Helping Developers Build Secure Web Apps with Bill Sempf

Razor Tooling is evolving! Carl and Richard talk to David Wengier about the changes coming for Razor Pages in the next version of Visual Studio. David talks about the realization that much of the new work in Razor ties closely to Roslyn, which has resulted in a new co-hosting model that means higher performance and reliability for your web pages! The conversation delves into how capabilities in Visual Studio Code are shared with Visual Studio and vice versa, as well as the role of the Language Service Protocol in making it easier to bring more powerful tools to you.

18 Sep 53min

Ready for the next version of Visual Studio? Carl and Richard talk to Mads Kristensen about the long-awaited version of Visual Studio. Needless to say, artificial intelligence sits front and center. Mads talks about the deep integration of AI across the development lifecycle, including code completion, debugging, even natural language querying. The conversation also digs into the role of Visual Studio as a project management tool, and its integration with cloud, GitHub, and more!

11 Sep 1h 1min

How has DevOps changed in 2025? Carl and Richard talk to Michael Levan about his experiences helping teams automate their development workflows, and dealing with all the details that help the entire team focus on providing customer value. Michael digs into the role of the new AI tools in facilitating better workflows around code, testing, deployment, telemetry, and more. Then the conversation turns to security - and the many challenges that exist to make applications that are secure when deployed, and help with the security challenges that happen while in operation!

3 Sep 58min

How did the design of GitHub evolve? Carl and Richard speak with Diana Mounter about her experiences at GitHub, including her role as head of design. Diana discusses how she was drawn to GitHub as a designer and how her career evolved to lead design for the company. The conversation ranges over different design concepts, the Primer design language, and how to effectively combine design and development to achieve great results.

28 Aug 1h 6min

What's coming in C#14? Carl and Richard chat with Dustin Campbell about the next version of C#, discussing what it takes to continue advancing software development in the Microsoft ecosystem. Dustin discusses how features are selected from version to version, including long-developed features like extension members, which have been in development for years. The conversation also turns to Razor Pages, which Dustin helps contribute to, and the dynamic of what should be language, what should be framework, and what should be tooling. And there's much more to come!

21 Aug 57min

How has application security evolved over the decades? Carl and Richard talk to Michael Howard about his experiences working in security at Microsoft. Michael discusses his current role as a member of the Red Team at Microsoft, which identifies security vulnerabilities within the organization by creating scenarios that black hats might employ, such as stealing tokens or hijacking financial transactions. The conversation examines how security continues to evolve, with improved tools, new attack surfaces, and increasingly serious attacks. It's an arms race, but one the good guys can win!

13 Aug 1h 3min

Can you improve a legacy application? What's the right way to go about it? Carl and Richard talk with Billy Hollis about his work updating legacy applications, starting with the most essential question: should you? Billy begins by defining what it means to be a legacy application and how, invariably, these applications are critical to the organization, so you have to tread lightly. Typically, the focus is on modernizing the client-side of the app, which brings us to the crux of the matter: Are the workflows of the company today well reflected in the older application? Lots of great thoughts from one of the longest-serving guests of .NET Rocks!

7 Aug 1h 1min

How can event sourcing help your applications? Carl and Richard speak with Hannes Lowette about his work in helping developers utilize event sourcing patterns to build scalable applications. Hannes discusses moving away from the old habit of decomposing data from objects into rows, columns, and tables, as there's no reason to save that disk space anymore. Storing objects as event streams means you can always generate relational data if needed, but things run faster and scale better in the streams.

31 Juli 1h 4min