Let's Talk Azure!

In this episode, we dive deep into ScubaGear, an open-source tool developed by the Cybersecurity and Infrastructure Security Agency (CISA) as part of the Secure Cloud Business Applications (SCuBA) project. Designed to assess Microsoft 365 (M365) tenant configurations, ScubaGear helps organizations align with CISA's Secure Configuration Baselines (SCBs) to prevent costly misconfigurations. From setup to real-world applications, we unpack how ScubaGear strengthens M365 security and share practical tips for IT admins and security teams. What You'll Learn: Why ScubaGear Matters: Learn how ScubaGear addresses the growing threat of cloud misconfigurations, which accounted for 30% of cloud attacks in early 2024. We discuss its origins in CISA's SCuBA project, and its value for US federal agencies, private organizations, and critical infrastructure. How ScubaGear Works: A technical breakdown of ScubaGear's PowerShell-based workflow, using Microsoft Graph APIs and Open Policy Agent (OPA) to compare tenant settings against SCBs. We cover setup requirements. Common Misconfigurations: Examples like disabled MFA or weak DLP policies, and how ScubaGear's HTML, JSON, and CSV reports provide actionable remediation steps. Best Practices: Tips for integrating ScubaGear into security workflows, including regular scans, policy customization, and combining with tools like Microsoft Secure Score. Real-World Insights: Sam shares experiences from consulting. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss the benefits and use cases of Security Copilot. Alan Dives into how Security Pilot works and what some of the capabilities are. Here are a few things we covered: What is Generative AI What is Security Copilot What are Agents How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have been announced at Microsoft Secure 2025 Some of the Microsoft product features and update we covered: Security Copilot Agents Data Security Investigations Innovations in Microsoft Entra Detection and protection for emerging AI threats What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This episode Alan and Sam dive into the issues around OAuth apps and understanding how they are being used. Alan discusses the issues organisations are facing when any user could consent to application and the cleansing process that needs to take place. He also goes into how App Governance in Defender for Cloud Apps can help. Here are the areas they covered: What are OAuth Apps? What is Defender for Cloud Apps? How can Defender for Cloud Apps help review consented apps? What policies can you deploy? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we dive into two great features of Microsoft Defender for Cloud: Security Explorer and Attack Paths. Join us as we unpack how these tools leverage the Cloud Security Graph to help you hunt down risks, map potential attack routes, and prioritize your cloud security efforts like never before. Whether you're managing Azure, AWS, or a hybrid setup, this episode is packed with insights to level up your defense strategy. What You'll Learn: How the Cloud Security Graph provides a unified view of your multicloud environment. Using Security Explorer to proactively identify vulnerabilities and misconfigurations with custom queries. Visualizing Attack Paths to see how attackers could move from an entry point to your critical assets. Practical tips for prioritizing fixes and boosting your Secure Score. Real-world examples of these tools in action and how to get started today. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam dive into Defender for Cloud's Protective workload for server. Alan goes through the different plans available and the features that are available. Here are a few things we covered: What is the Defender for Server Protective workload What features does it provide How easy is it to enable How much does it cost What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we dive into the world of database security with Microsoft's Defender for Databases. Join us as we explore how this tool within Microsoft Defender for Cloud can transform your approach to safeguarding your data against cyber threats. Topics Covered: Introduction to Defender for Databases Features and Capabilities Enabling and Configuring Defender for Databases Responding to Alerts What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss why it is important to have Cloud Security Posture Management (CSPM) solutions in place. Alan goes through the general benefits of CSPM, enhancements since its release and dives into Microsoft Defender for Cloud. Topics that are covered are: What is Cloud Security Posture Management and why it is important What is Microsoft Defender for Cloud's approach to CSPM What is Microsoft Cloud Security Benchmark what are the pricing tiers for CSPM What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we explore the critical world of API security through the lens of Microsoft Defender for APIs. Join us as we discuss how this tool can safeguard your APIs in increasingly cloud-centric environments. Topics Covered: Introduction to Defender for APIs What it is and why it matters in today's cloud landscape. Who should care about API security? Key Features of Defender for APIs Inventory management and visibility. Security findings and vulnerability assessment. Real-time threat detection based on OWASP API Top 10. Integration with other Azure and security tools. Benefits for Businesses Enhanced API security posture. Compliance with regulatory standards. Mitigating risks in API lifecycle management. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we wrap up the season, where we explore our favourite episode of the season. We also talk about the what happened in 204, and how the podcast has grown in terms of listenership and engagement. As we bid farewell to the season, we also reveal our future plans for the next season, which will start on January 2025. This episode is a great way to end the season and to look forward to the next one. We thank our listeners for their support and feedback, and invite them to stay tuned for more updates and announcements. We wish everyone a happy and healthy holiday season, and promise to return with more amazing content in the new year. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss the process organisations go through to manage patches. Alan dives into some of the tooling and covers: Why is patch management important and what are some of the issues you can run into what tooling can help with patch management for servers What is Azure update manager What is hotpatch for Windows servers What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about the Microsoft Ignite event and the announcements that came out of it. Alan dives into the in-person experience in Chicago. They dive into a couple of the announcements that peaked their interest. Some of the Microsoft product features and updates we covered: M365 Copilot Purview Defender XDR Azure What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we tackle the critical challenges of securing DevOps environments in today's fast-paced, cloud-centric landscape. With cyber threats evolving at an unprecedented rate, safeguarding your DevOps pipelines is more essential than ever. Join us as we explore Microsoft Defender for Cloud, a comprehensive solution designed to address security gaps across the entire DevOps lifecycle. We'll discuss best practices, key features, and practical insights on implementing effective DevOps security strategies. Whether you're an IT pro, DevOps engineer, or security enthusiast, this episode will arm you with the knowledge to protect your cloud-native workflows with confidence. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and updates we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss OAuth applications and their potential risks. Alan goes into how App Governance can give you the visibility of OAuth app and their usage. Here are a few things we covered: What are OAuth Apps? What are they typically used for? why is it important to monitor them How can App Governance help monitor and protect from OAuth App attacks? What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure Web Jobs which is a feature of Azure App Service that allows developers to run background tasks, scripts, and long-running processes alongside their web applications, enabling automated workflows and task scheduling in the cloud. Here are a few things we covered: An overview of Azure web jobs and use cases Types of Web Jobs Deployment and Integration Monitoring and Scaling What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, Sam and Alan dive deep into the world of token theft and token replay attacks. They explore what these threats are and discuss effective countermeasures to reduce the risk of token theft and prevent replay attacks. Here's a breakdown of what they covered: Understanding Authentication Tokens: What are they and why are they crucial for secure authentication? Token Theft and Replay Attacks: An overview of how these attacks work and their potential impact on organisations. Reducing Token Theft Risks: Practical strategies to minimize the chances of tokens being stolen. Preventing Token Replay: Measures you can implement to block access when stolen tokens are reused. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure VM Image Builder which is a service that simplifies the creation, customisation, and management of virtual machine images in Azure, automating tasks like software installation, configuration, and patching for consistent deployments. Here is what we covered: What are Virtual Machine images? And how they are used in Azure. What are the challenges with image creation? What is Azure VM builder and how does it help? How much does the service cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam dive into Microsoft's Security Exposure Management platform. Alan takes us through the various components and the benefits on using this platform. Here are a few things we covered: What is Microsoft Security Exposure Management? What components make up the platform? Who benefits from the platform? What integrations does the platform have? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure Container Storage which is a volume management service built natively for containers, which enables cost-effective performance scaling and simplified management of volumes for stateful container applications. What are containers and their storage requirements? Why Azure Container Storage is useful How do you create storage? What are the configuration options? How much does the service cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam talk about External Attack Surface Management (EASM) and how Microsoft's Defender EASM helps discover and monitor your digital assets. Here are a few things we covered: What is External Attack Surface Management? What is Defender EASM and how can it help identify your risks? How do you setup Defender EASM? how much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure Storage Accounts which provide scalable, secure, and highly available cloud storage for various data types, including blobs, files, queues, and tables. It serves as a foundational service in Microsoft Azure, enabling applications to store and retrieve data efficiently across multiple redundancy options and access tiers, here is what we covered: What is Azure Storage accounts and why are they useful? What types of data do they support? How do you create them? What are the configuration options? How much do they cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam dive into Microsoft's Unified Security Operations Platform and how it can benefit SOC analysts in their day to day. Here are a few things we covered: What is a Security Operations Centre (SOC)? What is the new Microsoft Unified Security Operations Platform? What are the benefits of the new platform? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure Storage Actions a serverless framework currently in preview that allows users to perform common data operations on millions of objects across multiple Azure Storage accounts without needing additional compute resources. It involves creating storage tasks with defined conditions, operations, and assignments. Users can monitor and manage these tasks, which run asynchronously, via metrics and reports. Azure Storage Actions is integrated with Azure Event Grid for event handling, and is supported in several regions, here is what we covered: What is Azure Storage Actions and why are they useful? How do you create them? What are the configuration options? How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam talk about the use of Managed Identities for Azure resources. Alan takes us through the methods used for programmatic access to Azure resources and the risks of some of the options. Here are a few things we covered: What is programmatic access? What methods are usually used to gain programmatic access? What are Managed Identities for Azure resources, and how they can be used. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Data API builder. It is a powerful tool designed to streamline the process of creating and deploying APIs for data-driven applications. It facilitates the rapid development of secure, scalable, and high-performance APIs that can seamlessly interact with various data sources, including databases, file systems, and third-party services. By automating much of the setup and configuration, Data API builder reduces the complexity and time required to bring data APIs to production, allowing developers to focus on building features and functionality rather than managing infrastructure. This tool is particularly beneficial for organizations looking to enhance their data accessibility and integration capabilities while ensuring robust security and performance standards. _What are CRUD APIs? Why are they important? How do you use it? What are some of the use cases for the solution? How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Build + RSA Updates key Microsoft Entra and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam talk about why it is important to monitor your network for connected devices. Alan runs us through the benefits of doing it with Microsoft Defender for Endpoint. Here are a few areas we covered: Why is it important to monitor your network? How can you find devices using Microsoft solutions? What are the benefits of devices being discovered and searchable in the Defender XDR Portal How is it licensed What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure AI Search. It is a robust, cloud-based search service provided by Microsoft that leverages artificial intelligence to enhance search functionalities within applications. It allows developers to create rich, full-text search experiences with features like natural language processing, semantic search, and cognitive search capabilities, which can extract insights from various data sources. The service is scalable, ensuring efficient handling of large volumes of data and queries, and integrates seamlessly with other Azure services, providing a comprehensive solution for building intelligent and responsive search-driven applications. What problems is Azure AI search aiming to solve? What does it integrate with? What are some of the use cases for the solution? How much does it cost? Read transcript

Alan and Sam discuss the management of macOS and how it is a little different to other operating systems. Alan guides through what can be configured and the reasons why. Here are a few things we covered: How is macOS different to other operating systems to manage? What Microsoft tooling can you use to manage them What licences do you need What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure Data Box. It is a ruggedised appliance designed to simplify the process of transferring large volumes of data to Azure cloud storage, offering high-speed data transfer and secure encryption. It enables organisations to overcome bandwidth limitations and easily migrate large datasets, ensuring efficient and reliable data transfer. What is Azure Data Box? What can you back up with it? How does the process work? How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: FIDO2 authentication & Keypass Security group provisioning to Active Directory using cloud sync Unified security operations platform New API Manager v2 App Service v1 and v2 environments retirement What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss Microsoft Entra Global Secure Access. A identity-centric Security Service Edge (SSE) solution that helps secure user's internet and on-premises access. Here are a few things we covered: What is a Security Service Edge ? What is Microsoft Entra Global Secure Access? How does Entra Internet access for Microsoft 365 help secure and prevent data leakage? What is Entra Internet Access and Private Access? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week Alan and Sam discuss Azure Backup. It is a comprehensive solution offered by Microsoft Azure for safeguarding data across cloud and on-premises environments, providing seamless backup and recovery capabilities. It enables users to protect critical workloads, applications, and files with automated backups and flexible retention policies. What is Azure backup? What can you back up with it? How can you secure your backups? How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss Microsoft's new Cloud PKI service, which enables the management and deployment of device and user certificates through Intune. Below are some key points we addressed: What are user and device certificates and how are they used How would you normally manage PKI services What is Microsoft's Cloud PKI How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Copilot for Security and M365 Syslog and CEF AMA connector for Microsoft Sentinel Lots of Azure changes, new features and retirements! What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss Azure Key Vault, it is a centralized cloud service designed for securely storing and managing cryptographic keys, certificates, and secrets used by cloud applications and services. It offers robust access control, encryption, and auditing capabilities to safeguard sensitive information and streamline key management processes. What is Azure Key Vault? What are the common use cases for Azure Key Vault? What does it integrate with? How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam talk about the Microsoft Connection Program (CCP). A Community of Technical professional from Customers, to Partners and MVPs that interacts with Microsoft Product groups around new features.. Here are a few things we covered: What is the Customer Connection Program? What are the benefits of being in the CCP? What is my experience being in the various CCPs? How do you get involved? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Dark Mode in Defender XDR Cloud PKI Improvements in Azure Key Vault Configuration-as-code customizations in Microsoft Dev Box What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss Azure Event Grid. It simplifies event-driven architectures by providing a fully managed service for routing events from various sources to multiple destinations in near real-time, enhancing agility and scalability in cloud-based applications. It enables seamless communication between Azure services, custom applications, and external sources while offering features like event filtering, routing, and dead-lettering for reliable event handling at scale. What is Azure Event Grid? What are the common use cases for Azure Event Grid? How can you get started? What are the licensing options? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss what vulnerability management is, and why it is important to an organisation. Alan dives into how Microsoft security solutions help identify weaknesses and monitor their remediation. Here are a few areas we covered: What are vulnerabilities? why should you monitoring, priorities and resolve them? How can Microsoft Solutions help manage your vulnerabilities? What Microsoft licenses do you need to get started? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Azure AI Studio is an all-in-one AI platform that simplifies the development, evaluation, and deployment of generative AI solutions and custom copilots1. It provides a unified hub for building, managing, and fine-tuning AI models, making it easier for developers of all skill levels to create and deploy intelligent applications. Whether you're working on natural language processing, computer vision, or other AI tasks, Azure AI Studio streamlines the process and offers a comprehensive suite of tools and services to support your AI projects. Sam takes the lead covering: What is AI and what do organizations use large language models for? What is Azure AI studio, and what problems is it solving? Sam's initial impressions of using Azure AI studio for the first time What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.