Hello and welcome to the let's Talk. Azure podcast with your host Sam Foote and Alan Armstrong.
If you're new here, we're a pair of Azure and Microsoft 365 focused it security professionals. It's episode 21 of season five. Alan and I had a recent discussion around what Microsoft released in May with build and RSA. We've got lots of new updates covering entra Defender and tons of Azure changes. So it's a really feature packed and it's going to be a pretty long episode, I would have thought. We've noticed that a large number of you aren't subscribed. If you do enjoy our podcast, please do consider subscribing. It would mean a lot for you to show your support to the show. It's a really great episode, so let's jump in. Hey, Alan, how are you doing?
Hey, Sam. Not doing too bad. How are you? Yeah, not doing too bad. Not doing too bad. I think this is going to be a long one. I've got a feeling of, because the show notes for this one is, yeah. Pretty extensive, should I say? Yeah, given. Yeah. Two pretty big conferences over the past month. Yeah, I think we said last week, didn't we? I think it's going to be a not action packed, but definitely news packed of all the updates and things like that that we've seen come out.
Yeah. Infosec this week of recording here in, here in London. Alan, you've got a slot, haven't you, with Microsoft for Infosec? Yeah. So not, I think last year I did it on their stand. This time it's in the strategic talks area at the info, Infosec Europe. So I think it's like a level up really. So, so we'll see how it goes. What are you covering?
Yeah, so similar topic to last year and it's, you know, around, I think we've got it fortify in the skies, but in effect, you know, looking at how you can, how you can, you know, reduce your blind spots in, in the cloud, in your cloud infrastructure, things like that, using CSPM and Microsoft Defender for cloud. So, yeah, should be good.
Nice. And by the time this episode actually airs, you would have done it. So, yeah, good luck. I hope it all goes well and we'll catch up and see how Infosec was, I suppose because it's a relatively big conference here in the UK. So yeah, it'd be interesting to see what, what you sort of, what insights you can get from, you know, Microsoft and other vendors that attend infosec. Yeah, definitely. Yeah, it will is big. Like you said, it's what, three over three days? I think it is. So. Yeah.
Okay. Nice. Right. Should we get cracking on news updates for May? Alan, do you want to kick us off and take us through your list?
Yeah sure. So first off I'm gonna, I'm gonna start off with the numbers so the number of updates based on sort of the areas and I've not hit every product but I've hit most of them. So entra, there's been twelve updates this month. Defender for endpoint four, MDA three, Sentinel two, XDR, portal nine intune twelve and Defender for cloud six. There is probably more than that around it. They all sort of interlink with each other but that's the numbers just for the Microsoft security slash endpoint management products that seemed insane for 30 days, you know, 31 days. So yeah, I'm just going to hit a couple of them. So if we start with intune. So a couple of things in here is you can now stage your Android enterprise sort of deployment. So you can do the, basically the pre configuration before you get to the user. And this is for, let me just get it. Corporately owned fully managed devices and corporate owned devices with work profile. So that means that in effect kind of like, I guess like white glove in Windows autopilot we can pre build the device, this being a phone at this point, so there's less time that user has to wait for all the applications and things like that to be deployed to it. So that seems quite, quite key. There is you can now do evaluation of compliance against the Windows subsystem for Linux. That's in public preview which is interesting because that's probably a bit, you never get to sort of check whether it's compliant or not. So it's probably like a, I suppose it's like a blind spot in some form on your Windows endpoints if you're using WSL. And it's probably, oh, the only other one that I want to talk about actually was with Windows ten and eleven with sort of windows updates and Windows features you kind of, the only thing you had an option to do was to set, set a feature to you know, a feature level and it was never optional so you always had to upgrade, you know, end users have to upgrade to the next feature release you, you know, because you set it. But now you can set, it's optional to allow you have like a buffer so you can say hey everyone can sign up to do this upgrade at their own time and then enforce it later. So it's a great user experience. Moving on to enter id. One thing in here is that now you can have on Android devices and the authentication app, you can now have multiple passwordless phone sign ins on a device for multiple accounts. So that means that if you're working for two organizations, you can now do passwordless authentication against both of them beforehand. It can only be one of them, which was partially annoying in some form because it means you can be secure against both accounts. Another one is in public preview using bisect templates for Microsoft graph. So allowing you to, in effect in some form infrastructure code, but to build resources in entrance. So it's just enhancing it to be graph as well as azure resources. So kind of I guess adding functionality that's in terraform at the moment. It's probably fair to say Sam, isn't it?
Yeah, I did see this one because it's almost like IAC but for an API, if that makes sense. Looking for specific objects to be returned via API, I'm guessing. So I haven't checked this one out yet because I'm not sure how you would have done that previously. Personally I've only ever done infrastructure, infrastructure as code, if that makes sense, not graph. So yeah, it'd be interesting to see what other options there are for that. But yeah, really cool. I was really intrigued when I saw that. I haven't actually checked it out yet.
Yeah. So another one is the last successful sign in. I think it's part of the graph sort of resource is now generally available. So you can now pull that from graph. That's very handy because that used to be two API calls, didn't it? To do that, yeah. You had to pull the list of users then for each user then. Yeah. Query their data was there or something like that.
And then didn't, didn't you only have a maximum amount of time that you could see that as well because of activity logs. Is that, is that right with that. Can't remember previously. I can't remember. It's been a while since we were. Yeah. Hunting for it because it was never in the portal, was it? I think that field is there now because you can now get, you know, you can also get from graph.
Yeah. Especially if that goes beyond activity logs and all that sort of stuff. That's going to be really helpful for, you know, older user accounts and things like that. Really good.
Yeah, exactly. Platform sign in. I think we talked about this when I started doing the Mac OS management that you can do single sign in now that's very similar to Windows hello. On a Mac. So that's now come in as well. Probably any other key one actually is that external authentication. External authentication methods for multi factor authentication. You can now add external ones, third party ones like Duo Silver for things like that into it as well now as well as you. So you don't always have to use Microsoft Authenticare. So if you've already got those products, you can now you could do it in some form with some of them, bring them in as an option. But I think this is just using the authentication method part to set that signal of I've done MFA, so that's quite good as well. If you've got those other solutions in.
Play, does that mean my other security recommendations are going to recognize that you do have MFA on those accounts? Yeah, yeah, I think that's the reason for it. So it's flagging that you're doing MFA? Yeah, exactly.
Rather than it being I can't see it kind of thing. Yeah, it probably still need to be conditional access that does that MFA check. So if you've got okta and things like that in front, then it still may not see that. Okay, because it's October doing the MFA. But definitely if you're push, pushing the MFA into third party MFA into conditional access enter, then yeah, it should, I reckon it all should be able to see it. Nice.
Rolling onto defender XDR. How we doing for time? Because like I am rocketed ten minutes. Good. You're good?
Yes. Let me just find it again. Defender XDR. So we've got them moving the preview options into the core Defender XDR settings. So you've now got a checkbox for each product that supports preview features. So previously for like Defender for Endpoint, there'd be a checkbox in, in the settings. In the endpoint part they've now moved up to the top because now you're bringing these other products in, you can now manage it centrally, so you have to go into each blade to turn on or off those features. You've now got cloud audit events coming from Defender for cloud. So this is an enhancement to just alerts going in. So this is showing Azure resource manager and kubernetes control plane activities going into a table there. So now you can do advanced hunting on there or create custom detection rules for that. So now starting to see Defender cloud to be more integrated into that, into that central location. Kind of alongside that you can now create custom detection query or custom detections using queries in Defender for XDR. Defender XDR and that can span across Microsoft Sentinel and defend the defender XDR tables. So this is starting to again bring it into that central location where now there may be a start at some point of a shift of moving, I guess your analytic rules that are in sentinel maybe into custom detection rules because now you can span all the data sets in there. That's interesting in itself.
Yeah.
And whatever ones were in here, there was another one I thought, oh yeah. Okay, so you can now query using the advanced hunting query API that, that's in Defender XDR to query Microsoft Sentinel data and the Defender XDR data through the API. So you don't have to go and query the log analytics API endpoint anymore as long as you've got the connection in place. This helps if you want to do some advanced hunting beyond the 30 days you get in the portal because I believe that the portal is limited to 30 days. But if you've got your retention for longer than that, then you can do queries using the API. So that's quite key. Okay, moving on to defender for endpoint. The defender for endpoint plugin for the WSL in Windows 1011 is now generally available. So it's gone through its public preview. Now it's GA. So that should be a key thing to deploy now if you got WSL in your environment, streamlined device connectivity. So this is where Microsoft had a preview to reduce the amount of endpoints that Defender for endpoint has to communicate with for its service. This has now been dropped down to maybe one wildcard with a few others that are sort of other services within Microsoft. So there'll be some entrail ones and a few things like that. This has now gone GA, which means that, you know, you can start using it. So it's probably key to start looking at, looking at your firewalls or any of your proxy settings to now look at the new requirements in effect and start migrating to that because it'll be a lot simpler to manage. And the Microsoft Defender core services, which is where Microsoft has sort of repackaged the defender for endpoint services on the endpoints that's now gone GA as well. So that's that one defender for cloud apps we've got that's now generally available to view Defender for cloud apps in the Defender XDR portal. So I guess it was for a preview for some time I thought it already gone GA to be fair, because it's just the norm to go there. So that's now gone Ga. And soon the read the redirection from the old portal. In effect, you won't be able to turn it you know, turn off the redirection, it will start pushing you towards the Defender XTR portal. The preview settings was the same thing and that's it for there. Microsoft Sentinel so instance and entity triggers in playbooks, in log analytics, not log analytics logic apps is now generally available so you can now do triggers. It's now GA for doing triggers against Microsoft Sentinel incidents and Microsoft Sentinel entities or an entity. Yep. And then the other one was that the optimizer. Optimize your security operations with sock options. Soc optimizations is in preview. I think I've seen that for some time, but it's now in the Defender XDR portal so you can see where you can make improvements to your data ingestion if connectors are not working correctly and things like that. So it's worth looking at there. And I think it's only defend for cloud that I'm missing now. So there's a new recommendation that has gone GA which is the one around disk encryption and this is that. One of the recommendations was that you needed Azure disk encryption, but sometimes an organization couldn't use that and they wanted to use the encryption at host but would be penalized, somewhat penalized against the recommendation. Microsoft have released a unified disk encryption recommendation which supports both types. So now you've got one recommendation. As long as one of those has been set, you then, you know, you then achieve the recommendation. You can now configure email notifications for attack paths. So when a new one comes up you can now get alerts on that. And then really the only other one is really like I said before, the advanced hunting in defender for XDR is now bringing in. You can now do it against alerts and incidents in the advanced hunting as well as those extra Azure resource manager in Kubernetes logs. And I think that was all I was going to cover in a quick whistle stop tour of those changes, but there were a few others, there's quite a few others in there that they were kind of key ones I thought were quite interesting. So yeah.
Thanks Alan. Yeah, hard to pick I think from this month it'd be interesting to see if there's a bit of a lull next month. Right. Not going to say that product teams at Microsoft are going to take June off, right? Yeah. The amount that's been packed in and we, we kind of say this every time with news is that we can't really believe some months how much is actually, you know, rolled out. I think every month is really consistent, but some months it's just bananas, right?
Yes, yes, exactly. So what's happening in Azure then?
Okey dokey. Right, is everybody ready? Because I've got a lot of tabs open here. Right. So first one is starting from the beginning of May, they've started to enable route management groups for tenants that didn't have it previously enabled. So according to them, this is going to make no real changes if you're not already utilizing it, but they're effectively enabling it by default on tenants now, so you won't have to make the configuration change by default. Azure API center has gone ga. It's effectively a tool to inventory manage your APIs at scale. So think of API management like a group above API management. Basically, there's a lot more to it than just that. There's a governance, a cataloging, an inventory management solution, but that has gone ga now. So if you do have an organization where you do have a large number of APIs, API sprawl, you maybe at least want to get them documented. That's a good way to bring things together without having to go full whole hog. API management for everything. Azure front door now has the ability to scrub sensitive data from its logs so you can create scrubbing profiles which pull sensitive data out of things like cookies, headers, that type of thing, which is pretty cool to see being put in place. Microsoft now has apparently a, a cloud region in Mexico. So if you hello to our mexican listeners, probably not very many, or if none, I'm not sure, I don't know about those stats. But yes, there is now azure region, cloud region in Mexico. If you have ever used the cosmos DB data explorer in the web, you know how, let's say frustrating it can be and sort of no shade thrown to the product team there. That's effectively a whole new sort of data management system that they've built there. But now there is a whole, and I'm talking a lot of keyboard shortcuts for Cosmos DB data Explorer. So if that's an interface that you spend a lot of time in, there's a lot of really good sort of user experience improvements there. With that, I couldn't quite actually believe how many different keyboard shortcuts there are. I assumed it was just going to be like a handful. But there's at least 30 shortcuts there, easy. It's generally available that you can now apply customer managed keys onto existing Azure Cosmos DB accounts. So it basically means it eliminates the need for data migrating into a new account just to enable customer managed keys. So really good quality of life improvement, especially as you may get hit with some sort of regulatory compliance once you've got a little bit more mature than the day you created your Cosmos DB account. There's a public preview now for NFS. I think that stands for network file share, which is a Linux equivalent of SMB. Probably get absolutely slated for comparing the two. But hey oh, this is basically the same thing in my eyes. You can now do a volume mount into Azure container apps for NFS file shares. So NFS is I think supported out of the box with kubernetes. It's like part of the inbuilt connectors I believe to do SMB with kubernetes you have to, as far as I'm aware. Well in my lab you have to essentially install a driver to do SMB. But NFS is supported out of the box so it might be just them bubbling, I say just them bubbling up some of that underlying functionality. Azure bastion now has a new SKU which is called Bastion developer. It is completely free of charge and it utilizes a shared host pool for bastion and it's designed for dev test environments. I haven't tried it yet. There's no scaling options there, no VNet, it doesn't connect in the same, you don't deploy it in the same way as traditional bastion because it's shared pool. So it's something to definitely look at if that's what you'd like. Not currently available in the UK. Just throwing out there guidance is they want to allow support for all public regions but not quite yet. So that could be quite cool for some people because yeah, that can. A bastion, bastion pricing can be a bit tricky but it is only a developer SKU. So no production. Wink wink. So we had data protection scrubbing for azure firewall. Sensitive data scrubbing is also, sorry, it's called sensitive data protection but has also been enabled for azure front door web application firewall as well. That's also in preview but same sort of thing, header names, cookie names, request IP addresses, stuff like that. You can add rules to scrub that data. And I don't know if this is a completely new piece of technology that I've never, that was announced at build or whether it's something I've just completely missed because it's absolutely amazing. Well it seems amazing. I haven't actually used it yet because I've just, well literally found out about it whilst prepping for this episode. The data API builder. Have you heard of this Alan?
Nope.
And the thing that confuses me is in the sort of update from Microsoft, it's like after nearly three years in development and I was like, is that public development or not? Because I haven't heard of this before, but essentially it's like an add on for Azure SQL. It supports Azure SQL, SQL Server, Cosmos DB Azure database for postgres, Azure database for MySQL on Prem postgres and MySQL as well. What it is is it's literally a data API builder. So you can attach it to your database and it will create you either a rest API and I believe graph QL is also supported and it will create an API that backs on your data which allows you to interface update it, read it, query it, that type of thing. So if you've got very, I'm going to call it simple, simple applications or access to data. This could be a very very quick way to build like an API in front of it because a lot of applications nowadays are just storing and retrieving data relatively simply. We call them crud applications. Basically it'll give you that crud logic. And Crud stands for create, read, update, delete. They're like the typical actions that you take on data. So this needs its whole load episode because this is a big deal, I'd say, and I'll be bummed if this has been in public preview for a long time because I can't remember even seeing it. Quite excited by it, to be fair. So Microsoft have updated that they were now not charged for data transfer across availability zones, regardless of whether you use public or private ips for your Azure resources. This is great because of the big push towards zone redundant designs for resilience, but also without the penalization of effectively inter availability zone transfers. I've never been bit by this before personally, but I can see that it could be quite a big deal for certain workloads you could now do in database embeddings in Azure database for postgres. So we, we did an episode on what was it, was it last episode or the episode before that we did around what's the last AI episode that we did?
I'm just looking. Azure AI search was that's, that's it.
Azure AI search. So if, if you weren't going to. Thank you, Alan. If you weren't going to use Azure, a search, you could use postgres. Postgres is a database system open source. It's kind of amazing really because it does so many different things. It's a bit of a chameleon in that sense. It can do acid compliance relational databases, it can do NoSQL, JSON embedding, it can also do vector storage. So the way that you store, let's call it data for AI very simply is to generate embeddings and do vector search on it. Now it's supported to do that in postgres. There's been a plugin for postgres in order to do it, I believe an open source one. So I don't know if that's just bubbling that up or if they've got their actual owner extension for it. So yeah, just something to sort of start thinking about. I'm not sure if it is vector thing or whether this is more of a embeddings generation, but something to, something to have a look at. Because if you do have those types of requirements and you've already got that resourced, then it might make sense to, might make sense to do it right. Let's go for the next one. Generally available. I don't think I've talked about this before, but computed properties in Azure Cosmos DB for NoSQL. So computed properties allow you to essentially you can create values based on existing other item properties without having to actually persist those values themselves. So you can have like a field somewhere which is computed from other values. So let's say you have two columns with two numbers in it. You could create another column which is like the sum of them or some other calculation and have it as a computed property. You wouldn't then have to store it. It would like compute it on the fly basically as you pull it out of the data store. It's quite standard in other database management systems, so it's good to see it on this side as well. Experimentation capabilities for Azure app configuration now this is pretty cool. This allows, so if you've got an Azure app service, as an example, there's a service called Azure app configuration, which is basically a way to create configurations and share them with your applications. So a configuration in an app might be like a database connection string or your app name, things like that. You might put it in a configuration, so you load it into the app when it's running. What experimentation allows you to do is to switch those values out. So a concept that some product teams will use is what's called a b testing as an example. So if I've got a landing page for my SAS products, if I have a green button, what happens if I change that button to blue? Do I get more conversions? That type of thing. So it can actually allow you to a b testing by basically flicking those configuration flags on the fly and then sending certain amounts of traffic to each one, basically. So one part of it can be to turn certain features on and off at random to test different like let's say you have an onboarding wizard for your SaaS application and you want to try a new one. Like you make a v two and you're like, right, okay, well I want to send 50% of the traffic to the old, 150 percent of the traffic to the new one and I'll see how that performs. Do we get more conversions through one side of the route or not? And that allows you to effectively do it in Azure itself. Really powerful Azure functions, you could edit them in the web browser. Previously it wasn't a great experience. Actually it was pretty, no, it wasn't a great experience. I'm going to call it that. Apparently visual studio code for the web is now in, it's a public preview to embed it in the Azure portal itself. So if you're editing Azure functions, you don't have to leave the portal to get the power of visual studio code. So definitely going to be giving that a try. Really, really good. I previously talked about in a previous, I think it might have been last month or month before, but Azure API management was getting, it's got now load balancer supports in built into it that has now gone ga. Sorry, we still got, I think eight more to go. Apologies for flying through these, but I've got a lot to get through. Sorry. As your logic app standard.net eight custom code support is now in public preview. Pretty damn cool change here to be able to mix and match logic standard logic apps with.net eight code as well. Very powerful. There's going to be in public preview there's a next generation dashboards experience in Azure portal. I haven't tried this yet. So yeah, there's a new richer editing experience. Mobile support is a big one there as well for that. So yeah, really good to see a refresh there. Another thing that's in preview is reporting capabilities for Azure site recovery. So you can get richer reporting capabilities to your sort of site recovery and backup admins to understand audit and tracking purposes. What's, what's historical information about how site recovery jobs have been used, replicated items and it covers a load of different resource types there as well. Azure Firewall is now available in new regions. Want to call this out because it's quite an important resource. I would say Israel, central Italy, north Mexico, you know, Mexico and Spain central as well. So now it's available in 64 regions worldwide. Azure Static web apps, which is a way to, which is a way to. What's the best way of describing this? Newer types of applications are built statically a lot of the time. Things like react apps, vue apps and newer types of web technologies. If you're using literally static web applications, there is a new dedicated plan in there. So you've got always on capability and also data residency, sort of data residency supports as well for different sort of regulatory compliance requirements. Currently during the preview it's available in east US, central US, west US and East Asia as well. Sorry, I just closing down some extra tabs I had open. Okay, so there's now a public preview of Azure compute fleet. So what this does is it's a layer on top of provisioning and managing compute capacity at scale. So you can mix and match availability zones, pricing models. You can effectively integrate multiple pricing models into a single fleet request, which gives you a mix and match of different vm sizes, performance and sort of to make more customized capacity available. It can go up to 10,000 virtual machines in a single region within a single fleet. So holy moly, if you've got to scale to 10,000 virtual machines, and I suppose at that size, and I don't think I'll ever be able to claim that I've ever had to deal with something of that size, but I'm guessing there's sort of different complexities in terms of how you want to eviction of different types of virtual machines from the fleet. Spot vms, a blend of all different types and skus it must be because I'm guessing you're not just buying 10,000 of the same SKU, it pays. You go in that scenario.
That seems quite good. Really that one. I'm quite interested in that one. Not that we do at that scale like you said, but it's interesting.
Yeah, definitely. Yeah that's, you know, they call it like hyperscale cloud, you know, because they bought a bunch of GPU's that they need to use. I think that is, I'm going to call that hyperscale. That's, that's for sure. Yeah, that's, that's absolutely insane. So azure load balancer now supports admin state. So this is effectively being able to communicate to a load balancer that a virtual machine going into an administrative sort of state for maintenance, that type of thing. So it can remove machines from your pool so that you can do that maintenance, but it won't report unhealthy and give you all the warnings that you would have had previously. There's also in addition to the developer Bastion SKU, there's a premium SKU as well which now allows you to, this is in public preview which allows you to connect to bastion via a private endpoint and also record all virtual machine sessions as part of bastion as well for compliance. So pretty cool on, on that front. I don't have pricing on that, but let me just see if I can quickly load it, if I can get it. No, there's no pricing yet for that so I probably not got a link to it. So that'd be interesting to see how that, how that drops. I've got a feeling it's going to be expensive. Right. Chaos Studio, we love a bit of chaos studio. Well I do anyway, there's a new support for this is now generally available. I don't think I've talked about this before for pausing processes fault on Windows virtual machines, so seems pretty nasty in terms of a test, but that could be good for fault tolerance testing. So yeah, I thought that was pretty, pretty cool. Only a couple more now. Generally available now is VM hibernation for general purpose virtual machines. So you can hibernate your vms to save compute cost, but also persist the vms in memory state so that you can have, I assume, faster launch times coming out of hibernation.
Yeah, that's going to be great for AVD.
Yeah, true. Yeah, yeah, definitely, yeah. So very cool. I assume you just pay for the storage of your memory would be my guess. Haven't tested it yet, so something to definitely have a look at. And the last one, towards the start of the list we talked about Azure API center for cataloging and inventorying your APIs. There's an extension now for visual studio code. So I believe you can then publish your inventory into visual studio code. You can also build and deploy and roll out APIs from there as well. So I think this is to get your catalog and inventory of APIs as close to the developers as you possibly can. So if you're a larger organization and maybe you're micro serviced and your developers are like well, where can I access X, Y or Z? You can have it directly in visual studio code. That's the end of my list. I went through those pretty quickly, but I think the point of these episodes is more to nudge you into going and exploring each of these concepts by themselves, essentially. So yeah, loads of really good updates and yeah, yeah, pretty, pretty mental basically.
Did you want to know when Deya API builder went into public preview? No, I don't want to know. Was it a long time ago. It wasn't March 15, 2023. That is like one of those things, right? Like where you like, it just, it boggles my mind. There's so many solutions and resources that you just can't, you know, you just can't. I don't know, it's just possible to keep up with basically.
So this is kind of the reason for these episodes, though, isn't it, to highlight some of them that we think are interesting that we found out on, that the listeners might go, oh, actually, yeah, that is great. I didn't know that was happening. So get some visibility on it because like you said, there's so much that even we miss.
Yeah, exactly. Yeah, it's really, yeah. So, yeah, that's so quick. Well, I say quick, but yeah, pretty rapid go through. We do these episodes every month, so we just. Yeah, recap the news once a month. Usually it's a little bit less frantic, I would say, but. Yeah, but I think we got there in the end. Cool. Okay, so what's the next episode, Sam?
Well, funny you should mention that, Alan, because I've just had a great idea for the next episode. I'm going to be covering Azure data API builder as my next episode because that is my, my pet project to look at that. So yeah, I'm going to give it a go, walk through it and sort of, I've got some Azure SQL instances that I can get started with it and I'll try rest APIs, I'll try GraphQL and just look at the developer experience sort of end to end on that side of things.
Cool. Yeah, that sounds, sounds good. As soon as you said it, you know, as soon as we sort of announced it, it seemed interesting. So. Okay. So did you enjoy this episode? If so, please do consider leaving us a review on Apple or Spotify. This really helps us reach out to more people like yourselves. If you have any specific feedback or suggestions, we have a link in our show notes that you can get in contact with us.
Yeah. And if you've made it this far, thanks ever so much for listening and we'll catch you on the next one. Yep. Thanks. All.