About 3 weeks ago, Leo Laporte and I recorded the first episode of what will be a new monthly show on the TWiT network. Naming things is hard, and we almost voted on the name, like we did for Stack Overflow, but we quickly landed on Off By One with Jeff Atwood – which is funny for so many reasons, but mainly because of this programmer joke:

No, I did not come up with this variation on the classic quote, but I wish I had. Well, whatever, here's show number two – free to view for everyone.

The show is 1h 47m of pure joy end to end. No negativity, just low-level insanity and of course, mandatory fun. We record the next episode in 4 days – and there's a live stream for Club TWiT Members.

(Let's do this. If, and only if, you watched the whole episode and liked what you saw ... for the first 10-12 people to fill out this form, I'll cover your Club TWiT membership for one full year so you can see if you enjoy the rest of the programming.)

The permanent show homepage is at twit.tv/obo:

Jeff Atwood, co-founder of Stack Overflow and Discourse, creator of the Coding Horror blog, joins Leo Laporte monthly for a conversation that follows its own logic. Prop comedy, computing history, the open web, wealth inequality, yo-yos. Off by one topic at all times, in the best possible way.

This is another way for Leo and I to share our enthusiasm for positive stuff in tech, and sharing is crucial because...

I realized, that’s it. That’s it exactly. That is what is so intensely satisfying about writing here. My happiness only becomes real when I share it with all of you.

Now, thanks to Wesley Faulkner, who introduced me to Leo and recommended I appear on a show, every month we can make our happiness real in a completely different dimension than writing alone – via the expressions on our faces, the tone of our voices, our body language. In other words, you can see and hear how we feel.

Here are 3 key quotes from the second Off By One episode, with linked timestamps, so you can jump directly to that section.

Jeff: I am not an elite coder by any stretch of the imagination... I am very persistent.

Leo: Isn't that funny? Because people... I mean, I think of you as one of the voices, one of the chief voices, in coding

Jeff: Well, I advocate for code that doesn't kill you in so many different ways. You know, survivable code. Ideally, no code at all.

Leo: Right.

Jeff: That's the best code, is none.

Leo: Right.

Jeff: It's a bit of a zen statement but it's true. So, I'm an advocate for, you know, good engineering. Good process. A process that recognizes that we're human and we should do this together, and we should actually kinda like each other, even.

Jeff: Dad's funny. He had kind of a dark sense of humor that I enjoyed. Betsy doesn't like it so much, and not too much, and I get it, but I enjoy it. And I called it "the last season of the John Atwood show". It's gonna be a real banger! And it was, it f***** was, it really was! Because we won capitalism, and then we went back and made it better for everyone. I don't think it gets better than that for me.

Jeff: And the other thing is, you can just run the math on this, I've posted several times on Mastodon and other places like LinkedIn, I've done some research and if we simply collected a fair tax from Billionaires, we could literally elimate all poverty in this country at the 100% FPL level, which is $15,000 per year. All poverty. We would have zero poverty. We have the means to do it.

Leo: That's really important.

Jeff: We lack the will.

If you want to witness the chaotic good of my original guest appearance which led to this show, watch the first 45 minutes of Intelligent Machines #859, recorded on Feb 25th along with Paris Martineau, Jeff Jarvis, and Leo. I dialed down the chaos considerably for the Off By One show, but for this one, I personally think it's funnier to watch Paris' reaction to me for the entire show. You've been warned!

Here are 3 key quotes from this episode, with linked timestamps, so you can jump directly to that section.

Leo: Well in a way it's a shame because we have in the last year kind of stepped back from our global initiatives in the united states and I think we do have a responsibility. I think your partner is absolutely right. If you have everything you need, then help others have everything they need.

Jeff: What is money even FOR? I don't even have "that much", what do you.. how do you spend it all? I don't have.. I just want a simple life, man!

Jeff: I mean.. have you seen some of the stuff LLMs will do when you tell them to optimize? It's like, optimize this for 95% and it's like okay, "return true".

Leo: That's a good optimization!

Jeff: Well, because it doesn't know what it's doing. It has no actual understanding. It's playing a game of global brain statistics and copy paste. And it's good at like, merging... I call it JPEG for words, which it kind of is. And there's so much stuff. It's like reading summaries. And it is very accurate with summaries. We saw this on discourse. They implemented it. I was very skeptical. And I went to some very complex discussions. We had on our internal discourse and read the summary and was like that is a very good summary and it captured the key points in the discussion. It could have captured more, but it got nothing wrong. And it basically was JPEG for that conversation, wasn't it.. without much loss.

Jeff: Now does JPEG work on EVERY image? No. Garfield is a bad choice, for, yknow, JPEG.

Jeff Atwood – Ok, the first guilded age, we're deep in the second one now. I mean, just look up the numbers. More money in the hands of fewer people than in any other period of time. In the first guilded age, that was basically the railroad barons. Guess who it is in the second guilded age? I'm in this picture and I don't like it. So like.. what are we gonna do about it? So like, what are we gonna do about it?

So thank you, Leo and Wesley, for giving me another way to make happiness real by sharing it with all of you, now in video and audio form, all the feels, all the time. Well, once per month.

Let us know what you think – I don't mind comments here but I'm much more likely to answer on the TWiT community Discourse. Try on a paragraph for size, our old pal the pilcrow ¶. You might even like it! It's possible the practice of writing paragraphs and forming coherent narratives might even improve your overall writing and communication skills. Or your life, even.

I also heard a rumor that any Club TWiT users who make their way from the Discord and post regularly on the TWiT Discourse might get a super cool little token of appreciation in the postal mail from some user named "Junk". Who knows? Who can say what might happen? 🤔

We've partnered with three blogging platforms built on AT Protocol to make it even easier to get writing. Sign up for any annual plan on Offprint, Leaflet, or pckt.blog and you'll get 25% off, on us. That covers a whole summer's worth of blogging!

Since we launched our Standard.site integration into the Bluesky app, we've been thrilled to see so many writers adopting this community-built format for longform writing. And people are building new apps, like Standard Reader, to take it all in.

If you're ready to take your posting to the next level, start that food blog, give your hottest takes a bit more room, or just have more fun online, now's a great (and financially prudent) time to do it.

Get 25% off your first year when you sign up for an annual plan from:

• Offprint
• Leaflet
• pckt.blog

Hello Folks!

Picture this. A regulator hands you a one-pager that says, in essence, “this data does not leave the building.” Or your link to Azure decides to take a nap during a critical batch run. Or you are standing up infrastructure in a remote site where connectivity is a coin flip on a good day. For a long time, our answer to that conversation was a stack of Azure Stack boxes plus a lot of wishful thinking. That story has changed, and it has changed quite a bit.

At Microsoft Azure Infra Summit 2026, Thomas Maurer (Global Black Belt for Sovereign Cloud) walked us through what is now called the Microsoft Sovereign Private Cloud, with Azure Local as its foundation. In this post, I want to unpack the session for the ITPros in the room, the folks who have to actually run this stuff on Monday morning. Let us dig in.

📺 Watch the session:

Why IT Pros Should Care

Sovereignty is no longer a niche conversation. Thomas was very clear that there is no one-size-fits-all answer, and that is exactly why this matters to us as operators. The drivers landing on our desks now include:

• Regulatory requirements that demand data residency or full operator isolation.
• Sovereign AI workloads where the model and the data both need to stay in-country.
• Disconnected and air-gapped sites by design (think defense, manufacturing floors, retail backrooms, ships, mines).
• Business continuity, meaning a workable Plan B if the public cloud is unreachable for hours or days.
• Latency-sensitive workloads where the round trip to a region is just too slow.

If you build or operate infrastructure that touches any of those bullets, Azure Local is now a first-class option, not a sidecar. And it gets you a cloud-consistent control plane on top of hardware you can put your hands on.

What is Azure Local and the Sovereign Private Cloud

Let us level-set on the stack, from the metal up.

• Hardware. Validated and certified through the Azure Local solution catalog, delivered by the OEMs you already buy from. Form factors range from single-node edge boxes up to multi-rack deployments. There is a Premier tier with extra testing, packaged firmware and driver updates, and AI-ready GPU configurations done with NVIDIA.
• Software-defined data center. Compute, storage, networking, and high availability. As of April 2026, supported SAN storage is GA alongside the existing hyperconverged storage spaces direct model. That gets you up to 64 nodes in disaggregated mode and 16 nodes in hyperconverged mode per instance.
• Workload plane. Linux and Windows VMs, custom images, your own Kubernetes distribution, or AKS enabled by Arc with the same management experience you have in Azure today.
• Arc-enabled control plane. This is where Azure Local stops being “another on-prem stack” and starts feeling like Azure. Defender, Azure Monitor, Azure Update Manager, Policy, RBAC, Resource Manager, all of it surfaces against your on-prem instance.
• Disconnected operations. Microsoft packaged a subset of the control plane (portal, Resource Manager, key management services) into an appliance you deploy on-premises. Connect your Azure Local infrastructure to the local appliance instead of public Azure, and you have a fully air-gapped deployment with a familiar API surface.

On top of that base, the Sovereign Private Cloud bundles workloads you can run locally: Foundry Local for AI inferencing, Microsoft 365 Local (Exchange Server, SharePoint Server, Skype for Business Server) for productivity fallback, Azure Virtual Desktop on Azure Local for VDI, and GitHub Enterprise Local (in private preview at the time of the session) for source and CI/CD.

How it works in production

In the demo, Thomas drove the whole show from the Azure Arc Center in the Azure portal. A few things stood out for me as someone who has spent too many late nights patching clusters.

• One pane, many sites. The overview page rolls up every Azure Local instance you own. Thomas mentioned customers running thousands of these things, and the Azure Local Lens workbook in Azure Monitor is built to manage at that scale.
• Resources feel like Azure resources. An instance, a node, a VM, an AKS cluster, they all live inside Azure Resource Manager. RBAC, activity logs, tags, ARM templates, everything you expect.
• Update is a single button. The Solution Builder Extension packages OS, management software, drivers, and firmware into one validated update. You hit “update,” it orchestrates live migrations node by node, and it blocks the operation if something is not ready. No more cherry-picking driver bundles at 2 AM.
• Security defaults are real. BitLocker on OS and data volumes, SMB signing, App Control on the hypervisor hosts, drift detection that flags configuration changes back to the portal.
• Resiliency is layered. Storage spaces direct two-way or three-way mirroring, rack-aware clustering, live migration for maintenance, and Azure Site Recovery for site-to-cloud replication (currently preview). Site-to-site ASR between two Azure Local instances is in development. Veeam, Rubrik, and Commvault all integrate for backup.

In short, the boring operational moments are the ones that benefit the most. Patching, monitoring, identity, alerting, they collapse into the tools you already use in Azure.

When to use it and real-world scenarios

This is not a “rip everything out of Azure” pitch. Thomas was very honest. Azure is still the right home for the vast majority of workloads. Azure Local earns its keep in a few specific places.

• Regulated or sovereign workloads. Government, defense, financial services, healthcare where the law or the contract says the data stays put.
• Disconnected or air-gapped sites. Field operations, classified networks, ships, mines, remote infrastructure where reliable connectivity is not in scope.
• Business continuity for productivity. Microsoft 365 Local as a fallback for Exchange and SharePoint if the cloud service is unreachable. From the session Q&A, M365 Local is GA, and it is the Exchange / SharePoint / Skype for Business trio. Entra ID and Intune are not in scope of the local bundle.
• Edge and latency-bound workloads. Manufacturing line control, retail in-store inference, healthcare imaging, anywhere a 30-millisecond round trip is a problem.
• Sovereign AI. Foundry Local on Azure Local lets you serve models on local GPUs without round-tripping to the cloud. Models stay local, data stays local, inference stays fast.
• Bi-directional workload mobility. With Sovereign Private Landing Zones, you design once and keep workloads portable between Azure and Azure Local based on a service-compatible subset.

Getting Started

If you are picking this up cold, here is a sensible on-ramp:

• Start with the official docs on Sovereign Private Cloud and Azure Local. Read them with your architect hat on, not just your operator hat. Design matters here.
• Browse the Azure Local solution catalog and filter by Premier solutions and by your target scenario (disconnected operations, M365 Local, AI workloads, GPU support). The hardware shape drives a lot of downstream decisions.
• Talk to your OEM about a validated node, and talk to your Microsoft account team or a sovereign partner. The partner ecosystem in this space is mature, and they will save you weeks.
• Stand up a small connected instance first to learn the Arc Center experience, the update flow, and Azure Monitor integration. Even a one-node or two-node lab is enough to internalize the model.
• For disconnected, size for the extra capacity the control plane appliance needs, plan your local identity (Active Directory with AD FS) and your local monitoring integration up front.
• If you live in Azure today and need workload portability, look at Sovereign Private Landing Zones so you do not paint yourself into a corner with services that have no on-prem equivalent.

Resources

• What is Sovereign Private Cloud? on Microsoft Learn
• Azure Local documentation
• Disconnected operations for Azure Local
• Azure Arc product page
• Azure Site Recovery product page
• Foundry Local documentation on Microsoft Learn
• Foundry Local on GitHub
• Sovereign Landing Zones on GitHub

Watch the rest of the Summit

This was just one of the sessions at the Microsoft Azure Infra Summit 2026. If you want more peer-to-peer technical content from the Azure infrastructure community, grab a coffee and queue up the full playlist here: https://aka.ms/MAIS/2026-Playlist

There is plenty of good stuff covering Bicep, AKS networking, storage, IaC, and more.

If you spin up an Azure Local instance after watching the session, or if you are already running one in anger, drop a comment and let me know how it goes. What works, what hurts, what you wish was better. That is how we all level up.

Cheers!

Pierre Roman

Your agent works beautifully on your laptop. It reasons, calls tools, and nails the demo. Then comes the part nobody enjoys: making it enterprise-ready. Identity. Observability. Governance. Messaging. Secure access to Microsoft 365 data. Until now, that last mile meant reading through Microsoft Learn articles, running CLI commands in exactly the right order, hand-editing manifests, and hoping every prerequisite was in place before the agent reached production.

Organizations are moving fast — from experimenting with AI agents to putting them to work across real business processes. Developers are building with LangChain, OpenAI, Semantic Kernel, Azure AI Foundry, Claude SDK, Google ADK, and more. But great orchestration logic isn’t enough. Agents also need identity, observability, governance, messaging, testing, and secure access to Microsoft 365 data.

Agent 365 Skills collapse that workflow into a guided, natural-language experience inside the coding assistant developers already use. Describe what you need — “add observability,” “wire up WorkIQ Mail and Calendar,” “test this agent locally” — and the skill detects your project, asks only the questions it has to, applies the right changes, and validates the work before the session ends.

The last mile is the hard mile

Before Agent 365 Skills, onboarding an agent often meant a long, fragile chain of manual steps: installing the Agent 365 CLI, validating Azure prerequisites, registering a blueprint, configuring Entra artifacts, wiring OpenTelemetry exporters, packaging manifests, connecting MCP servers, and testing locally. Miss one step, and things break — often late, in production.

From a multi-hour, order-sensitive gauntlet to one guided sentence.

Agent 365 Skills replace that disconnected workflow with a guided lifecycle. Developers stay in Claude Code, GitHub Copilot CLI, or VS Code agent mode and ask for the outcome they want. The skill handles the implementation details — while preserving the technical controls enterprise teams depend on.

What changes for developers:

• Start with one sentence — “add WorkIQ tools” or “integrate observability” — instead of reading many Microsoft Learn pages.
• Auto-instrument in minutes instead of manually wiring OpenTelemetry exporters, token resolvers, and baggage scopes.
• Let the skill apply the required manifest and configuration updates instead of hand-editing them.
• Catch issues before shipping with built-in validators instead of hoping nothing was missed.

Watch it work

Say a developer wants telemetry. They type a single line:

> add observability to this agent

From there, the skill takes over. It detects the framework — say, a .NET Semantic Kernel project — asks only the questions that matter (which authentication mode: OBO, Agentic-User, or S2S), wires OpenTelemetry and the Agent 365 tracing exporter, and confirms the project still builds. No manifest spelunking. No half-configured exporters.

Every skill follows the same five-beat loop: describe, detect, ask, apply, validate.

Other requests work the same way:

• “Add messaging and notifications to this agent.”
• “Add observability to this agent.”
• “Wire up WorkIQ Mail and Calendar.”
• “Test this agent locally.”

Six skills, one lifecycle

Agent 365 Skills include six skills that map to the lifecycle steps developers hit when preparing an agent for Microsoft Agent 365. Run only the ones your agent needs — or use the make skills to execute all the required steps.

Built for the stack you already have

Agent development isn’t one language or one framework, and Agent 365 Skills are designed for that reality. They support three major ecosystems and many of the most popular agent frameworks.

• .NET: Agent Framework, Semantic Kernel, and Azure AI Foundry.
• Node.js: LangChain, OpenAI Agents SDK, Claude SDK, Semantic Kernel, and Google ADK.
• Python: Agent Framework, LangChain, OpenAI, Claude, Semantic Kernel, and Google ADK.

The project stack is auto-detected, so you don’t start by writing configuration files or mapping your project by hand. The skill determines the path and guides the next step.

Enterprise-ready by design

Speed matters — but so does not breaking things. Agent 365 Skills are built to move fast without giving up the safety and validation teams expect.

• Additive and idempotent: Skills don’t delete or restructure existing code, and re-running a skill is safe by design.
• State-aware: A workspace detection cache tracks what’s already wired, so completed steps are skipped, not duplicated.
• Guard-railed: Pre-tool hooks block modifications outside the project, and stop-hook validators verify the build passes before the session ends.

Together, these controls reduce setup risk while giving developers a repeatable path to register agents, add observability, connect Microsoft 365 data, and test locally.

What your agent gains

One onboarding flow connects your agent to identity, observability, data, messaging, and testing.

For customers, Agent 365 Skills shorten the path from prototype to enterprise-ready agent. Developers spend less time stitching setup steps together and more time building agents that solve business problems. IT and security teams get more consistent registration, observability, and governance patterns across the agent estate.

The result is a faster, safer onboarding experience: agents registered with Agent 365, instrumented for visibility in Defender, Purview, and the Microsoft 365 admin center, connected to Microsoft 365 data through Work IQ MCP servers, and tested locally before deployment.

Get started

Install the skills with:

gh skill add microsoft/agent365-skills

• Explore the GitHub repository.
• Read the Microsoft Agent 365 developer docs for deeper developer guidance.

Healthcare and life sciences teams are asked to do the impossible every day: deliver better outcomes, move faster, and stretch every dollar — all while navigating some of the most regulated, documentation-heavy workflows in any industry. The promise of AI has never been about replacing the experts who do this work. It’s about giving them their time back.

That promise is entering a new phase. We’re moving from AI that answers to AI that acts — agentic AI that can carry out multi-step work across your applications, your documents, and the web, with you in control. Nowhere is the opportunity more concrete than in the daily operational grind of healthcare and life sciences.

From answering to doing

Most knowledge work in HLS isn’t blocked by a lack of information — it’s blocked by the effort of pulling that information together and turning it into action. Gathering the right documents. Summarizing a thread. Drafting the first version. Updating five systems with the same three facts.

Microsoft Scout is designed for exactly this layer of work. Think of it as an agentic AI teammate on your desktop — one that can read and organize files, search across your email, calendar, and Teams, browse the web, and complete genuinely multi-step tasks on your behalf. Crucially, it can run on a schedule, so routine work happens before you sit down, and it keeps a human in the loop for anything that matters.

Real-world ways HLS teams can do more with less

• Provider operations: Assemble the documentation needed for a referral or prior-authorization request, summarize the relevant history, and draft the submission — turning a 30-minute scramble into a two-minute review.
• Clinical research coordination: Pull together study start-up documents, track outstanding site communications, and draft consistent follow-ups, so coordinators spend their time on sites and patients rather than inboxes.
• Medical affairs and field medical: Prepare for an engagement by gathering the latest publications and prior interactions into a single brief, then capture a structured summary afterward — every meeting, consistently.
• Commercial and market access: Stand up an account briefing or a competitive news roundup on a recurring schedule, so the team starts every week informed instead of researching from scratch.

The thread running through all of these is the same: reclaim capacity, increase consistency, and accelerate speed to market — doing more with the people and budget you already have.

Built for the trust HLS demands

In this industry, “helpful” is not enough; it has to be trustworthy. Agentic AI for healthcare and life sciences has to respect enterprise security and data boundaries, keep sensitive information under your control, and keep a person in command of consequential decisions. The goal is to automate the busywork around expert judgment — never to automate the judgment itself.

A family of AI that works the way you do

Scout is part of a broader shift in how Microsoft is bringing AI to work. Where Microsoft 365 Copilot brings AI into the flow of the apps you already use, and Microsoft Cowork reimagines how teams collaborate with AI, Scout focuses on agentic action at the desktop — automating end-to-end tasks and recurring workflows. Together they point to the same future: more of your day spent on the work only you can do.

Start small, compound the gains

You don’t need a transformation program to begin. Pick one repetitive, high-friction workflow — the weekly roundup, the recurring briefing, the documentation prep that nobody enjoys — and let agentic AI take the first pass. The time you reclaim funds the next idea.

We’ll be sharing practical, healthcare- and life-sciences-specific playbooks here every week. Subscribe to the blog, and tell us in the comments: what’s the one recurring task you’d hand to an AI teammate first?

Learn more about Microsoft Scout:

• Introducing Microsoft Scout: Your always-on personal agent | Microsoft 365 Blog 
• Microsoft Scout (Frontier) overview | Microsoft Learn