Making the OWASP top ten in the vibe code era

Making the OWASP top ten in the vibe code era

Ryan welcomes back Tanya Janca, now part of the OWASP Top 10 team, to discuss what changed in the latest OWASP Top 10 release, how the list shifted from “outdated components” to a broader software supply chain focus, and why they added memory safety and vibe-coding as awareness items.  Episode notes: The OWASP Top 10 for 2025 [https://owasp.org/Top10/2025/] is the latest standard awareness document for developers and web application security that represents a broad consensus about the most critical security risks to web applications. Learn more about Tanya’s work at her website [https://shehackspurple.ca/] and her new podcast DevSec Station [https://www.devsecstation.com/]. You can learn how to prompt your AI for secure code with her prompt library [https://newsletter.shehackspurple.ca/c/securemyvibe]. Read Tanya’s articles [https://stackoverflow.blog/author/tanya-janca/] on our blog.  Congrats to Populist badge winner Rob Kielty [https://stackoverflow.com/users/411902/rob-kielty] for winning the badge on their answer to How can I tell IntelliJ's "Find in Files" to ignore generated files? [https://stackoverflow.com/questions/16671706/how-can-i-tell-intellijs-find-in-files-to-ignore-generated-files]. See Privacy Policy at https://art19.com/privacy [https://art19.com/privacy] and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info [https://art19.com/privacy#do-not-sell-my-info].

What it takes to be a player in the international AI game

From the floor of HumanX, Ryan welcomes Songyee Yoon, managing partner at Principal Venture Partners (PVP), to chat about AI development outside the US, from the need to adapt models to local languages and culture to the challenges of the global supply-chain for things like semiconductors to how venture capital is looking at international AI companies.  Episode notes:  PVP [https://www.principalvc.com/] supports early stage, AI-native companies shaping the future of how we live and work. Learn more about their work at their Substack [https://principalvc.substack.com/].  Connect with Songyee on LinkedIn [https://www.linkedin.com/in/songyee-yoon-principal-venture-partners/]. See Privacy Policy at https://art19.com/privacy [https://art19.com/privacy] and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info [https://art19.com/privacy#do-not-sell-my-info].

The find out stage of AI is just supply chain and password protection

In this two-for-one special recorded at HumanX, Ryan is joined by Dataiku’s Florian Douetteau to chat about the governance, orchestration, and data requirements for serious agentic systems and 1Password’s Nancy Wang for a conversation on making agent swarms secure. Ryan first catches up with Dataiku co-founder and CEO Florian Douettea to chat serious agentic systems and why they require intentional frameworks, orchestration, governance, and reusable, documented data products. Then, 1Password’s CTO Nancy Wang returns to the show to discuss why current identity standards don’t fit the new world of agents, especially when ephemeral agent swarms make attribution to a single user difficult.  Episode notes: Dataiku [https://www.dataiku.com/] orchestrates data stacks and lets you create analytics, models, and agents.  Florian previously appeared [https://stackoverflow.blog/2025/04/22/visually-orchestrating-data-diagnostics-but-platform-agnostic/] on this program in an episode recorded at the last HumanX conference.  1Password [https://1password.com] keeps your credentials secure through end-to-end encryption, zero-knowledge architecture, and more. You can learn more about building secure agent swarms at their blog [https://1password.com/blog/how-to-build-secure-agent-swarms-that-power-autonomous-systems].  Nancy Wang previously appeared [https://stackoverflow.blog/2026/03/27/prevent-agentic-identity-theft/] on the pod in March 2026.  Connect with Florian on LinkedIn [https://www.linkedin.com/in/fdouetteau/]. Connect with Nancy on LinkedIn [https://www.linkedin.com/in/wangnancy/].  See Privacy Policy at https://art19.com/privacy [https://art19.com/privacy] and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info [https://art19.com/privacy#do-not-sell-my-info].

Do you have what it takes to run AI in production?

From the floor of HumanX, Ryan Donovan is joined by Peter Salanki, CTO and co-founder of CoreWeave, to chat about what it really takes to run AI in production; the growing importance of observability, utilization, and scheduling; and Peter’s advice for avoiding the trap of over-architecting too early.  Episode note: CoreWeave [https://www.coreweave.com/] is the AI-native platform cloud that’s purpose-built for AI, combining next-generation infrastructure and intelligent tools to power the world’s most complex AI workloads. Connect with Peter on X [https://x.com/sorcer].  See Privacy Policy at https://art19.com/privacy [https://art19.com/privacy] and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info [https://art19.com/privacy#do-not-sell-my-info].

Breaking your AI storage bottlenecks

Recorded at HumanX, Ryan sits down with Garima Kapoor and Anand Babu Periasamy, co-founders and co-CEOs of MinIO, to chat about eliminating the storage bottlenecks that leave GPUs underutilized, their partnership with NVIDIA on the new STX reference architecture, and why modern AI infrastructure is converging on S3-compatible object storage.  Episode notes:  MinIO [https://www.min.io/] delivers exascale performance, unifying enterprise data across edge, core, and cloud environments. Reach out to them at  hello@min.io [hello@min.io]. Connect with Garima on LinkedIn [https://www.linkedin.com/in/garimakap/]. Connect with AB on LinkedIn [https://www.linkedin.com/in/abperiasamy/]. See Privacy Policy at https://art19.com/privacy [https://art19.com/privacy] and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info [https://art19.com/privacy#do-not-sell-my-info].