How do you intelligently surface access to your database? While at NDC Toronto, Richard spoke with Jerry Nixon about Data API Builder, Microsoft's tool that enables data professionals using Microsoft databases, including SQL Server, Postgres, CosmosDB, and MySQL, to provide an API layer with security, schema extraction, and governance policies. You can expose the API as a REST interface, a GraphQL interface, and an MCP server! This is a powerful tool for providing controlled access to data while still allowing for ad-hoc access. The potential is huge - you need to check it out!

Links

Recorded May 7, 2026

How can Microsoft Loop make your team more productive? Richard chats with Karinne Bessette about the role that Loop components can play in making meetings where the agenda is live, generating work items in Microsoft Planner, and keeping key information up to date. Karinne talks about how Loop components can be connected to any M365 document, including Outlook, Word, Excel, and OneNote, but only for members of the M365 tenant. Loop is a powerful tool for productivity within the organization!

Links

Recorded April 27, 2026

The original Secure Boot certificate expires in June 2026! Richard talks to Richard Hicks about how Secure Boot works and how the expiration of the master certificate can leave PCs vulnerable to boot-related malware, such as rootkits. Richard discusses recent Microsoft communications on SecureBoot and how to check which certificate your machines have. Workstations using managed updates are likely already up to date, but servers are a different issue. When the certificate expires, you'll no longer receive updates to Secure Boot for known exploits, leaving your machines vulnerable. Update today!

Links

Recorded March 9, 2026

What does a production-grade large language model look like? While at NDC Sydney, Richard talked with Vaishnavi Gudur from Microsoft about her work scaling LLMs for Teams transcriptions, summaries, and more! Vaishnavi discusses the underlying complexities of operating the Teams LLM infrastructure for a large array of customers across different countries and regulatory regimes. Data sovereignty also plays a large role: different countries have specific rules on where data must reside and how it can be accessed. As the scale increases and the tail gets longer, the rules set gets more complex! Lots of great thinking about what LLMs look like in a production environment.

Links

Recorded April 24, 2026

How secure is your Active Directory infrastructure? While at Zero Trust World in Orlando, Richard chatted with Spencer Alessi about his work helping companies secure Active Directory, making it more difficult for black hats to exploit it for lateral moves during a breach attempt. Spencer talks about the increasing speed of these exploits, making it much harder to block them after the fact, so it's best to make AD too difficult to target. Jake Hildreth's Locksmith tools are a great place to start - free and open source. There are also Microsoft tools and Spencer's own AD Security Resource Kit to help evaluate your AD infrastructure and lock it down!

Links

Recorded March 4, 2026

There's competition in the Office productivity space! Richard chats with Sharon Weaver about her experiences with M365 Copilot and Anthropic's Claude Cowork to improve information worker productivity. Sharon talks about the confusion around all the different copilots in the Microsoft space - including the chat tools, research agents, and more. But when it comes to helping with an Excel spreadsheet, M365 Copilot can't do what Claude Cowork can do. Sharon talks about describing the goals of a spreadsheet to Claude Cowork and having the tool generate the spreadsheet, make corrections, and add formatting. Cowork has similar capabilities for presentations, and with the Connector library, new functionality is being added routinely. There's some competition in the AI productivity space - things are getting interesting!

Links

Recorded February 24, 2026

What does the world look like after Microsoft Deployment Toolkit? Richard talks to MDT creator Michael Niehaus about the life and death of MDT. Michael talks about his early days at Microsoft, when he created a better way to manage operating system images so you can build and rebuild Windows PCs for your organization. But MDT had been in maintenance since 2013, without specific support for Windows 11. And now, some security concerns have ended support entirely. So what happens next? Michael offers fixes to keep MDT safe to use, and some alternatives if you want to keep managing your own images!

Links

• Microsoft Deployment Toolkit
• Michael's Post of the MDT Vulnerability
• Windows Autopilot
• Friends of MDT
• MDT Retirement Notice
• Microsoft Intune
• 2Pint DeployR
• MMS Conference
• iPXE Anywhere

Recorded February 17, 2026

How does your company communicate with its employees today? Richard chats with Emily Mancini about her work with companies that manage internal communications. Emily talks about the power of email, collaborative messaging like Teams, and the Microsoft Viva products Engage and Amplify. The conversation digs into knowing where your people look for info, how they communicate, and what they want to connect with. Being able to measure the response to different communication means helps you to work on better messages and methods - the goal is to enable employees to connect with and utilize the resources of the organization, creating a stronger company culture!

Links

Recorded March 9, 2026

AI Agents can be powerful tools for an organization - but are they a security risk? Richard talks to Niall Merrigan about his experiences dealing with the various ways that LLMs can be attacked, starting with prompt injection. While some attacks are humorous, others can be very serious, especially in the context of agents, where the right prompt can cause an agent to use its capabilities to access or affect data outside its expected behavior. This has already led to several well-publicized CVEs, including the ServiceNow Privilege Escalation advisory. New tools have emerged to help restrict prompts and keep agents on task - but as with all things security, this is another set of tools you need to get familiar with!

Links

• AI Recommendation Poisoning
• Detecting Prompt Injection Attacks
• Mark Russinovich Crescendo Multi-Turn LLM Jailbreak Attack
• Cross-Site Scripting (XSS)
• Cameron Mattis LinkedIn
• Privilege Escalation in ServiceNow AI Platform
• Azure AI Content Safety Prompt Shields
• Task Adherence
• Simon Willison's Lethal Trifecta
• Microsoft Agent 365
• PyRIT
• OWASP Securing Agentic Applications Guide

Recorded February 16, 2026

Are you ready to take a look at Richard's home lab? Richard goes solo to share insights about the new infrastructure, hardware, and automation in his seaside home. He discusses the challenges posed by its remote location, including unreliable power and connectivity. You'll find plenty of details about networking, computing infrastructure, automation, telemetry, and experiments with AI technologies. Get an exclusive behind-the-scenes look!

Links

Recorded April 1, 2026