logo
episode-header-image
Jan 2024
1h 28m

Shift left, seriously. (Changelog Interv...

CHANGELOG MEDIA
About this episode

This week we’re going deep on security and what it takes to shift left, seriously. Adam is joined by Justin Garrison (co-host of Ship It), plus two members of the BoxyHQ team — Deepak Prabhakara, Co-founder & CEO and Schalk Neethling, Community Manager and DevRel as well as fellow Changelog Slack member.

We discuss how to shift left, the role of the developer and the burden of security, the importance of tooling, the difference between authentication and authorization, and a mindset change for when security takes place — it’s a matter of “when” not “who.”

Leave us a comment

Changelog++ members get a bonus 10 minutes at the end of this episode and zero ads. Join today!

Sponsors:

  • Vercel – With zero configuration for over 35 frameworks, Vercel’s Frontend Cloud makes it easy for any team to deploy their apps. Today, you can get a 14-day free trial of Vercel Pro, or get a customized Enterprise demo from their team. Visit vercel.com/changelogpod to get started.
  • Synadia – Take NATS to the next level via a global, multi-cloud, multi-geo and extensible service, fully managed by Synadia. They take care of all the infrastructure, management, monitoring, and maintenance for you so you can focus on building exceptional distributed applications.
  • Read Write Own – Read, Write, Own: Building the Next Era of the Internet—a new book from entrepreneur and investor Chris Dixon—explores one possible solution to the internet’s authenticity problem: Blockchains. From AI that tracks its source material to generative programs that compensate—rather than cannibalize—creators. It’s a call to action for a more open, transparent, and democratic internet. One that opens the black box of AI, tracks the origins we see online, and much more. Order your copy of Read, Write, Own today at readwriteown.com
  • Fly.io – The home of Changelog.com — Deploy your apps and databases close to your users. In minutes you can run your Ruby, Go, Node, Deno, Python, or Elixir app (and databases!) all over the world. No ops required. Learn more at fly.io/changelog and check out the speedrun in their docs.

Featuring:

Show Notes:

Something missing or broken? PRs welcome!

Up next
Jul 7
Full-breadth developers for the win (Changelog News #151)
Justin Searls describes the "full-breadth developer" and why they'll win because AI, Cloudflare comes up with a way publishers can charge crawlers for access, Hugo Bowne-Anderson explains why building AI agents fails so often, the Job Worth Calculator tells you if your job is wor ... Show More
8m 54s
Jul 4
Selling mountain bikes all over the planet (Changelog & Friends #100)
Jeff Cayley joins Adam to talk about selling mountain bikes all over the planet and making some of the best outdoor and mountain bike gear, parts, and accessories you can buy. They have a killer YouTube channel as well. 
2h 8m
Jul 2
Agent, take the wheel (Changelog Interviews #648)
Thorsten Ball returned to Sourcegraph to work on Amp because he believes being able to talk to an alien intelligence that edits your code changes everything. On this episode, Thorsten joins us to discuss exactly how coding agents work, recent advancements in AI tooling, Amp's uni ... Show More
1h 53m
Recommended Episodes
May 2024
Microsoft is all-in on AI: Part 1 (Interview)
Scott Guthrie joins the show this week from Microsoft Build 2024 to discuss Microsoft being all-in on AI. From Copilot, to Azure AI and Prompty, to their developer first focus, leading GitHub, VS Code being the long bet that paid off, to the future of a doctor’s bedside manner as ... Show More
1h 4m
Mar 2024
AI vs software devs
Daniel and Chris are out this week, so we’re bringing you conversations all about AI’s complicated relationship to software developers from other Changelog pods: JS Party, Go Time & The Changelog.Join the discussionChangelog++ members save 2 minutes on this episode because they m ... Show More
57 m
Jun 2024
Microsoft is all-in on AI: Part 2 (Interview)
Mark Russinovich, Eric Boyd & Neha Batra join us to discuss the state of AI for Microsoft and OpenAI at Microsoft Build 2024. It’s safe to say that Microsoft is all-in on AI. Leave us a comment Changelog++ members save 14 minutes on this episode because they made the ads disappea ... Show More
2h 46m
May 2024
SSR web components for all
Brian LeRoux joins Jerod to share how the Enhance team are bringing server side rendered web components to everyone. With Enhance WASM, you author components in friendly, standards based syntax and reuse them across multiple languages, frameworks & servers. Leave us a comment Cha ... Show More
57m 45s
Jun 2024
Apple finally gets Siri-ous (News)
Apple announces its “new” style of AI, piku gives you “git push” deployment on your own servers, Dabo Chen rebuilds nanoGPT in a spreadsheet, Mark Seemann thinks you’ll regret using natural keys in your database design & Glyph Lefkowitz describes his grand unified theory of the A ... Show More
7m 49s
Apr 2024
Mamba & Jamba
First there was Mamba… now there is Jamba from AI21. This is a model that combines the best non-transformer goodness of Mamba with good ‘ol attention layers. This results in a highly performant and efficient model that AI21 has open sourced! We hear all about it (along with a var ... Show More
41m 13s
May 2024
Is it too late to opt out of AI? (Friends)
Tech lawyer Luis Villa returns to answer our most pressing questions: what’s up with all these new content deals? How did Google think it was a good idea to ship AI Summaries in its current state? Is it too late to opt out of AI? We also discuss AI in Hollywood (spoilers!), posit ... Show More
1h 39m
Jun 2024
Rise of the AI PC & local LLMs
We’ve seen a rise in interest recently and a number of major announcements related to local LLMs and AI PCs. NVIDIA, Apple, and Intel are getting into this along with models like the Phi family from Microsoft. In this episode, we dig into local AI tooling, frameworks, and optimiz ... Show More
35m 35s
Feb 2021
We Review Resumes, Websites, and Online Presence
In this episode of Syntax, Scott and Wes review resumes, websites, and online presences, and discuss pros and cons, what you should focus on, and more! Freshbooks - Sponsor Get a 30 day free trial of Freshbooks at freshbooks.com/syntax and put SYNTAX in the “How did you hear abou ... Show More
1h 7m
Feb 2024
Angular moves fast without breaking things
KBall & Amal dive deep with the “Dazzle of Zebras” (possible future band name), Angular team members Jessica Janiuk & Mark “Techson” Thompson. Along with an absolute riot of puns, they cover topics such as Angular’s new deferrable views feature, how the Angular core team handles ... Show More
1h 11m