PodcastsBusinessRunAs Radio

RunAs Radio

Richard Campbell
RunAs Radio
Latest episode

1043 episodes

  • RunAs Radio

    AI-Accelerated Supply Chain Attacks with Mackenzie Jackson

    01/07/2026 | 36 mins.
    How are supply-chain attacks evolving? Richard chats with Mackenzie Jackson about his work helping companies protect their software supply chains from malware attacks. Mackenzie discusses the vulnerability of developers to attacks, since their accounts are often highly privileged and invariably contain access to exploitable secrets. The conversation digs into the challenges of securing various code distribution mechanisms like npm and how you can protect your organization - starting with, don't install packages as soon as they are released! There are effective tools for detecting malware in code, but they take time. Waiting 48 hours can eliminate a lot of risk!

    Links

    Aikido Software

    Trivy

    Claude Mythos

    OpenClaw

    Shai-Hulud Guidance

    ClawHub

    Open Source Malware

    Windows Update Management

    Recorded June 15, 2026
  • RunAs Radio

    Securing Developers with Tanya Janca

    24/06/2026 | 34 mins.
    How can sysadmins help software developers work securely and make more secure applications? While at NDC in Toronto, Richard sat down with Tanya Janca of SheCodesPurple to discuss what admins can do to help address the security challenges software developers face. Tanya talks about securing development environment and pipelines - developers routinely work from high privilege accounts because their tools require it, and as a result, have become the targets of black hats to get access to accounts, keys, and other exploitable resources. There are plenty of tools available to help work through the issues, including the latest AI-powered tools. LLMs can also help generate more secure code in the first place, and Tanya has created a set of prompts you can use to create more secure software. The threat landscape is shifting with these tools, and we need to act quickly to resist the new attacks!

    Links

    SheHacksPurple

    Canadian Guidance on Resisting Supply Chain Attacks

    OWASP Top 10 Security Risks for 2025

    Prompts for Generating Secure Code

    Recorded May 8, 2026
  • RunAs Radio

    47 Day Certificates with Todd Gardner

    17/06/2026 | 37 mins.
    The 47-day certificate is coming! While at NDC in Toronto, Richard received an update from Todd Gardner about his show last year: certificate authorities are moving toward SSL certificates that last only 47 days! Todd talks about the first decrease in duration that has already passed - as of March 2026, the longest duration certificate you can buy from certificate authorities is 200 days. At the core of these changes is the problem that certificate revocation just isn't working properly, so a short certificate lifespan is the effective solution. Short certificate lifespans make automation to replace certificates essential - and that's where CertKit and other tools come in!

    Links

    Lets Encrypt

    ACME Client Implementations

    CertKit

    Apple's 398 Day Rule

    Microsoft SHA-1 Retirement

    Google Transparency Logs

    Perfect Forward Secrecy

    Recorded May 8, 2026
  • RunAs Radio

    How Machine Learning Fails with Megan Robertson

    10/06/2026 | 36 mins.
    What can go wrong with machine learning? While at NDC in Toronto, Richard chatted with Megan Robertson about her experience with machine learning projects, often using retail datasets, and where they can go wrong. Megan talks about getting clear expectations and metrics for projects, so you know when you succeed, but then digs into the specifics of problems in machine learning, such as overfitting on test data. Your results are only as good as the data you put in, so a lot of focus goes into building good sets, carefully developing the model with those sets, and using techniques like cross-validation to ensure the model is behaving appropriately. There's a lot that can go wrong, but the results with an effective model can be very powerful - it is worth the effort!

    Links

    Cross Validate Model

    Megan's Website

    Recorded May 7, 2026
  • RunAs Radio

    Data API Builder and SQL MCP with Jerry Nixon

    03/06/2026 | 36 mins.
    How do you intelligently surface access to your database? While at NDC Toronto, Richard spoke with Jerry Nixon about Data API Builder, Microsoft's tool that enables data professionals using Microsoft databases, including SQL Server, Postgres, CosmosDB, and MySQL, to provide an API layer with security, schema extraction, and governance policies. You can expose the API as a REST interface, a GraphQL interface, and an MCP server! This is a powerful tool for providing controlled access to data while still allowing for ad-hoc access. The potential is huge - you need to check it out!

    Links

    Data API Builder

    GraphQL

    Recorded May 7, 2026
More Business podcasts
About RunAs Radio
RunAs Radio is a weekly Internet Audio Talk Show for IT Professionals working with Microsoft products.
Podcast website

Listen to RunAs Radio, The Diary Of A CEO with Steven Bartlett and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
RunAs Radio: Podcasts in Family