Software Engineering Daily

Mobile App Security with Ryan Lloyd

Mobile apps have become a primary interface for critical services, including banking, payments, and healthcare. Unlike web applications, much of the logic and intellectual property in a mobile app lives directly on the user’s device, which is an environment the developer doesn’t control. That makes mobile apps uniquely exposed to reverse engineering, runtime manipulation, and fraud. As more critical functionality shifts to mobile, the need to harden apps against sophisticated attackers continues to grow. Guardsquare builds tools to protect and test mobile applications against both static and dynamic threats. Its platform has features including layered code obfuscation, runtime application self-protection, mobile-specific security testing, threat monitoring, and API attestation. Ryan Lloyd is the Chief Product Officer at Guardsquare. In this episode, he joins Gregor Vand to discuss why mobile security differs from desktop and web security, how reverse engineering tools have evolved, the role of compiler-based obfuscation and runtime protections, common mobile app vulnerabilities, and how LLMs are reshaping the attacker landscape. Full Disclosure: This episode is sponsored by Guardsquare. Gregor Vand is a security-focused technologist, having previously been a CTO across cybersecurity, cyber insurance and general software engineering companies. He is based in Singapore and can be found via his profile at vand.hk or on LinkedIn. Please click here to see the transcript of this episode. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post Mobile App Security with Ryan Lloyd appeared first on Software Engineering Daily.

FastMCP with Adam Azzam and Jeremiah Lowin

The Model Context Protocol, or MCP, gives developers a common way to expose tools, data, and capabilities to large language models, and it has quickly become an important standard in agentic AI. FastMCP is an open source project stewarded by the team at Prefect, which is an orchestration platform for AI and data workflows. The FastMCP project builds on MCP to provide high-level, ergonomic abstractions for Python developers to rapidly build and deploy MCP servers and applications. Jeremiah Lowin is the founder and CEO of Prefect, and Adam Azzam is the VP of Product at the company. In this episode, Jeremiah and Adam join Gregor Vand to discuss the origin story of FastMCP, the three pillars of the framework, the architectural decisions behind FastMCP 3.0, and much more. Gregor Vand is a security-focused technologist, having previously been a CTO across cybersecurity, cyber insurance and general software engineering companies. He is based in Singapore and can be found via his profile at vand.hk or on LinkedIn. Please click here to see the transcript of this episode. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post FastMCP with Adam Azzam and Jeremiah Lowin appeared first on Software Engineering Daily.

SED News: OpenCode, AI Code vs. Shipped Code, and the LiteLLM Breach

SED News is a monthly podcast from Software Engineering Daily where hosts Gregor Vand and Sean Falconer unpack the biggest stories shaping software engineering, Silicon Valley, and the broader tech industry. In this episode, they cover the resurgence of ARM and CPUs as serious compute infrastructure for running local AI agents, a supply chain attack on LiteLLM that exposed API credentials across thousands of developer environments, and the arrival of OpenCode as a fully open source alternative to Claude Code and Codex. They also discuss the diverging strategies of Anthropic and OpenAI following the Pentagon contract controversy, and what it signals about where each company is positioning itself in the enterprise and government markets. Gregor and Sean then dive deep into what the AI coding boom actually means for shipping software. Finally, they highlight standout threads from Hacker News, including Doom running entirely over DNS, the psychology of seafoam green in Cold War-era control rooms, a Tesla Model 3 computer assembled from salvaged crash components, and Apple’s quiet discontinuation of the Mac Pro. Gregor Vand is a security-focused technologist, having previously been a CTO across cybersecurity, cyber insurance and general software engineering companies. He is based in Singapore and can be found via his profile at vand.hk or on LinkedIn. Sean’s been an academic, startup founder, and Googler. He has published works covering a wide range of topics from AI to quantum computing. Currently, Sean is an AI Entrepreneur in Residence at Confluent where he works on AI strategy and thought leadership. You can connect with Sean on LinkedIn. Please click here to see the transcript of this episode. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post SED News: OpenCode, AI Code vs. Shipped Code, and the LiteLLM Breach appeared first on Software Engineering Daily.

FreeBSD with John Baldwin

FreeBSD is one of the longest-running and most influential open-source operating systems in the world. It was born from the Berkeley Software Distribution in the early 1990s, it has powered everything from high-performance networking infrastructure to game consoles and content delivery networks. Over three decades, it has evolved through major architectural shifts, from symmetric multiprocessing and kernel scalability to modern storage systems and predictable release engineering. John Baldwin has spent more than 25 years working on FreeBSD as a developer, contributor, and consultant. In this episode, John joins Gregor Vand to discuss the origins of FreeBSD, how its governance model differs from other open-source projects, its role inside systems like Netflix’s CDN and the PlayStation 4, the challenges of maintaining a 30-year-old codebase, and much more. Gregor Vand is a security-focused technologist, having previously been a CTO across cybersecurity, cyber insurance and general software engineering companies. He is based in Singapore and can be found via his profile at vand.hk or on LinkedIn. Please click here to see the transcript of this episode. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post FreeBSD with John Baldwin appeared first on Software Engineering Daily.

Cilium, eBPF, and Modern Kubernetes Networking with Bill Mulligan

Modern cloud-native systems are built on highly dynamic, distributed infrastructure where containers spin up and down constantly, services communicate across clusters, and traditional networking assumptions break down. Linux networking was designed decades ago around static IPs and linear rule processing, which makes it increasingly difficult to achieve scale in Kubernetes environments. At the same time, modifying the Linux kernel to keep up with these demands is slow, risky, and impractical for most organizations. The Extended Berkeley Packet Filter, or eBPF, is a Linux kernel technology that allows sandboxed programs to run safely inside the kernel without modifying kernel source code or loading kernel modules. Cilium is an open-source, cloud-native networking platform that’s built on eBPF, and provides, secures, and observes connectivity between workloads in Kubernetes and other distributed environments. Bill Mulligan is a maintainer in the Cilium ecosystem and a member of the team at Isovalent, the company behind Cilium. He joins the show with Gregor Vand to discuss how eBPF works under the hood, why Cilium has become one of the most widely adopted Kubernetes networking projects, and how the future of cloud-native infrastructure is being reshaped by programmable kernels. Gregor Vand is a security-focused technologist, having previously been a CTO across cybersecurity, cyber insurance and general software engineering companies. He is based in Singapore and can be found via his profile at vand.hk or on LinkedIn. Please click here to see the transcript of this episode. Sponsorship inquiries: sponsor@softwareengineeringdaily.com The post Cilium, eBPF, and Modern Kubernetes Networking with Bill Mulligan appeared first on Software Engineering Daily.