.NET Rocks!

How has application security evolved over the decades? Carl and Richard talk to Michael Howard about his experiences working in security at Microsoft. Michael discusses his current role as a member of the Red Team at Microsoft, which identifies security vulnerabilities within the organization by creating scenarios that black hats might employ, such as stealing tokens or hijacking financial transactions. The conversation examines how security continues to evolve, with improved tools, new attack surfaces, and increasingly serious attacks. It's an arms race, but one the good guys can win!

Billy Hollis, a seasoned software designer known for his contrarian views, dives into the complexities of modernizing legacy applications. He emphasizes the critical nature of these systems and the need for careful updates. The conversation explores enhancing user experiences through optimized workflows, accessibility, and the use of tools like Copilot. Hollis also shares insights on balancing client expectations with design challenges and highlights the importance of interpersonal skills in navigating legacy systems and user-centric designs.

Hannes Lowette, a principal consultant at Axes in Belgium, is passionate about back-end development and event-driven architectures. He discusses how event sourcing revolutionizes application scalability by favoring event streams over traditional data storage. Hannes emphasizes the efficiency of managing commands and states, and how this approach works harmoniously with relational databases. He also tackles the complexities of complying with GDPR while maintaining event integrity, showcasing the future of scalable architecture in data management.

Mark Seemann, a programmer with an economics background and blogger at blog.ploeh.dk, shares his insights on the impacts of AI, particularly large language models, on software development. He addresses the pitfalls of viewing AI as an ultimate source of truth and the essential knowledge required to evaluate AI-generated code. The conversation touches on the challenges faced by junior developers, the ethical implications of AI, and the importance of critical thinking in an era increasingly reliant on technology. Practical discussions around integrating AI tools highlight the need for careful oversight.

How do you build progressive web apps in 2025? Carl and Richard talk to Lemon about his experiences building all sorts of PWAs for customers and entertainment. Lemon discusses going beyond the icon in PWAs and leveraging more powerful features, including service workers. The conversation also digs into some of the crazy talks done over the years, as well as gaming from browsers and more!

Mark Miller, Chief Architect at Developer Express and a Microsoft MVP, joins the conversation on leveraging AI to enhance coding efficiency. He discusses the innovative features in CodeRush, emphasizing a voice-driven assistant that minimizes context-switching. The dialogue explores the evolution of AI tools and their transformative impact on productivity. Mark reflects on overcoming challenges in coding with AI, ensuring consistency, and optimizing workflows, while also touching on historical milestones in AI development.

Seth Juarez, a machine learning expert from Microsoft, dives deep into the world of agentic AI. He explains the Model Context Protocol (MCP) and how it allows AI agents to collaborate more effectively. The discussion highlights the challenges of managing these advanced tools and emphasizes the need for clear governance. Listeners will enjoy insights into the evolution of AI, including the balance needed when working with user instructions in AI outputs, and the importance of narrowing tasks for better performance in real-world applications.

Matt Steele, a Georgia Tech grad focused on AI, shares insights on Hair Match, an app helping women with textured hair find the best products. Gheida Omar, founder of Girls I Save, discusses Signverse, a revolutionary app offering real-time translation for multiple languages and sign language. Daniel Kim, a Stanford student, presents Argus, a wearable device enhancing independence for those with low vision through object detection and facial recognition. Together, they illustrate how technology can empower and transform lives.

Nicole Forsgren, a DevOps and developer productivity expert, joins the discussion to reshape how we think about development. She dives into her upcoming book on eliminating friction in software creation, highlighting the vital role of AI technologies alongside traditional DevOps practices. The conversation explores enhancing productivity through better workflows, the differences between brownfield and greenfield projects, and how AI integration influences developer dynamics. With insights from DORA, Forsgren emphasizes that refining tools and methods is crucial for successful projects.

What happens when AI comes to your web testing tool? While at Build, Carl and Richard talked to Debbie O'Brien about the latest features in Playwright, including Playwright MCP, the model control plane for Playwright capabilities. Debbie talks about using Playwright MCP to buy a table. Ask your LLM what tests should be written for your web page, and then ask it to write them. The potential of these tools is to make more tests in less time that are more resilient as versions of both the website and the testing tools change!