Ep 44: You can't vibe code your way through a production outage

sumologic logo
Sumo Logic, Inc.
May 26, 2026
Sumo Logic

In this episode of Masters of Data, we tackle one of tech's buzziest debates: vibe coding versus production-ready software. We break down where AI-assisted "just make it work" coding genuinely shines (think POCs, prototypes, and getting stakeholder buy-in fast) and where it falls dangerously short when someone tries to ship it to ten thousand enterprise users. We also dig into David's agentic engineering workflow, security risks like malicious MCP servers and supply chain attacks, and why turning a vibe-coded prototype into real software still takes months, not days. Bottom line: vibes are great, but they are not a deployment strategy.
This episode is for: software engineers, product managers, engineering leaders, and enterprise decision-makers who want a grounded, no-fluff take on how to use AI coding tools responsibly without compromising security, scalability, or their own credibility.

0:00 — Intro & Welcome

0:16 — Introducing the topic: Vibe coding vs. production-ready code

0:48 — Is vibe coding a dirty word? First reactions

1:12 — The ROI problem: are companies actually being efficient with AI?

1:32 — Token burn, mandates, and the board-level knowledge gap

3:08 — Where does AI actually add value? The education phase

4:18 — Defining vibe coding and production-ready code

5:44 — David's "agentic engineering" workflow: OpenSpec, Linear, Codex, QA agents

8:16 — Why tickets and product requirements still matter

9:06 — AI-written tickets and keeping codebases documented

9:49 — The long road from local POC to enterprise-grade software

13:08 — "It runs on my machine" — bad AI code already in the wild

14:57 — The vibe-coded product already sold to enterprise ("crazy town")

15:47 — Scalability, security, and multi-tenancy: what vibe code can't handle

16:38 — AppSec, AI pen testing, and the death of DAST?

18:30 — Use AI thoughtfully — it's a tool, not a replacement for judgment

18:53 — The copy-paste analogy: AI is the new Stack Overflow, but you still need to understand the code

20:53 — Supply chain attacks, malicious MCP servers, and library squatting

22:47 — 5% of MCP servers are malicious — and it's getting worse

23:10 — Wrap-up: communicate honestly about what vibe code is and isn't

23:39 — Enterprise software still takes months — set realistic expectations

Copyright © 2026 OpsMatters™. All rights reserved.