RunAs Radio

In this engaging discussion, Chris Ayers, a senior software engineer at Microsoft’s Azure Reliability team, dives into the complexities of Azure resiliency. He highlights the Well-Architected Framework and its role in aligning reliability with business needs. Chris outlines types of outages, the importance of availability zones, and the necessity of balancing costs with service reliability. With practical advice on monitoring, operational excellence, and data protection, he emphasizes the value of automated tools while stressing the importance of human oversight in decision-making.

Aria Hanson, a Program Manager at Microsoft focused on cloud-based update management, dives into the future of Windows updates. She explains how Windows Autopatch consolidates updates for easier management, especially as WSUS is phased out. Aria discusses the benefits of cloud deployment, optimal patch deployment strategies, and the importance of tracking updates through Intune. With insights on handling drivers and firmware, as well as the Windows Roadmap for feature planning, she emphasizes why organizations should embrace cloud updating now.

In this enlightening discussion, Grant Fritchey, a Data platform MVP and seasoned DBA expert, shares insights on leveraging AI tools in database management. He highlights how AI can streamline tasks like query optimization and data generation while emphasizing the importance of human oversight. Grant compares various LLMs, pointing out their unique strengths and the risks of AI hallucinations. He argues that rather than replacing DBAs, AI will reshape their roles toward more strategic tasks, enhancing productivity and forecasting capabilities.

Paula Januszkiewicz, CEO of Secure/ Secure Academy, shares her journey in cybersecurity, driven by insatiable curiosity. She discusses the delicate balance between education and hands-on experience, highlighting the intense demands of incident response. Paula reveals the challenges of legacy protocols in aviation security and how AI is transforming both attack and defense strategies. With a focus on proactive measures, she illustrates the importance of building community through knowledge sharing and the evolving career paths in the cybersecurity landscape.

Steve Syfuhs, who leads the Windows authentication platform team at Microsoft, discusses the impending retirement of NTLM, a legacy authentication protocol. He outlines the complexities involved and explains how auditing improvements can help identify NTLM usage. Steve reveals why transitioning to Kerberos is not always straightforward and introduces Microsoft Negotiate as a valuable intermediary. He emphasizes that while retiring NTLM requires time and meticulous planning, there are steps organizations can take today to prepare for a secure future.

In this engaging conversation, Amy Norris, a graphic designer turned software developer at Dimensional Innovations and volunteer with Kansas City Women in Tech, delves into fostering a culture that embraces failure. She emphasizes the importance of clear communication and detailed feedback to create a safe space for asking questions and discussing challenges. Amy also discusses the value of preparing for crises through drills and open incident channels, while encouraging constructive criticism among team members for continuous improvement.

In this engaging discussion, Troy Hunt, an internet security expert and the creator of Have I Been Pwned, reveals the importance of breach awareness and password management. He explains how his service notifies users of compromised accounts, which can mitigate risks for both individuals and organizations. Troy also delves into the motivations behind data sharing from researchers and criminals, the regulatory landscape regarding breach notifications, and the challenges companies face post-breach. With insight into password security and the value of adopting password managers, this conversation is a treasure trove of information for anyone concerned about online safety.

You're down - is it your servers, or someone else's? While at the Kansas City Developers Conference, Richard sits down with Mandi Walls from Pager Duty about her experiences dealing with incidents involving vendor services. It might be your cloud provider, or some other SaaS element of a pipeline, or even an open-source library dependency in an important internal application that can cause a problem. What are the next steps? Mandi talks about having a software and services bill of materials so that you know what dependencies you have, where to check their status, and how to get help when you need it. Our systems are more complicated than ever - you need a plan to deal with the incidents!LinksAzure StatusSBOM ToolVendor Incidents with Jeff MartinsRecorded August 14, 2025

Todd Gardner, a savvy developer and creator of CertKit, dives into the critical future of SSL certificates, including the impending shift to 200-day lifespans and eventually just 47 days by 2029. He emphasizes the importance of automating certificate renewals to prevent outages. Gardner discusses how CertKit simplifies management with centralized storage and monitoring. He also touches on the impact of free certificate providers like Let's Encrypt and the need for real-time alerts on renewals. Join his pilot program to streamline your certificate management!

Join Stephanie Donahue, the U.S. modern work practice lead at Avanade, as she dives into the world of AI training in the workplace. They discuss the risks of unregulated AI tools like ChatGPT and the importance of established corporate guidelines. Stephanie highlights the need for upskilling employees to navigate the fast-changing AI landscape. With insights into the integration of AI in business processes and the value of collaboration, she emphasizes transformative knowledge sharing and adapting to new technological advancements.