It is time for the annual holiday fundraiser episode! This year I deviate a little from the usual process but more on that later. Over the past year I have talked from time to time on the work that the AI and Dev Center of Excellences (CoE) have been doing. From implementing an enterprise wide code repository to opening up different Large Language Models (LLM) to the utilization of Agents for coding and Model Context Protocol servers a lot has changed.

What better to help explain the journey that getting some of the key players on the podcast. I am very glad to have Kyle Jero , Lead Data Scientist of GenAI for Corewell Health and Aaron Tellis Senior Data Engineer for Corewell Health on the podcast.

Here are just a couple of the great and insightful topics that we covered:

• How AI and Dev CoEs and the policies and standards are evolving
• The need for the creation of an Development AI Subcommittee
• The concept of a 'Digital Twin for Developers'
• The challenges on evaluating and onboarding AI Dev tools quickly where possible
• Potential downfalls for Dev Teams when it coming to training Junior Devs in the future
• AI tools being used for 'harm' and how to help be more secure
• What does 2026 hold for Dev AI Teams?

Fundraising Update:

We did the fundraising for this event a little different this year, rather than have one or two vendors sponsor the episode, I was able to use some of the leftover funds from Cloud Con. I am happy to report that we donated $750 dollars to seven different charities. They were Toys for Tots of West Michigan, North Kent Connect, Black Girls Code, St. Joseph's Indian School, the Electronic Frontier Foundation, Guiding Light Ministries and Raices Cyber. The total donated for 2025 was over $1,500. I wouldn't be able to do this community work without the support of my awesome security leadership team at Corewell Health and Matt Nelson and the rest of the Really Bad Security crew. Here's hoping that 2026 is another great year!

In this episode I had a chance to do live remote podcast from the best hacker conference in the world, GrrCon. My guest for this episode is Shelly Migliore. Shelly is a Cybersecurity Risk Solutions Architect for Safe Security.

The topic for this episode is Rethinking 3rd Party Risk in 2026. Shelly and I talk about some of the unique challenges that companies are facing as more and more industries are using 3rd party tool that utilize AI.

YouTube Video Link:

https://youtu.be/yxLIrlIUT68

In this first episode of 2025, I picked a topic that is one of the few areas of security that is both 'hype' and 'real'. Threat Intelligence. It is an area that you can get great information for free but also overpay for what you get.

I wanted to take a different approach to discussing this one, so I contacted a well-respected colleague of mine, Justin Lentz. Who happens to work in the SMB Threat Intel space to come on the podcast and share his experiences and thoughts.

Talking Points:

• How do you approach a smaller client when it comes to TI?
• What is different when it comes to a client that has some experience with TI?
• What are some pitfalls when you look at the different TI providers out there?
• What happens when you run into data that is not relevant to your company's process?
  • Asking clients what is the problem that you are trying to solve?
• What do you do when you have a low or limited budget?
• What is his experiences running into this type of project (open source tools, using Azure, etc.)
• What does it look like a year later?
  • SaaS platform
  • Partnering with different groups, agencies, etc.
  • The 'addiction' on wanting to get more data
  • Creating a Circle of Trust to share valuable information

Episode Charity:

Corewell Health's Blue Envelope Student Suicide Prevention Program

Episode Sponsor:

Solis Security is a cyber security managed service provider specializing in Threat Intelligence and Incident Response.