Software Engineering Radio - The Podcast for Professional Software Developers

Ganesh Datta, co-founder of Cortex.io, joins host Robert Blumen for a conversation about production readiness. The conversation covers the history of production readiness; its relationship to microservice architecture; the Google SRE model's impact on production readiness; production readiness checklists; the process; and production readiness transparency.

Simon Wijckmans, founder of c/side -- a company that focuses on monitoring, securing, and optimizing third-party JavaScript -- joins SE Radio host Kanchan Shringi for a conversation about the security risks posed by third-party browser scripts. Through real-world examples and insights drawn from his work in web security, Simon highlights the dangers, including malicious attacks such as the recent Polyfill.io incident. He emphasizes the need for vigilant monitoring, as these third-party scripts remain essential for website functionalities like analytics, chatbots, and ads, despite their potential vulnerabilities. Simon explores the use of self-hosting solutions and content security policies (CSPs) to minimize risks, but he stresses that these measures alone are insufficient to fully safeguard websites.  As the discussion continues, they delve into the importance of layering security approaches. Simon advocates for combining techniques like CSPs, real-time monitoring, and AI-driven analysis, which his company c/side employs to detect and block malicious scripts. He also touches on the complexities of securing single-page applications (SPAs), which allow scripts to persist across pages without full reloads, increasing the attack surface for third-party vulnerabilities. Brought to you by IEEE Computer Society and IEEE Software magazine.

Catherine Nelson, author of the new O’Reilly book, Software Engineering for Data Scientists, discusses the collaboration between data scientists and software engineers -- an increasingly common pairing on machine learning and AI projects. Host Philip Winston speaks with Nelson about the role of a data scientist, the difference between running experiments in notebooks and building an automated pipeline for production, machine learning vs. AI, the typical pipeline steps for machine learning, and the role of software engineering in data science. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jonathan Horvath of Z-bit discusses physical access control systems (PACS) with host Jeremy Jung. They start with an overview of PACS components and discuss the proprietary nature of the industry, the slow pace of migration to open standards, and why Windows is commonly used. Jonathan describes the security implications of moving from isolated networks to the cloud, as well as credential vulnerabilities, encryption using symmetric keys versus asymmetric keys, and the risks related to cloning credentials. They also consider several standards, including moving from Wiegand to the Open Supervised Device Protocol (OSDP), as well as the Public Key Open Credential (PKOC) standard, and the open source OSDP implementation that Jonathan authored. Brought to you by IEEE Computer Society and IEEE Software magazine.

Cody Ebberson, CTO of Medplum, joins host Sam Taggart to discuss the constraints that working in regulated industries add to the software development process. They explore some general aspects of developing for regulated industries, such as healthcare and finance, as well as a range of specific considerations that can add complexity and effort. Cody describes how translating regulatory requirements into test specifications and automating those tests can help streamline software development in these regulated environments.  Brought to you by IEEE Computer Society and IEEE Software magazine.

Nick Tune and Jean-Georges Perrin join host Giovanni Asproni to talk about their proposed approach to modernizing legacy systems. The episode starts with some high-level perspective to set context for the approach described in their book, Architecture Modernization (Manning, 2024). From there, the discussion turns to important details, including criteria for deciding which aspects to revisit; some of the activities, processes, and tools; and the importance of data engineering in modernization efforts. Nick and Jean-Georges describe how to successfully implement an architecture-modernization effort, and how to fit that work with the teams' other priorities. The episode finishes with some warnings about the typical risks associated with modernizing a legacy system, and suggestions on how to mitigate them. This episode is sponsored by QA Wolf.

Steve Smith, founder and principal architect at Nimble Pros, joins host Jeff Doolittle for a conversation about software quality. The episode begins with a discussion of why software quality matters for businesses, customers, and developers. Steve explains some patterns and practices that help teams design for quality. They discuss in detail the practices of testing and quality assurance, and the conversation wraps up with suggestions for fostering a culture of quality in teams and organizations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Sriram Panyam, CTO at DagKnows, discusses SaaS Control Planes with SE Radio host Brijesh Ammanath. The discussion starts off with the basics, examining what control planes are and why they're important. Sriram then discusses reasons for building a control plane and the challenges in designing one. They explore design and architectural considerations when building a SaaS control plane, as well as the key differences between a control plane and a data plane. This episode is sponsored by QA Wolf.

Stevie Caldwell, Senior Engineering Technical Lead at Fairwinds, joins host Priyanka Raghavan to discuss zero-trust network reference architecture. The episode begins with high-level definitions of zero-trust architecture, zero-trust reference architecture, and the pillars of Zero Trust. Stevie describes four open-source implementations of the Zero Trust Reference Architecture: Emissary Ingress, Cert Manager, LinkerD, and the Policy Engine Polaris. Each component is explored to help clarify their roles in the Zero Trust journey. The episode concludes with a look at the future direction of Zero Trust Network Architecture. This episode is sponsored by QA Wolf.

Jim Bugwadia, CEO of Nirmata and a committer to the Kyverno projects, joins host Robert Blumen for a discussion of policy-as-code and the open source Kyverno project. The discussion covers the nature of policies; policies and security; policies and compliance to standards; security scans that generate reports compared to tools that allow or deny operations at run time; Kyverno as a kubernetes service; the Kyverno helm charts; the components of Kyverno; bootstrapping a kubernetes cluster with Kyverno; installing policies; implementing policies; customizing policies; packaging and installing policies; kubernetes dynamic admission controllers; the Kyverno admission controller; securing Kyverno itself; observability of Kyverno; types of reports and messages available to cluster users. This episode is sponsored by QA Wolf.

Itamar Friedman, the CEO and co-founder of CodiumAI, speaks with host Gregory M. Kapfhammer about how to use generative AI techniques to support automated software testing. Their discussion centers around the design and use of Cover-Agent, an open-source implementation of the automated test augmentation tool described in the Foundations of Software Engineering (FSE) paper entitled “Automated Unit Test Improvement using Large Language Models at Meta“ by Alshahwan et al. The episode explores how large-language models (LLMs) can aid testers by automatically generating test cases that increase the code coverage of an existing testing suite. They also investigate other automated testing topics, including how Cover-Agent compares to different LLM-based tools and the strengths and weaknesses of using LLM-based approaches in software testing.

Goran Petrovic, a Staff Software Engineer at Google, speaks with host Gregory M. Kapfhammer about how to perform mutation testing on large software systems. They explore the design and implementation of the mutation testing infrastructure at Google, discussing the strategies for ensuring that it enhances both developer productivity and software quality. They also investigate the findings from experiments that quantify how mutation testing enables software engineers at Google to write better tests that can detect defects and increase confidence in software correctness. Brought to you by IEEE Computer Society and IEEE Software magazine.

Abhay Paroha, an engineering leader with more than 15 years' experience in leading product dev teams, joins SE Radio's Kanchan Shringi to talk about cloud migration for oil and gas production operations. They discuss Abhay's experiences in building a cloud foundation layer that includes a canonical data model for storing bi-temporal data. They further delve into his teams' learnings from using Kubernetes for microservices, the transition from Java to Scala, and use of Akka streaming, along with tips for ensuring reliable operations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Luis Rodríguez, CTO of Xygeni.io, joins host Robert Blumen for a discussion of the recently thwarted attempt to insert a backdoor in the SSH (Secure Shell) daemon. OpenSSH is a popular implementation of the protocol used in major Linux distributions for authentication over a network. Luis describes how a backdoor in a supporting library was recently discovered and removed before the package was published to stable releases of the Linux distros. The conversation explores the mechanism of the attack through modifying a function table in the runtime; how the attack was inserted during the build; how the attack was carefully staged in a series of modifications to the lz compression library; the nature of “Jia Tan,” the entity who committed the changes to the open source project; social engineering that the entity used to gain the trust of the open source community; what forensics indicates about the location of the entity; hypotheses about whether criminal or state actors backed the entity; how the attack was detected; implications for other open source projects; why traditional methods for detecting exploits would not have helped find this; and lessons learned by the community. Brought to you by IEEE Computer Society and IEEE Software magazine.

Emily Bache, founder of the Samman Technical Coaching Society and author of several books about technical agile coaching, talks with SE Radio host Sam Taggart about katas and the importance of practice. They discuss how practicing in a safe environment helps developers to learn new skills and build new habits. They also talk about how Samman coaching combines this sort of deliberate practice with applying the lessons learned in practice to the production code base. They also touch briefly on the advantages of working in an ensemble fashion. Brought to you by IEEE Computer Society and IEEE Software magazine.

Hans Dockter, the creator of the Gradle build tool and founder of Gradle Inc, the company behind the developer productivity platform Develocity, joins SE Radio host Giovanni Asproni to talk about developer productivity. They start with some definitions and an explanation of the importance of developer productivity, its relationship with cognitive load, and the big impact that development tools have on it. Hans describes how to implement developer productivity metrics in an organization, as well as warns about some pitfalls. The episode closes with some discussion on Hans's views on the future of this discipline, as well as some near-term developments and expectations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Chuck Weindorf, a retired IT director and chief engineer with nearly 40 years' experience in software engineering, joins host Jeff Doolittle for a conversation about the concepts in Chuck's book, Leaders & Software Engineers. Through personal anecdotes and insights gleaned from his extensive career, Chuck underscores quality assurance's critical role in building trust with users and fostering a proactive culture of defect resolution within development teams. He highlights how ethical considerations underpin trust and integrity within the software engineering profession. Chuck and Jeff examine the significance of thorough documentation and the vital role of effective communication in overcoming silos within organizations, and ensuring that projects meet their intended objectives while maintaining high standards of quality and reliability. They discuss how to cultivate a positive, innovative culture within engineering teams. Chuck shares strategies for addressing challenges and opportunities presented by change, advocating for adaptability and continuous learning as essential qualities for both new and experienced engineers navigating the evolving technological landscape. He offers advice for those transitioning into leadership roles, emphasizing the importance of developing soft skills and the ability to empathize with and inspire team members. Finally, the episode explores the potential impact of emerging technologies, such as low-code platforms and artificial intelligence. Brought to you by IEEE Computer Society and IEEE Software magazine. 

Ipek Ozkaya, Principal Researcher and Technical Director of the Engineering Intelligent Software Systems group at the Software Engineering Institute, Carnegie Mellon, discusses generative AI for Software Architecture with SE Radio host Priyanka Raghavan. The episode delves into fundamental definitions of software architecture and explores use cases in which gen AI can enhance architecture activities. The conversation spans from straightforward to challenging scenarios and highlights examples of relevant tooling. The episode concludes with insights on verifying the correctness of output for software architecture prompts and future trends in this domain. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jonathan Schneider, the cofounder of Moderne and the creator of OpenRewrite, talks with SE Radio's Gregory Kapfhammer about automated software maintenance. In addition to exploring the design and implementation of OpenRewrite, Schneider explains how the tool can automatically support software maintenance tasks such as framework migration and security fixes for programs implemented in languages like Java. The episode also explores how OpenRewrite uses the lossless semantic tree to support automated refactoring though the use of recipes. Brought to you by IEEE Computer Society and IEEE Software magazine.

Marcelo Trylesinski, a senior software engineer at Pydantic and a maintainer of open-source Python tools including Starlette and Uvicorn, joins host Gregory M. Kapfhammer to talk about FastAPI. Their conversation focuses on the design and implementation of FastAPI and how programmers can use it to create web-based APIs. They also explore how to create and deploy a FastAPI implemented in the Python programming language. Brought to you by IEEE Computer Society and IEEE Software magazine.

Michael J. Freedman, the Robert E. Kahn Professor in the Computer Science Department at Princeton University, as well as the co-founder and CTO of Timescale, spoke with SE Radio host Gavin Henry about TimescaleDB. They revisit what time series data means in 2024, the history of TimescaleDB, how it integrates with PostgreSQL, and they take the listeners through a complete setup. Freedman discusses the types of data well-suited for a timeseries database, the types of sectors that have these requirements, why PostgreSQL is the best, Pg callbacks, Pg hooks, C programming, Rust, their open source contributions and projects, data volumes, column-data, indexes, backups, why it is common to have one table for your timeseries data, when not to use timescaledb, IoT data formats, Pg indexes, how Pg works without timescaledb, sharding, and how to manage your upgrades if not using Timescale Cloud. Brought to you by IEEE Computer Society and IEEE Software magazine.

Wolf Vollprecht, the CEO and founder of Prefix.dev, speaks with host Gregory M. Kapfhammer about how to implement Python tools, such as package managers, in the Rust programming language. They discuss the challenges associated with building Python infrastructure tooling in Python and explore how using the Rust programming language addresses these concerns. They also explore the implementation details of Rust-based tooling for the Python ecosystem, focusing on the cross-platform Pixi package management tool, which enables developers to easily and efficiently install libraries and applications in a reproducible fashion. Brought to you by IEEE Computer Society and IEEE Software magazine.

Xe Iaso of Fly.io discusses their hosting platform with host Jeremy Jung. They cover building globally distributed applications with Anycast, using Wireguard to encrypt inter-service communication, writing custom code to handle load balancing and scaling with fly-proxy, why serving EU customers has unique requirements, letting users use docker images without the docker runtime by converting them to firecracker and cloud hypervisor microVMs, the differences between regular VMs and microVMs, challenges of acquiring and serving GPUs to customers. when to use Kubernetes, and dealing with abuse on the platform. Brought to you by IEEE Computer Society and IEEE Software magazine.

Shannon Selbert, co-founder of Soren and developer of Oban, and Parker Selbert, creator of the Oban background job framework, chief architect at dscout, and co-founder of Soren, speak with SE Radio host Gavin Henry about robust job processing in Elixir. They explore the reliability, consistency, and observability in relation to job processing, to understand how Oban, Elixir, and PostgreSQL deliver them. The Selberts describe why Oban was created, its history, which parts of the Elixir ecosystem they use, and why this would not be possible without PostgreSQL and Elixir. They discuss the lessons learned in the 5 years since the first release, as well as use cases, job throughput, the hardest problem to solve so far, workers, queues, CRON, distributed architectures, retry algorithms, just-once methodologies, the reliability the beam brings, consistency across nodes, how PostgreSQL is vital, telemetry data, best use cases for Oban, and the most common issues that new users face. Brought to you by IEEE Computer Society and IEEE Software magazine.

Infrastructure engineer and Kubernetes ingress-Nginx maintainer James Strong joins host Robert Blumen to discuss the Kubernetes networking layer. The discussion draws on content from Strong’s book on the topic and covers a lot of ground, including: the Kubernetes network's use of different IP ranges than the host network; overlay network with its own IP ranges compared to using expanded portions of the host network ranges; adding routes with kernel extension points; programming kernel extension points with IP tables compared to eBPF; how routes are updated as the host network gains or loses nodes, the use of the Linux network namespace to isolate each pod; routing between pods on the same host; routing between pods across the host network; the container-network interface (CNI); the CNI ecosystem; differences between CNIs; choosing a CNI when running on a public cloud service; the Kubernetes service abstraction with a cluster-wide IP address; monitoring and telemetry of the Kubernetes network; and troubleshooting the Kubernetes network. Brought to you by IEEE Software magazine and IEEE Computer Society.

Andreas Møller, founder of Toddle, a no-code tool for building scalable performant web applications, speaks with SE Radio's Brijesh Ammanath about no-code platforms. They discuss the role of developers in a no-code ecosystem and explore scalability and performance considerations, as well as enterprise adoption of no-code tools. Andreas also expands on why he built Toddle.dev and its unique features. Brought to you by IEEE Computer Society and IEEE Software.

Frances Buontempo, author of the new book Learn C++ by Example, discusses the C++ programming language, a widely used general-purpose programming language. Host Philip Winston spoke with Buontempo about where C++ fits into the landscape of existing programming languages and how recent C++ standards have changed things. They talk about specific language features such as lambdas, templates, concurrency, ranges, concepts along with tips for learning and using C++. Brought to you by IEEE Software and IEEE Computer Society.

Ori Saporta, co-founder and Systems Architect at vFunction, joins host Jeff Doolittle for a conversation about the role of the software architect. The episode begins with Ori’s thoughts on what is typically missed or overlooked regarding this role. The conversation then explores aspects of both hard and soft skills required of software architects. Other topics include the relationship of the software architect to other roles, to design and process, and to quality. The show concludes by addressing the importance of dependency management by software architects. Brought to you by IEEE Software magazine and IEEE Computer Society.

Kent Beck, Chief Scientist at Mechanical Orchard, and inventor of Extreme Programming and Test-Driven Development, joins SE Radio host Giovanni Asproni for a conversation on software design based on his latest book "Tidy First?". The episode starts with exploring the reasons for writing the book, and introducing the concepts of tidying, cohesion, and coupling. It continues with a conversation about software design, and the impact of tidyings. Then Kent and Giovanni discuss how to balance design and code quality decisions with cost, value delivered, and other important aspects. The episode ends with some considerations on the impact of Artificial Intelligence on the software developer's job. Brought to you by IEEE Software and IEEE Computer Society.

Shahar Binyamin, CEO and co-founder of Inigo, joins host Priyanka Raghavan to discuss GraphQL security. They begin with a look at the state of adoption of GraphQL and why it's so popular. From there, they consider why GraphQL security is important as they take a deep dive into a range of known security issues that have been exploited in GraphQL, including authentication, authorization, and denial of service attacks with references from the OWASP Top 10 API Security Risks. They discuss some mitigation strategies and methodologies for solving GraphQL security problems, and the show ends with discussion of Inigo and Shahar's top three recommendations for building safe GraphQL applications. Brought to you by IEEE Software and IEEE Computer Society.

Wouter Groeneveld, author of The Creative Programmer and PhD researcher at KU Leuven, discusses his research related to programming education with host Jeremy Jung. Topics include evaluating projects, constraints, social debt in teams, common fallacies in critical thinking, maintaining flow state, documenting and retaining knowledge, and creating environments that encourage creativity. Brought to you by IEEE Software and IEEE Computer Society.

Eyal Solomon, CEO and co-founder of Lunar.dev, joins SE Radio’s Kanchan Shringi for a discussion on tooling for API consumption management. The episode starts by examining why API consumption management is an increasingly important topic, and how existing tooling on the provider side can be inadequate for client-side issues. Eyal talks in detail about issues that are unique to API consumers, before taking a deep dive into the evolution of middleware built by teams and companies to address these issues and the gaps. Finally they consider how Lunar.dev seeks to solve these issues, as well as Eyal's vision of lunar.dev as a open source platform. This episode is sponsored by WorkOS.

Ines Montani, co-founder and CEO of Explosion, speaks with host Jeremy Jung about solving problems using natural language processing (NLP). They cover generative vs predictive tasks, creating a pipeline and breaking down problems, labeling examples for training, fine-tuning models, using LLMs to label data and build prototypes, and the spaCy NLP library.

Phillip Carter, Principal Product Manager at Honeycomb and open source software developer, talks with host Giovanni Asproni about observability for large language models (LLMs). The episode explores similarities and differences for observability with LLMs versus more conventional systems. Key topics include: how observability helps in testing parts of LLMs that aren't amenable to automated unit or integration testing; using observability to develop and refine the functionality provided by the LLM (observability-driven development); using observability to debug LLMs; and the importance of incremental development and delivery for LLMs and how observability facilitates both. Phillip also offers suggestions on how to get started with implementing observability for LLMs, as well as an overview of some of the technology's current limitations. This episode is sponsored by WorkOS.

Rishi Singh, founder and CEO at Sapient.ai, speaks with SE radio’s Kanchan Shringi about using generative AI to help developers automate test code generation. They start by identifying key problems that developers are looking for in an automated test-generation solution. The discussion explores the capabilities and limitations of today’s large language models in achieving that goal, and then delves into how Sapient.ai has built wrappers around LLMs in an effort to improve the quality of the generated tests. Rishi also suggests how to validate the generated tests and outlines his vision of the future for this rapidly evolving area. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode is sponsored by WorkOS.

Hyrum Wright, Senior Staff Engineer at Google, discusses the book he co-edited, “Software Engineering at Google,” with host Gregory M. Kapfhammer. Wright describes the professional and technical best practices adopted by the software engineers at Google. The wide-ranging conversation investigates an array of topics, including measuring engineering productivity and writing effective test cases. This episode is sponsored by the Algorand Foundation.

Lane Wagner of Boot.dev speaks with host Philip Winston about Go, the programming language that's popular for web, cloud, devops, networking, and other types of development. In addition to discussing existing features such as structs, interfaces, concurrency, and error handling, Lane and Philip take a deep look at generics, a recent addition to the language. They also explore the developer experience with Go.

John Frandsen, Chief Product officer for Elebase, joins host Jeff Doolittle for an exploration of geospatial technologies. The conversation begins with a discussion of the history of mapping and global information systems (GIS) technologies. John describes the underlying technologies used in location-aware applications and the ways that developers can incorporate maps in their own applications. The conversation also highlights recent changes and innovations in the space, as well as the challenges and opportunities of incorporating your own data into existing base map providers. This episode is sponsored by WorkOS.

Charlie Jones, Director of Product Management at ReversingLabs and subject matter expert in supply chain security, joins host Priyanka Raghavan to discuss tackling third-party software risks. They begin by defining different types of third-party software risks and then take a deep dive into case studies where third-party components and software have had cascading effects on downstream systems. They consider some frameworks for secure software development that can be used to evaluate third-party software and components – both as a publisher or as a consumer – and end by discussing laws and regulations with final advise from Charlie on how enterprises can tackle third-party software risks. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode is sponsored by WorkOS.

Yingjun Wu, founder of RisingWave Labs and previously a software engineer at Amazon Web Services and researcher at IBM Almaden Research Center, speaks with SE Radio host Brijesh Ammanath about streaming databases. After considering the benefits and unique challenges, they delve into the architecture and design patterns of streaming databases, as well as the evolution and security considerations. Yingjun also talks about the future of streaming databases, including the potential impact that Amazon S3 Express One Zone will have on the streaming landscape, and how the unified batch and streaming might evolve in the database world. Brought to you by IEEE Computer Society and IEEE Software magazine.

Karl Wiegers, Principal Consultant with Process Impact and author of 14 books, and Candase Hokanson, Business Architect and PMI-Agile Certified Practitioner at ArgonDigital, speak with SE Radio host Gavin Henry about software requirements essentials. They explore five different parts of requirements engineering and how you can apply them to any ongoing project. Wiegers and Hokanson describe why requirements constantly change, how you can test that you're meeting them, and why the tools you have at hand are suitable to start straight away. They discuss the need for requirements in every software project and provide recommendations on how to gather, analyze, validate, and manage those requirements. Candase and Karl offer in-depth perspectives on a range of topics, including how to elicit requirements, speak with users, get to the source of the business or user goal, and create requirement sets, models, prototypes, and baselines. Finally, they look at specifications you can use, and how to validate, test, and verify them. Brought to you by IEEE Computer Society and IEEE Software magazine.

Nicolas Carlo talks with host Sam Taggart about Nicolas’s recent book, Legacy Code First Aid Kit. They start by defining legacy code and the general issues that developers face when dealing with it. Nicolas describes some of the tools in his book and provides examples of where he has found them useful. The episode also touches briefly on the role of AI and some other tools Nicolas has discovered since writing the book. This episode sponsored by WorkOS.

Han Yuan, an accomplished Chief Product and Technology Officer, joins host Priyanka Raghavan to discuss reorganizations. The conversation starts with a broad discussion of reorganizations and reasons that companies choose to undertake them. They then consider organizational behavior and topics such as Conway's law and the theory of constraints. Han offers some advice on key steps to take when planning for a reorg, including how software teams could organize themselves based on technology, frameworks, or user journeys. The episode ends with some discussion of metrics and lessons learned. Brought to you by IEEE Computer Society and IEEE Software magazine.

William Morgan, founder of the Linkerd service mesh and CEO of Bouyant, joins SE Radio’s Robert Blumen for a discussion of sidecars, service mesh, and a forthcoming enhancement to kubernetes to support sidecars natively. The conversation explores the origin of sidecars, sidecars and service mesh, and migrating service mesh to kubernetes. They take a deep dive into some aspects of running service mesh on kubernetes, the difficulties in running a sidecar container in a pod, and Kubernetes Enhancement Proposal (KEP) 753, which is intended to provide better native support for sidecar containers. William also gives some thoughts on the continuing relevance of service mesh.

Jason C. McDonald, author of the book Dead Simple Python, speaks with host Samuel Taggart about leveraging quantified tasks to improve estimation, particularly across projects. They discuss the origin of the concept and its relationship with story points, and Jason offers examples to show how quantified tasks can capture nuances in software tasks that are often lost with story points. He also points to the ability to compare them across projects as a major advantage of quantified tasks. Among other topics, they consider also how to use quantified tasks to analyze the stability of a codebase. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jonathan Crossland, software architect, author, and business owner, joins host Jeff Doolittle for a conversation about the AMMERSE framework of design principles. They start by discussing the agile manifesto as a statement of values, and Jonathan shares his perspective based on his experience as a software developer and business owner. They then explore the three layers of the AMMERSE framework and how they help business and engineering leaders to align their values, thereby improving their ability to collaborate and reach common goals. Brought to you by IEEE Computer Society and IEEE Software magazine.

Coral Calero Muñoz and Felix Garcia, professors at the University of Castilla-La Mancha, speak with host Giovanni Asproni about green and sustainable software—an approach to software development aimed at creating software systems that consume less energy and produce less CO2 during their entire lifetimes with minimal impact on their functionality and other qualities. The episode starts by describing why green software matters, particularly in the context of global warming, and introducing the key concepts. Continues discussing the current status of the field, in both academia and industry, and finishes with hints and tips that can be readily applied by development teams to make their systems greener. Brought to you by IEEE Computer Society and IEEE Software magazine.

Maxim Fateev, the CEO of Temporal, speaks with SE Radio's Philip Winston about how Temporal implements durable execution. They explore concepts including workflows, activities, timers, event histories, signals, and queries. Maxim also compares deployment using self-hosted clusters or the Temporal Cloud.

Llewelyn Falco, creator approval tests, talks with SE Radio host Sam Taggart about testing code in general and the various types of testing that developers perform. Llewelyn elaborates on how approval tests can help test code at a higher level than traditional unit tests. They also discuss using approval tests to help get legacy code under test. This episode sponsored by Data Annotation.

Sean Moriarity, creator of the Axon deep learning framework, co-creator of the Nx library, and author of Machine Learning in Elixir and Genetic Algorithms in Elixir, published by the Pragmatic Bookshelf, speaks with SE Radio host Gavin Henry about what deep learning (neural networks) means today. Using a practical example with deep learning for fraud detection, they explore what Axon is and why it was created. Moriarity describes why the Beam is ideal for machine learning, and why he dislikes the term “neural network.” They discuss the need for deep learning, its history, how it offers a good fit for many of today’s complex problems, where it shines and when not to use it. Moriarity goes into depth on a range of topics, including how to get datasets in shape, supervised and unsupervised learning, feed-forward neural networks, Nx.serving, decision trees, gradient descent, linear regression, logistic regression, support vector machines, and random forests. The episode considers what a model looks like, what training is, labeling, classification, regression tasks, hardware resources needed, EXGBoost, Jax, PyIgnite, and Explorer. Finally, they look at what’s involved in the ongoing lifecycle or operational side of Axon once a workflow is put into production, so you can safely back it all up and feed in new data. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode sponsored by Miro.

Eric Olden talks with host Giovanni Asproni about identity orchestration, a software approach for managing distributed identity and access management (IAM) and integrating multiple identity systems or providers (IDPs) to make them look like a single system from a user perspective. The episode starts with a refresher in identity and access management, then introduces identity orchestration and some of the challenges it helps to address, such as integrating disparate identity management systems after company mergers or acquisitions; managing identities in situations where some of the IAM systems are unreachable; and implementing more secure identity management in legacy applications. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jaxon Repp of HarperDB speaks with Brijesh Ammanath about distributed data infrastructure, including what it is and why it's important. They discuss the key factors that make distributed data infrastructure attractive, as well as challenges to implementing it. The episode explores the architecture and design principles, the key security considerations, and the transition factors for distributed data Infrastructure. Brought to you by IEEE Computer Society and IEEE Software.

Yeckezkel Rabinovich, CTO of Groundcover, speaks with host Philip Winston about observability and eBPF as it applies to Kubernetes. Rabinovich was previously the chief architect at the healthcare security company CyberMDX and spent eight years in the cyber security division of the Israeli Prime Minister’s Office. This episode explores the three pillars of observability, extending the Linux Kernel with eBPF, the basics of Kubernetes, and how Groundcover uses eBPF as the basis for its observability platform.

Andy Suderman, CTO of Fairwinds, joins host Robert Blumen to talk about standing up a kubernetes cluster. Their discussion covers build-your-own versus managed clusters provided by cloud services, and how to determine the number of kubernetes clusters an organization needs. Andy describes best practices for automating cluster provisioning, and offers recommendations about customizations and opinionation of cloud service providers, choice of container registry, and whether you should run complementary services such as CI and monitoring on the same cluster. The episode also examines the day 0/day 1/day 2 lifecycle, cluster auto-scaling at the cloud service level, integrating stateful services and other cloud services into your cluster, and kubernetes secrets and alternatives. Finally, they consider the container-network interface (CNI), ingress and load balancers, and provisioning external DNS and TLS certificates for cluster services.

Zac Hatfield-Dodds, the Assurance Team Lead at Anthropic, speaks with host Gregory M. Kapfhammer about property-based testing techniques and how to use them in an open-source tool called Hypothesis. They discuss how to define properties for a Python function and implement a test case in Hypothesis. They also explore some of the advanced features in Hypothesis that can automatically generate a test case and perform fuzzing campaigns.

José Valim, creator of the Elixir programming language, Chief Adoption Officer at Dashbit, and author of three programming books, speaks with SE Radio host Gavin Henry about what Elixir is today, what Livebook is, the five spearheads of the new machine learning ecosystem for Elixir, and how they all fit together. Valim describes why he created Elixir, what “the beam” is, and how he pitches it to new users. This episode examines things you can do with Livebook and how it is well-aligned with machine learning, as well as why immutability is important and how it works. They take a detailed look at a range of topics, including tensors with Nx, traditional machine learning with Scholar, data munging with Explorer, deep learning and neural networks with Axon, Bumblebee and Huggingface, and model creation basics. Brought to you by IEEE Computer Society and IEEE Software magazine.

M. Scott Ford, the CTO of Corgibytes and host of the Legacy Code Rocks podcast, discusses managing dependency freshness. SE Radio’s Sam Taggart speaks with him about why dependency freshness is important to ensure that your code has all the latest bug fixes, how exactly to measure dependency freshness, and some of the insights that teams can gain from monitoring freshness over time. Brought to you by IEEE Computer Society and IEEE Software Magazine.

Nikhil Shetty, an expert in networking and distributed systems, speaks with SE radio's Kanchan Shringi about virtual private cloud (VPC) and related technologies. They explore how VPC relates to public cloud, private cloud, and virtual private networks (VPNs). The discussion delves into why VPC is fundamental to building on the cloud, as well as configuring a VPC, subnets, and the address space that can be assigned to the VPC. During this episode they look into route tables, network address translation, as well as security groups, network access control lists, and DNS. Finally, Nikhil helps compare VPC offerings from Amazon Web Services (AWS) and Oracle Cloud Infrastructure (OCI).

Adam Frank, SVP of Product and Marketing at Armory.io, speaks with SE Radio’s Kanchan Shringi about continuous integration, continuous delivery, and continuous deployment – and how they differ. Frank suggests that organizations begin by identifying how the CI/CD process aligns best with their unique goals, noting that such goals might be different for B2C versus B2B SAAS (software as a service). They also discuss how the process can differ for monoliths compared to microservices-based products. Finally, they talk about continuous deployment as a service and some unique aspects of Armory’s approach.

Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad description of the approach, which is based on Weir's research and on a free Developer Security Essentials workshop he created. Charles presents some examples from real-world projects, his view on AI's impact on security, and information about the workshop and where to find the materials. During the conversation, they consider several related topics including the concept of "good enough" security; security as a product decision; risk assessment, classification, and prioritization; and how to approach security in startups, greenfield, and legacy systems.

Lukas Fittl of pganalyze discusses the performance of Postgres, one of the world’s most popular database systems. SE Radio host Philip Winston speaks with Fittl about database indexing, queries, maintenance, scaling, and stored procedures. They also discuss some features of pganalyze, such as the index and vacuum advisors.

Dr. Daniel Zingaro and Dr. Leo Porter, co-authors of the book Learn AI-Assisted Python Programming, speak with host Jeremy Jung about teaching programming with the aid of large language models (LLMs). They discuss writing a book to use in Leo's introductory CS class and explore how GitHub Copilot de-emphasizes syntax errors, reduces the need to memorize APIs, and why they want students to write manual test cases. They also discuss possible ethical concerns of relying on commercial tools, their impact on coursework, and why they aren't worried about students cheating with LLMs.

Zach Lloyd, CEO of Warp.dev, discusses how to implement and effectively use command-line terminals. Host Gregory Kapfhammer speaks with Lloyd about how command-line terminals work and how the Warp terminal uses the GPU and AI to enhance a software developer’s productivity. They also discuss the trade-offs associated with using the Rust programming language to implement a command-line terminal. Brought to you by IEEE Computer Society and IEEE Software magazine.

Josh Doody, author of Mastering Business Email, speaks with host Brijesh Ammanath about how software engineers can master business communication. They begin with an exploration of various communication modes, including Slack, virtual meetings, emails, and presentations. Josh shares several strategies to improve communication skills and cross-cultural communication, but if there's one key take away from this episode, it might be: “use positive language for any medium of communication; be kind and use positive words.” Brought to you by IEEE Software magazine and IEEE Computer Society.

Arun Gupta, Vice President and General Manager of Open Ecosystem Initiatives at Intel Corporation, discusses open-source strategy and community with SE Radio host Kanchan Shringi. They explore the business case and business model for why and how big tech participates in the open-source ecosystem. Arun describes ways to foster a culture of engagement with open source within companies such as Intel, Amazon, and Apple. They then consider how the principles can be applied to closed-source software within a company. Finally, they discuss some of the benefits that Intel has gained from more than 20 years of open source contributions and look at the company’s plan for the year ahead. SE Radio is rought to you by IEEE Software magazine and IEEE Computer Society.

In this episode, Ori Mankali, senior VP of engineering at cloud security startup Akeyless, speaks with SE Radio’s Nikhil Krishna about secrets management and the innovative use of distributed fragment cryptography (DFC). In the context of enterprise IT, 'secrets’ are crucial for authentication in providing access to internal applications and services. Ori describes the unique challenges of managing these sensitive data, particularly given the complexities of doing so on a large scale in substantial organizations. They discuss the necessity for a secure system for managing secrets, highlighting key features such as access policies, audit capabilities, and visualization tools. Ori introduces the concept of distributed fragment cryptography, which boosts security by ensuring that the entire secret is never known to any single entity. The episode explores encryption and decryption and the importance of key rotation, as they consider the challenges and potential solutions in secrets management.

Casey Muratori caused some strong reactions with a blog post and an associated video in which he went through an example from the “Clean Code” book by Robert Martin to demonstrate the negative impact that clean code practices can have on performance. In this episode, he joins SE Radio’s Giovanni Asproni to talk about the potential trade-offs between performance and the qualities that make for maintainable code, these qualities being the main focus of Clean Code. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jens Neuse, founder of Wundergraph, joins SE Radio host Jeff Doolittle for a conversation about back ends for front ends, or BFF. Jens begins by explaining how a heavy integration burden is often placed on front-end development teams. When multiple APIs must be integrated, it can be challenging for client development in web, mobile, and desktop environments. Explaining how APIs should be treated as dependencies, just like packages, the episode explores BFF patterns and use cases, as well as the future potential emergence of a “git for APIs” standard. This episode is sponsored by ClickSend. 

Nir Valtman, co-Founder and CEO at Arnica, discusses pipelineless security with SE Radio host Priyanka Raghavan. They start by defining pipelines and then consider how to add security. Nir lays out the key challenges in getting good code coverage with the pipeline-based approach, and then describes how to implement a pipelineless approach and the advantages it offers. Priyanka quizzes him on the concept of "zero new hardcoded secrets," as well as some ways to protect GitHub repositories, and Nir shares examples of how a pipelineless approach could help in these scenarios. They then discuss false positives and handling developer fatigue in dealing with alerts. The show ends with some discussion around the product that Arnica offers and how it implements the pipelineless methodology.

Chad Michel, Senior Software Architect at Don’t Panic Labs and co-author of Lean Software Systems Engineering for Developers, joins host Jeff Doolittle for a conversation about treating software development as an engineering discipline. They begin by discussing the need for engineering rigor in the software industry. Chad points out that many developers lack awareness of good engineering practice and are often unaware of resources such as the Software Engineering Body of Knowledge (SWEBOK). Among the many topics explored in this episode are design methodologies such as volatility-based decomposition and the work of David Parnas, as well as important topics such as quality, how to address complexity, designing for change, and the role of the chief engineer. This episode is sponsored by ClickSend. SE Radio listeners can get a $50 credit by following the link.

In this episode, Varun Singh, Chief Products and Technology Officer at Daily.co, speaks with host Nikhil Krishna about the 30-year evolution of web protocols. In particular, they explore the impact of protocol ossification, which has supported the Internet’s success but also limits the flexibility of evolving protocol suites such as TCP/IP and UDP by constraining future development. Varun points out how the end-to-end principle emphasizes full flexibility for end hosts, but the TCP implementation in the OS kernel as well as in “middle boxes” such as ISPs contributes to the constraints of ossification by blocking certain types of traffic. Further, the development of new protocols is challenging due to the need for backward compatibility with existing protocols. They discuss Google’s efforts – and the challenges it has faced – in working to move the HTTP protocol forward. The role of standards bodies such as the IETF and collaboration between industry stakeholders is crucial for the evolution of internet protocols, requiring a balance between maintaining backward compatibility and introducing new protocols such as QUIC and HTTP/3 to address existing constraints and improve internet performance and security. indeed, QUIC includes features that seek to actively avoid ossification and encourage evolution.

Gregory Kapfhammer, associate professor at Allegheny College, discusses the common problem of ‘flaky tests’ with SE Radio’s Nikhil Krishna. Flaky tests are test cases that unreliably pass or fail even when no changes are made to the source code under test or to the test suite itself, which means that developers can’t tell whether the failures indicate bugs that needs to be resolved.  Flaky tests can hinder continuous integration and continuous development by undermining trust in the CI/CD environment. This episode examines sources of flaky tests, including physical factors such as CPU or memory changes, as well as program-related factors such as performance issues. Gregory also describes some common areas that are prone to flaky tests and ways to detect them. They discuss tooling to detect and automatically mark flaky tests, as well as how to tackle these issues to make tests more reliable and even ways to write code so that it's less susceptible to flaky tests.

Jeroen Mulder, author of Multi-Cloud Strategy for Cloud Architects, joins host Robert Blumen for a discussion of public cloud, private cloud, and multi-cloud computing architectures and trends. They start by considering what defines cloud computing and what differentiates the major cloud providers, including whether they are more alike or different in the services they offer.  Jeroen discusses governance, regulatory compliance, and data locality as drivers of where enterprises want to run their workload. They explore use cases for multi-cloud, and discuss architectural challenges in migrating to kubernetes, as well as issues with networking, security, and identity management with multi-cloud architectures. Finally, they discuss running public cloud compute on on-prem resources with Anthos, Outback, and related technologies.

Stanisław Barzowski of XTX Markets and a committer on the jsonnet project joins SE Radio's Robert Blumen for a conversation about the jsonnet programming language. A superset of JSON, jsonnet adds programming language capabilities, particularly to address the need to handle large but mostly repetitive JSON configurations. They discuss the project’s history, use cases for Grafana and Kubernetes config, and interoperability with YAML. They examine jsonnet details, including the command line, constrained capabilities of the language, and objects and inheritance, and then consider the toolchain: compiler, formatter, and linter, as well as test frameworks and testing, package management, and the language’s performance. Barzowski describes four implementations -- go, C++, Rust, and Scala -- as well as popular libraries and the standard library.

Vladyslav Ukis, author of the book Establishing SRE Foundations: A Step-by-Step Guide to Introducing Site Reliability Engineering in Software Delivery Organizations, discusses how to roll out SRE in an enterprise. SE Radio host Brijesh Ammanath speaks with Vlad about the origins of SRE and how it complements ITIL (Information Technology Infrastructure Library). They examine how firms can establish foundations for rolling out SRE, as well as how to overcome challenges they might face in adopting. Vlad also recommends steps that organizations can take to sustain and advance their SRE transformation beyond the foundations.

Simon Bennetts, a distinguished engineer at Jit, discusses one of the flagship projects of OWASP: the Zed Attack Proxy (ZAP) open source security testing tool. As ZAP’s primary maintainer, Simon traces the tool's origins and shares some anecdotes with SE Radio host Priyanka Raghavan on why there was a need for it. They take a deep dive into ZAP’s features and its ability to integrate with CI/CD, as well as shift security left. Bennetts also considers what it takes to build a successful open source project before spending time on ZAP’s ability to script to provide richer results. Finally, the conversation ends with some questions on ZAP’s future in this AI-powered world of bots.

Dave Cross, owner of Magnum Solutions and author of GitHub Actions Essentials (Clapham Technical Press), speaks with SE Radio host Gavin Henry about GitHub actions, the value they provide, and the best practices for using them in your projects. Cross describes the vast range of things that developers can do with GitHub Actions, including some use cases you might never have thought about. They start with some general discussion of CI/CD and then consider the three main types of events that drive GitHub actions before digging in to details about fine-grained action events, Action Marketplace, contexts, yaml, docker base images, self-hosted runners, and more. They further explore identity management, permissions, dependency management, saving money, and how to keep your secrets secret.

Ashley Peacock, author of the book Creating Software with Modern Diagramming Techniques, speaks with SE Radio host Akshay Manchale about diagrams in software engineering. They discuss the power of diagramming and some reasons we don’t fully use it as often as we should. Ashley contrasts historical use of UML diagrams versus modern diagrams, which don't have hard rules about representations. The episode examines different types of diagrams through an example application and how it could be built with modern tools such as Streamy to simplify the building, versioning, and maintenance of diagrams.

Luca Galante, head of product at Humanitec, joins host Jeff Doolittle for a conversation about platform engineering. They begin by defining platform engineering and its relationship to, and distinction from, DevOps. Tracing platform engineering's history, Luca describes how internal developer platforms are fundamental, and then explores the goals of addressing complexity and reducing the cognitive load on developers by creating golden paths.

Paul Hammant, independent consultant, joins host Giovanni Asproni to speak about trunk-based development—a version control management practice in which developers merge small, frequent updates to a core “trunk” or main branch. The episode explores the technique in some detail, including its pros and cons and some examples from real projects, and offers suggestions on how to get started. The conversation touches on a set of related topics, including code reviews, feature flags, continuous integration, and testing.

In this episode, David Cramer, co-founder and CTO of Sentry, joins host Jeremy Jung for a conversation about error tracking. The discussion starts with treating performance problems as errors, why you might not need logs, and how most applications share the same problems. From there they consider other topics including capturing information by hooking into runtimes and frameworks, issues with the quality of Open Telemetry data, how front-end applications are constantly changing and why that makes them hard to instrument. Finally, they discuss how Sentry's architecture has evolved, and why they switched from a permissive license to the Business Source License.

Bastian Gruber, author of the book Rust Web Development, speaks with host Philip Winston about creating server-based web applications with Rust. They explore Rust language features, tooling, and web frameworks such as Warp and Tokio. From there, they examine the steps to build a simple web server and a RESTful API, as well as modules, logging and tracing, and other aspects of web development with Rust.

Dan DeMers of Cinchy.com joins host Jeff Doolittle for a conversation about data collaboration and dataware. Dataware platforms leverage an operational data fabric to liberate data from apps and other silos and connect it together in real-time data networks. They explore a range of key topics, including zero-copy integration, encapsulation and information hiding, handling changes to data models over time, and latency and access issues. The discussion also explores dataware management and security concerns, as well as the concept of 'data plasticity' as an analogy to neuroplasticity, which is where the nervous system can respond to stimuli such as injuries by reorganizing its structure, functions, or connections.

Sugu Sougoumarane discusses how to face the challenges of horizontally scaling MySQL databases through the Vitess distribution engine and Planetscale, a service built on top of Vitess. The journey began with the growing pains of scale at YouTube around the time of Google’s acquisition of the video service. This episode explores ideas about topology management, sharding, Paxos, connection pooling, and how Vitess handles large transactions while abstracting complexity from the application layer.

Ross John Anderson, Professor of Security Engineering at University of Cambridge, discusses software obsolescence with host Priyanka Raghavan. They examine risks associated with software going obsolete and consider several examples of software obsolescence, including how it can affect cars. Prof. Anderson discusses policy and research in the area of obsolescence and suggests some ways to mitigate the risks, with special emphasis on software bills of materials. He describes future directions, including software policy and laws in the EU, and offers advice for software maintainers to hedge against risks of obsolescence.

Michael Fazio, Engineering Manager (Android) at Albert and author of Kotlin and Android Development featuring Jetpack from the Pragmatic Programmers, speaks with SE Radio's Gavin Henry about how the Android ecosystem looks today, and why it's an excellent time to write native Android apps. They explore a wide range of topics about modern Android development, including when to go native, how to keep a lot of decisions in your back-end API, Kotlin co-routines, Jetpack and Jetpack Compose, the MVVM design pattern, and threads, as well as activities, fragments, Dagger, room, navigation, Flutter, and improvements in simulators. They also examine details such as IDEs, API selection, how to choose a list of support devices, Java vs Kotlin, handset manufacturers, XML layouts, and why Jetpack is a safe bet for all your future Android development.

Timothy Beamish of BenchSci discusses React and Next.js, two of today's most popular front-end frameworks. Host Philip Winston speaks with Beamish about components, routing, JSX, client-side and server-side rendering, single-page applications, automatic code-splitting, image optimization, and more. Beamish also details his experience moving a real-world application to Next.js.  

Software engineer Alex Boten, author of Cloud Native Observability with Open Telemetry, joins SE Radio host Robert Blumen for a conversation about software telemetry and the OpenTelemetry project. After a brief review of the topic and the OpenTelemetry project's origins rooted in the need for interoperability between telemetry sources and back ends, they discuss the open telemetry server and its features, including transforms, filtering, sampling, and rate limiting. They consider a range of topics, starting with alternative topologies with and without the telemetry server, server pipelines, and scaling out the server, as well as a detailed look at extension points and extensions; authentication; adoption; and migration.

On Freund, founder of Wilco and former VP of Engineering at WeWork, speaks with SE Radio’s Brijesh Ammanath about “upskilling” – going deeper or increasing the breadth of your skills. On has years of experience in helping developers master the skills needed to advance in their careers. This episode explores the importance of upskilling in a constantly evolving tech landscape. They focus particularly on how and why senior and expert developers should keep learning, upskilling, and reskilling throughout their careers. Freund offers suggestions on how to face some common challenges, especially for remote or distributed workers, and how and why engineering managers can help enable upskilling for their teams.

Adam Tornhill, founder and CTO of CodeScene, joins host Giovanni Asproni to speak about behavioral code analysis. Behavioral code analysis is a set of practical techniques aimed at identifying patterns in how a development organization interacts with the codebase they're building. It can be used to prioritize technical debt to maximize return on investment; to identify communication and team-coordination bottlenecks in code; to drive refactorings guided by data from how the system evolves; and to detect code quality problems before they become maintenance issues. The episode starts with a broad description of the techniques, providing some examples from real projects, and ends with suggestions on how to get started with applying them. During the conversation, Adam and Giovanni touch on a set of related topics, including the applicability of the techniques to legacy, green-, and brown-field projects; ethical and privacy implications; and the importance of context when judging code quality.

Luca Casonato joins SE Radio's Jeremy Jung for a conversation about Deno and Deno Deploy. They start with a look at JavaScript runtimes and their relation to Google’s open source JavaScript and WebAssembly engine V8, and why Deno was created. They discuss the WinterCG W3C group for server-side JavaScript, why it's difficult to ship new features in Node, and the benefits of web standards. From there they consider the benefits of creating an all-inclusive toolset like Rust and Go rather than relying on separate solutions, Deno's node compatibility layer, use cases for WebAssembly, benefits and implementation of Deno Deploy, reasons to deploy on the edge, and what's coming next.

Matt Frisbie, author of Building Browser Extensions, speaks with host Kanchan Shringi about browser extensions, including key areas where they've been successful. Based on Matt’s experience as a developer working for Google, Doordash, and a startup he founded, they examine tools for building extensions, as well as APIs they have access to. The conversation presents detailed issues such as cross-browser compatibilities to keep in mind when developing extensions and mechanisms in the browser to prevent security vulnerabilities, and finally examines how emerging platforms can help developers take advantage of exciting new possibilities with web extensions.

Vidal Graupera, an Engineering Manager at LinkedIn, speaks with SE Radio’s Brijesh Ammanath about the importance of managers' one-on-one meetings with direct reports. They start by considering how a 1:1 meeting differs from other meetings...

J.R. Storment and Mike Fuller discuss cloud financial operations (FinOps) with host Akshay Manchale. They consider the importance of a financial operations strategy for cloud-based infrastructure. J.R. and Mike discuss the differences between operating your own data center and running in the cloud, as well as the problems that doing so creates in understanding and forecasting cloud spend. Mike details the Cloud FinOps lifecycle by first attributing organizational cloud spend through showbacks and chargebacks to individual teams and products. JR describes the two levers available for optimization once an organization understands where they're spending their cloud budget. They discuss complexities that arise from virtualized infrastructure and techniques to attribute cloud usage to the correct owners, and close with some recommendations for engineering leaders who are getting started on cloud FinOps strategy.

William Falcon of Lighting AI discusses how to optimize deep learning models using the Lightning platform, optimization is a necessary step towards creating a production application. Philip Winston spoke with Falcon about PyTorch, PyTorch Lightning...

Alex Hidalgo, principal reliability advocate at Nobl9 and author of Implementing Service Level Objectives, joins SE Radio's Robert Blumen for a discussion of service-level objectives (SLOs) and error budgets. The conversation covers the meaning...

Nicholas Manson, a SaaS Architect with more than 2 decades of experience building cloud applications, speaks with host Kanchan Shringi about identity and access management requirements for cloud applications. They begin by examining what a digital...

Nikhil Krishna speaks with Dietrich Ayala about IPFS in depth. They cover what it is, how it works in detail and how one could leverage IPFS and libp2p in one's own application or to host one's content. The discussion goes into the IPFS ecosystem...

We talk with John deVadoss about the philosophies underlying the development of .NET and Azure software. We discuss the "Fiefdoms and Emissaries" concept of building loosely coupled systems, talk about strengths and drawbacks and how to build services...

Ganesh Datta, CTO and cofounder of Cortex, joins SE Radio's Priyanka Raghavan to discuss site reliability engineering (SRE) vs DevOps. They examine the similarities and differences and how to use the two approaches together to build better software...

Jon Smart, author of the book Sooner Safer Happier: Patterns and Antipatterns for Business Agility, discusses patterns and anti-patterns for the success of enterprise software projects. Host Brijesh Ammanath speaks with him about the various common...

Brendan Callum, engineering manager for the Pinterest developer platform team, discusses the "spec first" approach to API development and how it's different from "API first." Brendan speaks with host Kanchan Shringi about the challenges and advantages...

Open source developers Jordan Harband and Donald Fischer join host Robert Blumen for a conversation about securing the software supply chain, especially open source. They start by reviewing supply chain security concepts, particularly as related to open..

Joe Nash of Twillio's TwilioQuest discusses the role of developer relations/advocate, which is a role at tech companies in-between developers, marketing, sales, and HR. Host Felienne speaks with Nash about the skills people need if they want to become...

Adam Dymitruk, CEO and founder of Adaptech Group, joins host Jeff Doolittle for an exploration of the event modeling approach to discovering requirements and designing software systems. Adam explains how the structured approach eliminates the specifics of implementation details and technology decisions, enabling clearer communication for all stakeholders while keeping conversations focused on the business opportunity. Using concrete examples of event modeling in practice, they examine event modeling in the context of other related approaches and methodologies, including event sourcing, event storming, CQRS, and domain-driven design.  

Roberto Di Cosmo, Computer Science professor at University Paris Diderot and founder of the Software Heritage initiative, discusses how to protect against sudden loss from the collapse of a "free" source code repository provider, how to protect...

Adam Warski, the co-founder and CTO of SoftwareMill, discusses Scala programming and the Tapir library. Scala is a general-purpose JVM language, and Tapir is a back-end library used to describe HTTP API endpoints as immutable Scala values. Host Philip Winston speaks with Warski about the implications of Scala being a JVM language, the Scala type system, the Scala community's view of functional vs. object-oriented programming, and the transition of the ecosystem from Scala 2 to Scala 3. The Tapir discussion explores why Tapir is a library and not a framework, how server interpreters work in Tapir, how interceptors work, and what observability features are included with Tapir.

Ryan Magee, postdoctoral scholar research associate at LIGO Laboratory – Caltech, joins host Jeff Doolittle for a conversation about how software is used by scientists in physics research. The episode begins with a discussion of gravitational waves...

Dan Lorenc, CEO of Chainguard, a software supply chain security company, joins SE Radio editor Robert Blumen to talk about software supply chain attacks. They start with a review of software supply chain basics; how outputs become inputs of someone...

Andy Dang, Head of Engineering at WhyLabs discusses observability and data ops for AI/ML applications and how that differs from traditional observability. SE Radio host Akshay Manchale speaks with Andy about running an AI/ML model in production and how...

Eddie Aftandilian, Principal researcher at GitHub discusses GitHub copilot and how it can improve developer productivity with host Priyanka Raghavan. The discussion explores various subtopics such as the history of copilot, how it can improve developer...

Peter Wyatt, CTO at PDF Association and project co-Leader of ISO 32000 (the core PDF standard), Duff Johnson CEO at PDF Association and ISO Project co-Leader and US TAG chair for both ISO 32000, discuss the 30 years' history of PDF, how to make a PDF...

Xe Iaso of Tailscale discusses how a VPN can be a useful tool when building software. SE Radio host Jeremy Jung spoke with Iaso about what VPNs are, onboarding, access control, authentication in the network vs individual services, peer-to-peer vs...

Tanmai Gopal, CEO of Hasura.io, joined SE Radio host Jeff Doolittle for a conversation about GraphQL. They discussed the history and rationale behind the original conception of GraphQL, as well as some of the use cases it is best suited for...

Jeff Perry, career coach with experience in multiple engineering and technology fields discusses how software engineers can be intentional and proactive in evaluating and pursuing career options, with host Kanchan Shringi.

Jonathan Shariat, coauthor of the book Tragic Design, discusses harmful software design. SE Radio host Jeremy Jung speaks with Shariat about how poor design can kill in the medical industry, accidentally causing harm with features meant to bring joy...

Adrian Kennard and Kevin Hones, Founders of FireBrick routers and firewalls, discuss how to design, build, test and support a hardware router and network operating system from scratch, while sharing the lessons learned. You'll also learn that in certain..

Brian Campbell, Distinguished Engineer at Ping Identity discusses cryptographic defences against stolen tokens for the OAUTH2 protocol with host Priyanka Raghavan. The discussion explores various subtopics such as the history of Proof of possession...

Randy Shoup of eBay discusses the evolution of eBay's tech stack. SE Radio host Jeremy Jung speaks with Shoup about eBay's origins as a single C++ class with an Oracle database, a five-year migration to multiple Java services, sharing a database...

In this episode, Abi Noda, founder of Pull Panda and DX, discusses developer experience with SE Radio host Brijesh Ammanath. They examine the basic concept of DX and its importance before diving into a wide variety of issues, including methodologies...

Jessi Ashdown and Uri Gilad, authors of the book "Data Governance: The Definitive Guide," discuss what data governance entails, why it's important, and how it can be implemented. Host Akshay Manchale speaks with them about why data governance...

Noah Gift, author of "Practical MLOps", discusses MLOps, which are tools are techniques used to operationalize machine learning applications. Host Akshay Manchale spoke to Noah about the foundational aspects such as basic automation through DevOps, data...

Phillip Mayhew of GameDriver discusses test automation for games and game-like applications. Host Philip Winston spoke with Mayhew about the increasing role of test automation in modern game development, the impact on the QA role, how to run tests...

John Ousterhout, professor of computer science at Stanford University, joined SE Radio host Jeff Doolittle for a conversation about his book, A Philosophy of Software Design. They discussed the history and ongoing challenges of software system design, especially the nature of complexity and the difficulties handling it. The conversation also explored various design concepts from the book, such as modularity, layering, abstraction, information hiding, maintainability, and readability.

Kumar Ramaiyer, CTO, Planning Business Unit at Workday, discusses the Infrastructure services needed for and the design of Building and lifecycle of supporting a SaaS application.

Karl Wiegers, Principal Consultant with Process Impact and author of 13 books, discusses specific software development practices that can help you make sure that you don't repeat the same problems he sees time and time again with every customer...

In this episode, SE Radio host Felienne speaks with Jordan Adler of OneSignal about code generation, a technique to generate code from specifications like UML or from other programming languages such as Typescript. They also discuss code transformation, which can be us

In this episode, we explore the popular pytest python testing tool with author Brian Okken, author of Python Testing with pytest. We start by discussing why pytest is so popular in the Python community: its focus on simplicity, readability, and developer ease-of-use; what makes pytest unique; the setup and teardown of tests using fixtures, parameterization, and the plugin ecosystem; mocking; why we should design for testing, and how to reduce the need for mocking; how to set up a project for testability; test-driven development, and designing your tests so that they support refactoring. Finally, we consider some complementary tools that can improve the python testing experience.

This week, senior software engineer, instructor, and blogger Swizec Teller spoke with SE Radio's Brijesh Ammanath about the "senior mindset." Becoming a senior engineer is about more than just years of experience but rather about cultivating a different..

Vandana Verma, Security Leader at Snyk and vice-chairperson of the OWASP Global Board of directors, discusses the "OWASP top 10" with host Priyanka Raghavan. The discussion explores various subtopics such as the history behind OWASP, the OWASP top 10 security risks, example of common vulnerabilities and ends with information on top projects in OWASP and how can contribute to it.

Gill Hoffer, co-founder and CTO at Salto, talks with SE Radio host Kanchan Shringi about a new persona -- the Business Engineer -- created by the rise of SaaS and adoption of best-of-breed business applications for back office systems. They examine...

Tim Post of echoreply.io discusses Rubber Duck Debugging, a way to wrap your head about problems and solutions. Host Felienne spoke with Post about Rubber Duck debugging, and how it can help you to find answers to complex problems.

Ant Wilson of Supabase discusses building an open source alternative to Firebase with PostgreSQL. SE Radio host Jeremy Jung spoke with Wilson about how Supabase compares to Firebase, building an API layer with postgREST, authentication using GoTrue...

In this episode, Deepthi Sigireddi of the Cloud Native Computing Foundation (CNCF) spoke with SE Radio host Nikhil Krishna about how Vitess scales MySQL. They discuss the design and architecture of the product; how Vitess impacts modern data problems;...

Matt Butcher and Matt Farina, authors of the book Learning Helm join SE Radio host Robert Blumen to discuss Helm, the package manager for kubernetes. Beginning with a review of kubernetes and Helm, this episode explores the history of helm;...

Jérôme Laban, CTO of Uno Platform, joined host Jeff Doolittle for a conversation about Cross-platform User Interfaces. The conversation addressed the unique challenges and possibilities related to applications designed to run on multiple platforms...

Kevin Hu, co-founder and CEO at Metaplane discusses "Data Observability" with host Priyanka Raghavan. The discussion touches upon Data observability roots, components, differences with software observability and tooling.

Rob Hirschfeld CEO of RackN discusses Bare Metal as a Service. Host Brijesh Ammanath spoke with Hirschfeld about all things bare metal. Hirschfeld starts with the basics before doing a deep dive into bare metal configuring, provisioning, common failures..

Daniel Stenberg, founder and lead developer of cURL and libcurl, and winner of the Polhem Prize, discusses the history of the project, key events in the project timeline, war stories, favorite command line options and various experiences from 25 years of developing an Open Source project.

Frank McSherry, Chief Scientist at Materialize talks to Host Akshay Manchale about Materialize which is a SQL database that maintains incremental views over streaming data. Frank talks about how Materialize can complement analytical systems...

Diarmuid McDonnell , a Lecturer in Social Sciences, University of the West of Scotland talks with host Kanchan Shringi about his experience as a social scientist on the need for computational approaches for data collection and analysis as well as the...

Omer Katz, a software consultant and core contributor to the Celery discusses the Celery task processing framework with host Nikhil Krishna. We discuss in depth, the Celery task processing framework, it's architecture and the underlying messaging...

Nikhil Krishna speaks to Bob DuCharme an experienced technical writer and author about how to write and maintain technical documentation for software products. In the episode different mediums to distribute documentation and tools to maintain documentation are discussed.

Sergey Gorbunov of Axelar discusses blockchain interoperability, a technology that enables decentralized applications to work across multiple blockchain ecosystems. Host Philip Winston spoke with Gorbunov about programmable blockchains, distributed vs. centralized changes, the Ethereum virtual machine, Axelar's Cross-Chain Gateway Protocol and Cross-Chain Transfer Protocol, security issues, delegated proof of stake...

Uma Chingunde of Render compares building a PaaS with her previous experience running the Stripe Compute team. Host Jeremy Jung spoke with Chingunde about the role of a PaaS, building on public cloud providers, build vs buy, choosing features, user experience, managing databases, Series A vs later stage startups, and why internal infrastructure teams should run themselves like product teams.

James Socol of Policygenius discusses continuous integration and continuous delivery, ways to test and deploy software quickly and easily. SE Radio host Felienne spoke with Socol about why CI and CD matter for the development process, what tools to use...

Richard L. Sites discusses his new book Understanding Software Dynamics, which offers expert methods and advanced tools for understanding complex, time-constrained software dynamics in order to improve reliability and performance. Philip Winston spoke with Sites about the five fundamental computing resources CPU, Memory, Disk, Network, and Locks, as well as methods for observing and reasoning when investigating performance problems using the open-source utility KUtrace.

This week, Postgres server developer Bruce Momjian joins host Robert Blumen for a discussion of multi-version concurrency control (MVCC) in the Postgres database. They begin with a discussion of the isolation requirement in database transactions (I in ACID); how isolation can be achieved with locking; limitations of locking; how locking limits concurrency and creates variability in query runtimes; multi-version concurrency control as a means to achieve isolation; how Postgres manages multiple versions of a row; snapshots; copy-on-write and snapshots; visibility; database transaction IDs; how tx ids, snapshots and versions interact; the need for locking when there are multiple writers; how MVCC was added to Postgres; and how to clean up unused space left over from aged-out versions.

Vaughn Vernon, author of the book “Strategic Monoliths and Microservices” discusses his book with host Akshay Manchale about strategies for purposeful architecture from the perspective of both business decision makers and technical leaders.

Robert Seacord, author of Effective C, The CERT C Coding Standard and Secure Coding in C and C++, discusses why the C programming language can be insecure, the top 5 security issues and the tools and techniques you can employ to write secure code in C.

Ram Sriharsha of Pinecone discusses the role of vectors in machine learning, a technique that lies at the heart of many of the machine learning applications we use every day. Host Philip Winston spoke with Sriharsha about the basics of vectors, vector...

Sam Scott, CTO of Oso discusses how to build a global authorization service and challenges with host Priyanka.

Chase Kocher, the Founder and CEO of aim4hire, a technology recruitment agency, discusses the recruiting lifecycle from the candidate, the company and the recruiter’s point of view with host Kanchan Shringi.

Tim McNamara, author of Rust in Action, discusses the top three benefits of Rust and why they make it a performant, reliable and productive programming language.

Guest Sam Boyer, author of So you want to write a package manager talks about package management. The discussion covers - what is a package? what does it mean to manage package? package meta-data; package versioning; the quantity of packages in modern...

Chris Riccomini and Dmitriy Ryaboy discuss their book, The Missing Readme, which is intended to be the missing manual for new software engineers. Felienne spoke with Riccomini and Ryaboy about a range of topics that new software engineers might not have..

Davide Bedine, a cloud solution architect at Microsoft and professional Dapr enthusiast joined host Jeff Doolittle to discuss his book, Practical Microservices with Dapr and .NET. Dapr, the Distributed Application Runtime, simplifies cloud-native...

Bob Nystrom, author of Crafting Interpreters and a software engineer at Google working on the Dart programming language, discusses the key features of Dart which make it an excellent choice for fast apps on any platform.

Howard Chu, CTO of Symas Corp and chief architect of the OpenLDAP project, discusses the key features of B+Tree Data Structures which make it the default selection for efficient and predictable storage of sorted data.

Audrey Lawrence of Amazon discusses Timeseries Databases and their new database offering Amazon Timestream. Philip Winston spoke with Lawrence about data modeling, ingestion, queries, performance, life-cycle management, hot data vs. cold data...

Alexander Pugh discusses why and when to use Robotic Process Automation (RPA). Host Jeremy Jung spoke with Pugh about interacting with systems without APIs like mainframes; the importance of having developers involved when building bots; the difficulty...

Luke Hoban, CTO of Pulumi, joined host Jeff Doolittle for a conversation about infrastructure as code (IAC), which allows software development teams to configure and control their cloud infrastructure assets using code in contrast to other approaches...

Ipek Ozkaya joined host Jeff Doolittle to discuss a book she co-authored entitled Managing Technical Debt. In the book, Ozkaya describes nine principles of technical debt management to aid software companies in identifying, measuring, tracking...

Host Kanchan Shringi speaks with Venky Naganathan,Sr. Director of Engineering at Conga specializing in Artificial Intelligence and Chatbots about the Conversational UI paradigm for Enterprise Apps as well as the enablers and business use cases suited...

Luis Ceze of OctoML discusses Apache TVM, an open source machine learning model compiler for a variety of different hardware architectures with host Akshay Manchale. Luis talks about the challenges in deploying models on specialized hardware and how TVM.

Satish Mohan, CTO of AirGapNetworks discussed "Air Gapped Networks" with host Priyanka Raghavan.

Josef Strzibny the author of Deployment from Scratch discusses how and why it's valuable to learn how to self host applications.

Leonid Shevtsov talks with host Robert Blumen about email protocols and transactional email.

Rey Bango, Senior Director of Developer and Security Relations at Veracode discussed Secure coding with host Priyanka Raghavan.

Paul Butcher of AdaCore discusses Fuzz Testing, an automated testing technique used to find security vulnerabilities and other software flaws. Host Philip Winston spoke with Butcher about negative testing, brute-force fuzz testing...

Mike Del Balso, co-founder of Tecton discusses Feature Stores which are data platforms to operationalize Machine Learning applications. He talks about challenges faced by teams in creating custom data pipelines to serve models in production...

Liram Haimovitch talks about how a business handles customer issues with a software product. How issues start out with a dedicated customer-facing team and when they may be escalated to engineering.

CEO and security expert Jason Meller discusses modern tech stacks across a variety of programming languages to consider when building your next project or startup.

L Peter Deutsch of Aladdin Enterprises and formerly of Sun Microsystems joined host Jeff Doolittle to discuss the fallacies of distributed computing. Peter retold the history and origin of the fallacies and how they have been addressed over...

Dhruba Borthakur, CTO and co-founder of Rockset, discusses the use cases and core requirements of real-time analytics, as well as the evolution from batch to real time and the need for a new architecture with host Kanchan Shringi.

Networking researcher Iljitsch van Beijnum discusses internet routing and the border gateway protocol (BGP) with host Robert Blumen.

Kim Carter of BinaryMist discusses Dynamic Application Security Testing (DAST) and how the OWASP purpleteam project can improve early defect detection. Host Justin spoke with Carter about how DAST can provide meaningful feedback loops to developers...

Casey Aylward, Principal at Costanoa Ventures discusses Venture capital with a focus on early stage investing from the perspective of the entrepreneur and the VC with host Kanchan Shringi.

Trisha Gee and Kevlin Henney of 97 things every Java developer should know discusses their book, which is a collection of essays by different developers covering the most important things to know. Host Felienne spoke withGee and Henney about all things...

Rowland Savage, author of How to Stick the Landing: The M&A Handbook for Startups, discusses how company acquisitions work, the three types, and why it is so important for software engineering startups to know the details to make an acquisition happen.

Yaniv Tal discusses The Graph’s key features and also explains to user basics of blockchain infrastructure, Ethereum.

Felienne joins host Jeff Doolittle as a guest on the show to discuss her book, The Programmers Brain. While programmer’s brains are not special in comparison to the brains of others, they face unique cognitive challenges...

Michael Ashburne and Maxwell Huffman discuss Quality Assurance with Jeremy Jung.

Evan Weaver of Fauna discusses the Fauna distributed database. Host Felienne spoke with him about its design and properties, as well as the FQL query language, and the different models it supports: document-based as well as relational.

Otakar Nieder, Senior Director of Development at Bohemia Interactive Simulations, discusses how simulation apps are different from gaming with host Kanchan Shringi.

Daniel Roth from Microsoft discusses Blazor’s key features and benefits of using c# full stack for building web apps with host Priyanka Raghavan.

Jeffery D Smith, author of Operations Anti-Patterns, DevOps Solutions, talks about how things can go wrong in development organizations and what DevOps has to offer with host Robert Blumen.

Tomer Shiran, co-founder of Dremio, talks about managing data inside a data lake, historical changes and motivations for managing data as a data lake, and the common tools and methods for ingestion, storage, and analytics on top of the underlying data.

Jamie author of Software Telemetry book discusses Software Telemetry, why telemetry data is so important and the discipline of tracing, logging, and monitoring infrastructure.

Thomas Richter is the founder of Swarm64, a Postgres extension company designed to boost performance of your Postgres instance. This episode examines the internals of Postgres, performance considerations, and relational database types.

Aaron Rinehard, CTO of Verica and author, discusses security chaos engineering (SCE) and how it can be used to enhance the security of modern application architectures.

Scott Hanselman discusses .NET with Jeremy Jung

Luke Kysow from Hashicorp does a deep dive into the key features of Consul with host Priyanka Raghavan.

Hadley Wickham, chief scientist at RStudio and creator of the Tidyverse, discusses how R and its data science package the TidyVerse are used and created. Host Felienne speaks with Wickham about the design philosophy of the Tidyverse, and how it supports..

Dan Moore, cofounder of Vaporware, discusses the benefits and drawbacks of building or buying software solutions, including evaluation criteria, how to inspect an API, and cost considerations for purchasing software from external vendors.

Matt Arbesfeld, cofounder of LogRocket, discusses the benefits and drawbacks of starting a software company as a software engineer, including finding cofounders, fundraising, and determining what ideas are worth pursuing.

Michael L. Perry discusses his recently published book, The Art of Immutable Architecture, distinguishing immutable architecture from other approaches and, using familiar examples such as git and blockchain, addresses some possible misunderstandings...

Nigel Poulton, author of The Kubernetes Book and Docker Deep Dive, discusses Kubernetes fundamentals, why Kubernetes is gaining so much momentum, deploying an example app, and why Kubernetes is considered "the" Cloud OS.

Thomas Graf, Co-Founder of Cilium, discusses eBPF and XDP and how they can be leveraged for a wide variety of use cases across networking, observability, and security.

Tug Grall of Redis Labs discusses Redis, its evolution over the years and emerging use cases today,its module based ecosystem and Redis’ applicability in a wide range of applications beyond being a layer for caching data such as search, machine learning

Felienne discusses diversity and inclusivity in software development with Shawn Wildermuth, Microsoft MVP and creator of the Hello World movie.

Arin Bhowmick, Global Vice President and Chief Design Officer at IBM, discusses why and how UX design for enterprise applications is different than for consumer applications.

James Smith, CEO and co-founder of Bugsnag discusses “Why it is ok to ship your software with Bugs.”

Alexis Richardson discusses gitops - a deployment model based on convergent infrastructure as code with host Robert Blumen.

JP Aumasson, author of Serious Cryptography, discusses cryptography, specifically how encryption and hashing work and underpin many security functions.

Andy Powell is the CISO of AP Moller Maersk and discusses the 2017 cyber attack that hit the company and the lessons learned for preventing and recovering from future attacks.

Tim Sneath, product management for Flutter and Dart at Google discusses what Flutter is, why it was created, where Dart came from, what the different layers of Flutter are, why it is so popular and why it makes a developers life much easier.

Yi Pan is the lead maintainer of the Apache Samza project and discusses the use cases for stream processing frameworks, how to use them, and the benefits & drawbacks of a framework like Samza.

Julie Lerman discusses Object Relational Mappers and Entity Framework with Jeremy Jung.

Steven Skiena speaks with SE Radio’s Adam Conrad about practical applications for data structures and algorithms, as well as take-aways on how to best study Skiena’s book when prepping for the technical interview process.

Jay Kreps, CEO and Co-founder of Confluent discusses ksqlDB which is a database built specifically for stream processing applications to query streaming events in Kafka with SQL like interface.

brian d foy, author of many Perl books discusses what Perl 7 is, where it’s going, what you need to do to get ready and various pieces advice on making the most of your Perl and programming life.

Felienne spoke with Youens-Clark about new features in Python, why you should teach testing to beginners from the start and the importance of the Python ecosystem.

Felienne interviews Marco Faella about his book ‘Seriously Good Software,’ which aims to teach programmers to use six key qualities to better analyze the quality of their code bases.

Rob Skillington discusses the architecture, data management, and operational issues around monitoring and alerting systems with a large number of metrics and resources.

Matt Lacey, author of the Usability Matters book discusses what mobile app usability is and why it can make or break an app destined for consumers, business users or in-house users and what you can do to make the best app possible.

Sven Schleier and Jeroen Willemsen from the OWASP Mobile Application Security Verification Standard and Testing Guide project discuss mobile application security and how the verification standard and testing guide can be used to improve your app’s...

Philip Kiely discusses his book Writing for Software Developers. Software development primarily involves writing code but strong written communication skills are critical. Technical comprehension is vital but solid written communication skills are also...

Paul Smith discusses the Crystal Programming Language and the Lucky web framework with Jeremy Jung.

Sean Knapp of Ascend.io talks to Robert Blume about data pipeline automation with an orchestration layer.

Ryan Singer, Head of Strategy at Basecamp discusses the mindset and culture behind a successful remote work for engineers. Akshay spoke with Ryan about communication, collaboration and cultural aspects of working remotely.

Kanchan spoke with Michael Geers on the Micro Frontends. Micro Frontends is an architectural style that aims to extends the benefits of microservices to UI.

Doug Fawley of the gRPC project discusses gRPC with host Robert Blumen. Their conversation covers the HTTP layer, protobuf, and use cases within microservices architectures.

Kanchan spoke with Ryan Ripley about the pre-requisites for an organization to adopt scrum, need for management buy-in, the importance of scrum values and the key responsibilities of the roles defined by scrum and the anti-patterns to watch out for...

Host Kanchan Shringi spoke with Ellithorpe about defining the core essence of the CTO role, the skills that are key for success in the role, how to gain these skills and mentor others.

Vladimir Khorikov discusses functional programming in enterprise applications with Jeremy Jung.

Alex Petrov, author of Database Internals explains the ins and outs of database storage engines. What are they? How do they differ? What problems do they solve? Host Adam Gordon Bell spoke with Alex about these questions as well as how information...

Adam Shostack of Shostack & Associates and author of Threat Modeling: Designing for Security discussed different approaches to threat modeling, the multiple benefits it can provide, and how it can be added to an organization’s existing software proc

Berkay Mollamustafaoglu, founder of Ops Genie, discusses the keys to an effective incident management process. Many aspects of incident management are counter intuitive. Why does increasing the rate of change increase uptime? Why is culture the most...

Jens Gustedt, author of the Modern C book discusses Modern C, what is legacy C and all aspects of the C programming world with its historic flaws, modern improvements and simple beauty.

Spencer Kimball talks to Akshay Manchale about CockroachDB which is a distributed, resilient, SQL database system. He talks about challenges of using single node databases and features and principles behind CockroachDB that make it a better alternative open source database.

Felienne spoke with Gavis-Hughson about how to prepare for the dreaded 'whiteboard interview'.

Aaron Vonderhaar, maintainer and open source contributor to the Elm programming language, talks with host Adam Conrad about the Elm language, its foundations, features, and applications in the front end web development ecosystem.

Sara Leen discusses localizing, porting, and modernizing Japanese games with Jeremy Jung.

Joe Kutner, Software Architect for Heroku at Salesforce.com, spoke with host Kanchan Shringi about the 12-Factor App methodology, which aids development of modern apps that are portable, scalable, easy to test, and continuously deployable.

Felienne spoke with Mike McCourt on difficulties in processing voice data using machine learning.

Juval Löwy, Software Legend and Founder of IDesign discusses his recently published book, Righting Software, with host Jeff Doolittle. This episode focuses on Löwy’s belief that the software industry is in a deep crisis, evident from the numerous...

Torin Sandall of Styra and Open Policy Agent discussed OPA and policy engines and how they can benefit software projects security and compliance. Host Justin Beyer spoke with Sandall about the benefits of removing authorization logic from your application...

Yevgeniy Brikman, author of Terraform: Up & Running: Writing Infrastructure as Code and co-founder of Gruntwork talks with host Robert Blumen about how to apply best practices from software engineering to the development of infrastructure as code...

Bert Hubert, author of the open source PowerDNS nameserver discusses DNS security and all aspects of the Domain Name System with its flaws and history.

Felienne interviews Karl Hughes about doing tech talks. How to get into conferences and how to design and deliver a great talk.

Rich Harris, author of the JavaScript module bundler Rollup, discusses his JavaScript framework Svelte as a high-performance alternative to mainstay frameworks like React, Angular, and Vue. We begin with a brief overview of the framework and how...

Jeremy Miller, Senior Software Architect at Calavista Software, compares and contrasts his experiences with waterfall and agile methodologies. Host Jeff Doolittle spoke with Miller about the history of these methodologies and how teams can experience...

Michaela Greiler spoke with SE Radio’s Felienne about code review best practices and how to improve the effectiveness of your reviews.

Sumit Kumar, Head of Engineering at SHARE NOW talks with Jeremy Jung about creating mapping applications in JavaScript using the Leaflet library.

Adar Leiber-Dembo talks to SE Radio’s Akshay Manchale about Apache Kudu, a system for fast analytics in a column-based storage system. They explore how to leverage Kudu for data analytics, as well as its rich feature set and integration options with other SQL and analytical engines.

Pat Helland talks to host Akshay Manchale about Data Management at scale in a Microservices world. Pat talks about trends in managaging data in a distributed microservices world, immutability, idempotence, inside and outside data, descriptive...

Barry O’Reilly of Black Tulip Technology discusses Antifragile Architecture, an approach for designing systems that actually improve in the face of complexity and disorder.

Katharine Jarmul of DropoutLabs discusses security and privacy concerns as they relate to Machine Learning. Host Justin Beyer spoke with Jarmul about attack types and privacy-protected ML techniques.

Chris McCord, author of the Phoenix Framework and Programming Phoenix 1.4, discusses Phoenix's LiveView functionality to showcase the power or real-time applications without the need for writing a single line of JavaScript.

Jay Kreps, CEO of Confluent, talks with Robert Blumen about how an enterprise integration architecture organized around a Kafka event log simplifies integration and enables rich forms of data sharing. #podcast #seradio #ieeecs #ComputerSociety

Stephen Wolfram, creator of Mathematica and Wolfram Alpha discusses the wolfram language, the language behind both projects. Host Adam Gordon Bell spoke with Stephen Wolfram about computing, computational essays, building a language, notebook based...

Jeremy Howard from fast.ai explains deep learning from concept to implementation. Thanks to transfer learning, individuals and small organizations can get state-of-the-art results on machine learning problems using the open source fastai library...

Sam Procter of the SEI discusses architecture design languages, specifically Architecture Analysis and Design Language, and how we can leverage the formal modeling process to improve the security of our application design and improve applications overall.

Ryan Singer on Basecamp’s “Shape Up” software development process. Basecamp has ditched the backlog and 2-week sprint in favor of solution “shaping” and strategic 6-week projects, using tools like scope mapping, checklists, and hill charts to understand and reduce risk.

Bob Kepford discusses Decoupled CMS. Many CMS practitioners are adopting a decoupled approach to improve scale, allow for more specialized roles, and to separate data collection from delivery. Host Jeff Doolittle spoke with Kepford about what makes a Decoupled CMS different.

Abhinav Asthana, a founding partner and CEO of the API development tool Postman, discusses API design and testing, where to start, which types of APIs to offer, what tools you can use, what features to expose and what is his favorite API to reference.

WebRTC provides real time video and audio streaming capabilities to applications. Spencer Dixon explains the different parts of WebRTC and how they used it to build a pair programming application.

Evan Gilman and Doug Barth, authors of Zero-Trust Networks: building secure systems in untrusted networks discuss zero-trust networks.

Boris Cherny, author of Programming TypeScript, explains how TypeScript can scale JavaScript projects to larger teams, larger code bases, and across devices. Topics include: gradual typing, type refinement, structural typing, and interoperability...

Neil Madden, author of the API Security in Action book discusses the key requirements needed to secure an API, the risks to consider, models to follow and which task is the most important.

Michael Chan has been teaching React since 2013 and is the host of the React Podcast. He currently works at Ministry Centered Technologies as a Frontend Architect.

Josh Long, developer advocate at Pivotal, discusses using Spring Boot to efficiently develop production ready enterprise web applications. Josh talks about working with different databases, and developing and testing microservices using Spring Boot.

Felienne interviews Margaret Burnett on GenderMag, a systematic way to assess the inclusivity of software.

Felienne interviews Claire Le Goues about automatic program repair. Can programs repair themselves and what techniques are involved in that?

Joshua Davies discusses TLS, PKI vulnerabilities in the PKI, and the evolution of the PKI to make it more secure, with host Robert Blumen.

Heidi Howard, a researcher in the field of distributed systems, discusses distributed consensus. Heidi explains when we need it, when we don't need and the algorithms we use to achieve it.

Justin Richer, lead author of the OAuth2 In Action book discusses the key technical features of the OAuth2 authorization protocol and the current best practices for selecting the right parts of it for your use case.

Gabriel Gonzalez, the creator of Dhall the programmable configuration language, discusses configuration, why it is important and how we can make it better. Adam Gordon Bell spoke Gonzalez about Dhall, yaml, total functional programming and dealing...

Motivation comes through relationships, safety, and environments which allow everyone to contribute.

Joel Spolsky on founding Stack Overflow, “land grabs” vs. “bootstrapping with profitability”, raising more money using “proof points”, what developers and companies get massively wrong, choosing your next job, and how to ask and answer on Stack Over

Aaron Patterson of GitHub discusses the Ruby language and its runtime.  Host Jeremy Jung spoke with Aaron about the Ruby language and how it works.  They discuss the language virtual machine, concurrency, garbage collection, and JIT compilation.

Howard Chu, CTO of Symas Corp and chief architect of the OpenLDAP Project, discusses the key technical features of the Lightning Memory-mapped Database (LMDB) that make it one of the fastest, most efficient and safest embedded data stores in the world.

Chris Richardson of microservices.io and author of the book Microservice Patterns discuss microservice patterns which constitute a set of best practices and building-block solutions to problems inherent microservice architecture.

Learn how to simplify your application architecture with the introduction of a messaging system. You'll hear how different messaging patterns can make your application more flexible, easier to maintain, and improve its performance.

The use of distributed and remote software teams have grown dramatically in the past five years, presenting new challenges for managers and engineers alike. Bryan Helmig talks about the best practices his company, Zapier, uses to manage remote software...

Felienne talks to Diomidis Spinellis about different forms of debugging. From using print-statements to version-control systems and operating system tools. We also discuss debugging strategies for different types of programming systems.

Arnon Axelrod speaks with SE Radio’s Simon Crossley about test automation, a large complex subject that most listeners will have at least some familiarity with. Axelrod has worked in software engineering and test automation in several high-tech companie...

Today's guest is Thorsten Ball, author of Writing an interpreter in Go as well as its sequel Writing a Compiler in Go. Thorsten lives near Frankfurt, Germany. Thorsten loves to deep dive into programming topics like programming languages, interpreters...

Peter Zaitsev explains: avoiding vendor lock-in, judging what databases are bad at, why not to copy the big players, when to "go with the crowd", when to use cloud services vs. running your own infrastructure, and the role of containerization.

Jonathan Boccara, author of The Legacy Code Programmer’s Toolbox discusses understanding and working with legacy code. Working with legacy code is a key skill of professional software development that is often neglected.

Simon Riggs, founder and CTO of 2nd Quadrant, discusses the advanced features of the Postgres database, that allow developers to focus on applications whilst the database does the heavy lifting of handling large and diverse quantities of data.

Daniel Berg, a distinguished Engineer at IBM cloud unit, talks with host Nishant Suneja, about Istio service mesh and how it lets developers deploy microservices into the cloud in a secure, efficient fashion by taking away the burden of devops...

Pete Koomen, Co-founder and CTO at Optimizely discusses A/B testing. Edaena Salinas spoke with Pete about how A/B testing is used in software products, and how A/B tests can be written. Pete explained the components of A/B testing and lessons learned from running over 200,000 A/B tests.

How can you scale an engineering organization when you haven’t already experienced rapid growth? Jean-Denis Greze of Plaid explains how to proactively enhance team capabilities and readiness by “leveling up” through a maturity map.

Dr. Andrii Gakhov, author of the book Probabilistic Data Structures and Algorithms for Big Data Applications talks about probabilistic data structures and their application to the big data domain with host Robert Blumen.

Felienne interviews Adam Barr about code quality? Why do programmers pick up bad habits about programming and what can be done to improve that?

Tim Coulter, the founder of Truffle (Ethereum DApp development framework) discusses the Truffle framework for Ethereum SmartContracts and Decentralized App development. Kishore Bhatia spoke with Tim Coulter about: Ethereum Decentralized Apps (DApps)...

Randy Shoup talks with SE-Radio’s Travis Kimmel about how to scale technology and organizations together, so that an organization can move faster as they grow (and not slow down). Their discussion covers how to effectively scale culture, process...

Avi Kivity of Scylladb deep dives into the internals of Scylladb and what makes it a high performant version of Cassandra, a distributed key-value datastore. The discussion covers the architecture of Scylladb, its relationship with high performance...

Max Neunhoffer of ArangoDB discusses about multi-model databases in general, and open source ArangoDB, in specific, with show host Nishant Suneja. The show discussion covers motivation behind deploying a multi-model database in an enterprise setting, and deep dives into ArangoDB internals.

Travis Kimmel talks with Johnathan Nightingale about scaling engineering management. Their discuss when to hire additional engineering managers and how to set them up for success, how leaders can prepare for “growing pains” as an organization scales,

Bernd Rücker, who has contributed to multiple open source workflow management projects, discusses orchestrating microservices with workflow management.  As distributed systems evolve into a family of microservices that must handle long-running stateful processes with time-dependent actions, events, multiple paths through the system, and complex rollbacks, the workflow management model provides a way to ensure clear modeling, correctness, and separation of concerns.   Rücker recommends a federated model in which each microservice is paired with its own workflow to handle retries and other policies and failure modes around that service.  Robert Blumen spoke with Rücker about microservice architecture, event-driven systems, long-running stateful processes versus synchronous request/response, event handling, time-outs, and handling exceptional conditions with compensating transactions. Rücker compares the choreography versus orchestration models for collaboration and discusses why orchestration provides a better separation of concerns.  The discussion delves into the implementation of workflow management systems including persistence, scaling, event handling, timers and scheduling, and similarities to CQRS.  The discussion wraps up with monitoring and visualization.

Vivek Ravisankar, the CEO and founder of HackerRank spoke with SE Radio’s Kishore Bhatia about automated coding skills assessments and the HackeRank platform. Topics include: HackerRank as a coding skills assessment platform and how such platforms help in skills assessments and coding interviews - both for developers and employers. The interview also covers the journey from developer learning to getting assessed & recruited through these platforms. Learning from Vivek’s experience giving coding interviews and automating the process of technical screening for Hiring Software Engineers.

Gary Rennie, a core contributor to Phoenix and Plug, discusses the Phoenix, a web framework for Elixir. Host Nate Black talks with Gary about the parts of Phoenix, writing a Phoenix application, and troubleshooting performance issues.

Felienne interviews Riccardo Terrell on his book ‘Concurrency in .NET: Modern patterns of concurrent and parallel programming’ on concurrency, parallelism and immutability and common issues that developers run into when solving concurrent problems.

Guest Daniel Corbett discusses how to scale your application with the help of load balancing. Hear details on HAProxy and the load balancing ecosystem as a whole.

Edaena Salinas talks with Stephen Ewen about streaming architecture. Stephen is one of the original creators of Apache Flink. Topics discussed: stream processing vs batch processing, architecture components of stream architectures, Apache Flink...

Learn how to protect and speed up your application with the help of a Content Delivery Network. You'll also hear about advancements in CDNs that allow you to handle application logic and dynamic content at the edge.

Edaena Salinas talks with Pat Helland about Web Scale. Pat is a Principal Software Architect at Salesforce where he works on a cloud based multi-tenant database technology. The discussion covers: Datacenters and hardware, DevOps, developing at scale, stateless vs stateful services, preparing a system for failures and sql vs nosql databases.

Kishore Bhatia discussed Ethereum and Smart Contracts with John Crain. Topics include: understanding the motivations for a decentralized computing model, Application architecture on Ethereum, development frameworks and tools. John’s experience developing and launching his own product Pixura on Ethereum mainnet, approaches,

István Lam of Tresorit talks with host Kim Carter about GDPR (the EU General Data Protection Regulation, which has been described as “the most important change in data privacy regulation in 20 years.”)  The discussion covers terminology, planning, implementation, users' rights regarding their personal data, managing personally identifiable information (PII) across an organization, and required documentation. István talks about establishing the intent of different types of PII; when data can be shared or sold, when PII can be stored; storage of backups, and the ability to reveal, modify, or remove all of a customer's PII.

Michael Hausenblas talks with host Kim Carter about topics covered in Michael’s ebook Container Networking, such as single vs. multi-host container networking, orchestration, Kubernetes, service discovery, and many more. Michael and Kim also discuss the roles that IPTables plays, how the allocation of IP addresses is handled, along with the assignment of ports. Overlay networks are covered along with topics such as the open Container Network Interface (CNI).

Travis Kimmel talks with Lara Hogan and Deepa Subramaniam about evidence-based tactics that product and engineering leaders can use to can use to diagnose problems that are holding back their teams, and build healthier, high-performing organizations.

Jafar Soltani of Rare (Microsoft Studios) discusses Continuous Delivery in AAA Games and how it can increase quality, reduce crunch, and deliver games faster. Topics include implementation and architecture, asset and delivery pipelines, and special challenges of games.

Brent Laster, author of a book on Jenkins 2, speaks with host Robert Blumen about the Jenkins 2 build server, CI/CD, DevOps and “pipeline as code”.

Ben Sigelman CEO of LightStep and co-author of the OpenTracing standard discusses distributed tracing, a form of event-driven observability for debugging distributed systems, understanding latency outlyers, and delivering "white box" analytics.

Saša Jurić, author of Elixir in Action, explains the Elixir programming language and how it unlocks the benefits of the Erlang ecosystem, revealing the “sweet spot” for Elixir programs: highly scalability and fault tolerant systems with a simple arc

Edaena Salinas talks with Maria Gorlatova about Edge Computing. Maria Gorlatova is an Associate Research Scholar at Princeton University Department of Electrical Engineering. The discussion covers: IoT, edge computing, the architecture of edge computing, running a machine learning model on the edge, and the benefits of edge computing.

Jeremy Jung talks with David Calavera about zero-downtime migrations and rollbacks with Kubernetes. In this episode we define migrations, rollbacks, and discuss how Netlify was able to migrate to Kubernetes and roll back off of it multiple times without impacting their users. David explains how developers can run old and new systems simultaneously, the importance of defining errors in your system, and when to apply fixes vs rolling back. We also discuss their decision to move to Kubernetes, and the benefits they received.

Felienne interviews Marian Petre & André van der Hoek on their book ‘Software Design Decoded’, which contains 66 scientifically backed insights for the design process.

Learn how a business that struggled with outages, performance problems, and an inability to ship overcame their problems by introducing monitoring, docker, continuous integration, and some fresh perspectives.

Travis Kimmel and Kevin Goldsmith discuss the correspondence between organizational design and software architecture. Their conversation covers: what Conway’s Law is; Kevin’s experiences in different organizational structures (e.g., Avvo, Spotify, Adobe, and Microsoft) and how those structures influenced the software architecture; what the “Reverse Conway Maneuver” is and how organizations can leverage it; how organizations can evolve existing architectures.

Natalie Silvanovich and Kim Carter discuss reducing the attack surface of the software that Engineers are creating today. Code sharing, third-party code, Developer workflow, and a collection of 0 day bugs are all discussed.

Felienne interviews Andreas Stefik about creating programs that are accessible for blind and visually impaired users. How do they consume and create software?

Postgres developer Bruce Momjian joins Robert Blumen for a discussion of the SQL query optimizer in the Postgres RDBMS. They delve into the internals of query planning and look at how developers can make it work for their apps.

Nate Black interviews Glynn Bird on using open source to develop your career or get a job, and how maximize productivity and learning. We discuss how to get your pull request accepted, how to make your own project successful, and how to survive updates.

Dmitry Jeremov and Svetlana Isakova speak to Matthew Farwell about the Kotlin programming language.

Edaena Salinas talks with Tammy Butow about Chaos Engineering. Tammy is a Principal Site Reliability Engineer at Gremlin. The discussion covers: how Chaos Engineering emerged, the types of chaos that can be introduced to a system, and how to structure...

What is code coverage, how can you measure it, and what are the pitfalls of this metric? Diomidis Spinellis talks with Marc Hoffmann, a key developer of the JaCoCo code coverage library for Java, on how code test coverage can improve software reliability

Lin Clark speaks to Matthew Farwell on WebAssembly

Bill Venners speaks to Matthew Farwell about Property Based Tests, how they can be used, when they should not be used. We also cover how to define a property, how to generate the data required for a property based test.

Péter Budai and Kim Carter discuss End to End Encryption (E2EE), backdoors, the scenarios where E2EE can be and should be used. IM, VoIP, Email scenarios, interservice communication scenarios such as securing data in use.

Kishore Bhatia discusses with Nate Taggart about Serverless. Topics include: understanding the motivations for this computing model, deep dive learning about Serverless architecture, development frameworks and tools. Learn from Nate’s experience with Serverless paradigm developing Operations tools at Stackery and find out various approaches, challenges and best practices for architecting and building Serverless applications.

Edaena Salinas talks with Nicole Hubbard at KubeCon 2017. They discuss why WP engine is migrating from VMs to Kubernetes and how the migration is structured. Nicole explained the VM infrastructure at WP Engine and why there was a need to move...

Felienne interviews Veronika Cheplygina about image recognition. We cover the basic concepts of computer vision, it’s applications and relationship to machine learning.

Kishore Bhatia talks with Travis Kimmel about Engineering Impact: In the age of data-driven decision making, how does one go about measuring, communicating, and improving engineering productivity? We’ll learn from Travis’ experience building data analytics tools in this space, with insights and best practices for engineering teams and business stakeholders for measuring value and productivity.

Nate Black talks with Nicolai Parlog about Java 9. Topics include: a timeline of Java features; new patterns enabled by Java 8 lambdas, default interface implementations and how they enable code evolution; how Java 9 takes this further with private default methods; an introduction to Java modules: the Java Platform Module System (JPMS); “launch time” dependency validation; module “requires” and “exports”: documentation as code and a new topic for code reviews; how to migrate an existing codebase to Java 9 and modules; benefits of Java modules: reliable configuration and a smaller Java runtime; the new Java release schedule.

Felienne interviews Jeroen Janssens about data science, examining the basic concepts, as well as the skills and tools needed to be(come) a data scientist.

Scott Piper and Kim Carter discuss Cloud Security. The Shared Responsibility Model, assets, risks, and countermeasures, evaluation techniques for comparing the security stature of CSPs. Scott discusses his FLAWS CTF engine. Covering tools Security Monkey and StreamAlert.

Kishore Bhatia talks with Conor Delanbanque about DevOps Hiring, building and retaining top talent in the DevOps space. Topics include DevOps as a special Engineering skill, building DevOps mindset and culture, challenges in hiring and retaining top talent and building teams and best practices for DevOps engineers and employers hiring for these skills.

Edaena Salinas talks with Sachin Gadre about the internet of things. The discussion begins with an overview of what IoT is and how businesses are adopting it. It then explores the architecture of an IoT application and the security implications of these systems.

Armon Dadgar speaks to Matthew Farwell about Secrets Management.

Kirk Pepperdine talks with Diomidis Spinellis about performance optimization. Topics include development practices, tools, as well as the role of software architecture, programming languages, algorithms, and hardware advances.

Founder of Signal Sciences Zane Lackey talks with Kim Carter about Application Security around what our top threats are today, culture, threat modelling, and visibility, and how we can improve our security stature as Software Engineers.

Bryan Reinero talks with Gregor Hohpe about IT Transformation, the process by which organizations adapt and reorganize themselves in response to evolution and how the Enterprise Architect leads that transformation.

Bryan Reinero talks with Harsh Sinha, VP of  Engineering at TransferWise, about Product Management. Mr. Sinha details how requirements are derived from user needs, how to measure product success, and how successful product management is done.

Ron Lichty talks with SE Radio’s Nate Black about managing programmers. Topics include: why programming management is hard, what makes a good programming manager, the costs of micromanagement, self-organizing teams, team dynamics and motivation, and product team performance.

Edaena Salinas talks with Charlie Berger about Predictive Applications. The discussion begins with an overview of how to build a Predictive Application and the role of Machine Learning. It then explores different Machine Learning algorithms that can be implemented natively in a database.

Felienne talks with Evgeny Shadchnev about Code Schools, programs that prepare people to become a software developer in a few months. This episode explores the idea of code schools. Can we really teach programming in a few months rather than in a few years in university? Who teaches at those programs? Who attends them? What are their business models and should we teach programming online or offline?

Felienne interviews Zachary Burt about freelancing as a career option. How does freelancing differ from employment? How to do personal marketing and sales? How to find a work-life balance when you are self-employed? We also cover practical tips like deciding on an hourly rate and managing demanding customers.

Founder of Thinkst, Haroon Meer talks with Kim Carter about Network Security. Topics include how attackers are gaining footholds into our networks, moving laterally, and exfilling our precious data, as well as why we care and what software engineers can do about it.

Bryan Reinero talks with Jason Hand about handling outages and responding to failures. The episode explores basic problem-solving strategies and diagnostic techniques, organizing teams to address incidents efficiently, communicating with stakeholders, learning from incidents, and managing stress.

Nate Black talks with Jonathan Stark about platforms for mobile development, making decisions about how to develop mobile apps, how to deploy mobile apps, native apps vs. progressive web apps, React Native, and the future of mobile applications.

Robert Blumen talks to Edson Tirelli about business rules, rules engines, and the JBoss Drools engine.

Felienne talks with Moshe Vardi about P versus NP. Why is this problem so central to computer science? Are we close to solving it?  Is it necessary to solve it? Progress toward computing hard problems efficiently with SAT solvers.  How SAT solvers work,; applications of SAT like formal verification.

Kishore Bhatia talks with Kieren James-Lubin about Blockchains. Topics include Blockchains, Cryptocurrency, Bitcoin, Ethereum, Smart Contract development with Solidity, ICO’s and Tokens.

Edwin Brady speaks to Matthew Farwell about Type Driven Development and the Idris Programming language. The show covers: what a type is; static vs dynamic types in programming languages; dependent types; the Idris programming language; why Idris was created. Type safe printf modelling state in Idris modelling protocols in Idris modelling concurrency in Idris type driven development and how it changes the development process.

Felienne talks with Michael Feathers about Legacy Code. When is something legacy? Is working on legacy different from working on greenfield code? Do developers need different skills and techniques? Testing legacy code. How to test a legacy system? When do we have enough tests to feel safe to start coding? Techniques to make legacy systems more testable.

Asaf Yigal talks with SE Radio’s Edaena Salinas about machine learning in log analysis. The discussion starts with an overview of the structure of logs and what information they can contain. Asaf discusses what the log analysis process looks like without machine learning -- and the role of humans in this – before moving on to how the process is improved by incorporating external resources using machine learning. Topics include: log analysis, machine learning, operations.

Yakov Fain talks with SE Radio’s Matthew Farwell about the Angular web development framework. The show covers the philosophy behind Angular; who would want to use the framework; how an Angular application is composed, including how to handle form submission and validation; why Typescript was chosen for Angular; how Angular uses reactive programming (RxJS, in particular); how to test an Angular application; security concerns of web applications; who developed Angular and how it is supported, and performance considerations of an Angular application.

Phillipp Krenn talks with SE Radio’s Jeff Meyerson about Elasticsearch, a scalable search index. The conversation begins with a discussion of search, how it compares to database queries, and what an inverted index is. Phillipp introduces Wikipedia as an example that runs throughout the episode because Wikipedia uses Elasticsearch to power its full-text search. A discussion of Elasticsearch’s scalability ensues, including basic terminology and an explanation of other applications of Elasticsearch.

Morgan Wilde talks with SE Radio’s Jeff Meyerson about the LLVM compiler toolchain. They begin with a discussion of how a compiler works and how compiled code executes against different processor architectures. Using the JVM as a model for interoperability, they move on to how LLVM is a system that optimizes an intermediate representation (IR), which is similar to the Java bytecode: every programming language that compiles down to IR can leverage the same optimizations of that IR. The conversation concludes with a discussion of applications of LLVM and the future of the ecosystem.

Docker Security Team lead Diogo Mónica talks with SE Radio’s Kim Carter about Docker Security aspects. Simple Application Security, which hasn’t changed much over the past 15 years, is still considered the most effective way to improve security around Docker containers and infrastructure. The discussion explores characteristics such as Immutability, the copy-on-write filesystem, as well as orchestration principles that are baked into Docker Swarm, such as mutual TLS/PKI by default, secrets distribution, least privilege, content scanning, image signatures, and secure/trusted build pipelines. Diogo also shares his thoughts around the attack surface of the Linux kernel; networking, USB, and driver APIs; and the fact that application security remains more important to focus our attention on and get right.

James Turnbull joins Robert Blumen for a discussion of Terraform, an infrastructure-as-code tool, and a deep dive into how Terraform implements the declarative programming model.

Francois Raynaud and Kim Carter cover moving to DevSecOps from traditional delivery approaches. Shifting security focus up front. Building a development team with not only development specialties, but also security and operations.

Neal Ford chats with Kim Carter about the required skills of a Software Architect, creating and maintain them, transition roles. The importance of history, developing soft skills, and dealing with losing technical skills.

Show host Edaena Salinas talks with Katie Malone about Machine Learning.  Katie Malone is a Data Scientist in the Research and Development department at Civis Analytics. She is also an instructor of the Intro to Machine Learning online course from Udacity and host of Linear Digressions, a podcast about machine learning. Topics include: machine learning, data science, a career in machine learning.

James Cowling of Dropbox tells Robert Blumen about their massive migration from Amazon’s S3 to their own distributed storage system.

John Allspaw CTO of Etsy speaks with Robert Blumen about systemic failures and outages. Why they cannot be totally prevented, how to respond, and what we can learn from them.

Felienne talks with Alexander Tarlinder on how to test as a developer. What can and should developers test?

Donny Nadolny of PagerDuty joins Robert Blumen to tell the story of debugging an issue that PagerDuty encountered when they set up a Zookeeper cluster that spanned across two geographically separated datacenters in different regions.

Edaena Salinas talks with James Whittaker about Career Strategy in the technology field. James is a Distinguished Technical Evangelist at Microsoft and author of “How Google Tests Software” and the viral blog post “Why I left Google”. Topics include: Career Management, the role of mentors and managers in your career, a discussion on 1:1 meetings, job specialization and advice on when to switch jobs.

Host Marcus Blankenship talks with Gerald Weinberg about his new book, Errors: Bugs, Boo-boos, and Blunders, focusing on why programmers make errors, how teams can improve their software, and how management should think of and discuss errors.

Eberhard talks with Florian Gilcher about the programming language Rust. Rust originates from Mozilla research. Its focus is on system programming and it is often used to replace C or C++. Topics include the concepts behind Rust; concurrent and safe programming; advanced and unique features like ownership and borrowing; the rust type system (which supports other features like traits, generics and macros). The show finishes with: the evolution of Rust based, features of libraries, and how the community works.

Felienne talks with Peter Hilton on how to name things. The discussion covers: why naming is much harder than we think, why naming matters in programming and program comprehension, how to create good names, and recognize bad names, and how to improve your naming skills.

Gil Tene joins Robert Blumen for a discussion of tail latency. What is latency? What is "tail latency"? Why are the upper percentiles of latency more relevant to humans? How is human interaction with an application influenced by tail latency? What are the economics of tail latency? What are the origins of tail latency within a system? What is the difference between response time and service time? How does queuing within a system contribute to response time? Java garbage collection and its contribution to latency outliers. How can we build systems with bounded tail latency out of components with variable latency? What type of observability to do we need to build systems with bounded latency? How is latency a driver of capacity planning?

Björn Rabenstein discusses the field of Site Reliability Engineering (SRE) with host Robert Blumen. The term SRE has recently emerged to mean Google's approach to DevOps. The publication of Google's book on SRE has brought many of their practices into more public discussion. The interview covers: what is distinct about SRE versus devops; the SRE focus on development of operational software to minimize manual tasks; the emphasis on reliability; Dickerson's hierarchy of reliability; how reliability can be measured; is there such a thing as too much reliability?; can Google's approach to SRE be applied outside of Google?; Björn's experience in applying SRE to Soundcloud - what worked and what did not; how can engineers best apply SRE to their organizational situation?; the importance of monitoring; monitoring and alerting; being on call, responding to incidents; the importance of documentation for responding to problems; they wrap up with a discussion of why people from non-computer science backgrounds are often found in devops and SRE.

Marcus Blankenship talks with Josh Doody about salary negotiation. Topics include a framework for thinking about salary negotiations, how you can know what you're worth, the employers view of salary negotiation, and missed negotiation opportunities. Also discussed are common fears about negotiating and how to overcome them, common mistakes during negotiations, and how negotiation makes your more desirable as an employee.

Felienne talks with Sam Aaron on Sonic Pi about how he designed Sonic Pi, a language, both for professional musicians performing with code as well as for schoolchildren.

Sven Johann talks with Steve McConnell about Software Estimation. Topics include when and why businesses need estimates and when they don’t need them; turning estimates into a plan and validating progress on the plan; why software estimates are always full of uncertainties, what these uncertainties are and how to deal with them. They continue with: estimation, planning and monitoring a Scrum project from the beginning to a possible end. They close with estimation techniques in the large (counting, empirical data) and in the small (e.g. poker planning).

Jeff Meyerson talks with Frances Perry about Apache Beam, a unified batch and stream processing model. Topics include a history of batch and stream processing, from MapReduce to the Lambda Architecture to the more recent Dataflow model, originally defined in a Google paper. Dataflow overcomes the problem of event time skew by using watermarks and other methods discussed between Jeff and Frances. Apache Beam defines a way for users to define their pipelines in a way that is agnostic of the underlying execution engine, similar to how SQL provides a unified language for databases. This seeks to solve the churn and repeated work that has occurred in the rapidly evolving stream processing ecosystem.

Jeff Meyerson talks to Idit Levine about Unikernels and unik, a project for compiling unikernels. The Linux kernel contains features that may be unnecessary to many application developers--particularly if those developers are deploying to the cloud. Unikernels allow programmers to specify the minimum features of an operating system we need to deploy our applications. Topics include the the Linux kernel, requirements for a cloud operating system, and how unikernels compare to Docker containers.

Jeff Meyerson talks with Brian Brazil about monitoring with Prometheus, an open source tool for monitoring distributed applications. Brian is the founder of Robust Perception, a company offering Prometheus engineering and consulting. The high level goal of Prometheus is to allow developers to focus on services rather than individual instances of a given service. Prometheus is based off of the Borgmon monitoring tool, widely used at Google, where Brian previously worked. Jeff and Brian discuss the tradeoffs of choosing not to replicate our monitoring data. In some situations, the monitoring system will lose data because of this decision. Other topics that are discussed are distributed consensus tools, integrations with Prometheus, and the broader topic of monitoring itself.

Eberhard Wolff talks with Phillip Carter about F# - a multi-paradigm programming language supporting object-oriented, imperative, and functional programming paradimgs. Its unique features make it especially fit for parallel programming or DSLs.

Kief Morris talks to Sven Johann about Infrastructure as Code and why it is important in the “Cloud Age”. Kief talks about the practices and benefits and why you should treat your servers as cattles, not pets.

Eberhard Wolff talks with Jürgen Höller about Reactive Spring. Reactive programming is a hot topic, but adoption has been slow in the enterprise. Spring 5 incorporates Reactor and the RxJava API to help Java developers build scalable high-performance web applications. The discussion explores architectural challenges, transactions, porting existing applications, and increased code complexity.

Charles Nutter from the JRuby project talks to Charles Anderson about JRuby and the Java Virtual Machine (JVM) as a platform for implementing programming languages. They begin by discussing the Java platform beyond just the Java language. As a case study in implementing a language other than Java on the JVM, they discuss JRuby - what it is and how it’s implemented on the JVM. They discuss recent additions to the Java platform like the invoke-dynamic byte code and lambdas in Java 8. The conversation concludes by discussing the future of the Java language, platform, and virtual machine.

Johannes Thönes talks to Patrick Kua about the role of a technical lead and how to become one. The show starts with introducing the concept of a lead and contrasts the lead role with other roles, such as technical manager, architect and senior developer.  The discussion continues to the responsibilities of a tech lead (supporting engineering practices, managing, resolving conflict, and growing people). The discussion continues on to talk about the challenges of becoming a tech lead and how to overcome them and closes with the question: “how can you tell if you are succeeding as a tech lead”?

Charles Anderson talks with James Phillips about service discovery and Consul, an open-source service discovery tool. The discussion begins by defining what service discovery is, what data is stored in a service discovery tool, and some scenarios in which it’s used. Then they dive into some details about the components of a service discovery tool and how reliability is achieved as a distributed system. Finally, James discusses Consul, the functions it provides, and how to integrate it with existing applications, even if they use configuration files instead of a service discovery tool.

Stefan Tilkov talks to Camille Fournier about the challenges developers face when building distributed systems, whether the can avoid building them at all, and what changes occur once they do.

Sven Johann talks with Bill Curtis about Software Quality. They discuss examples of failed systems like Obama Care; the role of architecture; move an org from chaos to innovation; relation between Lean, quality improvement and CMM; Team Software Process.

David Heinemeier Hansson, creator of the Ruby on Rails framework and a partner at the software development company Basecamp, talks to Stefan Tilkov about the state of Ruby on Rails and its suitability for long-term development. He addresses some of its common criticisms, such as perceived usefulness for only simple problems, claimed lack of scalability, and increasing complexity. David also talks about the downsides of building JavaScript-centric, “sophisticated” web UIs, and why he prefers well-structured, “majestic” monoliths to microservices.

Jeff Meyerson talks to Haoyuan Li about Alluxio, a memory-centric distributed storage system. The cost of memory and disk capacity are both decreasing every year–but only the throughput of memory is increasing exponentially. This trend is driving opportunity in the space of big data processing. Alluxio is an open source, memory-centric, distributed, and reliable storage system enabling data sharing across clusters at memory speed. Alluxio was formerly known as Tachyon. Haoyuan is the creator of Alluxio. Haoyuan was a member of the Berkeley AMPLab, which is the same research facility from which Apache Mesos and Apache Spark were born. In this episode, we discuss Alluxio, Spark, Hadoop, and the evolution of the data center software architecture.

John Purrier talks with Jeff Meyerson about OpenStack, an open-source cloud operating system for managing compute resources. They explore infrastructure-as-a-service, platform-as-a-service, virtualization, containers, and the future of systems development and management.

Robert Blumen talks with Cody Voellinger, the founder of a recruiting firm that specializes in filling software engineer roles for San Francisco-area startups, about how jobs are created and how companies and engineers get matched up. Their discussion covers the entire job search process, from job descriptions to salary negotiations. They look at the job market from both sides: how companies define what they want, find the right people, and evaluate candidates, and how job seekers can position themselves for the role they want. Other topics include culture fit versus skill and resumes in an age of social networking. They conclude with a look at the mistakes that job seekers, recruiters, and companies should avoid.

Michael Nygard of “Release It!” fame talks with Stefan Tilkov about his experience using the Clojure programming language. Topics include the tool chain and development process, the Clojure learning curve, and on-boarding new developers. Michael explains the similarities and differences compared to typical OO languages when implementing domain logic, and uses both game development and typical web development projects as examples. Finally, the two discuss how well Clojure can be used in the face of long-running projects, and some typical obstacles and strategies for introducing it to real-world scenarios.

Monica Beckwith joins Robert Blumen for a discussion of java garbage collection. What is garbage collection? GC algorithms; history of GC in the java language; fragmentation and compaction; generational strategies; causes of pauses; impact of pauses on application performance; tuning GC; GC on multi-core and large memory machines; should production servers be implemented in non-GC languages?; going off heap and other programming techniques to avoid garbage; the future of java GC.

Mike Barker talks with Sven Johann about the architecture of the LMAX system. LMAX is a low-latency, high-throughput trading platform. Their discussion begins with what LMAX does; the origins of LMAX; and extreme performance requirements faced by LMAX. They then delve into systems that LMAX communicates with; LMAX users; the two main components of the system (broker and exchange); Mechanical Sympathy as an architectural driver; message flow using the Disruptor library; and lock-free algorithms. Mike and Sven wrap up by discussing how a well modeled domain model can improve the performance of any system; automated (performance) tests; continuous delivery; and measuring response times.

Fred George talks with Eberhard about "Developer Anarchy" - a manager-less development approach Fred has been using very successfully in different organizations - combined with microservices.

Robert Blumen talks to Christopher Meiklejohn about conflict-free replicated data types. The discussion covers consistency in distributed systems, CRDTs, and their use in NoSQL databases.

Martin Klose talks with Eberhard Wolff about Coderetreats - events where developers practice development techniques to become better programmers. He explains how to join such events and what it takes to do your own Coderetreat.

Alex Budzier of the Oxford Saïd Business School and Jürgen Laartz of McKinsey Berlin join Robert Blumen to talk about the their research on large IT project failures. Why do large projects fail and to what extent are these failures avoidable?

Johannes Thönes talks to Axel Rauschmayer about JavaScript and ECMAScript 6. They talk about the origin and version history. Then they dive into key JavaScript concepts and explain the features coming into the language with ECMAScript 6.

Sven Johann talks with Andrew Phillips about DevOps. First, they try to define it. Then, they discuss its roots in agile operations, its relationship to lean development and continuous delivery, its goals, and how to get started. They proceed to system thinking and what “You build it, you run it” means for a system when developers have pager duty. They continue with the diversity of DevOps requirements among companies and industries; copying ideas versus finding your own way; culture, mindset, and recommended practices; and the mandatory tool chain. They wrap up by discussing architectural styles that support DevOps and DevOps costs versus benefits.

John Wilkes from Google talks with Charles Anderson about managing large clusters of machines. The discussion starts with Borg, Google’s internal cluster management program. John discusses what Borg does and what it provides to programmers and system administrators. He also describes Kubernetes, an open-source cluster management system recently developed by Google using lessons learned from Borg, Mesos, and Omega

Gernot Starke talks about arc42: an open-source set of templates he developed to document software architecture based on his practical experience with real projects. Also Gernot and host Eberhard then discuss how documenting architecture fits into agile processes and how to find the right amount of documentation for a system. They walk through the different parts of the arc42 templates covering requirements and the context of the system and the solution structure, including building blocks, runtime, and deployment. They discuss tooling, versioning, testing documentation, and how to keep documentation up to date.