Episode 13 of The Cyber Talent Series is officially live!
Join Thomas Rogers, Co-Founder of MetaCTF, and co-host Phoebe DeVito as they connect with Antoinette Stevens, Principal Security Engineer at Ramp, to discuss growing detection and response teams, transitioning into people leadership while staying hands-on, and hiring for humility and curiosity. Antoinette also shares how she approaches build vs. buy decisions, and why mastering the fundamentals matters before layering in AI-driven capabilities.
Tune in now with the player below, or check it out on the MetaCTF YouTube and Spotify channels!
Phoebe DeVito (00:11)
Welcome to the Cyber Talent Series where we explore how organizations are closing skills gaps, accelerating onboarding, and building high performance cybersecurity teams. My name is Phoebe. I’m joined by Thomas Rogers. And today we are talking with Antoinette Stevens, Principal Security Engineer at Ramp. Thank you so much for being here, Antoinette.
Antoinette (00:29)
Thank you for having me.
Phoebe DeVito (00:30)
Yeah, awesome. All right, well we can dive in. First we like to ask folks to just tell us a little bit about themselves and what they’re doing now.
Antoinette (00:39)
Yeah, so I’ve been at Ramp. I just hit three years in December. I was the founding detection and response engineer. So I started building out that team when I joined in 2022. And I’ve since grown it to have two detection engineers under me with a couple of open roles on that side. And I’ve also since become the tech lead of our internal tooling engineering team with a couple of engineers under me on that side as well, where we focus on building platforms for internal tooling purposes as well as tooling for our CX team.
Phoebe DeVito (01:11)
Awesome. That’s amazing. And congrats on three years. (Antoinette Stevens (01:14) – Thank You.) Yeah, huge milestone. So I’d love to hear a little bit more about your journey into where you are now.
Antoinette (01:20)
Yeah, So I graduated with my degree in computer science from the University of Georgia. And while I was in school, I interned twice at a company based in Iowa called Principal. I think what I did there, which is probably the best path, was on my first internship, I wasn’t really that interested in the work. So I used that time to network instead, and met the security team there so that for my second internship, I worked with that team and then I got a return offer after graduation to work on our network engineering team. And then eventually I moved over to the security operations team. I was at Principal for like four and a half years and then I left and went to Cisco Meraki, where I was a detection and response engineer for them for about three years, did a very short stand at Slack and then came to Ramp.
Thomas Rogers (02:08)
That’s awesome. And now you’re managing a team, or I guess a couple teams technically. And you have like a lot of leadership type stuff that you do. What’s that transition been like from like IC to manager?
Antoinette (02:21)
I think it’s important to note that the culture of Ramp is that I’m still both an IC and a manager. So I don’t solely manage, I still am expected to ship code and deliver on things and get things done individually on top of also managing my team. The way that I think about it and the way that I think about those who report to me is the mindset of force multiplying my efforts.
So, I design like the tech spec and roadmap for both teams. I recognize that I can’t do everything. I recognize that I don’t have the skillset to do everything. So, I believe it’s important to find people who can go deep where I no longer can or don’t have time to and make sure that the vision that we’ve created for the various teams can still be executed on through the people that I hire and have working on my team.
I think what I don’t hear enough people talk about, and maybe it’s because I don’t read like manager books, I think there’s an identity crisis that happens when you become a manager. And it helps a lot that I still get to do IC work, but if I didn’t, it would make me how useful I would be. Because I think like after a day of sitting in meetings, you kind of think to yourself like, what did I do today? Because sometimes it like just talking to people, even if you like help change someone’s mind on something that would have impacted other things, like at the end of the day, sometimes it just doesn’t feel like you accomplished that much because you didn’t like build a product or launch something or any of those things. So I think there’s like a level of what is my job now sometimes that comes with it.
Thomas Rogers (04:02)
I think that’s what makes that transition so hard for so many don’t have the opportunity you have to keep your hands on keyboard for at least part of your job, whatever percentage that is. And so it’s like ripping the bandaid off from like, hey, you don’t get to do that stuff anymore. Now you just have to sit on Zoom calls all day.
Antoinette (04:20)
Yeah, I’ve noticed that there are certain tools that I just have not had to look at in a while because I have like someone else who’s triaging those alerts now and so I don’t have to go into them and that even is like kind of jarring to realize.
Thomas Rogers (04:35)
Yeah.
How, do you think that’s, I assume that’s really helpful that you’re still really involved in like setting the roadmap. So you sort of know you have probably a pretty strong pulse on like what needs to be done and who needs to do it. And the skill gaps that you or your team might have. So yeah, could you talk about, that side of things and like setting the strategy?
Antoinette (04:57)
Yeah, I try not to be so removed from anything that I don’t know what’s going on. And so I try to use like weekly reports or making people track work in linear tickets or different things like that, just so it’s easier for me to understand what’s happening. I’m also just not afraid to ask questions, I think, about what’s going on.
And then I have the team, at least on the detection response side, I have them do their own research around things where I might ask like a prompting question and then teach them how to begin to set up backing research to make decisions. So a good example of that is let’s say we want to change like our email security strategy or something like that. I’m not involved day to day anymore on how we triage alerts from an email security perspective. And so I do have to lean on them to help me identify what the gaps are. And so I might have them go look at our tooling and determine like based on what you’re looking at so far, what’s a waste of time versus not? Or where do you consistently see yourself saying, I wish that it had this thing. And so I think I get a lot of value from aid mentoring them on how to do the research, but also them doing it means I don’t have to. And then I can just help make decisions at a top level.
Thomas Rogers (06:11)
So that’s super cool. So back at Principle, a big part of what you learned in the early days was the importance of learning from other people and networking. How do you encourage your team to do that? How are you still doing that today, personally?
Antoinette (06:26)
Yeah, so when I worked at Principal and lived in Iowa, I went to a security meetup called SEC DSM, so Security Des Moines. And I think early career, it’s the best thing I could have done because I got to learn a lot across various areas that I would not have otherwise touched in my day job.
So the way that I’ve kind of continued that at Ramp is we have RampSEC, which is our quarterly security meetup. We organize speakers to come. I have not done the component from SecDSM that I found useful, which is the CTF part. But I think from an early career perspective, the best thing you can do for yourself is just be a sponge take time to learn as much as you can. Go to conferences. I don’t go as much anymore, but I do think that early career, like it’s best for early career, participants to go and just soak up as much as they can.
For the people who report to me, I have one analyst who was a conversion. So he was on our CX team and then, we moved him over to security. I used to have him look up security articles and then research whether or not certain exploits or vulnerabilities were possible at ramp to help him A, understand how to think from a security perspective, but also understand how to begin the process of like threat hunting understanding how to look at security controls, so on and so forth.
Thomas Rogers (07:45)
That sounds really valuable for your direct reports. It’s a very hands-on way of managing. Did you just kind of take a first principle approach to coming up with a plan for your team? Did it just come natural to you? Or how did you come up with that?
Antoinette (08:04)
I think that one came naturally because that’s what I do. Like I listen to a lot of podcasts. I read security articles and then a part of the job is to simply go, okay, I know this is possible, but is it possible here? And so getting the team to think about that as well feels like a natural progression. I also think that almost everyone on a security team should be consistently reading like security news. Just it’s imperative to understand the landscape.
And so it’s not just reading. It’s after you read it. Are you then taking that and applying it to where you were?
Phoebe DeVito (08:37)
That’s awesome. I know you mentioned a little earlier, some things you keep in mind when you are building a team and like hiring. So, wanted to know how much hiring and interviewing you’ve done so far in this kind of new role. And then also just along the way, any tips or tricks you’ve kind of picked up to find if someone’s going to be a good fit for the team, either culture wise, skills wise.
Antoinette (08:59)
I’ve done quite a bit of interviewing and a little bit of hiring. I think more interviewing than hiring. I think that’s just the way that cycle goes. What I look for is curiosity in people, which I think sounds very straightforward, but you’d be surprised how uncurious a lot of people are. And what I mean by that is do people question their own assumptions?
Like, do you walk into a scenario, make some assumptions, and then never stop to go, but is this true? And then never take the next step of validating. I think it’s a natural thing to not do that. And so I tend to look for people who do. I like to look at how people react under pressure. And the lucky part of that is it’s a quick win because interviews by their nature are high pressure situations for a lot of people. I need to look at how people are under pressure because incident response it’s important to know that someone won’t panic. And so how someone is when they are put under the wire is very helpful. I also during certain interviews tend to purposely throw in questions or things that I am fairly confident someone might not know just to see if they ask for help.
So purposely adding things with gaps in it. I like to know if someone will ask for help or again, fill it in with their own assumptions or grasp at straws. And that’s super important again, because for security or in instant response, your assumptions could change everything. It could slow things down, create untrue scenarios, it mess up your entire process. And so I think it’s really important to have people who are mindful in that way kind of come in and join the team.
Phoebe DeVito (10:34)
Yeah, I love that. I think there’s an element of like humility there too. Like it’s so interesting. I think early on, I remember even early on in my career thinking like knowing all the answers was the correct thing. And it’s so funny as you get further, you learn it’s like being able to admit when you don’t know the answer and lean on your team. And that’s ultimately like why you build really strong teams with complimentary skills. So I love that you brought that up.
Antoinette (10:56)
Yeah, I also, and there’s, it’s really hard to look for this one in an interview, but I always appreciate when someone knows how to say, hey, you know, I was wrong here. And here’s why I won’t be wrong again. which I again goes back to the humility thing. I think humility goes a really long way. And I don’t know that we see it enough in the security space is I think there’s a perception that if you don’t have the air of always knowing what you’re talking about. People might not trust what you’re saying. I think people trust me more because I will openly say like, I have no idea what this is, but I’ll go find out.
Thomas Rogers (11:31)
Right.
How do you like gauge all those different things? Obviously like some of it just comes from like you’ve done a lot of them, like you have some intuition built in, but do you have like a rubric or something? How’s that changed over time?
Antoinette (11:43)
I think a lot of that signal gets raised through the interview loop. We do like a incident response scenario for people, or it gets raised through the way that we ask questions. Again, it’s leaving things purposely ambiguous to see how people respond to it. I also think you’re right. I’ve interviewed enough, and I’ve done this job long enough and interacted with enough people that I can kind of tell. But I prefer things to be more concrete when I’m evaluating someone in an interview, which is why I tend to try to design scenarios where you can clearly say, this person did try to fill in the gaps or this person did not. And can kind of go from there. I think that much ambiguity when it comes to how you score people in an interview leaves room for bias. And so I try to stay away from that.
Thomas Rogers (12:30)
How about like hard skills? Because I’m sure part of that is like, you can’t always hire the perfect candidate. So you’re to have to trust yourself that you as a manager, you as an organization can get them to where they need to be. And I’m sure it differs for different roles, but how do you evaluate that in the interview process?
Antoinette (12:46)
If someone is not meeting the bar for hard skills, that doesn’t mean that we won’t hire them. And that’s mainly because I think it’s easier to teach someone a hard skill than it is to teach them how to be a good person. And so I prefer to use my time teaching someone how to write a Python script, how to use AI or how to think about detection and response versus consistently having to talk to somebody about how they treat people or like their attitude towards something or things like that.
Thomas Rogers (13:13)
That’s cool. And then curiosity, like going back to your first point that you said, about your curiosity based on all the stuff you do, all the talks you do and RampSec, which is super cool. Is that kind of an intuition thing too? Like you can just tell about a person, like how curious they are, like are they going to these conferences? Are they invested in this stuff outside of work?
Antoinette (13:32)
No, so no, I think that one’s a bit more difficult, right? Because I don’t know that I would necessarily say this person went to more conferences than this other person. Therefore, they’re more curious. I think that one again comes up though, in how someone responds in scenario situations when you’re walking through something like how many questions did they ask about this thing? When they when they really didn’t have to? What were their follow up questions? What were they curious about? I think it really comes out there when you get to see someone’s nature as they’re working through a problem.
Thomas Rogers (14:04)
Yeah, that makes total sense. I want to switch gears real quick. I know are always looking at like new tools. And yeah, you’re a part of the team at Ramp that, you know, is evaluating like new vendors and stuff all the time. And, the work at RampSec, like inviting, you know, people to speak and stuff like that. You just get to see a lot of cool technology. I think purposefully, it seems like you’re like seeking that stuff out.
Yeah, I don’t know anything to share like new stuff that you’ve seen that you’re excited about or what are you seeing like in the landscape right now?
Antoinette (14:34)
I think the biggest concern for everyone, is around package and extension management as supply chain compromise becomes more common. You see VS Code extensions get taken over. Chrome extensions are basically malware at this point. We recently onboarded a vendor to help with identifying malicious extensions on user endpoints. And I think that’s the coolest one that I’ve seen. And it isn’t necessarily the technology itself because it’s a script running on an endpoint. I think what’s more impressive about the vendor is they built a arm to go with it. And so it’s worth it to pay for the vendor for the research group that they have, because they are like actively identifying malicious extensions.
So it’s not they just are waiting for a third party source to tell them it’s they are actively hunting and finding stuff and then alerting their customers and publishing their work. I think that’s the big draw for me, which is a super smart business model.
Thomas Rogers (15:34)
That, I mean, I feel like that just speaks to the InfoSec community as a whole, the importance of involvement and obviously that’s a part of a business model, but it also could just be a doing good for the world type thing. So yeah, how does that flow into your day job? How are you approaching the new stuff that’s coming out, new vendors?
And yeah, what part of your day or week are you dedicating to like, keeping up with stuff?
Antoinette (16:02)
Yeah, I think it’s less so lately. And the reason I say that, I think there’s a huge push to really think about what we can build internally. I think a lot of companies who have picked up the AI adoption are probably looking internally at what they can build and do on their own without vendor involvement. And I think the benefit that I have is like we can do the full stack. Like I know how to deploy the infrastructure here, and we know how the host services and do all of this other stuff. And so I think a lot of what we’ve done lately is look inward to how we can solve our problems.
Thomas Rogers (16:35)
That’s perfect, because my next question was going to be about Build vs. Buy, because I know you did a talk about that last year. So yeah, curious, I feel like you have a really simple framework for that. So yeah, I would love to hear more about that.
Antoinette (16:49)
Yes, I will pick the one that saves me the most time in the long run. So, I think that if there is a problem that I have, and I know that I can build it quickly and then never have to touch it again, I’m going to build it. There’s a problem that I have, and I could build it sure, but it’ll require a bunch of upkeep and maintenance and all of these other ambiguities. I’m going to buy it for the support and engineering power that comes behind it.
Thomas Rogers (17:18)
I feel like that’s such a hack for you as a CS major, like someone who’s a builder personally, but, and then ramp just has so many talented engineers anyway. That’s super helpful. How do you think about like tooling in general as a part of like the cybersecurity function? Like tooling plays a role you know, you think about like road mapping and like gaps on the team from like an individual level. Do you also do that analysis like from a tooling perspective and yeah, how does that fit in?
Antoinette (17:46)
Yeah, I do that analysis from a tooling perspective, but it mainly comes from where we think gaps are. So at the beginning of this year, I looked at all of our security incidents. I pulled a bunch of trends across our alerting. I spoke to the people on my team and came up with a list of these are the gaps as I see them. So we need to talk about whether or not we have the capabilities in-house to fill these gaps. And if not, we need to talk about whether or not we need a vendor.
And so that’s the approach I’ve taken where I think I get approached with a lot of solutions to problems I haven’t decided I have yet. And that is just not the way that I like to work. And so I prefer to understand the problems that we have and then go identify vendors that might be able to help and solve those.
Thomas Rogers (18:33)
If you bring on a new tool, I’m sure there’s a learning curve, especially if no one on the team has used it before. Is that a factor, or is that just something you’re like, we’ll figure it out?
Antoinette (18:42)
No, it’s a factor for sure. I think it depends on what it is. I think usability is a huge part of adoption when it comes to any kind of tooling. So whether it’s a tool that we in security use, or if it’s a tool that like other people at Ramp need to use for security purposes, I care a lot about how easy is it to use. And I again care about the reliability of it at that point, especially if we’re it out to the org. I think a lot of the security vendors are kind of catching on to that and making their team a bit better. Because I remember there was a SIM in like 2016-2017 that I looked at and it the way I used to describe it is this feels like something that was built by a PhD person, and it was not like someone would a doctorate built this and this is not a compliment.
Thomas Rogers (19:29)
Yeah, I feel like those types of tools are, it’s like if you can get to the point where you like actually know how to use it and then start learning, it can be great, but the learning curve and just also just communicating like, hey, this is how this works. Like that can be, you know, really tricky and onboarding is everything with new tools. I feel like that’s something we’ve seen a lot. We work with a lot of security vendors and just like CTF style challenges being like a really nice way to like learn how to use a tool. Like, let’s give you a scenario and like practice a low stakes way. It doesn’t have to be like a competition. It’s just like, I mean, it can be, but so yeah, the tooling side is like really fascinating to me. Giving people like the hands-on opportunities to actually try before buying and using.
Antoinette (20:14)
It’s, mean, like to the point about the CTFs, I think it, CTFs are the reason I ever touched like Kali Linux, which I don’t need and most people don’t need on a regular basis, but it’s a good opportunity to get, again, to understand capabilities and what’s possible, especially from like an attacker standpoint. It’s the reason that I got comfortable with the AWS CLI.
It’s the reason I understand like stenography and participating in CTF is the best way to like pick up so many skills, but especially around tooling.
Phoebe DeVito (20:46)
Awesome. Yeah. We obviously agree here over at, you know, Skillbit now, but formerly MetaCTF. So we love CTFs too.
Awesome. One thing that was really cool that I know you’ve done is you participated in the AI Security Council workshops. I think that was like September last year, talking about impacts of AI on cyber operations. Would love anything you can share about that experience.
Antoinette (21:10)
Yeah, I think in the last year, my life has become very focused on AI in various ways between AI security, AI enablement, how AI changes how we understand security at an enterprise level, so on and so forth. For the AI Security Council, my main advice, which I actually still stick by, is if your company was not good at the basics, then there’s no other conversation we need to be having right now. Like if your company doesn’t have a shadow AT program, if you don’t have endpoint detection and monitoring, if you have poor access patterns, AI is just going to make it worse, but you should figure that out first too because there there’s no new threats that I see you introducing at that point.
Now, if you already have the basics down pack, then I think now you get to start worrying about things like the lethal trifecta and whether or not you’re granting access to agents that can access sensitive data, accept external inputs and then have access to the internet. Like I think that’s when you get to go to the net. It’s like Maslow’s hierarchy of needs. Like you get to go to the next one now you’ve solved the first thing.
Thomas Rogers (22:21)
I feel like that’s just not a unique thing with AI. Same thing goes for marketing. If your marketing isn’t working, AI is not going to help make it better. And same goes for hiring. your security is not working today, hiring three analysts is not going to help. So you need to have that infrastructure in place. So obviously, like, for high-performing security teams AI can it to that next level. But to think that you’re just gonna layer that into something that’s not working already is not the right approach.
Antoinette (22:53)
Cause if you don’t know what you’re doing, the AI won’t know cause you’re prompting it. They won’t know.
Thomas Rogers (22:57)
Yeah, it’s trained on you.
Antoinette (23:00)
Exactly. It’s trained on you and worse than that, it’s trained on generic data. And so from a security perspective, asking AI to, for example, build a security program for you is going to fail because it has no context of your business and won’t apply it.
Thomas Rogers (23:16)
So how are you applying that, what you know about like AI and like AI security to like, how does that flow through to your teams? Like, are you suggesting like, yeah, more upscaling and learning from that sense or yeah?
Antoinette (23:29)
Thomas, let me tell you, I love AI. So, my security operations team was probably the first operations team at Ramp to fully use, an AI agent platform for investigations. Maybe 30 to 40 % of our tickets right now, have an AI agent as a first level triage. And so it goes through, pulls a bunch of information, puts it in the ticket.
An analyst can come through and review that and say, yep, I agree with the determination here and close it out. So the AI is not closing it out for anyone. And we’re what it looks like for AI to be able to auto close the tickets as well. And what that’s allowed us to do is ingest more log sources so that we can expand our coverage without needing to expand our team per se because hiring’s hard.
Thomas Rogers (24:14)
I know you mentioned you’re doing a lot of evaluation where you’re like, can we just build this internally? We have a lot more capacity probably in some ways because of AI. Do you feel the same way about hiring because of AI? Like, hey, we don’t need to grow the team because we’re able to do more with what we have today.
Antoinette (24:32)
No, I don’t. I don’t think I feel that way. think it’s. I can be more strategic about how I grow the team. Like I don’t need to go hire 10 analysts, probably, you know, but I have to hire another detection engineer. and so I it, changes who I’m looking for when I hire. We are hiring another analyst to help with some of the like operational load, but it’s less, I need you to sit here and just watch a queue for tickets, and it’ll be more interesting work I think.
Thomas Rogers (25:00)
How do you think you would have approached that you were getting into your career? If you were starting now, I’m kind of stealing the wins from our last question, But yeah, I don’t know. How would you approach that? I assume that’s how you lead your team, is this is how I would do it. But yeah, what do you recommend for your team?
Antoinette (25:20)
If I were, this is not for my team. If I were starting in security now, I would focus all of my efforts on learning everything I can about AI and AI security. And then I would get a job at a larger company to either work in security because they’re slower to adopt AI, and so their strategy around hiring probably hasn’t changed. Or I would, if you really, really wanted to work at a smaller company, go work at one of the ones that, because everyone’s learning AI, a lot of companies have roles open where it’s basically like, we just want you to be curious and go do that. I think throwing yourself into, I want to become highly knowledgeable about AI for the purpose of security would be a good path forward.
Thomas Rogers (26:05)
Cool, good advice.
So with the AI tooling, I’d say one of the things, so I went to some of the big conferences last year, so like Black Hat and RSA and DEF CON, and so many vendors are just talking about how you can replace people with their tool. And I’m curious your thoughts on that.
Antoinette (26:20)
They’re trying to sell a product. I don’t know that anyone is in a place where you can replace a person. You probably replace an unskilled person. But like, I don’t think I’m personally at a point where I feel like someone’s tool will take my job. I’m not saying it’s never gonna be possible, but not today. I also…
I don’t like black box vendors. And so a lot of the vendors who have like AI platforms, I just haven’t looked at it because they don’t give you a lot of flexibility in what you can do. I also just don’t feel the need to right now because we have like a platform we use that’s highly flexible. And so it covers most of the use cases that I see a lot of vendors have. So I could build a lot of those tools. I think a lot of vendors should be more concerned about the fact that a lot of internal teams can rebuild their product.
Thomas Rogers (27:11)
I know you’re not laughing, but that’s funny. Yeah, I get that. with kind of all the evaluations and stuff you internally with your team, I would assume it would like change some of the build versus buy stuff because you probably can build more stuff than you used to. But yeah, how does that like work like cross-functionally? Like I assume you’d have to like work with other teams to make some of those decisions. Curiously from a manager perspective, what that’s like.
Antoinette (27:38)
I think on the internal tooling side, there are other stakeholders that we work with when we’re deciding about tooling. The general expectation on that side though, is that we’re for the most part building everything. On the security side, it’s less of an issue for detection and response because that team is almost fully encapsulated to itself in terms of stakeholders.
So if I am deciding to fill some sort of gap, I actually for that team usually choose to buy, but that’s because there’s like a talent gap in terms of there being other engineers who can build and deploy something, which is not the case on the engineering team.
Thomas Rogers (28:13)
Yeah, that makes sense. Cool. right. I wanted to ask you about RampSec, and what that’s been like to be a part of curious, kind of like from an outsider. I just think it’s really cool that y’all do that.There’s weirdly like not a ton of, big, cyber conferences in New York. And so I feel like that is filling a really important gap. So I would love to hear just your experience with that, what y’all are trying to accomplish with that, more background on it.
Antoinette (28:39)
So I started RampSec in 2024. Mainly for the reason I mentioned of I really wanted to create a security community that could give people the benefit that I got from the community that I had when I was starting. And I’m pretty happy with where it’s gone.
I didn’t have goals. I didn’t have a goal of like having a hundred people show up every time. I didn’t need to be the biggest thing. It really was about, I want to build a space where people feel like they have a community here. I do think that it’s worth mentioning, like Reddit has a meetup that they do called SNOOSEC. There’s a new one called Sprawl now that’s meeting in February and Sprawl is like company agnostic. And so I think that’s even cooler because you don’t have to worry about it being tied to a specific vendor or company or whatever. I’m proud of RampSec because I hope in some small part it’s inspiring people to start up their own things and go explore how they can continue building community and things like that.
Thomas Rogers (29:41)
For sure, that’s awesome.
Phoebe DeVito (29:43)
Awesome. All right. Well, typically our wrap up question is if you were starting your career in cyber now, is there anything you’d tell yourself? I feel like you covered them, but if there’s any you want to add, now’s your time.
Antoinette (29:53)
Honestly, I wouldn’t change anything. Like I think the path that I took is the best path I could have taken of starting at a large company, learning as much as possible from people who are well established and understanding those patterns and then going smaller.
Phoebe DeVito (30:07)
That’s awesome to have no regrets. I love that. Awesome. This has been such a good conversation. I feel like we could talk forever, but yeah, thank you again so much for coming on.
Antoinette (30:17)
Thank you.