Discovery Lab
The interactive customer discovery experience that retired the PowerPoint deck.
A living, browser-based discovery environment I built to replace the traditional 60-slide customer discovery deck. Ten interactive scenarios map to today's real security conversations — XDR Go Big, hardware refresh, CrowdStrike displacement, Defender gaps, Splunk consolidation, compliance — and every scenario randomizes on each run, so customers walk through their own environment, not a scripted demo. No one gets graded; every answer is a conversation starter, and every session produces a scoped, customer-branded readout the PA can take straight into the next meeting.
- Replaces the PowerPoint discovery motion with a conversation-driven, hands-on experience customers can actually use — guided Explore / Investigate / Discover arcs, with inline economics for the consolidation conversation
- Ten randomized scenarios covering the full Cortex + Strata narrative: XDR, XSIAM, XSOAR, Xpanse, Cortex Cloud, NGFW policy, and the displacement plays behind XDR Go Big
- Serves as the front door for every platform I built: the XSIAM AI Optimizer, XDR Optimizer, SKU Decoder, and NGFW Policy Benchmarking engine all surface inside the Lab, at the exact moment the conversation calls for them
- Captures qualified discovery data inline and emails a branded summary report on completion — the PA walks out with a scoped next step instead of a "we'll follow up"
- Used live in EBC engagements and partner-led workshops; materially compresses the discovery→POV→design timeline and gives deal desks something defensible to quote against
Interactive discovery10 scenariosCustomer-facingEBC-readyCortex + Strata
XSIAM AI Optimizer
Benchmark your SOC against Palo Alto's own, automatically.
An AI-driven assessment platform that measures a customer's XSIAM deployment — coverage, automation maturity, analyst workload, rule quality — against Palo Alto Networks' internal reference SOC. Turns the question "are we using this right?" into a living dashboard instead of a 40-hour consulting engagement.
- Automates the technical prep work — broker VM setup, use-case build, rule quality review — that professional services teams normally charge weeks of billable hours to deliver
- Continuous scoring against a canonical reference SOC; surfaces the top five moves that would improve posture, not a 200-page report nobody reads
- Self-serve so partners and customers can run it without a services SOW
- Directly competes with the assessment motions run by Optiv and GuidePoint services orgs
Next.jsTypeScriptRAGXSIAM APIBenchmark scoring
XDR Go Big — NAM Program & Reporting Infrastructure
The North America Cortex XDR displacement program — and the reporting backbone that keeps it measurable.
I own the XDR-GB-NAM-2026 campaign end-to-end, working cross-functionally with Optiv's Partner Director and Palo Alto's Channel SE leadership, National Partner Business Manager, Channel Systems Consultant, and the Endpoint COE directors. A program this size doesn't run on goodwill — it runs on process. So I built the reporting infrastructure that makes the campaign defensible to both sides of the house: a weekly progress cadence, an executive XLSX dashboard, and a campaign-code discipline that keeps approved deal registration clean all the way from discovery to the quote.
- Executive XLSX program dashboard — activity log, pipeline summary, and progress-to-goal tracking (including the $100M pipeline target) that reads cleanly for both Optiv and Palo Alto leadership
- Progress-report cadence — weekly narrative reports plus a structured email sequence that keeps Partner Directors, Channel SE leadership, and the Endpoint COE aligned without a weekly meeting
- Campaign-code discipline — codified how XDR-GB-NAM-2026 shows up on internal vs. external surfaces (pricing visible internally, quantities and campaign code externally), protecting approved deal registration
- Play Studio → XDR Deal Accelerator — rebranded and re-shipped the play-generation engine so partners could run the motion themselves, with dynamic data enrichment and PA-lead attribution baked into every export
- Discovery Lab stood up as the public-facing asset for the program — replacing traditional slide decks with a scenario-driven customer experience
- Coordinates four partner-side and two Optiv-side stakeholders against a single measurable campaign with a single source of truth
Program LeadershipExecutive reportingProcess designCross-vendorEnablement design
Palo SKU Decoder
The decoder ring for Palo Alto quotes — quoting cycle time measured in minutes, not days.
A sales-acceleration tool I built inside EchoR to solve a problem every partner architect and channel SE knows too well: a Palo Alto quote comes back as a wall of opaque SKU codes that no customer can read, and nobody on the partner side wants to hand-translate for the hundredth time. The SKU Decoder ingests a raw quote, resolves every SKU against the live catalog, and produces two clean views — an internal view with approved discount and campaign codes for the deal desk, and an external customer-safe view showing only products and quantities. Same quote. Two audiences. Zero manual rework.
- Turns Palo Alto SKU lists into proposal-ready, customer-readable output — partners stop re-typing quotes into Word docs at midnight
- Enforces the internal-vs-external view split: internal shows discounted pricing and campaign codes (XDR-GB-NAM-2026, Go Big discount tiers); external shows quantities and SKUs only, protecting approved deal registration
- Gives Partner Directors and Channel SEs a shared artifact to review inside the deal desk motion — fewer mistakes, faster sign-off, cleaner audit trail
- Built as a first-class app inside the EchoR suite, so the same tool works for every partner architect on the team — not a one-off spreadsheet
- Directly supports the XDR Go Big program by making campaign-code pricing easy to apply correctly the first time, every time
Sales accelerationDeal-desk alignedInternal / external viewsCampaign-code disciplineNext.js
EchoR / Signal Tide
The internal OS for Optiv's Palo Alto Partner Architects.
Next.js 15 + TypeScript platform — the internal backbone now surfaced through the Discovery Lab. A suite of five apps for Partner Architects covering play generation, knowledge capture, enrichment, and partner-facing exports. Now at v1.0.3.
- Play Studio with accent-colored play cards, structured sections, dynamic data enrichment
- Client-side PDF generation, Dexie storage, NextAuth, Perplexity Sonar Pro AI
- "Signal Tide Capture" Chrome extension to pull content directly from XSIAM/Panorama UI and Palo Learning Center
- Team Contacts module wired into every export, with automatic PA-lead attribution
Next.js 15TypeScriptChrome ExtensionPerplexity SonarRender.com
XDR Optimizer
The business case for moving to XSIAM, quantified.
A decision-support tool for customers evaluating a migration from their current stack — Cortex XDR, CrowdStrike, Microsoft, or Elastic — into XSIAM. Ingests current-state, models the post-migration outcome, and outputs a defensible analysis of what XSIAM actually delivers: coverage gains, analyst hours recovered, tool consolidation savings, and time-to-detect improvements.
- Built specifically to support the XDR Go Big displacement motion — a faster, more credible alternative to a months-long services assessment
- Works across CrowdStrike, Microsoft, and Elastic baselines, not just Palo Alto-to-Palo Alto
- Outputs a customer-ready narrative, not just a spreadsheet — so partners can walk into the next meeting with a real case
Migration modelingMulti-vendorGo Big aligned
NGFW Policy Benchmarking
Real-time policy parity across multi-platform firewall estates.
A policy-analysis engine that pulls from PA/BPA (Best Practice Assessment), XSIAM, and the NGFW control plane to keep security policies aligned and defensible across mixed-vendor environments — Palo Alto alongside legacy Cisco, Check Point, Fortinet, or cloud-native firewalls. Detects drift the moment it happens instead of at the next quarterly audit.
- Continuous benchmarking against Palo Alto best-practice baselines — no more "we'll fix it at the next maintenance window"
- Single policy truth across multi-platform stacks, so customers running hybrid estates actually see what's deployed
- Identifies policy gaps, shadowed rules, and weakened zones in real time, with a remediation path ranked by risk
- Built to live inside partner-led programs and MSSP offerings, not a one-time consulting engagement
PA/BPA integrationMulti-platformContinuous auditDrift detection
Partner Architect Knowledge Base
The institutional memory PA teams should already have.
A curated, access-controlled repository of technical integration guides, battle cards, and customer-facing assets. Managed with the same discipline I'd expect from a documentation org — review gates, publish-ready criteria, access tiers, and a todo-driven editorial pipeline.
- Example in flight: XSIAM + AWS S3 Integration Guide, held in editorial until access controls are verified
- Treated like product: roadmap, ownership, review standards, publish state
Process designAccess governanceEditorial rigor
Reports, Decks & Documentation
The paper trail of a Partner Architect who ships.
A sample of documentation produced in the last year — written, designed, and delivered by me:
- Optiv Insights blog — "The Autonomous Security Enterprise" — published thought leadership on agentic AI governance (April 2026)
- XDR Go Big Program Report — executive XLSX dashboard, weekly progress-report cadence, and campaign email sequence
- Palo SKU Decoder Design & Deal-Desk Rulebook — internal-vs-external view logic and campaign-code handling
- Cortex XDR Technical Deck — partner-ready sales/technical enablement
- XSIAM AI Optimizer Build Plan & Launch Readiness — product spec, GTM, and rollout documentation
- XDR Optimizer Architecture & Data Model — technical design for migration analysis and scoring engine
- NGFW Policy Benchmarking Specification — integration design spanning PA/BPA, XSIAM, and multi-vendor control planes
- Discovery Lab Experience Design — interaction architecture, dynamic routing logic, and EBC talk tracks
Thought leadershipExecutive reportingTechnical writingSales enablement
