medical industry, accidentally causing harm with features meant to bring joy...

Adrian Kennard and Kevin Hones, Founders of FireBrick routers and firewalls, discuss how to design, build, test and support a hardware router and network operating system from scratch, while sharing the lessons learned. You'll also learn that in certain..

Brian Campbell, Distinguished Engineer at Ping Identity discusses cryptographic defences against stolen tokens for the OAUTH2 protocol with host Priyanka Raghavan. The discussion explores various subtopics such as the history of Proof of possession...

Randy Shoup of eBay discusses the evolution of eBay's tech stack. SE Radio host Jeremy Jung speaks with Shoup about eBay's origins as a single C++ class with an Oracle database, a five-year migration to multiple Java services, sharing a database...

In this episode, Abi Noda, founder of Pull Panda and DX, discusses developer experience with SE Radio host Brijesh Ammanath. They examine the basic concept of DX and its importance before diving into a wide variety of issues, including methodologies...

Jessi Ashdown and Uri Gilad, authors of the book "Data Governance: The Definitive Guide," discuss what data governance entails, why it's important, and how it can be implemented. Host Akshay Manchale speaks with them about why data governance...

Noah Gift, author of "Practical MLOps", discusses MLOps, which are tools are techniques used to operationalize machine learning applications. Host Akshay Manchale spoke to Noah about the foundational aspects such as basic automation through DevOps, data...

Phillip Mayhew of GameDriver discusses test automation for games and game-like applications. Host Philip Winston spoke with Mayhew about the increasing role of test automation in modern game development, the impact on the QA role, how to run tests...

John Ousterhout, professor of computer science at Stanford University, joined SE Radio host Jeff Doolittle for a conversation about his book, A Philosophy of Software Design. They discussed the history and ongoing challenges of software system design, especially the nature of complexity and the difficulties handling it. The conversation also explored various design concepts from the book, such as modularity, layering, abstraction, information hiding, maintainability, and readability.

Kumar Ramaiyer, CTO, Planning Business Unit at Workday, discusses the Infrastructure services needed for and the design of Building and lifecycle of supporting a SaaS application.

Karl Wiegers, Principal Consultant with Process Impact and author of 13 books, discusses specific software development practices that can help you make sure that you don't repeat the same problems he sees time and time again with every customer...

In this episode, SE Radio host Felienne speaks with Jordan Adler of OneSignal about code generation, a technique to generate code from specifications like UML or from other programming languages such as Typescript. They also discuss code transformation, which can be us

In this episode, we explore the popular pytest python testing tool with author Brian Okken, author of Python Testing with pytest. We start by discussing why pytest is so popular in the Python community: its focus on simplicity, readability, and developer ease-of-use; what makes pytest unique; the setup and teardown of tests using fixtures, parameterization, and the plugin ecosystem; mocking; why we should design for testing, and how to reduce the need for mocking; how to set up a project for testability; test-driven development, and designing your tests so that they support refactoring. Finally, we consider some complementary tools that can improve the python testing experience.