Bank holding company headquartered in McLean, Virginia
Time for our Friday Flight! These episodes are a sampling of the week's financial news and the impact on your personal finances. There are a lot of headlines out there, but we distill it down to specific takeaways that will allow you to kick off the weekend informed and help you to continue to make smart money moves. In this episode we cover some relevant and helpful stories like: CapitalOne bonuses, free at home Covid tests, too busy to budget, waiving home inspections in a cooling housing market, secondhand financial smarts due to spillover effects, expensive airport beers, price profiteering, economists don't blame corporate greed for higher inflation, crappy car repair loans, declining used car prices, & ESG BS! And please help us to spread the word by letting friends and family know about How to Money! Hit the share button, subscribe if you're not already a regular listener, and give us a quick review in Apple Podcasts or wherever you get your podcasts. Help us to change the conversation around personal finance and get more people doing smart things with their money. Have an awesome weekend! Best friends out! See omnystudio.com/listener for privacy information.
Hayden, Matt, and William preview Capital One'sThe Match. It will take place on June 1 in Las Vegas. It will feature Tom Brady & Aaron Rodgers vs Patrick Mahomes & Josh Allen. Guests: Hayden Vozar & Matt VozarTwitter: @FirstDownRDPodPodcast: FirstDown RunDown | Episode ft. WilliamEmail Newsletter Sign-up (Weekly on Thursdays):https://substantiate.mailchimpsites.com/weekly-email-subscribeIF YOU ENJOYED THIS EPISODE:LEAVE US A 5 STAR RATINGWRITE A REVIEWSHARE THIS WITH A FRIENDSHARE THIS ON SOCIAL MEDIASubstantiate Social Media:Instagram: @substantiatepodTwitter: @substantiatepodWebsite: https://www.substantiatepod.com/email: email@example.comSeatGeek Use code SUBSTANTIATEPOD $20 off your first SeatGeek order: tickets for concerts, sports, and moreBuilt Bar 10% off with code “SUBSTANTIATE” - Built Bar is high-protien, high-fiber, low-sugar, and low-carbs. Fanatics.com Buy sports gear for all of your favorite teams at Fanatics.com.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
William and Jeff talk with Co-Founder, Jason Trottier and Head Brewer, Lee Lonnes at Kindred Spirit Brewing in Goochland, Virginia. Hear how everything from hip hop music to Capital One (their neighbor) influenced their beer names. Both Jason and Lee are Richmond natives with a passion for not only creating great IPA's but also supporting their community. Check out their brewery and social media to see the impact they are making.@namesontaps@kindredspiritbrewing
We all want our code to be stable and resilient to future challenges. But we need to strike the right balance between testing our systems and the cost of failure. This is much harder to achieve than it sounds. Today we talk with Melanie Frank, Managing Vice-President of Cyber Engineering at Capital One. Her teams innovate boldly to secure the enterprise while obsessing over excellence. Before Capital One, Melanie worked at Honeywell at NASA Goddard Space Flight Center, where she tested software that conducted scheduling, command, and control for space network communication satellites. Drawing from her experience in the aerospace and financial industry, she tells us about the significance of testing and how to do it right for your product. When you finish listening to the episode, connect with Melanie on LinkedIn. Mentioned in this episode: Melanie on LinkedIn at https://www.linkedin.com/in/melanie-frank-06b3675/ Capital One at https://www.capitalone.com NASA Goddard Space Flight Center https://www.nasa.gov/goddard Corgibytes at https://corgibytes.com Empathy in Tech at https://empathyintech.com
My guest in this episode is Eng Taing. Eng is an experienced real estate investor with $100M assets under management. He has 12 years of real estate experience and has focused on cash flow investing to create significant passive income. Eng is an economist by training, from the Wharton School of Business. He also has experience leading data science and analytics at Apple, Capital One and AT&T. He applies that experience when identifying and underwriting investment opportunities and markets. Eng is the classic immigrant story that can only happen in America. He was born in refugee camp in Thailand, where his family escaped the Khmer Rogue from Cambodia. Having grown up in Los Angeles, he pursued economics by day trading and playing Poker to pay for his tuition while attending the University of Pennsylvania. There he trained as an economist and afterwards went into Investment banking. Later he would leave the financial world to join the Peace Corps, volunteering in the Republic of Georgia--a year after the Russian invasion. There he met his wife--Jennie, who was also volunteering abroad. They now have one son, with another on the way. Eng has presented at companies like Apple, Facebook, & Amazon where he teaches employees how to minimize their tax burden and keep and investing more of their earnings so that they can achieve financial freedom. Interview Links: Touzi Capital: https://www.touzicapital.com/ Episode Sponsors: Producers Wealth: Create Your Own Banking System In 30 Days Or Less www.producerswealth.com GoBundance: The Tribe For Healthy, Wealthy, Generous Men Who Choose To Lead EPIC Lives www.gobundance.com Accountable Equity: Resort Hospitality & Efficient Income Cash Flow Investments www.accountableequity.com Strategic Metals Invest: Invest In Rare Earth Elements & Technology Metals www.strategicmetalsinvest.com The Real Asset Investor: Build Wealth With Higher Yield Cash Flow www.therealassetinvestor.com Penumbra Solutions: Buy Your Equity Like Institutions With Life Settlements www.thepenumbraplan.com - password “penumbra” Producers Capital Partners: Multiply Capital Through Alternative Investments www.producerscapitalpartners.com Grab My Book: The 21 Best Cashflow Niches™: www.cashflowninja.com/21niches Programs: The Cashflow Ninja Cashflow Investors Club™: www.cashflowninja.com/club Your Own Banking System™ : www.yourownbankingsystem.com Your Own Family Office™: www.cashflowninja.com/familyoffice The Crypto Investing Method™: www.cashflowninja.com/crypto The Cashflow Creator Formula™: www.cashflowninja.com/creator The Cashflow Core Builder™: www.casflowninja.com/core The Cashflow Multiplier™: www.cashflowninja.com/multiplier The Cashflow Quantum™: www.cashflowninja.com/quantum Connect With Us: Website: http://cashflowninja.com Podcast: http://cashflowinvestingsecrets.com Facebook: https://www.facebook.com/cashflowninja/ Twitter: https://twitter.com/mclaubscher Instagram: https://www.instagram.com/thecashflowninja/ Pinterest: https://www.pinterest.com/mclaubscher/cashflow-ninja/ Linkedin: https://www.linkedin.com/in/mclaubscher/ Youtube: http://www.youtube.com/c/Cashflowninja Bitchute: https://www.bitchute.com/channel/cashflowninja/ Rumble: https://rumble.com/c/c-329875 Odysee: https://odysee.com/@Cashflowninja:9 Gab Tv: https://tv.gab.com/channel/cashflowninja Brighteon: https://www.brighteon.com/channels/cashflowninja Parler: https://parler.com/profile/cashflowninja/ Gettr: https://gettr.com/user/mclaubscher Gab: https://gab.com/cashflowninja Minds: https://www.minds.com/cashflowninja Biggerpockets: https://www.biggerpockets.com/users/mclaubscher Medium: https://medium.com/@mclaubscher Substack: https://mclaubscher.substack.com/
This week, Luke, Karen, Steven, and special guest Rene Ritchie discuss the legacy of the iPod. **Links:** - [Shock iPhone 15 leak claims 2023 could see USB-C coming to iPhone | iMore](https://www.imore.com/shock-iphone-15-leak-claims-2023-could-see-usb-c-coming-iphone) - [After 20 years, the Apple iPod is no more | iMore](https://www.imore.com/after-20-years-apple-ipod-no-more) - [iPhone 14 Pro and iPhone 14 Pro Max screen sizes potentially leaked | iMore](https://www.imore.com/iphone-14-pro-and-pro-max-screen-sizes-are-getting-bigger) - [Famed engineer creates world's first USB-C AirPods | iMore](https://www.imore.com/famed-engineer-creates-worlds-first-usb-c-airpods) **Sponsors:** - [Henson Shaving](https://hensonshaving.com/): A unique design gives a shave so smooth, so effortless, it will make you rethink how shaving should feel. Visit [hensonshaving.com](https://hensonshaving.com/). - [Alto](https://www.altoira.com/imore): All of the trades. None of the taxes. You can buy, sell, and trade 100+ coins/tokens with just $10 by visiting [AltoIRA.com/imore](https://www.altoira.com/imore). - [Capital One](https://www.capitalone.com/): Machine learning at Capital One. Capital One. What's in your wallet? **Hosts:** - [Karen Freeman](https://twitter.com/KarenSFreeman) - [Luke Filipowicz](https://twitter.com/LukeFilipowicz) - [Stephen Warwick](https://twitter.com/StephenWarwick9)
Freddy Lansky from @pointspanda is the CEO and owner of Points Panda, an award travel consultancy and points blog with a US airline news focus. He's flown first class with Korean Air, Cathay Pacific, Lufthansa, British Airways and others. His other hobbies include surfing, hiking, and studying foreign languages. Freddy is from Atlanta, Georgia and has called Mexico City his home base since 2015. In this episode, Freddy and I discuss some of the best routes for flying in and around Latin America, whether you're looking to do a short haul from Atlanta to Mexico city or a long haul in business class all the way to South America. One of the main transfer partners we discuss in this episode is Avianca LifeMiles, which is great for their rewards program, but not necessarily great for their hard product airplanes. You can transfer points from American Express, Capital One, Citi, and Marriott Bonvoy into Avianca's rewards program. Some of the most popular cards with each of these programs is the Amex Gold, Capital One Venture X, and Citi premier. If you'd like to apply to for any of these cards, please be sure you don't apply through Google, but rather use a friend or creator's referral or affiliate link. If you are interested in supporting this show when you apply for your next card, check out www.geobreezetravel.com/cards Download App in the Air at: https://links.appintheair.mobi/geobreezetravel You can find Freddy at: Instagram: https://www.instagram.com/pointspanda You can find Julia at: Website: https://www.geobreezetravel.com Instagram: https://www.instagram.com/geobreezetravel Credit card links: https://www.geobreezetravel.com/cards Masterclasses: https://www.geobreezetravel.com/hangouts Patreon to access recordings of masterclasses: https://www.patreon.com/geobreezetravel Award travel coaching call: https://www.geobreezetravel.com/calendly Sign up for the newsletter and get exclusive access to sign up for free coaching calls: https://www.geobreezetravel.com/free-coaching Geobreeze Travel is part of an affiliate sales network and receives compensation for sending traffic to partner sites, such as milevalue .com. This compensation may impact how and where links appear on this site. This site does not include all financial companies or all available financial offers. Terms apply to American Express benefits and offers. Enrollment may be required for select American Express benefits and offers. Visit americanexpress .com to learn more.
Today, our Host, Chris Hutchins (@hutchins) celebrates the one year anniversary of All The Hacks! This was a live Q&A recorded on May 9th, 2022 with All The Hacks listeners tuning in. Chris answers questions on earning points buying a house and car, how flexibility helps you save big on award flights, whether elite status is worth it and much more. This is a really fun episode with 3 big giveaways you can enter for 10k miles, a $100 Vuori gift card and a lifetime subscription to CardPointers.Full show notes at: https://allthehacks.com/anniversary-live-show Partner LinksRiverside.fm: Sign up here and get 15% off with code CHRISAthletic Greens: Free 1 year supply of Vitamin D and 5 free travel packsBlockFi: Exclusive bonus of up to $250 freeMasterworks: VIP access to skip the waitlist All the Hacks Episodes Mentioned#34 - Hacking Healthcare, Prescriptions and Medical Bills with Marshall Allen#11 - Making Money from Side Hustles with Nick Loper Resources MentionedAll The Hacks Upgrade Program - free upgrades, breakfast and more on paid luxury hotel staysSavanti Travel: - High end travel concierge, owned by Leigh Rowan (ATH #1 and #51)Point.me and BookYourAward.com - Award booking servicesNotion - How I track all the information for podcast (and actually for our family)Countdown to the FOMC - FedWatch Tool for interest rate hikesCreditKarma - Free credit score and helps find cards you can get approved forExtra.App - Debit card that helps you build creditCardPointers - Get 20% at allthehacks.com/cardpointersVuori: 20% off your first purchase at allthehacks.com/vuoriRakuten - Big Give Week with 15% cash back and free $40 for new users Anniversary Giveaway!Enter the giveaway by visiting https://allthehacks.com/giveaway for a chance to win:$100 to Vouri Clothing StoreFree Lifetime Membership to CardPointers10,000 Capital One points, courtesy of Chris! Full show notesQ: Colin asks, How can I maximize points while trying to purchase a house or a car?Q: Chad asks, When planning a trip with points should I aim to book last minute? Or should I plan in advance? Q: Webber asks, how should I figure out where to stay in London for a luxury splurge?Q: Mallorie asks, how should I plan my trip to Japan while also making sure that I optimize my credit card award bonuses? How do I know which new cards to sign up for?Q: Brandy asks, how do you decide when to maximize points and when to just spend the money to save the time?Q: Jared asks, how important is elite status?Q: Andrew asks, if it's worth staying with IHG when Hyatt seems to be the best hotel transfer partner?Q: JC asks, how does Chris keep all his podcast notes organized?Q: Mallory asks, if you are lower income, how can you start earning bonuses?Q: Yevgeniy asks, are there any BlockFi alternatives for high yield?Q: Peter asks, what are your tips for students who don't have established credit?Q: Benji asks, is there a cash back debit card?Q: Mallorie asks, when you have a lot of financial goals, but limited financial resources; where do you start?Q: Webber asks, what are the best cards to use on Amazon?Q: Lessie asks: what about Discover cards?Q: Marlin asks, what cards should I use to optimize my spend while doing my home remodel?All the Hacks Anniversary GiveawayRakuten The Quick HacksUse your favorite card for a down payment on your new car (including Tesla!)Don't forget about “Position flights” or flying from one smaller airport to a major hub.CardPointers is an amazing app for tracking and optimizing your points.Don't forget to try the “reconsideration line” if you ever get declined for a cardIf you have an old card, don't cancel the card, it's helping your credit score! If it has a fee you don't want to pay, ask to get the card downgraded to a no annual fee card.When appropriate: don't pay in cash, pay in gift cards! Editors NoteWish Amy and Chris the best of luck; baby two coming very soon! SponsorsRiverside.fmRiverside.fm is the best platform out there to record studio quality podcasts or videos from anywhere in the world. I use it for all my remote interviews and it consistently delivers high quality audio and video, because it records everything locally, which means you get uncompressed audio and video that works even with unstable wifi. Once your recording is done, you can use Riverside's editor to make ready to publish videos with a few clicks or easily download separate audio and video tracks and edit until your heart's content. To get 15% off your plan, use code CHRIS at allthehacks.com/riverside Athletic GreensAthletic Greens is a foundational nutrition drink designed to remove the friction from covering the daily nutritional needs of a modern diet. It combines more than 9 essential nutrition products into one convenient and great-tasting drink, giving you an easy and efficient way to get you daily multivitamin, multimineral, probiotic, prebiotic, functional greens blend, immune support complex and more. It contains no GMOs, no harmful ingredients and no artificial colors or sweeteners.Right now, Athletic Greens is going to give you a free 1 year supply of immune-supporting Vitamin D and 5 free travel packs with your first purchase. So to take ownership over your health and pick up the ultimate daily nutritional insurance visit allthehacks.com/athleticgreens MasterworksThis episode is brought to you by Masterworks. Masterworks is an alternative investing platform that gives you access to one of the most exclusive and overlooked investments in history: blue-chip art. Masterworks lets regular people invest in paintings by legends like Banksy, Basquiat and Warhol without spending millions. I've now used masterworks to invest in 10 different paintings, including a $15 million dollar Picasso.Here's how it works: Masterworks will buy a painting they think will appreciate well over time, then they securitize that painting with the SEC, so you can invest in it instead of buying the whole thing. Once they sell the painting, later on, you get your share of the proceeds. It's that simple. They've offered over 100 paintings so far and the three that have sold realized a net annualized gain over 30% per work. They have over 280,000 users and demand is as high as ever. All the Hacks has partnered with them to give you all priority access by going to allthehacks.com/masterworks(see important disclosures at masterworks.io/cd) BlockFiThis episode is brought to you by BlockFi. If you're interested in Crypto, BlockFi is one of the best ways to get started, letting you easily buy, sell and store your crypto assets. After signing up and linking your bank account, you can instantly trade a variety of cryptocurrencies and store them all in a secure wallet that lets you control and transfer your holdings however you want. You can also set up recurring transfers so you can dollar cost average your crypto investments over time.Or if you want another way to put your crypto investing on autopilot, there's the BlockFi Crypto Rewards Credit Card. While 1.5% cash back isn't the best in the market, that cash back is automatically invested into Bitcoin, Ethereum or whatever cryptocurrency you want. If you want to check out BlockFi, you can get an exclusive bonus of up to $250 free when you sign at allthehacks.com/blockfi Connect with All the HacksAll the Hacks: Newsletter | Website | Facebook | EmailChris Hutchins: Twitter | Instagram | Website | LinkedIn
Karim Atiyeh is the co-founder and CTO of Ramp, a finance automation platform that helps businesses spend less time and money. Founded in 2019, Ramp powers the fastest-growing corporate card in America and enables billions of dollars of purchases each year on the heels of nearly 10x year-over-year growth. Valued at $8.1 billion two years after launch, Ramp has raised $670 million in equity from backers including Founders Fund, General Catalyst, Redpoint Ventures, Thrive Capital, D1 Capital Partners, Spark Capital, Coatue Management, Iconiq, Goldman Sachs, and Stripe. A Lebanese entrepreneur, Karim previously built and sold Y Combinator-backed Paribus to Capital One in 2016. --- Support this podcast: https://anchor.fm/uncharted1/support
Libby Brockhoff is CoFounder /Creative Director at Odysseus Arms, an award-winning independent ad agency that provides creativity and brand innovation for the modern CMO. Libby was named by Campaign magazine as one of the most influential advertising women in the past. Clients include The Body Shop, Facebook, YouTube, Microsoft, Capital One and Amazon to name a few. She also co-founded Mother in 1996, one of the world's most respected, independent creative companies in the world. This is episode 4 of "The Independent Voice' series where we spotlight independent marketing agency leaders who are leading their clients with duty and purpose while creating effective marketing for the biggest global brands around. We talk about:
This week Luke, Karen, and special guest Christine Romero-Chan look ahead and talk about their hopes for iOS 16. Links: This weird Apple Music bug could get Apple in more antitrust hot water | iMore Apple slashes trade-in values by up to 42% for Macs, iPads, Apple Watch | iMore Stunning new 'After Steve' book promises unseen look inside Apple | iMore A historic Apple store is set for demolition later this year | iMore The Mac continues to grow in a declining PC market | iMore Apple shows how the people behind Star Wars create iconic sounds using Macs | iMore UK government summons Elon Musk to explain his Twitter buyout plans, discuss free speech, and more | iMore What Apple needs to include in iOS 16 | iMore Sponsors: Henson Shaving: A unique design gives a shave so smooth, so effortless, it will make you rethink how shaving should feel. Visit hensonshaving.com. Alto: All of the trades. None of the taxes. You can buy, sell, and trade 100+ coins/tokens with just $10 by visiting AltoIRA.com/imore. Capital One: Machine learning at Capital One. Capital One. What's in your wallet? Hosts: Karen Freeman Luke Filipowicz Stephen Warwick
There are lots of great sweet spots that are exciting in theory are nearly impossible to actually book. This week, Greg and Nick discuss *practical* sweet spots -- the ones they have booked & you can, too. 1:25 This week's disclaimer 4:16 Mattress running the numbers: Is it worth mattress running to get 2x, 3x, or 4x IHG points. 10:12 Main Event: Practical sweet spot awards First up: Delta One to Europe for 50K 14:12 Star Alliance business class to Europe 17:32 Ability to book short flights cheaply 22:58 Using Iberia Avios for business class between Spain and the Eastern US 26:48 Qatar Qsuites via American Airlines miles or Avios 30:18 ANA Business Class to Japan / Asia 34:57 Hyatt awards 37:57 Vacasa vacation rentals via Wyndham Rewards 43:09 Choice privileges points for Nordic Choice properties 44:37 Capital One points for great Major League Baseball tickets 47:56 Question of the Week: I transferred points for what turned out to be phantom availability. Am I stuck? What could I have done differently? Join our email list: frequentmiler.com/subscribe Music credit: Annie Yoder
When considering a career in consulting, McKinsey, Bain, and BCG aren't the only options. Major companies like Disney, Google, Capital One, and Dell have internal consulting groups that have advantages over traditional external consulting roles. In this episode, we compare and contrast the two types of consulting, including the pros and cons of each.Additional LinksJoin Black Belt, MC's case prep program: BLACK BELTList of internal consulting groups: LISTPrepare your resume for any consulting role: RESUME EDITSSponsor an episode or advertise: Management Consulted Media Kit
Diversity in both skillset and experience are at the core of high-impact data teams, but how can you take your data team's impact to the next level with subject matter expertise, attention to user experience, and mentorship? Today's guest, Dan Kellet, Chief Data Officer at Capital One UK, joins us to discuss how he scaled Capital One's data team. Throughout the episode, we discuss: The hallmarks of a high-impact data team The importance of skills and background diversity when building great data teams The importance of UX skills when developing data products The specific challenges of leading data teams in financial services
Host Ricky Sacks is joined by returning guests Jamie Brown from Daily Hotspur, Rob Howard from Capital One and debutant Hannah Barlow to preview Spurs' next Premier League game against Leicester City on Sunday. Grab your EXCLUSIVE NordVPN Deal by going to nordvpn.com/lwos or use code lwos to get a Huge Discount off your NordVPN Plan + Threat Protection + 1 additional month for free . It's completely risk free with Nord's 30 day money-back guarantee! An independent Tottenham Hotspur Fan Channel providing instant post-match analysis and previews to every single Spurs match along with a range of former players, managers & special guests. Please can we ask you to take this opportunity to *SUBSCRIBE* to the Last Word On Spurs and THANKS FOR WATCHING. Whilst watching our content we would greatly appreciate if you can LIKE the video and SUBSCRIBE to the channel, along with leaving a COMMENT below. - DIRECT CHANNEL INFORMATION: - Media/General Enquiries: firstname.lastname@example.org - SOCIALS: * Twitter: https://www.twitter.com/LastWordOnSpurs * Instagram: https://www.instagram.com/LastWordOnSpurs * Facebook: https://www.facebook.com/LastWordOnSpurs * Clubhouse: https://www.clubhouse.com/@LastWordOnSpurs * YouTube: https://www.youtube.com/c/LastWordOnSpurs WEBSITE: www.lastwordonspurs.co.uk #THFC #TOTTENHAM #COYS
Madeline Sall from @madelinesall began her points & miles journey in 2013 with her consultant job and had to get a little more strategic after she left that job & didn't have corporate expenses on her credit cards all the time. Now, she uses her points & miles to attend concerts in other cities & plan last-minute redemptions without planning every day of her trips. She believes that the best use of points & miles is the one you're actually going to use & not always the one that has the best cost per point. In this episode, Madeline and I talk about a points trip she took to Paris, and how using public transit in Europe -- and really most places where it's available -- can save so much money and sanity, and we discuss some different tricks for navigating public transit while traveling. To offset the costs of public transit, I'd recommend using a card like the Chase Sapphire Reserve or Capital One card with purchase eraser. Alternatively, you could also use the World of Hyatt card to earn 2x on public transit purchases. If you're interested in any of these cards, please make sure you use a friend or creator's referral link -- do not apply through Google. If you would like to support this show when you open your next card, check out www.geobreezetravel.com/cards Download App in the Air at: https://links.appintheair.mobi/geobreezetravel You can find Madeline at: Instagram: https://www.instagram.com/madelinesall You can find Julia at: Website: https://www.geobreezetravel.com Instagram: https://www.instagram.com/geobreezetravel Credit card links: https://www.geobreezetravel.com/cards Masterclasses: https://www.geobreezetravel.com/hangouts Patreon to access recordings of masterclasses: https://www.patreon.com/geobreezetravel Award travel coaching call: https://www.geobreezetravel.com/calendly Sign up for the newsletter and get exclusive access to sign up for free coaching calls: https://www.geobreezetravel.com/free-coaching Geobreeze Travel is part of an affiliate sales network and receives compensation for sending traffic to partner sites, such as milevalue .com. This compensation may impact how and where links appear on this site. This site does not include all financial companies or all available financial offers. Terms apply to American Express benefits and offers. Enrollment may be required for select American Express benefits and offers. Visit americanexpress .com to learn more.
This week, Luke, Karen, and Stephen talk about plenty of iPhone rumors, Apple's first foray into live sports, and some Twitter news. Links: Apple planning major low-power upgrade for Apple Watch, says Gurman | iMore Baseball on Apple TV Plus slaughtered by furious fans on opening night | iMore Gurman: Apple TV and HomePod could be merged into one device | iMore iPhone 14 to get major FaceTime camera upgrade, says Kuo | iMore Kuo: iPhone without notch or hole-punch may debut in 2024 with under-display camera | iMore iPhone 14 case schematics show that the iPhone mini is dead | iMore Netflix will have ads in 'the next year or two' to arrest subscriber exodus | iMore The iPhone 13 is the best selling iPhone in years | iMore Elon Musk offers to buy all of Twitter for $41 billion and "transform it" | iMore Sponsors: Mint Mobile: Switch to Mint Mobile and get premium wireless service, starting at JUST $15 bucks a month at mintmobile.com/more! Capital One: Machine learning at Capital One. Capital One. What's in your wallet? Hosts: Karen Freeman Luke Filipowicz Stephen Warwick
The NFL Draft is setting up shop in Las Vegas. The stage is set and it sits on the Bellagio Fountains! Plus, the NFL Draft Experience, the NFL's interactive football theme park, will be FREE and open to the public during all three days of the Draft. Sean visits the Wynn Golf Course and has some really cool insider info, just as the course is getting ready to play home to the Capital One's The Match. This will feature a foursome of legendary NFL quarterbacks. Tom Brady and Aaron Rodgers are teaming up to face Patrick Mahomes and Josh Allen on June 1st. Journey announces shows at Resorts World with a special twist. And, RuPaul's Drag Race shoots the finale at The Flamingo Las Vegas. Plus, a new land purchase on the north end of the strip. Also, we check out "Spring at The Terrace" at Green Valley Ranch. Get ready for some really unique Spring Cocktails! Thanks to our sponsor, Targeted Tax Relief. Get a free consultation today! Go to TargedTaxRelief.com for information and to sign up.Support the show (https://www.paypal.com/donate?hosted_button_id=UCMULZYF325PL)
Bill Cillufo is Partner and Head of International Investments at QED, one of the leading fintech venture firms today with a portfolio including Nubank, Kavak, Klarna, Quinto Andar and Bitso to name a few. As for Bill, he has led investments in Nubank, Loft, Wagestream and Creditas among others. Prior to joining QED, he spent nearly 20 years at Capital One, spanning several roles and leading several businesses. During Bill's last 3 years at Capital One, he led its Co-Brand and Private Label credit card business, building the business nearly from scratch to one of the top few players in the US market. In Today's Episode with Bill Cillufo You Will Learn: 1.) Origins into Venture: How Bill made his way from 20 years at Capital One to becoming a Partner @ QED? How did Capital One inform his mindset around unit economics? Having seen booms and busts firsthand with Capital One, how did that impact his investing mindset today? 2.) The Landscape: What is Happening? Where does Bill believe the biggest crunch in funding markets is today? Does Bill believe this will trickle down to the early stage? How does Bill advise his portfolio companies on runway and burn given the environment? What does Bill believe that many have not seen that is coming? 3.) Bill Cillufo: The Investor How does Bill analyse his own relationship to price and price sensitivity? How has Bill changed as an investor over the last 5 years? What caused the changes? How does Bill reflect on reserves management given the new landscape we are in? 4.) QED: The Expansion Does Bill believe that expanding geographically has become easier with time? What has become harder about expanding into new geographies? How important does Bill believe partnering with local firms is when VCs enter new territories? Item's Mentioned In Today's Episode with Bill Cillufo Bill's Favourite Book: Tom Clancy: The Hunt for Red October Bill's Most Recent Investment: Refyne
In this episode of the Startup of the Year Podcast, we hear a conversation between Andrew Nguyen from BARK and Matt Hunckler of Powderkeg, when they talked about product strategy and the “product mindset” at our 9th Annual Startup of the Year Summit. Andrew is a customer obsessed product leader who builds and grows consumer products. He's a human centered problem solver with over a decade of experience leading digital product teams across BARK, Zappos, Capital One, and AOL (e-commerce, finance, media, and advertising). He has shipped several award winning, highly rated mobile app and web experiences for millions of happy customers. BARK was founded in 2012, and loyally serves dogs nationwide with monthly subscription services, BarkBox and Super Chewer; a curated e-commerce experience on www.BarkShop.com. We are also starting a new segment where we highlight one startup from our community during every episode. Our first company to be featured is PlaneAhead, which is the first organization of its kind that takes full advantage of the termination of airline change fees. The way it works is they track your purchased itinerary from the day you buy until take off. When the price of your ticket goes down, they automatically exchange the ticket and send you the airline credit from the change. Go to www.planeahead.co to learn more! We live streamed our Summit, so if you were not able to attend in-person, make sure to watch it on our Youtube channel at: soty.link/ESTYouTube Lastly, we invite you all to join our community today to access the support, expert advice, and resources you need to elevate your startup by going to: www.est.us/join Thank you for listening, and as always, please check out the Established website and subscribe to the newsletter at www.est.us Checkout Startup of the Year at www.startupofyear.com Subscribe to the Startup of the Year Daily Deal Flow: www.startupofyear.com/daily-dealflow Subscribe to the Startup of the Year podcast: www.podcast.startupofyear.com Subscribe to the Established YouTube Channel: soty.link/ESTYouTube *** Startup of the Year helps diverse, emerging startups, founding teams, and entrepreneurs push their company to the next level. We are a competition, a global community, and a resource. Startup of the Year is also a year-long program that searches the country for a geographically diverse set of startups from all backgrounds and pulls them together to compete for the title of Startup of the Year. The program includes a number of in-person and virtual events, including our annual South By Southwest startup pitch event and competition. All of which culminate at our annual Startup of the Year Summit, where the Startup of the Year winner is announced, along with an opportunity at a potential investment. Established is a consultancy focused on helping organizations with innovation, startup, and communication strategies. It is the power behind Startup of the Year. Created by the talent responsible for building the Tech.Co brand (acquired by an international publishing company), we are leveraging decades of experience to help our collaborators best further (or create) their brand & accomplish their most important goals. Connect with us on Twitter - @EstablishedUs and Facebook - facebook.com/established.us
Aparna Chennapragada is Chief Product Officer @ Robinhood, the company revolutionizing consumer finance with commission-free investing, and tools to help shape your financial future. As for Aparna, prior to Robinhood, she spent an incredible 12 years at Google, most recently as VP and GM for Consumer Shopping and also as the lead AR and Visual Search products. Aparna is also an active angel investor with a portfolio including Khatabook, Statsig and On Deck to name a few. If that was not enough, Aparna is also a board member at Capital One. In Today's Episode with Aparna Chennapragada You Will Learn: 1.) Origins in Product: How Aparna made her way into the world of product and product management? What were Aparna's biggest takeaways from her 12 years at Google? What does product management mean to Arpana today? 2.) Customer Discovery: 101 What are the 3 different stages of product management? What does great customer discovery look like? What are the best questions to ask? How should one dig deeper? Where do so many make mistakes in customer discovery? What should product people take from the answers? What should they disregard? 3.) The Hiring Process: How should founders breakdown the process of hiring for their first in product? What does the interview process look like? How should founders structure it? What core questions should teams ask of prospective candidates? What are red flags when interviewing potential product hires? What literal tests and case studies can founders do to test the quality of candidates? 4.) The Onboarding Process: How should founders structure the onboarding process for new product hires? What can founders do to make PMs successful in their first 30 days? Where do many product hires make the biggest mistakes in the first 30 days? What can product hires do to build trust with their new team? Items Mentioned in Today's Episode with Aparna Chennapragada Aparna's Fave Resource: Shishir's Executive Onboarding
About ScottCloud security historian.Developed flaws.cloud, CloudMapper, and Parliament.Founding team for fwd:cloudsecLinks: Block: https://block.xyz/ Twitter: https://twitter.com/0xdabbad00 TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Vultr. Optimized cloud compute plans have landed at Vultr to deliver lightning fast processing power, courtesy of third gen AMD EPYC processors without the IO, or hardware limitations, of a traditional multi-tenant cloud server. Starting at just 28 bucks a month, users can deploy general purpose, CPU, memory, or storage optimized cloud instances in more than 20 locations across five continents. Without looking, I know that once again, Antarctica has gotten the short end of the stick. Launch your Vultr optimized compute instance in 60 seconds or less on your choice of included operating systems, or bring your own. It's time to ditch convoluted and unpredictable giant tech company billing practices, and say goodbye to noisy neighbors and egregious egress forever. Vultr delivers the power of the cloud with none of the bloat. "Screaming in the Cloud" listeners can try Vultr for free today with a $150 in credit when they visit getvultr.com/screaming. That's G E T V U L T R.com/screaming. My thanks to them for sponsoring this ridiculous podcast.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud, I'm Corey Quinn. I am joined by a returning guest with a bit of a different job. Scott Piper was formerly an independent security researcher—basically the independent security researcher in the AWS space—but now he's a Principal Engineer over at Block. Scott, welcome back.Scott: Thanks for having me, again, Corey.Corey: So, you've taken a corporate job, and when that happened, I have to confess, I was slightly discouraged because oh, now it's going to be like one of those stories of when someone you know goes to work at Apple because no one knows anyone at Apple; we just used to know people who went there and then we kind of lost touch because it's a very insular thing. Not the Block slash Square slash whatever they're calling themselves this week has that reputation. But InfoSec is always a very nuanced space and companies that have large footprints and, you know, handle financial transaction processing generally don't encourage loud voices that attract attention around anything that isn't directly aligned with the core mission of the company. But you're still as public and prolific as ever. Was that a difficult balance for you to strike?Scott: So, when I was considering employment options, that was something that I made clear to any companies that I was talking to, that this is something that probably will and should continue because a lot of my value to these companies is because I'm able to have discussions, able to impact change because of that public persona. So yeah, so I think that it was something that they were aware of, and a risk that they took. [laugh]. But yeah, it's been useful.Corey: This is the sort of conversation I would have expected to have with, “Yeah, things seem to be continuing the same, and I haven't rocked any boats, yet and they haven't fired me, knock on wood.” Except that recently you've launched yet something else that I am personally a fan of. Now, before we get into the specifics of what it is you're up to these days, I should call out that since your last appearance on this show, I have really leaned into the Thursday newsletter podcast duo of Last Week in AWS: Security Edition. Rounding up what happened the previous week—yes, it was the previous week, and it comes out on Thursdays—because, you know, timing and publication, things are hard, computers, you know how it is—aimed at a target audience that is very much not you: People who have to care about security, but are not immersed in the space. It's a, “All right, what now? What do I have to pay attention to?”Because there's a lot of noise in this space, there's a lot of vendor-captured stuff out there. There's very little that is for people who work in security but don't have the word security anywhere near their job title. And I have to confess that one of my easy shortcuts is, “Oh, it's a pretty thin issue this week,” which is not inherently a bad thing, let's be clear, it's not yay, the three things you need to care about in security then eight more of filler; that's not what we're about. But I always want to make sure I didn't miss something meaningful, and one of my default publication steps is, “What's Scott been tweeting about this week?” Just to make sure that I didn't miss something that I really should be talking about.And every single time I pull up your Twitter feed, I find myself learning something, whether it's a new concept, or whether it is a nuance on an existing thing I was already aware of. So first, thank you for all the work that you do as a member of the community, despite having a, “Regular corporate job,” quote-unquote, you're still very present. It's appreciated.Scott: Thank you. Yeah. And I mean, that newsletter is great for people that don't want to be spending multiple hours per day trolling through Twitter and reading that. So, it provides, also, something great for the community to not have to spend all that time on Twitter like I do [laugh], unfortunately.Corey: It also strives—sort of—to be something approaching an upbeat position of not quite as cynical and sarcastic as the Monday issue. I try to be not just this is the thing that happened, but go a little bit into and this is why it matters. This is how to think about it. This thing that Amazon put out is nonsense, however, here's the kernel hidden within it that might lead to something, such as thinking about how you do sign-on, or how to think about protecting MFA devices, or stuff like that you normally care about a lot right after you really should have cared about it but didn't at all. So, it's just the idea of aiming in a slightly different audience.Scott: Yeah definitely. And it provides value that it does, it takes some delay so that you can read what everybody has written, how they've responded to the different news outtakes, you're not just including the hot takes. For example, as of this morning, there's a certain incident with an authentication provider, and it's not really clear if there was actually a breach or not. And so it's valuable to take a moment to understand what happened, get all the voices to have expressed their points, so you can summarize those issues.Corey: An internal term that we've used to describe the position here is that I am prolific but I also have things to do as a part of my job that do not involve sitting there hitting refresh on Twitter like mad all the time. The idea is to have the best take not the first take—Scott: Exactly.Corey: And if that means that I lose a bunch of eyeballs and early ad impressions in the middle of the night and whatnot, well, great. I don't sell ad impressions anyway, so what does it matter? It winds up lending itself to a more thoughtful analysis of figuring out, in the sober light of day, is this a nothing-burger or is this enormous? With that SSO issue that you're alluding to—[cough] Okta—sorry, something caught in my throat there—very clearly, something is going on, but if I had written next week's newsletter last night while it was still very unclear, it would have been a very different tone than the one that I would have written this morning after their public statement, and even still a certainly different tone that it would take a couple of days once more information is almost certain to come to light. And that is something that is, I think, underappreciated in certainly on Twitter, where an old tweet—there's nothing worse than an old tweet unless you're using it to drag someone for something—that, “Well, we have different perspectives on that nowadays. It's not 2018 anymore.” Right. Okay, cool.Scott: Yep. [laugh].Corey: But something that you've done has been a bit of a pivot lately. Historically, you have been right there in my sweet spot of needling cloud providers for their transgressions in various ways. Cool, right there with you. We could co-author a book on the subject. But lately, you've started a community list of [IMSDv2 00:07:04] abuses.Now, first, we should talk about what IMSDv2 is. It's the name that it clearly came from Amazon because that's a name only a cloud provider bad at naming things could possibly love. What is it?Scott: So, it's the Instance Metadata Service, Version Two. If there's a version two, you can imagine there was a version one at some point. And the version two—Corey: And there's a version two because Amazon prod—the first one was terrible, but they don't turn anything off, ever, so this is the way and the light and the future; we're going to leave that old thing around until your great-grandchild dies of old age.Scott: Exactly, yeah. So, when EC2s first came out, and IAM roles first came out, you wanted to give your EC2s the ability to use AWS privileges, so this is how those EC2s are getting access to their credentials that they can use. And the way in which this was originally done was there's this magic IP address, this 169.254.169.254 IP address, which is very important for security on AWS because if anything can access that magic IP address from an EC2 instance, you can steal their credentials of that EC2, and therefore basically become that EC2 instance, in terms of what it can do in the AWS environment.And so in 2019, there was a large breach of Capital One that was related to this. And so as a result of that—I think that AWS probably had this new version, probably, in the works for a while, but I think that motivated their faster release of this new version, and so IMDSv2 changed how you would obtain these credentials. So, you basically—instead of making a single GET request to this IP address, now you had to make multiple requests, they were now PUT request instead of a GET request, there was a challenge and response, there's the hop limit. So, there's all these various things that are going to make it harder and basically mitigate a lot of the different types of vulnerabilities that previously would be used in order to obtain these credentials. The problem, though, is that IMDSv1 still exists on EC2s, unless you as a customer are enforcing IMDSv2.And so, in order to do this in a large environment, it's difficult—theoretically, it's a simple thing; all you should have to do is update your SDK and now you're able to make use of the latest version. And if you're using any version of the SDK that was released in the past over two years, you already should be using IMDSv2 there, but you have to enforce it. And so that's where the problem is. And what was most problematic to me is now that I work for a company, we have run into the problem that there are some vendor solutions that we use that weren't allowing us to enforce IMDSv2 across all of our different accounts. And this is something I've heard from a number of other customers as well.And so I decided to create this list with vendors that I've had to deal with, vendors that other customers have had to deal with, in order to basically try and solve this problem once and for all. It's been multiple years now and a lot of these vendors, unfortunately, were also security vendors. And so that makes the conversation a little bit easier, to basically put them on this wall-of-shame and say, “You're a security vendor and you're not allowing your customers to enforce best practices of security.”Corey: I want to call on a couple of things around that. Originally the metadata service was used for a number of other things—still is—beyond credentials. It is not the credential service as envisioned by a lot of folks. The way that—also we'll find those credentials empty until there's an EC2 instance role, and those credentials will both be scoped what that instance does and automatically rotated in the fullness of time so they're not long-lived credentials that once you have them, they will last forever. This is, of course, a best practice and something you should be leveraging, but scope those credentials down, or you wind up with one of the ways that was chained together in the Capital One breach a few years ago.It's also worth noting that service would have been more useful earlier in time with a few functions. For example, you can use the metadata service to retrieve the instance tags about the EC2 instance. When I requested it in 2015, it was not possible. But they had released it in January of this year, 2022, long after we have all come up with workarounds for this, where we could have used that to set the hostname internally on the system, if you're looking for something basic and easy. It would have been something then you could have used to automatically self-register with DNS without having to jump through a whole bunch of hoops to do it manually.And you look at this, and it's wow, that's a whole lot of crappy tooling I can just throw into the trash heap of history you don't need anymore. But the IMSDv2, you're right, makes it a lot harder, there has to be a conversation, not just something you can sort of bankshot something off of to get access to it. And it's a terrific mitigation. What I've liked about your list of more or less shaming companies for doing this is, on the one hand, you have companies who take themselves off of the list as soon as it's up there. It's, “Oh, we love when people talk about us. Wait, what's that? They're saying something unkind? On the internet?” And they'll fix it, which honestly is better than I expected.And then every once in a while you'll see something that's horrifying of, “Oh, yeah, we're not vulnerable to that at all because we tell you to create permanent long-lived credentials, store them on disk and we'll use those instead.” And it's… that is, like, guaranteeing that no one is going to break down your door by making your walls out of tissue paper. Don't do that. Like, that has gone so far around the band that has come back around again. So, hopefully that got fixed.Scott: And I think you pointed out a couple of things I want to talk about with this is that, one, it has actually been very successful in terms of getting large vendors to make changes. Currently, of the seven vendors that have ever been listed there, are three of them have already made fixes and have been removed from the list. And the list has only been up for about a month. And so, in terms of getting enterprise solution vendors to make changes within, like, just a few weeks is very surprising to me. And these are things that people have been asking for for years now, and so it had motivated them a lot there.And the other thing that I want to point out is people have looked at the success that it's had and considered maybe we should make wall-of-shame lists, for all the things that we want. And I want to point out that there are some things about this problem, the IMDSv2 specifically, that make it work for having this wall-of-shame list like this. One of them is that not supporting or not allowing customers to enforce IMDSv2 is basically always bad. There is not a use case where you can make a claim—Corey: There is no nuance where that, in this case, is the thing to do, like having an open S3 bucket: There are use cases where that is very much something you want to do, but it's the uncommon case.Scott: Exactly. That I think is an important thing. Another thing is it's not just putting up a list, you know, like that is what people are seeing publicly, but behind the scenes, there's a lot of other things that are happening. One, I am communicating with various customers, customers that are reporting this issue to me, in order to try to better understand what's happening there, so that I can then relay that information to the company. So, I'm not just putting up the list; I'm also, behind the scenes, having conversations with these different companies to try to get timelines from them, to try to make sure that they are aware of the problem, they are aware that they're on this list, how to get off the list. So, there's that conversation happening.There's also the conversation that I'm happening with AWS in order to make various requests that AWS improve this for customers, to make this easier. And this is something that is public on that repo. I have my list of requests to AWS so that people can relay that to their own TAMs at AWS to basically say these are things we want as well. And so this includes things like, “I want an AWS account to have the ability to default to always be enforcing IMDSv2.” You know, so as an example, when you create an EC2 through the web console—which people can say, oh, you should always be using Infrastructure as Code; the reality is many folks are using the web console to create EC2s to do other changes.And when you create an EC2 in the web console, by default, it's going to allow IMDSv1 still. And so my request to AWS is, you should allow me to just default enforce IMDSv2. Also, the web console does not give you visibility into which EC2s are enforcing it and which ones are not. And also, you do not have the ability in the web console to enforce it. You cannot click on an EC2 and say, “Please enforce it now.”So, it's all these various, like, minor changes that I'm requesting AWS to do.Corey: It has to be done at instance creation time.Scott: Exactly. And so there is an API that you can make in order to change it afterwards, but that's only an API so you have to use the CLI or some other mechanism; you can't do it in the web console. But the other thing that I'm requesting AWS do is if security is a priority for AWS and they have all these other partners that are security companies, that they should be requiring their partners to also be enforcing this in their various products. So, if a partner is basically not allowing your AWS customers to enforce security best practices, then perhaps that partnership should be revoked in some way. And so that's a more aggressive thing that I'm asking AWS to do, but I think is reasonable.Corey: I'd also like them to get all of their own first-party services to support this, too.Scott: That's true as well. So, AWS is currently on the list. And so, they have one service, Data Pipelines, which if you are an AWS customer and you are using that service, you are not going to be able to enforce IMDSv2 in your environment. So, AWS themselves, unfortunately, is not allowing customers to enforce this. And then AWS themselves in their own production servers, we have seen indications that they do not enforce IMDSv2 on their own production servers.So, the best practice that they are telling customers to follow, they unfortunately are not following it themselves. And so the way in which we saw this was Orca is a security company that ended up finding this issue with AWS—and there's a lot of questions in terms of what all exactly they found—but they had this post that they called “Breaking Formation” in which they were somehow able to find—basically exploit to some degree—and again, it's unclear exactly what they were able to exploit here—but they were able to exploit AWS production servers that are responsible for the CloudFormation service. And in their blog post, they had a screenshot which showed that those production servers are not enforcing IMDSv2. And so AWS themselves is struggling with this as well, as are many customers. So, it's something that, you know, I put together this list of requests in hopes that AWS can make it easier for not only customers but also themselves to be able to enforce it.Corey: There are a lot of different things that we wish companies did differently, particularly if that company is AWS. Why is this the particular windmill that you've decided to tilt at given—let's say—it's not exactly slim pickins out there as far as changes that we wish companies would make? Obviously, you mentioned at one point, there is no drawback to enabling this, but a lot could be said for other aspects as well. Why is this one so important?Scott: So, in part, I personally have some, I guess, history with this [laugh], basically, IMDSv2, and so we can discuss this. This is back when Capital One had their breach in 2019, there was this Senator, Senator Ron Wyden, who sent this email over to AWS, to Steve Schmidt, who was the CISO at the time there and still is the CISO, and he basically—Corey: Now, he's head of security for all of Amazon.Scott: Yeah, yeah.Corey: CJ is now the AWS CISO. And he has the good sense to hide.Scott: Yeah. [laugh]. So, at the time, this Senator Ron Wyden had send over this email—and obviously it's not Senator Ron Wyden himself, you know, it's one of his, like, technical people on staff that is able to give him this information—and he sends this email to AWS saying, “Hey, this metadata service played a role in this very significant breach. Why hasn't this been fixed?” And Steve Schmidt responded, and because it's communications between a senator, I guess it has to become public.So, Steve Schmidt responds, saying that, “Hey, we never knew that this was an issue before,” is essentially what he responds with. And that irked me because I had reported this to AWS previously, as had many other people. So, there was a conference presentation by this guy Andrés Riancho at BlackHat, I believe in 2014, and he had presented previously in 2013, so it was a known issue; it had been around for a while. But I took the time to actually report it to AWS Security. So, I went through the correct channel of making sure that AWS was aware of a security concern, as a security researcher—so reporting it through that correct channel there—and provided Senator Ron Wyden with all this information.And so, then he then requested that the FTC begin a federal investigation into AWS, related to basically not following the best practices that security researchers have recommended. So, that was, kind of like, my early, I guess, involvement with this issue. So, it's something that I've been interested in for a while to make sure that this is resolved completely at some point.Corey: This episode is sponsored by our friends at Oracle Cloud. Counting the pennies, but still dreaming of deploying apps instead of “Hello, World” demos? Allow me to introduce you to Oracle's Always Free tier. It provides over 20 free services and infrastructure, networking, databases, observability, management, and security. And—let me be clear here—it's actually free. There's no surprise billing until you intentionally and proactively upgrade your account. This means you can provision a virtual machine instance or spin up an autonomous database that manages itself, all while gaining the networking, load balancing, and storage resources that somehow never quite make it into most free tiers needed to support the application that you want to build. With Always Free, you can do things like run small-scale applications or do proof-of-concept testing without spending a dime. You know that I always like to put asterisks next to the word free? This is actually free, no asterisk. Start now. Visit snark.cloud/oci-free that's snark.cloud/oci-free.Corey: It's always fun watching where people come from, as far as the security problems that they call out. There was, I believe in the cloud security forum Slack, a thread of recently about what security issues are top-of-mind and that should be fixed as a baseline expectation. In fact, let me dig it out because that is one of those things that I think is well worth having the conversation properly on this.Good examples of risky, insecure defaults in AWS. And people are talking about IMDSv1, and they're talking about all kinds of other in-depth things, and my contribution to it was, “If I go and I spin up an AWS account, until I go out of my way, I'm operating as root in that account. That seems bad.” And a few responses to that were oh, the basically facepalming, “Oh, of course.” I wish that there were an easy way to get AWS SSO as the default because it is the right answer for so many different things. It solves so many painful problems that otherwise you're going to wind up stuck with.And this stuff is hard and confusing; when people are starting out with this for the first time, they're not approaching this from, “All right, how do I be extremely secure?” They want to get some work done. For fun a year ago, I spun up a test account—unattached to any organization—and because account aliases are globally unique, I somehow came up with the account ‘shitposting' because that's pretty much what I use it for. The actual reason I wanted that was I wanted something completely unattached from any other account that I could easily take screenshots from at any point, and the worst case scenario is okay, I've exposed some credential of my own in an account that has no privileged access to anything; I just have to apologize for all the Bitcoin mining now. And honestly, I think AWS would love that marketing campaign; they'd see my face on a billboard looking horrified. It'll be great.But I turned on every security service as I went because, of course, security is the most important thing. And there were so many to turn on, and the bill was approaching 50 bucks a month for an empty account. And it's. It starts to feel a little weird and more than a little wrong.Scott: [laugh]. Yeah, my personal concern in terms of default security features is really that problem of the cost controls, I think that that still is a big issue that AWS does not have cost controls such that when a student wants to try and use AWS for the very first time and somehow they spin up large EC2 instance, or they just you know, end up creating an access key and that access key gets leaked and somehow their account gets compromised and used for Bitcoin mining, now they're stuck with that large AWS bill. For a student who has no budget, is in debt, and now is suddenly being, you know, hit with multiple thousands of dollars on their bill, that I think is very problematic, and that is something that I wish AWS would change as a default is basically, if you are creating AWS account for the very first time, have some type of—I don't know how this would look, but maybe just be able to say, like, I don't ever want this AWS account to spend more than $100 per month, and I'm okay if you end up destroying all my data in the account because I have no money and money is more important to me than whatever data I may store in here.Corey: Make an answer to that question mandatory, just as putting a credit card in is mandatory. Because there are two extremes here. It's more or less the same problem of AWS not knowing who its customers are beyond an AWS account, but there's a spectrum somewhere between I'm a student who wants to learn how the cloud works, and my approach to security is very much the same. Don't let randos spin up resources in my account, and I don't ever want to be charged. If that means you turn off my “Hello World” blog post, okay, great.On the other end, it's this is Netflix. And this is our, you know, eight-millionth account that we're spending up to do a thing and what do you mean you're applying service quotas to it? I thought we had an understanding?—everything is a service quota, let's be clear—Scott: Yep.Corey: —or a company that's about to run a Superbowl ad. Yeah, there's going to be a lot of traffic there. Don't touch it. Just make it work. We don't care what it costs.Understanding where you fall on the cost perspective—as well as a security point of view of, “We're a bank, which means forget security best practices, we have compliance obligations that cannot be altered in this account and here's what they are.” There has to be a way that is easy and approachable for people to wind up moving that slider to whatever position best represents them. Because there are accounts where I never want to be charged a thing. And that's an important thing because—and I've been talking about this for a while because I'm convinced it's a matter of time—that poor kid who wound up trading on margin at Robinhood, woke up saw that he was seven-hundred-and-some-odd grand in debt and killed himself. When it all settled out, I think he turned something like a $30,000 profit when all was said and done, which just serves to make it worse.I can see a scenario in which that happens, and part of the contributors to it are that we used to see that the surprise bill for compromised accounts was 10, 15, 20 grand. Now, they're 70 to 90 because there are more regions, more services to run containers—because of course there are—and the payoff is such that the people exploiting this have gotten very practiced and very operationalized at spinning up those resources quickly, and they cost a lot very quickly. I mean, the third use case that they're not aiming at yet is people like me, where it's, oh, you have a free account that sandboxed; I want to get the high score on the free tier because all their fraud is attuned to you making money. With me, it's nope, just going to run up the store to embarrass Amazon. That's not a common exploit vector, but I'm very much here.Scott: [laugh]. Yep. And that also is the thing though: The Denial of Wallet attack is also a concern on AWS, as well, where you've written a blog post about this, how if you are able to make use of data transfer in different ways, you can run up very high multi-million dollar bills in people's AWS accounts and even AWS's own protections and defenses against trying to look for cost spikes and things like that is delayed by multiple hours. And so you can still end up spending a lot of money in people's accounts, or one thing that's wild is an S3 object locking; that feature, the whole purpose behind it is to ensure data can never be deleted. It exists for various compliance reasons, so even AWS themselves cannot delete certain data.So, if an attacker is able to abuse that functionality in somebody's account, they can end up locking data such that for the next 100 years, it can never be deleted and you're going to have to pay for that for the next 100 years inside your account. The only way of not paying for that anymore is to move everything that you have in an AWS account to a new account, and then ask AWS to delete that account, which is not going to be reasonable under most circumstances.Corey: Yeah, alternatively, it's one of those scenarios where well, the only other option is to start physically ripping hard drives out of racks in a bunch of different data centers. It's wild to me. It's such an attack surface that honestly I believe for the longest time that AWS Security is otherworldly good. And as we start seeing from these breaches, no, what really is otherworldly good is their ability to apply pressure to people not to go public with things they discover that they then wind up keeping quiet because once this whole Orca stuff came out, we started digging, and Aidan Steele found some stuff where you could just get unfiltered, raw outputs of CloudTrail events by setting up a couple of rules in weird ways.And that was a giant problem, and it was never disclosed publicly. I don't know if any of my events were impacted; I can't trust that they would have told me if they were. And for the first time, I'm looking at things like confidential computing, which are designed around well, what if you don't trust your cloud provider? Historically, I guess I was naive because my approach was, “Well, then you shouldn't be using the cloud.” Now it's, “Well, that's actually kind of a good point.”Because it's not that I don't trust my cloud provider to necessarily do what they're telling me. I just don't trust them to tell me what they're doing. And that's part of it. The, “Well, we found an issue, but you can't prove we had an issue, so we're going to say nothing.” And when it comes to light—because it always does—it erodes trust in a big way. And trust is everything in cloud.Scott: Yeah. And so with some of the breaches that have come out, I created another GitHub repo to start tracking all the different security incidents that I could find for the three cloud providers, Azure, GCP, and AWS. And so on there, I started listing not only some of the blog posts from security companies that had been able to exploit vulnerabilities in the cloud providers, but also just anything else that I felt was a security mistake in some way. And so there's a number of things I tried to avoid on there. Like, I tried to avoid listing something that's kind of like a business decision, for example, services that get released that don't have CloudTrail support. That's a security concern to me, but that's kind of a business decision that they decided to release a service before it supported all that functionality.So, I tried to start listing off all those different things in order to also keep track of you know, is there a security provider that's worse than the others? Are there any type of common patterns that I can see? And so I tried to look through some of those different things. And that's been interesting because also I really only focus on AWS, and so I haven't really known what all has been happening with GCP and Azure. And that was interesting because there's been two issues that have happened on AWS where the exact same issue happened on the other cloud providers. And so that tells me, that's concerning to me because that tells me tht—Corey: Because those are not discovered at the same time let's be clear.Scott: Yeah. These were, like, over a year apart. And so basically, somebody had found something on GCP, and then a year-plus later, somebody else found the exact same issue on AWS. And then similarly, there was an issue with Azure and then a year-plus later, same issue on AWS. And that's concerning because that tells me that AWS may not be monitoring what are the security issues that are impacting other cloud providers, and therefore checking whether or not they happen to themselves?That's something that you would expect a mature security team to be doing is to be monitoring what are public incidents that are happening to my competitors, and am I impacted similarly? Or what can I do to try and identify those issues, fix them, make sure they never happen? All those types of steps in terms of security maturity. And that's something that then I'm a little concerned of that we've seen those issues happen before. There's also, on AWS specifically, they have had a number of issues related to their IAM-managed policies that keep cropping up.And so they have had a number of incidents where they were releasing policies that shouldn't have been released in some way. And that's concerning that showed that they don't really have a change management process that you would expect. Usually, you would expect a company to be having GitHub PRs and approval processes and things like that, in order to make sure that there's a second set of eyes on something before it gets released.Corey: Particularly things of this level of sensitivity. This is not—like, I was making fun of them a day or two ago for having broken the copyright footer and not updating them since 2020 because instead of the ‘copyright' symbol, they used an ‘at' symbol. Minor stuff, but like that's fun to needle people about, but it doesn't actually matter for anything.Scott: Yeah.Corey: Security matters and mistakes show.Scott: Yeah. And so there had been some examples where they released a policy that was called, like, ‘cheese puffs something' and it's like, okay, that's clearly, like, an internal service of some sort. But I'd called them out and, like, I'd sent an email to AWS Security being like, “Hey, you need to make sure that you have change management processes on your IAM policies because one day you're going to do something that is bad.” And one day they did. They made a change to the read-only access policy, and that basically—they removed every single privilege, somebody had ended up, you know, internally, removed every single privileges to the read-only access policy and replaced it with a whole bunch of write privileges for, I think, the Cassandra service.And so, that was like, clearly they've made a mistake that they should have made sure they were correcting because you know, they had these previous incidents. Another kind of similar one was in December, there was a support policy where they had added S3 GetObject to that policy, and that was concerning in terms of have they just given all of their support employees access to everybody's content in their S3 buckets? And so AWS made some statements saying that there were other controls in place there so it wouldn't have been possible. But it's those types of things that [crosstalk 00:33:17]—Corey: Originally, those statements were made on Twitter, let's be clear here.Scott: Yes. Yeah. [laugh].Corey: And I feel like there's a—while I deeply appreciate how accessible a lot of their senior people are, I cannot point the executive leadership team at a client to some tweets that someone made. That is not a public statement of record that works on this.Scott: Exactly.Corey: They're learning. We'll get there sooner or later, I presume. I want to thank you for taking the time to speak with me, as always, I'll throw links to these repos into the [show notes 00:33:46], but if they want to know more what you have to say, where's the best place to find you?Scott: So, my Twitter, which, unfortunately, is a handle written in hex, but it's—‘dabbadoo' is how you would pronounce it, but it's probably easiest to see a link for it. So, that's probably the main place to look for me.Corey: That's why my old Twitter handle was my amateur radio callsign. I don't use that one anymore. It's just easier. And I think that's the right answer. Besides, given what you do, it's easy enough if people want your attention. They screw up badly enough, you'll come to them.Scott: Yep. [laugh].Corey: Scott, I really appreciate your time. Thanks again.Scott: Thank you.Corey: Scott Piper, Principal Engineer at Block and, more or less, roving security troubadour for lack of a better term. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice or a comment on the YouTubes saying that this episode is completely invalid because you wind up using the old version of the metadata service and you've never had a problem. That you know of.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
The pandemic greatly accelerated the consumer desire to adopt digital-first banking experiences. That said, consumer preference for how to do banking has also become increasingly hybrid. Few financial institutions have innovated the customer experience across multiple platforms more than Capital One. From their award-winning mobile app to their Capital One Cafés, the bank continues to test new ways to build engagement. We are very fortunate to have Jennifer Windbeck, Head of Retail Bank Channels & Operations at Capital One on the Banking Transformed podcast. She will discuss how Capital One has continued to reinvent how and where customers can do banking. This episode of Banking Transformed is sponsored by Microsoft: See how Microsoft can help to unlock new opportunities at speed through innovative business models, deliver differentiated customer experiences across channels, products and services, and redefine new ways of working. More at Microsoft.com/financialservices
Welcome to an episode with one of the leading innovators in digital marketing, Jeff Rosenblum. In this episode, Jeff speaks about effective marketing and advertising that both informs and inspires. He shares how businesses can help customers feel empowered to solve their problems and create a better customer experience. We will learn why businesses that embrace empowerment, transparency, and authenticity are essential in today's marketing world. Jeff Rosenblum is an author, a documentary filmmaker, and an advertising agency founder. He is widely regarded as one of the leading innovators in the field of digital marketing and has worked on teams that have helped revolutionize dozens of industries. Jeff is the co-writer and director of a groundbreaking documentary about the advertising industry's future, The Naked Brand. It reveals the surprising story about corporations' ability to improve the world, one small step at a time. Jeff is the Founding Partner of Questus, a digital marketing agency that has worked with some of the world's most influential brands, including American Express, Apple, Bloomberg, Capital One, Discovery Channel, Disney, Driscoll's, General Mills, Ford, ESPN, The New York Times, Suzuki Motorcycles, The NFL, The Wall Street Journal, Universal Orlando, Verizon and more. When he's not driving his team and his clients crazy, Jeff is on an Advisory Board for the Make-A-Wish Foundation as well as Special Spectators. Jeff and his family built a school in a remote village in Nepal while working with the BuildOn organization. Despite barely graduating college, he has lectured at some of the world's top universities and presented at some of the marketing industry's most influential conferences. Get Jeff's book here: Exponential: Transform Your Brand by Empowering Instead of Interrupting. Jeff Rosenblum: https://amzn.to/3EmxAr5 Enjoying our podcast? Get access to sample advanced training episodes here: www.firmsconsulting.com/promo
Can a coupon book really be worth $695? This week we run the numbers and see if it all adds up to make the Platinum card worthwhile. 00:43 Giant Mailbag double header. First up: Booking Air France intra-European flights via Virgin Atlantic and getting Caesars Diamond back again 4:27 Giant Mailbag: Confession time: Caesars Diamond once again 11:45 What craazy thing . . . did Capital One do this week? https://frequentmiler.com/baseball-fans-capital-one-has-great-seats-for-5000-miles-each/ 19:10 Mattress running....er, Airport Lounge Running the Numbers: ANA elite status match to Star Alliance Gold https://frequentmiler.com/star-alliance-gold-match-via-ana-mileage-club-match-delta-gold-aa-platinum-pro/ 29:21: Main Event: The Amex Platinum coupon book: Is it worth the annual fee? https://frequentmiler.com/platinum-card-arrived-heres-next/ https://frequentmiler.com/dont-want-to-pay-that-695-annual-fee-heres-the-strategy-before-you-cancel/ Wide appeal coupons: 32:04 $240 Digital Entertainment Credit 37:24 $200 Fine Hotels & Resorts credit 40:06 $200 Airline fee credits https://frequentmiler.com/amex-airline-fee-reimbursements-still-works/ 42:00 $200 in Uber credits 44:22 $179 CLEAR credit 48:28 $100 Saks credit 51:21 Walmart+ credit 55:56 Other perks (Airport lounge access, elite status, emergency evacuation coverage, etc). 1:09:42 Post Roast: Are IHG credit card free night certificates "kind of like" paying for points? https://frequentmiler.com/my-ihg-free-night-strategy-on-gregs-mind/ 1:13:13 Question of the Week: Is it safe to pay my taxes with a new Chase card? https://frequentmiler.com/pay-taxes-via-credit-card/ Join our email list: https://frequentmiler.com/subscribe/ Music credit: Annie Yoder
Shayne Hughes is president of Learning as Leadership, a culture change and leadership development firm serving the private and public sectors. His expertise in creating cultures of open communication and collaboration has led to substantial improvements in organizational and personal performance for such clients as Fairchild Semiconductor, NASA, Sandia National Laboratories, Shell Oil, and Capital One, among others. He is also experienced in the complex dynamics of family businesses. Shayne has taught leadership at the University of California Berkeley's Haas School of Business, the University of Michigan's Executive MBA Program, and the University of Virginia's Darden School of Business. He is a frequent keynote speaker at many conferences and corporate retreats.
This week on Cyber Frontiers we are joined by special guest Ashton Webster. Ashton is now a software engineer at Capital One and has worked on several teams over the last 4 years that focused on fraud detection and prevention. We spend some time catching up with Ashton. We also look at a new rule in the United States that mandates that any company that is considered part of critical infrastructure would be required to report to the Department of Homeland Security within 72 hours of a data breach or within 24 hours of paying a ransomware attack.
Sharita Humphrey, Zainab Johnson, and Hoodo Hersi visit Friends and discuss improving your credit score, financial awarenes, the slap that was heard around the world and more with host Marina Franklin. Hoodo Hersi is a Toronto-based comedian whose comedy can be seen on Just For Laughs, the Winnipeg Comedy Festival, Halifax Comedy Festival and the BBC. She also had the great fortune of opening up for Hasan Minhaj, Lil Rel Howery, Chris Redd, Gina Yashere, Moshe Kasher, and Maria Bamford among others. In 2019, Hoodo was selected as CBC's 15 Comics to Watch and was part of Sephora's national “Get Lippie” lipstick campaign in partnership with Fashion Magazine, where she was profiled as one of the three Female Comedians Taking Canada by Storm Right Now. Zainab Johnson, a stand-up comedian, actress, and writer is quickly being propelled as one of the most unique and engaging performers on stage and screen. In 2019, Zainab was named one of Variety's Top 10 Comics To Watch. Recently, she was one of the hosts for Netflix's new show "100 Humans". You can also catch her as Aleesha on the Amazon Prime comedy series "Upload". Zainab made her first late night stand up appearance on NBC's Late Night with Seth Meyers, and has also had appearances on HBO's All Def Comedy (2017), NBC's Last Comic Standing (2014), Arsenio (2014), BET's Comic View (2014), AXSTV's Gotham Comedy Live! She also just recently starred in a new web series titled Avant-Guardians. Zainab is a regular at the Improv Comedy Club in LA and the Comedy Cellar in NY, and has performed in the Montreal Just For Laughs Festival as one of the 2014 New Faces of Comedy and returned numerous times since. After hitting financial rock bottom, Sharita Humphrey had to rebuild her life and make it stronger. She turned her knowledge of finance into a way to help those silently struggling both personally and financially. Sharita has always worked in the finance, auditing, and accounting industry. She worked as a tax examiner and auditor for the State of Texas for some time, and saw the daily impact of middle-class business owners consistently struggling with not only their business finances but also their personal finances. Her experience includes teaching and speaking at several organizations and events, including the Women's Resource Center of Houston and Covenant Community Capital. Her work has been published in several magazines, such as Credit Karma and has allowed her to be a brand ambassador for a debt boot camp program with Capital One. She was asked to speak at Covenant House Houston National Night Out event to help bring awareness to the growing epidemic of homelessness and raise money for the homeless teens in Houston. Always hosted by Marina Franklin - One Hour Comedy Special: Single Black Female ( Amazon Prime, CW Network), TBS's The Last O.G, Last Week Tonight with John Oliver, Hysterical on FX, The Movie Trainwreck, Louie Season V, The Jim Gaffigan Show, Conan O'Brien, Stephen Colbert, HBO's Crashing, and The Breaks with Michelle Wolf
Will Balo from @willbalo is a Canadian points enthusiast based in Toronto. By day, he's a business coach and outside of that, he incorporates real estate investing as a side gig. In this episode, Will and I discuss all things Aeroplan - the shopping portal, redemption sweet spots, the generous lap child policy, and more! The great thing about Aeroplan is that most of the major flexible points will transfer to this program, including Chase, American Express, Bilt, and Capital One. Some of the most popular cards for these banks are the Chase Sapphire Preferred, American Express Gold, and Capital One Venture X, which are all linked in the show notes. Remember, please never apply for a card through Google - always use a friend or creator's referral links. If you'd like to support this show when you get your next card, please visit www.geobreezetravel.com/cards. Download Fluz at: https://joinfluz.app.link/GEOBREEZETRAVEL Download App in the Air at: https://links.appintheair.mobi/geobreezetravel You can find Will at: Instagram: https://www.instagram.com/willbalo You can find Julia at: Website: https://www.geobreezetravel.com Instagram: https://www.instagram.com/geobreezetravel Credit card links: https://www.geobreezetravel.com/cards Masterclasses: https://www.geobreezetravel.com/hangouts Patreon to access recordings of masterclasses: https://www.patreon.com/geobreezetravel Award travel coaching call: https://www.geobreezetravel.com/calendly Sign up for the newsletter and get exclusive access to sign up for free coaching calls: https://www.geobreezetravel.com/free-coaching Geobreeze Travel is part of an affiliate sales network and receives compensation for sending traffic to partner sites, such as milevalue .com. This compensation may impact how and where links appear on this site. This site does not include all financial companies or all available financial offers. Terms apply to American Express benefits and offers. Enrollment may be required for select American Express benefits and offers. Visit americanexpress .com to learn more.
Show Notes: Wendy Palmer holds a seventh degree black belt in the non-violent Japanese martial art of Aikido, and has practiced mindfulness for over 45 years. She is the author of 4 books, including her latest: Dragons and Power, which explores the elements of Leadership Embodiment, a practice she founded and has been teaching to high level leaders for over 30 years. Her process draws on principles from Aikido and Mindfulness to offer simple tools and practices to increase the leadership skills of responding to stress and pressure with confidence and integrity. Wendy shares simple, fast and incredibly effective practices to recover to center when triggered, and what it means to embody the Aikido practice of “letting the attack land in the space”. She offers her personal wisdom around what it means to be resilient, why boundaries don't work and what actually does.She also explains the 3 most essential qualities of Leadership:Warmth and inclusivenessReceiving feedback as creative fuelActing with clarity, integrity and confidenceToday's Guest: Wendy Palmer is the founder of LEADERSHIP EMBODIMENT, a process that uses principles from the non-violent Japanese martial art of Aikido and mindfulness to offer simple tools and practices to increase leadership capacity and respond to stress and pressure with greater confidence and integrity. Wendy holds a seventh degree black belt in Aikido and has practiced mindfulness for over 45 years. She has worked with executive teams and individuals for Twitter, Genentech, Jazz Pharmaceuticals, The Gap, NASA, Gates Foundation, Salesforce.com, McKinsey &Co, Oracle, Google, Unilever, The BBC, Accenture, Blackrock, Capital One, Intel, The George Washington University, Eileen Fisher and The Daimler Chrysler Group. She is also an author of four books, Leadership Embodiment, The Intuitive Body, The Practice of Freedom and Dragons and Power. Her coaching organization, LEADERSHIP EMBODIMENT offers Coach Training to experienced coaches and facilitators who wish to learn to coach leaders in Leadership Presence. Wendy's website: www.leadershipembodiment.com7 Guided Practices to Recover to CenterConnect with me online:Liz Wiltzen Coaching WebsiteTracking Yes BlogInstagram The story that launched the ethos:Tracking Yes - A Guide to Everyday MagicThanks so much for listening!If you like the show, I'd so appreciate it if you'd follow and share it with people you know would love it. It's an unpaid labour of love, and your support encourages me to keep it coming!
Prashant Pitti is the Co-founder and Director at EaseMyTrip, India's second largest travel and hospitality company which provides hotel bookings, air tickets, holiday packages, bus bookings, and white-label services. In September 2021, it became a unicorn after its market capitalization crossed $1 billion. Prashant Pitti is responsible for marketing, branding, investor relations, hotel, bus and media management at EaseMyTrip. He is graduate from IIT Madras and has approximately 16 years of experience in the travel, tourism, banking and social applications. He has also previously worked with HSBC and Capital One in the United States.In this episode, we will cover: 1. Learning from running a travel and hospitality company during the pandemic (5:50)2. How did EaseMyTrip maintain lean cost structure and profitability during the pandemic (8:50)3. Advantages of not raising VC money (13:13)4. Rationale behind deciding to bootstrap and not raise venture capital (15:55)5. Why did EaseMyTrip pivot from B2B to B2C (21:40)6. How does EaseMyTrip maintain its operational efficiencies over various marco-economic ups-and-downs (28:30)7. Perks of staying under the radar (31:20)8. The IPO journey (40:43)9. Timing behind going public during the pandemic (48:45)10. Building generational business – vision and mission (1:06:12)
Todd Kennedy’s organization is focused on building new capabilities in platforms, data, and machine learning to support Card strategy and the experiences they deliver to customers and associates. He is also helping to drive enterprise Platforms strategy. Todd has held multiple leadership roles within the US Card division including leading the Digital Payments team and leading the […] The post Todd Kennedy With Capital One appeared first on Business RadioX ®.
Todd Kennedy’s organization is focused on building new capabilities in platforms, data, and machine learning to support Card strategy and the experiences they deliver to customers and associates. He is also helping to drive enterprise Platforms strategy. Todd has held multiple leadership roles within the US Card division including leading the Digital Payments team and leading the […]
This week on the iMore Show, Luke, Karen, and Stephen are joined by iMore Writer Christine Romero-Chan to talk about the new iPhone SE and a bunch of interesting rumors. Links: iPhone SE (2022) review: Teaching an old dog new tricks | iMore Report: Apple's refreshed M2-powered MacBook Air is still a few months out | iMore Report: Apple might finally be ready to kill off its Apple Watch Series 3 | iMore Leaker shares purported iPhone 14 Pro design showing no notch | iMore Apple launches first driver's license, state ID in Wallet in AZ | iMore Hardware as a service is the next logical step as Apple seeks recurring revenue | iMore iPhone SE (2022) vs. iPhone 12 vs. iPhone 12 mini: It's complicated | iMore Sponsors: Capital One: Machine learning at Capital One. Capital One. What's in your wallet? Hosts: Karen Freeman Luke Filipowicz Stephen Warwick
Did you know that your Ultimate Rewards points can still transfer to Amtrak? Or that Citi ThankYou points can become British Airways Avios? This week we talk about ways to wave your magic wand and convert your points creatively. 1:18 Giant Mailbag: Award availability disclaimers 5:33 Confession Time! 9:36 What crazy thing...did British Airways do this week? https://frequentmiler.com/qatar-airways-now-using-avios-book-qsuites-to-from-doha-for-70000-avios-each-way/ 12:22 Mattress running the numbers: Are the IHG cards worth big spend? https://frequentmiler.com/ihg-premier-cards-worth-big-spend/ 33:54 Main Event: Magical Point Conversions First up: JetBlue to Amtrak https://frequentmiler.com/opportunity-missed-dont-forget-about-that-jetblue-to-amtrak-conversion/ 38:04 The Avios Collection 42:30 Wyndham to Caesars Rewards or vice versa https://frequentmiler.com/how-i-saved-my-wyndham-points-from-expiry/ 44:33 Hyatt-->LATAM / Aeromexico 49:40 Chase, Citi, Capital One, or Bilt to Hilton https://frequentmiler.com/transfer-partner-master-list/ 56:51 Question of the Week: What hotel card combo do you recommend for free nights? https://frequentmiler.com/manufacturing-free-nights-hyatt-hilton-marriott/ Subscribe to our email list: https://frequentmiler.com/subscribe/ Music credit: Annie Yoder
Stephanie Harris is the owner & CEO of PartnerCentric, the largest woman-owned performance marketing agency in the US. A veteran of the space, Stephanie got her start as an award-winning affiliate program manager, personally managing at one time some of the largest programs in the PartnerCentric portfolio today. Her tenure in the industry, and philosophy that in order to lead you have to know how to do every role, has given her a comprehensive view of the industry as well as the ability to propel it forward with vision, innovation and drive. She has been named a PerformanceIN Top 50 Industry Player three times and has held multiple speaking and moderating engagements at industry conferences such as Affiliate Summit (East and West), CardCon and Capital One's Women in Business Panel. Her writing has been featured in FeedFront magazine, PerformanceIN and numerous other publications, and you may hear her speak on trends in leadership, culture-building, and the future of affiliate marketing through social networks such as Forbes Agency Council and LinkedIn. Stephanie Harris lives in New York with her husband and four children.
NEW DROP! https://satellitefresh.com Jon Prosser and Sam Kohl are back! We have hot thoughts on the newest Apple products like Mac Studio, the Studio Display, iPad Air M1 and iPhone SE...along with a healthy dose of hot takes on the latest news. What's up with these weird iPhone 14 leaks? Oh, and they get real serious during their time at the idiot bar. This episode is sponsored by HelloFresh. Go to http://hellofresh.com/genius16 and use code genius16 for up to 16 free meals plus 3 free gifts! This episode is also sponsored by Capital One. See how Capital One is using machine learning to create the future of banking at https://capitalone.com. This episode is also sponsored by Manscaped. Get 20% off + free shipping with the code GENIUS at http://manscaped.com This episode is also sponsored by ChiliSleep. Head over to chilisleep.com/GENIUS for a special offer on a new sleep system. Follow Genius Bar Genius Bar on Twitter: https://twitter.com/geniusbarcast Genius Bar on YouTube: https://youtube.com/geniusbar Sam on YouTube: https://www.youtube.com/iupdate Jon on YouTube: https://www.youtube.com/user/frontpagetech Sam on Twitter: http://twitter.com/iupdate Jon on Twitter: http://twitter.com/jon_prosser
Apparently Ed touched a nerve this week. A simple question about what are the most valuable points and miles caused Twitter to go biblical on Ed. All because Richard Kerr didn't give Miles to Go an exclusive on the new Bilt Rewards transfer partners. One of them is pretty awesome. We also touch base on Capital One car insurance, Ed's favorite hotel in New Orleans and what we think is the most valuable point/mile currency. If you sent us a question and we haven't gotten to it yet, we promise we'll get you a reply. We've got a big backlog for future shows! Don't forget that you can leave us a voicemail or text us at (571) 293-6659. Listen for your question on a future show! If you have a question you can e-mail me at email@example.com. And, you can also find me on Twitter, Facebook or Instagram and ask your question there. If you enjoy the podcast, I hope you'll take a moment to leave us a rating. That helps us grow our audience! Hope you enjoy the show!
About RachelRachel leads product and technical marketing for Chronosphere. Previously, Rachel wore lots of marketing hats at CloudHealth (acquired by VMware), and before that, she led product marketing for cloud-integrated storage at NetApp. She also spent many years as an analyst at Forrester Research. Outside of work, Rachel tries to keep up with her young son and hyper-active dog, and when she has time, enjoys crafting and eating out at local restaurants in Boston where she's based.Links: Chronosphere: https://chronosphere.io Twitter: https://twitter.com/RachelDines Email: firstname.lastname@example.org TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: The company 0x4447 builds products to increase standardization and security in AWS organizations. They do this with automated pipelines that use well-structured projects to create secure, easy-to-maintain and fail-tolerant solutions, one of which is their VPN product built on top of the popular OpenVPN project which has no license restrictions; you are only limited by the network card in the instance. To learn more visit: snark.cloud/deployandgoCorey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. A repeat guest joins me today, and instead of talking about where she works, instead we're going to talk about how she got there. Rachel Dines is the Head of Product and Technical Marketing at Chronosphere. Rachel, thank you for joining me.Rachel: Thanks, Corey. It's great to be here again.Corey: So, back in the early days of me getting started, well, I guess all this nonsense, I was an independent consultant working in the world of cloud cost management and you were over at CloudHealth, which was effectively the 800-pound gorilla in that space. I've gotten louder, and of course, that means noisier as well. You wound up going through the acquisition by VMware at CloudHealth, and now you're over at Chronosphere. We're going to get to all of that, but I'd rather start at the beginning, which, you know, when you're telling stories seems like a reasonable place to start. Your first job out of school, to my understanding, was as an analyst at Forrester is that correct?Rachel: It was yeah. Actually, I started as a research associate at Forrester and eventually became an analyst. But yes, it was Forrester. And when I was leaving school—you know, I studied art history and computer science, which is a great combination, makes a ton of sense—I can explain it another time—and I really wanted to go work at the equivalent of FAANG back then, which was just Google. I really wanted to go work at Google.And I did the whole song-and-dance interview there and did not get the job. Best thing that's ever happened to me because the next day a Forrester recruiter called. I didn't know what Forrester was—once again, I was right out of college—I said, “This sounds kind of interesting. I'll check it out.” Seven years later, I was a principal analyst covering, you know, cloud-to-cloud resiliency and backup to the cloud and cloud storage. And that was an amazing start to my career, that really, I'm credited a lot of the things I've learned and done since then on that start at Forrester.Corey: Well, I'll admit this: I was disturbingly far into my 30s before I started to realize what it is that Forrester and its endless brethren did. I'm almost certain you can tell that story better than I can, so what is it that Forrester does? What is its place in the ecosystem?Rachel: Forrester is one of the two or three biggest industry analyst firms. So, the people that work there—the analysts there—are basically paid to be, like, big thinkers and strategists and analysts, right? There's a reason it's called that. And so the way that we spent all of our time was, you know, talking to interesting large, typically enterprise IT, and I was in the infrastructure and operations group, so I was speaking to infrastructure, ops, precursors to DevOps—DevOps wasn't really a thing back in ye olden times, but we're speaking to them and learning their best practices and publishing reports about the technology, the people and the process that they dealt with. And so you know, over a course of a year, I would talk to hundreds of different large enterprises, the infrastructure and ops leaders at everyone from, like, American Express to Johnson & Johnson to Monsanto, learn from them, write research and reports, and also do things like inquiries and speaking engagements and that kind of stuff.So, the idea of industry analysts is that they're neutral, they're objective. You can go to them for advice, and they can tell you, you know, these are the shortlist of vendors you should consider and this is what you should look for in a solution.Corey: I love the idea of what that role is, but it took me a while as a condescending engineer to really wrap my head around it because I viewed it as oh, it's just for a cover your ass exercise so that when a big company makes a decision, they don't get yelled at later, and they said, “Well, it seemed like the right thing to do. You can't blame us.” And that is an overwhelmingly cynical perspective. But the way it was explained to me, it really was put into context—of all things—by way of using the AWS bill as a lens. There's a whole bunch of tools and scripts and whatnot on GitHub that will tell you different things about your AWS environment, and if I run them in my environment, yeah, they work super well.I run them in a client environment and the thing explodes because it's not designed to work at a scale of 10,000 instances in a single availability zone. It's not designed to do backing off so it doesn't exhaust rate limits across the board. It requires a rethinking at that scale. When you're talking about enterprise-scale, a lot of the Twitter zeitgeist, as it were, about what tools work well and what tools don't for various startups, they fail to cross over into the bowels of a regulated entity that has a bunch of other governance and management concerns that don't really apply. So, there's this idea of okay, now that we're a large, going entity with serious revenue behind this, and migrating to any of these things is a substantial lift. What is the right answer? And that is sort of how I see the role of these companies in the ecosystem playing out. Is that directionally correct?Rachel: I would definitely agree that that is directionally correct. And it was the direction that it was going when I was there at Forrester. And by the way, I've been gone from there for, I think, eight-plus years. So, you know, it's definitely evolved it this space—Corey: A lifetime in tech.Rachel: Literally feels like a lifetime. Towards the end of my time there was when we were starting to get briefings from this bookstore company—you might have heard of them—um, Amazon?Corey: Barnes and Noble.Rachel: Yes. And Barnes and Noble. Yes. So, we're starting to get briefings from Amazon, you know, about Amazon Web Services, and S3 had just been introduced. And I got really excited about Netflix and chaos engineering—this was 2012, right?—and so I did a bunch of research on chaos engineering and tried to figure out how it could apply to the enterprises.And I would, like, bring it to Capital One, and they were like, “Ya crazy.” Turns out I think I was just a little bit ahead of my time, and I'm seeing a lot more of the industry analysts now today looking at like, “Okay, well, yeah, what is Uber doing? Like, what is Netflix doing?” And figure out how that can translate to the enterprise. And it's not a one-to-one, right, just because the people and the structures and the process is so different, so the technology can't just, like, make the leap on its own. But yes, I would definitely agree with that, but it hasn't necessarily always been that way.Corey: Oh, yeah. Like, these days, we're seeing serverless adoption on some levels being driven by enterprises. I mean, Liberty Mutual is doing stuff there that is really at the avant-garde that startups are learning from. It's really neat to see that being turned on its head because you always see these big enterprises saying, “We're like a startup,” but you never see a startup saying, “We're like a big enterprise.” Because that's evocative of something that isn't generally compelling.“Well, what does that mean, exactly? You take forever to do expense reports, and then you get super finicky about it, and you have so much bureaucracy?” No, no, no, it's, “Now, that we're process bound, it's that we understand data sovereignty and things like that.” But you didn't stay there forever. You at some point decided, okay, talking to people who are working in this industry is all well and good, but time for you to go work in that industry yourself. And you went to, I believe, NetApp by way of Riverbed.Rachel: Yes, yeah. So, I left Forrester and I went over to Riverbed to work on their cloud storage solution as a product marketing. And I had an amazing six months at Riverbed, but I happened to join, unfortunately, right around the time they were being taken private, and they ended up divesting their storage product line off to NetApp. And they divested some of their other product lines to some other companies as part of the whole deal going private. So, it was a short stint at Riverbed, although I've met some people that I've stayed in touch with and are still my friends, you know, many years later.And so, yeah, ended up over at NetApp. And it wasn't necessarily what I had initially planned for, but it was a really fun opportunity to take a cloud-integrated storage product—so it was an appliance that people put in their data centers; you could send backups to it, and it shipped those backups on the back end to S3 and then to Glacier when that came out—trying to make that successful in a company that was really not overly associated with cloud. That was a really fun process and a fun journey. And now I look at NetApp and where they are today, and they've acquired Spot and they've acquired CloudCheckr, and they're, like, really going all-in in public cloud. And I like to think, like, “Hey, I was in the early days of that.” But yeah, so that was an interesting time in my life for multiple reasons.Corey: Yeah, Spot was a fascinating product, and I was surprised to see it go to NetApp. It was one of those acquisitions that didn't make a whole lot of sense to me at the time. NetApp has always been one of those companies I hold in relatively high regard. Back when I was coming up in the industry, a bit before the 2012s or so, it was routinely ranked as the number one tech employer on a whole bunch of surveys. And I don't think these were the kinds of surveys you can just buy your way to the top of.People who worked there seemed genuinely happy, the technology was fantastic, and it was, for example, the one use case in which I would run a database where its data store lived on a network file system. I kept whining at the EFS people over at AWS for years that well, EFS is great and all but it's no NetApp. Then they released NetApps on tap on FSX as a first-party service, in which case, okay, thank you. You have now solved every last reservation I have around this. Onward.And I still hold the system in high regard. But it has, on some level, seen an erosion. We're no longer in a world where I am hurling big money—or medium money by enterprise standards—off to NetApp for their filers. It instead is something that the cloud providers are providing, and last time I checked, no matter how much I spend on AWS they wouldn't let me shove a NetApp filer into us-east-1 without asking some very uncomfortable questions.Rachel: Yeah. The whole storage industry is changing really quickly, and more of the traditional on-premises storage vendors have needed to adapt or… not, you know, be very successful. I think that NetApp's done a nice job of adapting in recent years. But I'd been in storage and backup for my entire career at that point, and I was like, I need to get out. I'm done with storage. I'm done with backup. I'm done with disaster recovery. I had that time; I want to go try something totally new.And that was how I ended up leaving NetApp and joining CloudHealth. Because I'd never really done the startup thing. I done a medium-sized company at Riverbed; I'd done a pretty big company at NetApp. I've always been an entrepreneur at heart. I started my first business on the playground in second grade, and it was reselling sticks of gum. Like, I would go use my allowance to buy a big pack of gum, and then I sold the sticks individually for ten cents apiece, making a killer margin. And it was a subscription, actually. [laugh].Corey: Administrations generally—at least public schools—generally tend to turn a—have a dim view of those things, as I recall from my misspent youth.Rachel: Yeah. I was shut down pretty quickly, but it was a brilliant business model. It was—so you had to join the club to even be able to buy into getting the sticks of gum. I was, you know, all over the subscription business [laugh] back then.Corey: And area I want to explore here is you mentioned that you double-majored. One of those majors was computer science—art history was sort of set aside for the moment, it doesn't really align with either direction here—then you served as a research associate turned analyst, and then you went into product marketing, which is an interesting direction to go in. Why'd you do it?Rachel: You know, product marketing and industry analysts are there's a lot of synergy; there's a lot of things that are in common between those two. And in fact, when you see people moving back and forth from the analyst world to the vendor side, a lot of the time it is to product marketing or product management. I mean, product marketing, our whole job is to take really complex technical concepts and relate them back to business concepts and make them make sense of the broader world and tell a narrative around it. That's a lot of what an analyst is doing too. So, you know, analysts are writing, they're giving public talks, they're coming up with big ideas; that's what a great product marketer is doing also.So, for me, that shift was actually very natural. And by the way, like, when I graduated from school, I knew I was never going to code for a living. I had learned all I was going to learn and I knew it wasn't for me. Huge props, like, you know, all the people that do code for a living, I knew I couldn't do it. I wasn't cut out for it.Corey: I found somewhat similar discoveries on my own journey. I can configure things for a living, it's fun, but I still need to work with people, past a certain point. I know I've talked about this before on some of these shows, but for me, when starting out independently, I sort of assumed at some level, I was going to shut it down, and well, and then I'll go back to being an SRE or managing an ops team. And it was only somewhat recently that I had the revelation that if everything that I'm building here collapses out from under me or gets acquired or whatnot and I have to go get a real job again, I'll almost certainly be doing something in the marketing space as opposed to the engineering space. And that was an interesting adjustment to my self-image as I went through it.Because I've built everything that I've been doing up until this point, aligned at… a certain level of technical delivery and building things as an engineer, admittedly a mediocre one. And it took me a fair bit of time to get, I guess, over the idea of myself in that context of, “Wow, you're not really an engineer. Are you a tech worker?” Kind of. And I sort of find myself existing in the in-between spaces.Did you have similar reticence when you went down the marketing path or was it something that you had, I guess, a more mature view of it [laugh] than I did and said, “Yeah, I see the value immediately,” whereas I had to basically be dragged there kicking and screaming?Rachel: Well, first of all, Corey, congratulations for coming to terms with the fact that you are a marketer. I saw it in you from the minute I met you, and I think I've known you since before you were famous. That's my claim to fame is that I knew you before you were famous. But for me personally, no, I didn't actually have that stigma. But that does exist in this industry.I mean, I think people are—think they look down on marketing as kind of like ugh, you know, “The product sells itself. The product markets itself. We don't need that.” But when you're on the inside, you know you can have an amazing product and if you don't position it well and if you don't message it well, it's never going to succeed.Corey: Our consulting [sub-projects 00:14:31] are basically if you bring us in, you will turn a profit on the engaging. We are selling what basically [unintelligible 00:14:37] money. It is one of the easiest ROI calculations. And it still requires a significant amount of work on positioning even on the sales process alone. There's no such thing as an easy enterprise sale.And you're right, in fact, I think the first time we met, I was still running a DevOps team at a company and I was deploying the product that you were doing marketing for. And that was quite the experience. Honestly, it was one of the—please don't take this the wrong way at all—but you were at CloudHealth at the time and the entire point was that it was effectively positioned in such a way of, right, this winds up solving a lot of the problems that we have in the AWS bill. And looking at how some of those things were working, it was this is an annoying, obnoxious problem that I wish I could pay to make someone else's problem, just to make it go away. Well, that indirectly led to exactly where we are now.And it's really been an interesting ride, just seeing how that whole thing has evolved. How did you wind up finding yourself at CloudHealth? Because after VMware, you said it was time to go to a startup. And it's interesting because I look at where you've been now, and CloudHealth itself gets dwarfed by VMware, which is sort of the exact opposite of a startup, due to the acquisition. But CloudHealth was independent for years while you were there.Rachel: Yeah, it was. I was at CloudHealth for about three-plus years before we were acquired. You know, how did I end up there? It's… it's all hazy. I was looking at a lot of startups, I was looking for, like, you know, a Series B company, about 50 people, I wanted something in the public cloud space, but not storage—if I could get away from storage that was the dream—and I met the folks from CloudHealth, and obviously, I hadn't heard about—I didn't know about cloud cost management or cloud governance or FinOps, like, none of those were things back then, but I was I just was really attracted to the vision of the founders.The founders were, you know, Joe Kinsella and Dan Phillips and Dave Eicher, and I was like, “Hey, they've built startups before. They've got a great idea.” Joe had felt this pain when he was a customer of AWS in the early days, and so I was like—Corey: As have we all.Rachel: Right?Corey: I don't think you'll find anyone in this space who hasn't been a customer in that situation and realized just how painful and maddening the whole space is.Rachel: Exactly, yeah. And he was an early customer back in, I think, 2014, 2015. So yeah, I met the team, I really believed in their vision, and I jumped in. And it was really amazing journey, and I got to build a pretty big team over time. By the time we were acquired a couple of years later, I think we were maybe three or 400 people. And actually, fun story. We were acquired the same week my son was born, so that was an exciting experience. A lot of change happened in my life all at once.But during the time there, I got to, you know, work with some really, really cool large cloud-scale organizations. And that was during that time that I started to learn more about Kubernetes and Mesos at the time, and started on the journey that led me to where I am now. But that was one of the happiest accidents, similar to the happy accident of, like, how did I end up at Forrester? Well, I didn't get the job at Google. [laugh]. How did I end up at CloudHealth? I got connected with the founders and their story was really inspiring.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: It's amusing to me the idea that, oh, you're at NetApp if you want to go do something that is absolutely not storage. Great. So, you go work at CloudHealth. You're like, “All right. Things are great.” Now, to take a big sip of scalding hot coffee and see just how big AWS billing data could possibly be. Yeah, oops, you're a storage company all over again.Some of our, honestly, our largest bills these days are RDS, Athena, and of course, S3 for all of the bills storage we wind up doing for our customers. And it is… it is not small. And that has become sort of an eye-opener for me just the fact that this is, on some level, a big data problem.Rachel: Yeah.Corey: And how do you wind up even understanding all the data that lives in just the outputs of the billing system? Which I feel is sort of a good setup for the next question of after the acquisition, you stayed at VMware for a while and then matriculated out to where you are now where you're the Head of Product and Technical Marketing at Chronosphere, which is in the observability space. How did you get there from cloud bills?Rachel: Yeah. So, it all makes sense when I piece it together in my mind. So, when I was at CloudHealth, one of the big, big pain points I was seeing from a lot of our customers was the growth in their monitoring bills. Like, they would be like, “Okay, thanks. You helped us, you know, with our EC2 reservations, and we did right-sizing, and you help with this. But, like, can you help with our Datadog bill? Like, can you help with our New Relic bill?”And that was becoming the next biggest line item for them. And in some cases, they were spending more on monitoring and APM and like, what we now call some things observability, they were spending more on that than they were on their public cloud, which is just bananas. So, I would see them making really kind of bizarre and sometimes they'd have to make choices that were really not the best choices. Like, “I guess we're not going to monitor the lab anymore. We're just going to uninstall the agents because we can't pay this anymore.”Corey: Going down from full observability into sampling. I remember that. The New Relic shuffle is what I believe we call it at the time. Let's be clear, they have since fixed a lot of their pricing challenges, but it was the idea of great suddenly we're doing a lot more staging environments, and they come knocking asking for more money but it's a—I don't need that level of visibility in the pre-prod environments, I guess. I hate doing it that way because then you have a divergence between pre-prod and actual prod. But it was economically just a challenge. Yeah, because again, when it comes to cloud, architecture and cost are really one and the same.Rachel: Exactly. And it's not so much that, like—sure, you know, you can fix the pricing model, but there's still the underlying issue of it's not black and white, right? My pre-prod data is not the same value as my prod data, so I shouldn't have to treat it the same way, shouldn't have to pay for it the same way. So, seeing that trend on the one hand, and then, on the other hand, 2017, 2018, I started working on the container cost allocation products at CloudHealth, and we were—you know, this was even before that, maybe 2017, we were arguing about, like, Mesos and Kubernetes and which one was going to be, and I got kind of—got very interested in that world.And so once again, as I was getting to the point where I was ready to leave CloudHealth, I was like, okay, there's two key things I'm seeing in the market. One is people need a change in their monitoring and observability; what they're doing now isn't working. And two, cloud-native is coming up, coming fast, and it's going to really disrupt this market. So, I went looking for someone that was at the intersection of the two. And that's when I met the team at Chronosphere, and just immediately hit it off with the founders in a similar way to where I hit it off with the founders that CloudHealth. At Chronosphere, the founders had felt pain—Corey: Team is so important in these things.Rachel: It's really the only thing to me. Like, you spend so much time at work. You need to love who you work with. You need to love your—not love them, but, you know, you need to work with people that you enjoy working with and people that you learn from.Corey: You don't have to love all your coworkers, and at best you can get away with just being civil with them, but it's so much nicer when you can have a productive, working relationship. And that is very far from we're going to go hang out, have beers after work because that leads to a monoculture. But the ability to really enjoy the people that you work with is so important and I wish that more folks paid attention to that.Rachel: Yeah, that's so important to me. And so I met the team, the team was fantastic, just incredibly smart and dedicated people. And then the technology, it makes sense. We like to joke that we're not just taking the box—the observability box—and writing Kubernetes in Crayon on the outside. It was built from the ground up for cloud-native, right?So, it's built for this speed, containers coming and going all the time, for the scale, just how much more metrics and observability data that containers emit, the interdependencies between all of your microservices and your containers, like, all of that stuff. When you combine it makes the older… let's call them legacy. It's crazy to call, like, some of these SaaS solutions legacy but they really are; they weren't built for cloud-native, they were built for VMs and a more traditional cloud infrastructure, and they're starting to fall over. So, that's how I got involved. It's actually, as we record, it's my one-year anniversary at Chronosphere. Which is, it's been a really wild year. We've grown a lot.Corey: Congratulations. I usually celebrate those by having a surprise meeting with my boss and someone I've never met before from HR. They don't offer your coffee. They have the manila envelope of doom in front of them and hold on, it's going to be a wild meeting. But on the plus side, you get to leave work early today.Rachel: So, good thing you run in your own business now, Corey.Corey: Yeah, it's way harder for me to wind up getting surprise-fired. I see it coming [laugh]—Rachel: [laugh].Corey: —aways away now, and it looks like an economic industry trend.Rachel: [sigh]. Oh, man. Well, anyhow.Corey: Selfishly, I have to ask. You spent a lot of time working in cloud cost, to a point where I learned an awful lot from you as I was exploring the space and learning as I went. And, on some level, for me at least, it's become an aspect of my identity, for better or worse. What was it like for you to leave and go into an orthogonal space? And sure, there's significant overlap, but it's a very different problem aimed at different buyers, and honestly, I think it is a more exciting problem that you are in now, from a business strategic perspective because there's a limited amount of what you can cut off that goes up theoretically to a hundred percent of the cloud bill. But getting better observability means you can accelerate your feature velocity and that turns into something rather significant rather quickly. But what was it like?Rachel: It's uncomfortable, for sure. And I tend to do this to myself. I get a little bit itchy the same way I wanted to get out of storage. It's not because there's anything wrong with storage; I just wanted to go try something different. I tend to, I guess, do this to myself every five years ago, I make a slightly orthogonal switch in the space that I'm in.And I think it's because I love learning something new. The jumping into something new and having the fresh eyes is so terrifying, but it's also really fun. And so it was really hard to leave cloud cost management. I mean, I got to Chronosphere and I was like, “Show me the cloud bill.” And I was like, “Do we have Reserved Instances?” Like, “Are we doing Committed Use Discounts with Google?”I just needed to know. And then that helped. Okay, I got a look at the cloud bill. I felt a little better. I made a few optimizations and then I got back to my actual job which was, you know, running product marketing for Chronosphere. And I still love to jump in and just make just a little recommendation here and there. Like, “Oh, I noticed the costs are creeping up on this. Did we consider this?”Corey: Oh, I still get a kick out of that where I was talking to an Amazonian whose side project was 110 bucks a month, and he's like, yeah, I don't think you could do much over here. It's like, “Mmm, I'll bet you a drink I can.”—Rachel: Challenge accepted.Corey: —it's like, “All right. You're on.” Cut it to 40 bucks. And he's like, “How did you do that?” It's because I know what I'm doing and this pattern repeats.And it's, are the architectural misconfigurations bounded by contacts that turn into so much. And I still maintain that I can look at the AWS bill for most environments for last month and have a pretty good idea, based upon nothing other than that, what's going on in the environment. It turns out that maybe that's a relatively crappy observability system when all is said and done, but it tells an awful lot. I can definitely see the appeal of wanting to get away from purely cost-driven or cost-side information and into things that give a lot more context into how things are behaving, how they're performing. I think there's been something of an industry rebrand away from monitoring, alerting, and trending over time to calling it observability.And I know that people are going to have angry opinions about that—and it's imperative that you not email me—but it all is getting down to the same thing of is my site up or down? Or in larger distributed systems, how down is it? And I still think we're learning an awful lot. I cringe at the early days of Nagios when that was what I was depending upon to tell me whether my site was up or not. And oh, yeah, turns out that when the Nagios server goes down, you have some other problems you need to think about. It became this iterative, piling up on and piling up on and piling up on until you can get sort of good at it.But the entire ecosystem around understanding what's going on in your application has just exploded since the last time I was really running production sites of any scale, in anger. So, it really would be a different world today.Rachel: It's changing so fast and that's part of what makes it really exciting. And the other big thing that I love about this is, like, this is a must-have. This is not table stakes. This is not optional. Like, a great observability solution is the difference between conquering a market or being overrun.If you look at what our founders—our founders at Chronosphere came from Uber, right? They ran the observability team at Uber. And they truly believe—and I believe them, too—that this was a competitive advantage for them. The fact that you could go to Uber and it's always up and it's always running and you know you're not going to have an issue, that became an advantage to them that helped them conquer new markets. We do the same thing for our customers. Corey: The entire idea around how these things are talked about in terms of downtime and the rest is just sort of ludicrous, on some level, because we take specific cases as industry truths. Like, I still remember, when Amazon was down one day when I was trying to buy a pair of underwear. And by that theory, it was—great, I hit a 404 page and a picture of a dog. Well, according to a lot of these industry truisms, then, well, one day a week for that entire rotation of underpants, I should have just been not wearing any. But no here in reality, I went back an hour later and bought underpants.Now, counterpoint: If every third time I wound up trying to check out at Amazon, I wound up hitting that error page, I would spend a lot more money at Target. There is a point at which repeated downtime comes at a cost. But one-offs for some businesses are just fine. Counterpoint with if Uber is down when you're trying to get a ride, well, that ride [unintelligible 00:28:36] may very well be lost for them and there is a definitive cost. No one's going to go back and click on an ad as well, for example, and Amazon is increasingly an advertising company.So, there's a lot of nuance to it. I think we can generally say that across the board, in most cases, downtime bad. But as far as how much that is and what form that looks like and what impact that has on your company, it really becomes situationally dependent.Rachel: I'm just going to gloss over the fact that you buy your underwear on Amazon and really not make any commentary on that. But I mean—Corey: They sell everything there. And the problem, of course, is the crappy counterfeit underwear under the Amazon Basics brand that they ripped off from the good underwear brands. But that's a whole ‘nother kettle of wax for a different podcast.Rachel: Yep. Once again, not making any commentary on your—on that. Sorry, I lost my train of thought. I work in my dining room. My husband, my dog are all just—welcome to pandemic life here.Corey: No, it's fair. They live there. We don't, as a general rule.Rachel: [laugh]. Very true. Yeah. You're not usually in my dining room, all of you but—oh, so uptime downtime, also not such a simple conversation, right? It's not like all of Amazon is down or all of DoorDash is down. It might just be one individual service or one individual region or something that is—Corey: One service in one subset of one availability zone. And this is the problem. People complain about the Amazon status page, but if every time something was down, it reflected there, you'd see a never ending sea of red, and that would absolutely erode confidence in the platform. Counterpoint when things are down for you and it's not red. It's maddening. And there's no good answer.Rachel: No. There's no good answer. There's no good answer. And the [laugh] yeah, the Amazon status page. And this is something I—bringing me back to my Forrester days, availability and resiliency in the cloud was one of the areas I focused on.And, you know, this was once again, early days of public cloud, but remember when Netflix went down on Christmas Eve, and—God, what year was this? Maybe… 2012, and that was the worst possible time they could have had downtime because so many people are with their families watching their Doctor Who Christmas Specials, which is what I was trying to watch at the time.Corey: Yeah, now you can't watch it. You have to actually talk to those people, and none of us can stand them. And oh, dear Lord, yeah—Rachel: What a nightmare.Corey: —brutal for the family dynamic. Observability is one of those things as well that unlike you know, the AWS bill, it's very easy to explain to people who are not deep in the space where it's, “Oh, great. Okay. So, you have a website. It goes well. Then you want—it gets slow, so you put it on two computers. Great. Now, it puts on five computers. Now, it's on 100 computers, half on the East Coast, half on the West Coast. Two of those computers are down. How do you tell?”And it turns in—like, they start to understand the idea of understanding what's going on in a complex system. “All right, how many people work at your company?” “2000,” “Great. Three laptops are broken. How do you figure out which ones are broken?” If you're one of the people with a broken laptop, how do you figure out whether it's your laptop or the entire system? And it lends itself really well to analogies, whereas if I'm not careful when I describe what I do, people think I can get them a better deal on underpants. No, not that kind of Amazon bill. I'm sorry.Rachel: [laugh]. Yeah, or they started to think that you're some kind of accountant or a tax advisor, but.Corey: Which I prefer, as opposed to people at neighborhood block parties thinking that I'm the computer guy because then it's, “Oh, I'm having trouble with the printer.” It's, “Great. Have you tried [laugh] throwing away and buying a new one? That's what I do.”Rachel: This is a huge problem I have in my life of everyone thinking I'm going to fix all of their computer and cloud things. And I come from a big tech family. My whole family is in tech, yet somehow I'm the one at family gatherings doing, “Did you turn it off and turn it back on again?” Like, somehow that's become my job.Corey: People get really annoyed when you say that and even more annoyed when it fixes the problem.Rachel: Usually does. So, the thread I wanted to pick back up on though before I got distracted by my husband and dog wandering around—at least my son is not in the room with us because he'd have a lot to say—is that the standard industry definition of observability—so once again, people are going to write to us, I'm sure; they can write to me, not you, Corey, about observability, it's just the latest buzzword. It's just monitoring, or you know—Corey: It's hipster monitoring.Rachel: Hipster monitoring. That's what you like to call it. I don't really care what we call it. The important thing is it gets us through three phases, right? The first is knowing that something is wrong. If you don't know what's wrong, how are you supposed to ever go fix it, right? So, you need to know that those three laptops are broken.The next thing is you need to know how bad is it? Like, if those three laptops are broken is the CEO, the COO, and the CRO, that's real bad. If it's three, you know, random peons in marketing, maybe not so bad. So, you need to triage, you need to understand roughly, like, the order of magnitude of it, and then you need to fix it. [laugh].Once you fix it, you can go back and then say, all right, what was the root cause of this? How do we make sure this doesn't happen again? So, the way you go through that cycle, you're going to use metrics, you might use logs, you might use traces, but that's not the definition of observability. Observability is all about getting through that, know, then triage, then fix it, then understand.Corey: I really want to thank you for taking the time to speak with me today. If people do want to learn more, give you their unfiltered opinions, where's the best place to find you?Rachel: Well, you can find me on Twitter, I'm @RachelDines. You can also email me, email@example.com. I hope I don't regret giving out that email address. That's a good way you can come and argue with me about what is observability. I will not be giving advice on cloud bills. For that, you should go to Corey. But yeah, that's a good way to get in touch.Corey: Thank you so much for your time. I really appreciate it.Rachel: Yeah, thank you.Corey: Rachel Dines, Head of Product and Technical Marketing at Chronosphere. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, and castigate me with an angry comment telling me that I really should have followed the thread between the obvious link between art history and AWS billing, which is almost certainly a more disturbing Caravaggio.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
Today on the iMore Show, Karen, Luke, and Stephen talk about all the new Apple products that just launched today! Plus, they take you on a tour of their iPad Home screens. Links: iPad Air 5 review: Pro performance without the price tag | iMore Kuo: Apple's iPhone 14 won't get a new chip but the Pro models will use A16 | iMore Rumor: September Mac Pro to feature two connected M1 Ultra chips | iMore New claimed iPhone 14 Pro CAD renders reveal design we weren't expecting | iMore iPhone 14 to lose the notch, features titanium design, says Jon Prosser | iMore Don't expect a new Mac mini redesign in 2023, says Ming-Chi Kuo | iMore Kuo: New Mac Pro, iMac Pro, and Mac mini all delayed until 2023 | iMore Apple's new Studio Display met with mixed reviews | iMore Mac Studio reviews, unboxings have arrived! | iMore Sponsors: Capital One: Machine learning at Capital One. Capital One. What's in your wallet? Hosts: Karen Freeman Luke Filipowicz Stephen Warwick
Episode 134 is all about how to market yourself featuring Emmelie De La Cruz of One Day CMO!Emmelie De La Cruz is an entrepreneur, author and trainer with one goal: rescue overworked founders from being held hostage by their marketing. After a decade in Corporate America working for top tech and consumer brands, she developed her One Day CMO Intensive to train CEOs and their teams on building intentional marketing strategies and workflows.Her unapologetic approach to life and business have earned her a highly engaged following on social media, features across top publications like Forbes, and the opportunity to work with brands like Staples, Dropbox, Capital One, Black Enterprise, and Coca-Cola.She's also the host of the Sanity and Success Podcast, the business and personal development podcast that will teach you how to preserve your peace while chasing your definition of success.You can connect with her across social media: @emmeliedelacruz.For full episode show notes, click here.The conversation we had with Emmelie gave us SO