AI on Nightmare Difficulty: Secure Code Generation in the US Government
In this episode, Deejay talks with Mike Gehard, Director of R&D at Rise8, a custom software development firm on a mission to create 'a future where fewer bad things happen because of bad software.' Mike explains how they navigate the highly regulated 'nightmare difficulty' environment, from adhering to strict NIST standards to handling classified data. Discover their practical approach to security, including running Claude code in isolated containers, leveraging different secure endpoints like AWS GovCloud, and their ambitious goal to enable a single person to take a project from idea to production.
Episode Transcript
Daniel Jones (00:03) In this episode, I'm chatting with Mike Gehard, Director of R&D at Rise 8, a custom software development firm on a mission to create a future where fewer bad things happen because of bad software. Mike explains how they navigate the highly regulated US federal government environ...
Episode Highlights
- •Mike Gehard from Rise 8 discusses developing AI solutions for the highly regulated environment of the US federal government.
- •Rise 8 focuses on two tracks: integrating AI into their software development lifecycle and building AI features into government software.
- •Operating in this space requires strict adherence to NIST standards, a major difference from typical startup culture.
- •To maintain security with sensitive data, they run tools like Claude code in an isolated, rootless Podman container.
- •They handle multiple data classifications, using secure endpoints like AWS GovCloud when dealing with sensitive or classified code.
- •The team is empowering designers to use Claude code for UI implementation, shortening the traditional development feedback loop.
- •Mike argues that in an AI-driven world, outside-in, acceptance-test-driven development is more valuable than traditional inside-out TDD.
- •They use custom slash commands and an MCP server to standardize prompts and workflows, effectively amplifying expert knowledge across the company.
- •The ultimate vision is to enable a single person to manage an entire project from idea to production by leveraging AI agents.
