[Dev]olution

Coder
  • 5.0 (2)
  • Technology

The development world is cluttered with buzzwords and distractions. Speed, focus, and freedom? Gone. I’m Nicky Pike. And it’s time for a reset. [Dev]olution is here to help you get back to what matters: creating, solving, and making an impact. No trend chasing, just asking better questions. What do devs really want? How can platform teams drive flow, not friction? How does AI actually help? Join me every two weeks for straight talk with the people shaping the future of dev. This is the [Dev]olution.

  1. 96% of Companies Run AI Agents. Only 21% Can Control Them

    3d ago

    96% of Companies Run AI Agents. Only 21% Can Control Them

    96% of companies are running AI agents in production. Only 21% can actually control them. Gari Singh has watched this movie before. Three times. XML middleware, enterprise blockchain, and now AI infrastructure at Google Cloud, and every wave has the same opening act: teams rush to deploy before the platform team is even in the room. In this episode of [Dev]olution, Nicky Pike, and Gari break down what the outer loop actually costs you when agents go ungoverned, why "Ninja IT" is the new shadow IT, and what platform engineers need to do this Monday to stop building on a foundation that's already cracking. If you're still treating agent governance as a roadmap item, this episode is the reason to move it to the top of the list. In this episode, you’ll learn: Why automating bad processes with AI just makes bad things happen fasterThe three things every platform engineer should do this week, according to GariWhy MCP servers are the new SOAP and will disappear in five years Things to listen for:  (00:00) Meet Gari Singh (02:00) What DataPower taught him about governing traffic (04:30) AI adoption versus the blockchain free-for-all (06:30) The stat that should scare every platform team (09:00) Why Kubernetes took a decade but AI took 18 months (14:30) Prompt injection and limiting the blast radius (18:00) Ninja IT is the new shadow IT (20:30) Automating bad processes just makes bad things worse (25:00) Self-managed MCP versus the enterprise version (28:30) Why YOLO mode survives elicitation (35:00) How platform teams hold the line without becoming the villain (39:30) The outer loop is still the bottleneck (44:00) Three things every platform engineer should do this week (51:00) Rapid fire with Gari (53:30) 2028 predictions and the governance reckoning Resources: Gari Singh’s LinkedIn: https://www.linkedin.com/in/garisingh/ Google’s website: https://www.google.com

    1h 1m
  2. Open Weight AI Isn't the Risk You Think It Is

    Jun 17

    Open Weight AI Isn't the Risk You Think It Is

    Everyone's asking the wrong question about open AI models and has turned the debate into a geography problem. Is it Chinese? Is it American? Can we trust it? But the biggest AI security incident in recent memory had nothing to do with where a model came from. In this minisode, Nicky Pike breaks down the three layers of risk hidden behind open-weight AI models and why most security conversations focus on the easiest layer to defend. From poisoned training data and sleeper-agent research to malicious Hugging Face repositories that fooled hundreds of thousands of developers, this episode separates real threats from political headlines. If you're evaluating DeepSeek, Qwen, Llama, or any open model, this episode will change how you think about trust, ownership, and security. In this episode, you’ll learn: Why self-hosting only protects you if you control outbound accessHow malicious repositories create bigger risks than model originsWhat every engineering leader should inspect before deploying open models Episode highlights:(00:00) The repo that fooled 244,000 developers (00:35) Why everyone wants open models (01:20) The wrong question CIOs keep asking (02:10) The three layers of AI risk (04:00) Anthropic's sleeper agent experiment (06:25) How 250 documents can poison a model (08:00) The Hugging Face malware problem (09:20) Why banning models misses the real threat (10:15) Self-hosting isn't a force field (11:20) What ownership actually gives you (13:20) 4 practical defenses that work (16:20) Why open models are getting too good to ignore Resources: Sleeper Agents: Training Deceptive LLMs That Persist Through Safety TrainingA Small Number of Samples Can Poison LLMs of Any SizeExamining Backdoor Data Poisoning at ScaleJFrog Security Research on Malicious Models in Hugging Face

    19 min
  3. Why Developers Are Ditching AI and Talking to Humans Again

    Jun 10

    Why Developers Are Ditching AI and Talking to Humans Again

    What if your developer community could teach you more than any AI ever could? In this episode of [Dev]olution, Nicky Pike sits down with Pauline Narvas, former Head of Community Platforms at Vercel and incoming leader at OpenAI Codex, to unpack why human connection is thriving in the age of AI. Pauline reveals how communities are becoming the hidden engines driving learning, collaboration, and real product impact. From guiding developers through AI-powered tools to building trust and loyalty in forums and Discord channels, she explains why skills like curiosity, communication, and caring are more critical than ever. Pauline also shares how her team uses AI to handle the tedious tasks so humans can focus on the creative, high-value work that AI can’t replace. Discover why being part of a community isn’t optional anymore, it’s the key to thriving in modern tech. In this episode, you’ll learn: How human-led communities are becoming the secret engine behind AI-driven developer workflowsWhy skills like communication, curiosity, and caring matter more than coding in the age of AIHow to use AI to handle repetitive tasks while your team focuses on meaningful, high-impact work Things to listen for:  (00:00) Meet Pauline Narvas (01:06) Breaking news about her new role at OpenAI Codex (04:00) How her journey led from coding to community (06:40) Teaching women to code and mission-driven growth (09:20) Overcoming early obstacles and imposter syndrome (12:00) Developers building fast with AI and its limits (14:50) Foundations still matter when AI automates coding (17:30) Human interaction versus AI for learning and support (20:00) Using community to solve problems AI can’t (24:00) Feedback loops that improve product and user experience (26:30) Skills that matter most in the AI era (31:00) Why human authenticity beats AI in community roles (34:00) AI as a support tool, not a replacement (38:00) Handling negative community interactions with empathy (42:00) Why heart and curiosity are non-negotiable hiring traits (45:50) Lessons on using AI and communities to amplify impact (49:45) Engaging with the OpenAI Codex community (55:30) What AI can’t replace and the definition of a coder (59:00) Closing thoughts and future outlook for human connection Resources: Pauline Narvas’s LinkedIn: https://www.linkedin.com/in/pnarvas/?originalSubdomain=uk Vercel’s website: https://vercel.com/

    1 hr
  4. Why AI is Your Best Co-Worker in Software Development

    May 27

    Why AI is Your Best Co-Worker in Software Development

    What if your AI could patch your vulnerabilities while you sleep? In this episode of [Dev]olution, Nicky Pike talks with DaShaun Carter, Spring Advocate at Broadcom, about the growing impact of agentic AI in software development. With more companies turning to AI to accelerate development and patch vulnerabilities, DaShaun explains how AI isn't just about coding faster, it’s about automating the tasks developers hate. From patching CVEs overnight to ensuring systems remain secure while developers sleep, AI agents are reshaping how security is handled in development. DaShaun also talks about the shift from traditional coding workflows to AI-powered environments, where agents autonomously complete repetitive tasks, allowing developers to focus on more strategic work. Tune in to understand why AI isn’t a “nice-to-have” anymore, it’s essential to your development process. In this episode, you’ll learn: How agentic AI can handle critical security tasks like patching CVEs while you sleepWhy shifting to AI-driven development environments can streamline your workflows and improve productivityHow to implement automation in your dev processes without losing control or security Things to listen for:  (00:00) Meet DaShaun Carter(02:13) The hidden value of patching CVEs(05:15) Should AI be writing or patching code?(08:34) Why security automation is essential(12:00) The rise of AI in development security(14:48) Continuous patching: A game changer(18:22) Shifting from traditional dev environments(22:00) Maintaining control with AI automation(25:06) Avoiding over-automation in development(28:15) How agents take over repetitive tasks(32:10) DaShaun’s Raspberry Pi-driven AI tasks(37:30) Will AI replace traditional coding environments?(41:45) AI agents making dev teams effective(46:00) AI and the future of dev security(50:30) Predictions for AI-driven development workflows Resources: DaShaun Carter’s LinkedIn: https://www.linkedin.com/in/dashaun/ Broadcom’s website: https://www.broadcom.com/

    55 min
  5. The Echo Leak Exploit: Why AI Leaks Data Without a Click

    May 13

    The Echo Leak Exploit: Why AI Leaks Data Without a Click

    You think your AI is working for you…until it’s leaking your data. Welcome to Echo Leak, the zero-click exploit that can send your company’s most sensitive info to attackers, and you won’t even realize it’s happening. Here’s how it works: an email lands in your inbox, and without anyone clicking anything, your AI system picks it up. It accesses your sensitive data from Outlook, SharePoint, Teams, and quietly ships it out through a crafted URL, all while doing exactly what you paid it to do. This isn’t a glitch. It’s a massive vulnerability. In this minisode, we dive into the lethal trifecta, three factors that make your AI system an easy target for this type of attack. From private data access to untrusted content, to how your AI can communicate externally, it’s all laid out for you. Learn how to protect your systems, lock down permissions, and secure your AI agents before they become the next big breach. In this episode, you’ll learn: What Echo Leak is and how zero-click exploits can leak your data silentlyThe "lethal trifecta": Three key vulnerabilities in AI systems that make them exploitableActionable steps to restrict AI agents' permissions and prevent Echo Leak Episode highlights:(00:00) Echo Leak: How it works without any user clicks (03:00) The "lethal trifecta" and why it's a security risk for AI (05:40) Real-world Echo Leak examples from Black Hat and RSA (08:00) Vendor responses and why they’re missing the point (09:40) Understanding AI agent governance failures (12:00) Steps to secure your AI systems against Echo Leak (14:20) Restricting external communication and limiting data access (16:00) Designing AI systems with security in mind (18:00) Preparing for AI exploits like Echo Leak Resources: EchoLeak: Zero-Click Microsoft 365 Copilot VulnerabilityThe lethal trifecta for AI agents: private data, untrusted content, and external communicationThe lethal trifecta for AI agentsYouTubeBlack Hat USA 2025 | AI Enterprise Compromise - 0click Exploit MethodsPenetration TestingSafeguarding VS Code against prompt injections

    15 min
  6. Your Security Was Built for Humans, Not AI

    Apr 29

    Your Security Was Built for Humans, Not AI

    AI agents are already embedded within your infrastructure, yet the critical issue remains: no one is truly in control. In this episode, we sit down with two experts from Red Hat, Michael Epley and Sam Richman, who are actively engaged at the intersection of AI, security, and defense. Their work isn't theoretical; it's about managing systems where the stakes couldn't be higher. Michael Epley, as Chief Architect and Security Strategist, has dedicated years to building identity and governance frameworks in environments where errors are unacceptable. Meanwhile, Sam Richman, Principal Architect for Defense, is responsible for deploying software from development environments to operational drones. This discussion reveals some uncomfortable realities surrounding modern security and AI: the presence of AI agents operating without proper identification, the ineffectiveness of security models designed for human users when governing machine behavior, and the challenge of managing systems that cannot be thoroughly tested, predicted, or trusted. Despite these challenges, these systems are being rolled out. If you're involved in developing AI systems or ensuring their security, this episode poses a critical question: Do you truly understand what your AI agents are doing? In this episode, you’ll learn: Why AI agents break traditional identity and access modelsHow overprovisioned agents create invisible security risksWhat real governance looks like when systems can’t be fully tested Things to listen for:  (00:00) Meet Michael Epley and Sam Richman (02:47) Are enterprises ready for AI agents (05:00) Why AI adoption outpaces value (07:00) AI finding vulnerabilities humans missed (10:58) Why AI systems are unpredictable by design (13:00) The identity problem for AI agents (17:00) Digital sovereignty becomes mission-critical (21:30) AI strategy in defense and enterprise (26:30) Why modular AI infrastructure matters (27:30) What Kagenti actually solves (31:00) Fixing overprovisioned AI agents (34:30) Observability and agent behavior tracking (38:00) AI at the edge and deployment risks (47:30) Running AI without losing control of data (59:00) Predictions for AI governance and agents Resources: Michael Epley’s LinkedIn: https://www.linkedin.com/in/epleymichael Sam Richman’s LinkedIn: https://www.linkedin.com/in/sam-richman Red Hat website: https://www.redhat.com

    1h 6m
  7. Is AI Actually Helping or Hurting Devs?

    Apr 15

    Is AI Actually Helping or Hurting Devs?

    Adron Hall thinks you already missed the boat if you are still banging away at lines of code.  He watches organizations struggle with locked-down environments while the rest of the industry moves at a pace they can't keep up with. The junior pipeline is collapsing, and we are building systems on code that nobody actually understands. Vibe coding sounds like a dream until the production system crashes at two in the morning.  Adron Hall, Principal Software Engineer at Composite Thrashing Code, joins Nicky Pike to discuss why productivity gains are getting eaten by debugging and what happens when the AI agents start treating your main repo like a sandbox project. If you are wondering if you are building faster or just debugging more, this conversation provides the reset you need. In this episode, you’ll learn: Why writing code manually means you are already too far behindHow to manage the six specific types of AI code changesThe reason Diff Discipline is the only way to survive vibe coding Things to listen for:  (00:00) Meet Adron Hall (03:14) Why the junior developer pipeline is imploding (05:13) How to reign in agent scope for better results (08:31) The slow creeping dread of vibe coding (12:50) Moving past communication cycles with prototypes (16:50) Why shipping to production needs a human gatekeeper (20:20) How roles shift when agents handle the workflow (24:05) Why slinging individual lines of code is over (29:47) Bringing a generalist approach back to computer science (34:57) Breaking down the six types of code changes (41:40) Why AI optimizes for plausible output instead of correctness (52:37) Enforcing diff limits to keep human reviewers sane (57:29) Setting up no-fly zones for sensitive code (01:02:41) The coming hundred x shock to the tech industry (01:11:27) What it means to be a coder in 2026 Resources: Adron Hall’s LinkedIn: https://www.linkedin.com/in/adron/ Composite Thrashing Code blog: https://compositecode.blog/

    1h 14m
  8. AI Is Skipping the Fundamentals and That Should Worry You feat. Dan Vega

    Mar 25

    AI Is Skipping the Fundamentals and That Should Worry You feat. Dan Vega

    Dan Vega has spent years teaching developers how to build things the right way. Now he’s watching AI change how an entire generation learns to code. Dan is a Spring Developer Advocate at Broadcom, and in this episode of [Dev]olution, we get into what happens when AI removes friction faster than it builds understanding. Writing code has never been easier, but the fundamentals are quietly getting skipped. We talk about why AI is creating masters with no apprentices, how junior developers are getting fast-tracked past the learning phase, and why understanding systems still matters more than shipping quickly.  If you’re building with AI or trying to learn without losing the basics, this conversation with Dan Vega is one heck of a learning session. In this episode, you’ll learn: Why developers still need to learn how systems fail, not just how code runsHow AI changes the role of mentors and what juniors are missing without feedback loopsWhy shipping faster doesn’t automatically mean building better software Things to listen for:  (00:00) Meet Dan Vega (01:40) How AI changed the way people learn to code (05:05) Shipping code without understanding systems (08:55) Dan’s path from learning fundamentals to teaching them (12:35) How AI reinforces bad developer habits (16:00) The “masters with no apprentices” problem (19:45) Why juniors are skipping the struggle phase (23:55) Copying answers versus building intuition (28:15) Why debugging is where learning happens (32:10) Teaching reasoning instead of syntax (36:30) The danger of prompt-driven development (40:20) What senior developers should do differently (44:35) Using AI without losing judgment (48:50) Advice for developers starting today (53:30) Final thoughts on learning in an AI-first world Resources: Dan Vega’s LinkedIn: https://www.linkedin.com/in/danvega/ Broadcom website: https://www.broadcom.com

    1 hr
See All (22)

Trailer

Ratings & Reviews

5
out of 5
2 Ratings

About

The development world is cluttered with buzzwords and distractions. Speed, focus, and freedom? Gone. I’m Nicky Pike. And it’s time for a reset. [Dev]olution is here to help you get back to what matters: creating, solving, and making an impact. No trend chasing, just asking better questions. What do devs really want? How can platform teams drive flow, not friction? How does AI actually help? Join me every two weeks for straight talk with the people shaping the future of dev. This is the [Dev]olution.

Information

  • Creator
    Coder
  • Years Active
    2025 - 2026
  • Episodes
    22
  • Rating
    Clean
  • Copyright
    © 2026 Coder