🎙️ Señors @ Scale
Deep conversations with senior developers about scaling applications, teams, and careers
🎧 Latest Episodes
Security at Scale with Liran Tal - Director of Developer Advocacy at Snyk
In this episode of Señors @ Scale, Dan sits down with Liran Tal, Director of Developer Advocacy at Snyk, GitHub Star, and one of the most influential voices in modern application security. Liran has spent decades at the intersection of open-source ecosystems, Node.js, supply chain security, and now AI agent security, helping developers ship fast without exposing themselves to silent, catastrophic risks.He breaks down the real stories behind today’s security landscape — from NPM malware and maintainer compromises to MCP attacks, toxic flows, and the hidden vulnerabilities emerging from AI-driven development.We dig into what “security at scale” actually means: how attackers compromise maintainers and publish worm-style malware, how invisible Unicode payloads bypass human review, why AI-generated code is statistically insecure, and how developers can build guardrails directly into their workflows with tools like Snyk, NPQ, and MCP scanning.Liran also reveals the problems teams consistently underestimate — developer ergonomics, dependency trust, package governance, CI risk, and why blindly upgrading dependencies is one of the most dangerous patterns in modern engineering.The conversation goes far beyond theory — into secure coding, package hygiene, NPM ecosystem fragility, MCP prompt injection, SQL and command injection patterns, and what real-world breaches teach us about resilience.If you build software, install dependencies, or use AI coding agents, this episode is a masterclass in defensive engineering, supply chain awareness, and the new security realities shaping our industry.Chapters00:00 Security at Scale – Why It Matters Now02:14 How Liran Got Into Security05:12 The Shift Toward Developer-Led Security08:33 How Snyk Changed the Developer Security Workflow11:07 The Story Behind NPQ and Safer Dependency Installation14:02 The Rise of NPM Malware and Maintainer Compromise16:48 Why Blind Upgrade Everything Pipelines Are Dangerous19:15 Is Node the Problem or Is It NPM21:10 The Hidden Risk of MCPs and AI Agent Vulnerabilities24:18 Toxic Flows, Shadowed Tools, and Prompt Injection27:22 AI Browsers, Extensions, and Real Prompt Injection Attacks30:04 Why Prompt Injection Has No True Fix33:01 AI-Generated Code Is Statistically Insecure35:12 How Snyk Plus MCP Creates a Secure Coding Loop37:40 The Most Common MCP Vulnerabilities40:55 How AI Agents Turn Mild Bugs Into Critical RCE43:11 The Glassworm Invisible Unicode Attack Vector44:51 EventStream, XZ Utils, and Supply Chain Horror Stories48:03 Liran’s Personal Security Incidents51:10 UX vs Security and Real World Tension53:04 Liran’s Book Recommendations55:37 Final Thoughts and Protecting Yourself as AI EvolvesSound Bites"Security at scale is a complex challenge.""AI-generated code is not always secure.""Security and UX must work together."Follow & Subscribe:Instagram: https://www.instagram.com/senorsatscale/Instagram: https://www.instagram.com/neciudevPodcast URL: https://neciudan.dev/senors-at-scaleNewsletter: https://neciudan.dev/subscribeLinkedIn: https://www.linkedin.com/in/neciudanLinkedIn: https://www.linkedin.com/company/señors-scale/Additional ResourcesSnyk – developer-first security toolsServerless Security (O’Reilly) – co-authored by LiranLiran’s GitHub: https://github.com/lirantalNPQ package checker: https://github.com/lirantal/npqMCP Scan (Snyk) – securing MCP servers#security #softwaresecurity #supplychainsecurity #npm Don’t forget to like, comment, and subscribe for more engineering stories from the front lines.How are you protecting your stack from supply chain attacks? Share below 👇
Micro Frontends at Scale with Luca Mezzalira (O’Reilly Author and Principal Architect at AWS)
In this episode of Señors @ Scale, Dan sits down with Luca Mezzalira, Principal Serverless Specialist at AWS and author of Building Micro-Frontends, for a deep and highly practical look at scaling frontend architectures for hundreds of developers.Luca shares the real story behind how micro-frontends were born — from his early experiments at DAZN trying to scale a live sports platform across 40 devices and 500+ engineers, to pioneering techniques that cut app startup times from 40 seconds to 12.We break down how distributed frontends actually work:How to design stable application shells with zero global state,How to compose independently deployed views without iframes, and how guardrails like bundle-size budgets and canary deployments keep massive systems fast and safe.Luca also explains the hidden challenges most teams miss — governance, team topology, and socio-technical design.He shows how to evolve from a monolith to micro-frontends step by step, using edge routing, feature flags, and domain-driven design to scale safely without rewrites.The conversation goes beyond theory — into the mechanics of migration, platform teams, CI/CD pipelines, and why friction in your system is actually a signal, not a failure.If you’re leading a frontend platform, planning a migration, or just trying to make sense of where micro-frontends actually fit, this episode is a masterclass in autonomy, architecture, and evolution at scale.Chapters00:00 The Origin of Micro-Frontends at DAZN05:41 Building a Distributed Frontend Without iFrames08:50 Designing the Application Shell and Stateless Architecture12:23 Zero Global State and Memory Management15:53 Guardrails for Bundle Size and Developer Discipline17:39 Governance and Designing for Scale20:18 When (and When Not) to Adopt Micro-Frontends22:46 Canary Releases and Edge Routing for Safe Migration25:49 Vertical vs Horizontal Splits in Micro-Frontends31:30 Lessons from Building the First Edition of the Book35:38 Frameworks, Federation, and Modern Tools39:22 Core Principles of Successful Frontend Architecture42:06 Building Platform Teams and Core Governance44:19 When Micro-Frontends Don’t Make Sense47:50 Micro-Frontends for Small Teams and Startups49:32 Monorepo vs Polyrepo – What Actually Matters53:10 Preventing Duplication and Encouraging Communication57:39 Why a Design System Is Non-Negotiable59:17 Common Anti-Patterns in Micro-Frontend Architecture1:03:33 Book Recommendations and Final ThoughtsFollow & Subscribe:📸 Instagram: https://www.instagram.com/senorsatscale/📸 Instagram: https://www.instagram.com/neciudev🎙 Podcast: https://neciudan.dev/senors-at-scale📬 Newsletter: https://neciudan.dev/subscribe💼 LinkedIn: https://www.linkedin.com/in/neciudan💼 LinkedIn: https://www.linkedin.com/company/se%C3%B1ors-scale/Additional Resources📘 Building Micro-Frontends – Luca Mezzalira (O’Reilly) buildingmicrofrontends.com🌐 buildingmfe.com💬 Luca’s Blog: https://lucamezzalira.com#microfrontends #aws #frontendarchitecture #javascript #webdevelopment #softwareengineering #softwarearchitecture #react #scaling #teamtopologies #serverless #señorsatscaleDon’t forget to like, comment, and subscribe for more engineering stories from the front lines.How is your team approaching frontend scaling and independence? Share below 👇
Design System at Scale with Stefano Magni, Tech Lead at Preply
🎙 About the Podcast:Join host Neciu Dan as he sits down with Stefano Magni, a senior front-end engineer and tech lead at Preply, to explore the intricacies of building a robust design system and the journey of working in public. Stefano shares his insights on the importance of skills, reputation, and networking in shaping a successful career. Discover how his experiences from building Flash mini-games to architecting React-based systems have influenced his approach to engineering excellence.In this episode, they discuss:The pivotal moment that led Stefano to work in publicHow Preply's design system impacts user experienceThe balance between perfectionism and pragmatism in engineeringThe role of data-driven decisions in Preply's cultureBest practices for managing large codebases without testsStefano also shares his journey from a Flash developer to a leader in the design system space, emphasizing the value of sharing knowledge and building a strong professional network.Chapters:00:00 Introduction to Stefano Magni and Preply05:12 The Importance of Public Work12:45 Building a Design System at Preply18:30 Balancing Perfectionism and Pragmatism25:00 Data-Driven Culture at Preply32:15 Managing Large Codebases Without Tests40:00 The Journey from Flash to React47:30 Networking and Reputation in Tech55:00 Closing Thoughts and Future Plans📚Links & Resources:📸 Instagram: https://www.instagram.com/senorsatscale/📸 Instagram: https://www.instagram.com/neciudev🎙 Podcast URL: https://neciudan.dev/senors-at-scale📬 Newsletter: https://neciudan.dev/subscribe💼 LinkedIn: https://www.linkedin.com/in/neciudan💼 LinkedIn: https://www.linkedin.com/company/se%C3%B1ors-scale/#designsystem #frontend #engineeringexcellence #preply #networking #publicwork #softwaredevelopment #señorsatscaleDon’t forget to like, comment, and subscribe for more engineering stories from the front lines. How is your team approaching design systems and public work? Share below 👇
Reliability at Scale – With Bruno Paulino (N26)
🎙 About the Podcast:Señors @ Scale is a no-fluff engineering podcast hosted by Neciu Dan — diving into the real-world chaos of scaling systems, teams, and yourself. From production bugs to platform bets, we sit down with senior engineers to discuss the scars, strategies, and lessons that truly matter.In this episode, host Neciu Dan sits down with Bruno Paulino, Tech Lead at N26, to unpack how reliability, experimentation, and platform culture shape one of Europe’s most trusted digital banks.Bruno’s path is anything but ordinary — from serving as a police officer in Brazil to leading FinTech engineering teams at scale. He shares how N26 builds server-driven UIs, runs AI-powered customer support, and balances speed vs reliability when every deploy touches millions of users.They break down:How server-driven UI lets N26 ship features in minutesWhy CI/CD pipelines are the backbone of reliabilityWhat it means to trade speed for resilience in FinTechHow Statsig changed experimentation culture company-wideLessons from production outages and post-mortemsWhy strong developer experience drives safer systemsIt’s a deep dive into the real architecture, trade-offs, and human decisions behind reliable banking systems at scale.🎧 Whether you’re scaling a FinTech product, managing CI/CD pipelines, or just trying to keep production sane, this one’s for you.Follow & Subscribe:📸 Instagram: https://www.instagram.com/senorsatscale/📸 Instagram: https://www.instagram.com/neciudev🎙 Podcast URL: https://neciudan.dev/senors-at-scale📬 Newsletter: https://neciudan.dev/subscribe💼 LinkedIn: https://www.linkedin.com/in/neciudan💼 LinkedIn: https://www.linkedin.com/company/se%C3%B1ors-scale/
Hosted by Neciu Dan
Tech Lead, Co-Founder, Speaker
What is Señors @ Scale?
Señors @ Scale features in-depth conversations with senior developers, tech leads, and software architects who share real-world experiences of scaling applications, teams, and their careers. Each episode unpacks the hard-earned lessons from industry veterans who have been in the trenches.
From scaling applications to millions of users, to growing teams from 5 to 500+ engineers, to navigating complex distributed systems - this podcast delivers practical wisdom you can apply immediately in your work.
📻 Never Miss an Episode
Get notified when new episodes drop. Join our community of senior developers learning from real scaling stories.
What You'll Learn
📈 Scaling Applications
-
Microservices vs monolith trade-offs - Database scaling strategies
- Performance optimization techniques
👥 Scaling Teams
- Technical leadership strategies
- Building effective engineering culture
- Mentoring and career development
🎧 Listen on Your Favorite Platform
🎵 Latest Episode
Episode Description:
In this episode of Señors @ Scale, Dan sits down with Liran Tal, Director of Developer Advocacy at Snyk, GitHub Star, and one of the most influential voices in modern application security. Liran has spent decades at the intersection of open-source ecosystems, Node.js, supply chain security, and now AI agent security, helping developers ship fast without exposing themselves to silent, catastrophic risks.He breaks down the real stories behind today’s security landscape — from NPM malware and maintainer compromises to MCP attacks, toxic flows, and the hidden vulnerabilities emerging from AI-driven development.We dig into what “security at scale” actually means: how attackers compromise maintainers and publish worm-style malware, how invisible Unicode payloads bypass human review, why AI-generated code is statistically insecure, and how developers can build guardrails directly into their workflows with tools like Snyk, NPQ, and MCP scanning.Liran also reveals the problems teams consistently underestimate — developer ergonomics, dependency trust, package governance, CI risk, and why blindly upgrading dependencies is one of the most dangerous patterns in modern engineering.The conversation goes far beyond theory — into secure coding, package hygiene, NPM ecosystem fragility, MCP prompt injection, SQL and command injection patterns, and what real-world breaches teach us about resilience.If you build software, install dependencies, or use AI coding agents, this episode is a masterclass in defensive engineering, supply chain awareness, and the new security realities shaping our industry.Chapters00:00 Security at Scale – Why It Matters Now02:14 How Liran Got Into Security05:12 The Shift Toward Developer-Led Security08:33 How Snyk Changed the Developer Security Workflow11:07 The Story Behind NPQ and Safer Dependency Installation14:02 The Rise of NPM Malware and Maintainer Compromise16:48 Why Blind Upgrade Everything Pipelines Are Dangerous19:15 Is Node the Problem or Is It NPM21:10 The Hidden Risk of MCPs and AI Agent Vulnerabilities24:18 Toxic Flows, Shadowed Tools, and Prompt Injection27:22 AI Browsers, Extensions, and Real Prompt Injection Attacks30:04 Why Prompt Injection Has No True Fix33:01 AI-Generated Code Is Statistically Insecure35:12 How Snyk Plus MCP Creates a Secure Coding Loop37:40 The Most Common MCP Vulnerabilities40:55 How AI Agents Turn Mild Bugs Into Critical RCE43:11 The Glassworm Invisible Unicode Attack Vector44:51 EventStream, XZ Utils, and Supply Chain Horror Stories48:03 Liran’s Personal Security Incidents51:10 UX vs Security and Real World Tension53:04 Liran’s Book Recommendations55:37 Final Thoughts and Protecting Yourself as AI EvolvesSound Bites"Security at scale is a complex challenge.""AI-generated code is not always secure.""Security and UX must work together."Follow & Subscribe:Instagram: https://www.instagram.com/senorsatscale/Instagram: https://www.instagram.com/neciudevPodcast URL: https://neciudan.dev/senors-at-scaleNewsletter: https://neciudan.dev/subscribeLinkedIn: https://www.linkedin.com/in/neciudanLinkedIn: https://www.linkedin.com/company/señors-scale/Additional ResourcesSnyk – developer-first security toolsServerless Security (O’Reilly) – co-authored by LiranLiran’s GitHub: https://github.com/lirantalNPQ package checker: https://github.com/lirantal/npqMCP Scan (Snyk) – securing MCP servers#security #softwaresecurity #supplychainsecurity #npm Don’t forget to like, comment, and subscribe for more engineering stories from the front lines.How are you protecting your stack from supply chain attacks? Share below 👇
"Deep conversations with senior developers about scaling applications, teams, and careers — real insights from industry veterans."
💡 Takeaways from Previous Episodes
Señors @ Scale host Neciu Dan sits down with Liran Tal, Director of Developer Advocacy at Snyk and GitHub Star, to unpack NPM malware, maintainer compromise, MCP attacks, toxic flows, and why AI-generated code is statistically insecure without the right guardrails. Liran shares real incidents from the Node and open source ecosystem, how Snyk and tools like NPQ help developers build safer workflows, and why security at scale starts with developers, not firewalls.
Señors @ Scale host Neciu Dan sits down with Luca Mezzalira, Principal Serverless Specialist at AWS and author of *Building Micro-Frontends*, to unpack how he helped scale DAZN’s frontend from 2 developers to 500 engineers across 40 devices. Luca shares the origin of micro-frontends, how to build stable application shells, implement zero global state, use guardrails for bundle budgets, and manage migrations at scale through edge routing and team autonomy.
Señors @ Scale host Neciu Dan sits down with Stefano Magni, Senior Front-End Engineer and Tech Lead at Preply, to unpack what it takes to build and measure a design system for a global learning platform. From managing technical debt and accessibility to driving a culture of public work and data-driven engineering, Stefano shares lessons from 15+ years in frontend development.
Señors @ Scale host Neciu Dan sits down with Bruno Paulino, Tech Lead at N26, to explore what reliability really means in FinTech. From server-driven UIs and CI/CD pipelines to AI-assisted customer support and strict compliance, Bruno shares how N26 balances speed, safety, and developer experience to keep millions of users online.
Señors @ Scale host Neciu Dan talks with Microsoft’s Natalia Venditto and Cloudflare’s Igor Minar about WebFragments — a new micro-frontend model that isolates JavaScript and DOM at the browser boundary, enables instant SSR through fragment piercing, and lets large teams ship independently without dependency lockstep.
In this episode of Señors @ Scale, host Neciu Dan chats with Erik Grijzen — Principal Software Engineer at New Relic — about building one of the first large-scale micro-frontend architectures, the rise of observability, and what technical leadership looks like across dozens of teams.
In this episode of Señors @ Scale, host Neciu Dan chats with Kateryna Porchienova — Senior Engineering Manager at Buffer — about her programming journey, the craft of animation, and why accessibility should be treated as a foundation of good engineering, not an afterthought.
In this episode of Señors @ Scale, host Neciu Dan chats with Adrian Marin — founder of AVO and host of FriendlyRB — about Rails productivity, the magic of Ruby, and how the community continues to evolve through creativity and connection.
In this episode of Señors @ Scale, host Neciu Dan sits down with Andreas Panopoulos — Staff Software Engineer at Hack the Box and co-organizer of Vue.js Athens — to talk about scaling Vue in production, migrating to Nuxt 3, and the human side of engineering.
In this episode of Señors @ Scale, host Neciu Dan sits down with Faris Aziz — Staff Front-End Engineer at Small PDF and co-founder of ZurichJS — to talk about scaling frontend systems, the power of BFF architecture, and the human side of engineering culture.
In this episode of Señors @ Scale, host Neciu Dan sits down with Aris — founder and lead organizer of CityJS — to talk about building developer communities, organizing meetups, and scaling conferences into global events.
In this episode of Señors @ Scale, host Neciu Dan sits down with Erik Rasmussen — creator of Redux Form and React Final Form, and now Principal Product Engineer at Attio — to talk about building open source at scale, developer experience, and the hidden lessons behind shipping tools other developers rely on.
In this episode of Señors @ Scale, host Neciu Dan sits down with Eduardo Aparicio Cardenes — Front-End Engineer and ADPList Top 100 Mentor — to unpack 15+ years of engineering lessons, the reality of promotions, and what it truly means to mentor and scale as a leader.
In this episode of Señors @ Scale, host Neciu Dan sits down with Matheus Albuquerque — Staff Frontend Engineer at Medallia, Google Developer Expert, and international speaker — to dive deep into React internals, performance optimization, and the scaling lessons learned from applications used by millions worldwide.
In this episode of Señors @ Scale, host Neciu Dan sits down with Jose Calderon — Lead Software Engineer at JP Morgan Chase, conference speaker, and Java/Spring community leader — to dive deep into refactoring vs rewriting at scale, how to track and justify architecture decisions, and the testing strategies that keep enterprise systems reliable.
In this episode of Señors @ Scale, host Neciu Dan sits down with Tudor Barbu — Principal Engineer at Logify, former Tech Lead at Personio and engineer at Skyscanner and DaVinta — to unpack 20+ years of engineering decisions, debugging scars, and career evolution.
In this episode of Señors @ Scale, host Neciu Dan sits down with Angel Paredes — Engineering Manager at Datadog, formerly Staff at Glovo and Tech Lead at PayPal — to explore test infra, AI's impact on interviewing, and how to lead without losing your technical edge.
In this kickoff episode of Señors @ Scale, host Neciu Dan sits down with Danilo Velasquez — Staff Engineer at Adevinta and longtime frontend performance obsessive.
Discover actionable insights and hard-earned lessons from senior engineers who've been in the trenches.
Why Señors @ Scale?
- Real-world scaling stories from senior engineers and architects
- Deep technical discussions about architecture patterns and trade-offs
- Career insights for developers transitioning to senior roles
- War stories from scaling applications to millions of users
- Leadership and team building strategies for tech leads
- Latest trends in software architecture and system design
- Practical advice you can apply immediately in your work
🎤 Meet Your Host
Neciu Dan
Tech Lead, Co-Founder, Speaker with experience scaling applications to millions of users. Dan has worked with teams ranging from startups to enterprise, and is passionate about sharing the hard-earned lessons from the trenches.
Ready to Scale Your Knowledge?
Join our community of senior developers and never miss the latest scaling insights and real-world war stories.
No spam, just valuable insights. Unsubscribe at any time.