WebAssembly Unleashed

AI is making code generation feel effortless, but it’s also flooding systems with more untrusted, machine-written logic than most teams are prepared to safely run. In this episode of WebAssembly Unleashed, Joel Moses and Oscar Spencer zoom out on what that shift means for WebAssembly, security, and the future of software development, with special guest Ben Titzer, Director of the WebAssembly Research Institute at Carnegie Mellon and one of the principal creators of the WebAssembly standard.
 
They start with a timely catalyst: a Bytecode Alliance Wasmtime security sprint where engineers used new AI models to stress-test the runtime and patch 11 vulnerabilities in just three weeks. From there, the conversation tackles the bigger question: if AI dissolves language boundaries for developers, does language still matter at runtime? Ben argues that it does, and that WebAssembly’s deterministic execution, portability, and lightweight sandboxing become even more valuable when code is generated on demand and needs to run safely across machines.
 
The episode digs into how researchers are using WebAssembly to sandbox AI-generated code, why containers alone can be too heavyweight or too permissive, and how capability-based security is still underused as teams connect agents to tools and APIs. Ben also shares where AI is useful today, from generating tests to surfacing corner cases, and where it still struggles, especially with architecture and abstraction.
 
The discussion closes with a look at active research in the Wasm ecosystem, including instrumentation languages, component interposition, dynamic language performance, kernel interfaces, and deterministic record-and-replay, plus an honest take on how AI is reshaping how students learn and how educators assess real understanding.
 
Read the Wasmtime blog: https://bytecodealliance.org/articles/wasmtime-security-advisories

Creators and Guests

Host
Joel Moses
Distinguished Engineer & VP, Strategic Engineering at F5. Joel has over 30 years of industry experience in cybersecurity and networking fields. Prior to joining F5, he designed large scale security and infrastructure architectures for consulting clients and served as the lead US Security and Infrastructure Architect for one of the largest accounting/consulting firms in the world. At F5, he is a founding member of the Office of the CTO, and is principally responsible for advanced research, intellectual property, proof-of-concepts, and strategic studies related to security, hardware, and cloud technologies. He holds several US patents related to encryption techniques.
Host
Oscar Spencer
Principal Engineer with F5, Co-author of the Grain programming language, and TSC Director for the Bytecode Alliance, Oscar is passionate about advancing the future of WebAssembly.
Guest
Ben Titzer
Carnegie Mellon Associate Research Professor & Director of WebAssembly Research Center
Producer
Tabitha R.R. Powell

What is WebAssembly Unleashed?

Welcome to WebAssembly Unleashed, your monthly dive into the dynamic world of WebAssembly (Wasm). Join F5’s Joel Moses, Oscar Spencer, and Wasm enthusiast Matthew Yacobucci as they unpack the potential, challenges, and innovations within the Wasm ecosystem.

Designed for architects, practitioners, technologists, and Wasm enthusiasts, episodes offer:

Insightful discussions on Wasm advancements.
Practical tips for seamless integration into projects.
Interviews with influential figures shaping the Wasm landscape.
Strategies for maximizing the potential of WebAssembly.

Subscribe now and stay abreast of the latest in Wasm development. Whether you’re a seasoned pro or new to the field, WebAssembly Unleashed is your ticket to unlocking the full power of this revolutionary technology. Tune in for a deep dive into the limitless possibilities of WebAssembly.