Microsoft Security Insights

It's Partner month on the MSI Show! This year we're focused solely on our Copilot for Security partners. Stop by to learn more about Copilot for Security and how Microsoft's partners are building solutions around this new AI service for security. Show Notes/Links Forsyte IT's website: https://forsyteit.com/ Shihan Wijeyeratne's LinkedIn profile: https://www.linkedin.com/in/shihan-wijeyeratne-55804b8b/ Copilot for Security plugins: https://github.com/rod-trent/Copilot-for-Security/tree/main/Plugins Copilot for Security Prompting workshop: https://github.com/rod-trent/Copilot-for-Security/tree/main/Prompts/Workshop Watch the live replay  

It's Partner month on the MSI Show! This year we're focused solely on our Copilot for Security partners. Stop by to learn more about Copilot for Security and how Microsoft's partners are building solutions around this new AI service for security. Notes/Links: Critical Start website: https://www.criticalstart.com/ Randy Watkins LinkedIn profile: https://www.linkedin.com/in/randy-watkins-19368513/ Rod Trent on MS National Office Hours: https://forms.office.com/pages/responsepage.aspx?id=v4j5cvGGr0GRqy180BHbR1Yrd34zLbtMspVmu5kxHXhUM0lLSEQ4TUYzTzRPQ0U1VFNOREJWTFNQVy4u Watch the live replay:  

It's Partner month on the MSI Show! This year we're focused solely on our Copilot for Security partners. Stop by to learn more about Copilot for Security and how Microsoft's partners are building solutions around this new AI service for security. Notes/Links: Bulletproof website - https://bulletproofsi.com/ Bulletproof CfS Webinar (May 2nd, 2024 | 11:00 AM - 12:00 PM ET ) - https://content.bulletproofsi.com/webinar-copilot-security Christopher Simm LinkedIn Profile: https://www.linkedin.com/in/csimm/ Jon Stewart On The False Promises of AI: How to Become a Microsoft Copilot for Security Ninja: The Complete Level 400 Training - https://techcommunity.microsoft.com/t5/microsoft-security-copilot-blog/how-to-become-a-microsoft-copilot-for-security-ninja-the/ba-p/4106928 Unleash the Power of Microsoft Copilot for Security: Introducing the Copilot for Security GitHub - https://techcommunity.microsoft.com/t5/microsoft-security-copilot-blog/unleash-the-power-of-microsoft-copilot-for-security-introducing/ba-p/4109184 Watch the live replay  

It's Partner month on the MSI Show! This year we're focused solely on our Copilot for Security partners. Stop by to learn more about Copilot for Security and how Microsoft's partners are building solutions around this new AI service for security. Notes/Links: Quorum Cyber website: https://www.quorumcyber.com/ Graham Hosking LinkedIn profile: https://www.linkedin.com/in/grahamhosking/ Watch the live replay  

It's Partner month on the MSI Show! This year we're focused solely on our Copilot for Security partners. Stop by to learn more about Copilot for Security and how Microsoft's partners are building solutions around this new AI service for security. Notes/Links: Sentinel Watchlist Plugin template: https://github.com/rod-trent/Copilot-for-Security/blob/main/Plugins/KQL_Plugin_TrustedUsersWatchlist.yaml Copilot Labs: https://copilot.cloud.microsoft/prompts Tanium Prompts for Copilot for Security: https://github.com/rod-trent/Copilot-for-Security/blob/main/Prompts/Plugins/Tanium.md New Tanium-Microsoft partnership provides endpoint data to Copilot for Security: https://siliconangle.com/2024/04/01/new-tanium-microsoft-partnership-provides-endpoint-data-copilot-security/ Tanium Integrates with Microsoft Copilot for Security - Changing the Game for Cybersecurity Teams: https://www.tanium.com/blog/microsoft-copilot-for-security-integration/ Watch the Live Show Replay  

It's Partner month on the MSI Show! This year we're focused solely on our Copilot for Security partners. Stop by to learn more about Copilot for Security and how Microsoft's partners are building solutions around this new AI service for security. Notes/Links: Learn Lives: https://learn.microsoft.com/en-us/shows/learn-live/microsoft-copilot-for-security/ Midwest Management Summit MOA: https://mmsmoa.com/registration/mms-2024-at-moa Microsoft Build: https://build.microsoft.com/ Copilot for Security Community Group: https://www.linkedin.com/groups/14345161/ Copilot for Security pricing table: https://azure.microsoft.com/pricing/details/microsoft-copilot-for-security/#pricing Copilot for Security pricing calculator: https://azure.microsoft.com/pricing/calculator/ Public Plugin List: https://learn.microsoft.com/en-us/security-copilot/plugin-overview Grant partners access to Microsoft Copilot for Security: https://learn.microsoft.com/en-us/security-copilot/grant-access-external-users Prompt Library: https://github.com/rod-trent/Copilot-for-Security/tree/main/Prompts Watch the Live Replay  

Our final 2024 episode for Women in Cybersecurity Month 2024! Show Notes/Links: Experts Live Kenya: https://www.expertslive.ke/ Cybergirls: https://cybergirls.cybersafefoundation.org/ ADPList: https://adplist.org/ Microsoft Build: https://build.microsoft.com/ Watch the live replay  

Hey! It's our 200th episode! What better way to celebrate than highlighting and celebrating Women in Cybersecurity Month 2024! Show Notes/Links LATAM Women in Cybersecurity - https://womcy.org/ Donate - https://womcy.org/product/donate-to-womcy/ Smartless podcast - https://www.smartless.com/   Developers, Developers, Developers…   Watch the Live Replay  

  Show Notes/Links: Women in Cloud: https://womeninCloud.com MDE common deployment mistakes: https://lnkd.in/dEtk7rCB Connect ServiceNow to Defender for Cloud https://lnkd.in/eGKrPHQ9 Create a ticket in Defender for Cloud https://lnkd.in/ePqUdNH5 Create automatic tickets with governance rules https://lnkd.in/exAcrQeF Protect your resources with Defender CSPM https://lnkd.in/eBaeyH9y Register now for the Microsoft Windows Server Summit 2024: https://www.microsoft.com/windows-server/blog/2024/03/11/register-now-for-the-microsoft-windows-server-summit-2024/ Watch the live replay  

Stop by as we highlight and celebrate Women in Cybersecurity Month 2024 and learn a bit about Star Trek! Show Notes/Links:     Watch the live replay…      

Stop by as we highlight and celebrate Women in Cybersecurity Month 2024! Show Notes/Links:     Watch the live replay…  

We take a short break in the Women in Cybersecurity month festivities to celebrate something else. You don't want to miss this! Show Notes/Links: Copilot for Security announcement: https://techcommunity.microsoft.com/t5/microsoft-security-copilot-blog/microsoft-copilot-for-security-general-availability-details/ba-p/4079970 Prompt Library: https://github.com/rod-trent/Security-Copilot/tree/main/Prompts Wallpaper: https://github.com/rod-trent/Security-Copilot/tree/main/Images/WindowsBackgrounds   Watch the live replay…  

Stop by as we highlight and celebrate Women in Cybersecurity Month 2024! "Don't have to be a turd to flush the toilet" - Kate Proctor Show Notes/Links: Catch us live on the next show: The Microsoft Security Insights Show - Women in Cybersecurity Month - March 2024 Watch the live replay…  

Stop by as we highlight and celebrate Women in Cybersecurity Month 2024! Show Notes/Links: Maria Young on LinkedIn: https://www.linkedin.com/in/maria-verardi/ Microsoft Pegasus: https://www.microsoft.com/startups/pegasus and https://foundershub.startups.microsoft.com/signup Copilot for Security: https://www.microsoft.com/security/business/ai-machine-learning/microsoft-security-copilot Must Learn KQL: https://aka.ms/MustLearnKQL The Definitive Guide to KQL from Microsoft Press: https://amzn.to/3TlGKil Microsoft Cybersecurity for Beginners – a curriculum: https://github.com/microsoft/Security-101 CompTIA Security + Exam Guide (SYO-601): https://amzn.to/3Pb3jDM   Watch the live replay…  

Stop by as we highlight and celebrate Women in Cybersecurity Month 2024! Show Notes/Links: Intern Program: https://www.microsoft.com/en-IE/earlycareers/internsapprenticeships What went Generally Available (GA) since February 2024? Granular filtering of Conditional Access (CA) policy list – CA policies can now be filtered on actor, target resources, conditions, grant control and session control. The granular filtering experience can help admins quickly discover policies containing specific configurations. Microsoft Entra ID Protection: Suspicious API traffic detection for users – This new detection is reported when abnormal Microsoft Graph traffic or directory enumeration is observed by a user. Suspicious API traffic might suggest that a user is compromised and conducting reconnaissance in their environment. Microsoft Entra ID Protection: Risk remediation on the Azure mobile app – Adds remediation capabilities of Microsoft Entra ID Protection which were previously only available in the Microsoft Entra portal to the Azure mobile app. This capability includes comprehensive reporting, offering insights into risky behaviors such as compromised user accounts and suspicious sign-ins, and includes the Risky users and Risky sign-ins report. New public previews Authentication Flows for Conditional Access – Supports the ability to configure CA policies to restrict or block the usage of certain authentication flows. The first iteration of this feature is limited to device code flow and authentication transfer. Conditional Access: Require reauthentication every time - Lets you require users to interactively provide credentials again before accessing critical applications and taking sensitive actions on any resource protected by CA. Workbook for impact analysis of risk-based Conditional Access policies - The Microsoft ID Protection risk analysis workbook helps admins understand what would happen if you create and enable Microsoft Entra ID Protection risk based CA policies in your environment. Workbooks are a collection of information, including queries, tables, and visualizations over a period of time to help you make sense of underlying data from an existing Log Analytics workspace.   Watch the live replay…  

Josh is a Senior Technical Specialist at Microsoft focused on Security in Healthcare and Life Sciences. That's a mouthful, but not at all boring. Stop by live as this discussion could go off the rails. Show Notes/Links: HIMSS - https://hde.himss.org/global-conference March is Women in Cybersecurity month. We have a stacked deck. 2 shows per week: https://securityinsights.substack.com/p/the-microsoft-security-insights-show And then Partner month in April - leading up to RSA in San Francisco - but focused on Copilot for Security. Upcoming Learn Lives with the MSI crew: https://learn.microsoft.com/en-us/shows/learn-live/microsoft-copilot-for-security/   Watch the live replay…  

Stop by and catch up with New Zealander Andre Camillo, Technology Specialist - Security and Compliance at Microsoft. Show Notes/Links: Ninja Training: https://aka.ms/NinjaTraining Microsoft Defender for Cloud Apps webinars: https://learn.microsoft.com/en-us/defender-cloud-apps/webinars Microsoft Defender for Cloud Apps e-books: https://learn.microsoft.com/en-us/defender-cloud-apps/e-books Learn Path - Secure cloud apps using Microsoft Defender for Cloud Apps: https://learn.microsoft.com/en-us/training/paths/m365-cloud-app-security-fundamentals/ Extended Detection and Response (XDR) | Microsoft Security: https://www.microsoft.com/en-us/security/business/solutions/extended-detection-response-xdr Detect and respond to modern attacks with unified SIEM and XDR capabilities: https://mslearn.cloudguides.com/en-us/guides/Investigate%20security%20incidents%20in%20a%20hybrid%20environment%20with%20Azure%20Sentinel William 'Bill' Post, inventor of Pop-Tarts, dies at 96: https://www.nbcnews.com/news/us-news/william-bill-post-inventor-pop-tarts-dies-96-rcna138784 Change the way we do security and the way security gets done.   Watch the live replay…  

Edward and Andrea are in Seattle. Brodie is back from the ski slopes. And Rod - well -- Rod is here, too. No telling what this episode might bring. Heads-up: Unfortunately, someone hit the big red button that stops the live stream, so this episode is quite a bit shorter than normal. However, we covered a LOT of ground in a short period of time. Show Notes/Links: Experts Live Denmark - https://events.justattend.com/events/conference-hub/584b32f5 Microsoft AI Tour - https://envision.microsoft.com Tip from Andrea: WDAT Conditional Access Policy - disable to allow Sentinel to connect to Defender XDR connector over API Microsoft AI Tour deck: Securing Generative AI applications Microsoft Entra Verified ID introduces Face Check in preview - https://www.microsoft.com/en-us/security/blog/2024/02/06/microsoft-entra-verified-id-introduces-face-check-in-preview/ Secure your resources with Microsoft-managed Conditional Access policies - Microsoft Entra ID | Microsoft Learn - https://learn.microsoft.com/en-us/entra/identity/conditional-access/managed-policies Watch the live replay…  

Sarahzin Shane and Andrew McMurray join us this week to talk about all things Microsoft Purview. Show Notes/Links: What is Microsoft Purview: https://learn.microsoft.com/en-us/purview/purview Just in Time for Purview: https://learn.microsoft.com/en-us/purview/endpoint-dlp-using-jit-protection Purview, turn on OCR capabilities: https://learn.microsoft.com/en-us/purview/ocr-learn-about Join the preview for the Cold Data Crawl: https://aka.ms/JoinCCP   Watch the live replay…  

Come meet Purav Desai! Purav talks about M365 Forensics and is the author of the DecipheringUAL Github series. This show, we'll talk about Microsoft Security across Defender, Sentinel and Purview Compliance. Show Notes/Links: DecipheringUAL GitHub Repo: https://github.com/PuravsPoint/DecipheringUAL Purav on LinkedIn: https://www.linkedin.com/in/purav-da346393/ Watch the live replay…  

After a last second cancellation (guests will be rescheduled), join us as we gather together to talk about current events. Show Notes/Links: Microsoft Copilot Pro: https://support.microsoft.com/en-us/copilot-pro Discover, monitor and protect the use of Generative AI apps: https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/discover-monitor-and-protect-the-use-of-generative-ai-apps/ba-p/3999228 Microsoft AI Tour: https://envision.microsoft.com Microsoft is named a Leader in the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms: https://www.microsoft.com/en-us/security/blog/2024/01/12/microsoft-is-named-a-leader-in-the-2023-gartner-magic-quadrant-for-endpoint-protection-platforms/   Watch the live replay…  

This episode we invite Steven Hosking, Senior Product Manager at Microsoft, to discuss using Intune to deliver the secure network configuration to client devices. Show Links/Notes:   Watch the live replay…    

After a week off during the 2023 holiday season, the crew is back to catch up and discuss what's on tap for 2024. Show Notes/Links: Must Learn AI Security: aka.ms/MustLearnAISecurity Must Learn Quantum Security: aka.ms/MustLearnQuantumSecurity   Watch the live video replay…  

In our annual holiday episode, we've invited a few guests back from the past year to help share in the holiday spirit.   Show Notes/Links: KQL Mysteries: https://aka.ms/KQLMysteries Conquest Cyber: https://conquestcyber.com BlueVoyant: https://bluevoyant.com Eric Mannon's Defender for Cloud Quickstart (GitHub): github.com/msdirtbag Catch the live stream replay…  

Stop by and hear from Kijo Girardi on advanced threat hunting techniques using KQL. Show Notes/Links: SC-200 Microsoft Security Operations Analyst blueprint survey link: https://microsoftlearning.co1.qualtrics.com/jfe/form/SV_d9Z64dYi2oVFjWS Kijo's GitHub repo: https://github.com/LearningKijo Must Learn KQL: https://aka.ms/MustLearnKQL SANS Kusto Detective: https://detective.kusto.io/sans2023 KQL Search: https://www.kqlsearch.com/ KC7: https://kc7cyber.com/ The CentOS Project: https://www.centos.org/   Watch the video replay…  

Brian Hooper and Phoebe Rogers stop by to talk about "A Day in the life of a Defender Experts for XDR analyst." Show Notes/Links: Microsoft Defender Experts: https://learn.microsoft.com/en-us/microsoft-365/security/defender/defender-experts-for-hunting?view=o365-worldwide Watch the live replay…  

We're here, we're clear, and we're talking security - and Edward's trip to Morrocco. Show Notes/Links: Must Learn AI Security book on Amazon: https://amzn.to/47BkSEj The Definitive Guide to KQL from MS Press: https://amzn.to/49WHEIp Connect Microsoft Sentinel to Microsoft Defender XDR (preview): https://learn.microsoft.com/en-us/microsoft-365/security/defender/microsoft-sentinel-onboard?view=o365-worldwide New Blogs section on site - Substack: https://securityinsights.substack.com/t/blogs Catch the live replay to see the demos and photos…    

Brodie has something planned and he won't tell us what it is. Are you as curious as we are? Show Notes/Links: Microsoft Ignite Books of News: https://aka.ms/book-of-news Andrea's blog post - Using KQL in a Playbook for Sentinel: https://securityinsights.substack.com/p/using-kql-in-a-playbook-for-sentinel KQL Mysteries: https://aka.ms/KQLMysteries The Definitive Guide to KQL: Using Kusto Query Language for Operations, Defending, and Threat Hunting KQL: https://amzn.to/3uzi3Vz After the Blog Episode 6: Security Copilot at Microsoft Ignite 2023: https://rodtrent.substack.com/p/episode-6-security-copilot-at-microsoft#details   For the on-screen visuals, catch the live replay…    

It's Microsoft Ignite week! Edward and Rod are onsite in Redmond and Seattle and ready to report and discuss all the goodness. Hey…and Brodie is back! Show Notes/Links: Watch the keynotes and get all the latest photos, videos and more from Microsoft Ignite The online event for Microsoft Ignite Microsoft Ignite Book of News Watch the live replay…  

Fan favorite, Senior Product Manager for Sentinel, and avid live audience member, Gary Bushey, returns to the show to talk about a new tool he's developed to provide a way to document a Microsoft Sentinel environment. Oh…and with Brodie, Andrea, and Rod on the lam, who will host this week? Thank heavens for Beth Bischoff! Show Notes/Links: Gary's blog: https://garybushey.com/ Create a Word document that describes your Microsoft Sentinel environment Book on programming Microsoft Sentinel Catch the live replay…  

This episode we all try to congregate back together before a busy few weeks of travel and holiday festivities. Catch the live event replay...  

Join us this episode as Nathalia Borges and Tina Romeo guest to help celebrate 20 years of Cybersecurity Awareness Month! Show Notes/Links Microsoft Cybersecurity Awareness Website: https://aka.ms/cybersecurity-awareness Security Insider: https://www.microsoft.com/en-us/security/business/security-insider/ Further reading on the some of the cybersecurity awareness initiatives Tina and Nathalia are driving at Microsoft: https://www.microsoft.com/en-us/security/blog/2023/10/02/celebrate-20-years-of-cybersecurity-awareness-month-with-microsoft-and-lets-secure-our-world-together/   Catch the live video replay Subscribe to our YouTube channel: https://www.youtube.com/@microsoftsecurityinsights

Stop by this episode to hear from Joel Platek, Compromise Recovery Cybersecurity Consultant. Joel is a cybersecurity professional focused on Identity and Data Security! He deals with incidents and recovery from customers that have been completely breached with stories you've read about in the news. Joel's YouTube channel, IT Candor: https://www.youtube.com/@it-candor Watch the live video replay…  

Security Global Black Belt Beth Bischoff joins us to talk about technical certifications. Beth tells us about her latest SANS certification, and we'll discuss the value of certs. Do you love them? Hate them? Need them for your job? This episode is affectionately what we'll forever refer to as the Cliffhanger episode. Show Notes/Links Sans Sec540: https://www.sans.org/cyber-security-courses/cloud-security-devsecops-automation/ Security Copilot Docs: https://aka.ms/SecurityCopilotDocs MMS Miami: https://mmsmoa.com/registration/2023-miami.html Microsoft Ignite: https://ignite.microsoft.com/home Beth before Microsoft at CDW: Catch the live video replay…  

This week is a not miss episode as we sit down with Sameh Younis, Senior Security Solutions Architect at Microsoft, to talk about how to use a bit of creativity to make Microsoft's security portfolio easy to understand using graphics. Show Links/Notes: Follow Sameh Younis on LinkedIn: https://www.linkedin.com/in/samehyounis/   This is a graphic-heavy episode. Catch the live replay…  

This episode… Our original guest had fallen ill (and has already been rescheduled for October 11th) and Brodie couldn't find a restroom, so Edward, Andrea, and Rod spent the time hitting a wide range of topic hotspots including: Microsoft Ignite is almost sold out. (register quickly!) Andrea reached her 10-year milestone and has the award to prove it. Microsoft Defender Experts - the Steve Lee show had the biggest traffic yet! The best movies of the week are… Triumph the insult dog Tom Cruise celebrates his 110th birthday Security cocktails Trying to be nice Purview is important Microsoft cert renewals Matt Soseman   Notes/Links: Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK Evaluations: Enterprise https://www.microsoft.com/en-us/security/blog/2023/09/20/microsoft-365-defender-demonstrates-100-percent-protection-coverage-in-the-2023-mitre-engenuity-attck-evaluations-enterprise/ Using Kali Linux and Hydra for Attack Testing and Alert Generation https://rodtrent.substack.com/p/using-kali-linux-and-hydra-for-attack A day in the life of a Defender Experts for XDR analyst https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-day-in-the-life-of-a-defender-experts-for-xdr-analyst/ba-p/3932140 Jean Claude Van Damme in Kickboxer https://www.imdb.com/title/tt0097659/   The full experience replay…  

Join us this episode as we welcome Rod's teammate and security extraordinaire, Sarah Young. Sarah recently spent time attending and participating at Blackhat and Defcon in Las Vegas. With Microsoft proposing a bigger presence there next year, hear about the value of attending. Show Notes/Links: Sarah Young LinkedIn: https://www.linkedin.com/in/sarahyo16/ Bsides link: http://www.securitybsides.com/w/page/12194156/FrontPage BlackHat: https://www.blackhat.com/ Defcon: https://defcon.org/ KQL Hat: https://must-learn-kql.creator-spring.com/listing/keep-on-kqlin-trucker-s-hat?product=2172&variation=106057&size=7042 Catch the live experience replay…  

This episode we've invited Steve Lee, Product Manager - Customer Experience Engineering (CxE), Security at Microsoft - to chat about the Defender Experts service. This is a relatively new offering, but there's already been lots of excitement about it. Show Notes/Links: Steve Lee on LinkedIn: https://www.linkedin.com/in/steve-lee/ Microsoft Defender Experts for XDR aka.msDefenderExpertsforXDR ​Defender Experts for Hunting and Defender Experts for mXDR: https://www.microsoft.com/en-us/security/blog/2023/07/24/microsoft-defender-experts-for-xdr-helps-triage-investigate-and-respond-to-cyberthreats/ Endpoint Attack Notifications: https://learn.microsoft.com/en-au/microsoft-365/security/defender-endpoint/endpoint-attack-notifications?view=o365-worldwide   Catch the full live experience below. (and subscribe to our channel!)  

Stop by this episode to see and hear what Angelica Faber, Security Architect at Microsoft, has been working on. Angelica has produced some great content and guidance using Azure OpenAI with Microsoft Sentinel to provide better efficiency and deeper knowledge for Security Operations teams. Show Notes/Links: Angelica's blog: https://myfabersecurity.com/ Angelica on LinkedIn: https://www.linkedin.com/in/angelica-faber/ Rubrick: https://www.rubrik.com/ Microsoft Envision The Tour: https://envision.microsoft.com/ Microsoft Sentinel Triage AssistanT (STAT): https://github.com/briandelmsft/SentinelAutomationModules This is a demo-heavy episode. Catch the full experience with the live show video replay…  

Join us this week as we talk with Merill Fernando, Principal Product Manager about all things Microsoft Entra. There's been lots of news and announcement recently. In this episode, Merill will attempt to explain them all. And maybe we can get his take on the rebranding of AAD. Show Notes/Links: Entra.News - Your weekly dose of Microsoft Entra Entra.News - Your weekly dose of Microsoft Entra Entra.News is a weekly newsletter of the latest Microsoft Entra related news, blog posts and videos from Microsoft, MVPs and infosec experts, curated by Merill Fernando. To feature your content on Entra.News tag with #entra or mail hey@entra.news By Merill Fernando Merill's blog: https://merill.net Identity Blog: https://aka.ms/IdentityBlog Microsoft Entra Family: https://www.microsoft.com/en-us/security/business/microsoft-entra Microsoft Entra delivers 240 percent ROI, according to new Forrester study: https://www.microsoft.com/en-us/security/blog/2023/04/20/microsoft-entra-delivers-240-percent-roi-according-to-new-forrester-study/ Entra Learn Paths: https://learn.microsoft.com/en-us/training/browse/?products=entra Microsoft Certified: Identity and Access Administrator Associate - SC-300: https://learn.microsoft.com/en-us/certifications/identity-and-access-administrator/ Azure AD is now Microsoft Entra ID: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-is-becoming-microsoft-entra-id/ba-p/2520436 Conditional Access for Protected Actions is Now Generally Available: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/conditional-access-for-protected-actions-is-now-generally/ba-p/3888723 Navigating Microsoft Security & Compliance Products: Skill Map - A Guided Journey for Experts and Beginners Alike: https://www.linkedin.com/posts/samehyounis_microsoftsecurity-cybersecurityskills-navigateyourgrowth-activity-7097185759572480000-VcUS/ Security 101: https://www.microsoft.com/en-us/security/business/security-101 Open book Microsoft certification exams: https://techcommunity.microsoft.com/t5/microsoft-learn-blog/introducing-a-new-resource-for-all-role-based-microsoft/ba-p/3500870   Catch the full experience with the live show video replay…              

Join us this week as we dig into some of the burning Microsoft Security topics of the day and listen to hear how many times the term 'AI' is used. Show Notes/Links: Microsoft Entra Management and Security Tools: https://www.cloud-architekt.net/links/ How to Setup User Risk Reports to Email in Microsoft Entra: https://ourcloudnetwork.com/how-to-setup-user-risk-reports-to-email-in-microsoft-entra/ Microsoft Defender for Identity expands its coverage with new AD CS sensor! https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/microsoft-defender-for-identity-expands-its-coverage-with-new-ad/ba-p/3894215 AZ Mask Plugin for Masking: https://chrome.google.com/webstore/detail/az-mask/amobeamdmdnloajcaiomgegpakjdiacm I AM AI Merch: https://must-learn-kql.creator-spring.com/listing/get-i-am-ai After the Blog Episode 2: https://rodtrent.substack.com/p/episode-2-azure-openai-content-filtering#details Catch the full experience with the live show video replay…  

It's been a long, long while since we've not had a guest on the show. But there's been lots and lots of news, thoughts, and discussions we've wanted to catch you all up on. This is the episode for all of that! Come join us as we dig deep into the burning horizons of security at Microsoft. We live for audience questions! Show Notes and Links Azure Stack Sentinel Support - November 13, 2019: https://techcommunity.microsoft.com/t5/azure-stack-blog/the-latest-security-enhancements-for-azure-stack-hub/ba-p/1006241 Help Protect your Exchange Environment With Microsoft Sentinel - https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/help-protect-your-exchange-environment-with-microsoft-sentinel/ba-p/3872527 Last time we had a show without a guest - February 6, 2023 - https://microsoftsecurityinsights.com/microsoft-security-insights-show-episode-138-just-us-probably KQL Datasets for Azure OpenAI Bot: https://github.com/rod-trent/OpenAISecurity/tree/main/Datasets Must Learn AI Security series: https://aka.ms/MustLearnAISecurity   Catch the full experience with the live show video replay…  

Join us as we discuss what was important enough for Matt Soseman to leave 11 years at Microsoft to join The Partner Masters as their CTO & Co-Founder. If you're a Microsoft partner struggling to take advantage of all that partnership has to offer or don't believe that your org is getting the best value, this episode will awaken you to the benefits of a managed partnership. Show Notes/Links: Must Learn AI Security: https://aka.ms/MustLearnAISecurity The Partner Masters website: https://thepartnermasters.com/ Matt Soseman LinkedIn: https://www.linkedin.com/in/mattsoseman/ There were no demos this episode, but make sure to catch the full experience with the live show video replay…    

Welcome back Chris Stelzer! Chris was on the show recently but is back to show us how he's architected ChatGPT into SOC operations with Microsoft Sentinel. Now that ChatGPT has been updated with many new features - including functions - don't miss this live! Lots of demos. Show Notes/Links: WSUS News: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/importing-updates-into-wsus-is-changing/ba-p/3882937 Microsoft Security Insights Show Episode 136 - Chris Stelzer, Senior TS at Microsoft: https://microsoftsecurityinsights.com/microsoft-security-insights-show-episode-136-chris-stelzer-senior-ts-at-microsoft Episode 127: Microsoft Sentinel StaT with Mike Palitto and Andrea Fisher https://microsoftsecurityinsights.com/episode-127-microsoft-sentinel-stat-with-mike-palitto-and-andrea-fisher Chris' Postman page: https://www.postman.com/scstelz There's LOTS of demos this episode, so make sure to catch the live show video replay…   Live show video replay: https://www.youtube.com/live/_JHXnkKcfq4?feature=share Want to watch the live show? You can always go back and watch this episode and others on our YouTube channel. Subscribe today!

What a unique and valuable time. We chat with Philippe Humeau, the CEO and co-founder of CrowdSec (crowdsec.net). CrowdSec is an open-source & collaborative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks. The game-changer is that the solution also enables users to protect each other. Each time an IP is blocked, all community members are informed so they can also block it. That way, they are generating a real-time crowdsourced CTI database. We'll be working together to create an integration with Microsoft Sentinel. Stay tuned for a future update. Show Notes/Links: CrowdSec Basic Steps to Create Your Own Simple Copilot Bing Chat Enterprise, your AI-powered chat for work, available in Microsoft Edge sidebar Microsoft adds a 'Security Copilot' to its AI assistant line-up Microsoft puts a price tag on its AI "copilots" for business Want to watch the live show? You can always go back and watch this episode and others on our YouTube channel. Subscribe today!

Join us this episode as we cover the burning, audience requested topic of Cybersecurity Insurance. John O'Neill, Sr. CIO at MFG is an expert in this area and speaks about it regularly at conferences and in webinars. Show links Azure AD is Becoming Microsoft Entra ID - Microsoft Community Hub Microsoft Entra Internet Access Preview Microsoft Incident Response  

Join the crew as we chat with Morten Waltorp Knudsen, the hardest working Microsoft MVP around about some solutions he's developed. In this episode, we get a couple extra wonderful surprise in Nick Kiest, the PM for Data Collection Rules (DCRs), and Niclas Madson, Microsoft Community Connection Program Blackbelt! Show Links: AzLogDcrIngestPS PowerShell Module on GitHub: https://github.com/KnudsenMorten/AzLogDcrIngestPS Module in the PowerShell gallery: https://www.powershellgallery.com/packages/AzLogDcrIngestPS/1.4.1 Master Azure Logging in depth: https://mortenknudsen.net/?p=1687 Set up resources required to send data to Azure Monitor Logs using the Logs Ingestion API: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/set-up-logs-ingestion-api-prerequisites Migrate from the HTTP Data Collector API to the Log Ingestion API to send data to Azure Monitor Logs: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/custom-logs-migrate Join the Custom Connection Program: https://aka.ms/JoinCCP

This week we talk with Grant Thornton's National Cybersecurity Leader Peter Morin about the differences between IT and OT (the Hatfield's and the McCoys) and securing critical scale operations for manufacturing, energy, and the like. What a most interesting discussion! And of course, there were first-ever announcements. There are always announcements.   Show links: PSA: Migrate from the Threat Intelligence Platform Connector to the Threat Intelligence Solution in Microsoft Sentinel KQL Queries Behind the Microsoft Sentinel Overview Page Grant Thornton

In this episode, we catch up with friend of the show, Rin Ure, about his new role at Microsoft and how he sees AI changing the way SOCs operate. Rin runs the Cyber Defense Operations Center One Cloud SOC Triage and Analysis team in the US. They are the team that handles the triage and analysis SOC requests for Microsoft, it's services and for their Cloud and AI customers. Show Links: Weekly OpenAI Newsletter: https://rodtrent.com/jtl Azure OpenAI community on LinkedIn: https://rodtrent.com/65g Microsoft Cyber Defense Operations Center (CDOC): https://rodtrent.com/594 Microsoft Security Copilot: https://rodtrent.com/6pt Microsoft Corporate, External, and Legal Affairs (CELA): https://rodtrent.com/hdy Pluralsight AI learning: https://rodtrent.com/3i5 SANS (SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals): https://rodtrent.com/1i3 Microsoft Security Insights Discord Server: https://discord.gg/2ktJHTrSAt    

Join us as we endeavor to tap into Yuri Diogenes' vast knowledge and expertise in navigating the landscape of building a career in cybersecurity. Show links: Microsoft Defender in the Field all episodes: https://aka.ms/MDFCInTheField Yuri's Overcome podcast: http://overcomepodcast.us/ Defender for Cloud labs: https://aka.ms/MDCLabs Cloud Security Posture Management (CSPM): https://rodtrent.com/8o3 Cloud Security Customer Connection Program (CCP): https://www.aka.ms/prseccom Overview of Defender for DevOps: https://rodtrent.com/738 About Microsoft Defender for APIs: https://rodtrent.com/7jh What's new in Microsoft Defender for Cloud: https://rodtrent.com/gv2 RSS feed for Defender for Cloud What's New: https://aka.ms/mdc/rss Entra integration with Defender for Cloud: https://youtu.be/dasixjOOldk