Let’s be real, the better you are at your job in IT, the less anyone notices. Welcome to the Visibility Paradox, where success means silence, and failure? Oh, that gets EVERYONES attention!

In this week’s episode, we break down how SysAdmins can fight back against being invisible by quantifying wins, showcasing strategic value, and learning to speak fluent exec (without falling asleep doing it).

We talk dashboards, automation ROI, watercooler politics, and the underrated power move of asking: “Who’s in the room?” before every meeting.

Because if you want to survive the next round of budget cuts....or better yet, get that promotion, you're going to need more than technical skills. You're going to need career armor.

---

Topics Covered Include:

- The Visibility Paradox: Why good IT flies under the radar (and why that’s a problem)

- Making leadership *see* your impact....and care

- Turning boring automation into juicy ROI metrics

- Getting a seat at the table (without being *that* guy)

- Translating Geek Speak into Exec Speak™

- Real-world sysadmin stories from the trenches

---

Don’t forget to check out the companion newsletter at https://newsletter.sysadminweekly.com ! Every week we include commentary, curated tools, security headlines, and all the sysadmin goodness that didn’t fit in the mic..... which is kind of a lot it turns out!

A reminder! The show is available on Apple Podcasts, Spotify, Amazon Music, and soon… Substack Podcasts (hopefully)!

---

Episode Resources

Project Runspace

AndyOnTech

Iranian-Linked PLC Breach:

CISA Advisory (AA23-335A)

CISA Fact Sheet PDF

Minecraft Modpack Setup (For those interested!):

CurseForge Install Guide

This week on SysAdmin Weekly, Andy and Eric finally settle one of the most persistent questions in the Hyper-V world: Should your Hyper-V hosts be domain joined or live outside the domain? Spoiler: we have strong feelings.

Before the main event, we hit a few hot headlines:

- Microsoft is booting AV vendors out of the kernel (finally)

- CrowdStrike’s recent disaster knocked out 8.5 million devices

- Notepad++ had a nasty privilege escalation flaw in its installer

- And no, China did NOT break RSA encryption (at least, not the kind that matters)

Then, in Nerd Hour, Andy talks Debian 13 upgrade best practices, and Eric explores scripting virtual TPM keys in Hyper-V without going full-HGS.

In the main segment, we compare the tradeoffs of domain-joined vs workgroup-mode Hyper-V hosts, from security implications (Kerberos, pass-the-hash, curb roasting) to the operational challenges of backups, automation, and monitoring.

Got a spicy opinion? Want to challenge our take? Email us at contact@sysadminweekly.com

Episode Resources:

- Newsletter signup

- Project Runspace

- AndyOnTech

- Kerberoasting (MITRE ATT&CK technique T1558.003)

- Workgroup vs Domain

- Active Directory Security Best Practices

- Microsoft is moving antivirus providers out of the Windows kernel

- CrowdStrike’s faulty update crashed 8.5 million Windows devices

- CVE‑2025‑49144 – DLL planting privilege escalation in Notepad++ installer

- Chinese researchers break RSA encryption with a quantum computer (22‑bit only)

- Debian 13 (Trixie) release notes

This week on SysAdmin Weekly, Andy is joined by returning guest Paul Schnackenburg to dive headfirst into one of the most important (and overlooked) topics in modern IT: SaaS Security.

From token theft and malicious OAuth apps to adversary-in-the-middle attacks and the harsh truth about identity becoming the new firewall, we unpack how attackers are adapting to the cloud-first world, and why most orgs are woefully unprepared.

We explore:

- The SaaS cyber kill chain from recon to persistence

- Other real-world security incidents like CitrixBleed2 and the Fortinet hardcoded credentials fiasco

- The dark art of malicious OAuth apps and shadow IT exploitation

- Why EDR and XDR fall short in a SaaS world

- What you can do *right now* to harden your defenses (Hint: MFA is not enough)

This one’s loaded with insights and practical tips, don’t miss it!

## Episode Resources ##

- SysAdmin Weekly Companion Newsletter

- AndyOnTech

- Project Runspace

- CitrixBleed 2

- X Post re: Fortinet Hard-Coded Credentials

- Paul's SaaS Cyber Kill Chain Article