[Dev]olution

Coder

The development world is cluttered with buzzwords and distractions. Speed, focus, and freedom? Gone. I’m Nicky Pike. And it’s time for a reset. [Dev]olution is here to help you get back to what matters: creating, solving, and making an impact. No trend chasing, just asking better questions. What do devs really want? How can platform teams drive flow, not friction? How does AI actually help? Join me every two weeks for straight talk with the people shaping the future of dev. This is the [Dev]olution.

  1. Why AI is Your Best Co-Worker in Software Development

    قبل ٥ أيام

    Why AI is Your Best Co-Worker in Software Development

    What if your AI could patch your vulnerabilities while you sleep? In this episode of [Dev]olution, Nicky Pike talks with DaShaun Carter, Spring Advocate at Broadcom, about the growing impact of agentic AI in software development. With more companies turning to AI to accelerate development and patch vulnerabilities, DaShaun explains how AI isn't just about coding faster, it’s about automating the tasks developers hate. From patching CVEs overnight to ensuring systems remain secure while developers sleep, AI agents are reshaping how security is handled in development. DaShaun also talks about the shift from traditional coding workflows to AI-powered environments, where agents autonomously complete repetitive tasks, allowing developers to focus on more strategic work. Tune in to understand why AI isn’t a “nice-to-have” anymore, it’s essential to your development process. In this episode, you’ll learn: How agentic AI can handle critical security tasks like patching CVEs while you sleepWhy shifting to AI-driven development environments can streamline your workflows and improve productivityHow to implement automation in your dev processes without losing control or security Things to listen for:  (00:00) Meet DaShaun Carter(02:13) The hidden value of patching CVEs(05:15) Should AI be writing or patching code?(08:34) Why security automation is essential(12:00) The rise of AI in development security(14:48) Continuous patching: A game changer(18:22) Shifting from traditional dev environments(22:00) Maintaining control with AI automation(25:06) Avoiding over-automation in development(28:15) How agents take over repetitive tasks(32:10) DaShaun’s Raspberry Pi-driven AI tasks(37:30) Will AI replace traditional coding environments?(41:45) AI agents making dev teams effective(46:00) AI and the future of dev security(50:30) Predictions for AI-driven development workflows Resources: DaShaun Carter’s LinkedIn: https://www.linkedin.com/in/dashaun/ Broadcom’s website: https://www.broadcom.com/

    ٥٥ د
  2. The Echo Leak Exploit: Why AI Leaks Data Without a Click

    ١٣ مايو

    The Echo Leak Exploit: Why AI Leaks Data Without a Click

    You think your AI is working for you…until it’s leaking your data. Welcome to Echo Leak, the zero-click exploit that can send your company’s most sensitive info to attackers, and you won’t even realize it’s happening. Here’s how it works: an email lands in your inbox, and without anyone clicking anything, your AI system picks it up. It accesses your sensitive data from Outlook, SharePoint, Teams, and quietly ships it out through a crafted URL, all while doing exactly what you paid it to do. This isn’t a glitch. It’s a massive vulnerability. In this minisode, we dive into the lethal trifecta, three factors that make your AI system an easy target for this type of attack. From private data access to untrusted content, to how your AI can communicate externally, it’s all laid out for you. Learn how to protect your systems, lock down permissions, and secure your AI agents before they become the next big breach. In this episode, you’ll learn: What Echo Leak is and how zero-click exploits can leak your data silentlyThe "lethal trifecta": Three key vulnerabilities in AI systems that make them exploitableActionable steps to restrict AI agents' permissions and prevent Echo Leak Episode highlights:(00:00) Echo Leak: How it works without any user clicks (03:00) The "lethal trifecta" and why it's a security risk for AI (05:40) Real-world Echo Leak examples from Black Hat and RSA (08:00) Vendor responses and why they’re missing the point (09:40) Understanding AI agent governance failures (12:00) Steps to secure your AI systems against Echo Leak (14:20) Restricting external communication and limiting data access (16:00) Designing AI systems with security in mind (18:00) Preparing for AI exploits like Echo Leak Resources: EchoLeak: Zero-Click Microsoft 365 Copilot VulnerabilityThe lethal trifecta for AI agents: private data, untrusted content, and external communicationThe lethal trifecta for AI agentsYouTubeBlack Hat USA 2025 | AI Enterprise Compromise - 0click Exploit MethodsPenetration TestingSafeguarding VS Code against prompt injections

    ١٥ د
  3. Your Security Was Built for Humans, Not AI

    ٢٩ أبريل

    Your Security Was Built for Humans, Not AI

    AI agents are already embedded within your infrastructure, yet the critical issue remains: no one is truly in control. In this episode, we sit down with two experts from Red Hat, Michael Epley and Sam Richman, who are actively engaged at the intersection of AI, security, and defense. Their work isn't theoretical; it's about managing systems where the stakes couldn't be higher. Michael Epley, as Chief Architect and Security Strategist, has dedicated years to building identity and governance frameworks in environments where errors are unacceptable. Meanwhile, Sam Richman, Principal Architect for Defense, is responsible for deploying software from development environments to operational drones. This discussion reveals some uncomfortable realities surrounding modern security and AI: the presence of AI agents operating without proper identification, the ineffectiveness of security models designed for human users when governing machine behavior, and the challenge of managing systems that cannot be thoroughly tested, predicted, or trusted. Despite these challenges, these systems are being rolled out. If you're involved in developing AI systems or ensuring their security, this episode poses a critical question: Do you truly understand what your AI agents are doing? In this episode, you’ll learn: Why AI agents break traditional identity and access modelsHow overprovisioned agents create invisible security risksWhat real governance looks like when systems can’t be fully tested Things to listen for:  (00:00) Meet Michael Epley and Sam Richman (02:47) Are enterprises ready for AI agents (05:00) Why AI adoption outpaces value (07:00) AI finding vulnerabilities humans missed (10:58) Why AI systems are unpredictable by design (13:00) The identity problem for AI agents (17:00) Digital sovereignty becomes mission-critical (21:30) AI strategy in defense and enterprise (26:30) Why modular AI infrastructure matters (27:30) What Kagenti actually solves (31:00) Fixing overprovisioned AI agents (34:30) Observability and agent behavior tracking (38:00) AI at the edge and deployment risks (47:30) Running AI without losing control of data (59:00) Predictions for AI governance and agents Resources: Michael Epley’s LinkedIn: https://www.linkedin.com/in/epleymichael Sam Richman’s LinkedIn: https://www.linkedin.com/in/sam-richman Red Hat website: https://www.redhat.com

    ١ س ٦ د
  4. Is AI Actually Helping or Hurting Devs?

    ١٥ أبريل

    Is AI Actually Helping or Hurting Devs?

    Adron Hall thinks you already missed the boat if you are still banging away at lines of code.  He watches organizations struggle with locked-down environments while the rest of the industry moves at a pace they can't keep up with. The junior pipeline is collapsing, and we are building systems on code that nobody actually understands. Vibe coding sounds like a dream until the production system crashes at two in the morning.  Adron Hall, Principal Software Engineer at Composite Thrashing Code, joins Nicky Pike to discuss why productivity gains are getting eaten by debugging and what happens when the AI agents start treating your main repo like a sandbox project. If you are wondering if you are building faster or just debugging more, this conversation provides the reset you need. In this episode, you’ll learn: Why writing code manually means you are already too far behindHow to manage the six specific types of AI code changesThe reason Diff Discipline is the only way to survive vibe coding Things to listen for:  (00:00) Meet Adron Hall (03:14) Why the junior developer pipeline is imploding (05:13) How to reign in agent scope for better results (08:31) The slow creeping dread of vibe coding (12:50) Moving past communication cycles with prototypes (16:50) Why shipping to production needs a human gatekeeper (20:20) How roles shift when agents handle the workflow (24:05) Why slinging individual lines of code is over (29:47) Bringing a generalist approach back to computer science (34:57) Breaking down the six types of code changes (41:40) Why AI optimizes for plausible output instead of correctness (52:37) Enforcing diff limits to keep human reviewers sane (57:29) Setting up no-fly zones for sensitive code (01:02:41) The coming hundred x shock to the tech industry (01:11:27) What it means to be a coder in 2026 Resources: Adron Hall’s LinkedIn: https://www.linkedin.com/in/adron/ Composite Thrashing Code blog: https://compositecode.blog/

    ١ س ١٤ د
  5. AI Is Skipping the Fundamentals and That Should Worry You feat. Dan Vega

    ٢٥ مارس

    AI Is Skipping the Fundamentals and That Should Worry You feat. Dan Vega

    Dan Vega has spent years teaching developers how to build things the right way. Now he’s watching AI change how an entire generation learns to code. Dan is a Spring Developer Advocate at Broadcom, and in this episode of [Dev]olution, we get into what happens when AI removes friction faster than it builds understanding. Writing code has never been easier, but the fundamentals are quietly getting skipped. We talk about why AI is creating masters with no apprentices, how junior developers are getting fast-tracked past the learning phase, and why understanding systems still matters more than shipping quickly.  If you’re building with AI or trying to learn without losing the basics, this conversation with Dan Vega is one heck of a learning session. In this episode, you’ll learn: Why developers still need to learn how systems fail, not just how code runsHow AI changes the role of mentors and what juniors are missing without feedback loopsWhy shipping faster doesn’t automatically mean building better software Things to listen for:  (00:00) Meet Dan Vega (01:40) How AI changed the way people learn to code (05:05) Shipping code without understanding systems (08:55) Dan’s path from learning fundamentals to teaching them (12:35) How AI reinforces bad developer habits (16:00) The “masters with no apprentices” problem (19:45) Why juniors are skipping the struggle phase (23:55) Copying answers versus building intuition (28:15) Why debugging is where learning happens (32:10) Teaching reasoning instead of syntax (36:30) The danger of prompt-driven development (40:20) What senior developers should do differently (44:35) Using AI without losing judgment (48:50) Advice for developers starting today (53:30) Final thoughts on learning in an AI-first world Resources: Dan Vega’s LinkedIn: https://www.linkedin.com/in/danvega/ Broadcom website: https://www.broadcom.com

    ١ س
  6. Shai-Hulud: The NPM Worm That Spreads Like Virus

    ١١ مارس

    Shai-Hulud: The NPM Worm That Spreads Like Virus

    Welcome to the first minisode of Devolution where we dive into the devastating Shai-Hulud attack that shook the NPM ecosystem last year.  Nicky Pike breaks down how a self-replicating worm took control of over 25,000 GitHub repositories, exploiting a simple NPM command that every developer runs without thinking. From the rapid spread to its impact on household developer tools, this attack wasn’t just a breach, it was a full-blown software pandemic. Listen in as we explore how this worm spread like wildfire, evaded detection, and the long-lasting implications it has on developer security. Get ready as we get into zero-day vulnerabilities and what we need to do to protect our development environments moving forward. Don’t let the next Shai-Hulud catch you off guard. In this episode, you’ll learn: How Shai-Hulud started as a simple NPM command and evolved into a self-replicating worm.Why big companies like PostHog and Trust Wallet were impacted despite having strong security measures, exposing critical vulnerabilities in their defenses.What you can do next by rethinking your security models to protect against evolving threats like Shai-Hulud. Episode highlights:(00:00) 25,000 Repos in 72 Hours, What Happened? (00:30) The First Self-Replicating NPM Worm (01:00) Shai-Hulud 2.0 Goes Exponential (02:00) How It Bypassed Security & Harvested Secrets (03:00) 400K Secrets Exposed & the Trust Wallet Fallout (04:15) Why Traditional Developer Security Failed (05:00) What Teams Must Change Now Resources: Widespread Supply Chain Compromise Impacting npm EcosystemThe Shai-Hulud 2.0 npm worm: analysis, and what you need to knowShai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing SecretsPost-mortem of Shai-Hulud attack on November 24th, 2025“Shai-Hulud” npm Attack: What You Need to KnowInside Shai-Hulud’s Maw: How The NPM Worm Exploits And Propagates

    ٧ د
  7. You Don't Need a Dev Team to Build an App. Just Try and Test with AI

    ٤ مارس

    You Don't Need a Dev Team to Build an App. Just Try and Test with AI

    Marco Martinez went rogue and built a production-ready system with zero coding experience. Six months ago, the only Python Marco knew was a really big snake. Now, as the Community Marketing Manager at Coder, he created a multi-agent system that monitors Discord, processes messages through Llama AI, and routes them to Slack for approval, then sends them back to Discord. And it’s heading to production. In this episode, Marco shares how he solved a real business problem using AI and zero dev skills. He also shows us that vibe coding is the future and anyone can build software by simply tinkering with the right tools. If you think you need to be a developer to build something impactful, this episode will show you how perfectly capable you are with the help of AI as a non-developer. In this episode, you’ll learn: Why non-developers should trust AI to handle the heavy lifting while they focus on solving problemsHow embracing failure and iteration speeds up development and leads to better resultsWhy AI is a game-changer for anyone looking to create real solutions quickly Things to listen for:  (00:00) Meet Marco Martinez (02:48) Why Marco built the bot himself (04:23) The problem with managing Discord messages (08:39) How tinkering with AI led to development (09:17) How AI democratizes software development (12:30) Marco’s approach to vibe coding (13:16) The rise of AI agents as partners (14:41) Learning Git and the branching lesson (19:15) Why PRDs made Marco’s workflow more efficient (22:45) The power of PRDs for non-developers (26:51) How AI sparked Marco’s interest in learning more tech (30:45) How Marco chose Llama AI (35:15) Moving from local development to cloud (43:45) Marco’s plans to bring engineers for production (46:52) Demonstrating the multi-agent system in action (55:15) Using PRDs to speed up development Resources: Marco Martinez’s LinkedIn: https://www.linkedin.com/in/marcomartinez-marketingmanager/ Coder website: https://coder.com/

    ١ س ٤ د
  8. Are You Even Using The Right AI Tools? with Caleb Washburn

    ١٨ فبراير

    Are You Even Using The Right AI Tools? with Caleb Washburn

    Caleb Washburn didn’t build his career on chasing shiny new tech. From his years as an IT architect to his role as CTO and Founder at MomentumAI, Caleb’s focus has always been on solving real problems.  In this episode of [Dev]olution, Caleb challenges the current hype around Kubernetes, cloud costs, and AI tools, urging us to think beyond the latest trends. With his extensive experience in enterprise solutions, Caleb dives deep into why many companies are getting burned by their cloud strategies and how they can build smarter, more scalable infrastructures. He explains that AI is really about finding the right solutions that actually support your business goals. If you want to build a solid foundation for AI success, check out this episode. In this episode, you’ll learn: Why Kubernetes might not be the right tool for every enterpriseHow to scale AI responsibly and avoid common infrastructure pitfallsThe importance of choosing the right technology for your company’s goals Things to listen for:  (00:00) Meet Caleb Washburn (02:10) Why Kubernetes might not be the right tool (05:30) The real cost of cloud strategies and the danger of overspending (09:45) Why AI isn't the magic solution it's cracked up to be (13:15) How to evaluate the right tech for your business needs (17:00) Avoiding the “shiny tool” trap in enterprise solutions (21:10) Building smarter, scalable infrastructures for AI (25:45) How AI can solve real problems, not just create more hype (30:00) The importance of a solid foundation before scaling with AI (35:30) Practical advice for developers working with AI tools (40:00) Why cloud repatriation is happening and what it means for the future (45:15) How enterprises can avoid common pitfalls when integrating AI (50:00) Final thoughts: Navigating tech trends and focusing on outcomes Resources: Caleb Washburn’s LinkedIn: https://www.linkedin.com/in/calebwashburn/ MomentumAI website: https://www.momentumai.com/

    ١ س ٣ د
مشاهدة الكل (١٩)

مقطع ترويجي

حول

The development world is cluttered with buzzwords and distractions. Speed, focus, and freedom? Gone. I’m Nicky Pike. And it’s time for a reset. [Dev]olution is here to help you get back to what matters: creating, solving, and making an impact. No trend chasing, just asking better questions. What do devs really want? How can platform teams drive flow, not friction? How does AI actually help? Join me every two weeks for straight talk with the people shaping the future of dev. This is the [Dev]olution.

المعلومات

  • صناع العمل
    Coder
  • سنوات النشاط
    ٢٠٢٥ - ٢٠٢٦
  • الحلقات
    ١٩
  • التقييم
    ملائم
  • حقوق النشر
    © 2026 Coder