Guest: Matt Lea
Bio:
Matt Lea is the founder and driving force behind Schematical, a consultancy dedicated to helping CTOs and engineering teams build scalable, secure, and cost-efficient cloud infrastructure on Amazon Web Services (AWS).
With more than 15 years of experience in cloud architecture and DevOps—including founding both Schematical and Cloud War Games—Matt transforms complex cloud challenges into robust, manageable infrastructure.
Matt’s approach centers on three core principles: scale, cost-efficiency, and security. He helps businesses evolve beyond ad-hoc cloud setups, allowing development teams to stay focused on product innovation while he handles architecture, optimization, and long-term reliability.
In addition to consulting, Matt is the creator of the on-demand course Zero to Hero on AWS Security: An Animated Guide to Security in the Cloud and regularly shares insights through coaching, speaking engagements, a podcast, and various free educational resources.
Passionate about demystifying cloud technology, Matt sees himself not just as an architect but as a partner to technical leaders—ensuring their systems are fast, reliable, scalable, secure, and cost-effective.
Summary:
In this episode of the Virtual SESA Podcast, John Verry speaks with Matt Lea from Schematical about the evolving landscape of cybersecurity, particularly in relation to cloud technologies. They discuss the importance of incident response training, the challenges faced by organizations in maintaining security, and the role of AI in enhancing cybersecurity measures. Matt shares insights from his experience with Cloud War Games, a training initiative designed to prepare professionals for real-world incident scenarios. The conversation also touches on recruitment challenges in the tech industry and the future of cloud security.
Keywords:
Cloud War Games, cybersecurity, incident response, business continuity, AWS, AI, resilience, recruitment, security training
Takeaways:
- The shift in cybersecurity is moving from prevention to resilience.
- Incident response training should simulate real-world scenarios.
- Understanding the difference between incident response and business continuity is crucial.
- Recruitment in tech is challenging due to the demand for top talent.
- AI is changing the landscape of cybersecurity and incident response.
- Cloud War Games provide hands-on experience for cloud professionals.
- Organizations need to prioritize security as they scale.
- Real-life incident scenarios can help teams prepare for actual threats.
- Collaboration and communication are key during incident response exercises.
- The future of cloud security will involve more advanced AI tools and techniques.
John Verry (00:26.781)
Hey there, and welcome to yet another episode of the Virtual SESA Podcast. With you, John Verry, your host, and with me today, Matt Lee from Schematic AI. I almost said, where’s the schematical?
Matt Lea – Schematical.com (00:33.656)
Send it.
Matt Lea – Schematical.com (00:50.766)
Schematical comm yeah
John Verry (00:52.52)
Alright, that makes it harder to say. Schematic, you gotta change the schematic AI. mean, it even sounds cool, you know what I mean? No charge for the marketing guidance. I just want you to know that I didn’t start the meter on this one.
Matt Lea – Schematical.com (00:58.476)
Yeah, it’s not a bad idea. Yeah.
Matt Lea – Schematical.com (01:05.486)
Sounds good. I think my other business venture club war games is a much more apps name versus a schematical which is a made-up word
John Verry (01:14.11)
It’s actually kind of, I actually like the name. So, all right. I always like to start simple. Tell us a little bit about who you are and what do you do every day?
Matt Lea – Schematical.com (01:17.72)
Alright.
Matt Lea – Schematical.com (01:24.27)
Sure. My name is Matt Lee. As you said, I help CTOs running on AWS sleep at night. That’s somewhat literal because generally when you call me, it’s because you’re all of sudden you’ve found some business that you’re actually making money on and their customers are coming in and you’re not able to keep up with the scale. So I mean it in a literal sense that the servers are going down at 3 a.m. and I mean it in a figurative sense as in I’ve had many of my customers like say, thank, I can take a weekend off and spend it with my children instead of doing call work because of this. So,
Yeah. I hope CTO is running AWS sleep at night.
John Verry (01:57.374)
That’s a good answer. Before we get down to business, I always ask, what’s your drink of choice?
Matt Lea – Schematical.com (02:02.05)
Good question. My dog is actually named after the Teelings distillery, which is my favorite distillery in the world. It’s in Dublin. It’s the last one that’s been open there actually in the city limits since the seventies, I believe. And then, but if I’m being less fancy, the Costco Tennessee whiskey is a good buy. It’s a good deal. Just putting that out there for
John Verry (02:22.541)
I actually, you it’s funny, had a guy who lived across the street from me for years and he was a nut. And he had 130 different bottles of bourbon in his house and I drank from most of them. And the one night he said, God, we’re going to a blind tasting. it was exactly that. He’d gone to Costco and damn, it was, know, I mean, for a $30 bottle of bourbon, was, it drank like twice that price easy.
Matt Lea – Schematical.com (02:47.651)
Yeah.
John Verry (02:47.698)
So yeah, definitely a good thing. And the distillery you mentioned in Ireland, is that Irish whiskey or is that scotch? Yeah, I’m not a scotch guy. think it’s good whiskey ruined by Pete, but that’s just, all right. So excited to chat with you today because when I got the inquiry about you, I looked at it I was like, you know,
Matt Lea – Schematical.com (02:55.566)
That’s Irish whiskey.
Matt Lea – Schematical.com (03:01.336)
Same, yeah, same thing.
John Verry (03:13.246)
there are these shifts that we’re seeing in cyber and technology that I think would be interesting to have a conversation about. That was my thought process. So I think there’s a shift in thinking about security incidents. I’ve seen people go from, it’s no longer about preventing. It’s, okay, we’re going to have an incident at some point. It’s no longer if, it’s when. So let’s start to of plan that way. We’re hearing more conversations and more
regulations around concept of resilience, whether that’s supply chain risk management or the DORA right starting to rear its head. Obviously, there’s an increasing reliance on cloud every day. So I was intrigued when I saw your cyber cloud war games site. Is it a direct reaction in a way to these shifts that I was talking about?
Matt Lea – Schematical.com (04:06.446)
Possibly, I’m going to say it’s a little bit more bottom up than top down. I saw the needs with my clients. I saw a lot of young aspiring cloud professionals just freeze up when servers are down and they’re like, my clients are losing $100,000 an hour. So they just froze. And I’m like, how do I create a training scenario that lets them actually fix things, actually break things, not just take a test, not just, you know, recite or follow through instructions I’ve written down, but actually go through, think it through.
and figure out how to take, you know, bring the system back up and online. And so it’s actually more of a bottom up type thing, but you know, as I’m going out there promoting this thing, I am finding more and more need for it. you know, from, more of a top down, does that make sense?
John Verry (04:54.065)
Yeah. Yeah. Do you think, um, so one of the things that I was trying to think about when I was looking at it was, uh, how, like we struggle with making incident response exercises be real world, be more realistic. So I was thinking like, okay, so if you’re going to teach me how to recover AWS infrastructure, um, can you use a generic AWS infrastructure as, as, as a proxy for that?
Matt Lea – Schematical.com (05:09.763)
Hmm.
John Verry (05:23.063)
Or does the uniqueness of my AWS infrastructure limit the effectiveness of
Matt Lea – Schematical.com (05:30.862)
That’s good question. We do actually offer services to do both. We can go in and design a system specifically for you. But a lot of times, if people are hosting restful requests, we’re going to see an ECS type setup, maybe an EC2 if you’re, that’s a bit of a relic now, and Lambda. So if you’re fielding restful requests, you’re going to see a lot of that. A lot of people are using SQS and queues of that nature, Kinesis. So we’re seeing you can take out infrastructure that way.
Of course, there’s always the basics as three for binary storage, broken IAM roles, security groups. That’s one of the most common things I’ve probably ever found is misconfigured security groups. So that stuff for the basics is universal from the more advanced stuff. You start getting into putting a machine learning in there or something like that, then it’s less generic. But for the most part, you’re using API gateway combined with one of the technology I talked about or ALBs.
to, know, to, your basic web requests, databases that gets a bit trickier, you know, femoral databases like elastic cash, redis, you know, using serverless, not serverless. There’s a lot of different things that you could, could change, change the variables there, but there are commonalities at a basic and mid level. Does that make sense?
John Verry (06:45.534)
Yeah, I’m almost thinking in a weird way, it’s sort of analogous to, know, a capture the flag exercise has value to any developer or any security tester, you know, despite the fact that it might not be the specific application they developed or an analog to a specific application they might be testing for a customer, right? There’s enough fundamentals in a capture the flag, you know, understanding, you know,
with its prompt injection or SQL injection or CSRF or whatever it might be. So is that kind of an sort of an analog to this?
Matt Lea – Schematical.com (07:22.702)
Yeah, in a way. There’s, especially if you’re a small organization, you move fast, you break things. And so it’s good to be able to think on the fly that way. If you’re at a big organization and there’s possibilities, you’re going to end up having to debug somebody else’s code, infrastructure, things like that. Like I write code or I write infrastructure that my clients, developers, you know, can code on their software, hit commit, and it magically ends up in the cloud there. So I’ve got to be able to zoom in on their stuff. And the flip side of that is, um,
they need to be able to understand the outside infrastructure there. Cause there’s a lot of times they’re just like, I wrote the code, it should work, right? Well, no, it’s not magic. You need to be able to understand and get in, get your hands dirty on that and debug some of these more complex issues that exist outside of code, you know, inside the infrastructure. So absolutely, there’s a huge benefit to being able to come up to speed very fast when an incident occurs.
John Verry (08:15.826)
Right, interesting. So I have question for you that you tweaked something in my brain there. So if you’re running full infrastructure as code, is incident response or is the exercise just as simple as manner of repushing stuff and then it doesn’t work? Or when you say, are these Cloud War games more on deployed architecture and we’re trying to get a
a service which is up and running, redeployed, I mean, we’re not redeployed, fixed, better word.
Matt Lea – Schematical.com (08:49.932)
Yeah, mean, that’s
Yeah. Most of the scenarios, we don’t encourage people to just rerun Terraform apply. We encourage them to actually step through it. you’ve got the Terraform in front of you, so you can use that as a marker, you know, feel free to use your hands to detect drift. So if you want to use command line or something like that, you could detect, you know, drift that way, but, we encourage them to kind of connect the dots. Sometimes we won’t give them a Terraform, you know, so now you’ve got to kind of learn the infrastructure on the fly. You might have a network diagram.
You know, you usually get a Q and A with us ahead of time so we can give some answers for you. But I call it connecting the dots. And a lot of times I strongly recommend people go in because it’s, you know, maybe Terraform state thinks it’s where it, you know, didn’t detect that drift for some reason. It thinks it’s already there or a lifecycle ignore rule happened. And so that happens all the time when you’re changing, doing new deployments with ECS task definitions. I’m getting too technical. Sorry.
But we encourage them to connect the dots. cause a lot of, and especially if it’s not a race one where it’s, and you know, we’re not actually losing any money. It’s just a website. I own explode me.com. That’s down. It’s just always down by the way. so, you know, then, then it’s like, take your time, talk through it. we, we’ve got competitive rounds and we’ve got collaborative rounds. Most of the time, people really get a lot out of the collaborative rounds. We’re like, it could be this, it could be, you know, step through and, and use that those debugging skills. we.
You know, we could just do Terraform apply, which is I do Terraform plan right away and check drift. Sure. But you know, that’s not the way we always encourage you to do it just for the exercise of it.
John Verry (10:26.142)
Gotcha. The other thing which, so because of this increased resilience, like we’ve seen a ramp up in our incident response testing, business continuity testing. One of the things which I’m increasingly beginning to struggle with, like observing these exercises, is the line between incident response, disaster recovery, business continuity, crisis management.
different sides of the same coin almost sometimes, right? And sometimes you might be in a situation where you’re exercising multiples at the same time. Do you see that in your Cloud War games? Do you handle those types of things in the Cloud War games? Is your Cloud War game just about, me get stuff back up and running? Or are we going through more, is there an incident response component to it? Or is there a business continuity component to
Matt Lea – Schematical.com (11:17.298)
the business continuity and incident response, we, the scenarios are meant to simulate some of that, but we haven’t actually like gone in into the building and say, okay, you know, you can’t talk to this person or anything like that. They’ve been much more, focused on the technology for now, but we do have a idea that we’re playing around with. want to do is, for designing, we give you spec and you design infrastructure that has to, you know, resist.
our DDoS attacks, so then we’ll DDoS you and you need to do it within these financial limitations there. So I would say I guess we are a little bit more on the tech side and little less on the business continuity side, just based on our current clientele and what their needs are so far.
John Verry (11:59.854)
Yeah, what about on the instant response? So as an example, on the instant response side, Like I can see where like from a, even from a recovery and business continuity, it’s more about getting the app back up and running, right? Or getting the services solution back up and running. Is there a diagnostic component to figure out actually, you what happened? Like, so if you think about instant response, right? You know, it’s, you know, detect.
you know, it’s detect, it’s understand, contain, eradicate and recover, roughly. Any of that stuff in there or have you even thought about like kind of maybe layering some of that sort of that incident response component into it rather than just let me get stuff back up and running?
Matt Lea – Schematical.com (12:47.65)
I would like to, if we had, so here’s the interesting thing is that if I had more advanced players, I would probably do that, but I’ve got a fair amount of beginner and some intermediate players. I’ve had some advanced players. So if we had that, then we might spend more time on that. so, and with, if we had a client that wanted that, that is a service we offer to go and design very specific, repetitive, kind of quizzet, chaos monkey it, and make sure they see the patterns there.
but in reality, the volume of people that, we get for contestants, a lot of times aren’t quite advanced enough for that. But when you get an advanced player, my gosh, it’s a, it’s amazing to watch them run through it.
John Verry (13:28.52)
Yeah, and I’m just curious, like when you run the Cloud War Games, you mostly doing it with sort of individuals that are sharp on their skills, or do you do it like for a company that’s trying to kind of assess its capacity to recover?
Matt Lea – Schematical.com (13:41.782)
We’ve offered it to several companies. We’ve run through Cloud War Games with some of them there. I’d like to do more of that in the future is what I’m saying.
John Verry (13:49.202)
Yeah, I think that would be fantastic and it might be something that we bring a couple of customers to you with and figure out some of these scenarios because it kind goes into my next things, right? I think most organizations when they’re doing like sort of like incident response testing, they’re doing these exercises with the same types of scenarios. It’s a phishing, malware, somebody got something on a machine, the machine’s starting to act
funny, those types of things. I think for many organizations, especially more SaaS technology service provider type organizations, a cloud AWS style scenario would be better. Let’s say I’m talking about one of my clients that does a high risk, high data sensitivity SaaS.
What would be, like if I wanted to do a something goes on in AWS rather than something goes on on local machines type scenario, like what would be like your best way to do that? mean, what would be like a highly relevant scenario that you might look at and go like, you know, this would be a cool one that would really, you know, really exercise their ability to respond to.
something going wrong in AWS, Especially something going wrong, maybe it’s just technology, but maybe no, something’s, somebody got in, or somebody’s causing them.
Matt Lea – Schematical.com (15:26.926)
Sure. Well, I can give you some real life examples and things that we use as scenarios that are quite painful. But, um, I, you know, I’ve, I’ve, work with a lot of startups, you know, it’s whatever you get, you need to get it done. So security, unfortunately, isn’t always top priority there. So you come in and you see things like, um, the junior dev that just needs access to S three. Well, they’ve got access to a lot more, uh, an example scenario is based on a true story. can’t go into too much detail here. It was a junior dev, uh, accidentally pushed up.
the entire code base to their GitHub on a public repo, which happened to have a credential checked in and S3, IAM, the user credential basically that they were using to send emails. Well, one, you should never check that into code. Two, you should use roles, not the credentials. And three, you shouldn’t probably give junior developers access to that on their first day. And so they sent, I think about 8 million knockoff Viagra ads in about 15 minutes.
John Verry (16:21.352)
Yeah.
Matt Lea – Schematical.com (16:26.38)
which set off the red flags there. know another one, somebody downloaded a crypto software and on every computer, if you don’t use the SSO option, either way, the credentials are stored in dot AWS slash credentials. So it just looks there, grabbed it and booted up a bunch of crypto mining software somewhere. So that was expensive on the client’s account. That wasn’t actually my client, but that was a scenario coworker mine brought in. We’ve seen
you know, countless things like that. And so if you, if you don’t have the right security in place and you’re given full access to everyone and all the time, you know, you end up with some interesting stories like that. So those are two of the easier ones. I’ve got scarier ones that luckily didn’t happen to me, but they’re my, I I’m afraid to share it because it’s my favorite scenario to run on advanced players. Okay.
John Verry (17:15.612)
And then, No,
Matt Lea – Schematical.com (17:43.928)
Mm-hmm.
John Verry (17:44.54)
Technically, you could have incidents that involve one, the other or both.
Matt Lea – Schematical.com (17:49.282)
Yeah, absolutely. And not to discount DDoSs, which is becoming more more common to discuss, especially as bot traffic. You try not to filter out legitimate bot traffic while filtering out all the illegitimate bot traffic because there is more legitimate bot traffic coming in from magenta AI, personal agent assistance. So that’s a fun one there. But of course, cross site scripting, SQL injection attacks, all that stuff is.
very possible and then the reason that’s specific to AWS is you can use WAF to detect a lot of that stuff. So we put it in there and say, Hey, how would you defend this, you know, add in a, you know, WAF limitations and things like that. So that’s a fun one to get them to not just fix something, but improve upon the system.
John Verry (18:32.062)
Yeah, it’s actually a really good one.
Matt Lea – Schematical.com (18:35.646)
Yeah, the DDoS’s are very much real right now. I’m sure you know better than I.
John Verry (18:41.714)
You know, fortunately, I have not seen that much with our client base. Our client base is probably on average, you know, more secure than most because, you know, our place in the world is we do a lot of like alignment with open trust frameworks, the ISO 27001 SOC 2, FedBrands, ITRUS, CMMC, things of that nature. we tend to work with, you know, clients that are a little bit more investing in security. So the likelihood of those
really unfortunate but avoidable things are usually taken care of. That being said, zero days are zero days and people make mistakes or it happens, right?
Matt Lea – Schematical.com (19:22.499)
Mm-hmm.
Matt Lea – Schematical.com (19:26.374)
that NPM, those NPM packages last week or so that were corrupted and you hear about that? Yeah, that scares the heck out of me. That’s why we have smart build processes and double check.
John Verry (19:43.902)
Well, that’s how, you know, I mean, yeah. And, you know, that’s the other thing too, like, and that would be another interesting area is that, you know, I think you’re seeing more as we kind of move towards this resilience and we move more towards the understanding of supply chain risk is, you know, software composition analysis is becoming a more common, commonly deployed, commonly leveraged tool. So I, you know, and I think that things of that nature, you know, where people are attacking libraries.
Matt Lea – Schematical.com (20:13.398)
Yeah, that was a brilliant attack not that I’m patting the attacker on the back or anything, they did their homework
John Verry (20:13.63)
Yeah.
You should listen the attackers like what I’m always amazed by is these guys could make more money You know like some of the brilliance some of these people like they could make they could make money Legitimately, you know, it’s just that their brain I guess it’s just wired a little bit differently and it’s more fun or intriguing to do it to do it in the way that they do it Because yeah, you’re right. The adversary is brilliant
Matt Lea – Schematical.com (20:32.93)
Mm-hmm.
Matt Lea – Schematical.com (20:36.365)
Yeah.
Matt Lea – Schematical.com (20:40.514)
Yeah.
Matt Lea – Schematical.com (20:44.716)
Yeah, well, actually get into my business and red team people and then you get paid still.
John Verry (20:50.238)
Exactly, exactly. What else we got here that I wanted to talk with you about? So, just generically, right? Kind of looking at your CV and your company, you’re deep in the weeds of AWS, right? It’s what you spend every day, all day doing. So just as somebody who does that every day, what do you think the biggest challenges that you see with your clients are struggling with from like security, compliance,
perspective.
Matt Lea – Schematical.com (21:22.422)
Sure. Just to understand my clients a little better, you have to understand my niche is early stage and usually a little bit more risky. My biggest client I helped grow, there were three guys in a garage and now they’ve got a four football field warehouse in Appleton, Wisconsin. know, they’re, I do special, I tend to market towards that. And so what I see there right now with early stage stuff is finding top talent is probably the biggest thing.
which is why created the training program, which actually turned out to be a pretty good recruitment tool. So with Cloud War Games, someone could have the best resume and AI resumes are everywhere and AI cheating tools are everywhere. And so we created this scenario where they actually have to fix something and you get to see if they’re collaborative or are they just a jerk? Are they the lone wolf programmer? If you look at my comics, there’s a character called the lone wolf programmer who’s just totally in it for his own good, but do they actually collaborate? Do they help?
people when things go down, they, you know, as they create knowledge silos, you know, on a call. And I’ve actually seen that happen on live games. So, that was really intriguing to see, that become a recruitment tool. and it’s also fascinating because if they are using AI, be transparent about it. I’ve had people that aren’t there, like, I don’t know, AWS, I’m like, go ahead and use AI. I want to know if you can solve the problem either way. You know, if you have to Google it, it’s not a closed book.
Test, know, Google away. If you want to use AI, sure, be honest with us. You know, as long as you get the job done, you know, that’s going to be the important part. I mean, I guess if the internet was out, well, I guess then you couldn’t even be out of luck anyway. But yes.
John Verry (22:57.246)
Unless you’re sitting at AWS, you ain’t fixing it anyway,
Matt Lea – Schematical.com (23:02.124)
Yeah, so that’s that’s one of the interesting things. That’s not my can’t fix as easily. That’s why I guess I started cloud war games, because I could fix the cost management. I could fix the uptime a lot of times, you know, and the security that’s I’d love for that to be a bigger focus. But when you’re early stage, you’re trying to, you know, put the next meal on the table or make payroll. A lot of times they’re not as secure as you’d like, but they also don’t have nearly as much to lose. And a lot of these scenarios, you know, if you’re just an e-commerce store, it’s not like you have an insane amount of customer data that’s going to cost you.
$200 million to reconcile. If you did have that much, I’d strongly recommend you focus on the security more. Don’t get me wrong. When my clients get big enough, I’m like, you got it. You know, we need to make sure this is locked down. This is, you know, there’s no way this should happen. You need to have people reviewing this. So yeah.
John Verry (23:47.89)
Interesting. Anything else you want to chat about? Anything you’re particularly excited about or worried about right now?
Matt Lea – Schematical.com (23:56.334)
Um, right now, the thing I’ve discovered, I wasn’t like really like blown away by chat GPT or all that stuff until I realized, uh, tool calls and MCPs and how that works. basically giving the LLMs the ability to, you know, return a response that you’ll then pass into a function that’ll go out there and do things on the user’s behalf and how that’s going to change the way we interact with the world.
you know, it’s an exciting from an interface standpoint, you know, we had the old cell phone interfaces. Well, before we had static interfaces, remember the Blackberry, then we had the liquid interfaces. Well, now you’re going to have this thing that you can basically interface with any way you want. And it’s going to be able to go out there and do stuff on your behalf. And it’s going to make a lot of mistakes, possibly. But I
John Verry (24:41.374)
Well, it’s already started. Did see what happened with perplexity?
Matt Lea – Schematical.com (24:46.816)
when Bush scenario specifically.
John Verry (24:48.19)
Well, well perplexity perplexity and I don’t remember exactly so I’m going to genericize it but perplexity perplexity agents, you someone was asking it to go out and do something and it was like buy something and you know and and It was It basically got fished perplexity agent wasn’t smart enough to detect the fact that it was Working with a spoof site and it went through with like a perk. I mean they just got sued on it. So
It’s a it’s you know, it is the MCP let me ask you a question because MCP is such an interesting concept and It’s because Because most people including myself not been exposed to as much as you’d like It’s kind of like one of those big topics that you kind of sort of understand and I was just chatting with someone the other day and I was thinking like You’re a young guy. So you wouldn’t remember this but
Matt Lea – Schematical.com (25:18.147)
Yeah.
John Verry (25:44.606)
Back in the early days, databases, when you were developing an application that was backed by a database, you had to write it to the database. Their instantiation of SQL was unique to the way that they did it. Then they came out with ODBC, Open Database Connectivity, and now you could write one app and talk to any database. In a weird way, MCP feels like ODBC to me in that it’s acting as this front and it’s basically, what’s the right word?
Shoot, don’t fuck with the word. Anyway, making it so that, shoot, why am I thinking of word? Anyway, it’s making it so that I really don’t need to know what’s behind that, but I can talk into this using a standard way. can explore it and I can interact with capability on the backend without having to know the uniqueness of that particular instantiation, right?
Matt Lea – Schematical.com (26:40.354)
Yeah, kind of think of like an API and application programming interface of sorts. Like, you know, you create standards for that and those are designed for kind of computer to computer communications or server to server we’ll say. and then, you know, this is more. agentic AI to, server, you know, of site. And then there’s other ones like agent to agent, which I even haven’t gotten deep enough on, but that’s where you have two agents talking to each other. So there’s all sorts of interesting.
John Verry (26:49.714)
Yep. Yep.
Matt Lea – Schematical.com (27:07.886)
dynamics going on there where these things are actually, I think they’re going to be powerful just because they can act on the user’s behalf or, make these function calls, not because they’re that smart in reality. I’m trying to figure out I’m on the other side of it. I don’t want the smartest say I cause it’s going to cost me the most. Like I got 150,000 searches that my client deal with the day. If we’re LLM against every single one of them that builds up very quickly, you know, so how do I make it? So we only got to run it against X amount with, you know,
caching and all sorts of other things, you know, we’ll still have in that personal edge there. So I think it’s really exciting, but at the same time it creates all sorts of new, well, they, you new problems. I think MCP is going to have some security issues. Actually the way they do authentication is almost barbaric right now. but they’ll, fix that in five minutes. There’s already do, OAuth flows and things like that coming out. Actually, I just interviewed somebody on my channel, the founder of universal tool, tool calling protocol, who you may want to check out.
I can connect you with them if you’re interested later. But it’s very fascinating the way they do discovery of these tools right now. You edit a JSON file. that’s my mother’s never going to do that. So that’s going to be out the window in five minutes.
John Verry (28:20.124)
Interesting. it would be fascinating to be able to look back 10 years from now or 20 years from now and look and how did it turn out compared with how we think it’s going to turn out. I’m hard pressed to, I said to some of the others, I’m glad I’m in the back half of my career.
Matt Lea – Schematical.com (28:21.251)
Yeah.
Matt Lea – Schematical.com (28:34.316)
Yeah.
Matt Lea – Schematical.com (28:43.35)
Yeah, I might like the perfect spot where I could, you know, spend all day digging in and getting excited about this stuff and then write about it or, know, make a video about it. So.
John Verry (28:53.739)
I think we beat this up pretty good. Is there anything else you want to chat about?
Matt Lea – Schematical.com (28:59.374)
No, I think this covers quite a bit. Thank you for having me out.
John Verry (29:06.216)
Yeah, yeah. Like I said, your Cloud Wargames idea, I think, is really, really sharp and exciting. yeah, I’ll probably reach out to you, introduce you to someone on our team, because I’m curious as to whether or not we could figure out a way to use some of those concepts in some of the more advanced incident response testing that I think we really should be doing with clients that we’re not yet doing.
Matt Lea – Schematical.com (29:31.978)
Wonderful. I’d love to help however I can.
John Verry (29:34.59)
Cool beans. If somebody wanted to get in touch with you, was interested in Cloud War games, or interested in the work you’re doing at Schematical, what would be the best way for them to do that?
Matt Lea – Schematical.com (29:43.726)
Cloud war games calm or schematical. That’s s C H E a T I C a l calm And we’ve got a lot of different things and they’re free stuff Also is the link to my O’Reilly security course, which I should probably lead with I’ve got a security course zero to hero an animated guide to security on AWS Which is not a man O’Reilly’s course so you can find that there I think if you just search animated, it’ll be probably one of the top ones. So a lot of pixel art
John Verry (30:12.168)
Yeah, you also said, I kind of previewed some of stuff that you had on your site and you did put out a lot of good free learning content for people on YouTube and stuff of that nature. So kudos to you for doing that.
Matt Lea – Schematical.com (30:25.791)
Thank you.
John Verry (30:27.464)
Cool beans man, thanks, I enjoyed it.
Matt Lea – Schematical.com (30:29.486)
Thanks for having me.
