The Reasoning Show
The Reasoning Show AI moves fast. Thinking clearly matters more.
The Reasoning Show cuts through the hype to explore how the smartest people in enterprise AI actually make decisions — the strategy, the tradeoffs, and the hard lessons no press release mentions.
Every week, hosts Aaron Delp and Brian Gracely sit down with the founders building the tools, investors funding the shift, and operators running AI in the real world. Not hype. Not panic. Just clear-headed conversations with people who have to make actual decisions.
Because the AI revolution isn't just happening. It's being reasoned through.
New shows every Wednesday and Sunday.
Topics: Enterprise AI strategy · LLMs in production · AI leadership · Agentic AI · Digital Sovereignty · Machine Learning · AI startups · Cloud Computing
The Reasoning Show
The Zero-CVE Mirage: Hardening Software in the Age of AI Attacks
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
SUMMARY: How software development is rapidly evolving in the age of AI and automation. Matt Moore shares how his team is rethinking secure software supply chains, scaling infrastructure, and safely integrating AI agents into development workflows.
GUEST: Matt Moore, CTO at Chainguard
SHOW: 1022
SHOW TRANSCRIPT: The Reasoning Show #1022 Transcript
SHOW VIDEO: https://youtu.be/9Q0kWkTYRs8
SHOW SPONSORS:
- ShareGate - ShareGate Protect. Microsoft 365 Governance, we got this!
- Nasuni - Activate your data for AI and request a demo
SHOW NOTES:
Scaling Challenges & “Factory” Evolution
- Early automation relied on tools like GitHub Actions
- At scale, simple systems broke due to:
- Massive event volumes
- API rate limits (e.g., GitHub quotas)
- Exponential fan-out effects
- Key innovation: custom work queue + reconciliation model
- ~90% event deduplication
- Controlled throughput and backpressure
- Improved reliability and system stability
- Introduced Driftless
- Built on reconciliation principles (inspired by Kubernetes):
- Compare desired vs. actual state
- Continuously reconcile differences
- Benefits:
- Resilience to missed events
- Automatic retries and recovery
- Scales better than purely event-driven systems
AI Agents in Software Development
- AI is dramatically accelerating development workflows
- Chainguard uses agents to:
- Remediate vulnerabilities (CVEs)
- Update dependencies
- Fix failing tests and adapt to upstream changes
Key Design Philosophy
- Least privilege → “least tool call”
- Avoid giving agents full system access
- Provide narrowly scoped tools for specific tasks
- Delegate execution to sandboxed systems (e.g., CI pipelines)
- Focus on safe, controlled automation
Industry Shift: Velocity vs. Security
- Explosion of AI-driven tools (e.g., autonomous PR generation)
- Massive increase in development velocity
- New risks:
- Poorly secured agent frameworks
- Malicious or unsafe automation patterns
Key Takeaways
- Scale changes everything
- Simple systems break under massive workloads
- Purpose-built infrastructure becomes necessary
- Reconciliation > pure event-driven systems at scale
- More resilient, predictable, and controllable
- AI is a force multiplier—but requires guardrails
- Unrestricted agents introduce serious risk
- Constrained, purpose-built agents are safer and more effective
- Continuous learning is mandatory
- AI tooling is evolving too fast for static skillsets
- Teams must actively experiment and adapt
FEEDBACK?
- Email: show @ reasoning dot show
- Bluesky: @reasoningshow.bsky.social
- Twitter/X: @ReasoningShow
- Instagram: @reasoningshow
- TikTok: @reasoningshow
Podcasts we love
Check out these other fine podcasts recommended by us, not an algorithm.
Software Defined Talk
Software Defined Talk LLC
Dithering Preview
Ben Thompson and John Gruber
Everyday AI Podcast – An AI and ChatGPT Podcast
Everyday AI
Prof G Markets
Vox Media Podcast Network
Acquired
Ben Gilbert and David Rosenthal
Decoder with Nilay Patel
The Verge
theCUBE
SiliconANGLE, Media