RunAs Radio

Folgen

• Data API Builder and SQL MCP with Jerry Nixon 03.06.2026 36Min.

  How do you intelligently surface access to your database? While at NDC Toronto, Richard spoke with Jerry Nixon about Data API Builder, Microsoft's tool that enables data professionals using Microsoft databases, including SQL Server, Postgres, CosmosDB, and MySQL, to provide an API layer with security, schema extraction, and governance policies. You can expose the API as a REST interface, a GraphQL interface, and an MCP server! This is a powerful tool for providing controlled access to data while still allowing for ad-hoc access. The potential is huge - you need to check it out!
• Team Productivity using Loop with Karinne Bessette 27.05.2026 35Min.

  How can Microsoft Loop make your team more productive? Richard chats with Karinne Bessette about the role that Loop components can play in making meetings where the agenda is live, generating work items in Microsoft Planner, and keeping key information up to date. Karinne talks about how Loop components can be connected to any M365 document, including Outlook, Word, Excel, and OneNote, but only for members of the M365 tenant. Loop is a powerful tool for productivity within the organization!
• UEFI Secure Boot with Richard Hicks 20.05.2026 37Min.

  The original Secure Boot certificate expires in June 2026! Richard talks to Richard Hicks about how Secure Boot works and how the expiration of the master certificate can leave PCs vulnerable to boot-related malware, such as rootkits. Richard discusses recent Microsoft communications on SecureBoot and how to check which certificate your machines have. Workstations using managed updates are likely already up to date, but servers are a different issue. When the certificate expires, you'll no longer receive updates to Secure Boot for known exploits, leaving your machines vulnerable. Update today!
• Production LLMs with Vaishnavi Gudur 13.05.2026 35Min.

  What does a production-grade large language model look like? While at NDC Sydney, Richard talked with Vaishnavi Gudur from Microsoft about her work scaling LLMs for Teams transcriptions, summaries, and more! Vaishnavi discusses the underlying complexities of operating the Teams LLM infrastructure for a large array of customers across different countries and regulatory regimes. Data sovereignty also plays a large role: different countries have specific rules on where data must reside and how it can be accessed. As the scale increases and the tail gets longer, the rules set gets more complex! Lots of great thinking about what LLMs look like in a production environment.
• Securing Active Directory with Spencer Alessi 06.05.2026 36Min.

  How secure is your Active Directory infrastructure? While at Zero Trust World in Orlando, Richard chatted with Spencer Alessi about his work helping companies secure Active Directory, making it more difficult for black hats to exploit it for lateral moves during a breach attempt. Spencer talks about the increasing speed of these exploits, making it much harder to block them after the fact, so it's best to make AD too difficult to target. Jake Hildreth's Locksmith tools are a great place to start - free and open source. There are also Microsoft tools and Spencer's own AD Security Resource Kit to help evaluate your AD infrastructure and lock it down!
• M365 Copilot vs Claude Cowork with Sharon Weaver 29.04.2026 38Min.

  There's competition in the Office productivity space! Richard chats with Sharon Weaver about her experiences with M365 Copilot and Anthropic's Claude Cowork to improve information worker productivity. Sharon talks about the confusion around all the different copilots in the Microsoft space - including the chat tools, research agents, and more. But when it comes to helping with an Excel spreadsheet, M365 Copilot can't do what Claude Cowork can do. Sharon talks about describing the goals of a spreadsheet to Claude Cowork and having the tool generate the spreadsheet, make corrections, and add formatting. Cowork has similar capabilities for presentations, and with the Connector library, new functionality is being added routinely. There's some competition in the AI productivity space - things are getting interesting!
• The Life and Death of Microsoft Deployment Toolkit with Michael Niehaus 22.04.2026 39Min.

  What does the world look like after Microsoft Deployment Toolkit? Richard talks to MDT creator Michael Niehaus about the life and death of MDT. Michael talks about his early days at Microsoft, when he created a better way to manage operating system images so you can build and rebuild Windows PCs for your organization. But MDT had been in maintenance since 2013, without specific support for Windows 11. And now, some security concerns have ended support entirely. So what happens next? Michael offers fixes to keep MDT safe to use, and some alternatives if you want to keep managing your own images!
• Internal Corporate Communications in 2026 with Emily Mancini 15.04.2026 34Min.

  How does your company communicate with its employees today? Richard chats with Emily Mancini about her work with companies that manage internal communications. Emily talks about the power of email, collaborative messaging like Teams, and the Microsoft Viva products Engage and Amplify. The conversation digs into knowing where your people look for info, how they communicate, and what they want to connect with. Being able to measure the response to different communication means helps you to work on better messages and methods - the goal is to enable employees to connect with and utilize the resources of the organization, creating a stronger company culture!
• Securing AI Agents with Niall Merrigan 08.04.2026 37Min.

  AI Agents can be powerful tools for an organization - but are they a security risk? Richard talks to Niall Merrigan about his experiences dealing with the various ways that LLMs can be attacked, starting with prompt injection. While some attacks are humorous, others can be very serious, especially in the context of agents, where the right prompt can cause an agent to use its capabilities to access or affect data outside its expected behavior. This has already led to several well-publicized CVEs, including the ServiceNow Privilege Escalation advisory. New tools have emerged to help restrict prompts and keep agents on task - but as with all things security, this is another set of tools you need to get familiar with!
• My Home Lab 01.04.2026 9Min.

  Are you ready to take a look at Richard's home lab? Richard goes solo to share insights about the new infrastructure, hardware, and automation in his seaside home. He discusses the challenges posed by its remote location, including unreliable power and connectivity. You'll find plenty of details about networking, computing infrastructure, automation, telemetry, and experiments with AI technologies. Get an exclusive behind-the-scenes look!
• Unified Tenant Management with Nik Charlebois-Laprade 25.03.2026 33Min.

  Configuration drift is real - how do you control it in your Azure tenant? Richard talks to Nik Charlebois-Laprade about his ongoing work on desired state configuration DSC for Microsoft 365 tenants. Microsoft365DSC has been an open-source tool for managing configuration for some time, but today it has become a preview product called Unified Tenant Configuration in Microsoft Graph. Nik talks about managing multiple tenants, including a single tenant, using reference configurations that help you detect and correct configuration changes. It's early days for the product, but there's a ton of power here to keep your tenant working the way you expect!
• Sustainable AI with Darshna Shah 18.03.2026 43Min.

  How does artificial intelligence become more sustainable? Richard chats with Darshna Shah about her experiences as Chief AI Officer at Elastic. Darshna discusses the resources required to run large language model experiments, the pressure this has put on the electrical grid, and more. The conversation turns to efficiency - and the idea that there is little incentive in the current land grab around LLMs to be more efficient - that the focus is on growing quickly. But as technologies mature, efficiency becomes a key competitive advantage!
• SQL Server in 2026 with Bob Ward 11.03.2026 40Min.

  SQL Server 2025 is released - what's in it, and what happens next? Richard chats with Bob Ward about the huge array of announcements coming out of Ignite around SQL Server 2025, including AI-related features, new reliability and performance options, engine improvements, and more! The tooling for SQL Server also continues to evolve, including making Copilot available through SSMS and as part of the SQL extension to Visual Studio Code. And there's more to come - have a listen!
• Hiring in 2026 with Suzi Edwards-Alexander 04.03.2026 48Min.

  How can you hire and get hired in 2026? While at NDC London, Richard chatted with Suzi Edwards-Alexander about her experiences recruiting technology folks into companies. Suzi talks about developing interview practices that actually reflect the job, rather than examining esoteric knowledge or certifications - it's possible to have an interviewing experience that is actually enjoyable! The conversation dives into the power imbalance between employers and employees and how to resist being seen as lesser for not being employed. Work should be a mutually beneficial experience - we have to do better!
• SaaS on Multiple Clouds with Steve Buchanan 25.02.2026 39Min.

  What does it take to get your SaaS offering on multiple cloud providers? Richard chats with Steve Buchanan about his new role at JAMF, which focuses on a mobile device management product for Apple devices. Originally built as a SaaS product on AWS, Steve is helping to build out the JAMF stack on Azure to support a broader range of customers. Steve talks about Kubernetes as the common ground among the major cloud players, but you need to dig into the rest of the tooling to minimize differences across implementations. That means cloud-agnostic tools for deployment, identity, instrumentation, and more! The good news is that there are plenty of tools out there to help you, but it does take time to work out your suite of tools to get consistent results, no matter where the backend resides.
• Hacking using AI with Erica Burgess 18.02.2026 47Min.

  How have large language models impacted hacking? Richard talks to Erica Burgess about her experiences using LLMs for red team hacking, collecting bug bounties, and identifying vulnerabilities in systems. Erica discusses the power of LLMs to generate a variety of viewpoints on a potential exploit and help the hacker think "out of the box." Coordinating multiple agents to attempt a variety of exploits, retrieve information, and otherwise deal with the drudgery parts of hacking means a skilled operator can move faster - what once would be days of work can be minutes. Where does AI in hacking go? Lots of scary places - but also pointing the way to new ways to protect systems!
• Securing Active Directory Certificate Services with Ron Arestia 11.02.2026 44Min.

  You're using Active Directory Certificate Services - but is it configured securely? Richard talks to Ron Arestia about his work with organizations implementing their own Public Key Infrastructure (PKI) with ADCS. Ron explains how poorly configured ADCS enables lateral attacks within an organization once an initial breach occurs, allowing black hats to move throughout your network. A well-designed PKI system has tiers of protection, with the top level completely disconnected from the network. Or do you really need your own PKI system? The conversation digs into the various scenarios, including third-party options. Certificates are the top level of security for your organization - you need to get it right!
• Getting Started using Purview with Erica Toelle 04.02.2026 31Min.

  Ready to get started with Purview? Richard chats with Erica Toelle about the first steps you can take to harness the power of Purview in your organization. Erica explains that Purview is an umbrella product that covers several infosec technologies, including information rights management, data loss prevention, structured data governance, and more. When preparing for M365 Copilot, you want to start tagging sensitive information in your organization, and Purview can help by using LLMs to identify potentially sensitive content. You can also monitor how data is used, the types of prompts sent to M365 Copilot, and more. This can help you bootstrap M365 Copilot by using Purview to see which data Copilot uses, and then tune the access rules for that data. "Getting your data estate in order" is not a destination; it's a journey, and Purview can give you a map!
• Business Process Automation in 2026 with Ian Cooper 28.01.2026 37Min.

  Business Process Automation has been around a long time - what are the latest approaches? Richard talks to Ian Cooper about his work building BPA workflows in organizations - starting on paper or a whiteboard to make sense of the process before bringing tools into the equation. Ian talks about building repeatable workflows that are well-documented and source-controlled, typically through GitHub. As workflows get more complex, you'll need orchestration engines that can handle failures and provide telemetry to identify when and where things go wrong. And make sure you let users know how things are going - or they will worry!
• Ideation to Implementation with Amber Vandenburg 21.01.2026 35Min.

  How do you get an idea to implementation in your organization? Richard chats with Amber Vanderburg about the work she's done helping teams understand the process of getting projects started and finished. Amber talks about defining a clear starting line, ending line, and dead line. While many projects are important, prioritization is the challenge. This means often other priorities have to be resolved before something new can be started - you need resources and time to be successful. Working through the process takes time, but the alternative is failure to meet expectations. It takes planning and clear communication to get things done!