Software Engineering Radio - the podcast for professional software developers

Nikhil Shetty, an expert in networking and distributed systems, speaks with SE radio's Kanchan Shringi about virtual private cloud (VPC) and related technologies. They explore how VPC relates to public cloud, private cloud, and virtual private networks (VPNs). The discussion delves into why VPC is fundamental to building on the cloud, as well as configuring a VPC, subnets, and the address space that can be assigned to the VPC. During this episode they look into route tables, network address translation, as well as security groups, network access control lists, and DNS. Finally, Nikhil helps compare VPC offerings from Amazon Web Services (AWS) and Oracle Cloud Infrastructure (OCI).

Adam Frank, SVP of Product and Marketing at Armory.io, speaks with SE Radio's Kanchan Shringi about continuous integration, continuous delivery, and continuous deployment – and how they differ. Frank suggests that organizations begin by identifying how the CI/CD process aligns best with their unique goals, noting that such goals might be different for B2C versus B2B SAAS (software as a service). They also discuss how the process can differ for monoliths compared to microservices-based products. Finally, they talk about continuous deployment as a service and some unique aspects of Armory's approach.

Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad description of the approach, which is based on Weir's research and on a free Developer Security Essentials workshop he created. Charles presents some examples from real-world projects, his view on AI's impact on security, and information about the workshop and where to find the materials. During the conversation, they consider several related topics including the concept of "good enough" security; security as a product decision; risk assessment, classification, and prioritization; and how to approach security in startups, greenfield, and legacy systems.

Lukas Fittl of pganalyze discusses the performance of Postgres, one of the world's most popular database systems. SE Radio host Philip Winston speaks with Fittl about database indexing, queries, maintenance, scaling, and stored procedures. They also discuss some features of pganalyze, such as the index and vacuum advisors.

Dr. Daniel Zingaro and Dr. Leo Porter, co-authors of the book Learn AI-Assisted Python Programming, speak with host Jeremy Jung about teaching programming with the aid of large language models (LLMs). They discuss writing a book to use in Leo's introductory CS class and explore how GitHub Copilot de-emphasizes syntax errors, reduces the need to memorize APIs, and why they want students to write manual test cases. They also discuss possible ethical concerns of relying on commercial tools, their impact on coursework, and why they aren't worried about students cheating with LLMs.

Zach Lloyd, CEO of Warp.dev, discusses how to implement and effectively use command-line terminals. Host Gregory Kapfhammer speaks with Lloyd about how command-line terminals work and how the Warp terminal uses the GPU and AI to enhance a software developer's productivity. They also discuss the trade-offs associated with using the Rust programming language to implement a command-line terminal. Brought to you by IEEE Computer Society and IEEE Software magazine.

Josh Doody, author of Mastering Business Email, speaks with host Brijesh Ammanath about how software engineers can master business communication. They begin with an exploration of various communication modes, including Slack, virtual meetings, emails, and presentations. Josh shares several strategies to improve communication skills and cross-cultural communication, but if there's one key take away from this episode, it might be: "use positive language for any medium of communication; be kind and use positive words." Brought to you by IEEE Software magazine and IEEE Computer Society.

Arun Gupta, Vice President and General Manager of Open Ecosystem Initiatives at Intel Corporation, discusses open-source strategy and community with SE Radio host Kanchan Shringi. They explore the business case and business model for why and how big tech participates in the open-source ecosystem. Arun describes ways to foster a culture of engagement with open source within companies such as Intel, Amazon, and Apple. They then consider how the principles can be applied to closed-source software within a company. Finally, they discuss some of the benefits that Intel has gained from more than 20 years of open source contributions and look at the company's plan for the year ahead. SE Radio is rought to you by IEEE Software magazine and IEEE Computer Society.

In this episode, Ori Mankali, senior VP of engineering at cloud security startup Akeyless, speaks with SE Radio's Nikhil Krishna about secrets management and the innovative use of distributed fragment cryptography (DFC). In the context of enterprise IT, 'secrets' are crucial for authentication in providing access to internal applications and services. Ori describes the unique challenges of managing these sensitive data, particularly given the complexities of doing so on a large scale in substantial organizations. They discuss the necessity for a secure system for managing secrets, highlighting key features such as access policies, audit capabilities, and visualization tools. Ori introduces the concept of distributed fragment cryptography, which boosts security by ensuring that the entire secret is never known to any single entity. The episode explores encryption and decryption and the importance of key rotation, as they consider the challenges and potential solutions in secrets management.

Casey Muratori caused some strong reactions with a blog post and an associated video in which he went through an example from the "Clean Code" book by Robert Martin to demonstrate the negative impact that clean code practices can have on performance. In this episode, he joins SE Radio's Giovanni Asproni to talk about the potential trade-offs between performance and the qualities that make for maintainable code, these qualities being the main focus of Clean Code. Brought to you by IEEE Computer Society and IEEE Software magazine.