The Platform Engineering Podcast is a show about the real work of building and running internal platforms — hosted by Cory O’Daniel, longtime infrastructure and software engineer, and CEO/cofounder of Massdriver. Each episode features candid conversations with the engineers, leads, and builders shaping platform engineering today. Topics range from org structure and team ownership to infrastructure design, developer experience, and the tradeoffs behind every “it depends.” Cory brings two deca ...
…
continue reading
Cory ODaniel Podcasts
Securing the future of DevOps and AI: real talk with industry leaders.
…
continue reading
1
Using Feature Flags to Tame Complexity with Mike Zorn
43:29
43:29
Play later
Play later
Lists
Like
Liked
43:29
What if changing a single flag could save you from a failed migration, a broken API, or a late-night rollback? Join us as we dive into how feature flags become a practical tool for changing application behavior at runtime, not just toggling UI elements. Cory talks Mike Zorn about real stories from LaunchDarkly and Rippling, covering how teams use f…
…
continue reading
1
Vulnerabilities In Enterprise AI Workflows With Nicolas Dupont
34:34
34:34
Play later
Play later
Lists
Like
Liked
34:34
Episode Summary As AI systems become increasingly integrated into enterprise workflows, a new security frontier is emerging. In this episode of The Secure Developer, host Danny Allan speaks with Nicolas Dupont about the often-overlooked vulnerabilities hiding in vector databases and how they can be exploited to expose sensitive data. Show Notes As …
…
continue reading
1
Policy as Code: Kyverno and Securing Kubernetes at Scale with Jim Bugwadia
42:21
42:21
Play later
Play later
Lists
Like
Liked
42:21
Most Kubernetes security breaches don't come from zero-day exploits - they come from misconfigurations. While your team runs scanners and reviews reports, containers are already running as root, network policies are missing, and compliance violations are piling up across dozens of repositories. Jim Bugwadia, co-founder and CEO of Nirmata and creato…
…
continue reading
1
Guest Host: Kelsey Hightower - Beyond Pipelines: Infrastructure As Data
48:51
48:51
Play later
Play later
Lists
Like
Liked
48:51
Is your Git repo really the source of truth for infrastructure - or just a suggestion? Guest host Kelsey Hightower sits down with Cory O’Daniel to unpack why many teams hit dead ends with CI/CD for provisioning, where GitOps struggles with drift, and when TicketOps helps or hurts. They explore a different model: infrastructure as data with typed co…
…
continue reading
1
Guest Host: Kelsey Hightower - Are CI/CD and GitOps Just Making Things Harder?
30:18
30:18
Play later
Play later
Lists
Like
Liked
30:18
What if your production environment had a live, trustworthy blueprint you could zoom in and out of on demand? Kelsey Hightower guest-hosts a candid conversation with Cory about why CI/CD pipelines and GitOps often break down for cloud infrastructure. They explore a simpler operational model: treat infrastructure as data, lean on clear checkpoints i…
…
continue reading
1
Guest Host: Kelsey Hightower — Why IaC Alone Isn’t Enough
39:40
39:40
Play later
Play later
Lists
Like
Liked
39:40
Ever wonder why strong Terraform modules still lead to long review queues and fragile pipelines? From hand-built scripts and early data center migrations to cloud sprawl and Kubernetes, configuration management has changed a lot - but the core struggle remains: too many decisions, not enough guardrails. Guest host Kelsey Hightower sits down with Co…
…
continue reading
1
How to Ship Faster with Feature Flags: Insights from Unleash
43:58
43:58
Play later
Play later
Lists
Like
Liked
43:58
Still freezing code before Black Friday and hoping nothing breaks? Feature flags can help you ship smaller, safer changes continuously—without the “big bang” risk or painful rollbacks. Cory O’Daniel talks with Unleash VP of Marketing Michael Ferranti about how modern teams use flags as a core delivery primitive alongside CI/CD and trunk-based devel…
…
continue reading
1
Autonomous Identity Governance With Paul Querna
31:24
31:24
Play later
Play later
Lists
Like
Liked
31:24
Episode Summary Can multi-factor authentication really “solve” security, or are attackers already two steps ahead? In this episode of The Secure Developer, we sit down with Paul Querna, CTO and co-founder at ConductorOne, to unpack the evolving landscape between authentication and authorisation. In our conversation, Paul delves into the difference …
…
continue reading
1
Retrieval-Augmented Generation With Bob Remeika From Ragie
36:45
36:45
Play later
Play later
Lists
Like
Liked
36:45
Episode Summary Bob Remeika, CEO and Co-Founder of Ragie, joins host Danny Allan to demystify Retrieval-Augmented Generation (RAG) and its role in building secure, powerful AI applications. They explore the nuances of RAG, differentiating it from fine-tuning, and discuss how it handles diverse data types while mitigating performance challenges. The…
…
continue reading
1
GraphQL, MCP, and the Future of APIs with Apollo CEO Matt DeBergalis
43:07
43:07
Play later
Play later
Lists
Like
Liked
43:07
**UPDATE** - Apollo GraphQL has kindly offered us a few free passes to join them at the GraphQL Summit in San Francisco, October 6-8, 2025. If you are interested in going, the code is: PodcastSummit25 What if your API layer could help you ship faster today and make tomorrow’s AI workflows safer and easier to build? Apollo CEO Matt DeBergalis explai…
…
continue reading
1
Securing The Future Of AI With Dr. Peter Garraghan
38:19
38:19
Play later
Play later
Lists
Like
Liked
38:19
Episode Summary Machine learning has been around for decades, but as it evolves rapidly, the need for robust security grows even more urgent. Today on the Secure Developer, co-founder and CEO of Mindgard, Dr. Peter Garraghan, joins us to discuss his take on the future of AI. Tuning in, you’ll hear all about Peter’s background and career, his though…
…
continue reading
1
Beyond Cracking the Coding Interview with Mike Mroczka
1:08:35
1:08:35
Play later
Play later
Lists
Like
Liked
1:08:35
Ever wondered how many “perfect” candidates simply learned the test—or how many great engineers get filtered out by bad interview design? Mike Mroczka, interview coach and ex-Googler, shares what really goes on behind technical hiring and how to navigate it to your advantage. What you’ll learn: How leaked question banks and standardized puzzles can…
…
continue reading
1
The Future is Now with Michael Grinich (WorkOS)
33:11
33:11
Play later
Play later
Lists
Like
Liked
33:11
Episode Summary Will AI replace developers? In this episode, Snyk CTO Danny Allan chats with Michael Grinich, the founder and CEO of WorkOS, about the evolving landscape of software development in the age of AI. Michael shares a fascinating analogy, comparing the shift in software engineering to the historical evolution of music, from every family …
…
continue reading
1
From React to Dagster: Pete Hunt on Data, Infra, and AI-Ready Platforms
49:32
49:32
Play later
Play later
Lists
Like
Liked
49:32
Is Postgres actually a better message queue than Kafka? This provocative question is just one of many insights Pete Hunt shares in this conversation about data orchestration, platform engineering, and the evolution of infrastructure. Pete Hunt, CEO of Dagster Labs and former React co-founder at Facebook, brings his unique perspective from working a…
…
continue reading
1
Building Better Platforms with Dapr: Abstractions, Portability, and Durable Systems with Mark Fussell
48:39
48:39
Play later
Play later
Lists
Like
Liked
48:39
Cloud lock-in isn't just about where your data lives—it's about how deeply cloud-specific code permeates your applications. Mark Fussell, co-creator of Dapr and CEO of Diagrid, joins Cory O'Daniel to explore how Dapr provides clean abstractions for common distributed system patterns, enabling teams to build portable applications without sacrificing…
…
continue reading
1
What CVEs Did for Security, CREs Are Doing for Reliability
47:36
47:36
Play later
Play later
Lists
Like
Liked
47:36
Did you know that software engineers often "learn things the hard way" because they lack a standardized system to share knowledge about reliability issues? While security professionals have CVEs to catalog vulnerabilities, reliability engineers have been left to reinvent the wheel with each new bug or outage. Tony Meehan, co-founder and CTO of Preq…
…
continue reading
1
Open Authorization In The World Of AI With Aaron Parecki
36:07
36:07
Play later
Play later
Lists
Like
Liked
36:07
Episode Summary How do we apply the battle-tested principles of authentication and authorization to the rapidly evolving world of AI and Large Language Models (LLMs)? In this episode, we're joined by Aaron Parecki, Director of Identity Standards at Okta, to explore the past, present, and future of OAuth. We dive into the lessons learned from the ev…
…
continue reading
1
From DevOps to 'Vibe Coding': Gene Kim on AI-Assisted Development and Platform Engineering
56:32
56:32
Play later
Play later
Lists
Like
Liked
56:32
What if you could turn a five-year software project into a one-month endeavor? Gene Kim, co-founder of IT Revolution and author of The Phoenix Project, reveals how AI-powered Vibe Coding is transforming the way developers work. Kim shares insights from his upcoming book about how developers are achieving unprecedented productivity, including how hi…
…
continue reading
1
The Evolution Of Platform Engineering With Massdriver CEO Cory O’Daniel
40:01
40:01
Play later
Play later
Lists
Like
Liked
40:01
Episode Summary Dive into the ever-evolving world of platform engineering with Cory O’Daniel, CEO and co-founder of Massdriver. This episode explores the journey of DevOps, the challenges of building and scaling infrastructure, and the crucial role of creating effective abstractions to empower developers. Cory shares his insights on the shift towar…
…
continue reading
1
The Future Of API Security With FireTail’s Jeremy Snyder
38:00
38:00
Play later
Play later
Lists
Like
Liked
38:00
Episode Summary Jeremy Snyder is the co-founder and CEO of FireTail, a company that enables organizations to adopt AI safely without sacrificing speed or innovation. In this conversation, Jeremy shares his deep expertise in API and AI security, highlighting the second wave of cloud adoption and his pivotal experiences at AWS during key moments in i…
…
continue reading
1
Snyk’s Danny Allan on Making Security Developer-Friendly
45:26
45:26
Play later
Play later
Lists
Like
Liked
45:26
Security often feels like a roadblock to developers, but what if it could be seamlessly integrated into the development process? As software delivery becomes increasingly automated and self-service, the traditional approach to security needs a major overhaul. Danny Allan, CTO at Snyk, shares practical insights on transforming security from a bottle…
…
continue reading
1
The Case For Steward Ownership And Open Source With Melanie Rieback
44:11
44:11
Play later
Play later
Lists
Like
Liked
44:11
Episode Summary Is the traditional Silicon Valley startup model harming the security industry? In this episode of The Secure Developer, Danny Allan talks with Melanie Rieback, founder of Radically Open Security, about shaking up the industry with nonprofit business models. Tuning in, you’ll learn about the inner workings of Radically Open Security …
…
continue reading
1
vCluster with Lukas Gentele: Rethinking Kubernetes Multi-Tenancy
40:56
40:56
Play later
Play later
Lists
Like
Liked
40:56
Are your platform teams constantly saying "no" to requests for new Kubernetes clusters? The traditional approach to Kubernetes multi-tenancy forces organizations to choose between cluster sprawl or restrictive namespaces - neither of which fully meets the needs of modern development teams. Lukas Gentele, CEO and co-founder of Loft Labs, shares how …
…
continue reading
1
Advancing AppSec With AI With Akira Brand
34:52
34:52
Play later
Play later
Lists
Like
Liked
34:52
Episode Summary In this episode of The Secure Developer, Danny Allan sits down with Akira Brand, AVP of Application Security at PRA Group, to explore the evolving landscape of application security and AI. Akira shares her unconventional journey from opera to cybersecurity, discusses why AppSec is fundamentally a customer service role and breaks dow…
…
continue reading
1
Building Real-World Platforms: Abby Bangser on CNCF, Kratix, & Syntasso
53:54
53:54
Play later
Play later
Lists
Like
Liked
53:54
When organizations grow beyond using third-party platforms, they face a critical challenge: how to build internal platforms that enable teams to work efficiently while maintaining security and compliance. Abby Bangser, founding principal engineer at Syntasso, shares insights on creating real-world platforms that strike the right balance between sta…
…
continue reading
1
Authentication, Authorization, And The Future Of AI Security With Alex Salazar
38:36
38:36
Play later
Play later
Lists
Like
Liked
38:36
Episode Summary In this episode of The Secure Developer, host Danny Allan sits down with Alex Salazar, founder and CEO of Arcade, to discuss the evolving landscape of authentication and authorization in an AI-driven world. Alex shares insights on the shift from traditional front-door security to back-end agent interactions, the challenges of securi…
…
continue reading
1
Smart TV Testing Made Simple with Dave Lucia of TV Labs
47:50
47:50
Play later
Play later
Lists
Like
Liked
47:50
Testing smart TV applications presents unique challenges that traditional web testing approaches can't solve. Dave Lucia, CTO and co-founder of TV Labs, shares how his team built a platform that virtualizes televisions and set-top boxes to help media companies test their smart TV apps on physical devices. Learn about TV Labs' innovative architectur…
…
continue reading
1
Rethinking Secure Communication With Mrinal Wadhwa
40:32
40:32
Play later
Play later
Lists
Like
Liked
40:32
Episode Summary In this episode of The Secure Developer, Danny Allan sits down with Mrinal Wadhwa, CTO at Ockam, to explore the evolving landscape of secure communication in distributed systems. They discuss the challenges of securing microservices, IoT networks, and Kubernetes environments and how traditional TLS-based security models may no longe…
…
continue reading
1
The Future Of Security, Privacy And Control With Wayne Chang
39:22
39:22
Play later
Play later
Lists
Like
Liked
39:22
Episode Summary In this episode of The Secure Developer, Danny Allan, CTO of Snyk, sits down with Wayne Chang, Founder and CEO of SpruceID, to explore the evolving landscape of digital identity and security. From self-sovereign identity to the role of AI in authentication, they discuss the future of identity management, the risks of centralized sys…
…
continue reading
1
Trust, Lock-in, And Better Infrastructure Management
1:03:05
1:03:05
Play later
Play later
Lists
Like
Liked
1:03:05
Why do 70% of organizations still struggle to adopt infrastructure as code? Sören Martius, CPO and co-founder of Terramate, joins Cory O'Daniel to tackle the challenges of modern infrastructure management and the delicate balance between vendor trust and lock-in. The conversation explores practical solutions for common infrastructure challenges, fr…
…
continue reading
1
Building Security Culture With Dustin Lehr
38:15
38:15
Play later
Play later
Lists
Like
Liked
38:15
Episode Summary Security is more than just a checklist—it’s a cultural movement. In this episode, Dustin Lehr, Co-founder of Katilyst, joins Danny Allan to explore the intersection of security, engineering, and culture. They discuss how to foster security champions, scale security programs, and build a culture where developers naturally integrate s…
…
continue reading
1
Meeting Developers In Their Existing Workflows: The Terrateam Advantage
57:02
57:02
Play later
Play later
Lists
Like
Liked
57:02
Building infrastructure tooling doesn't require massive VC funding or a huge team - just ask Malcolm Matalka, co-founder of bootstrapped Terrateam. Malcolm shares his journey from real estate websites to investment banking to biotech, before landing in infrastructure automation. Learn how Terrateam takes a unique "libraries over frameworks" approac…
…
continue reading
1
Securing And Defending Like Brazilian Jiu-Jitsu With Jeremiah Grossman
36:57
36:57
Play later
Play later
Lists
Like
Liked
36:57
Episode Summary Join Jeremiah Grossman, application security pioneer and former CEO of WhiteHat Security, as he reflects on decades of innovation in the industry, from the early days of OWASP to today’s AI-driven development landscape. Explore critical discussions about the escalating costs of security, aligning developer incentives, and the future…
…
continue reading
1
Beyond GitOps: Rethinking Cloud Self-Service with Dave Williams
1:16:17
1:16:17
Play later
Play later
Lists
Like
Liked
1:16:17
Is GitOps holding your team back? In this thought-provoking conversation with Massdriver co-founder Dave Williams, we challenge conventional wisdom around cloud infrastructure management and explore why traditional approaches to compliance and self-service may be creating more problems than they solve. Discover how leading organizations are moving …
…
continue reading
1
The Development Of Security With David Mytton
34:23
34:23
Play later
Play later
Lists
Like
Liked
34:23
Episode Summary In this episode of The Secure Developer, host Danny Allan sits down with David Mytton, founder and CEO of Arcjet, former CEO of Server Density, and co-founder of Console.dev. David shares his insights into bridging the “developer-security gap” with Arcjet, a cutting-edge middleware SDK designed to empower developers with advanced se…
…
continue reading
