The Zero-CVE Mirage: Hardening Software in the Age of AI Attacks

SUMMARY: How software development is rapidly evolving in the age of AI and automation. Matt Moore shares how his team is rethinking secure software supply chains, scaling infrastructure, and safely integrating AI agents into development workflows. GUEST: Matt Moore , CTO at Chainguard SHOW: 1022 SHOW TRANSCRIPT: The Reasoning Show Transcript SHOW VIDEO: SHOW SPONSORS: ShareGate - ShareGate Protect. Microsoft 365 Governance, we got this! Nasuni - Activate your data for AI and request a demo SHOW NOTES: Chainguard Factory 2.0 DriftlessAF Scaling Challenges & “Factory” Evolution Early automation relied on tools like GitHub Actions At scale, simple systems broke due to: Massive event volumes API rate limits (e.g., GitHub quotas) Exponential fan-out effects Key innovation: custom work queue + reconciliation model ~90% event deduplication Controlled throughput and backpressure Improved reliability and system stability Introduced Driftless Built on reconciliation principles (inspired by Kubernetes): Compare desired vs. actual state Continuously reconcile differences Benefits: Resilience to missed events Automatic retries and recovery Scales better than purely event-driven systems AI Agents in Software Development AI is dramatically accelerating development workflows Chainguard uses agents to: Remediate vulnerabilities (CVEs) Update dependencies Fix failing tests and adapt to upstream changes Key Design Philosophy Least privilege → “least tool call” Avoid giving agents full system access Provide narrowly scoped tools for specific tasks Delegate execution to sandboxed systems (e.g., CI pipelines) Focus on safe, controlled automation Industry Shift: Velocity vs. Security Explosion of AI-driven tools (e.g., autonomous PR generation) Massive increase in development velocity New risks: Poorly secured agent frameworks Malicious or unsafe automation patterns Key Takeaways Scale changes everything Simple systems break under massive workloads Purpose-built infrastructure becomes necessary Reconciliation > pure event-driven systems at scale More resilient, predictable, and controllable AI is a force multiplier—but requires guardrails Unrestricted agents introduce serious risk Constrained, purpose-built agents are safer and more effective Continuous learning is mandatory AI tooling is evolving too fast for static skillsets Teams must actively experiment and adapt FEEDBACK? Email: show @ reasoning dot show Bluesky: @reasoningshow.bsky.social Twitter/X: @ReasoningShow Instagram: @ reasoningshow TikTok: @reasoningshow

You can listen to The Zero-CVE Mirage: Hardening Software in the Age of AI Attacks online on Radio and Podcast. Open the player on this page to stream the available audio.

The Zero-CVE Mirage: Hardening Software in the Age of AI Attacks is an episode from The Cloudcast (.net) - Weekly Cloud Computing Podcast by Massive Studios.

This episode is 35:13 long.

This episode was published on Apr 26, 2026.

Yes. Use the heart button on the episode page to add it to your favorite episodes list.

Yes. This page shows related episodes from The Cloudcast (.net) - Weekly Cloud Computing Podcast when more episodes are available from the podcast feed.