Podcasts about xdr

What if the reason so many of us are struggling right now isn't a lack of success… but a lack of connection to something deeper?Dr. Lisa Miller is a clinical psychologist, professor at Columbia University, and author of The Awakened Brain, and her research challenges something many of us have been taught to overlook: that spirituality isn't optional, and it isn't just religion… it's a core part of how we're wired. Her journey began at 26, on an inpatient psychiatric unit, where she watched the best available treatments fall short for people in their darkest moments. When the unit had no clergy for Yom Kippur, she showed up with her grandmother's prayer book and led a service in the back hall… and watched patients who had been despairing for months sit up, brighten, and begin to heal. That day set her on a 30-year scientific quest.What she found reframes how we think about mental health. Buried in the back of large national data sets was a single question: how personally important is spirituality or religion to you? When Dr. Miller ran the numbers, a strong personal spirituality, with or without religion, turned out to be 80% protective against addiction and 82% protective against completed suicide — more protective against the diseases of despair than anything else known to the clinical sciences. Twin studies show this capacity is one-third innate and two-thirds environmentally formed, which means every one of us is born with it, and every one of us can strengthen it. Her MRI research, published in JAMA Psychiatry, found that a sustained spiritual life builds cortical thickness across the regions of the awakened brain, protecting against the recurrence of depression.In this conversation with Dr. Michael Gervais, Lisa walks through the difference between achieving awareness and awakened awareness, the three neural circuits behind feeling loved, guided, and never alone, and how parents and leaders can put this science to work. Mike opens up about his own path… the early pull he felt toward a spiritual life, the pendulum swing toward achievement, and the hypocrisy he witnessed as a teenager that nearly cost him his connection to what Lisa calls the flame.In this conversation, we explore:Why spirituality is an inborn capacity, not a beliefThe single research finding that reframes how we think about mental healthThe difference between the achieving brain and the awakened brainThe three neural circuits behind feeling loved, guided, and never aloneWhy a sustained spiritual life physically strengthens the brainHow parents can support a child's natural spiritual awarenessWhy 90% of leaders made the most important decision of their lives through an awakened form of knowingHow to heal from spiritual injury when a bad messenger breaks your trustIf you've ever felt successful on paper but disconnected in your life, this conversation offers a science-backed way back to something deeper.Links & ResourcesThis episode is brought to you in part by our partner, Sunlighten, the company that has pioneered infrared sauna technology. Go to https://findingmastery.com/sunlighten to see how you can save up to $2,100 on their mPulse Intelligent Sauna.Subscribe to our Youtube Channel for more conversations at the intersection of high performance, leadership, and wellbeing: https://www.youtube.com/c/FindingMasteryGet exclusive discounts and support our amazing sponsors!Go to: https://findingmastery.com/sponsors/Subscribe to the Finding Mastery newsletter for weekly high performance insights: https://www.findingmastery.com/newsletterDownload Dr. Mike's Morning Mindset Routine: findingmastery.com/morningmindsetFollow on YouTube, Instagram, LinkedIn, and XDr. Lisa Miller's Books: The Awakened Brain and The Spiritual ChildSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

In this episode, Raghu Nandakumara sits down with two heavyweights in cybersecurity: Dr. Anton Chuvakin (Google Cloud) and Erik Bloch (Illumio), for a candid, often funny, and occasionally sobering look at why detection and response keeps fighting the same battles it was fighting 20 years ago. From the birth of SIEM and the coining of "EDR," to the short-lived reign of XDR, to today's AI hype cycle, Anton and Erik trace the full arc of the industry's evolution and interrogate why, despite decades of tooling investment, the fundamental outcomes haven't changed.  Alert fatigue, signal-to-noise ratios, and the needle-in-the-haystack problem remain as stubborn as ever –and the slides security teams are building in 2025 look suspiciously like the ones from 2003. Raghu, Anton, and Erik discuss: Why the SOC still largely runs on a 1990s operating model and what it would actually take to change that How compliance pulled SIEM away from detection for over a decade and why that hangover still lingers Why a handful of engineering-led organizations (Google, Netflix, a European bank) have cracked the code while nearly everyone else keeps applying band-aids The pharmaceutical industry analogy that explains why security startups keep building band-aids instead of solving root causes What MDRs are doing right and why enterprise SOCs have no incentive to learn from them Why AI is accelerating tooling but, for some organizations, actually slowing down the harder transformation work How securing AI is repeating the exact same mistakes made in the early days of cloud Stay connected with our host Raghu on LinkedIn For more information about Illumio, check out our website at illumio.com

Basic cyber hygiene — patch management, password management, and MFA — is responsible for stopping roughly 90% of the ransomware attacks that could hit your organization. This episode is the overview: what those three things are, why they matter, and what happens when you skip them.WannaCry infected over 200,000 systems worldwide. A patch existed. People just hadn't applied it. Rackspace lost an entire business line — not because the attack was sophisticated, but because a workaround gave them false confidence and they delayed a critical patch. These aren't edge cases. They're the rule.Dr. Mike Saylor (Black Swan Cybersecurity) and Prasanna Malaiyandi join me to walk through the three pillars of basic cyber hygiene. We cover patch management first — and before you can even patch, you have to know what you have. Inventory is the starting point. Then we get into passwords: why reusing them is a numbers game the bad guys always win, and why a password manager isn't optional anymore. Finally, MFA — what it is, which forms are actually worth using, and why "remember this device" is quietly defeating the whole point.This is an overview episode. We're going deeper on each pillar in three follow-up episodes. But if you're not doing these three things today, stop reading this and go do them. There's no point talking about EDR, XDR, or any other three-letter security product if you haven't nailed the basics first. It's like researching a Roth IRA when you don't have a savings account.Chapters:0:00 Intro0:59 Welcome & Introductions4:20 WannaCry: The Patch That Would Have Saved 200,000 Systems7:33 Rackspace: When a Workaround Isn't Enough12:12 Defining Basic Cyber Hygiene14:53 Why These Three Things Stop 90% of Ransomware17:54 Pillar 1: Patch Management23:55 Pillar 2: Password Management31:55 Pillar 3: MFA & Passkeys37:34 Wrap-Up & What's Next

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-448

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Show Notes: https://securityweekly.com/bsw-448

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-448

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Show Notes: https://securityweekly.com/bsw-448

This episode is brought to you by the iTnews State of Security 2026 report. Featuring insights from CISOs and senior security leaders across Australia, the report explores the key trends and challenges shaping cyber security this year - from AI governance and identity security to Zero Trust, XDR and cyber resilience. Download your copy today to benchmark your organisation's security strategy against the rest of the industry. Thanks to our 2026 State of Security partners - Sumo Logic, Saviynt, Virtual IT Group, CoreView, Brennan and Rubrik - for supporting this year's report. Visit iTnews.com.au and search “State of Security 2026” to download the report now.Hello and welcome to the iTnews Podcast.Our guest this fortnight is Australia Post's Executive General Manager of Enterprise Services Michael McNamara.Join us as we unpack Australia Post's target state architecture and the progress of technology initiatives within the broader Post 26 strategy.We also explore the structure of Enterprise Services - how teams are organised and what it looks for in the organisations it partners with.

Joel Abramson, managing partner at Top Down Ventures Today’s In The Channel episode lands on the same morning that Vancouver-based Top Down Ventures announces the close of Founders Fund I at C$38 million – oversubscribed against an original target of US$25 million, and positioned as the first institutional venture fund focused exclusively on early-stage software and AI for the managed service provider ecosystem. Managing partner Joel Abramson joined the show to walk through the fund’s thesis and what it means for the channel. Abramson co-founded and led Fully Managed through more than a dozen acquisitions before its $137 million acquisition by Telus Business Solutions in 2021. He joins general partners Chris Day (founder of IT Glue and ScalePad) and Mark Scott (founder of N-able) at Top Down – three operators who between them have spent about 75 years building and scaling companies inside the MSP ecosystem. The fund’s first exit – zofiQ to ConnectWise, which closed in January 2026 – returned 5.3 times the invested capital in roughly six months. Abramson describes it as a case study in what Top Down looks for: founders solving singular problems with exceptional depth, validated by real MSP operators rather than generalist investors. The macro thesis is equally compelling. The global IT services market is projected to grow from $600 billion to over $1 trillion by 2030. And in 2026, SMB IT spend is on track to outpace enterprise IT spend for the first time ever – a shift Abramson contrasts with what he calls the “SaaSpocalypse” in enterprise, where headcount reductions are translating directly into fewer SaaS licenses. The fund’s LP base of more than 100 MSP operators – including Pax8 – acts as a flywheel for validating investments, sourcing design partners, and connecting portfolio companies with the customers best positioned to stress-test what they’re building. Find Top Down Ventures, including their newsletter and annual research report, at topdown.com. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last sixteen years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If you caught The Buzz this morning – and you really should have – you already know the headline. Vancouver-based Top Down Ventures has closed Founders Fund I at $38 million Canadian, oversubscribed, as the first institutional venture fund focused exclusively on early-stage software and AI for the managed service provider ecosystem. The story behind it, though, is rich. Top Down was founded with three partners with deep roots in the Canadian channel community: Chris Day of IT Glue and ScalePad, Mark Scott who founded N-able, and today’s guest, Joel Abramson, who ran Fully Managed through more than a dozen acquisitions before its $137 million sale to Telus Business Solutions in 2021. The fund already has its first exit in the books. zofiQ, an agentic AI platform for MSP service desks that ConnectWise acquired just six months after Top Down’s investment, at 5.3 times the invested capital. Joel joined me this morning to talk about why MSP software needs its own dedicated venture fund, what the first exit tells us about where agentic AI is headed, and one market shift that has the team genuinely excited about the decade ahead. Let’s get right into it. My chat with Joel Abramson. Joel, thanks for taking the time. I appreciate it. Joel Abramson: Great to be here, Rob. Robert Dutt: I wanted to start with the origin story here. I think it’s an interesting one in that you had a big role in building and running Fully Managed through a dozen or so acquisitions, then sold – instead of going off and retiring on a boat somewhere or that sort of thing, you ended up in venture investing in specifically MSP software. Can you walk me through how that happened? How did Top Down come together? Was this something that you sought out or something that Chris Day pulled you into? How did that happen? Joel Abramson: Yeah, well, let’s be clear – I do love being on boats. To tell the origin story, you get to go through a 25-year journey of the MSP ecosystem itself, because there are three general partners: Mark Scott, Chris Day, and myself, Joel Abramson. Our journey dates back to the early 2000s when Mark Scott started N-able, and he was one of the pioneers that really helped value-added resellers and break-fix IT service providers become MSPs. I meet people every time I’m out on the road who have a story about working with N-able – transitioning their revenue model from break-fix to recurring. N-able is a phenomenal company today and I think Mark’s legacy lives on there. Mark started that company and then exited just before the SolarWinds acquisition. Then he went on to start a service provider called CareWorks – an MSP focused on senior care facilities. A really interesting vertical, as well as broad SMB. But I’ll pause his story and focus on Chris, because Chris is founder and chairman and really sets the vision for Top Down. Chris had an MSP as well back in the early 2000s. Eventually that was Fully Managed, and that’s where I joined him. I had a small – much less successful – MSP called Packetsafe Networks, and I rolled my little MSP into Chris’s marquee MSP, Fully Managed, and together we set on this journey. We wanted to bring that company to ten cities with $10 million in revenue in each city and then sell it to a Canadian telco – and it’s not revisionist history, it was actually the goal. But then a couple of years into our shared journey at Fully Managed, Chris got pulled into building software. It was because I’d built a bunch of software for Fully Managed to run on, and he made the mistake – or the fortuitous opportunity – of showing it to his peer group. His peer group was like, “I want to use that.” So he said, “Okay, well, I’ll build it for you.” He started building a documentation platform from the ground up and called it IT Glue, and that was a phenomenal ride for him – taking it from a couple of peer group mates trying it out to selling to Kaseya in 2018 and building a very large company in a relatively short amount of time. Not without a tremendous amount of hard work and grind. He was on the road with pop-up banners signing up logo by logo by logo in the early days, but eventually the movement just took shape and every MSP realized that they needed a documentation platform, and IT Glue took off. So IT Glue exits to Kaseya in 2018. Chris has to make that decision: do I want to golf and travel for the rest of my life, or what brings me joy? And so he actually started Top Down as a way to re-engage back with the MSP community. He had an early portfolio of three companies: Warranty Master, a company he had started with his brother; Backup Radar; and Quoter. Together those three early companies started to grow at their own individual pace. Keep in mind, we’re still running Fully Managed over here – I’m running it for him. Then we ended up putting Fully Managed together with Mark Scott’s MSP, and that’s how the three of us came together. Then yes, we did a number of acquisitions. We grew Fully Managed to be $100 million in revenue. It wasn’t the straight line Chris and I had talked about – ten cities in ten years – but it was maybe seven cities. The bridge version: Telus came in and said they wanted to acquire Canada’s largest MSP, which was Fully Managed at the time. They had done a bunch of research and nine months later we consummated that transaction, at the end of 2021. I’d been working with Chris for a number of years on the early-stage portfolio, because we’d get a couple of calls every month with people saying, “Hey, I’m starting this project, Chris, are you interested in taking a look?” So we started to build this reputation as investors in early-stage MSP software companies. We tried some other stuff – everything from consumer packaged goods (we still have a couple of investments) to starting a country music label, which we’ll save for another time. But we always knew our home, I think, was in the MSP space. After the Fully Managed exit, we decided we wanted to really compound our impact. We had this idea of a venture fund – and maybe I’ll pause there, because I can continue the journey, but we’ll wait and see if you have any questions up to that point. Robert Dutt: Understandable. It’s a wild journey, and it really is back to the heart of the early days of the MSP movement – as you say, from break-fix and VAR models. I guess tell me a little bit about where you’re at now. The fund is positioned as the first institutional VC targeting early-stage software and AI for this ecosystem. Why do you think this space needs a dedicated fund? What does a generalist venture fund miss or get wrong when they’re looking at the space? Joel Abramson: We’ve been doing early-stage investing for a few years – five years. At the same time, Warranty Master became ScalePad, and ScalePad started to gain really, really great momentum. ScalePad brought in a growth equity partner, Integrity Growth Partners, who are just phenomenal folks. They capitalized the business and that grew ScalePad from $10 million to $50 million. They were great partners, great board members, and we watched these guys – we were like, wow, we’ve been through this journey a couple of times. They add a lot of value, and we’re really excited about that relationship. We were doing our thing with the early-stage companies, and so we looked across the ecosystem. We said, there is a ton of capital that’s ready to invest in companies in the MSP ecosystem when they get to a certain scale – that was kind of the scale that ScalePad had gotten to. Then we looked down and said, well, what about the guys that are just starting out? There’s not a ton of support. There’s a ConnectWise pitch contest that grants $60,000 or $70,000 to early-stage companies. And there are early-stage investors – we’ve seen companies like Pax8 and Huntress go through many rounds of financing and they started somewhere. But we saw that the strongest source of capital in the MSP ecosystem was actually coming from angel investors. It was Joe Paniterri and Kevin Blake and Channel Angels, and they had done a number of deals, bringing together really early-stage capital and putting $100,000 into a business fueled from a number of different folks. That’s really, really cool. But where’s all the venture? You look across horizontal software and there are funds of venture that just pour in. In the big markets – the Valley and New York – and then in secondary markets, there are funds focused on those areas. But we saw early-stage MSP software companies as vastly overlooked. So we said, what if we could bring together capital from the MSP ecosystem? Because we’ve made plenty of millionaires just by acquiring them with Fully Managed. You look at how that scales out across the ecosystem: you’ve got Evergreen and Integris and Thrive and all these folks buying up MSPs. The stats are over 200 search funds, family offices, and MSP aggregators buying MSPs right now. That’s generating a lot of wealth for a lot of people. Then you have MSPs that are super profitable and people are making good cash flow. Then you have all the software companies that have exited with similar stories to Chris’s. There’s actually quite a bit of capital that could be put to work back into the ecosystem if we just found a way to harness it and focus it on innovation. We said, instead of doing a couple of deals a year, what if we could make 8 to 10 investments a year by bringing capital together? And then what if we could build a system around that to take everything we’ve learned working with early-stage companies – applying those practices, bringing folks together for design partners, early customers, advice, and partnerships in the MSP ecosystem? So we set out to raise a $25 million venture fund, and we said we were going to focus on educating the MSP ecosystem on what investing in a venture fund looks like, because it’s really just going to fuel innovation for MSPs themselves. Our goal was to have half the fund raised from the MSP community and half from outside – similar to what it was at Fully Managed: let’s tell the world about what a great opportunity exists in MSP. We were super successful in the first bucket. We got really well received by the MSP community. We have over 100 LPs in the fund and we exceeded our target of $25 million. In the second bucket, we still have a lot of work to do. We’re one year into our Outliers podcast, we’ve produced one white paper, and we’ve had hundreds and hundreds of conversations in the institutional community, educating funds of funds and family offices on the opportunity for early-stage MSP software investing. We only got a couple of participants in this fund – which is all right, because it shows the strength of the MSP ecosystem. We still oversubscribed our target. But we’re excited to continue that journey of educating institutional investors for our second fund and beyond. Robert Dutt: You mentioned you’re in at the early stage. Where in the lifecycle do you typically start looking, and what does a target portfolio company look like at the point you’re getting involved? Joel Abramson: I’ve only been doing this for a few years, so I’m still learning some of the language, Rob. But we talk about early stage being right at inception – which is called pre-seed, the first money into a company. Maybe they have an idea of what they want to build, a prototype, a business plan, some people, but they haven’t actually started that path to launch – all the way up to around that first million or million and a half of revenue, where they’d be called a late-seed investment or an early Series A. So maybe it’s the second money in, or in a Series A it could be the third. But really we’re focused on the early stage where we can leverage the strength of our LP base – a lot of strong MSPs – as well as the strength of the community that Top Down works to enable and bring together. That can be for design partners, early customers, folks to help with advice, and then partnerships in the MSP ecosystem. Maybe a company is working with ScalePad to solve a problem and ScalePad can help by bringing that product to its customer base. It’s really about building the things that matter most to MSPs. And that’s why I think we love this ecosystem so much – it’s a partnership of vendors and service providers. If we look forward to how AI is going to impact things, you have small and medium businesses at the frontline – all the enablement use cases there, all the cybersecurity use cases. Then you have the service provider layer, which is MSPs helping them with all those things. Then you have a middle layer of supply chain software like the companies we invest in. And on top of that, you have the hyperscalers, the cloud companies, the frontier companies. That four-tiered system really matters, because without the innovation from Microsoft and Anthropic, the macro doesn’t move forward. But very rarely is it going to go straight from there into frontline workers’ hands. The two layers in between – the layer we invest in, and the MSPs themselves – are really what’s helping bring the value from the top to the end market. We think it’s an incredibly resilient ecosystem. We think there’s nobody better positioned to help with AI transformation than MSPs. And that layer between the frontier companies and the hyperscalers and the MSPs is really important – that’s where innovation happens on their behalf, and that’s the kind of companies we’re investing in. Robert Dutt: One example of that would be zofiQ, which I think was your first exit – and some pretty startling numbers there: a six-month turnaround, selling to ConnectWise, bringing back more than 5x what you put in. What did you see in that company that made you say “we’re in,” and what did the ConnectWise acquisition tell you about the market for PSA and agentic AI and where that’s all headed? Joel Abramson: It starts with Lee and his team. We get the fortunate opportunity to look at a lot of things that are being built and we’re still learning, trying to keep pace. As the last couple of years have played out, we’ve been students of what people are building and how they’re looking at solving problems, armed with the knowledge of the last 25 years of the ecosystem. When we met Lee, we were really impressed with him as a founder. He had a strong track record of purpose-building solutions. When Chris and I sat down with him, it was obvious he was solving singular problems with a tremendous amount of depth, versus some of the other folks we’d seen building solutions who were really going an inch deep and a mile wide. Knowing how mission-critical these solutions are to MSPs – that for every time they mess up a service ticket, they put that customer relationship at risk – we knew that Lee’s approach was just bang on. He was obsessed with solving singular use cases. It showed in the team he put together, the technology he built, and what customers were saying about the product. It’s very atypical to make an investment and then six months later have it acquired. When it was all going down and we were talking to the ConnectWise folks, it was bittersweet. We’re so happy to see ConnectWise gain this incredible capability, but we were sad to know we weren’t going to have Lee in the Top Down portfolio anymore. Ultimately, thrilled – because what it means for ConnectWise is that they can get this really powerful technology into a lot of people’s hands. That has a tremendous impact for the ecosystem, the end market, the MSPs partnered with ConnectWise. They can get this great innovative technology out into the market much faster than Lee could on his own, just going out and telling the story and waiting for the momentum to build. Thrilled for ConnectWise, thrilled for Lee and the team to jump into an organization like ConnectWise. And proud that we were able to play a tiny part on that journey. Robert Dutt: zofiQ was automating the service desk with AI agents. From what you saw inside that experience with them, and looking across the portfolio now, I’m curious – especially given your background running an MSP – when you’re talking to MSPs about what some of these companies are doing, how ready are they to adopt and operationalize this kind of agentic tooling? Both in terms of willingness and interest, which I’m sure is high, and actual aptitude and ability to make the operational changes that come with it? Joel Abramson: It totally depends on the MSP’s maturity. I’ve been through the life cycle of MSP maturity many times – two steps forward, one step back, a bunch of times. Every MSP is on a similar treadmill of growing and maturing, then having to embrace new technology, then getting hit by outside factors: whether it’s COVID, the move to remote work, the push back to the office, or the change in technology. It’s not a static industry, but it is an industrial-strength ecosystem because it’s so mission-critical for the customers MSPs serve. Everybody is at their own part of the journey. Companies like zofiQ come around and they focus on building the right technology, then working with the ideal MSPs that are at a place where they can embrace it. I go back to an inspirational investor, Dave Lahn, who always talks about the different buckets of work: the hero work, all the work that supports the hero work, and then all the work that should be done but isn’t. I think about MSPs with that third bucket. As a 20-year MSP operator, there were all these things I knew I wanted to do but could never get around to because we were always fighting fires, then trying to do proactive work, then project work – it compounds and you never had enough hands for the work that should be done that isn’t. I think that’s one of the huge opportunities with AI – actually getting that work done, staying on top of it, and providing more stable, secure environments for MSP customers. If AI is the great enabler for MSPs themselves, then how exciting is it to be in a position where I can’t think of a service provider that supports small and medium businesses that’s better positioned to bring AI enablement down to that market than an MSP. I doubt it’s the accountant, I doubt it’s the janitor or the maintenance people. I think it’s the MSP, because you’re already talking technology. As MSPs continue to evolve from the server room to boardroom conversations, AI is an incredible hook to get into that conversation. That’s why the work ScalePad does around customer success and supporting the strategy conversations is so critical. But the next wave of companies we see are really around helping MSPs actually deliver AI use cases successfully to their customers. That transformation will take place for a long, long time. Robert Dutt: Your base of limited partners includes more than 100 MSP operators, including Pax8. That’s unusual for a VC fund. Was that a deliberate choice? And how does having operators as limited partners actually change how you source and evaluate deals? Joel Abramson: It just makes us so strong. We have the brainpower of over 100 people there for us to tap and leverage. At our Horizons event in November – where we bring all of our LPs together – I’ve never seen a more aligned group of individuals, focused on supporting the supply chain of an ecosystem, come together and have meaningful conversations without any real individual agenda. We think about it as a flywheel. We have a group of limited partners with all of our capital in this fund together. Of course we all want to make money – but I think what drives that outcome is supporting innovation and figuring out exactly where the best place to put capital is today that can have the largest impact tomorrow. zofiQ is a perfect example. Here’s a strong founder with a huge problem, solving it at the deepest level, that MSPs are going to be able to take forward and dramatically impact their businesses and their customer experience. That, to me, is the genesis of venture investing: aligning all those things and putting the right pieces together. We think about the strength of the mindshare of our LPs, figuring out ways to connect them with our portfolio companies, ways to validate our thesis and investments by harnessing that energy, and then making the right investments and providing the right support throughout a portfolio company’s lifecycle, thanks to that really, really strong LP base. Robert Dutt: So if I’m an MSP owner listening to this – not an investor per se, just someone running a managed services shop – why should I be paying attention to what you guys are doing and what you’re funding? What’s the typical practical downstream impact on my business? Joel Abramson: You could look at our portfolio with a degree of confidence that these companies are getting great support to build great products, that they’re talking to top MSP operators around the world to help shape what gets built. The average MSP is the benefactor of that, because it means they’re getting great product built that they can use in their MSP or deploy to their customers. We’re doing this to earn and keep the reputation that a Top Down-backed company means tier-one innovation, great people behind it, that it’s been validated and tested – and that MSPs themselves can be the benefactor of that by leveraging this technology. Robert Dutt: You closed this fund at about $38 million, oversubscribed, in what you called a slog of an environment – and I get that. What does that tell you about where institutional capital is actually flowing in 2026? And what does a successful Fund I set up for Fund II? Joel Abramson: A lot of institutional capital is flowing towards the frontier companies and the supply chain of AI. We think that’s great, because just like the Microsofts and Googles that have powered the ecosystem for the last ten years, we think heavily capitalized AI companies are fantastic for the downstream companies – the software companies we’re investing in, the AI companies we’re investing in, the MSPs themselves, and the SMB layer. Capital flows down as well. As vertical-focused funds like ours demonstrate a strong track record, more institutional capital will flow into vehicles like ours. Certainly a lot of capital is tied up at the top right now, but we see that as a great thing because we’re not super concerned about the capital cycles of the next three months. We’re much more concerned about the capital cycles of the next two decades. As we’ve mobilized a non-insignificant pool of capital to support early-stage MSP software companies, we strive to earn the right to have a second fund with a more diverse group of participants, and subsequent funds beyond that – as long as we continue to find the right companies to partner with and add value along the way. Robert Dutt: And that seems like – just with the names you’ve mentioned and the names I can think of off the top of my head – a target-rich environment. There are lots of companies building specifically for the MSP market for obvious reasons. But I’m curious: without necessarily naming names or tipping your hand, what problem or product category are you most excited about in the MSP software pipeline right now? Where’s the white space that’s still underbuilt? Joel Abramson: In our research paper, we talk about two big macro things happening in the market right now. One: we think this market – let’s broaden it to IT services, not just MSP – is going from a $600 billion addressable market to a $1.3 trillion addressable market, certainly $1 trillion by 2030. That’s a huge market. On the MSP side specifically, we have four or five scaled companies at or above a billion in revenue. Ninja is on its way up there. N-able, of course, is a big company. But you’re talking about a much larger addressable market – there’s still empty canvas where new companies can scale up to fill the middle and eventually be alongside some of those platforms. We expect those platforms to continue to grow and thrive, and we hope to build or invest in companies that can partner with them to take advantage of their distribution and ultimately make small and medium businesses better through MSPs. All that said, what are some of those categories? I don’t think it’s new MSPs starting up and buying PSA – that market is fairly saturated. Nor do I think it’s more EDR or XDR – those are pretty saturated markets too. There’s still market share that will trade, don’t get me wrong, and innovation will build on top of it. But doubling the market requires new products, new revenue streams, and obviously AI is a critical part of that. Whether it’s the evolution of agentic service work to do all the work that should be done but isn’t, or raising productivity levels so the service is that much better, or helping the average SMB with a sophisticated IT strategy that evolves into an AI strategy – we see the category of AI services enablement for MSPs as a huge, huge opportunity. In the enterprise, we’re living through what I call the SaaSpocalypse – the idea that big SaaS companies are going to see fewer licenses because people are going to downsize headcount and thus take an impact on their top line. But we see the SMB market as more resilient, because my accountant with 60 people and one person in marketing – they’re not going to downsize that one-person marketing department. That person is actually just going to get that much better thanks to all the tools they’re using. SMB IT spend is expected to outpace enterprise IT spend for the first time ever in 2026. We believe that’s because of the resiliency of the SMB market – the idea that when a big tech company lays off 5,000 people, those people don’t all sail off into the sunset. A lot of them move into the SMB economy and start small businesses. Maybe the IT folks start an MSP. So we see the SMB part of the economy continuing to thrive, and it’s showing itself this year – thanks to this crazy stat that SMB IT spend will outpace enterprise IT spend for the first time ever. For all those reasons, we’re very excited about the opportunities it creates in the companies that we’re invested in. Robert Dutt: That is a crazy stat, and it’s worth underlining – because of where you and your peers and so much of this community is focused, right in that SMB space. And closer to home, as a Canadian podcast, we’re very much a nation of SMBs. So it really is super impactful here. Joel Abramson: Yeah, I would agree. Robert Dutt: For people who want to follow what you guys are doing – whether they’re founders, MSPs, or just interested in what’s coming in terms of new AI-first MSP software – where do they find you? How can they find out more? Joel Abramson: TopDown.com. We publish a newsletter and try to share all the learnings we’re gaining each quarter. We publish a white paper annually. We have a conference in November called Horizons – if you’re interested in investing in the MSP ecosystem, our goal is to bring everybody together as peers. We do a lot of dinners and events around the big MSP events. Our goal is always to bring everyone together as peers, not in a supplier relationship where you’re being sold to – just everybody trying to solve this thing together. The community aspect of the MSP ecosystem is so strong, and that’s how you engage. I’m pretty easy to find and always interested in a conversation with anybody from inside the ecosystem or outside, as we try to build this thing one brick at a time toward 1.3 trillion of addressable market. Robert Dutt: Brilliant. Go get that. Go build that. I appreciate you taking the time, Joel. Joel Abramson: Thank you so much for having me. Robert Dutt: There you have it – Joel Abramson from Top Down Ventures. I’d like to thank Joel for his time this morning. Thank you as always for listening to In The Channel. A few things stuck with me from this conversation. First, the framework Joel described: frontier AI companies at the top, then the supply chain software layer that Top Down invests in, then MSPs, then SMBs at the front line. It’s a clean way to think about how AI value actually gets delivered to small and medium businesses. And the point that MSPs are the most natural vehicle for that delivery is hard to argue with – from where I sit, and probably from where you sit too. Second, that stat about SMB IT spend outpacing enterprise IT for the first time ever this year. If we’re in what Joel calls the SaaSpocalypse for the enterprise, we’re in a resilience story for SMB. For an audience of MSPs, that’s your market, and that’s your moment. And the zofiQ story. A six-month hold, 5.3 times the invested capital to ConnectWise. What Joel said about what made it work – going deep into a singular problem rather than an inch deep and a mile wide – is as much a product philosophy lesson as it is a venture capital story. If you want to follow what Top Down is doing, find them at TopDown.com, where they publish a regular newsletter and annual white paper on the state of MSP capital. Their Horizons conference runs every November if you’re engaged in this ecosystem as a founder, an operator, or an investor. If you’re enjoying the show, please give the podcast a follow or subscribe on Apple Podcasts, Spotify, YouTube, or most of the major podcast directories. Ratings and reviews are always encouraged. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

Tim Coach, chief evangelist at Cynomi For most managed service providers, the security services story has followed a familiar arc: endpoint protection, email security, security awareness training. Each category added value, then became table stakes. Third-party risk management – TPRM – is what comes next, and according to Cynomi Chief Evangelist Tim Coach, it may be the stickiest revenue category yet. The case is straightforward. Every business relies on a web of vendors, software providers, and service partners. Each one is a potential vulnerability. And most SMBs have no formal process for knowing how well those third parties are managing their own security – or what happens to them downstream if one of those vendors gets breached. Research from Cynomi suggests 45 percent of organizations will face supply chain attacks, and 30 percent of data breaches already involve a third party. The attack surface has shifted to the things organizations trust most. For Canadian MSPs, the regulatory pressure is specific and near-term. OSFI’s Guideline E-21, with a September 2026 compliance deadline for federally regulated financial institutions, puts third-party oversight explicitly on the agenda. The cascade effect on their vendors – and the MSPs serving those vendors – is already in motion. Perhaps the sharpest signal in this conversation: cyber underwriters are now denying SMB coverage not because of anything the SMB did, but because they are connected to an MSP. The managed service provider, long positioned as the path to better insurance outcomes, has become a risk factor in its own right. Coach’s recommended first move for any MSP building into TPRM isn’t a vendor questionnaire – it’s a Business Impact Analysis. Understand how the client actually makes money, which vendors are critical to those revenue processes, and what an hour of downtime costs. That reframes the conversation from technical widgets to revenue, cost, and risk – the language every business owner speaks. – UPLOAD AUDIO Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, your host for the show. My guest today is Tim Coach, Chief Evangelist at Cynomi, a vCISO platform purpose-built for MSPs and MSSPs. Tim brings an unusually grounded perspective to the space. He’s an engineer by training who spent nearly two decades building, running, and consulting on managed service practices before landing at Cynomi after seeing the platform first-hand and recognizing it could have solved one of his biggest operational headaches as an MSP owner – the CISO bottleneck, the point at which growth stalls because the security function can’t scale without adding expensive headcount. That personal history shapes everything he thinks about TPRM, third-party risk management, which is increasingly being talked about as the next major revenue category for MSPs after human cyber risk. Today we’re talking about what building a TPRM practice actually looks like, why cyber insurance has quietly flipped the MSP value equation, and why the right starting point isn’t a vendor questionnaire at all. Let’s get right into it, my chat with Tim Coach. Tim, thanks for taking the time. I appreciate it. Tim Coach: I absolutely love to be on. Thanks so much for having me, and for having Cynomi on your webinars. We’re always happy to do these things and educate the community. Robert Dutt: You’ve spent a long time in and around the MSP community. How did you end up at Cynomi specifically, and what was it about the opportunity around TPRM that pulled you in? Tim Coach: TPRM was eventually in the process – let me back up. What got me into the community was my engineering background. I went to college for what was called network communications back in those days. Basically I’m a network guy – I always point at the front-end programming guy and say, “It’s your fault,” and the programming guy says, “No, no, it’s the network’s fault.” So I did that for a large-scale nationwide company for many years, and then I fired my MSP. The owner was like, “Well, if you’re so good, why don’t you come over here and run this?” And I said okay. It took me about 24 hours to realize I didn’t have a clue what was going on – the place was chaos. But through process and procedure, and a military background, I knew I could get it under control. I ended up with a business partner from that experience, and we spent about 20 years rebuilding and consulting with MSPs. About five years ago, I just needed something different. The kids were a little older. I started looking at what else was out there, talked to a couple of mentors in the space – I’m sure if I mentioned their names everyone would know them – and they said, “You should come over and do this.” So I jumped. I went to work for a Canadian company, grew them quite a bit in the first year, then moved to an Australian company, grew them, and then went back to consulting for a short time. David from Cynomi was recommended to me as a consulting connection. We were going back and forth and he said, “Why don’t you come on board?” And I said, “I’m not really interested in selling a widget” – and it’s a security widget, right? There are so many great widgets and great personalities in the security space already. Probably not my jam. But he said, “No, no – let’s look at it.” And he showed me what Cynomi did, and I was blown away. The reason I was blown away is that at my most successful MSP, we hit a stopping point in our growth. The reason was our CISO – and this was before CISO was even a cool term. He was our bottleneck. Not because he was inefficient as a person, but because of the way he had to work: 80 pages of Excel spreadsheets and hours and hours of questionnaires. When I first saw Cynomi, I thought, “Here’s a way I could have doubled the size of my company with the same staff, the same CISO.” That’s what really inspired me to come on board – seeing that dashboard and connecting it to the personal pain I’d experienced around the security bottleneck. Now with the addition of TPRM, that excites me even more, because back in my MSP days I had a lot of bank clients, and banks are SOC 2 all over the place. Part of SOC 2 is that you have to have TPRM – you have to be responsible for everybody in the chain. So now we’ve built out a platform that lets the MSP, MSSP, ITSP, or whatever SP you want to put in front of those letters, easily manage vendor relationships and understand where clients are in their security posture. Robert Dutt: You may not feel it’s cool, but it’s certainly foundational security. Tim Coach: And that’s the problem, right? That’s why we’re still talking about security – because nobody knows how to talk business. They all talk widgets, bits and bobs: here’s this cool firewall, MDR, XDR. But you know what your clients don’t care about? The widgets. They care about being secure. Until we can bridge that gap – until Cynomi brings something that says, here’s an easy way to get to the data and details you need, here’s CISO-level intelligence so the MSP can translate it into business terms for the doctor’s office, the manufacturing company, whatever vertical you want – we’re going to keep having this same conversation. Robert Dutt: Let’s do a little bit of that with TPRM itself. Let’s take a step back and look at it from the viewpoint of an MSP who’s heard the acronym but hasn’t really dug in yet. Third-party risk management – what are we actually talking about, and what problem does it solve? Tim Coach: What a lot of people need to understand – and I try to say this in a way that’s easy to grasp – is: manage security first, and compliance becomes a default. What I mean is that you need a baseline, whether it’s CIS Controls, Cyber Essentials Plus, CMMC 2.0, one of the financial frameworks, HIPAA, whatever applies. You need a baseline you’re actively managing your security against. In the process of meeting that baseline, compliance follows. What we’re increasingly seeing is that certification bodies, auditors, and insurance underwriters all want to see that your solutions and partners are just as secure as you are. I was at Canalys Barcelona last year and someone made a statement that blew me away: for the first time ever, we’re seeing insurance underwriters deny coverage to an SMB because they’re connected to an MSP – and the MSP is what they consider the risk. We went from being the most important people in the room, essential workers, to being the risk factor. And on top of that, helping clients with their insurance has been one of our foot-in-the-door conversations for the last decade. That’s where TPRM comes in. The frameworks and insurance underwriters now want to see not just that you’re secure, but that everyone you’re working with is secure. The problem has always been how you manage that. Back in my day, you had to call the vendor, find the right person, ask for evidence of their SOC 2 compliance, get bounced around, end up with legal, sign an NDA, and eventually get the report. Now people share that information a bit more freely, but you still need a central place to manage it – so when an auditor or insurance broker asks, you can point to it and say, “Here it is.” We do a community call every Wednesday at noon Eastern, and we’ve had a gentleman on a couple of times who has written books specifically on TPRM. He’s sounding the alarms – not bad alarms, just “it’s coming.” But like a lot of SMBs, MSPs are having to drag their clients toward where they need to be. Once you make it easy for the MSP, you make it easy for the SMB, and you finally have a way to prove you’re taking those measures. Robert Dutt: Supply chain attacks have certainly been a theme in the channel for a while – Kaseya, SolarWinds, MOVEit. But TPRM as a formal managed service element feels newer. The insurance side sounds like a big driver. What else changed to make it go from a theoretical concern to something MSPs can actually build a practice around? Tim Coach: I firmly believe you cannot be a business partner without knowing how your partner makes money and how you need to protect them. I can’t protect them if I don’t know what they’re using. It’s the old adage: if two people are managing something, nobody’s managing it. TPRM is really the next step for the ITSP to move from a transactional relationship to a true business partnership – ensuring that everyone your clients are using is also protected. Because what happens is what always happens: it doesn’t matter what you have hard-coded in the contract about not being responsible for X. When something goes wrong, the SMB comes back and says, “But I thought you were managing this.” We go over it in the contract reviews, sure, but the conversation still happens. When you’re genuinely talking business – saying, “I’m going to protect how you operate quarter after quarter, year after year” – you’re protecting their entire environment, not just your piece of it. That’s when you move to a real business relationship instead of a sales relationship where every conversation is an upsell or a cross-sell. We’ve done it to ourselves a little bit, honestly. It’s like an insurance agent in Oklahoma trying to sell hurricane insurance. That’s not what we should be doing as business partners. TPRM allows us to have a full understanding of the client’s environment and make sure everything is protected – or at minimum, that the gaps are known by everyone. Robert Dutt: Cynomi has described TPRM as the next major revenue category after human cyber risk. Can you walk me through what the recurring revenue model actually looks like, and what makes it sticky? Tim Coach: Everything leads to MRR – that’s business. But you have to start with a project. You need to understand where the client is in their security journey before you can manage them ongoing. SMBs don’t do things for free, and neither do our partners. This is a revenue generator. But it’s a revenue generator because it actively has to be managed. I always say: I can’t throw a server at security. I can’t throw a firewall at it and declare myself secure. The best analogy I’ve heard for security is a block of Swiss cheese. There are holes, and you can stick a fork through those holes quite a way. But if you slice that block and turn every slice 90 degrees, the holes are still there – they’re just not as deep or vulnerable. That’s TPRM. There is no set-it-and-forget-it. It has to be actively managed, and that active management is where the recurring revenue lives. Robert Dutt: What does a typical engagement look like early on, for an MSP starting from zero with a client? Where does the work begin, and what surprises people about the scope as they go deeper? Tim Coach: Everything begins with an assessment. With Cynomi’s tools, we can use Cyber Essentials Plus or CIS Controls as a self-regulating baseline and add a couple of hours to the initial assessment to incorporate the security piece. We all do assessments upfront to understand what we’re getting into – or what needs to be fixed before we really dig in. Once you’re in the security layer, the next step is TPRM. And TPRM brings with it something I think is critically important: the Business Impact Analysis. It’s not enough to ask, “What does your client do?” They make dog food – do they? Or is that just the end product? When I was an MSP, I had a metal manufacturer that cut and stamped metal. But if you asked their CFO what the business was, he’d say, “Making pallets – I make more on pallets than on the stamping work.” I used this example in a presentation just yesterday. Years ago I was walking through a manufacturer’s facility and asked about a machine: “What does that one do?” “That runs the software that completes our product.” “Why isn’t it plugged into the network?” “It’s a Windows 98 machine.” “Why are you still running that?” “Because it runs decade-old German software that costs ten million dollars to replace. And we only have that one machine.” If you’re not walking through and genuinely understanding how they make money, you don’t know where the risks are. And that’s what TPRM forces you to do. Ideally, I’d love to sell a project that includes a full security assessment, a BIA, TPRM, BCP, IR planning, all of it from day one. But it doesn’t happen that way. You have to phase it. Once you understand the BIA and what they’re actually doing, you understand where the software and systems that carry real business risk are, and you can start building that into their security posture. It’s the same principle: why hack an individual when you can hack the software that manages all the individuals? Why try to crack one account when you can compromise an MSP’s RMM tool and get access to everybody? If you go into a business without understanding their software environment and vendor posture, you at minimum need to be able to tell them where the risks are. Because the language they speak is revenue, cost, and risk. TPRM is a risk if it’s not being managed – and that’s why we’re seeing so much attention on it lately, even though some of us have been doing this for decades. We just used to call it vendor management. Robert Dutt: We’ve talked a lot on the show about MSP tools as an attack surface – RMM agents, remote access tools, backup platforms. The MSP is supposed to be managing the client’s vendor risk, but the MSP’s own toolchain is also someone else’s third-party risk. How should MSPs be thinking about that? Tim Coach: It comes back to the BIA again. What are they using? What’s creating the security gaps, and how do you build better overall management around it? There’s a project in there, but every project should lead to MRR – period. It still has to be managed. Remember when Exchange servers went away and everyone panicked about where the revenue was going to go? There was still an entire environment to manage. We always made some revenue on hardware, though that’s gotten harder – the real money is in managing the ongoing environment. TPRM is the same thing: it’s a significant security gap in the overall posture of your clients, and that gap has to be actively managed. Robert Dutt: Pushing on that a little further – TPRM platforms are pulling in a pretty comprehensive map of an organization’s vendor ecosystem: the gaps, what’s been remediated, basically a full picture of the landscape. If one of those platforms gets compromised, that’s not just a breach – that’s a pretty rich target list for an attacker. How do you think about that? Tim Coach: Think about a CNC factory. Their job is building molds to produce a specific part, and the software on their server has all the schematics fully built out. What happens if that software gets hacked? You lose all the schematics for the CNC machine – so suddenly you can’t produce anything. And if the attacker gets in early enough in the process, the downstream supply chain impact goes way beyond that one facility. That’s the risk. If you’ve got $200,000 five-axis CNC machines – and I may have a little experience with this – and you’re not protecting the software running them, and you don’t understand from a TPRM perspective what the vulnerabilities look like, that’s an ongoing, persistent risk. You always have to be managing it. Robert Dutt: Sitting where Cynomi is, how do you think about the security side of running a TPRM solution, and what should MSPs be asking vendors in this space about that? Tim Coach: Efficiency. How efficient can you make it? I’ll probably get in trouble for saying this, but we’ve essentially stupid-proofed the first few levels. We’ve built it out for you. And look – I know AI is a word we’ve managed to avoid for about the last half hour, but AI is meant to enhance the human. It’s a tool. What we’ve done at Cynomi is build AI agents and intelligence into the platform to make this work manageable at a lower labor level. If I can take work that previously required a CISO – an expensive asset – and bring it down to a tier-two technician, my margins go up because my labor costs go down. That said, we’re not replacing the CISO. I used to work with a company that built a component for Apache helicopters – no public-facing anything. If a tier-two tech runs a report showing no web security for that client and flags it as a critical gap, the CISO might be the only person who knows that client has no public-facing presence by design. That context matters. The CISO still needs to be the final approval layer. What Cynomi has done is open up bandwidth for other people to do the groundwork, so you can grow your company without adding another six-figure salary. When your staff becomes more efficient, the CISO is less of a bottleneck – which was the original problem we started with. Robert Dutt: For the Canadians listening, there are some very specific regulatory drivers on the table right now. OSFI’s Guideline E-21 has a September 2026 compliance deadline for federally regulated financial institutions. Can you talk about the role you see TPRM playing in responding to that kind of regulation? Tim Coach: What we’re seeing is that the insurance underwriters, auditors, and regulators are the ones setting the standard, and the industry has to meet it – but the industry isn’t yet at a point where it can easily meet a TPRM standard. So what will probably happen, whether it’s Canada, the US, the UK, or EMEA, is a pattern we’ve seen before: they’ll release a guideline, there’ll be a period of voluntary adoption, and then they’ll give it teeth. Like HIPAA – they threw it out there, and eventually it got enforcement. The thing I’ve always loved is watching the auditors, because they’re typically running a couple of years ahead of the regulation. If you stop treating auditors like your mortal enemy – “they’re here to expose everything I’m doing wrong” – and start paying attention to what they’re flagging, you can get ahead of the game. Auditors are a leading indicator. It’ll always come down to government forcing the policy, and then insurance trying to find a way out of paying claims when it’s not followed. But if you’re watching the auditors and TPRM is showing up in their reviews, you already know what’s coming. Robert Dutt: For an MSP listening to this and thinking, “I should be doing this” – what’s the realistic first move? Not the ideal end state, but the practical starting point? Tim Coach: Start with the BIA – the Business Impact Analysis. Research suggests every SMB has three to five critical processes that drive about 80% of their revenue. Do they actually know what those are? Probably not. They make dog food. They take care of kids. Whatever it is – they don’t actually know how they make money. I have an old client who’s also a friend – he works in retirement planning. If you asked how he makes money, you’d assume it’s from managing portfolios. It’s not. He makes money by selling the policy, and the insurance company pays him a commission on that. If you don’t start by understanding the BIA, you don’t really know what solutions your clients are dependent on. Start with: who is your critical software outside of us? Who maintains it? Do we have a relationship with them? Does it connect directly to how you make money? And tie it to cost of downtime. If a doctor’s office goes down for four hours – and in a medical practice you call them providers, not doctors, right? Speaking their language, not ours – what does that cost? If the pallet machine on an assembly line goes down, and that pallet machine is the only thing holding product so the rest of the line can keep moving, what’s the cost per hour? If you don’t know that, you don’t actually understand how to service your client. You’re still talking bits and bobs instead of revenue, cost, and risk. Robert Dutt: Future-looking question to wrap up: where do you see this category going over the next couple of years? Is TPRM a standalone practice, or does it fold into a broader vCISO or governance offering? Tim Coach: I think it’s going to be both. For more mature MSPs, it’ll be baked right into their silver, gold, and platinum packages – TPRM is just part of what you get at a certain tier. For others, especially those that aren’t at a full vCISO-as-a-service level yet, it’ll be available as a standalone – a meaningful piece of the security posture they can deliver to clients without committing to the full stack. Growth and maturity, right? As people build their practices, the more advanced will have it embedded. But there’s also a real path for someone starting out to say, “I need to at least get this piece right, because it’s critical to the overall security posture of my clients.” Robert Dutt: Fascinating. It’s an interesting area of technology and – to your greater point – business. I appreciate you taking the time to share some thoughts on how service providers can get involved. Tim Coach: Thanks for having me on. I always appreciate it. Robert Dutt: There you have it – Tim Coach from Cynomi. I’d like to thank Tim for taking the time today. He’s been around the MSP space long enough that when he points at something and says it’s the next thing, it’s worth listening. A few things I want to make sure land from this conversation. The first is the Business Impact Analysis as the true starting point. Before you think about vendor questionnaires or risk scoring tools, you need to understand how your client actually generates revenue – which processes drive the majority of the business, and which vendors are load-bearing in that equation. That’s not a security conversation. That’s a business conversation. And that’s the shift that moves an MSP from tool vendor to genuine business partner. The second is the insurance signal. When underwriters start denying SMB coverage not because of something the SMB did, but because they’re connected to an MSP – that’s a warning and an opportunity in the same breath. MSPs who can demonstrate they’re actively managing their clients’ third-party risk have a new and better story to tell. And the frame to carry with you: security first, compliance becomes a default. Build the practice to the right security baseline and the compliance checkboxes largely take care of themselves. In The Channel is available on Apple Podcasts, Spotify, YouTube, and most major podcast directories. If you’re finding value here, ratings and reviews are always appreciated – they help other people in the Canadian IT channel find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

In this conversation, Sanjay Katkar, Founder, Quick Heal Technologies, India's only listed cybersecurity firm, breaks down 30 years of fighting hackers, the real mechanics of ransomware, and why your Gmail password may already be for sale on the dark web. Sanjay Katkar started debugging viruses on floppy disks as a college student in Pune in 1990, eventually building Quick Heal Technologies into India's only publicly listed cybersecurity company with over 25,000 channel partners, a ₹350 crore revenue run rate, and an enterprise security brand, Seqrite, that competes directly with CrowdStrike and SentinelOne in the Indian mid-market. In this episode with host Akshay Datt on Founder Thesis, Sanjay reveals the counterintuitive truth that being a small business does not make you safe - it often makes you the easiest backdoor into a much larger organisation, a tactic called supply chain attacks that is reshaping India cybersecurity risk for every SMB. He explains how the AIIMS ransomware attack involved months of silent reconnaissance before a single file was locked, how North Korea's Lazarus Group stole ₹89 crore from Cosmos Bank using coordinated ATM withdrawals across multiple countries, and why ransomware gangs actively protect their own brand reputation to ensure victims keep paying. With India's DPDP Act now law and AI enabling 10,000 personalised phishing emails per second, this episode arrives at the most consequential moment in India's digital security history.

Tim Cook is stepping down in September, and The Trio has plenty of thoughts on what the Ternus era means for Apple. Kotaro dives into his embedded systems rabbit hole (Raspberry Pis, ESP32s, and a Godot refresher), while Steve sounds the AI hype alarm, comparing the current frenzy to NFTs and the Metaverse, complete with a shoe company that somehow pivoted to GPU data centers on a $50M budget. Steve's monitor saga drags on, the SpaceX/Cursor "announcement of an announcement" gets the skepticism it deserves, and The Trio wraps up with details on the May 14 IRL meetup in Philly.## Chapters00:00 Introductions05:54 Kotaro's Side Project Adventures08:29 Diving into Hardware and Embedded Systems11:17 Raspberry Pi Adventures and Microcontrollers14:02 Creating AI Projects with Raspberry Pi18:19 Exploring DIY Devices and Learning in Tech23:21 Game Development and Learning Curves24:16 AI Tools and Programming Challenges26:55 The AI Hype Update and Economic Realities36:57 Balancing AI Use in Software Development39:53 The Hype Cycle of AI and Media44:32 So Long, Time Apple, and Thanks for All the Fish!53:07 The Future of Apple in the Ternus Era56:43 Steve's Monitor Watch Update58:57 Wrap Up01:00:37 Tag## Show Notes- Tim Cook announced his retirement as Apple CEO, effective September, with hardware chief John Ternus set to take the helm.- The Trio agrees Cook grew Apple into the world's most valuable company, and the MacBook Neo might just be his most quintessential product.- Ternus is seen as more of an engineer/visionary, and Steve is cautiously hoping he'll bring more Jobs-era decisiveness to Apple's product direction.- Kotaro is deep in embedded systems this year, learning Raspberry Pi 5s and ESP32 microcontrollers the hard way (wrong cables, wrong GPIO boards, all of it).- He's built a basic AI chatbot device (think DIY Rabbit R1, hooked to Google Gemini) and is eyeing a 5-inch touchscreen home automation kiosk.- TRMNL, the E Ink dashboard device, comes up as a goal Kotaro is working toward, though the large version is sold out.- GitHub Copilot paused new signups, dropped Opus from Pro plans, and started rationing usage, which Steve reads as AI's economic reality finally catching up.- Steve puts AI hype at NFT/Metaverse levels: a shoe company pivoted to GPU data centers, and SpaceX "announced" it has the option to buy Cursor for $60B without actually buying anything.- Steve's XDR monitor watch continues: he watched a glowing review, still can't justify the price, but is eyeing the nano-texture option for his glare-heavy room.- The Trio closes with news of a PhillyCocoa IRL meetup on May 14 at the Vanguard building, featuring Kotaro on Metal shaders.## Links**Hardware & Devices**TRMNL: https://trmnl.com/ | Rabbit R1: https://www.rabbit.tech/rabbit-r1**Snazzy Labs TRMNL Review**Watch: https://www.youtube.com/watch?v=YWw5NKUx40o**AI Hype Update**We are near peak hype (Primeagen): https://www.youtube.com/watch?v=rAREqdtUN48SpaceX/Cursor ($60B): https://www.reuters.com/technology/spacex-says-it-has-option-acquire-startup-cursor-60-billion-2026-04-21/**One More Thing**IRL Meetup RSVP (May 14): https://luma.com/i00ll61z**PhillyCocoa:** http://phillycocoa.orgIntro music: "When I Hit the Floor", © 2021 Lorne Behrman. Used with permission of the artist.

Kajal Pal, the Defense Cyber Crime Center's architecture management of data and enterprise division chief, said tools like XDR are more important than ever.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Michael Khoury, vice president of Global Ecosystems Programs at Palo Alto Networks When Palo Alto Networks announced the first comprehensive overhaul of its NextWave partner program in more than three years this February, it raised a lot of questions for partners. What does the shift from transactional incentives to platform adoption rewards actually look like day to day? What happens to loyal, firewall-heavy partners who now face a diversification requirement? And is the promise of dramatically improved economics real, or is it marketing math? Michael Khoury, vice president of Global Ecosystems Programs at Palo Alto Networks, is the architect behind the changes. He joined the company, conducted an extensive listening tour with partners across markets, and built the revamp around the specific frustrations he heard: over-reliance on Palo Alto staff for routine tasks, managed services being valued like resale, incentive structures that looked good on paper but didn’t pay out, and training that wasn’t keeping pace with the platform’s evolution. In this conversation, Michael walks through the mechanics of the new program in detail. He explains why Platinum and Diamond partners will need to generate 20 and 30 percent of their business, respectively, from non-firewall product lineswithin 18 months, and why he believes most strategic partners are already within striking distance. He shares data showing the elimination of discount caps has resulted in 2-to-4x earnings improvements based on modeled past bookings, and explains why they timed the rollout to prevent partners from holding back orders. He discusses how the $25 billion CyberArk acquisition creates a new identity security practice path that counts toward diversification targets, the new Partner Development Fund that reinvests rebate earnings into partner growth, and what Canadian partners specifically should know about how their market stacks up. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If you’re a Palo Alto Networks partner, or you’ve been thinking about becoming one, you’ve probably been hearing about the NextWave Partner Program revamp that launched in early February. It’s being called the first ground-up redesign of the program in about three and a half years, and the changes are significant. A shift from rewarding transactional volume to rewarding platform adoption, the elimination of discount caps that were leaving money on the table for partners, new diversification requirements, and a whole new approach to how Palo Alto thinks about managed services. My guest today is Michael Khoury, Vice President of Global Ecosystems Programs at Palo Alto Networks. Michael is essentially the architect of these changes. He joined the company, did a listening tour of what partners were actually frustrated about, and the revamp is his answer to what he heard. We got into the details of what changed and why, the real economics of the new incentive structure, what the 30% non-firewall requirement means for partners who’ve built their business around firewalls, how mid-market MSPs and resellers fit into a program that could easily be optimized for global SIs, and what the recent CyberArk acquisition means for the partner ecosystem going forward. Michael brought real data and real candor, and I think you’ll find it genuinely useful. Let’s get right into it, my chat with Michael Khoury. Robert Dutt: Michael, thanks for taking the time. I appreciate it. Michael Khoury: Thank you, Rob. Great to be here. Thanks for having me. Robert Dutt: It’s been about three and a half years, I guess, since the last major partner program update for you guys. What changed in the landscape, or in what you’re hearing from partners, that made this the moment to do a kind of ground-up revamp rather than a refresh and update kind of motion? Michael Khoury: Yeah, great question. Rob, I joined Palo Alto Networks about 18 months ago, and what I did, in addition to getting the internal feedback obviously from the various team members and various stakeholders, I made sure to go out on basically a tour, a listening tour, meeting with partners and getting their input frankly about our program at the time and what are the areas we needed to address. It was obvious to me in a lot of areas we had some challenges that we needed to address as a company. I’d put these things in a way – it’s not like what we had was necessarily bad, but it just didn’t evolve with the way the business kept transforming and evolving. So we needed to update. And if you’ve seen this, probably you’ve seen it with other vendors – it’s kind of common in our industry that every few years you need to evolve the program to keep pace with the business needs ever changing. And as I met with partners – and I met with partners across the globe, various regions, some of them were virtual, other meetings were in person, some of the meetings were larger like partner events that we hosted – the consistent feedback that I kept hearing was this. Number one, it was around “Hey Palo Alto Networks, that’s great that you have a program, but it feels like we need you for everything. We need someone at Palo Alto Networks to do anything with you. So we’re always relying on you to get things.” And those things can be as simple as if we needed to get a quote, if we needed to get a price, if we needed access to more training – we always needed someone at Palo Alto to give us that access. That was consistent feedback number one. Number two, obviously when we got into the program it was particularly with the managed services motion, because that motion has been growing for us at a much faster rate – and I’ll give you some percentages in just a minute – but that motion has been growing at a much faster rate than the traditional VAR motion. So when we discussed with the managed services partners, they were like “Hey, you kind of have a managed service program, but it kind of works like resale, not like truly like a managed service.” So we needed to revisit that. And then obviously the other areas that our partners care about – for partners who provide services, how do we ensure we’re leveraging more of their capability and training them and giving them the right support from a training and enablement perspective so they can build not just a go-to-market motion but also their services around Palo Alto Networks. And lastly, the last area was around the incentives. It was only two years prior to me joining the company that the company – and you’re right, you said three and a half years ago – which was the time when the company launched their first rebates program to partners. However, the feedback that I heard from partners, they said “Michael, you have rebates, you have these incentives for us, but they’re mostly on paper. It seems like it’s very hard for us to earn these incentives.” So we had to open that up and revisit that. So overall, Rob, those were the big themes that I heard from partners and why we needed to evolve the program with bigger changes, and why we did the things that we did and we launched the recent program. Robert Dutt: You’ve talked about moving from rewarding transactional volume to rewarding the platform and selling across that. Can you walk me through what that shift looks like concretely for a partner? If I’m a reseller who’s been doing well selling Palo Alto firewalls, what’s different about how I engage with you guys under this new program versus the old one? Michael Khoury: I found – and this is by the way common across the industry – because sometimes a vendor builds a program and sometimes they look at it almost like a static thing. “Oh, we built it, here’s the requirement.” And sometimes you have to also look at where your own field sellers are measured on and what they need to do. Because if you have the company field sales organization and the partner organization that are not in perfect harmony in terms of what they focus on and what they need to work on, then you end up having more friction. So as we evolved the program, we looked at our expectations from our sales teams and we said “Look, we expect our sellers not just to sell our firewall, but we expect them to support the platformization strategy,” which Nikesh talked about a few years ago. And now every company says “Oh, I have a platform too.” But if you think about that concept of we’re not just a firewall company – yes, that is our history, that’s our legacy, that’s where the company started – but when you evaluate our business, when you look at our next-gen security growing around 34-35% year on year, that’s been a big growth engine for us. So as our field sales organization started to focus on embracing the platform, which means if you look at our product platforms, you have the network security, the NetSec part of the house, where you have the firewall, but you also have SASE, which includes SD-WAN and Prisma Access. And also you have what we call our SOC transformation, which is our Cortex product, which is also part of our next-gen security. And under Cortex you have XSIAM, which is the next-generation SIEM. You have XDR, which is around endpoint detection. And then recently we added identity as well, as you know, with the CyberArk acquisition closing last month. So as we looked at all these things that our field sales organization is going to be measured on, when I looked at our program, there were no requirements toward those next-gen security platforms. It was mostly like if you can do firewall and keep doing firewall – which is not bad, it’s totally fine, we love those partners who continue to embrace us on the firewall side – but we also said in the new program, if you want to be driving bigger growth with us and being more aggressive, you need to do more across the platform. Meaning you need to embrace our SASE, you need to embrace next-gen security around Cortex, you now need to also embrace identity. So now the partners who play with us across the platform can unlock better benefits and have more leverage. And we continue to say, look, if you focus only on one area of the business you can excel, whether you focus on identity or you focus only on firewall, you can excel with us, but that will be your lane. That will be kind of your swim lane. Obviously the partners who are more strategic, who embrace the platform, will be able to unlock more. So what we simply did in the program, Rob, is we said now partners have requirements where they have to meet toward the next-gen security, where in the past there were no requirements. We put specific requirements. It’s very clear what they need to do. And then secondly, what we also did in addition to requirements, we also built the incentives and the rebates that support that motion. So we’re basically telling our partners we’re looking at both sides of the puzzle. And I’ve always talked about programs – people ask me “Michael, what is a partner program?” Frankly, for me it’s a value exchange. On one side you have the requirements of what we expect as a vendor from our partners. And on the other side, what do we offer them in return? What’s in it for them? And the way I look at this, where the two meet in the middle – where the requirements meet the benefit and the incentive – that’s the program. So every program, in order to be successful, needs to have both sides. We made sure in our program we updated the requirements, but we also updated the incentives that go with that. Robert Dutt: A couple of things coming out of that in different lanes. You mentioned setting those goals that folks have to reach outside of firewall and making that a requirement for the first time. You’ve said that 30% of revenues need to come from non-firewall lines of business within 18 months for you to reach both Platinum and Diamond, if I’m remembering correctly. That’s a real requirement. What happens to a longtime, loyal firewall-heavy partner who can’t or doesn’t get there? You say they have their lane, but what does that path look like? And the other side of that – is 18 months realistic for partners who need to build new practices around Cortex or Prisma or the other next-gen areas? Michael Khoury: So look, we’ve done the analysis across our partner ecosystem. And what I found when we did the analysis, even over a year ago versus when we did it recently, we already saw a shift. We already saw an increase over just the first year, even before we launched the program, because we started to signal especially to our key, bigger strategic partners. And you’re right – at the Diamond level we require 30% of their business to come from next-gen security. But the Platinum level is a little bit lower, it’s 20%. So it’s not as high of a bar. And obviously for the Innovator level, we did not put a specific requirement. We felt those partners are smaller in nature, maybe they’re focused on a specific area, they’re still building their business model. We didn’t feel we needed to necessarily be very prescriptive with our requirements in that area. In terms of the 18 months, when we looked at our partners – if I have a partner who’s already, let’s say, a Diamond and doing 20% of their business toward next-gen security, and now by adding identity as well, that adds to that percentage. So some of them actually have an identity practice that they can leverage as well. We know the vast majority of our strategic partners are within striking distance. Yes, they may need to stretch. Yes, they may need to do a little bit more work to get there. But look, this is why we gave the 18 months. This is why we enable our CBMs, our field team, to work with these partners early on to start having those plans. And I think overall, the partners who are committed to us, who are not ad hoc, opportunistic – “Oh, this deal I’ll work with Palo only, I’m not fully invested in them” – I get it, those partners may not get there. But frankly, those partners in the first place, they were not driving that much business and that much impact for us to begin with. They were opportunistic, they were bringing some deals, which is totally fine, but we’re not going to necessarily limit our program evolution and requirements based on those. Overall, I feel pretty confident that our strategic partners will be able to meet those requirements come the 18 months. And here’s what I’ll say – last time I did this when I was at ServiceNow and I evolved their partner program, it’s funny how things happen sometimes in the same way. I was there about 18 months before we launched the program. Somehow it worked out to be about 18 months. I don’t know why, it seems like that’s the magic number. And I recall at the time we gave about 18 months and the vast majority of partners ended up getting to where we expected them to go. Yeah, we had a few we had to work with and figure out a way how they can get there in a few more months, but overall it ended up moving that ecosystem in that direction. Now I understand cybersecurity is different than a workflow optimization company, but at the same time, I’ve done these things when I was at Cisco. I’ve done them at ServiceNow and I feel like this is the right move for us at Palo Alto. And I’m encouraged by what I’m seeing early on. The feedback from our partners seems like “Okay, we like this because it’s going to allow our unique partners to stand out.” And if you have too many that are all special, then no one is special. You know how that goes. So we believe 18 months is the right time and the early indication seems to support that. Robert Dutt: It’s funny how, as they say, history rhymes with the 18-month cadence for you across new roles. Switching to the incentive side of things, you’ve eliminated the discount caps that used to lock partners out of earning a rebate on heavily discounted deals. That sounds like a pretty big one for partners. Can you give me a sense of the magnitude here? You’ve said that some partners could be earning two to four times what they were earning before. Is that the aspirational number, or is that broadly achievable? Michael Khoury: That is the actual data. When I said that two to four times, it was actually based on actual data that we modeled based on last year’s performance. So as a matter of fact, when I’m looking at partners, we are more than halfway into our fiscal year ’26, which you know will end in July. So fiscal year ’27 will start August 1st. When I look at our performance for FY26, which we launched the program only in February, so we’re talking about only the second half of the year where these things are making an impact – as a matter of fact, when it comes to the rebates, we changed it in the last two weeks of the second quarter. We didn’t want to finish the second quarter where partners may be holding back on some orders to wait for Q3 where they can earn more rebates. So we made a decision to say “Hey, we’re just going to do it in the last two weeks of the quarter so we don’t hurt our Q2 numbers.” And it turned out to be a good decision because our data was very strong in Q2. So that was great. But it’s a great question. It’s not aspirational. It’s the actual data on past bookings. And what’s really exciting about it – when you look at our next-gen security, around SASE, Cortex, and obviously identity we’re going to address later – but when you look at SASE and Cortex, for us there were a lot of deals our partners were driving but they were not earning those incentives. And here’s one interesting fact. As we started to make that shift and we started to talk about it, all of a sudden in our deal registration – which means mostly the business that our partners obviously source and bring to Palo Alto – our next-gen security deal registration percentages were not as high. And once we started to make that shift and we’re tracking this, you won’t believe it, all of a sudden we’re starting to see an increase in our deal registration and partner-sourced business for us. So that tells me, even though with only one month or one month and a couple of weeks, because we did that change two weeks into the quarter, I’m starting to see the pipeline. I’m starting to see more booking toward that next-gen security. So it’s a good early indication. Obviously I need to wait a couple more quarters. I’m not going to claim victory only in six weeks that we’ve had this. But the early indication, Rob, seems to show that as we made the changes toward these incentives, especially with next-gen security – because in the past a lot of partners, because of the market and competitive dynamics and the way our list pricing model was set up, they were not able to earn incentives on next-gen security – but now they are. So that’s starting to show early indication of pipelines, early indication of deal reg percentages, and so on. So I’m encouraged by where we’re going to finish the year, but I’m more encouraged for next year. Because it’s funny, every time we do these things, when you launch something new it takes about a couple of quarters for the ecosystem to kind of understand, fully adopt, embrace, and put it into an operational vehicle so they can execute on it. And then you start to see in that third and fourth quarter it starts to get much better, and by the fifth and sixth quarter, that’s when you start reaching a higher level. So again, I don’t know why, but somehow things always end up working toward that 18-month kind of trajectory. Because you’re right, the ecosystem cannot pivot right away. They need time to adjust. But that’s what I’ve seen over the years dealing in this for a long time. That’s typically what it takes to get to a higher level. So I’m really excited about where we’re going to end up in ’26 and even more in fiscal year ’27. Robert Dutt: A lot of the audience are mid-market MSPs and resellers, the 15, 20, 50-person shops. When you designed this program, how much were you thinking about that sort of long tail of smaller partners who aren’t at global SI scale? The platform approach – I understand it, it sounds good in theory – but building specializations across the different areas, across network, across cloud, across SOC, requires investment that might be a reach for a smaller partner. What’s the path for that small partner MSP? Michael Khoury: That’s great. First of all, I said it earlier but I didn’t share the percentage with you. I will share it now. Our managed services route to market is growing over 60% year on year. So I can tell you that that’s where we’re seeing a lot of growth. Even traditional VARs, a lot of the traditional VARs are starting to build and deliver managed services. So the business has shifted from just resale, traditional VAR, to managed service. Regarding what we’re offering to that smaller VAR – or that smaller managed service partner, I should say, but it also applies to even our resellers if they want to build a business and go-to-market motion around Palo Alto Networks – we just launched, actually, as part of this program redesign, the ability to have access for all of our partners with on-demand learning experience. Not just for pre-sales and technical sales, which we had always available as on-demand learning, but we just expanded it for post-sales. So now if you’re a smaller partner, you’re going to have access to on-demand learning experience across sales, technical pre-sales, architect roles which are kind of more pre- and a little bit post-sales, across engineer roles for delivery, and across analyst roles for support. So now they have access to on-demand learning experience across all products, which we started with this quarter, and we’re adding more products within the next quarter as well. So that’s number one. Number two, we now incorporate as part of our training for partners an AI roleplay that is also available to them. And the early feedback from partners – we had solution architects from partners come in and do this AI roleplay not prepared. And their feedback initially was “Michael, it kicked my butt, I wasn’t ready.” And now they feel like it gave them an indication of what they need to do better. The new AI roleplay is enabling our partners’ sellers and technical pre-sales to help them position the product. And it’s also enabling the post-sales engineers, architects, and analysts as well. So we’re giving them access across all of that on the portfolio. In addition, once they have access to the on-demand learning experience, part of the ongoing certification model now includes a roleplay. But they also now have access to labs across the entire portfolio. That’s also available to them through that on-demand learning experience. And in addition to that, we just launched Demo Zone, which is also available through the Learning Center. So they can do demos across the product line, they can come in, get training for about an hour, hour and a half, and be able to do demos for customers, really without needing help from a sales engineer or solution consultant at Palo Alto Networks. I touched on this early on when we started – that was one of the key changes we needed to make. Sure, our partners need to have access to the right training, to the right enablement, so they can be self-sufficient. So technically, if you have a smaller partner who’s embarking on their journey with Palo Alto, they’re going to have access to really a lot of content, training, and capability across all roles, available to them on demand. It’s going to allow them to invest and grow and drive that business growth like never before. And obviously with MSSPs, we provide them with programmatic front-end discount that helps them win in that commercial segment, that mid-market that you touched on, without needing a lot of help from Palo Alto. So in a way, we’re giving them access to the training, the enablement, the tools, and also to the programmatic element from a front-end discount, and to the back-end rebate as well, to ensure they can grow and develop that go-to-market motion. So I’m really excited – even though our managed services was growing at 60%, I’m really excited about where it’s going to go a year from now, because I don’t think we’ve touched its full potential. A lot of those managed services partners are going to be able to reap a lot of benefits across the board, across the entire portfolio. Robert Dutt: The AI roleplay tool – that’s something that I thought was really interesting, really fun to see in there. It’s been interesting seeing AI start to find its way into partner programs. Sticking with the sort of idea of resources and smaller partners, are there any Canadian-specific resources or team support that smaller Canadian partners of Palo Alto should know about? Michael Khoury: Look, in Canada we have a very strong managed service motion with partners. And when I look at just the ratio of percentage of Canadian partners and the investment, I see that our Canadian partners actually invest – just from a percentage of resources to booking and revenue – I see our Canadian partners invest more in technical pre-sales roles and training for individuals than in other markets. So I’m very encouraged to see that in Canada, not just are we driving a strong managed service motion, but we also have more investment from a resources perspective. Because when I look at a partner, I don’t just look at how much booking you did with us, because to me booking is more of a lagging indicator. I look at the investments, and not just by the number of certifications they have – I look at the number of individuals. Because obviously you can have one individual sometimes accumulate multiple certifications. So I do look at the number of certifications by product, but we also look at the number of individuals that a partner has invested in. And I’m encouraged to see that in Canada, particularly in our managed service motion and even in our resale motion, I see more and more partners investing in sales and technical and obviously post-sales as well. I found that was interesting data that I uncovered as I was comparing, for example, US partners to Canadian partners. So that’s encouraging. That means our partners in Canada will be able to have, over time, as they leverage the new program, even bigger market share and better representation. Because the data is very clear – partners who invest more in their enablement and their certification, who really go on that journey, their revenue tends to be much higher than partners who don’t make that same commitment. And that’s why we have something that we’re now making available – it’s called our Partner Capacity Dashboard, something brand new. We’re making it available to our Channel Business Managers first for this year. Next year we’ll make it available to partners so they can have clear visibility on all the individuals, the training, the demos, the AI roleplays, all the things that their people are doing. And we also look at their projection for the year’s business and give them guidance on whether they have enough individuals, enough people who are certified. So it’s going to help them really with their business planning for the future. I’m excited about giving this first to our Channel Business Managers. We have a few things to work through, and then by beginning of ’27 we’re going to make it available to partners to help them on that journey. So that’s another one of those things that we’ve evolved and changed. Robert Dutt: You touched on this a couple of times, let’s discuss it now. The CyberArk acquisition closed in February, $25 billion, added identity security into the fold. And that’s something that we’re hearing a lot more about across the industry and throughout the channel. What does CyberArk being in there mean for partners right now? Is there a NextWave path for identity? And how quickly do you think partners are going to be able to build their capability there, particularly with Palo Alto? Michael Khoury: So this was my message probably a week before we closed the CyberArk deal. I went to a CyberArk event, their global sales kickoff, where we had about 200 or so partners. And one of my messages to those partners in the room, I said “Look, if your business is resale, managed service, or consulting implementation on identity only, that’s totally fine. That is a home for you at Palo Alto Networks.” Now it turns out, when we looked at the data, the vast majority of our partners are joint partners, meaning they are both a CyberArk partner and a Palo Alto Networks partner. We had a very small number of partners who are CyberArk-only partners. And those partners, we were in the process of ensuring we onboard them in the next few months before the new fiscal year starts. So the journey for those partners is, if you’re going to continue with identity, we’re going to give you all the support, all the things that I talked about earlier – from access to training, enablement, demos, AI roleplay, tools – all of that is going to be available for identity. All the incentives that I talked about, which today are not available in the CyberArk portfolio, we are going to be working on that for identity for the new year as well. So partners can be even more profitable when they do business on identity. And both CyberArk and Palo Alto, we both embrace partner delivery and support services as well. Between us and them, we have over 90% of the delivery on CyberArk – and a similar thing on Palo Alto – done by partners. So it’s not just the managed services motion or the support motion, but even the delivery motion as well is done by partners. So there will be a path if you just do identity – and again, those are a small percentage – there’ll be a path for those partners to be able to continue to invest in identity. And they’ll have plenty of time to adjust. And if they don’t ever want to go beyond identity, that’s fine. But again, the majority of our partners are actually joint partners between the two companies. So there is a lot more synergy there. When you start looking at data, you start looking at which partners drive the TCVs and the bookings on Palo Alto, there is a lot of overlap. And we’re rationalizing the rest of our ecosystem as well. But I’m excited about adding identity and being able to incentivize and give more support to those identity partners. And I’m glad to say, by having such a large joint overlap, I think that in itself will open up more business for them and more opportunities for us. And frankly, for the Palo Alto partners who do not sell identity – because we have more of those, Palo Alto partners who do not sell identity – this is going to be a great opportunity for them to embrace identity, get the right training, get the right certification and specialization, and be able, if they want to expand beyond what Palo Alto offers, into the identity space. That’s the bigger area of opportunity. Because as I said, the joint customers – all of the CyberArk partners are actually Palo Alto partners – but we had more Palo Alto partners who are not CyberArk, who don’t sell and support identity. And that’s where I feel there is a big potential for growth in that area. Robert Dutt: Do you have any kind of feel for how many of those partners that you describe, who are Palo Alto but not CyberArk, have made identity bets elsewhere? Michael Khoury: That’s a great question. I don’t have that top of mind to share with you as a percentage. Identity tends to be an area where you need to invest deeper. Let me give you an example – a certified delivery engineer at CyberArk is a minimum six-to-nine-month type investment. So it’s not as easy for a partner to pick it up overnight and say “Yeah, I’m ready to go down that path” unless it is part of their go-to-market motion and they have a plan for it. Now, the way we see the future, with more agentic AI and privileged access going to play a bigger role, we believe identity and the privileged access space is going to be an even more key component of that. So I’m going to see more and more partners – not just the joint partners, but more and more partners are going to start to embrace that. But I don’t have the exact percentage top of mind of, hey, if you are Palo Alto only, have you invested with another company versus us. I think they’re going to find very quickly, with all the things we’ve changed in the new program and implementing those with identity and incentivizing more on identity, I think it’s going to be very difficult for them to turn away, even if they were investing with another vendor, not to come to Palo Alto Networks and invest with our identity solution. Especially as we integrate the products and there’s going to be a lot more capability from a platform perspective by having identity. I think it’s going to be more and more difficult to say “Oh, I’m just going to keep working with another company on this one product only.” I think they will see the value, even if I don’t do all the great things I talked about in the program, which we are doing for identity. But from a product and a technology perspective, I think there is a lot of value there. Robert Dutt: My last question – if we’re sitting here a year from now, what does success look like for this program? What’s the metric or the outcome that tells you this revamp worked? Michael Khoury: Yeah. I mean, if I look at the key metrics that we’re looking for – and I think you heard me talk about them already – I’m going to look at how many more partners have trained individuals on Palo Alto Networks, how many more certifications across next-gen security, how much more booking is coming from that side of the house, what percentage more of deal reg is initiated by partners. I’m going to look across various elements to say, did we actually hit the mark? And obviously the other piece is we’re investing in those partnerships as well. All these things that I talked about to make available for partners, it’s an investment on our part. So I need to have that direct correlation to all these key success metrics. And so far the early indication says we’re heading in the right direction. There is one item we haven’t talked about and I want to mention this. Part of our incentive redesign, we also created a program called the Partner Development Fund. So partners will not just be able to earn rebates from us, but also part of the investment they earn will go into a Partner Development Fund that helps them invest in their future growth. So when I look at that future growth and all the activities that partners can drive with us – whether it’s investment in training, investment in headcount, investment in migration services, competitive takeout, whatever the case may be – they’re going to have funds available to them to make that investment in future growth. So one metric I’m going to be looking at is all these partners – how fast they’re growing, where were they growing with Palo Alto Networks as a percentage of business with us, and how fast that is growing now a year later, as we launch this new program with basically adding fuel to that fire and having a flywheel effect. The better job you do, the more we reward you. And the more we reward you, you have more funds to help you reinvest more in that growth. That part is really going to be a key differentiator for us and for those partners. In addition, frankly Rob, our platform strategy across these different products is going to give them a very real competitive advantage. So when you take all that holistically – from a technology perspective, from a program strategy, from a go-to-market motion – all of that combined with access to more training, more enablement, more funds, more support, I think the story is going to look a lot more positive across all these metrics. So I’m looking forward to, by end of fiscal year ’27, which will be the 18-month mark, seeing how this is going to play out. Robert Dutt: All right, I appreciate that, and certainly a lot going on with the NextWave redesign. I appreciate your walking us through some of your thinking around building the program and getting it out there. Michael, thank you. Michael Khoury: Thank you, Rob. Thanks for having me and great to be here. Appreciate the time. Robert Dutt: There you have it, Michael Khoury from Palo Alto Networks. I’d like to thank Michael for his time. He was generous with it, and more importantly, he was generous with specifics, which is not always the case when you get into a partner program conversation. A few things that stuck out for me with this one. First, the listening tour approach. Michael came in, asked partners what was working, and built the revamp around those answers. That sounds obvious, but it’s rarer than it should be. The four pain points that he identified – partners over-relying on Palo Alto staff for basic tasks, managed services being treated like resale, training and enablement that wasn’t keeping up, and an incentive structure that was, in his words, “mostly on paper” – those are complaints I’ve heard from partners across vendors over the years. The question is whether the new program actually fixes them, and the early signals are encouraging. The two-to-four-times earnings improvement isn’t a projection – it’s based on actual past booking data, and they’re already seeing increased deal registration for next-generation security lines within weeks of launch. Second, the diversification requirement. If you’re a firewall-heavy partner, the 30% non-firewall threshold for Diamond level is real, and the clock is ticking. But Michael made a reasonable case that most strategic partners are already within striking distance, and the CyberArk identity practice now counts toward that number, which opens up a path that didn’t exist six months ago. And third, for the audience here in Canada specifically, Michael noted that Canadian partners invest more per resource in technical pre-sales and certifications than partners in other markets. That’s a competitive advantage worth knowing about and leaning into. Thank you for listening. If you found this one useful, I’d appreciate it if you’d follow or subscribe. You can find the In The Channel podcast on Apple Podcasts, Spotify, YouTube, and most podcast directories. And if you have a moment to leave a rating or a review, that goes a long way to helping other channel pros find the show. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

The marketing problem in cybersecurity isn't a character problem. It's a system problem. In this edition of Lens Four, Sean Martin examines how the credibility debt accumulates, what it costs the security leaders trying to make good decisions, and what vendors, buyers, and the market need to do differently.

Send us a text!This week: We're heading back to the Moon (with iPhones in tow!), Tim Cook might actually become Tim Cook™, and iOS 27 could finally fix autocorrect once and for all. Plus: Apple randomly drops the price of the XDR display, a must-know iPhone video trick you'll actually use, and the unbelievable story of Apple employee #8, the man who never left. And to wrap it up — ERF relives his surreal Stand By Me live experience… the full story!SponsorsNordStellarMost companies only act after a breach. Be the one that's prepared. Defend your business with NordStellar. Unlock your 10% discount on NordStellar with the coupon code  cultcast-10-NORDSTELLAR at https://nordstellar.com/cultcast.SquarespaceIf you've been thinking about building a website — or rebuilding one that hasn't aged well — head to Squarespace.com/cultcast for 10% off your first purchase of a website or domain with code CultCast at checkout.CultClothKeep your gadgets, glasses, and more sparkling clean with CultCloth, premium grade cleaning cloths available only at CultCloth.co. Support the CultCast!Fork over $5 a month, show papa ERF you care, at support.thecultcloth.com.You can also go to unfork.thecultcast.com to unfork your support!StoriesPhones are going to the Moon on Artemis IIhttps://appleinsider.com/articles/26/04/02/iphones-are-going-to-the-moon-on-artemis-iiTim Cook Says iPhone Launch Was His Favorite Apple Moment in 50th Anniversary Interviewhttps://www.macrumors.com/2026/04/01/tim-cook-50th-anniversary-interview/iOS 27 Rumored to Feature Keyboard Upgradehttps://www.macrumors.com/2026/04/01/ios-27-upgraded-keyboard-rumor/Studio Display XDR without tilt-adjustable stand now costs lesshttps://appleinsider.com/articles/26/04/01/studio-display-xdr-without-tilt-adjustable-stand-now-costs-lessStop Your iPhone Suppressing Background Audio in Videoshttps://www.macrumors.com/how-to/clearer-audio-zoomed-iphone-videos/Apple employee #8 Chris Espinosa on working his whole life at one companyhttps://9to5mac.com/2026/04/02/apple-employee-8-chris-espinosa-on-working-his-whole-life-at-one-company/

The security industry has spent years debating which tools to buy. Impetum is asking a different question: are the tools you already have actually working? Founded by incident responders who saw the same failures across hundreds of breaches, Impetum built the Persistent Purple Team platform to simulate advanced threat actors inside customer environments on a continuous monthly basis -- not as a one-time engagement, but as an ongoing relationship built around real data, custom TTPs, and a measurable Threat Resilience Score. Matt Stewart and Alex Grohmann spoke with Sean Martin and Marco Ciappelli at RSAC Conference 2026 about what they are hearing on the show floor: agentic AI is accelerating the speed of compromise and exposing vulnerabilities in legacy systems that have been dormant for decades. Against that backdrop, the value of knowing -- not assuming -- that your detection and response capabilities hold up becomes critical. The platform builds that knowledge through live-fire exercises using an organization's own data, validating patch management, XDR, SIEM tuning, and post-compromise detection in a way no annual pen test can. The conversation also touched on the structural talent problem agentic AI is creating inside SOCs. As AI fills the level one analyst role, the pipeline for developing level two analysts and incident responders is narrowing. Impetum sees persistent purple teaming as the training ground that closes that gap -- giving existing teams the repeated, realistic practice they need to respond with confidence when an actual breach begins. Impetum targets mid-size organizations that have the right security tools but lack the budget, bandwidth, and access to industry events to keep those tools continuously validated against evolving attack paths. For those teams, the platform delivers something an annual report cannot: a documented, ongoing record of what works, what does not, and where the program is heading. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Matt Stewart, Co-Founder, Impetum Alex Grohmann, Co-Founder, Impetum LinkedIn: https://www.linkedin.com/in/alexandergrohmann/ RESOURCES Impetum / Persistent Purple Team: https://www.persistentpurpleteam.com ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Matt Stewart, Alex Grohmann, Impetum, Persistent Purple Team, Remedium Security, Sean Martin, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast, purple teaming, continuous security validation, threat resilience, CISO, security operations, SOC, red team, blue team, incident response, agentic AI, MITRE ATT&CK, penetration testing, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

On the RSAC Conference show floor, Tony Anscombe shared how ESET has expanded its threat intelligence offering with ECR reports -- designed to give commercial organizations both machine-readable feeds and human-readable analysis. The reason: threat actors are increasingly hard to attribute, they share tools, run coordinated campaigns, and reinvest profits into more sophisticated operations. Having someone do the research and surface actionable intelligence is no longer a luxury. Anscombe pointed to a telling campaign pattern from last year: threat actors refined attack methods against UK retailers, then rapidly adapted those same techniques against US retailers. The implication is clear -- your business may be unique in its infrastructure, but it is not unique in its sector. Understanding how your sector is being targeted is the foundation of a prevention-first posture. Automation came up as equally non-negotiable. If it takes three days to collect all the information needed to make a determination about an incident, the post-attack phase has already begun. ESET Inspect is designed to flip that equation: when an analyst opens an incident, the forensic analysis is done, the evidence is visualized, and the determination can be made on facts rather than gathered through investigation. Anscombe was careful to draw a line between automation as speed and automation as replacement. ESET's position is that AI should operate alongside human expertise -- trust and verify applies to AI-assisted analysis just as it does to any intelligence feed. Oversight remains essential, even as the tooling gets faster. A preview of upcoming survey data offered one of the more striking moments in the conversation. Roughly 35% of SMBs using MDR are sourcing that service directly from their cyber insurer. Anscombe flagged the monoculture risk: when a large share of businesses in the same sector run identical security stacks, a single point of failure becomes a sector-wide vulnerability. His advice after 30 years in the industry -- different organizations should deliberately choose different platforms to maintain diversity. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET: https://www.eset.com ESET Threat Intelligence: https://www.eset.com/int/business/services/threat-intelligence/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, threat intelligence, cyber resilience, MDR, EDR, XDR, managed detection and response, SMB security, cybersecurity automation, RSAC Conference 2026, prevention-first security, cyber insurance, monoculture risk, ESET Inspect, APT research Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

iOS 26.4 just dropped and Steve is thrilled that the keyboard finally works again. The Trio digs into the new Music app concerts feature (powered by Bands in Town, probably), which leads Steve into a passionate case for the local music scene, Guinness floats, and why authenticity matters more than ever in the age of AI-generated slop. From there, Kotaro floats a wild idea: what if Apple built their own version of OpenClaw using iMessage and their own hardware? Steve points out Apple already has the pieces in place with App Intents and Shortcuts, and the WWDC speculation spirals into distilled Gemini models, local inference on M5 hardware, and Marco Arment's absurd 48 Mac mini data center rack. Steve also reports back from his Apple Store recon mission on the Studio Display vs. the XDR, and Aaron keeps egging him toward the expensive one.## Chapters00:00 Introductions & OS Updates05:48 The Local Music Scene and Its Importance08:35 Authenticity in Music and Art11:40 AI and Its Impact on Creativity14:33 WWDC26 and "AppleClaw?"27:04 Exploring AI Model Parameters and Storage Needs28:31 The Future of Apple "AI" Services30:28 Local vs Cloud Inference: The Power Struggle32:50 Steve's Monitor Update43:13 Wrap-Up43:32 One More Thing...44:48 Tag## Show Notes- iOS 26.4 is out and Steve says the iPhone keyboard actually works now, which is apparently the highlight of the whole release.- The Music app's new concerts feature surfaces local shows based on your listening history, with ticket links through Bands in Town.- Steve makes the case for local music: cheaper shows, interesting venues, accessible artists, and the guarantee that you're not listening to AI-generated slop.- The Trio agrees AI art works as a stock photo replacement but loses something the moment you know it's generated.- Kotaro pitches "AppleClaw," the idea that Apple could build an OpenClaw-style agent using iMessage and their own hardware.- Steve thinks Apple is well positioned since they already have App Intents, Shortcuts, and a Gemini backend they can distill into local models.- Marco Arment apparently has 45+ Mac minis in a data center rack for transcoding podcasts, and yes, he rents actual data center space for them.- The M5 chips can handle useful local inference on 30B parameter models, and Apple's power efficiency gives them an edge over GPU rigs that melt cables (looking at you, PewDiePie).- Steve visited the Apple Store and confirms the XDR display has the best HDR he's ever seen, but he can't unsee the fuzziness of nanotexture.- The monitor decision is down to a glossy Studio Display or the BenQ MA Series, with Aaron lobbying hard for the XDR.## Links**Apple**iOS 26.4: Available now on all Apple platforms**AI & Agents**Welcome to Gas Town: https://steve-yegge.medium.com/welcome-to-gas-town-4f25ee16dd04#55: The "Universal" UI: https://podcast.phillycocoa.org/episodes/55-the-universal-ui**Apps**AppJawn LLC Apps: https://appjawn.com/#apps**One More Thing**SwiftUI Architecture Book by Mohammad Azam: https://azamsharp.school/swiftui-architecture-book.html**PhillyCocoa:** http://phillycocoa.orgIntro music: "When I Hit the Floor", © 2021 Lorne Behrman. Used with permission of the artist.

Fileless malware is one of the most dangerous attack types out there — it never writes to your hard drive, lives entirely in RAM, and can steal your credentials before your antivirus has any idea it's there. In this episode, I bring in Dr. Mike Saylor — my co-author on Learning Ransomware Response & Recovery — to break down exactly how this attack works, why it's so hard to detect, and what you can actually do to protect yourself.Mike walks us through how fileless malware hides in memory, how bad guys maintain their foothold even after a reboot by modifying registry keys or rewriting the operating system itself, and why the ArcGIS attack is a perfect real-world example — attackers sitting undetected inside a network for two years. We also get into MFA, specifically why a lot of MFA setups are done wrong, why passkeys are the better answer, and when it's time to bring in an EDR or XDR tool.Fair warning: the action items here are a bit more advanced than our usual stuff. Think of this as the 401k conversation — don't have it before you've built your emergency fund. But this is stuff you absolutely need to know.00:01:26 - Welcome & intro00:04:43 - What is fileless malware?00:09:16 - How fileless malware achieves persistence (ArcGIS case study)00:15:02 - Can fileless malware spread beyond one machine?00:16:43 - Defending yourself: MFA done right00:20:38 - Why passkeys beat MFA00:23:00 - EDR and XDR explained00:28:03 - How modern EDR tools detect fileless malware00:30:01 - Wrap-up and action items

The Trio declares this an AI-free episode and dives into Apple's latest hardware announcements. Kotaro, Steve, and Aaron break down the new MacBook Neo, its surprisingly capable A18 chip, aluminum build, colorful design, and its potential to expand the Mac market at just $600. Then Steve takes The Trio on a deep dive into his increasingly desperate search for the perfect external monitor, weighing the refreshed Studio Display, the new Studio Display XDR, BenQ's upcoming 5K Mac monitor, Dell's 4K Thunderbolt hub display, and BenQ's programmer-focused 3:2 aspect ratio monitors. What follows is a lively debate over 120Hz refresh rates, macOS 4K scaling quirks, nano-texture vs. glossy glass, multi-monitor setups, MacBook Pro pricing strategies, and whether Kotaro and Aaron can convince Steve to just pick one already.## Chapters00:00 Introductions01:48 MacBook Neo18:31 The Studio Display (2026)22:17 The Studio Display XDR25:26 Understanding 120 Hertz Displays27:49 Evaluating Cost vs. Performance in Monitors29:24 Comparing Alternatives to the Studio Display31:27 The BenQ Monitor: A Viable Contender33:06 Dell 4K and macOS Scaling36:43 BenQ Programmer Series Monitors42:28 Multiple Monitors vs. One High-End Display43:55 Navigating MacBook Pro Configurations45:34 Understanding RAM and Pricing Strategies48:11 Choosing the Right Display for Your Needs53:33 A Digression About Apple Care Prices55:53 A Monitor Intervention01:00:30 Wrap-Up01:00:58 One More Thing...01:02:24 Tag## Show Notes- Apple announces new hardware including the MacBook Neo, refreshed Studio Display, and the new Studio Display XDR- The MacBook Neo starts at $600 ($500 education), features an A18 chip, aluminum unibody, colorful options, and is capable enough for 4K video editing in Final Cut- Touch ID is a $100 add-on: The Trio agree it's worth the upgrade- The refreshed Studio Display gains Thunderbolt 5 and daisy-chaining support but remains 60Hz- The Studio Display XDR starts at $3,299 with mini-LED backlighting, 120Hz ProMotion, and the stand included- Steve's monitor search considers: Studio Display ($1,500 edu), Studio Display XDR ($3,200 edu), BenQ 5K Mac monitor (~$1,000), Dell 4K Thunderbolt hub (~$800), and BenQ RD280UG programmer monitor (~$700)- Discussion of macOS 4K scaling issues: macOS renders at 5K and downsamples to 4K, which can cause artifacts- The BenQ programmer monitor features a 3:2 aspect ratio (28"), 120Hz, dark/light mode presets, and a halo backlight, but weaker color reproduction- Nano-texture vs. glossy glass: nano-texture reduces glare but can appear slightly fuzzy; standard glass is easier to clean- Apple's MacBook Pro pricing now ties higher RAM options to higher chip tiers, effectively bundling price increases- AppleCare One costs more per additional device ($6/mo) than standalone AppleCare Plus ($5/mo): a pricing quirk Steve finds baffling- BentoFit, The Trio's health kit dashboard app, gets a plug: download it at bentofit.app- Kotaro asks if this is the "Steve intervention podcast" as the monitor debate spirals. Aaron's rational choice? Buy the XDR and keep it for 10 years. Steve remains unconvinced. Stay tuned.## Links**MacBook Neo Reviews**John Gruber (Daring Fireball): https://daringfireball.net/2026/03/the_macbook_neoTyler Stalman: https://www.youtube.com/watch?v=d-VOt9559GkMarques Brownlee (MKBHD): https://www.youtube.com/watch?v=iGeXGdYE7UELinus Tech Tips: https://www.youtube.com/watch?v=sSheV0FEYYU**Displays**ArtIsRight on nano-texture displays: https://www.youtube.com/watch?v=xzEmuA53LLE**One More Thing**AppJawn LLC: https://appjawn.comApps: Clipdish, Mio Vino, Minimalist Meditation Timer**PhillyCocoa:** http://phillycocoa.orgIntro music: "When I Hit the Floor", © 2021 Lorne Behrman. Used with permission of the artist.

Send a textAI is not a future cybersecurity problem. It is a right now career problem, and it is also a massive opportunity if you prepare the right way. I walk through how AI is changing cybersecurity forever, from AI-generated phishing and malware to brand new attack surfaces like prompt injection and LLM attacks. At the same time, I explain why modern defense stacks are getting smarter fast, with AI baked into SIEM, EDR, XDR, threat intelligence, and cloud security posture tools.We also zoom out to what senior leaders are expected to do today. CSOs and CISOs are hired to protect more than systems. They protect revenue, brand trust, and business continuity, and they have to communicate risk in language the board can act on. If you want to grow into leadership, I share the mindset shift away from being the “job of no” and toward enabling the business with clear trade-offs, metrics, and outcomes.Whether you are new to cyber or you have 5 to 20 years in, you will leave with a practical plan: which certifications build momentum, which roles AI is disrupting, what skills AI cannot replace, and how to run a 12-month upskill roadmap that keeps you relevant in the AI era. If this helps you, subscribe, share it with one person in cyber, and please leave a review so more CISSP and cybersecurity professionals can find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Apple just announced seven new products, including the new iPhone 17e, the MacBook Neo, refreshed MacBook Pro models, and updated iPad Air and Studio Displays. In this episode of YourTechReport, Marc Aflalo and Mitchell Whitfield break down the biggest announcements and what they mean for Apple's product lineup. The new iPhone 17e delivers a surprising amount of performance for the price. It includes the A19 chip, Apple Intelligence support, MagSafe, improved battery life, and a refined 48-megapixel Fusion camera. At $599, it offers many flagship features while skipping some high-end options like ProMotion and multi-lens cameras.  The bigger surprise may be the MacBook Neo, Apple's lowest-cost laptop yet. Powered by the A18 Pro chip, the same processor used in the iPhone 16 Pro, the Neo challenges the traditional Mac lineup by delivering performance that rivals older MacBook Air models at a significantly lower price.  Marc and Mitchell also discuss the broader shift happening across Apple's lineup. As entry-level devices become more powerful, the differences between “standard,” “Air,” and “Pro” products are getting harder for consumers to understand. Is Apple preparing to restructure its entire product lineup? This episode explores how Apple's latest releases may signal a major shift in how the company positions its devices moving forward. Chapters   00:00 Apple announces seven new products 01:10 The iPhone 17e and why it matters 02:10 Specs and features of the iPhone 17e 03:10 What Apple removed to hit the price point 04:20 Why the 17e could replace the base iPhone 05:30 The MacBook Neo announcement 06:30 Apple's cheapest laptop ever 07:30 How the Neo compares to MacBook Air 08:40 Are Apple's product lines getting confusing 10:00 MacBook Pro updates with M5 chips 11:15 Studio Display and XDR display updates 12:30 Why Apple may change product names Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Unsecurity Podcast is back for our annual discussion with Pinky, FRSecure's Incident Response Manager, to discuss the "Breachmas" season.Breachmas is a time of year or a phenomenon when attackers pull a few more levers available to them—more people on PTO, increased online spending, and general busyness contributing to less focus. The result is an uptick in cyber incidents nearing the end of each calendar year.As the team lead of FRSecure's blue team, Pinky lives and breathes incident handling. Each year, we like to get his perspective on how Breachmas has changed or evolved to stay better informed on how to protect our clients (and ourselves). This is a reflection of what we saw at year-end 2025, along with suggestions moving forward!In this episode, learn about:Resurgence of RansomwareImportance of Conditional AccessTaking a Layered Approach to Security ToolsLogs, Baselining, and Anomaly DetectionEvilGinx and Token Theft AttacksNew This Year: Extortion and AILike, subscribe, and share with your network to stay informed about the latest in cyber and information security!We want to hear from you! Reach out at unsecurity@frsecure.com and follow us for more:LinkedIn: https://www.linkedin.com/company/frsecure/Instagram: https://www.instagram.com/frsecureofficial/Facebook: https://www.facebook.com/frsecure/BlueSky: https://bsky.app/profile/frsecure.bsky.socialAbout FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start or looking for a team of experts to collaborate with you, we are ready to serve.

Stay ahead of real-world threats without overwhelming your team using Microsoft Defender Experts for XDR. Offload high-severity incidents, gain full visibility into every investigation, and follow clear, guided remediation steps so you can contain attacks quickly and confidently, day or night. Extend your security operations with always-on managed detection and response and proactive threat hunting, so you can uncover hidden risks early, stop threats threats they spread, and strengthen your defenses to prevent future attacks.  Maynald Savatdy, Microsoft Defender Expert, shows how to detect, contain, and hunt threats across your environment with support from human experts.  ► QUICK LINKS:  00:00 - Microsoft Defender Experts 00:54 - 24/7 Security Coverage 01:35 - Visibility & guidance actions 03:34 - Incidents and alerts 04:25 - Social engineering attack 05:36 - Defender Experts for hunting 06:34 - Wrap up ► Link References Get started at https://aka.ms/DefenderExperts ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Tras la pataleta tradicional por la coincidencia del MWC y la presentación de productos por parte de Apple, arrancamos nuestro podcasts comentando todo lo presentado en la semana fantástica de la manzana. Ha habido actualizaciones de productos, como la incorporación de los M5 al MacBook Air, y los M5 Pro y M5 Max a los más PRO de la familia. El iPad Air recibió el M4 y así Apple puso al día sus dispositivos más laureados. Las repasamos y comentamos sin mayores polémicas en el grupo, todos coincidimos en eso, una actualización.En el apartado monitores, Apple ha presentado dos modelos, uno muy continuista y uno XDR, el que se lleva todas las mejoras. Aquí si hemos tenido más debate y alguna torta por el rumbo tomado por Apple.Y hemos dejado para el final las verdaderas novedades de esta semana. El iPhone 17e, promete ser un superventas al que han actualizado procesador y carga magsafe como principales novedades y que lo posicionan en un dispositivo muy completo y recomendable.Para el final, el nuevo miembro de la familia que ha venido a revolucionar la gama de entrada en el mundo portátil. El más que rumoreado MacBook de precio contenido y características que aún así son muy interesantes. A la espera de poder ponerle las manos encima y tener las primeras impresiones, sobre el papel, promete y mucho.Como era de esperar, esta presentación también será objeto de debate en la familia de Manzanas Enfrentadas.Para finalizar nuestro podcast, algunas noticias rápidas.Este podcasts es parte del compromiso 7 de 7 de Manzanas Enfrentadas, Lo tenemos!!!  .

In this episode:Diving into the depths of psychological performance in sports, this episode of the TriDoc Podcast features an engaging discussion between host Jeff Sankoff and psychologist Dr. Jim Taylor. They explore the concept of mastering adversity as a way to enhance athletic performance, particularly in triathlons. The conversation kicks off with a humorous nod to Jeff's raspy voice, a remnant of his recent battle with a respiratory infection, which he cleverly ties into the theme of overcoming challenges. Dr. Taylor shares invaluable insights on resilience, emphasizing that the mental tools athletes develop through life experiences can be incredibly beneficial when facing adversity in sports. They discuss how athletes can prepare mentally for various scenarios during races, highlighting the importance of rehearsing potential challenges in advance. As they delve deeper, they touch upon the five attitudes that can hinder performance, including over-investment, perfectionism, fear of failure, preoccupation with results, and excessive expectations. By shedding light on these psychological barriers, Jeff and Dr. Taylor provide listeners with practical strategies to combat them, encouraging a mindset that prioritizes enjoyment and personal progress over rigid expectations and outcomes. This episode is a treasure trove for athletes looking to enhance their mental game while navigating the thrilling yet intimidating world of triathlons. The Medical Mailbag will be exploring the risk of swimming induced pulmonary edema in triathletes, and will investigate the data from studies done in Sweden to educate the audience on the risks and ways of ceasing the progression of pulmonary edema.Segments:[4:51]- Medical Mailbag: SIPE[36:13]- Interview: Dr. Jim TaylorLinksDr. Jim's Facebook page@drjimtaylor on Instagram@drjimtaylor on XDr. Jim on YouTube

Send a textWatch the video!https://youtu.be/_viRbDRldC0In the News blog post for March 6, 2026https://www.iphonejd.com/iphone_jd/2026/03/in-the-news819.html 00:00 7 Lucky Products!01:34 The Neato Neo27:53 Let's XDR the Screen!35:24 M5 Pro and Max Bumps40:03 More 4 Air46:25 The iPhone eNough50:39 Update Slipped in the Back…51:56 Use HEADPHONES or Don't Fly!54:48 You Crazy Kids With Your Fancy iPods1:01:01 Brett's Apple Music Tip: Try out Music Haptics1:04:09 Jeff's Apple Music Tip: Try out Crossfade and AutoMixJoe Rossignol | MacRumors: Apple Unveiled These Seven New Products This WeekJohn Gruber | Daring Fireball: Thoughts and Observations on the MacBook NeoStephen Hackett | 512 Pixels: The Technical Differences Between the MacBook Neo and MacBook AirM.G. Siegler | Spyglass: MacBook Neo: WhoaAdam Engst | TidBITS: Apple Introduces Studio Display XDR and Refreshes Studio DisplayJeff's Post: Why lawyers will love the new iPad AirChance Miller | 9to5Mac: iPhone 17e is here and it solves the iPhone 16e's biggest problemChance Miller | 9to5Mac: Apple releases iOS 26.3.1 for iPhoneMatt Novak | Gizmodo: The New United Airlines Policy That Could Get You Kicked Off a FlightKalley Huang | The New York Times: Bring On Defunct: The iPod Enthralls Young Music ListenersBrett's Apple Music Tip: Music Hapticshttps://music.apple.com/us/multi-room/6670447147 https://support.apple.com/guide/iphone/play-music-as-taps-textures-and-more-iphff2ceeb16/ios Jeff's Apple Music Tip: Apple Music Crossfade and AutoMixIf you're using iOS 26 or later and listening to music from the Apple Music catalog, AutoMix seamlessly transitions between songs, like a DJ. Crossfade: Simple song transitions from one to the next for a set duration. https://support.apple.com/guide/iphone/transition-songs-iphadf2fe1f4/ios https://support.apple.com/guide/iphone/queue-up-your-music-ipha4521ef7d/26/ios/26 Support the showBrett Burney from http://www.appsinlaw.comJeff Richardson from http://www.iphonejd.com

The MacVoices Live! panel continues to examine Apple's latest hardware news. This time,Chuck Joiner, David Ginsburg, Brian Flanigan-Arthurs, Marty Jencius, Jeff Gamet, Eric Bolden, Web Bixby, and Jim Rea examine the refreshed Studio XDR display, an M4 iPad Air update, and the iPhone 17e. The crew debates whether premium displays justify their cost, why “pro” products struggle with mainstream perception, and how the iPad Air fits real workflows. They also praise the 17e's value, especially MagSafe and higher base storage, and speculate that rising base specs may be preparing for a smarter Siri.  This edition of MacVoices is supported by MacVoices Magazine, our free magazine on Flipboard. Updated daily with the best articles on the web to help you do more with your Apple gear and adjacent tech, access MacVoices Magazine content on Flipboard, on the web, or in your favorite RSS reader. Show Notes: Chapters: 00:00 Opening and topics preview00:11 Support message and transition to announcements00:35 New Studio XDR: specs and the “monitor market” question01:36 Price vs. value: who should buy an XDR?02:42 Alternatives and real-world studio display satisfaction03:36 Stands, VESA mounts, and Apple pricing quirks04:28 “Gorgeous, but…” comparing to other high-end displays04:55 Pro reference monitors vs. consumer expectations06:16 Apple stepping back from the pro display space06:38 Mac Pro vs. Mac Studio: is the tower era over?09:41 “Studio” devices as the new pro lineup10:06 Laptops as pro machines and Thunderbolt expandability11:12 TV pricing collapse and why specialty stores quit TVs14:46 M4 iPad Air announcement: what changed and why15:00 Press reactions and positioning vs. iPad Pro16:08 Real-world cost build-up with keyboards/cellular17:25 iPad Air use cases: consumption, value, and longevity20:13 iPhone 17e: why coverage is surprisingly positive22:19 17 vs. 17e: display/camera tradeoffs, MagSafe returns23:44 Storage bump and expected sales impact25:59 Who the 17e is for—and who's waiting for the Fold30:10 A “modem phone” use case and privacy hopes31:32 iPad Pro in daily workflow: Notes + iCloud33:18 “Base specs” theory: preparing for the next Siri35:28 Timing, memory pressure, and avoiding future backlash37:14 Wrap-up and credits Links: Apple announces Studio Display XDR with 120Hz refresh rate, mini-LED, morehttps://9to5mac.com/2026/03/03/apple-announces-studio-display-xdr-with-120hz-refresh-rate-mini-led-more/ Apple Unveils iPad Air With M4 Chip, Increased RAM, Wi-Fi 7, and Morehttps://www.macrumors.com/2026/03/02/apple-announces-ipad-air-with-m4-chip/ Apple officially announces iPhone 17e with MagSafe, 256GB storage, morehttps://9to5mac.com/2026/03/02/apple-officially-announces-iphone-17e-with-magsafe-256gb-storage-more/ Guests:   Web Bixby has been in the insurance business for 40 years and has been an Apple user for longer than that.You can catch up with him on Facebook, Twitter, and LinkedIn, but prefers Bluesky. Eric Bolden is into macOS, plants, sci-fi, food, and is a rural internet supporter. You can connect with him on Twitter, by email at embolden@mac.com, on Mastodon at @eabolden@techhub.social, on his blog, Trending At Work, and as co-host on The Vision ProFiles podcast. Brian Flanigan-Arthurs is an educator with a passion for providing results-driven, innovative learning strategies for all students, but particularly those who are at-risk. He is also a tech enthusiast who has a particular affinity for Apple since he first used the Apple IIGS as a student. You can contact Brian on twitter as @brian8944. He also recently opened a Mastodon account at @brian8944@mastodon.cloud. Jeff Gamet is a technology blogger, podcaster, author, and public speaker. Previously, he was The Mac Observer's Managing Editor, and the TextExpander Evangelist for Smile. He has presented at Macworld Expo, RSA Conference, several WordCamp events, along with many other conferences. You can find him on several podcasts such as The Mac Show, The Big Show, MacVoices, Mac OS Ken, This Week in iOS, and more. Jeff is easy to find on social media as @jgamet on Twitter and Instagram, jeffgamet on LinkedIn., @jgamet@mastodon.social on Mastodon, and on his YouTube Channel at YouTube.com/jgamet. David Ginsburg is the host of the weekly podcast In Touch With iOS where he discusses all things iOS, iPhone, iPad, Apple TV, Apple Watch, and related technologies. He is an IT professional supporting Mac, iOS and Windows users. Visit his YouTube channel at https://youtube.com/daveg65 and find and follow him on Twitter @daveg65 and on Mastodon at @daveg65@mastodon.cloud. Dr. Marty Jencius has been an Associate Professor of Counseling at Kent State University since 2000. He has over 120 publications in books, chapters, journal articles, and others, along with 200 podcasts related to counseling, counselor education, and faculty life. His technology interest led him to develop the counseling profession ‘firsts,' including listservs, a web-based peer-reviewed journal, The Journal of Technology in Counseling, teaching and conferencing in virtual worlds as the founder of Counselor Education in Second Life, and podcast founder/producer of CounselorAudioSource.net and ThePodTalk.net. Currently, he produces a podcast about counseling and life questions, the Circular Firing Squad, and digital video interviews with legacies capturing the history of the counseling field. This is also co-host of The Vision ProFiles podcast. Generally, Marty is chasing the newest tech trends, which explains his interest in A.I. for teaching, research, and productivity. Marty is an active presenter and past president of the NorthEast Ohio Apple Corp (NEOAC). Jim Rea built his own computer from scratch in 1975, started programming in 1977, and has been an independent Mac developer continuously since 1984. He is the founder of ProVUE Development, and the author of Panorama X, ProVUE's ultra fast RAM based database software for the macOS platform. He's been a speaker at MacTech, MacWorld Expo and other industry conferences. Follow Jim at provue.com and via @provuejim@techhub.social on Mastodon. Support:      Become a MacVoices Patron on Patreon     http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect:      Web:     http://macvoices.com      Twitter:     http://www.twitter.com/chuckjoiner     http://www.twitter.com/macvoices      Mastodon:     https://mastodon.cloud/@chuckjoiner      Facebook:     http://www.facebook.com/chuck.joiner      MacVoices Page on Facebook:     http://www.facebook.com/macvoices/      MacVoices Group on Facebook:     http://www.facebook.com/groups/macvoice      LinkedIn:     https://www.linkedin.com/in/chuckjoiner/      Instagram:     https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes     Video in iTunes      Subscribe manually via iTunes or any podcatcher:      Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

The MacVoices Live! panel continues to examine Apple's latest hardware news. This time,Chuck Joiner, David Ginsburg, Brian Flanigan-Arthurs, Marty Jencius, Jeff Gamet, Eric Bolden, Web Bixby, and Jim Rea examine the refreshed Studio XDR display, an M4 iPad Air update, and the iPhone 17e. The crew debates whether premium displays justify their cost, why "pro" products struggle with mainstream perception, and how the iPad Air fits real workflows. They also praise the 17e's value, especially MagSafe and higher base storage, and speculate that rising base specs may be preparing for a smarter Siri.  This edition of MacVoices is supported by MacVoices Magazine, our free magazine on Flipboard. Updated daily with the best articles on the web to help you do more with your Apple gear and adjacent tech, access MacVoices Magazine content on Flipboard, on the web, or in your favorite RSS reader. Show Notes: Chapters: 00:00 Opening and topics preview 00:11 Support message and transition to announcements 00:35 New Studio XDR: specs and the "monitor market" question 01:36 Price vs. value: who should buy an XDR? 02:42 Alternatives and real-world studio display satisfaction 03:36 Stands, VESA mounts, and Apple pricing quirks 04:28 "Gorgeous, but…" comparing to other high-end displays 04:55 Pro reference monitors vs. consumer expectations 06:16 Apple stepping back from the pro display space 06:38 Mac Pro vs. Mac Studio: is the tower era over? 09:41 "Studio" devices as the new pro lineup 10:06 Laptops as pro machines and Thunderbolt expandability 11:12 TV pricing collapse and why specialty stores quit TVs 14:46 M4 iPad Air announcement: what changed and why 15:00 Press reactions and positioning vs. iPad Pro 16:08 Real-world cost build-up with keyboards/cellular 17:25 iPad Air use cases: consumption, value, and longevity 20:13 iPhone 17e: why coverage is surprisingly positive 22:19 17 vs. 17e: display/camera tradeoffs, MagSafe returns 23:44 Storage bump and expected sales impact 25:59 Who the 17e is for—and who's waiting for the Fold 30:10 A "modem phone" use case and privacy hopes 31:32 iPad Pro in daily workflow: Notes + iCloud 33:18 "Base specs" theory: preparing for the next Siri 35:28 Timing, memory pressure, and avoiding future backlash 37:14 Wrap-up and credits Links: Apple announces Studio Display XDR with 120Hz refresh rate, mini-LED, more https://9to5mac.com/2026/03/03/apple-announces-studio-display-xdr-with-120hz-refresh-rate-mini-led-more/ Apple Unveils iPad Air With M4 Chip, Increased RAM, Wi-Fi 7, and More https://www.macrumors.com/2026/03/02/apple-announces-ipad-air-with-m4-chip/ Apple officially announces iPhone 17e with MagSafe, 256GB storage, more https://9to5mac.com/2026/03/02/apple-officially-announces-iphone-17e-with-magsafe-256gb-storage-more/ Guests:   Web Bixby has been in the insurance business for 40 years and has been an Apple user for longer than that.You can catch up with him on Facebook, Twitter, and LinkedIn, but prefers Bluesky. Eric Bolden is into macOS, plants, sci-fi, food, and is a rural internet supporter. You can connect with him on Twitter, by email at embolden@mac.com, on Mastodon at @eabolden@techhub.social, on his blog, Trending At Work, and as co-host on The Vision ProFiles podcast. Brian Flanigan-Arthurs is an educator with a passion for providing results-driven, innovative learning strategies for all students, but particularly those who are at-risk. He is also a tech enthusiast who has a particular affinity for Apple since he first used the Apple IIGS as a student. You can contact Brian on twitter as @brian8944. He also recently opened a Mastodon account at @brian8944@mastodon.cloud. Jeff Gamet is a technology blogger, podcaster, author, and public speaker. Previously, he was The Mac Observer's Managing Editor, and the TextExpander Evangelist for Smile. He has presented at Macworld Expo, RSA Conference, several WordCamp events, along with many other conferences. You can find him on several podcasts such as The Mac Show, The Big Show, MacVoices, Mac OS Ken, This Week in iOS, and more. Jeff is easy to find on social media as @jgamet on Twitter and Instagram, jeffgamet on LinkedIn., @jgamet@mastodon.social on Mastodon, and on his YouTube Channel at YouTube.com/jgamet. David Ginsburg is the host of the weekly podcast In Touch With iOS where he discusses all things iOS, iPhone, iPad, Apple TV, Apple Watch, and related technologies. He is an IT professional supporting Mac, iOS and Windows users. Visit his YouTube channel at https://youtube.com/daveg65 and find and follow him on Twitter @daveg65 and on Mastodon at @daveg65@mastodon.cloud. Dr. Marty Jencius has been an Associate Professor of Counseling at Kent State University since 2000. He has over 120 publications in books, chapters, journal articles, and others, along with 200 podcasts related to counseling, counselor education, and faculty life. His technology interest led him to develop the counseling profession 'firsts,' including listservs, a web-based peer-reviewed journal, The Journal of Technology in Counseling, teaching and conferencing in virtual worlds as the founder of Counselor Education in Second Life, and podcast founder/producer of CounselorAudioSource.net and ThePodTalk.net. Currently, he produces a podcast about counseling and life questions, the Circular Firing Squad, and digital video interviews with legacies capturing the history of the counseling field. This is also co-host of The Vision ProFiles podcast. Generally, Marty is chasing the newest tech trends, which explains his interest in A.I. for teaching, research, and productivity. Marty is an active presenter and past president of the NorthEast Ohio Apple Corp (NEOAC). Jim Rea built his own computer from scratch in 1975, started programming in 1977, and has been an independent Mac developer continuously since 1984. He is the founder of ProVUE Development, and the author of Panorama X, ProVUE's ultra fast RAM based database software for the macOS platform. He's been a speaker at MacTech, MacWorld Expo and other industry conferences. Follow Jim at provue.com and via @provuejim@techhub.social on Mastodon. Support:      Become a MacVoices Patron on Patreon      http://patreon.com/macvoices      Enjoy this episode? Make a one-time donation with PayPal Connect:      Web:      http://macvoices.com      Twitter:      http://www.twitter.com/chuckjoiner      http://www.twitter.com/macvoices      Mastodon:      https://mastodon.cloud/@chuckjoiner      Facebook:      http://www.facebook.com/chuck.joiner      MacVoices Page on Facebook:      http://www.facebook.com/macvoices/      MacVoices Group on Facebook:      http://www.facebook.com/groups/macvoice      LinkedIn:      https://www.linkedin.com/in/chuckjoiner/      Instagram:      https://www.instagram.com/chuckjoiner/ Subscribe:      Audio in iTunes      Video in iTunes      Subscribe manually via iTunes or any podcatcher:      Audio: http://www.macvoices.com/rss/macvoicesrss      Video: http://www.macvoices.com/rss/macvoicesvideorss

Apple sigue con su semana grande de actualización de productos y hoy le ha tocado el turno a los portátiles y a las pantallas. Chip M5 para todos y versiones Pro y Max para los que quieremos más potencia. La sorpresa quizás haya estado en la versión XDR de su pantalla más capaz.

Rejoignez la communauté iWeek et soutenez-nous sur patreon.com/iweek !Voici le 2ème numéro d'“iWeek mini“ !MacBook Air M5, MacBook Pro M5 Pro-Max, nouveaux Studio Display (& XDR), notre premier débrief !Enregistré en streaming, mardi 3 mars 2026 à 17h50, enregistrement accessible en direct pour nos soutiens Patreon ainsi que sur X, YouTube et LinkedIn.Présentation : Benjamin Vincent, journaliste, producteur et présentateur de Les Voix de la Tech avec la participation de François Le Truedic, enseignant et formateur.Au sommaire : le MacBook Air M5, les MacBook Pro M5 Pro-Max et les nouveaux Studio Display (& XDR), tout juste annoncés par Apple.Rendez-vous à nouveau dès demain, mercredi 4 mars, à partir de 18h30, en direct (accès exclusif pour nos soutiens Patreon, rejoignez-les en allant sur patreon.com/iweek) pour le 3ème et dernier jour d'annonces Apple, avec sans doute l'officialisation du MacBook Neo et le retour complet sur toutes les annonces effectuées depuis lundi. On compte sur vous !Hébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

En el MERO de esta semana, tenemos que comentar las últimas rumores, las últimas características que esperamos para la segunda versión de la Apple Studio Display. En realidad, para las 2 futuras display, porque hay rumores de dos modelos diferentes. Uno muy parecido al modelo actual y otro con grandes mejoras. O podría ser este segundo modelo, la nueva XDR display. Este podcast es parte del compromiso 7 de 7 de manzanas informadas. Lo tenemos!

The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary] https://isc.sans.edu/diary/The+CLAIR+Model+A+Synthesized+Conceptual+Framework+for+Mapping+Critical+Infrastructure+Interdependencies+Guest+Diary/32748 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability CVE-2026-20127 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk https://blog.talosintelligence.com/uat-8616-sd-wan/ Abusing Cortex XDR Live https://labs.infoguard.ch/posts/abusing_cortex_xdr_live_response_as_c2/ OpenSSL Vulnerability CVE-2025-15467 https://seclists.org/oss-sec/2026/q1/220

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Dr. Alexandra is joined by renowned guest Dr. Mona Fishbane for a deep-dive into healthy relational habits, conflict resolution, and aging alongside one's partner.Resources worth mentioning from the episode:Loving with the Brain in Mind: Neurobiology and Couple Therapy by Mona Fishbane, Ph.D.: https://bookshop.org/books/loving-with-the-brain-in-mind-neurobiology-and-couple-therapy/9780393706536Keep Sharp: Build a Better Brain At Any Age by Sanjay Gupta, MD: https://bookshop.org/books/keep-sharp-build-a-better-brain-at-any-age/9781501166730The Vulnerability Cycle (Dr. Mona Fishbane's article with Michele Scheinkman, CSW): https://onlinelibrary.wiley.com/doi/abs/10.1111/j.1545-5300.2004.00023.xDr. Fishbane's website: Monafishbane.comContinue the conversation with Dr. Alexandra Solomon:Ask a question! Submit your relationship challenge: https://form.jotform.com/212295995939274Order Dr. Alexandra's book, Love Every Day: https://bookshop.org/p/books/love-every-day-365-relational-self-awareness-practices-to-help-your-relationship-heal-grow-and-thrive-alexandra-solomon/19970421?ean=9781683736530Cultivate connection by subscribing to Dr. Alexandra's Loving Bravely newsletter: https://newsletter.dralexandrasolomon.com/Learn more on IG: https://www.instagram.com/dr.alexandra.solomon/ Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Building a cyber security team isn't optional anymore; it's the difference between recovering from ransomware and going out of business. In this episode, Curtis and Prasanna explain why hardening your backup infrastructure is only half the battle. You need professionals who know how to configure XDR systems without drowning you in false positives, blue teams to defend your environment, and red teams to test whether your defenses actually work. They cover the role of MSSPs, incident response planning, cyber insurance requirements, and why attempting ransomware response on your own is like those old TV warnings: "Don't try this at home." If you've been following their series on backup basics and system hardening, this episode ties it all together with the human element that makes or breaks your recovery plan.

Today, we're talking muscle, protein, and everything you need to know about healthy aging with Dr. Gabrielle Lyon. We break down optimal protein intake, the habits that actually build muscle, and the most effective way to train in your 30s, 40s, and 50s. If you want a clear, science-backed roadmap to becoming “forever strong,” this episode is it! Timestamps:[3:36] Welcome Dr. Lyon[22:53] What's the ideal ratio of protein for women who strength train?[23:59] If you're trying to build muscle and lose fat, how does protein change?[25:38] Should our macros change as we age? Also, what are your favorite brands of protein powder and supplements? [34:29] Do you take creatine and amino acids every day or just on the days you work out?[38:13] Should collagen intake be counted towards daily protein intake?[40:49] How do I get enough protein each day if a high dose messes up my digestion?[42:36] Does consuming protein with carbs or with fat make a fat for building lean muscle?[43:58] Does your body's ability to absorb protein decrease as you age?[44:21] I'm struggling with estrogen dominance, how do I get enough protein without relying too much on animal protein?[44:57] What is the best thing to eat before weight training and then after?[46:08] Do macro and nutrient requirements change with your cycle? [47:16] How do I know if I'm actually succeeding in building lean muscle? [47:48] Is it true that too much protein is bad for the kidneys?[48:38] I'm 44 and exercise, I do a combo of cardio and strength. This past year, I've put on weight and what I've done in the past isn't working any more- any tips or tricks? [49:34] What would a good weekly workout routine look like? How much walking should we prioritize over cardio? [50:56] I'm interested in lifting heavy and know there are a lot of options, but I'd like to increase my weight in my back squat but my core is compromised. Any advice? [53:37] What are my sequencing of workouts for optimal muscle building? Episode Links:Dr. Lyon's websiteFollow Dr. Lyon on InstagramFollow Dr. Lyon on XDr. Lyon's YouTubeGet "Forever Strong"RDA is .8 grams per kg of bodyweight, recommended by Dr. Lyon: 1.6 grams per kg of bodyweightProtein powders:https://1stphorm.com/collections/proteinhttps://www.thorne.com/products/set/protein-powdersWhat's the ideal ratio of protein for women that weight train? Keep protein 1 gram per pound ideal body weight, but increase calories by 10-20%.3 supplements for muscle building:Creatine Monohydrate: getkion.com/wellfedUrolithin A: https://www.mitopure.com/  Omega-3 fatty acid DEXA scanIn Body scanSponsors:Go to wellminerals.us/vitaminc and use code WELLFED to get 10% off your order.Go to http://mdlogichealth.com/wfcolostrum, and use coupon code WFC15 for 15% off. You can also use code WELLFED for 10% off site wide on all MD Logic Products. Go to drinklmnt.com/wellfed and use code WELLFED to get a free 8-pack with any drink mix purchase!

Neste episódio conversamos como Willian Oliveira e Fernando Andreazi, da Kaspersky, sobre a evolução das ferramentas de segurança que vão além do endpoint, abordando a mudança no cenário de segurança e a necessidade de enfrentar ameaças cada vez mais sofisticadas. Você irá aprender sobre XDR, também conhecido como Extended Detection and Response e o MXDR, ou ou Managed Extended Detection and Response. Willian e Fernando trarão toda a sua experiência na área para lhe ajudar na escolha da melhor solução de segurança para o seu negócio. Este é um episódio patrocinado pela Kaspersky. Conheça o Kaspersky Next Optimum – Segurança em níveis projetada especialmente para solucionar vários desafios de negócios  Visite nossa campanha de financiamento coletivo e nos apoie!  Conheça o Blog da BrownPipe Consultoria e se inscreva no nosso mailing

The Overtired trio reunites for the first time in ages, diving into a whirlwind of health updates, hilarious anecdotes, and the latest tech obsessions. Christina shares a dramatic spinal saga while Brett and Jeff discuss everything from winning reddit contests to creating a universal markdown processor. Tune in for updates on Mark 3, the magical world of Scrivener, and why Brett’s back on Bing. Don’t miss the banter or the tech tips, and as always, get ready to laugh, learn, and maybe feel a little overtired yourself. Sponsor Shopify is the commerce platform behind 10% of all eCommerce in the US, from household names like Mattel and Gymshark, to brands just getting started. Get started today at shopify.com/overtired. Chapters 00:00 Welcome to the Overtired Podcast 01:09 Christina’s Health Journey 10:53 Brett’s Insurance Woes 15:38 Jeff’s Mental Health Update 24:07 Sponsor Spot: Shopify 24:18 Sponsor: Shopify 26:23 Jeff Tweedy 27:43 Jeff’s Concert Marathon 32:16 Christina Wins Big 36:58 Monitor Setup Challenges 37:13 Ergotron Mounts and Tall Poles 38:33 Review Plans and Honest Assessments 38:59 Current Display Setup 41:30 Thunderbolt KVM and Display Preferences 42:51 MacBook Pro and Studio Comparisons 50:58 Markdown Processor: Apex 01:07:58 Scrivener and Writing Tools 01:11:55 Helium Browser and Privacy Features 01:13:56 Bing Delisting Incident Show Links Danny Brown's 10 in the New York Times (gift link) Indigo Stack Scrivener Helium Bangs Apex Apex Syntax Join the Marked 3 Beta LG 32 Inch UltraFine™evo 6K Nano IPS Black Monitor with Thunderbolt™ 5 Join the Conversation Merch Come chat on Discord! Twitter/ovrtrd Instagram/ovrtrd Youtube Get the Newsletter Thanks! You’re downloading today’s show from CacheFly’s network BackBeat Media Podcast Network Check out more episodes at overtiredpod.com and subscribe on Apple Podcasts, Spotify, or your favorite podcast app. Find Brett as @ttscoff, Christina as @film_girl, Jeff as @jsguntzel, and follow Overtired at @ovrtrd on Twitter. Transcript Brett + 2 Welcome to the Overtired Podcast Jeff: [00:00:00] Hello everybody. This is the Overtired podcast. The three of us are all together for the first time since the Carter administration. Um, it is great to see you both here. I am Jeff Severance Gunzel if I didn’t say that already. Um, and I’m here with Christina Warren and I’m here with Brett Terpstra and hello to both of you. Brett: Hi. Jeff: Great to see you both. Brett: Yeah, it’s good to see you too. I feel like I was really deadpan in the pre-show. I’ll try to liven it up for you. I was a horrible audience. You were cracking jokes and I was just Jeff: that’s true. Christina, before you came on, man, I was hot. I was on fire and Brett was, all Brett was doing was chewing and dropping Popsicle parts. Brett: Yep. I ate, I ate part of a coconut outshine Popsicle off of a concrete floor, but Jeff: It is true, and I didn’t even see him check it [00:01:00] for cat hair, Brett: I did though. Jeff: but I believe he did because he’s a, he’s a very Brett: I just vacuumed in Jeff: He’s a very good American Brett: All right. Christina’s Health Journey Brett: Well, um, I, Christina has a lot of health stuff to share and I wanna save time for that. So let’s kick off the mental health corner. Um, let’s let Christina go first, because if it takes the whole show, it takes the whole show. Go for it. Christina: Uh, I, I will not take this hold show, but thank you. Yeah. So, um, my mental health is okay-ish. Um, I would say the okay-ish part is, is because of things that are happening with my physical health and then some of the medications that I’ve had to be on, um, uh, to deal with it. Uh, prednisone. Fucking sucks, man. Never nev n never take it if you can avoid it. Um, but why Christina, why are you on prednisone or why were you on prednisone for five days? Um, uh, and I’m not anymore to be clear, but that certainly did not help my mental health. Um, at the beginning of November, I woke up and I thought that I’d [00:02:00] slept on my shoulder wrong. And, um, uh, and, and just some, some background. I, I don’t know if this is pertinent to how my injury took place or not, but, but it, I’m sure that it didn’t help. Um, I have scoliosis and in the top and the bottom of my spine, so I have it at the top of my, like, neck area and my lower back. And so my back is like a crooked s um, this will be relevant in a, in a second, but, but I, I thought that I had slept on my back bunny, and I was like, okay, well, all right, it hurts a lot, but fine. Um, and then it, a, a couple of days passed and it didn’t get any better, and then like a week passed and I was at the point where I was like, I almost feel like I need to go to the. Emergency room, I’m in pain. That is that significant. Um, and, you know, didn’t get any better. So I took some of grant’s, Gabapentin, and I took, um, some, some, uh, a few other things and I was able to get in with like a, a, a sports and spine guy. Um, and um, [00:03:00] he looked at me and he was like, yeah, I think that you have like a, a, a bolting disc, also known as a herniated disc. Go to physical therapy. See me later. We’ll, we’ll deal with it. Um. Basically like my whole left side was, was, was really sore and, and I had a lot of pain and then I had numbness in my, my fingers and um, and, and that was a problem the next day, which was actually my birthday. The numbness had at this point spread to my right side and also my lower extremities. And so at this point I called the doctor and he was like, yeah, you should go to the er. And so I went to the ER and, and they weren’t able to do anything for me other than give me, you know, like, um, you know, I was hoping they might give me like, some sort of steroid injection or something. They wouldn’t do anything other than, um, basically, um, they gave me like another type of maybe, maybe pain pill or whatever. Um, but that allowed the doctor to go ahead and. Write, uh, write up an MRI took forever for me to get an MRI, I actually had to get it in Atlanta. [00:04:00] Fun fact, uh, sometimes it is cheaper to just pay and not go through insurance and get an MR MRI and, um, a, um, uh, an x-ray, um, I was able to do it for $450 Jeff: Whoa. Really? Christina: Yeah, $400 for the MR mri. $50 for the x-ray. Jeff: Wow. Christina: Yeah. Yeah. Brett: how I, they, I had an MRI, they charged me like $1,200 and then they failed to bill insurance ’cause I was between insurance. Christina: Yes. Yeah. So what happened was, and and honestly that was gonna be the situation that I was in, not between insurance stuff, but they weren’t even gonna bill insurance. And insurance only approved certain facilities and to get into those facilities is almost impossible. Um, and so, no, there are a lot of like get an MR, I now get a, you know, mammogram, get ghetto, whatever places. And because America’s healthcare system is a HealthScape, you can bypass insurance and they will charge you way less than whatever they bill insurance for. So I, I don’t know if it’s part of the country, you know, like Seattle I think might [00:05:00] probably would’ve been more expensive. But yeah, I was able to find this place like a mile from like, not even a mile from where my parents lived, um, that did the x-rays and the MRI for $450 total. Brett: I, I hate, I hate that. That’s true, but Christina: Me too. Me too. No, no. It pisses me off. Honestly, it makes me angry because like, I’m glad that I was able to do that and get it, you know, uh, uh, expedited. Then I go into the spine, um, guy earlier this week and he looks at it and he’s like, yep, you’ve got a massive bulging disc on, on C seven, which is the, the part of your lower cervical or cervical spine, which is your neck. Um, and it’s where it connects to your ver bray. It’s like, you know, there are a few things you can do. You can do, you know, injections, you can do surgery. He is like, I’m gonna recommend you to a neurosurgeon. And I go to the neurosurgeon yesterday and he was showing me or not, uh, yeah, yesterday he was showing me the, the, the, the scans and, and showing like you up close and it’s, yeah, it’s pretty massive. Like where, where, where the disc is like it is. You could see it just from one view, like, just from like [00:06:00] looking at it like, kind of like outside, like you could actually like see like it was visible, but then when you zoomed in it’s like, oh shit, this, this thing is like massive and it’s pressing on these nerves that then go into my, my hands and other areas. But it’s pressing on both sides. It’s primarily on my left side, but it’s pressing on on my right side too, which is not good. So, um, he basically was like, okay. He was like, you know, this could go away. He was like, the pain isn’t really what I’m wanting to, to treat here. It’s, it’s the, the weakness because my, my left arm is incredibly weak. Like when they do like the, the test where like they, they push back on you to see like, okay, like how, how much can you, what, like, I am, I’m almost immediately like, I can’t hold anything back. Right? Like I’m, I’m, I’m like a toddler in terms of my strength. So, and, and then I’m freaked out because I don’t have a lot of feeling in my hands and, and that’s terrifying. Um, I’m also. Jeff: so terrifying, Christina: I’m, I’m also like in extreme pain because of, of, of where this sits. Like I can’t sleep well. Like [00:07:00] the whole thing sucks. Like the MRI, which was was like the most painful, like 25 minutes, like of my existence. ’cause I was laying flat on my back. I’m not allowed to move and I’m just like, I’m in just incredible pain with that part of, of, of, of my, my side. Like, it, it was. It was terrible. Um, but, uh, but he was like, yeah. Um, these are the sorts of surgical options we have. Um, he’s gonna, um, do basically what what he wants to do is basically do a thing where he would put in a, um, an artificial or, or synthetic disc. So they’re gonna remove the disc, put in a synthetic one. They’ll go in through the, the front of my throat to access the, my, my, my, my spine. Um, put that there and, um, you know, I’ll, I’ll be overnight in the hospital. Um, and then it’ll be a few weeks of recovery and the, the, the pain should go away immediately. Um, but it, it could be up to two years before I get full, you know, feeling back in my arm. So anyway, Jeff: years, Jesus. And Christina: I mean, and hopefully less than that, but, but it could be [00:08:00] up to that. Jeff: there’s no part of this at this point. That’s a mystery to you, right? Christina: The mystery is, I don’t know how this happened. Jeff: You don’t know how it happened, right? Of course. Yeah, of course. Yeah. Yeah. Brett: So tell, tell us about the ghastly surgery. The, the throat thing really threw me like, I can’t imagine that Christina: yeah, yeah. So, well, ’cause the thing is, is that usually if what they just do, like spinal fusion, they’ll go in at the back of your neck, um, and then they’ll remove the, the, um, the, the, the, the disc. And then they’ll fuse your, your, your two bones together. Basically. They’ll, they’ll, they’ll, they’ll fuse this part of the vertebrae, but because they’re going to be replacing the, the disc, they need more room. So that’s why they have to go in through the, through, through basically your throat so that they can have more room to work. Jeff: Good lord. No thank you. Brett: Ugh. Wow. Jeff: Okay. Brett: I am really sorry that is happening. That is, that is, that dwarfs my health concerns. That is just constant pain [00:09:00] and, and it would be really scary. Christina: Yeah. Yeah. It’s not great. It’s not great, but I’m, I’m, I’m doing what I can and, uh, like I have, you know, a small amount of, of Oxycodine and I have like a, a, a, you know, some other pain medication and I’m taking the gabapentin and like, that’s helpful. The bad part is like your body, like every 12, 15 hours, like whatever, like the, the, the cycle is like, you feel it leave your system and like if you’re asleep, you wake up, right? Like, it’s one of those things, like, you immediately feel it, like when it leaves your system. And I’ve never had to do anything for pain management before. And they have me on a very, they have me like on the smallest amount of like, oxycodone you can be on. Um, and I’m using it sparingly because I don’t wanna, you know, be reliant on, on it or whatever. But it, it, but it is one of those things where I’m like, yeah, like sometimes you need fucking opiates because, you know, the pain is like so constant. And the thing is like, what sucks is that it’s not always the same type of pain. Like sometimes it’s throbbing, sometimes it’s sharp, sometimes it’s like whatever. It sucks. But the hardest thing [00:10:00] is like, and. This does impact my mental health. Like it’s hard to sleep. Like, and I’m a side sleeper. I’m a side sleeper, and I’m gonna have to become a back sleeper. So, you know. Yeah. It’s just, it’s, it’s not great. It’s not great, but, you know, that, that, that, that, that’s me. The, the good news is, and I’m very, very gratified, like I have a good surgeon. Um, I’m gonna be able to get in to get this done relatively quickly. He had an appointment for next week. I don’t think that insurance would’ve even been able to approve things fast enough for, for, for that regard. And I have, um, commitments that I can’t make then. And I, and that would also mean that I wouldn’t be able to go visit my family for Christmas. So hopefully I’ll do it right after Christmas. I’m just gonna wait, you know, for, for insurance to, to do its thing, knock on wood, and then schedule, um, from there. But yeah, Jeff: Woof. Christina: so that’s me. Um, uh, who wants to go next? Jeff or, uh, Jeff or Brett? Jeff: It’s like, that’s me. Hot potato throwing it. Brett: I’ll, I’ll go. Brett’s Insurance Woes Brett: I can continue on the insurance topic. Um, I was, for a few months [00:11:00] after getting laid off, I was on Minsu, which is Minnesota’s Medicaid, um, v version of Medicaid. And so basically I paid nothing and I had better insurance than I usually have with, uh, you know, a full deductible and premiums and everything. And it was fantastic. I was getting all the care I needed for all of the health stuff I’m going through. Um, I, they, a, a new doctor I found, ordered the 15 tests and I passed out ’cause it was so much blood and. And it, I was getting, but I was getting all these tests run. I was getting results, we were discovering things. And then my unemployment checks, the income from unemployment went like $300 over the cap for Medicaid. So [00:12:00] all of a sudden, overnight I was cut from Medicaid and I had to do an early sign up, and now I’m on courts and it sucks bad. Like they’re not covering my meds. Last month cost me $600. I was also paying. In addition to that, a $300 premium plus every doctor’s visit is 50 bucks out of pocket. So this will hopefully only last until January, and then it’ll flip over and I will be able to demonstrate basically no income, um, until like Mark makes enough money that it gets reported. Um, and even, uh, until then, like I literally am making under the, the poverty limit. So, um, I hope to be back on Medicaid shortly. I have one more month. I’ll have to pay my $600 to refill. I [00:13:00] cashed out my 401k. Um, like things were, everything was up high enough that I had made, I. I had made tens of thousands of dollars just on the investments and the 401k, but I also have a lot of concerns about the market volatility around Nvidia and the AI bubble in general. Um, so taking my money out of the market just felt okay to me. I paid the 10%, uh, penalty Jeff: Mm-hmm. Brett: and ultimately I, I came out with enough cash that I can invest on my own and be able to cover the next six months. Uh, if I don’t have any other income, which I hope to, I hope to not spend my nest egg. Um, but I did, I did a lot of thinking and calculating and I think I made the right choices. But anyway, [00:14:00] that will help if I have to pay for medical stuff that will help. Um. And then I’ve had insomnia, bad on and off. Right now I’m coming off of two days of good sleep. You’re catching me on a good day. Um, but Jeff: Still wouldn’t laugh at my jokes. Brett: before that it was, well, that’s the thing is like before that, it was four nights where I slept two to four hours per night, and by the end of it, I could barely walk. And so two nights of sleep after a stint like that, like, I’m just super, I’m deadpan, I’m dazed. Um, I could lay down and fall asleep at any time. Um, I, so, so keep me awake. Um, but yeah, that’s, that’s, that’s me. Mental health is good. Like I’m in pretty high spirits considering all this, like financial stuff and everything. Like my mood has been pretty stable. I’ve been getting a lot of coding done. I’ll tell you about projects in [00:15:00] a minute, but, um, but that’s, that’s me. I’m done. Jeff: Awesome. I’m enjoying watching your cat roll around, but clearly cannot decide to lay down at this point. Brett: No, nobody is very persnickety. Jeff: I literally have to put my. Well, you say put a cat down like you used to. When you put a kid down for a nap, you say you wanna put ’em down. Right? That’s where it’s coming from. I now have a chair next to my desk, ’cause I have one cat that walks around Yowling at about 11:00 AM while I’m working. And I have to like, put ’em down for a nap. It’s pathetic. It’s pathetic that I do that. Let’s just be clear. Brett: Yeah. Jeff: soulmate though. Jeff’s Mental Health Update Jeff: Um, I’m doing good. I’m, I’m, I’ve been feeling kind of light lately in a nice way. I’ve had ups and downs, but even with the ups and downs, there’s like a, except for one day last week was, there’s just been feeling kind of good in general, which is remarkable in a way. ’cause it’s just like stressful time. There’s some stressful business stuff, like, [00:16:00] a lot of stuff like that. But I’m feeling good and, and just like, uh, yeah, just light. I don’t know, it’s weird. Like, I’ve just been noticing that I feel kind of light and, uh. And not, not manic, not high light. Brett: Yeah. No, that’s Jeff: uh, and that’s, that’s lovely. So yeah. And so I’m doing good. I’m doing good. I fucking, it’s cold. Which sucks ’cause it just means for everybody that’s heard about my workshop over the years, that I can’t really go out there and have it be pleasant Brett: It’s, it’s been Minnesota thus far. Has had, we’ve had like one, one Sub-Zero day. Jeff: whatever. It’s fucking cold. Christina: Yeah. What one? Brett? Brett. It’s December 6th as we’re recording this one Sub-Zero day. That’s insane. Brett: Is it Jeff: Granted, granted I’ve been dressing warm, so I’m ready to go out the door for ice related things. Meaning, meaning government, ice, Brett: Uh, yeah. Yeah. Jeff: So I like wear my long underwear during [00:17:00] the day. ’cause actually like recently. So at my son’s school, which is like six blocks from here, um, has a lot of Somali immigrants in it. And, and uh, and there was a, at one point there was ice activity in the other direction, um, uh, uh, near me. And so neighbors put out a call here around so that at dismissal time people would pair up at all the intersections surrounding the school. And, um, and like a quick signal group popped up, whatever. It was so amazing because like we all just popped out there. And by the time I got out, uh, everyone was already like, posted up and I was like, I’m a, in these situations, I am a wanderer. You want me roaming? I don’t want to pair up with somebody I don’t like, I just, I grabbed a camera with a Zoom on it and like, I was like, I’m in roam. Um, it’s what I was as an activist, what I was as a reporter, like it’s just my nature. Um, but like. Everybody was out and like, and they were just like, they were ready man. And then we got like the all clear and you could just see people in the [00:18:00] neighborhood just like standing down and going home. But because of the true threat and the ongoing arrests here, now that the Minneapolis stuff has started, like I do, I was like wearing long underwear just, and I have a little bag by the door ready to like pop out if something comes up and I can be helpful. Um, and uh, and I guess what I’m saying is I should use that to go into the garage as well if I’m already prepared. Brett: Right. Jeff: But here’s, okay, so here’s a mental health thing actually. So I, one of the, I’ve gone through a few years of just sort of a little bit of paralysis around being able to just, I don’t know what, like do anything that is kind of project related that takes some thinking, whatever it is, like I’m talking about around the house or things that have kind of broken over the years, whatever. So I’ve had this snowblower and it’s a really good snowblower. It’s got headlights. And, uh, and I used to love snow blowing the entire block. Like it just made me feel good, made me feel useful. Um, and sorry I cough. I left it outside for a [00:19:00] year for a, like a winter and a spring and water got into the gas tank. It rusted out in there. I knew I couldn’t start it or I’d ruin the whole damn engine. So I left it for two years and I felt bad about myself. But this year, just like probably a month before the first big snowfall, I fucking replaced a gas tank and a carburetor on a machine. And I have never done anything like that in my life. And so then we got the snowfall and I, and I snow blowed this whole block Brett: Nice. Jeff: great. ’cause now they all owe me. Brett: I, uh, I have a, uh, so I have a little electric powered, uh, snowblower that can handle like two inches of snow. Um, and, and on big snowfalls, if you get out there every hour and keep up with it, it, it works. But, but I, my back right now, I can’t stand for, I can’t stand still for 10 minutes and I can’t move for more than like five minutes. And so I’m, I’m very disabled and El has good days and bad days, uh, thus [00:20:00] far. L’s been out there with a shovel, um, really being the hero. But we have a next door neighbor with a big gas powered snowblower. And so we went over, brought them gifts, and, um, asked if they would take care of our driveway on days we couldn’t, uh, for like, you know, we’d pay ’em 25 bucks to do the driveway. And, uh, and they were, he was still reluctant to accept money. Um. But, but we both agreed it was better to like make it a, a transaction. Jeff: Oh my God. You don’t want to get into weird Minnesota neighbor relational. Brett: right. You don’t want the you owe me thing. Um, so, so we have that set up. But in the process we made really good friends with our neighbor. Like we sat down in their living room for I think 45 minutes and just like talked about health and politics and it was, it was really fun. They’re, they’re retired. They’re in their [00:21:00] seventies and like act, he always looks super grumpy. I always thought he was a mean old man. He’s actually, he laughs more easily than most people I’ve ever met. Um, he’s actually, when people say, oh, he is actually a teddy bear, this guy really is, he’s just jovial. Uh, he just has resting angry old man face. Jeff: Or like my, I have public mis throat face, like when I’m out and about, especially when I’m shopping, I know that my face is, I’m gonna fucking kill you if you look me in the eye Brett: I used Jeff: is not my general disposition. Brett: people used to tell me that about myself, but I feel like I, I carry myself differently these days than I did when I was younger. Jeff: You know what I learned? Do you, have you both watched Veep, Christina: Yes, Jeff: you know, Richard sp split, right? Um, and, and he always kind of has this sweet like half smile and he is kind of looking up and I, I figured out at one point I was in an airport, which is where my kill everybody face especially comes up. Just to be clear. TSA, it’s just a feeling inside. I [00:22:00] have no desire to act to this out. I realized that if I make the Richard Plet face, which I can try to make for you now, which is something like if I just make the Richard Plet face, my whole disposition Brett: yeah. Yeah. Jeff: uh, and I even feel a little better. And so I just wanna recommend that to people. Look up Richard Spt, look at his face. Christina: Hey, future President Bridges split. Jeff: future President Richard Splat, also excellent in the Detroiters. Um, that’s all, uh, that’s all I wanted to say about that. Brett: I have found that like when I’m texting with someone, if I start to get frustrated, you know, you know that point where you’re still adding smiley emoticons even though you’re actually not, you’re actually getting pissed off, but you don’t wanna sound super bitchy about it, so you’re adding smile. I have found that when I add a smiley emoji in those circumstances, if I actually smile before I send it, it like my [00:23:00] mood will adjust to match, to match the tone I’m trying to convey, and it lessens my frustration with the other person. Jeff: a little joy wrist rocket. Christina: Yeah. Hey, I mean, no, but hey, but, but that, that, that, that, that’s interesting. I mean, they’re, they, they’ve done studies that like show that, right? That like show like, you know, I mean, like, some of this is all like bullshit to a certain extent, but there is something to be said for like, you know, like the power of like positive thinking and like, you know, if you go into things with like, different types of attitudes or even like, even if you like, go into job interviews or other situations, like you act confident or you smile, or you act happy or whatever. Even if you’re not like it, the, the, the, the euphoria, you know, that those sorts of uh, um, endorphin reactions or whatever can be real. So that’s interesting. Brett: Yeah, I found, I found going into job interviews with my usual sarcastic and bitter, um, kind of mindset, Jeff: I already hate this job. Brett: it doesn’t play well. It doesn’t play well. So what are your weaknesses? Fuck off. Um,[00:24:00] Christina: right. Well, well, well, I hate people. Jeff: Yeah. Dealing with motherfuckers like you, that’s one weakness. Sponsor Spot: Shopify Brett: let’s, uh, let’s do a sponsor spot and then I want to hear about Christina winning a contest. Christina: yes. Jeff: very Brett: wanna, you wanna take it away? Sponsor: Shopify Jeff: I will, um, our sponsor this week is Shopify. Um, have you ever, have you just been dreaming of owning your own business? Is that why you can’t sleep? In addition to having something to sell, you need a website. And I’ll tell you what, that’s been true for a long time. You need a payment system, you need a logo, you need a way to advertise new customers. It can all be overwhelming and confusing, but that is where today’s sponsor, Shopify comes in. shopify is the commerce platform behind millions of businesses around the world and 10% of all e-commerce in the US from household names like Mattel and Gym Shark to brands just getting started. Get started with your own design studio with hundreds of ready to use [00:25:00] templates. Shopify helps you build a beautiful online store to match your brand’s style, accelerate your content creation. Shopify is packed with helpful AI tools that write product descriptions, page headlines, and even enhance your product photography. Get the word out like you have a marketing team behind you. Easily create email and social media campaigns wherever your customers are scrolling or strolling. And best yet, Shopify is your commerce expert with world class expertise in everything from managing inventory to international shipping, to processing returns and beyond. If you’re ready to sell, you are ready to Shopify. Turn your Big Business Idea into with Shopify on your side. Sign up for your $1 per month trial and start selling today@shopify.com slash Overtired. Go to shopify.com/ Overtired. What was that? Say it with me. shopify.com/ Overtired [00:26:00] cha. Uh, Brett: the, uh, the group, the group input on the last URL, I feel like we can charge extra for that. That was Jeff: Yeah. Cha-ching Brett: they got the chorus, they got the Overtired Christina: You did. You got the Overtired Jeff: They didn’t think to ask for it, but that’s our brand. Christina: shopify.com/ Overtired. Jeff Tweedy Jeff: What was, uh, I was watching a Stephen Colbert interview with Jeff Tweedy, who just put out a triple album and, uh, it was a very thoughtful, sweet interview. And then Stephen Colbert said, you know, you’re not supposed to do this. And Jeff Tweety said, it’s all part of my career long effort to leave the public wanting less. Christina: Ha, Jeff: That was a great bit. Christina: that’s a fantastic bit. A side note, there are a couple of really good NPR, um, uh, tiny desks that have come out in the last couple of month, uh, couple of weeks. Um, uh, one is shockingly, I, I’ll, I’ll just be a a, a fucking boomer about it. The Googo dolls. Theirs was [00:27:00] great. It’s fantastic. They did a great job. It already has like millions of views, like it wrecked up like over a million views, I think like in like, like less than 24 hours. They did a great job, but, uh, but Brandy Carlisle, uh, did one, um, the other day and hers is really, really good too. So, um, so yeah. Yeah, exactly. So yeah. Anyway, you said, you saying Jeff pd maybe, I don’t know how I got from Wilco to like, you know, there, Jeff: Yeah. Well, they’ve done some good, he’s done his own good Christina: he has, he has done his own. Good, good. That’s honestly, that’s probably what I was thinking of, but Jeff: It’s my favorite Jeff besides me because Bezos, he’s not in the, he’s not in the game. Christina: No. No, he’s not. No. Um, he, he’s, he’s not on the Christmas card list at all. Jeff: Oh man. Jeff’s Concert Marathon Jeff: Can I just tell you guys that I did something, um, I did something crazy a couple weeks ago and I went to three shows in one week, like I was 20 fucking two, Brett: Good grief. Jeff: and. It was a blast. So, okay, so the background of this is my oldest son [00:28:00] loves hip hop, and when we drive him to college and back, or when I do, it’s often just me. Um, he, he goes deep and he, it’s a lot of like, kind of indie hip hop and a lot. It’s just an interesting, he listens to interesting shit, but he will go deep and he’ll just like, give me a tour through someone’s discography or through all their features somewhere, whatever it is. And like, it’s the kind of input that I love, which is just like, I don’t, even if it’s not my genre, like if you’re passionate and you can just weave me through the interrelationship and the history and whatever it is I’m in. So as a result of that, made me a huge fan of Danny Brown and made me a huge fan of the sky, Billy Woods. And so what happened was I went to a hip hop show at the seventh Street entry, uh, which is attached to First Avenue. It’s a little club, very small, lovely little place, the only place my band could sell out. Um, and I watched a hip hop show there on a Monday night, Tuesday night. I went to the Uptown Theater, which Brett is now a actually an operating [00:29:00] theater for shows. Uh, and I, and I saw Danny Brown, but I also saw two hyper pop bands, a genre I was not previously aware of, including one, which was amazing, called Fem Tenal. And I was in line to get into that show behind furries, behind trans Kids. Like it was this, I was the weirdest, like I did not belong. Underscores played, and, and this will mean something to somebody out there, but not, didn’t mean anything to me until that night. And, uh. I felt like such, there were times, not during Danny Brown, Danny Brown’s my age all good. But like there were times where I was in the crowd ’cause I’m tall. Anybody that doesn’t know I’m very tall and I’m wearing like a not very comfortable or safe guy seeming outfit, a black hoodie, a black stocking cap. Like I basically looked like I’m possibly a shooter and, and I’m like standing among all these young people loving it, but feeling a little like, should I go to the back? Even like I was leaving that show [00:30:00] and the only people my age were people’s parents that were waiting to pick them up on the way out. So anyway, that was night two. Danny Brown was awesome. And then two nights later I went to see, this is way more my speed, a band called the Dazzling Kilman who were a band that. Came out in the nineties, St. Louis and a noisy Matthew Rock. Wikipedia claims they invented math rock. It’s a really stupid claim, uh, but it’s a lovely, interesting band and it’s a friend of mine named Nick Sakes, who’s who fronted that band and was in all these great bands back when I was in bands called Colos Mite and Sick Bay, and all this is great shit. So they played a reunion show. In this tiny punk rock club here called Cloudland, just a lovely little punk rock club. And, um, and, and that was like rounded out my week. So like, I was definitely, uh, a tourist the early part of the week, mostly at the Danny Brown Show. But then I like got to come home to my noisy punk rock [00:31:00] on, uh, on Thursday night. And I, I fucking did three shows and it hurt so bad. Like even by the first of three bands on the second night. I was like, I don’t think I can make it. And I do. I already pregame shows with ibuprofen. Just to be really clear, I microdose glucose tabs at shows like, like I am, I am a full on old man doing these things. But, um, I did get some cred with my kids for being at a hyper pop show all by myself. And, Christina: Hell yeah. A a Jeff: friends seemed impressed. Christina: no, as a as, as as they should be. I’m impressed. And like, and I, I, I typically like, I definitely go to like more of like, I go, I go to shows more frequently and, and I’m, I’m even like, I’m, I’m gonna be real with you. I’m like, yeah, three in one week. Jeff: That’s a lot. Christina: That’s a lot. That’s a lot. Jeff: man. Did I feel good when I walked home from that last show though? I was like, I fucking did it. I did not believe I wasn’t gonna bail on at least two of those shows, if not all three. Anyway, just wanted to say Brett: I [00:32:00] do like one show a year, but Jeff: that’s how I’ve been for years this year. I think I’ve seen eight shows. Brett: damn. Jeff: Yeah, it’s Brett: Alright, so you’ve been teasing us about this, this contest you won. Jeff: Yeah, please, Christina. Sorry to push that off. Christina: No, no, no, no. That’s, that’s completely okay. That, that, that, that’s great. Uh, no. Christina Wins Big Christina: So, um, I won two six K monitors. Brett: Damn. Jeff: is that what those boxes are behind you? Christina: Yeah, yeah. This is what the boxes are behind me, so I haven’t been able to get them up because this happened. I got them literally right in the midst of all this stuff with my back. Um, but I do have an Ergotron poll now that is here, and, and Grant has said that he will, will get them up. But yeah, so I won 2 32 inch six K monitors from a Reddit contest. Brett: How, how, how, Jeff: How does this happen? How do I find a Reddit contest? Christina: Yeah. So I got lucky. So I have, I, I have a clearly, well, well, um, there was a little, there was a little bit of like, other step to it than that, but like, uh, so how it worked was basically, um, LG is basically just put out [00:33:00] two, they put out a new 32 inch six K monitor. I’ll have it linked in, in, in the show notes. Um, so we’ve talked about this on this podcast before, but like one of my big, like. Pet peeve, like things that I can’t get past. It’s like I need like a retina screen. Like I need like the, the perfect pixel doubling thing for that the Mac Os deals with, because I’ve used a 5K screen, either through an iMac or um, an lg, um, ultra fine or, um, a, uh, studio display. For like 11 years. And, and I, and I’ve been using retina displays on laptops even longer than that. And so if I use like a regular 4K display, like it just, it, it doesn’t work for me. Um, you can use apps like, um, like better control and other things to kind of emulate, like what would be like if you doubled the resolution, then it, it down, you know, um, of samples that, so that. It looks better than, than if it’s just like the, the, the 4K stuff where in the, the user interface things are too big and whatnot. And to be clear, this is a Macco West problem. If [00:34:00] you are using Windows or Linux or any other operating system that does fractional scaling, um, correctly, then this is not a problem. But Macco West does not do fractional scaling direct, uh, correctly. Um, weirdly iOS can, like, they can do three X resolution and other things. Um, but, but, but Macs does not. And that’s weird because some of the native resolutions on some of the MacBook errors are not even perfectly pixeled doubled, meaning Apple is already having to do a certain amount of like resolution changes to, to fit into their own, created by their, their own hubris, like way of insisting on, on only having like, like two x pixel doubling 18 years ago, we could have had independent, uh, resolutions, uh, um, for, for UI elements and, and, and window bars. But anyway, I, I’m, I’m digressing anyway. I was looking at trying to get either a second, uh, studio display, which I don’t wanna do because Apple’s reportedly going to be putting out a new one. Um, and they’re expensive or getting, um, there are now a number of different six K [00:35:00] displays that are not $6,000 that are on the market. So, um, uh, uh, Asus has one, um, there is one from like a, a Chinese company called like, or Q Con that, um, looks like a, a complete copy of this, of the pro display XDR. It has a different panel, but it’s, it’s six K and they, they’ve copied the whole design and it’s aluminum and it’s glossy and it looks great, but I’d have to like get it from like. A weird distributor, and if I have any issues with it, I don’t really wanna have to send it back to China and whatnot. And then LG has one that they just put out. And so I’ve been researching these on, on Mac rumors and on some other forums. And, um, I, uh, I, somebody in one of the Mac Roomers forums like posted that there was like a contest that LG was running in a few different subreddits where they were like, tell us why you should get one of, like, we’re gonna be giving away like either one or two monitors, and I guess they did this in a few subreddits. Tell us why this would be good for your workflow. And, um, I guess I, I guess I’m one of the people who kind of read the [00:36:00] assignment because it, okay, I’ll just be honest with this, with, with you guys on this podcast, uh, because I, I don’t think anyone from LG will hear this and my answers were accurate anyway. But anyway, this was not the sort of contest where it was like we will randomly select a winner. This was the moderators and lg, were going to read the responses and choose the winner. Jeff: Got it. Christina: So if you spend a little bit of time and thoughtfully write out a response, maybe you stand a better chance of winning the contest. Jeff: yeah, yeah. Put the work in like it was 2002. Christina: Right. Anyway, I still was shocked when I like woke up like on like Halloween and they were like, congratulations, you’ve won two monitors. I’m like, I’m sorry. What? Jeff: That’s amazing. Christina: Yeah, yeah, yeah, Jeff: Nice work. I know I’ve, you know, I’ve been staring at those boxes behind you this whole time, just being like, those look like some sweet monitors. Christina: yeah, yeah. Monitor Setup Challenges Christina: I mean, and, uh, [00:37:00] uh, it’s, it’s, it’s, it’s, it’s, and I, I’m very much, so my, my, my only issue is, okay, how am I gonna get these on my desk? So I’m gonna have to do something with my iMac and I’m probably gonna have to get rid of my, my my, my 5K, um, uh, uh, studio display, at least in the short term. Ergotron Mounts and Tall Poles Christina: Um, but what I did do is I, um, I ordered from, um, Ergotron, ’cause I already have. Um, two of their, um, LX mounts, um, or, or, or, or arms. Um, and only one of them is being used right now. And then I have a different arm that I use for the, um, um, iMac. Um, they sell like a, if you call ’em directly, you can get them to send you a tall pole so that you can put the two arms on top of them. And that way I think I can like, have them so that I can have like one pole and then like have one on one side, one Jeff: I have a tall pole. Christina: and, and yeah, that’s what she said. Um, Jeff: as soon as I said it, I was like, for fuck’s sake. But Christina: um, but, uh, but, but yeah, but so that way I think I, I can, I, in theory, I can stack the market and have ’em side by side. I don’t know. Um, I got that. I, I had to call Tron and, and order that from them. [00:38:00] Um, it was only a hundred dollars for, for the poll and then $50 for a handling fee. Jeff: It’s not easy to ship a tall pole. Brett: That’s what she said. Christina: that is what she said. Uh, that is exactly what she said. But yeah, so I, I, the, the, the unfortunate thing is that, um, I, um, I, I had to, uh, get a, like all these, they, they came in literally right before Thanksgiving, and then I’ve had, like, all my back stuff has Jeff: Yeah, no Christina: debilitating, but I’m looking forward to, um, getting them set up and used. And, uh, yeah. Review Plans and Honest Assessments Christina: And then full review will be coming to, uh, to, I have to post a review on Reddit, but then I will also be doing a more in depth review, uh, on this podcast if anybody’s interested in, in other places too, to like, let let you know, like if it’s worth your money or not. Um, ’cause there, like I said, there are, there are a few other options out there. So it’s not one of those things where like, you know, um, like, thank you very much for the free monitor, um, monitors. But, but I, I will, I will give like the, the, you know, an honest assessment or Current Display Setup Brett: So [00:39:00] do you currently have a two display setup? Christina: No. Um, well, yes, and kind of, so I have my, my, I have my 5K studio display, and then I have like my iMac that I use as a two to display setup. But then otherwise, what I’ve had to do, and this is actually part of why I’m looking forward to this, is I have a 4K 27 inch monitor, but it’s garbage. And it, it’s one of those things where I don’t wanna use it with my Mac. And so I wind up only using it with my, with my Windows machine, with my framework desktop, um, with my Windows or Linux machine. And, and because that, even though I, it supports Thunderbolt, the Apple display is pain in the ass to use with those things. It doesn’t have the KVM built in. Like, it doesn’t like it, it just, it’s not good for that situation. So yeah, this will be of this size. I mean, again, like I, I, I’m 2 32 inch monitors. I don’t know how I’m gonna deal with that on my Jeff: I Brett: yeah. So right now I’m looking at 2 32 inch like UHD monitors, Christina: Yeah,[00:40:00] Brett: I will say that on days when my neck hurts, it sucks. It’s a, it’s too wide a range to, to like pan back and forth quickly. Like I’ll throw my back out, like trying to keep track of stuff. Um, but I have found that like if I keep the second display, just like maybe social media apps is the way I usually set it up. And then I only work on one. I tried buying an extra wide curve display, hated it. Jeff: Uh, I’ve always wanted to try one, but Christina: I don’t like them. Jeff: Yeah. Christina: Well, for me, well for me it’s two things. One, it’s the, I don’t love the whole like, you know, thing or whatever, but the big thing honestly there, if you could give me, ’cause people are like, oh, you can get a really big 5K, 2K display. I’m like, that’s not a 5K display. That is 2 27 inch, 1440 P displays. One, you know, ultra wide, which is great. Good for you. That’s not retina. And I’m a sicko Who [00:41:00] needs the, the pixel doubling? Like I wish that my eyes could not use that, but, but, but, Jeff: that needs the pixel. Like was that the headline of your Reddit, uh, Christina: no, no. It wasn’t, it wasn’t. But, but maybe it should be. Hi, I’m a sicko who only, um, fucks with, with, with, with, with, with, with retina displays. Ask me anything. Um, but no, but that’s a good point. Brett: I think 5K Psycho is the Christina: 5K Sicko is the po is the po title. I like that. I like that. No, what I’m thinking about doing and that’s great to know, Brett. Um, this kind of reaffirms my thing. Thunderbolt KVM and Display Preferences Christina: So what’s nice about these monitors is that they come with like, built in like, um, Thunderbolt 5K VM. So, which is nice. So you could conceivably have multiple, you know, computers, uh, connected, you know, to to, to one monitor, which I really like. Um, I mean like, ’cause like look, I, I’ve bitched and moaned about the studio display, um, primarily for the price, but at the same time, if mine broke tomorrow and if I didn’t have any way to replace it, I’ve, I’ve also gone on record saying I would buy a new one immediately. As mad as I am about a [00:42:00] lot of different things with that, that the built-in webcam is garbage. The, you know, the, the fact that there’s not a power button is garbage. The fact that you can’t use it with multiple inputs, it’s garbage. But it’s a really good display and it’s what I’m used to. Um, it’s really not any better than my LG Ultra fine from 2016. But you know what? Whatever it is, what it is. Um. I, I am a 5K sicko, but being able to, um, connect my, my personal machine and my work machine at the same time to one, and then have my Windows slash Linux computer connected to another, I think that’s gonna be the scenario where I’m in. So I’m not gonna necessarily be in a place where I’m like, okay, I need to try to look at both of them across 2 32 inch displays. ’cause I think that that, like, that would be awesome. But I feel like that’s too much. Brett: I would love a decent like Thunderbolt KVM setup that could actually swap like my hubs back and Christina: Yes. MacBook Pro and Studio Comparisons Brett: Um, so, ’cause I, I have a studio and I have my, uh, Infor MacBook Pro [00:43:00] and I actually work mostly on the MacBook Pro. Um, but if I could easily dock it and switch everything on my desk over to it, I would, I would work in my office more often. ’cause honestly, the M four MacBook Pro is, it’s a better machine than the original studio was. Um, and I haven’t upgraded my studio to the latest, but, um, I imagine the new one is top notch. Christina: Oh yeah. Yeah. Brett: my, my other one, a couple years old now is already long in the tooth. Christina: No, I mean, they’re still good. I mean, it’s funny, I saw that some YouTube video the other day where they were like, the best value MacBook you can get is basically a 4-year-old M1 max. And I was like, I don’t know about that guys. Like, I, I kind of disagree a little bit. Um, but the M1 max, which is I think is what is in the studio, is still a really, really good ship. But to your point, like they’ve made those, um. You know, the, the, the new ones are still so good. Like, I have an M three max as my personal laptop, and [00:44:00] that’s kind of like the dog chip in the, in the m um, series lineup. So I kind of am regretful for spending six grand on that one, but it is what it is, and I’m like, I’m not, I’m not upgrading. Um, I mean, maybe, maybe in, in next year if, if the M five Pro, uh, or M five max or whatever is, is really exceptional, maybe I’ll look at, okay, how much will you give me to, to trade it in? But even then, I, I, but I feel like I’m at that point where I’m like, it gets to a point where like it’s diminishing returns. Um, but, uh, just in terms of my own budget. But, um, yeah, the, the new just info like pro or or max, whatever, Brett: I have, I have an M four MacBook Pro sitting around that I keep forgetting to sell. Uh, it’s the one that I, it only had a 256 gigabyte hard drive, Jeff: what happened to me when I bought my M1, Brett: and I, and I regretted that enough that I just ordered another one. But, uh, for various reasons, I couldn’t just return the one I didn’t Jeff: ’cause it was.[00:45:00] Brett: so now I, now I have to sell it and I should sell it while it’s still a top of the line machine Christina: Sell it before, sell, sell, sell, sell it before next month, um, or, or February or whenever they sell it before then the, the pros come out. ’cause right now the M five base is out, but the pros are not. So I think feel like you could still get most of your value for it, especially since it has very few battery cycles. Be sure to put the battery cycles on your Facebook marketplace or eBay thing or whatever. Um, I bought my, uh, she won’t listen to this so she won’t know, but, um, they, there was a, a killer Cyber Monday deal, uh, for Best Buy where they had like a, the, the, the, so it’s several years old, but it was the, the M two MacBook Air, but the one that they upgraded to 16 gigs of Ram when Apple was like, oh, we have to have Apple Intelligence and everything, because they actually thought that they were actually gonna ship Apple Intelligence. So they like went back and they, like, they, they, you know, retconned like made the base model MacBook Air, like 16 [00:46:00] gigs. Um, and, uh, anyway, it was, it was $600, um, Jeff: still crazy. Christina: which, which like even for like a, a, a 2-year-old machine or whatever, I was like, yeah, she, my sister, I think she’s on like, like a 2014 or older than that. Like, like MacBook Air. She doesn’t even know where the MagSafe is. I don’t think she even knows where the laptop is. So she’s basically doing everything like on her phone and I’m like, okay, you need a laptop of some type, but at this point. I do feel strongly that like the, the, the $600 or, or, or actually I think it was $650, it was actually less, it is actually more expensive than what the, the, the Cyber Monday sale was, um, the M1, Walmart, MacBook Air. I’m like, absolutely not like that is at this point, do not buy that. Right? Like, I, especially with eight gigs of ram, I’m, I’m like, it’s been, it’s five years old. It’s a, it was a great machine and it was great value for a long time. $200. Cool, right? Like, if you could get something like use and, and, and, and if you could replace the battery or, you know, [00:47:00] for, for, you know, not, not too much money or whatever. Like, I, I, I could see like an argument to be made like value, right? But there’d be no way in hell that I would ever spend or tell anybody else to spend $650 on that new, but $600 for an M two with Jeff: Now we’re talking. Christina: which has the redesign brand new. I’m like, okay. Spend $150 more and you could have got the M four, um, uh, MacBook Air, obviously all around Better Machine. But for my sister, she doesn’t need that, Jeff: What do we have to do to put your sister in this M two MacBook Christina: that, that, that, that, that, that’s exactly it. So I, I, I was, well, also, it was one of those things I was like, I think that she would rather me spend the money on toys for my nephew for Santa Claus than, than, uh, giving her like a, a processor upgrade. Um, Jeff: Claus isn’t real. Brett: Oh shit. Jeff: Gotcha. Every year I spoil it for somebody. This year it was Christina and Brett. Sorry guys. Brett: right. Well, can I tell you guys Jeff: Yeah. [00:48:00] Brett Software. Brett: two quick projects before we do Jeff: Hold on. You don’t have to be quick ’cause you could call it Brett: We’re already at 45 minutes and I want Jeff: What I’m saying, skip GrAPPtitude. This is it? Brett: okay. Christina: us about Mark. Tell us about your projects. Brett: So, so Mark three is, there’s a public, um, test flight beta link. Uh, if you go to marked app.com, not marked two app.com, uh, marked app.com. Uh, you, there’s a link in the, in the, at the top for Christina: Join beta. Mm-hmm. Brett: Um, and that is public and you can join it and you can send me feedback directly through email because, um, uh, uh, the feedback reporter sucks for test flight and you can’t attach files. And half the time they come through as anonymous feedback and I can’t even follow up on ’em. So email me. But, um, I’ll be announcing that on my blog soon-ish. Um, right now there’s like [00:49:00] maybe a couple dozen, um, testers and I, it’s nice and small and I’m solving the biggest bugs right away. Um, so that’s been, that’s been big. Like Mark, even since we last talked has added. Do you remember Jeff when Merlin was on and he wanted to. He wanted to be able to manage his styles, um, and disable built-in styles. There’s now a whole table based style manager where you Jeff: saw that. Brett: you can, you can reorder, including built-in styles. You can reorder, enable, disable, edit, duplicate. Um, it’s like a full, full fledged, um, style manager. And I just built a whole web app that is a style generator that gives you, um, automatic like rhythm calculations for your CSS and you can, you can control everything through like, uh, like UI fields instead of having to [00:50:00] write CSS. Uh, but you can also o open up a very, I’ve spent a lot of time on the code mirror CSS editor in the web app. Uh, so, and it’s got live preview as you edit in the code mirror field. Um, so that’s pretty cool. And that’s built into marts. So if you go to style, um, generate style, it’ll load up a, a style generator for you. Anyway, there’s, there’s a ton. I’m not gonna go into all the details, but, uh, anyone listening who uses markdown for anything, especially if you want ability to export to like Word and epub and advanced PDF export, um, join the beta. Let me know what you think. Uh, help me squash bugs. But the other thing, every time I push a beta for review before the new bug reports come in, I’ve been putting time into a tool. Markdown Processor: Apex Brett: I’m calling [00:51:00] Apex and um, I haven’t publicly announced this one yet, but I probably will by the time this podcast comes out. Jeff: I mean, doesn’t this count? Brett: It, it does. I’m saying like this, this might be a, you hear you heard it here first kind of thing, um, but if you go to github.com/tt sc slash apex, um, I built a, uh, pure C markdown processor that combines syntax from cram down GitHub flavored markdown, multi markdown maku, um, common mark. And basically you can write syntax from any of those processors, including all of their special features, um, and in one document, and then use Apex in its unified mode, and it’ll just figure out what. All of your syntax is supposed to do. Um, so you can take, you can port documents from one platform to another [00:52:00] without worrying about how they’re gonna render. Um, if I can get any kind of adoption with Apex, it could solve a lot of problems. Um, I built it because I want to make it the default processor in marked ’cause right now, you, you have to choose, you know, cram Christina: Which one? Brett: mark and, and choosing one means you lose something in order to gain something. Um, so I wanted to build a universal one that brought together everything. And I added cool features from some extensions of other languages, such as if you have two lists in a row, normally in markdown, it’s gonna concatenate those into one list. Now you can put a carrot on a line between the two lists and it’ll break it into two lists. I also added support for a. An extension to cram down that lets you put double uh, carrots inside a table cell and [00:53:00] create a row band. So like a cell that, that expands it, you rows but doesn’t expand the rest of the row. Um, so you can do cell spans and row spans and it has a relaxed table version where you don’t have to have an alignment row, which is, uh, sometimes we just wanna make quickly table. You make two lines. You put some pipes in. This will, if there’s no alignment row, it will generate a table with just a table body and table data cells in no header. It also allows footers, you can add a footer to a table by using equals in the separator line. Um, it, it’s, Jeff: This is very civilized, Brett: it is. Christina: is amazing, Brett: So where Common Mark is extremely strict about things, um, apex is extremely permissive. Jeff: also itty bitty things like talk about the call out boxes from like Brett: oh yeah, it, it can handle call out syntax from Obsidian and Bear and Xcode Playgrounds. [00:54:00] Um, and it incorporates all of Mark’s syntax for like file includes and even renders like auto scroll pauses that work in marked and some other teleprompter situations. Um, it uses file ude syntax from multi markdown, like, which is just like a curly brace and, uh, marked, which is, uh, left like a double left, uh, angle bracket and then different. Brackets to surround a file name and it handles IA writer file inclusion where you just type a forward slash and then the name of a file and it automatically detects if that file is an image or source code or markdown text, and it will import it accordingly. And if it’s a CSV file, it’ll generate a table from it automatically. It’s, it’s kind of nuts. I, it’s kind of nuts. I could not have done this [00:55:00] without copilot. I, I am very thankful for copilot because my C skills are not, would not on their own, have been up to this task. I know enough to bug debug, but yeah, a lot of these features I got a big hand from copilot on. Jeff: This is also Brett. This is some serious Brett Terpstra. TURPs Hard Christina: Yeah, it is. I was gonna say, this is like Jeff: and also that’s right. Also, if your grandma ever wrote you a note and it, and though you couldn’t really read it, it really well, that renders perfectly Christina: Amazing. No, I was gonna say this is like, okay, so Apex is like the perfect name ’cause this is the apex of Brett. Jeff: Yes. Apex of Brett. Christina: That’s also that, that’s, that’s not an alternate episode title Apex of Brett. Because genuinely No, Brett, like I am, I am so stunned and impressed. I mean, you all, you always impressed me like you are the most impressive like developer that I, that I’ve ever known. But you, this is incredible. And, and this, I, I love this [00:56:00] because as you said, like common Mark is incredibly strict. This is incredibly permissive. But this is great. ’cause there are those scenarios where you might have like, I wanna use one feature from one thing or one from another, or I wanna combine things in various ways, or I don’t wanna have to think about it, you know? Brett: I aals, I forgot to mention I aals inline attribute list, which is a crammed down feature that lets you put curly brackets after like a paragraph and then a colon and then say, dot call out inside the curly brackets. And then when it renders the markdown, it creates that paragraph and adds class equals call out to the paragraph. Um, and in, in Cramon you can apply these to everything from list items to list to block quotes. Like you can do ’em for spans. You could like have one after, uh, link syntax and just apply, say dot external to a link. So the IAL syntax can add IDs classes and uh, arbitrary [00:57:00] attributes to any element in your markdown when it renders to HTML. And, uh, and Apex has first class support for I aals. Was really, that was, that Christina: that was really hard, Brett: I wrote it because I wanted, I wanted multi markdown, uh, for my prose writing, but I really missed the als. Christina: Yes. Okay. Because see, I run into this sort of thing too, right? Because like, this is a problem like that. I mean, it’s a very niche problem, um, that, that, you know, people who listen to this podcast probably are more familiar with than other types of people. But like, when you have to choose your markdown processor, which as you said, like Brett, like that can be a problem. Like, like with, with using Mark or anything else, you’re like, what am I giving up? What do I have? And, and like for me, because I started using mul, you know, markdown, um, uh, largely because of you, um, I think I was using it, I knew about it before you, but largely because of, of, of you, like multi markdown has always been like kind of my, or was historically my flavor of choice. It has since shifted to being [00:58:00] GitHub, labor bird markdown. But that’s just because the industry has taken that on, right? But there were, you know, certain things like in like, you know, multi markdown that work a certain way. And then yeah, there are things in crammed down. There are things in these other things in like, this is just, this is awesome. This Brett: It is, the whole thing is built on top of C mark, GFM, which is GitHub’s port of common mark with the GitHub flavored markdown Christina: Right. Brett: Um, and I built, like, I kept that as a sub-module, totally clean, and built all of this as extensions on top of Cmar, GFM, which, you know, so it has full compatibility with GitHub and with Common Merck by out, like outta the box. And then everything else is built on top of that. So it, uh, it covers, it covers all the bases. You’ll love it Christina: I’m so excited. No, this is awesome. And I Brett: blazing fast. It can render, I have a complex document that, that uses all of its features and it can render it in [00:59:00] 0.006 seconds. Christina: that’s awesome. Jeff: Awesome. Christina: That’s so cool. No, this is great. And yeah, I, and I think that honestly, like this is the sort of thing like if, yeah, if you can eventually get this to like be like the engine that powers like mark three, like, that’ll be really slick, right? Because then like, yeah, okay, I can take one document and then just, you know, kind of, you know, wi with, with the, you know, ha have, have the compatibility mode where you’re like, okay, the unified mode or whatever yo

professorjrod@gmail.comIn this episode of Technology Tap: CompTIA Study Guide, we delve into endpoint security—a crucial topic for anyone preparing for IT certification exams, especially CompTIA. Traditional firewalls no longer fully protect your network; attackers now exploit endpoints like laptops, phones, printers, and smart devices to breach security. We explore how threats bypass perimeter defenses by targeting users and devices directly, and explain essential controls such as hardening, segmentation, encryption, patching, behavior analytics, and access management. Whether you're studying for your CompTIA exam or seeking practical IT skills development, this episode offers critical insights and IT certification tips to strengthen your understanding of cybersecurity fundamentals. Tune in to enhance your tech exam prep and advance your technology education journey.We start with foundations that actually move risk: baseline configurations, aggressive patch management, and closing unnecessary ports and services. From there we layer modern defenses—EDR and XDR for continuous telemetry and automated containment, UEBA to surface the 3 a.m. login or odd data pulls, and the underrated duo of least privilege and application allow listing to deny unknown code a chance to run. You'll hear why full disk encryption is non‑negotiable and how policy, not heroics, sustains security over time.Mobile endpoints take center stage with clear tactics for safer travel and remote work: stronger screen locks and biometrics, MDM policies that enforce remote wipe and jailbreak detection, and connection hygiene that favors VPN and cellular over public Wi‑Fi. We break down evil twin traps, side loading risks, and permission sprawl, then pivot to IoT realities—default passwords, stale firmware, exposed admin panels—and how VLAN isolation and firmware schedules defang them. A real case of a chatty lobby printer becoming an attack pivot drives home the need for logging and outbound controls through SIEM.The takeaway is simple and urgent: if it connects, it can be attacked, and if it's hardened, segmented, encrypted, and monitored, it can be defended. Subscribe for more practical security deep dives, share this with a teammate who owns devices or networks, and leave a review to tell us which control you'll deploy first.Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

How modern ransomware actors are deploying multidimensional tactics to outpace traditional defencesStrategies to reduce data loss and sustain business operations after an attackAI and automation – enhancing visibility and accelerating response to ransomware threatsThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Edward Starkie, Director, GRC | Cyber Risk, Thomas Murrayhttps://www.linkedin.com/in/edward-starkie-56712431/Cameron Brown, Head of Cyber Threat and Risk Analytics, Ariel Rehttps://www.linkedin.com/in/analyticalcyber/Jesus Cordero, Director, Solution Architects AppSec, NetSec & XDR, EMEA, Barracudahttps://www.linkedin.com/in/jcordero-guzm%C3%A1n/

professorjrod@gmail.comSecurity that actually holds under pressure starts long before passwords and antivirus. We pull back the rack door and walk through the parts that make a network resilient: switches that enforce port security, routers that block spoofed traffic, servers that stay patched and locked down, and load balancers that keep services steady when a node falls over. From a small bookstore's POS to a global bank's data center, the patterns repeat with higher stakes and tighter controls.We break down the real tools of infrastructure defense and why they matter. Policy‑based firewalls translate intent like “block social media for guests” into action, while next‑gen engines add deep inspection and URL filtering. Forward proxies protect outbound browsing and reverse proxies hide internal services. Deception tech—honeypots, honeynets, and sinkholes—turns attackers into sources of intel. IDS alerts, IPS blocks, and together they feed visibility into an XDR layer that correlates endpoint, server, cloud, and email signals to stop ransomware chains before they detonate.Good design contains failure. VLANs limit blast radius when a laptop is compromised. DMZs and jump servers separate public‑facing apps from sensitive systems. Zero trust reframes access with “never trust, always verify,” enforcing MFA, continuous checks, and least privilege across users and APIs. VPNs connect people and sites with SSL and IPsec, while NAC verifies device health and quarantines noncompliant endpoints—a must for any BYOD policy. We tie it all together with practical case studies, a quick quiz to test your instincts, and clear takeaways you can apply to classrooms, clinics, nonprofits, and clouds.If this deep dive helps you think more clearly about your network's weak points and how to shrink them, tap follow, share with a teammate, and leave a review so more builders can find it. What's the first segment you'll harden this week?Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifySupport the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Ransomware detection is more complex than most organizations realize. In this episode, cybersecurity expert Mike Saylor breaks down the real-world signs of ransomware attacks—from users complaining about slow computers to smart devices acting strangely. We explore polymorphic malware that changes based on its target, the risks posed by managed service providers using shared credentials, and why milliseconds matter in ransomware detection and response. Mike explains the difference between EDR, XDR, SIEM, and SOAR tools, helping you understand which security solutions you actually need. We also discuss why 24/7 monitoring is non-negotiable and how even small businesses can afford proper ransomware detection capabilities. If you're trying to protect your organization without breaking the bank, this episode offers practical guidance on building your security stack and knowing when to call in expert help.

For patients with ischemic priapism, time to treatment can mean the difference between recovery and long-term dysfunction. In this episode, Dr. Maia VanDyke (UT Southwestern Medical Center) joins host Dr. Juan Andino (UCLA Health) for a high-yield discussion on managing this urologic emergency, from early recognition to advanced surgical options.---SYNPOSISTogether, they cover diagnosis, patient demographics, and traditional versus advanced interventions, with special attention to the role of penoscrotal decompression in prolonged ischemic priapism. The conversation highlights surgical techniques, postoperative care strategies, and patient counseling, including the hard but essential discussions about long-term erectile dysfunction risk. Drs. Andino and VanDyke also emphasize the importance of collaboration, encouraging general urologists to adopt these approaches while leaning on colleagues and centers of excellence for complex cases.---TIMESTAMPS00:00 - Introduction02:18 - Understanding Priapism07:52 - Diagnosis and Initial Management16:51 - Advanced Management and Surgical Interventions28:21 - Patient Retention Challenges29:59 - Surgical Planning and Techniques37:29 - Post-Operative Care and Patient Rehabilitation44:13 - Future Directions in Research and Treatment51:28 - The Role of General Urology---RESOURCESDr. David Ralph article on use of MRI in management of priapismhttps://doi.org/10.1111/j.1464-410X.2010.09368.xDr. Tom Lue article on corporal aspirationhttps://doi.org/10.1038/nrurol.2009.50Arthur “Bud” Burnett article on corporal tunnelinghttps://doi.org/10.1016/j.juro.2012.08.245Allen “Al” Morey article on penoscrotal decompression erectile function outcomeshttps://doi.org/10.1111/bju.15127Survey on current management practices of ischemic priapismhttps://doi.org/10.1038/s41443-019-0120-4Risk factors, diagnosis, and long-term erectile dysfunction outcomes in priapismhttps://doi.org/10.1038/s41443-025-01076-9Video Journal of Sexual Medicine (VJSM) on Penoscrotal decompression: A better method for priapism managementhttps://www.vjsm.info/videos/all/penoscrotal-decompression-a-better-method-for-priapism-managementSurgical Management of Ischemic Priapism: what are the New Options? https://doi.org/10.1590/S1677-5538.IBJU.2024.0497The Impact of Immediate Salvage Surgery on Corporeal Length Preservationhttps://doi.org/10.1016/j.juro.2018.01.082

I recorded this episode at Barracuda TechSummit25 in Alpbach, Austria, a mountain village that looks like a postcard and hosts some of the most grounded security conversations you will hear all year. My guest is Richard Flanders, Commercial Director at Aura Technology, a managed service provider on the south coast of England that supports public sector organisations and tightly regulated commercial clients. Richard arrived as part of Barracuda's Partner Advisory Board, which means he spends as much time feeding customer reality back into product teams as he does comparing notes with peers in the hallway. We talk through his first TechSummit experience and why the event's focus on hands-on engineering matters for MSPs who live in the weeds of configuration, policy, and response. Richard shares early thoughts on Barracuda's secure edge service and the continued maturation of XDR, but the heart of our chat is the pressure he sees on customers. Compliance is no longer a side quest. ISO 27001, Cyber Essentials Plus, supply chain reporting, and new European rules are shaping budgets and expectations. Boards want proof. Auditors want evidence. Buyers want to know a supplier chose fit-for-purpose tools. That makes documentation, contracts, and the ability to show your working as important as the tech itself. We also get into the human side. In a world that loves point solutions, many teams are tired of alert noise and tool sprawl. Richard explains why a single, coherent view helps his engineers move faster and train better, and why MSPs are leaning into prevention-focused workflows rather than waiting for the next fire. He is candid about the conversations no one enjoys, like end-of-life systems that keep a legacy app alive, and the need for tougher stances when risk sits outside an acceptable boundary. AI comes up too, without the hype. Aura is hiring a Head of AI and Automation, standing up a private AI platform, and committing to ship a handful of small, useful apps for customers in the year ahead. The lens is productivity and safety, with an emphasis on teaching teams how to question outputs and rethink everyday tasks. Add in security awareness training, phishing simulations, and tabletop exercises, and you start to see a culture shift from annual tick-boxes to regular, lived practice. There is a lovely moment of serendipity in here as well. Richard's first conversation on day one was with another partner from Pune, the same city where Aura runs its network operations. They swapped ideas on automation and integration that might never have surfaced on a video call. That is the value of getting people in a room together, especially when the room happens to be carved into the side of a mountain. If you work with an MSP, this episode will help you ask better questions. If you are an MSP, you will recognise the balance Richard describes. Pick the right controls for the risks you actually face. Prove what you do. Keep training. And give your teams a single place to see what matters, so the next incident stays small. ********* Visit the Sponsor of Tech Talks Network: Land your first job  in tech in 6 months as a Software QA Engineering Bootcamp with Careerist https://crst.co/OGCLA

I recorded this conversation at Barracuda TechSummit25 in Alpbach, Austria, where the mountains feel close enough to touch and the discussions get very real very quickly. My guests are Adam Khan, VP of Global Security Operations at Barracuda XDR, and Eric Russo, Director of SOC Defensive Security. Together they run the teams that watch, interpret, and act when attacks move across email, identity, network, cloud, and endpoints. Their keynote used the language of sport to make sense of modern defense, and it worked. You will hear why football tactics map cleanly to security, how roles and formations translate to controls and playbooks, and why a strong back line matters when the opposition moves the ball quickly. Here is the thing that stood out for me. Integrated defense is not a slogan. When Adam and Eric talk about Extended Detection and Response, they are describing a practical way to join signals, add context, and trigger action without waiting for a human to click through ten consoles. XDR gives analysts one source of truth, connects events that would otherwise sit in separate tools, and shortens the time between a suspicious signal and an action that contains it. That is how you turn alert fatigue into something manageable, and it is how small teams hold their own against fast, multi-step attacks. The analogies make it easier to picture. In football, a defense tracks runners, closes passing lanes, and communicates constantly. In security, that means correlating identity with network flows and endpoint behavior, then deciding who picks up the threat and how to press. The Home Alone reference takes it further. Imagine Kevin's improvised defenses as point tools scattered around a house. Now add a single screen that shows every door, every window, and which trap fires next. That is the plain-English version of XDR that anyone can understand. We also unpack real incidents that their teams have faced, without naming names. You will hear how attackers chain steps across layers, and how automated responses isolate systems, lock accounts, and cut off command and control before damage spreads. The lesson is simple. Visibility gives you options. Automation buys you time. People make the right calls when they can see the whole pitch. If you work in security, this episode gives you a clear view of what good looks like. If you are a business leader, it offers a way to measure progress that goes beyond tool counts and budget lines. And if you enjoy a metaphor that lands, football and Home Alone might be the clearest explanation of XDR you will hear all year.

I recorded this conversation in Alpbach, Austria, a village that looks like a postcard and hosts a very serious tech gathering. TechSummit25 is Barracuda's deeply technical event, and it shows. The rooms are packed with solution architects, product managers, and engineers comparing notes with customers who run these systems every day. It is the kind of environment where product direction and real-world pain points meet over a coffee, then head straight into a lab to test an idea. My guest today is Neal Bradbury, Chief Product Officer at Barracuda, who leads engineering, product management, and the operations teams that keep services running around the clock. Fresh from a session titled “Secured today, secured tomorrow,” Neal breaks down what that promise means in practice. We explore why Barracuda is doubling down on a platform approach with Barracuda One, how a single dashboard helps teams see posture and value in one place, and why consolidation matters when alerts and tools pile up faster than teams can respond. We also talk about the balance between immediate protection and longer-term planning. Neil explains how quarterly releases and shared services underpin the roadmap, how zero trust network access moves from theory to deployment as VPNs fade, and how managed vulnerability services help organizations find risks they did not know they had. He shares why service providers are shifting toward vCIO and vCISO models, how value reporting answers the board's simplest question about where the budget goes, and why response time is the measure that keeps coming up in every conversation. Secured today, secured tomorrow The headline theme is simple enough. Know where you stand right now, then set a clear plan for the next year. Barracuda One aims to cut noise and show whether tools are configured properly. The same view rolls up alerts across email, network, and application security, and for MSPs it stretches across all customers. That single source of truth is designed to reduce swivel-chair work and make decisions faster. We dig into the reality of tool sprawl and alert fatigue. A recent study Barracuda commissioned points to teams carrying too many point solutions, with slower responses and misconfigurations as the cost. Neal's answer is convergence without ignoring specialist depth. Product groups keep shipping, while shared AI and threat protection services raise the floor across the portfolio. That approach feeds directly into XDR, where integrations with tenants, firewalls, and endpoints help shrink the gap between detection and action. AI sits in the background of all of this. Neal describes it as a reckless intern that needs guardrails. In practice that means setup wizards that cut deployment time, incident response that can pull a bad message from twenty tenants in one sweep, and ML-driven triggers that fire automated remediation when patterns line up. The aim is clear. Let machines handle the routine work at machine speed, so people can focus on decisions and the weird edge cases attackers love to try. What listeners will take away If you run security day to day, you will hear practical direction rather than slogans. Consolidated dashboards exist to show posture, not just counts. Value reporting exists to explain outcomes to a board, not to pad a slide deck. Managed services rise in importance because many organizations need strategy as much as tools, and that includes smaller enterprises that outsource large parts of their stack. For leaders planning the next quarter, the emphasis on zero trust and managed vulnerability services will stand out. For operators, the XDR and SOAR focus is about shaving minutes into seconds, connecting identity with network and endpoint events, and giving analysts room to breathe. And for anyone curious about how product roadmaps form, conferences like this one offer a candid loop between feedback and action that you rarely see on a press release. By the time we wrap, Alpbach's quiet streets feel like an unlikely place to discuss ransomware, posture, and platform design. Yet that contrast makes the conversation land even harder. Secure today, plan for tomorrow, and give your team the visibility to do both.

How the advice to “follow your passions” can lead to an unbiblical sense of entitlement, how to follow “the true, good, and beautiful” today to find your calling tomorrow, and how God uses pain and trauma to steer us to our callings.Links Mentioned:Dr. Karen Swallow PriorDr. Karen Swallow Prior on XDr. Karen Swallow Prior on InstagramDr. Karen Swallow Prior on FacebookYou Have a CallingFierce Convictions: The Extraordinary Life of Hannah MoreThe Priory NewsletterHannah More | BritannicaMoanaMoana 2Cal NewportSo Good They Can't Ignore YouMaster of OneDr. Amy Wrzesniewski on LinkedIn‘Jobs, Careers, and Callings: People's Relations to Their Work'‘The Secret of Effective Motivation'Why Work?Five Mere ChristiansAmusing Ourselves to DeathMakoto FujimuraEpisode 130: Makoto Fujimura (Artist)Episode 147: Haejin Shim Fujimura (Attorney)Kaleigh Cox on LinkedInAaron SorkinRedeeming Your TimeCalled to CreateJordan Raynor