POPULARITY
In episode 243 of our SAP on Azure video podcast we talk about SAP LogServ and Microsoft Sentinel!I am just returning from Sapphire in Orlando and among a lot of AI related discussions, the topic of Security was also top of mind. Several RISE customers actually approached me and asked about the SAP LogServ integration with Microsoft Sentinel. It looks like the latest release from SAP and Microsoft adressed something, that is quite top of mind for customers at the moment. To give us more insights, on what this LogServ and Sentinel integraiton is and how you can benefit from it, I am happy to have Hemanth from SAP, and Martin and Bastian with us today. Find all the links mentioned here: https://www.saponazurepodcast.de/episode243Reach out to us for any feedback / questions:* Robert Boban: https://www.linkedin.com/in/rboban/* Goran Condric: https://www.linkedin.com/in/gorancondric/* Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #RISE #Security #LogServ #Sentinel
Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM FULL SHOW NOTES https://www.microsoftinnovationpodcast.com/691 What happens when cybercrime becomes as organized—and profitable—as a Fortune 500 company? In this episode, Louis Arthur-Brown, a cybersecurity leader and solutions partner at CodeStone, pulls back the curtain on the evolving threat landscape. From ransomware-as-a-service to deepfake deception, Louis shares real-world insights and practical strategies for defending your organization in an AI-accelerated world. Whether you're a tech leader or a curious professional, this conversation will sharpen your security instincts and help you build resilience where it matters most. KEY TAKEAWAYS Cybercrime is industrialized: Ransomware-as-a-service and affiliate models make it easy for anyone—even non-technical actors—to launch attacks for as little as $50. AI is amplifying threats: A 1,300% rise in phishing emails last year is just the beginning. Deepfakes and voice cloning are reshaping social engineering tactics. MFA and basic hygiene go a long way: Implementing multi-factor authentication and conditional access can block up to 92% of cyberattacks. Zero Trust is essential: Organizations must move beyond the “walled garden” mindset and adopt a “never trust, always verify” approach to access and data. Data strategy is security strategy: Tools like Microsoft Purview and Windows 365 help classify, protect, and monitor sensitive data—especially in AI-enabled environments. RESOURCES MENTIONED
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the new security features of Windows 11, focusing on Administrator Protection and its implications for user privilege management. They also explore the advancements in Microsoft Sentinel, particularly the introduction of multi-tenancy and workspace management, which enhances security operations for organizations with multiple tenants. The discussion emphasizes the importance of these features in improving security and operational efficiency.----------------------------------------------------YouTube Video Link: https://youtu.be/n4IsSrLmPPc----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/windows-itpro-blog/administrator-protection-on-windows-11/4303482https://techcommunity.microsoft.com/blog/microsoftsentinelblog/whats-new-multi-tenancy-in-the-unified-security-operations-platform-experience-i/4225658https://techcommunity.microsoft.com/blog/microsoftsentinelblog/multi-workspace-for-multi-tenant-is-now-in-public-preview-in-microsofts-unified-/4398229https://learn.microsoft.com/en-us/unified-secops-platform/mto-overview----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
Storage often sits in the background of cybersecurity conversations—but not at Infinidat. In this episode, Eric Herzog, Chief Marketing Officer of Infinidat, joins Sean Martin to challenge the notion that storage is simply infrastructure. With decades of experience at IBM and EMC before joining Infinidat, Herzog explains why storage needs to be both operationally efficient and cyber-aware.Cyber Resilience, Not Just StorageAccording to Herzog, today's enterprise buyers—especially those in the Global Fortune 2000—aren't just asking how to store data. They're asking how to protect it when things go wrong. That's why Infinidat integrates automated cyber protection directly into its storage platforms, working with tools like Splunk, Microsoft Sentinel, and IBM QRadar. The goal: remove the silos between infrastructure and cybersecurity teams and eliminate the need for manual intervention during an attack or compromise.Built-In Defense and Blazing-Fast RecoveryThe integration isn't cosmetic. Infinidat offers immutable snapshots, forensic environments, and logical air gaps as part of its storage operating system—no additional hardware or third-party tools required. When a threat is detected, the system can automatically trigger actions and even guarantee data recovery in under one minute for primary storage and under 20 minutes for backups—regardless of the dataset size. And yes, those guarantees are provided in writing.Real-World Scenarios, Real Business OutcomesHerzog shares examples from finance, healthcare, and manufacturing customers—one of which performs immutable snapshots every 15 minutes and scans data twice a week to proactively detect threats. Another customer reduced from 288 all-flash storage floor tiles to just 61 with Infinidat, freeing up 11 storage admins to address other business needs—not to cut staff, but to solve the IT skills shortage in more strategic ways.Simplified Operations, Smarter SecurityThe message is clear: storage can't be an afterthought in enterprise cybersecurity strategies. Infinidat is proving that security features need to be embedded, not bolted on—and that automation, integration, and performance can all coexist. For organizations juggling compliance requirements, sprawling infrastructure, and lean security teams, this approach delivers both peace of mind and measurable business value.Learn more about Infinidat: https://itspm.ag/infini3o5dNote: This story contains promotional content. Learn more.Guest: Eric Herzog, Chief Marketing Officer, Infinidat | https://www.linkedin.com/in/erherzog/ResourcesLearn more and catch more stories from Infinidat: https://www.itspmagazine.com/directory/infinidatLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, eric herzog, storage, cybersecurity, automation, resilience, ransomware, recovery, enterprise, soc, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Bentornati e bentornate su Azure Italia Podcast, il primo podcast in italiano su Microsoft Azure!Per non perderti nessun nuovo episodio clicca sul tasto FOLLOW del tuo player
Welcome to 2025. Thanks so much for listening. A couple of 'summary' or 'annual' blog posts that are worth taking a look at. I also do some annual posts on my blog around what I used over the previous year if you wanted to know. I also share how I capture and work with information on a daily and the tools I use to achieve this. Let me know what works for you. Brought to you by www.ciaopspatron.com Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS The transition to the new Outlook will begin on January 1, 2025 Action Pack goes away Microsoft OneNote, a year in review: AI innovation and enhanced creativity Build custom email security reports and dashboards with workbooks in Microsoft Sentinel 6 AI trends you'll see more of in 2025 CES 2025: The year of the Windows 11 PC refresh SharePoint Roadmap Pitstop December 2024 Microsoft Entra: Top 50 features of 2024 Get ready for the new year with Microsoft 365 Pocket CIAOPS OneNote Daybook template
Streamline threat detection and response across diverse environments with Microsoft Sentinel, your cloud-native SIEM solution. With features like Auxiliary logs for low-cost storage and proactive data optimization recommendations, you can efficiently manage high volumes of security data without compromising on threat intelligence. Leverage built-in AI and automation to uncover hidden threats and reduce investigation time from days to minutes. Rob Lefferts, CVP for Security Solutions at Microsoft, joins Jeremy Chapman to show how to migrate from existing SIEM solutions with built-in migration tools, ensuring seamless access to your security logs while maintaining investigative integrity. ► QUICK LINKS: 00:00 - Microsoft Sentinel, modern Cloud SIEM 01:12 - Unified security operations platform 02:55 - Prioritize security updates 04:27 - Storage options 05:11 - Optimize data coverage and usage 06:17 - Protect against long-term persistent attacks 07:58 - Automation using auxiliary logs 08:59 - Manual effort 10:10 - Automation 12:07 - Migration 13:31 - Wrap up ► Link References Get started at https://aka.ms/MicrosoftSentinel Find samples for the Playbook Logic App and the Function app at https://aka.ms/AuxLogsTIapp ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Prevent attackers from stealing your identity and data by protecting your tokens. In single sign-on systems like SAML and OAUTH, tokens are how services know who you are and what you can do. When you sign in to your machine with your Microsoft Entra ID account, you are getting a session token you can use to access things like your email, teams and other apps. Check out new capabilities like Credential Guard in Windows enforced by device policies in Intune, Token Protection enforcement in Microsoft Entra, and Token theft detections in Microsoft Sentinel and Defender XDR. Alex Weinert, from the Microsoft Entra team, explains what tokens are, how token theft works, and how to defend yourself from these attacks. ► QUICK LINKS: 00:00 - Token theft attacks 01:39 - Token basics 02:59 - Token theft demo 03:41 - How to use token protection 05:22 - Additional Token theft defenses 06:25 - How to detect and shut down attacks 08:01 - Wrap up ► Link References Get started at https://aka.ms/TokenTheftDefense ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Check out Microsoft 365 Copilot Wave Two updates, featuring Business Chat and the new Copilot Pages for enhanced collaboration, advancements in Excel data analysis, AI-driven file comparisons in OneDrive, and easy-to-create Copilot agents for automating business processes. If you are in IT, we'll show you improved integrations with our security and compliance stack. Mary Pasch, Principal Product Manager, joins Jeremy Chapman to walk through the updates, including what it means for Microsoft 365 admins. ► QUICK LINKS: 00:00 - Microsoft 365 Copilot Wave Two 00:45 - How Copilot is evolving 01:32 - BizChat and Copilot Pages 02:58 - Copilot in Excel 04:41 - Copilot using Python in Excel 06:05 - Compare and contrast documents 07:18 - Create Copilot agents from BizChat 08:44 - Create Copilot agents from SharePoint 10:12 - .copilot files 10:44 - Enterprise-grade data protection 13:54 - Wrap up ► Link References Check out new Copilot experiences at https://aka.ms/CopilotWave2 Access advanced enterprise data protections at http://microsoft.com/copilot ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Welcome to Episode 385 of the Microsoft Cloud IT Pro Podcast. In this episode, we dive into deploying, managing, and optimizing Microsoft's leading cloud-native SIEM (Security Information and Event Management) solution. Whether you're new to Microsoft Sentinel or looking to deepen your expertise, this episode is packed with actionable insights to help you secure your Azure environment effectively. Like what you hear and want to support the show? Check out our membership options. Show Notes What is Microsoft Sentinel? Deployment guide for Microsoft Sentinel Plan costs and understand Microsoft Sentinel pricing and billing Log retention plans in Microsoft Sentinel Prepare for multiple workspaces and tenants in Microsoft Sentinel Centrally manage multiple Microsoft Sentinel workspaces with workspace manager (Preview) Sentinel Content Packs Free data sources Automate threat response with playbooks in Microsoft Sentinel About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!
In episode 208 of our SAP on Azure video podcast we talk about security!Sentinel for SAP has been around for quite some time now. It is even certified for RISE with SAP and we see a lot of interest by customers in the additional protection that Sentinel can provide for their SAP system. Speaking of SAP Systems - a lot of customers are using the SAP Business Technology Platform, to leverage Integration Suite, SAP Fiori or SAP Build services and of course also AI core services. Just a few weeks back the Microsoft Sentinel for SAP BTP solution went also General Availability, which means that now you can also detect attacks on BTP with Sentinel. To help us understand more about the features I am happy to have Will King, Yossi Hasson and Martin Pankraz with us today. Find all the links mentioned here: https://www.saponazurepodcast.de/episode208Reach out to us for any feedback / questions:* Robert Boban: https://www.linkedin.com/in/rboban/* Goran Condric: https://www.linkedin.com/in/gorancondric/* Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #Sentinel #BTP #SAPBTP #Security
In this episode of the InfosecTrain podcast, we explore Microsoft Sentinel, a powerful cloud-native security information and event management (SIEM) solution. Learn about the key capabilities that make Microsoft Sentinel a go-to tool for threat detection, investigation, and response. Our experts will walk you through real-world use cases, showcasing how organizations use Sentinel to streamline security operations, automate incident response, and enhance overall threat management. Whether you're a security analyst, IT professional, or just interested in Microsoft Sentinel, this episode provides valuable insights into how Sentinel can transform your security infrastructure and help you stay ahead of cyber threats. Tune in to discover the use cases and capabilities that make Microsoft Sentinel an essential tool for modern security operations!
Implementing an effective Security Information and Event Management (SIEM) system is essential for securing your organization's digital infrastructure. Microsoft Sentinel is a cloud-native SIEM solution that provides organizations with sophisticated security analytics and threat intelligence to help them detect, investigate, and respond to threats more efficiently.
We haven't talked about Microsoft Sentinel in a while. This week, we take a look at auxiliary logs - a new capability that Sentinel benefits from. What is it, and why and when should you use it? Also, Jussi asks Tobi an unexpected question.(00:00) - Intro and catching up.(03:27) - Show content starts.Show links- Setting up auxiliary plan- Create a destination table using the API- Give us feedback!
Welcome to the ultimate guide to Microsoft Sentinel by Infosectran! Explore #MicrosoftSentinel from #beginner to #intermediatelevels with comprehensive topics including out-of-the-box connectors, data fetching, analysis, threat hunting, and more, led by our Microsoft certified expert Rishabh Kotiyal
Microsoft Sentinel is a full cloud-native Security Information and Event Management (SIEM) system that runs in the cloud and allows organizations to find, investigate, and react to security threats in real time. As cybersecurity threats continue to change and become more complex, companies and institutions need strong solutions to protect their valuable data and infrastructure. Microsoft Sentinel offers a powerful and scalable platform that combines Artificial Intelligence (AI) and Machine Learning (ML) capabilities with built-in security analytics to provide proactive threat detection and response. Key Components of Microsoft Sentinel The key components of Microsoft Sentinel include: View More: Key Components of Microsoft Sentinel
Have you rolled out Microsoft Defender for Cloud? Richard chats with Yuri Diogenes about the bundle of tools under the Defender for Cloud moniker. Yuri describes Defender for Cloud as a Cloud-Native Application Protection Platform (CNAPP). This Gartner term covers the various elements that go into a cloud-native application, including APIs, servers, containers, storage, resource manager, and more! Defender for Cloud integrates with Microsoft Purview to understand data sensitivity, and Microsoft Sentinel helps detect breaches or data misuse. It also offers attack path analysis and remediation so you can get ahead of the attackers to close off potential breach risks before they happen! Check the links in the show notes for great resources, including an ebook on CNAPP strategy!LinksDefender for CloudOWASP Top 10 API Security RisksDefender for APIsMicrosoft SentinelData Security DashboardAttack PathsMicrosoft PurviewCloud Security Posture ManagementMicrosoft Copilot for SecuritySecurity Remediation with GovernanceDefender for Cloud ServiceNow IntegrationCNAPP Strategy EbookRecorded May 13, 2024
Episode Highlights: Introduction (0:00) - Hosts: Joe Stocker and Larry Lishey - Larry's new role as a SOC Analyst Larry's Journey to Cybersecurity (0:38) - Transition from warehouse management to cybersecurity - Motivations and inspirations (1:06) - Role of formal education and certifications (4:22) - Key learning experiences and helpful resources Day-to-Day as a SOC Analyst (2:23) - Typical daily tasks and responsibilities - Working with Microsoft Sentinel and other security tools (3:23) - The importance of thorough incident investigation Challenges and Rewards (10:00) - Initial challenges and overcoming nerves - The pressure and importance of accurate incident triage (11:06) - Rewarding aspects: customer satisfaction and team support (21:26) Mentorship and Team Dynamics (12:07) - The role of mentors in Larry's growth - Advice for new SOC analysts: ask questions, find a mentor - Team structure and dynamics within the SOC (19:08) Professional Growth and Skills Development (13:36) - Key skills and knowledge areas developed over 12 months - Specific incident analysis and forensics experiences (14:32) - Learning and growth through practical experiences and mentorship Career Transition and Personal Impact (18:52) - Life changes from the career transition - Balancing work and personal life, including gym routines (29:55) - Benefits of remote work and its dynamics Podcast Experiences (31:41) - Notable guests and influential conversations (31:57) - Favorite moments and topics covered (32:57) - Future aspirations for the podcast: more day-to-day SOC operations, specific scenarios AI and Cybersecurity (34:45) - Joe's thoughts on AI's impact on cybersecurity - Microsoft's Copilot for Security (34:56) - Broader societal implications of AI, including deep fakes and cybercrime Conclusion (39:48) - Final thoughts and encouragement for listeners - Invitation to connect and learn more about the field Resources: - KC7 Cybersecurity Game: https://kc7cyber.com/ - Education and certification programs https://www.mycomputercareer.edu/ - Connect with Larry on LinkedIn https://www.linkedin.com/in/lawrence-lishey-30942020/
Microsoft has recently been criticized for not prioritizing security enough. Following the CSRB's Report on the Storm-0558 attack, Microsoft announced that security is now a top priority, with a commitment to address security issues before new product innovations. In this podcast episode, Andy and Paul Schnackenburg discuss the blog post which analyzes the Secure Future Initiative and its advancements. The conversation brings up the burning question: Was it the Cyber Safety Review Board (CSRB) that catalyzed Microsoft's proactive stance on security? Key takeaways: Microsoft is taking proactive steps to address security vulnerabilities and enhance its security measures following recent incidents. The focus on protecting identities, enforcing multi-factor authentication, and improving network segmentation are crucial for bolstering security. Efforts to align security actions with recommendations from the CSRB demonstrate a commitment to addressing criticisms directly. Timestamps: (06:52) Key Insights from Charlie Bell's Blog Post Addressing Cyber Security Concerns (11:22) Enhancing Security Measures in Response to the CSRB's Report (21:22) Top Security Practices for Protecting Tenants and Production Systems (24:46) Enhancing Cloud Security with Micro Segmentation and Software Supply Chain Protection (30:44) Challenges and Considerations in Cloud Security Logging and Storage (34:37) Enhancing Cloud Security with Microsoft Sentinel and Vulnerability Reporting (37:37) Unveiling Common Vulnerabilities and the Importance of Secure Authentication in Cloud Environments (42:34) Analyzing Microsoft's Response to a Security Incident Episode Resources: The Blog Post from Charlie Bell EP39: Are Passkeys the Future of Authentication? Subcribe to our new YouTube Channel for more
Host(s):John Papa @John_PapaWard Bell @WardBellCraig Shoemaker @craigshoemakerGuest:Anthony Bartolo LinkedInRecording date: April 25, 2024Brought to you byAG GridIdeaBladeResources:Episode 274: What Developers Need To Know About Generative AI | Web RushGitHub Advanced SecurityAbout GitHub Advanced SecurityMicrosoft Copilot for SecurityWhat Developers Need to Know About Generative AIDo Roller Coasters Need CybersecurityAutomated Threat AnalysisMicrosoft Defender for CloudMicrosoft Copilot for SecurityWhat is IoTPhi-3 - redefining what's possible with SLMsDifference between SLM and LLMTimejumps01:04 Introducing Anthony Bartolo06:44 Sponsor: Ag Grid07:51 How should developer think about security and AI?16:57 Are these like linting tools for security?20:27 What's the difference between CoPilot for Security and Microsoft Sentinel?28:22 What's the difference between ChatGPT and GitHub CoPilot?33:46 Sponsor: IdeaBlade34:49 How do I keep my source code safe from AI vulnerability?39:20 Final thoughtsPodcast editing on this episode done by Chris Enns of Lemon Productions.
In this week's episode, we look at recent Azure updates. What's new? What's interesting? What's retiring? We found updates for Azure AI, Microsoft Sentinel, and Azure Advisors, and many others. Also, Jussi asks Tobi an unexpected question.(00:00) - Intro and catching up.(02:48) - Show content starts.Show links- Virtual network flow logs- Azure Classic networking services retirement- New Azure OpenAI and AI Search connectors for Logic Apps- Azure AI Search changes- Windows Server 2025 & Windows Server Insider Program- Get end-to-end protection with Microsoft's unified security operations platform- Use the SIEM migration experience - Microsoft Sentinel- Calculate cost savings in Azure Advisor - Azure Advisor | Microsoft Learn - Give us feedback!
How can Microsoft Copilot for Security help you? While at NDC in Sydney, Richard chatted with George Coldham about Microsoft Copilot for Security - combining GPT-4 with information about Microsoft security products and your organization's resources in Azure to provide guidance and insight into making your company more secure. George talks about how it's early days for this copilot - and it's only in preview so far. Bringing together the vast array of security products that Microsoft makes, Microsoft Copilot for Security brings the ability of Large Language Models to summarize data to help you understand where the organization's security vulnerabilities exist and how to address them. You want to get in on this preview!LinksMicrosoft Copilot for SecurityUnified Security Operations PlatformMicrosoft SentinelMicrosoft Security Portals and Admin CentersMicrosoft Defender for EndpointMicrosoft Defender for CloudMicrosoft EntraMicrosoft PurviewMicrosoft PrivaKusto Query LanguageMicrosoft Defender Threat IntelligenceRecorded February 13, 2024
Guest post by Kieran McCorry, National Technology Officer, Microsoft Ireland In the fast-evolving cyber landscape in Ireland, organisations are susceptible and vulnerable to attack, as highlighted by Microsoft Ireland's 'Cybersecurity Trends in Ireland' report. This exploration of the experiences of c-suite executives operating in Ireland delves into cybersecurity trends, shedding light on prevalent challenges, emerging technologies, and the imperative need for proactive measures. Cybersecurity vulnerabilities persist across Irish industries, exacerbated by the absence of comprehensive defence strategies. While there's a good adoption of cybersecurity training, the true resilience demanded by the evolving threat landscape necessitates ongoing investments in technological solutions. Our report reveals that 46% of respondents have faced cyber incidents in the last three years, with 30% experiencing data breaches. Strikingly, only 14% reported incidents to regulatory bodies. Despite these challenges, 74% of organisations haven't reduced their cybersecurity spend and 57% conduct regular cybersecurity training. However, a significant gap exists in strategic processes with just 44% performing risk assessments and 38% employing a multi-layered defence strategy. The study also points to a potential complacency with 26% of organisations indicating a lack of IT security infrastructure investment planned for the coming year. Artificial Intelligence as a Cybersecurity Enabler While the adoption of Artificial Intelligence (AI) technologies to support defensive strategies is slow - just 14% of executives say they are using AI as part of their cybersecurity strategy, while a further 30% say they are unsure if they are in fact using AI technologies - 'Cybersecurity Trends in Ireland' underscores the rising significance of AI in cybersecurity. AI technologies offer a potent defence against cyber threats by swiftly analysing vast data sets. Notably, the successful use of AI in Ukraine against cyberattacks sets a precedent for the role of innovation in cybersecurity. However, the integration of AI comes with its own set of challenges. Security teams grapple with managing disparate tools and a scarcity of skilled talent. Microsoft's recent strides in unifying incident experiences through Microsoft Sentinel and Microsoft Defender XDR mark a significant leap toward cohesive and efficient cybersecurity strategies. Meanwhile, from 1st of April, Microsoft Copilot for Security will be available in Ireland. The industry's first generative AI solution will help security and IT professionals catch what others miss, move faster, and strengthen team expertise. Copilot is informed by large-scale data and threat intelligence, including more than 78 trillion security signals processed by Microsoft each day, and coupled with Large Language Models to deliver tailored insights and guide next steps. With Copilot, users can protect their environments at the speed and scale of AI and transform their security operations. Regulation and Compliance A concerning revelation from our Cybersecurity Trends in Ireland study is the lack of awareness among Irish executives regarding upcoming legislation; specifically, the Network and Information Security 2 Directive (NIS2). Scheduled for implementation in October 2024, NIS2 will impact 18 sectors and over 180,000 companies across the EU. Despite its potential to strengthen cybersecurity postures, more than 70% of leaders are either unaware or unprepared for compliance. Of those who are aware of NIS2, 20% feel they are currently compliant with the legislation and 20% believe they are not compliant. 60% of all respondents are unsure if they are or not. Positively, 31% of organisations are planning to invest in their strategy to achieve compliance with NIS2 and 29% have a roadmap in place to achieve this. That said, this lack of awareness extends to the majority being unsure about their organisations having investment or a roa...
Summary In this episode, Henrik Wojcik, a Microsoft MVP, joins the hosts to discuss Microsoft Sentinel and provide a deep dive into its deployment and usage. They cover topics such as data residency and compliance considerations, separating operational logs and security logs, connectors for data ingestion, analytics rules and alert fatigue, scheduled queries and user and entity behavior analytics (UEBA), playbooks and automation, workbooks and data visualization, and advanced hunting with KQL queries. Takeaways Consider data residency and compliance requirements when deploying Microsoft Sentinel. Separate operational logs and security logs to optimize cost and focus on relevant data. Use connectors to ingest data from various sources into Microsoft Sentinel. Tune analytics rules to avoid alert fatigue and focus on valuable alerts. Utilize scheduled queries and UEBA to identify suspicious behavior and automate investigations. Leverage playbooks and automation to streamline incident response and reduce manual effort. Create workbooks for data visualization and customize them to display relevant information. Explore advanced hunting with KQL queries to proactively search for threats and investigate incidents. ------------------------------------------- Youtube Video Link: https://youtu.be/n9dDfmX-A9Q ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/sentinel/data-connectors-reference https://learn.microsoft.com/en-us/azure/sentinel/create-custom-connector https://learn.microsoft.com/en-us/azure/sentinel/billing?tabs=simplified%2Ccommitment-tiers#free-data-sources Henrik Wojcik: https://www.linkedin.com/in/henrikfrandswojcik/ https://twitter.com/henrikwojcik ---------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Threads: https://www.threads.net/@bluesecuritypodcast Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message
Integrity360, one of the leading pan-European cyber security specialists, has announced the expansion of its portfolio of Microsoft security services as it continues on an international growth trajectory. The company plans to roll out the enhanced suite of services across Ireland, the UK, Bulgaria, Italy, Spain, and the Nordic region. As well as the expansion of services and associated tools and processes, the company has invested in the training and development of over 30 employees. It has also rolled out product and platform development and integration, as well as proprietary threat detection content for the Microsoft ecosystem and threat response playbook production. The enlarged portfolio incorporates professional services for the assessment, design and implementation, and ongoing management of Microsoft security solutions. These will deliver enhanced protection for customers across the areas of threat protection, cloud security, identity and access management, and data security. Integrity360 is rolling out these specialist services amid increasing demand from customers to help optimise their security posture and configurations, maximising the value of the security toolsets available within their Microsoft licensing investments. The services are available across all of the main Microsoft Security product families, including Microsoft Sentinel, Microsoft Defender XDR, Microsoft Defender for Cloud, Microsoft Entra, and Microsoft Purview. Due to Microsoft's prominence in the security, productivity, and collaboration spaces, Integrity360 estimates these offerings to be relevant for at least 75% of organisations of all sizes across Europe. Integrity360's professional services team will provide guidance and direction to customers on how to maximise security features of the Microsoft ecosystem across users, systems, and applications. The team will also design and build security infrastructure in line with best practices, benefiting from existing Microsoft environments and investments to maximise the return for customers. As well as enhanced access to resources to help optimise the use and value of Microsoft products, organisations will benefit from enhanced protection against cyber security risks such as ransomware, data theft, insider risk, and zero-day attacks. Integrity360 is also expanding its suite of Microsoft managed services with a comprehensive managed extended detection and response (XDR) offering. This new solution aims to boost organisations' cyber security postures in the face of continually evolving threats and relieve the pressure on in-house security teams with proactive 24/7 monitoring, enhanced detection, and rapid containment of threats. Underpinning these new services, Integrity360 has attained designations within the Microsoft AI Cloud Partner Programme. The company has been named a Solutions Partner for Security which validates Integrity360's specialist capabilities in using the Microsoft security portfolio to secure organisations' environments including Microsoft 365, multi-operating-system endpoints, multi-cloud environments, and third-party infrastructure. It has also been named as a Solutions Partner for Modern Work which recognises its expertise across Microsoft 365 applications such as Outlook, Teams, SharePoint, and OneDrive, essential for understanding how to secure such environments. Integrity360 has expanded its offering to include services across the full Microsoft security portfolio, and with the increased scope of its new Managed XDR service powered by Microsoft SIEM+XDR, it has further advanced its specialisation particularly in the area of Threat Protection. Brian Martin, Director of Product Management, Integrity360, said: "Integrity360 is delighted to expand our comprehensive suite of services across Microsoft's security portfolio. We are excited to bring our Microsoft security specialisation and cyber security specialist expertise to our customers. Furthermore, our new partner designation...
Use GPT-powered natural language to investigate and respond to security incidents, threats and vulnerabilities with Microsoft Security Copilot, a new security AI assistant. Skilled with Microsoft's vast cybersecurity expertise, it helps you perform common security-related tasks quickly using generative AI. This includes embedded experiences within Microsoft Defender XDR, Microsoft Intune for endpoint management, Microsoft Entra for identity and access management, and Microsoft Purview for data security. Security Copilot as an enterprise-grade natural language interface to your organization's security data. Ryan Munsch, from the Security Copilot team, joins host Jeremy Chapman to share how Security Copilot is like an enterprise-grade natural language interface to your organization's security data. ► QUICK LINKS: 00:00 - Investigate and respond to security incidents 01:24 - Works with the signal in your environment 02:26 - Prompt experience 03:06 - Off-the-shelf LLM vs. Security Copilot05:43 - LoRA fine-tuning07:06 - Security analyst use case10:07 - Generate a hunting query using Microsoft Sentinel 11:34 - Threat intelligence14:20 - Embedded Copilot experiences15:42 - Wrap up ► Link References Join our early access program at https://aka.ms/SecurityCopilot ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Manage SIEM, XDR, and threat intelligence from one place with new updates in the Microsoft Defender portal. Interact with all of your security data using generative AI with Security Copilot. View incidents across your digital estate—whether they're related to endpoints, SaaS services, your network in the cloud or on prem. This unified approach eliminates the inefficiency of SOC teams having to switch between multiple systems and manually piece together incident details, while maintaining all the current functionalities of each connected service. Rob Lefferts joins Jeremy Chapman to discuss how the Defender experience has evolved into a unified security operations platform that combines threat detection, prevention, investigation, and response. ► QUICK LINKS: 00:00 - How Microsoft Defender has evolved 01:47 - Increase your SOC's efficiency and speed 02:30 - GPT-based Security Copilot 03:54 - See an active incident 05:45 - Attack disruption 06:48 - High-level recap with Security Copilot 07:39 - Unified advanced hunting 08:51 - Set it up 09:32 - Wrap up ► Link References For more information, and to join our private preview go to https://aka.ms/SOCPlatform ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Fan favorite, Senior Product Manager for Sentinel, and avid live audience member, Gary Bushey, returns to the show to talk about a new tool he's developed to provide a way to document a Microsoft Sentinel environment. Oh…and with Brodie, Andrea, and Rod on the lam, who will host this week? Thank heavens for Beth Bischoff! Show Notes/Links: Gary's blog: https://garybushey.com/ Create a Word document that describes your Microsoft Sentinel environment Book on programming Microsoft Sentinel Catch the live replay…
Microsoft 365 Defenderでもインシデントのタイムラインと関係グラフを表示できる、ツールだけあっても攻撃パターンの知見がないと調査できないことがわかった、などについて話しました。
Stop by this episode to see and hear what Angelica Faber, Security Architect at Microsoft, has been working on. Angelica has produced some great content and guidance using Azure OpenAI with Microsoft Sentinel to provide better efficiency and deeper knowledge for Security Operations teams. Show Notes/Links: Angelica's blog: https://myfabersecurity.com/ Angelica on LinkedIn: https://www.linkedin.com/in/angelica-faber/ Rubrick: https://www.rubrik.com/ Microsoft Envision The Tour: https://envision.microsoft.com/ Microsoft Sentinel Triage AssistanT (STAT): https://github.com/briandelmsft/SentinelAutomationModules This is a demo-heavy episode. Catch the full experience with the live show video replay…
In Episode 349, Ben and Scott talk through considerations for working with Azure Policy to enable diagnostic settings at scale. Along the way they also talk about helpful tools that are available that can help you get your environment configured the way you need even quicker. Like what you hear and want to support the show? Check out our membership options. Show Notes Create diagnostic settings at scale using Azure Policies and Initiatives Microsoft Sentinel content hub catalog Create-AzDiagPolicy Documentation for Azure Policy scripts Microsoft.PolicyInsights RBAC Remediate non-compliant resources with Azure Policy Manage access to Log Analytics workspaces Microsoft Sentinel workspace architecture best practices Azure Resource Graph sample queries for Azure Policy Azure Governance Visualizer aka AzGovViz Community Policy Repo About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.
Welcome back Chris Stelzer! Chris was on the show recently but is back to show us how he's architected ChatGPT into SOC operations with Microsoft Sentinel. Now that ChatGPT has been updated with many new features - including functions - don't miss this live! Lots of demos. Show Notes/Links: WSUS News: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/importing-updates-into-wsus-is-changing/ba-p/3882937 Microsoft Security Insights Show Episode 136 - Chris Stelzer, Senior TS at Microsoft: https://microsoftsecurityinsights.com/microsoft-security-insights-show-episode-136-chris-stelzer-senior-ts-at-microsoft Episode 127: Microsoft Sentinel StaT with Mike Palitto and Andrea Fisher https://microsoftsecurityinsights.com/episode-127-microsoft-sentinel-stat-with-mike-palitto-and-andrea-fisher Chris' Postman page: https://www.postman.com/scstelz There's LOTS of demos this episode, so make sure to catch the live show video replay… Live show video replay: https://www.youtube.com/live/_JHXnkKcfq4?feature=share Want to watch the live show? You can always go back and watch this episode and others on our YouTube channel. Subscribe today!
What a unique and valuable time. We chat with Philippe Humeau, the CEO and co-founder of CrowdSec (crowdsec.net). CrowdSec is an open-source & collaborative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks. The game-changer is that the solution also enables users to protect each other. Each time an IP is blocked, all community members are informed so they can also block it. That way, they are generating a real-time crowdsourced CTI database. We'll be working together to create an integration with Microsoft Sentinel. Stay tuned for a future update. Show Notes/Links: CrowdSec Basic Steps to Create Your Own Simple Copilot Bing Chat Enterprise, your AI-powered chat for work, available in Microsoft Edge sidebar Microsoft adds a 'Security Copilot' to its AI assistant line-up Microsoft puts a price tag on its AI "copilots" for business Want to watch the live show? You can always go back and watch this episode and others on our YouTube channel. Subscribe today!
InfosecTrain is hosting an event on Microsoft Sentinel - ‘Empowering Your Security Operations' where attendees will have the opportunity to gain valuable insights into the capabilities and benefits of Microsoft Sentinel. For more details or free demo with our expert write into us at sales@infosectrain.com ➡️ Agenda of this session
In episode 150 of our SAP on Azure video podcast we talk about Premiums SSD v2, Azure NetApp Files double encryption at rest, Reference architectures with SAP AI Core service on SAP BTP with Azure OpenAI, Reducing your CO2 footprint using a smart Generative AI application on SAP BTP, the reCAP Hackathon - CAP & Azure Cosmos DB, Part 1 of the SAP S/4HANA Cloud ABAP Environment integration journey with Microsoft and new playbooks for Microsoft Sentinel for SAP. Then we take a deep dive into Brute Force and DDoS attacks protection with Evren Buyruk & Amir Dahan. They are talking about security management with Azure services and leveraging Azure DDoS protection services to help with your SAP and non-SAP workload on Azure. https://www.saponazurepodcast.de/episode150 Reach out to us for any feedback / questions: * Robert Boban: https://www.linkedin.com/in/rboban/ * Goran Condric: https://www.linkedin.com/in/gorancondric/ * Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #Security #Sentinel #DDoS
In episode 149 of our SAP on Azure video podcast we talk about a guide deploying SAP workloads across Azure Availability Zones, Azure Charts, From zero to hero security coverage with Microsoft Sentinel for your critical SAP security signals, Terraform provider for SAP BTP now available for non-productive use, Mercedes-Benz enhancing drivers' experience with Azure OpenAI Service and Public Preview announcement for Azure OpenAI Service On Your Data. Then Michael Mergell joins us to talk about Chatbots in Teams. This time not focusing on business processes (like approving Sales orders), but on scenarios for the SAP Basis admin: how to check user permissions in the SAP system, how to check Job status in the SAP system or even how to post maintenance messages in your SAP system. All from within a Chat in Teams. Then he shows us the power of AI prompt engineering. Using Azure Open AI, Power Virtual Agent, Power Automate and Teams he enables the interaction with your SAP S-Flight data via natural language. Out of plain text, Azure Open AI generates the complex SQL Query and returns the results live from the SAP system. https://www.saponazurepodcast.de/episode149 Reach out to us for any feedback / questions: * Robert Boban: https://www.linkedin.com/in/rboban/ * Goran Condric: https://www.linkedin.com/in/gorancondric/ * Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #OpenAI #Teams #PowerPlatform
In Episode 337, Ben and Scott through recommendations for securing your Office 365 tenants and admin accounts. They also address a listener question on how you can address the disparities in logging and metrics collections when you're using multiple SaaS products. Like what you hear and want to support the show? Check out our membership options. Show Notes CollabCon Conference 2023 Manage emergency access accounts in Azure AD Securing privileged access for hybrid and cloud deployments in Azure AD Conditional Access authentication strength is now Generally Available! Learn about data loss prevention Microsoft Sentinel data connectors Hybrid Cloud with AWS Video https://youtu.be/TMKm9lcaQE0 About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.
Cortana's Windows death, 3 months with no Xbox, thoughts on WWDC23 Developer Story As the developer conference season winds down with WWDC, a look at how Apple, Google, and Microsoft are both similar to and different from each other Hololens flashbacks anyone? Windows She's dead, Jim: Microsoft kills Cortana in Windows 10, 11 - this is all about marketing Teams for Windows (consumer) gets new features that no one will notice either Windows Insider Preview: Microsoft Paint gets Dark mode support (FINALLY) and more in Canary and Dev Canary: New build brings SMB signing requirement (Enterprise ed only), camera app troubleshooting (plus new build today) Dev (new): redesigned Home view for File Explorer, modernized address bar and search box, Dynamic Lighting settings Dev: File Explorer tabs and gallery view improvements, Add Phone Photos button for setting up OneDrive camera roll Beta: WPA3 support in Phone Link, fixes Microsoft Edge arrives with Workspaces (but not the new UI) Brave finally gets vertical tabs One week after HP, Dell posts 20 percent revenue fall Xbox Well, Paul finally did it: 3 months without Xbox WD Xbox Series X|S expansion cards start at just $80 Minecraft comes to chromebooks Microsoft was fined $20 million by the FTC for collecting kids' data (Amazon was fined $25 million) Report explains why Redfall failed. (It sucks) Apple brings Windows games to macOS using Wine-based toolkit Amazon kills Luna app on Windows and Mac, focuses on web. Are we facing a Stadia moment now? Tips & Picks Tip of the week: Passkeys come to Google Workspace accounts too Tip of the week #2: Get the updated Windows 11 22H2 ISO RunAs Radio this week: Microsoft Sentinel with Sarah Young Brown liquor pick of the week: Glenmorangie Quinta Ruban 14 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: AWS Insiders - WW meraki.cisco.com/twit Melissa.com/twit
Cortana's Windows death, 3 months with no Xbox, thoughts on WWDC23 Developer Story As the developer conference season winds down with WWDC, a look at how Apple, Google, and Microsoft are both similar to and different from each other Hololens flashbacks anyone? Windows She's dead, Jim: Microsoft kills Cortana in Windows 10, 11 - this is all about marketing Teams for Windows (consumer) gets new features that no one will notice either Windows Insider Preview: Microsoft Paint gets Dark mode support (FINALLY) and more in Canary and Dev Canary: New build brings SMB signing requirement (Enterprise ed only), camera app troubleshooting (plus new build today) Dev (new): redesigned Home view for File Explorer, modernized address bar and search box, Dynamic Lighting settings Dev: File Explorer tabs and gallery view improvements, Add Phone Photos button for setting up OneDrive camera roll Beta: WPA3 support in Phone Link, fixes Microsoft Edge arrives with Workspaces (but not the new UI) Brave finally gets vertical tabs One week after HP, Dell posts 20 percent revenue fall Xbox Well, Paul finally did it: 3 months without Xbox WD Xbox Series X|S expansion cards start at just $80 Minecraft comes to chromebooks Microsoft was fined $20 million by the FTC for collecting kids' data (Amazon was fined $25 million) Report explains why Redfall failed. (It sucks) Apple brings Windows games to macOS using Wine-based toolkit Amazon kills Luna app on Windows and Mac, focuses on web. Are we facing a Stadia moment now? Tips & Picks Tip of the week: Passkeys come to Google Workspace accounts too Tip of the week #2: Get the updated Windows 11 22H2 ISO RunAs Radio this week: Microsoft Sentinel with Sarah Young Brown liquor pick of the week: Glenmorangie Quinta Ruban 14 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: AWS Insiders - WW meraki.cisco.com/twit Melissa.com/twit
Cortana's Windows death, 3 months with no Xbox, thoughts on WWDC23 Developer Story As the developer conference season winds down with WWDC, a look at how Apple, Google, and Microsoft are both similar to and different from each other Hololens flashbacks anyone? Windows She's dead, Jim: Microsoft kills Cortana in Windows 10, 11 - this is all about marketing Teams for Windows (consumer) gets new features that no one will notice either Windows Insider Preview: Microsoft Paint gets Dark mode support (FINALLY) and more in Canary and Dev Canary: New build brings SMB signing requirement (Enterprise ed only), camera app troubleshooting (plus new build today) Dev (new): redesigned Home view for File Explorer, modernized address bar and search box, Dynamic Lighting settings Dev: File Explorer tabs and gallery view improvements, Add Phone Photos button for setting up OneDrive camera roll Beta: WPA3 support in Phone Link, fixes Microsoft Edge arrives with Workspaces (but not the new UI) Brave finally gets vertical tabs One week after HP, Dell posts 20 percent revenue fall Xbox Well, Paul finally did it: 3 months without Xbox WD Xbox Series X|S expansion cards start at just $80 Minecraft comes to chromebooks Microsoft was fined $20 million by the FTC for collecting kids' data (Amazon was fined $25 million) Report explains why Redfall failed. (It sucks) Apple brings Windows games to macOS using Wine-based toolkit Amazon kills Luna app on Windows and Mac, focuses on web. Are we facing a Stadia moment now? Tips & Picks Tip of the week: Passkeys come to Google Workspace accounts too Tip of the week #2: Get the updated Windows 11 22H2 ISO RunAs Radio this week: Microsoft Sentinel with Sarah Young Brown liquor pick of the week: Glenmorangie Quinta Ruban 14 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: AWS Insiders - WW meraki.cisco.com/twit Melissa.com/twit
Cortana's Windows death, 3 months with no Xbox, thoughts on WWDC23 Developer Story As the developer conference season winds down with WWDC, a look at how Apple, Google, and Microsoft are both similar to and different from each other Hololens flashbacks anyone? Windows She's dead, Jim: Microsoft kills Cortana in Windows 10, 11 - this is all about marketing Teams for Windows (consumer) gets new features that no one will notice either Windows Insider Preview: Microsoft Paint gets Dark mode support (FINALLY) and more in Canary and Dev Canary: New build brings SMB signing requirement (Enterprise ed only), camera app troubleshooting (plus new build today) Dev (new): redesigned Home view for File Explorer, modernized address bar and search box, Dynamic Lighting settings Dev: File Explorer tabs and gallery view improvements, Add Phone Photos button for setting up OneDrive camera roll Beta: WPA3 support in Phone Link, fixes Microsoft Edge arrives with Workspaces (but not the new UI) Brave finally gets vertical tabs One week after HP, Dell posts 20 percent revenue fall Xbox Well, Paul finally did it: 3 months without Xbox WD Xbox Series X|S expansion cards start at just $80 Minecraft comes to chromebooks Microsoft was fined $20 million by the FTC for collecting kids' data (Amazon was fined $25 million) Report explains why Redfall failed. (It sucks) Apple brings Windows games to macOS using Wine-based toolkit Amazon kills Luna app on Windows and Mac, focuses on web. Are we facing a Stadia moment now? Tips & Picks Tip of the week: Passkeys come to Google Workspace accounts too Tip of the week #2: Get the updated Windows 11 22H2 ISO RunAs Radio this week: Microsoft Sentinel with Sarah Young Brown liquor pick of the week: Glenmorangie Quinta Ruban 14 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: AWS Insiders - WW meraki.cisco.com/twit Melissa.com/twit
Are you using Microsoft Sentinel? Richard talks to Cloud Security Advocate Sarah Young about Sentinel, Microsoft's Security Information and Event Management (SIEM) solution. Sarah talks about the role of the SIEM in creating a common place for all security-related data to arrive. She mentions some of the many tools in the Microsoft suite to feed into Sentinel - Defender for Endpoints, Identity, and Cloud as examples. Specialized analysis tools send summaries to Sentinel, but Sentinel can also process raw logs as well - make sure you need the data because billing for Sentinel is connected to the number of ingress sources. There's a lot to learn, but also a lot of great documentation and information to work from. Check the show notes for links!Links:Microsoft SentinelArcSightDefender Security AlertsDefender for EndpointDefender for IdentityMicrosoft Digital Defense Report 2022Defender for CloudWhat is CSPM?Security Baselines BlogMicrosoft Security CopilotRecorded April 6, 2023
Cortana's Windows death, 3 months with no Xbox, thoughts on WWDC23 Developer Story As the developer conference season winds down with WWDC, a look at how Apple, Google, and Microsoft are both similar to and different from each other Hololens flashbacks anyone? Windows She's dead, Jim: Microsoft kills Cortana in Windows 10, 11 - this is all about marketing Teams for Windows (consumer) gets new features that no one will notice either Windows Insider Preview: Microsoft Paint gets Dark mode support (FINALLY) and more in Canary and Dev Canary: New build brings SMB signing requirement (Enterprise ed only), camera app troubleshooting (plus new build today) Dev (new): redesigned Home view for File Explorer, modernized address bar and search box, Dynamic Lighting settings Dev: File Explorer tabs and gallery view improvements, Add Phone Photos button for setting up OneDrive camera roll Beta: WPA3 support in Phone Link, fixes Microsoft Edge arrives with Workspaces (but not the new UI) Brave finally gets vertical tabs One week after HP, Dell posts 20 percent revenue fall Xbox Well, Paul finally did it: 3 months without Xbox WD Xbox Series X|S expansion cards start at just $80 Minecraft comes to chromebooks Microsoft was fined $20 million by the FTC for collecting kids' data (Amazon was fined $25 million) Report explains why Redfall failed. (It sucks) Apple brings Windows games to macOS using Wine-based toolkit Amazon kills Luna app on Windows and Mac, focuses on web. Are we facing a Stadia moment now? Tips & Picks Tip of the week: Passkeys come to Google Workspace accounts too Tip of the week #2: Get the updated Windows 11 22H2 ISO RunAs Radio this week: Microsoft Sentinel with Sarah Young Brown liquor pick of the week: Glenmorangie Quinta Ruban 14 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: AWS Insiders - WW meraki.cisco.com/twit Melissa.com/twit
Dale O'Grady joins us from Vectra AI, joins Rod and Brodie to demonstrate the integrations of Vectra's capabilities within Microsoft Sentinel. Show notes and links: Vectra® uses artificial intelligence to automate real-time cyber attack detection and response – from network users and IoT devices to data centers and the cloud. All internal traffic is continuously monitored to detect hidden attacks in progress. Detected threats are instantly correlated with host devices that are under attack and unique context shows where attackers are and what they are doing. Threats that pose the biggest risk to an organization are automatically scored and prioritized based on their severity and certainty, which, enables security operations teams to quickly focus their time and resources on preventing and mitigating loss. https://www.vectra.ai/ Microsoft Azure Marketplace - Vectra AI https://azuremarketplace.microsoft.com/en-us/marketplace/apps/vectraaiinc.ai_vectra_detect_mss? Vectra AI Detect connector for Microsoft Sentinel https://learn.microsoft.com/en-us/azure/sentinel/data-connectors/vectra-ai-detect
In this episode, we look at the decision tree model for designing Microsoft Sentinel workspaces. Its 8 steps guide you through planning and designing your Sentinel deployment architecture. Also, Jussi asks Tobi an unexpected question.(00:00) - Intro and catching up.(04:48) - Community highlights.(07:14) - Show content starts.Community Highlights- Sam Cogan: Resource Group Location Matters- Anthony Chu – Tech Community: This Month in Azure Container Apps: March/April 2023- Daniel Calbimonte: How to work with ChatGPT in Visual Studio Code- Jukka Niiranen: The world beyond apps – my thoughts on AI's impactShow links- Talking about Azure Sentinel with Maarten Goet (Ctrl+Alt+Azure Episode 021)- Design your Microsoft Sentinel workspace architecture (Decision tree)- Example workspace design - Workspace architecture best practices for Microsoft SentinelSPONSORThis episode is sponsored by Sovelto. Stay ahead of the game and advance your career with continuous learning opportunities for Azure Cloud professionals. Sovelto Eduhouse – Learning as a Lifestyle - Start Your Journey now: https://www.eduhouse.fi/cloudpro
News and updates from the Microsoft Cloud and then a deep dive into Compliance policies in Intune/ Have a listen and let me know what you think. This episode was recorded using Microsoft Teams and produced with Camtasia 2022. Brought to you by www.ciaopspatron.com Resources @directorcia @directorcia@twit.social Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog YouTube edition of this podcast Windows 365 Frontline available in public preview OneNote: Your Digital Notebook, Reimagined with Copilot Quick Wins to Strengthen Your Azure AD Security Automating and Streamlining Vulnerability Management for Your Clients Phone Link for iOS is now rolling out to all Windows 11 customers Introducing cloud.microsoft: a unified domain for Microsoft 365 apps and service Centrally manage multiple Microsoft Sentinel workspaces with workspace manager Announcing Windows LAPS management through Microsoft Intune Practice Assessments for Microsoft Certifications Profanity filtering control for live captions in Teams meetings
In episode 140 of our SAP on Azure video podcast we talk about Azure Automation support for PowerShell 7.2, Support for Linux clients to use identity-based access to Azure file shares over SMB, SAP Cloud Identity Services offered as Trial Version, Demystify Single Sign-On on Server Side for SAP RISE Customers and Azure Logic Apps' New Data Mapper for Visual Studio Code (Preview). Then we talk about Security: Next to AI, Security is one of the most important topics in the discussions with my customers at the moment. With the "Microsoft Sentinel solution for SAP applications" we also have an offering to help protect your SAP systems. It even got certified for RISE with SAP recently. Yoav and Yossi from the Sentinel Product group and Sebastian and Martin who worked on some nice extensions for Sentinel and SAP join us to today to provide an updates on the latest development and show us demos on SAP Business Technology Platform and Sentinel and automatic user-locking with Teams. https://www.saponazurepodcast.de/episode140 Reach out to us for any feedback / questions: * Robert Boban: https://www.linkedin.com/in/rboban/ * Goran Condric: https://www.linkedin.com/in/gorancondric/ * Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #Sentinel #Security #BTP
(収録日: 2023/04/10) # 感想はtwitterでハッシュタグ「#secure旅団 #secureLiaison」やGoogle Formにいただけると嬉しいです。 # 内容 海外カンファレンスと海外行きたいって話 新しい社会人の方々の話 ちょっとだけ情報収集の話 llmを使った手法やビジネス。ちょっとMicrosoft Sentinelの話 web proxyの話 # 参照 https://gihyo.jp/article/2023/01/mitene-04oncall-engineer https://www.publickey1.jp/blog/23/chatgptmicrosoft_365_copilotexcel.html #積ん読 なし # 参加者: 松本さん(@ym405nm)、ken5scal、名無しさん # ジングル: @hajipion
In episode 137 of our SAP on Azure video podcast we talk about an upcoming CAP and Cosmos DB Hackathon, news of Microsoft Sentinel, Microsoft Security Copilot, Reference architecture of an SAP BTP CAP application using GPT Models of OpenAI, 30 Days Of Azure AI and SAP CDC Connector and SLT - Part 2 - Initial Configuration by Bartosz. Then we welcome Manish Shah with us. One of the most popular topics at the moment is how to work with data from SAP in a Microsoft context. SAP Datasphere was recently announced by SAP and one of the key integration points was with Databricks which also is used by lots of customers on Azure. From a Microsoft side we recently released the SAP CDC Connector for Azure Data Fatory and Synapse which uses the ODP framework to integrate with SAP data. To make the integration with the ODP framework even more powerful, customers can use the SAP Landscape Transformation Replication Service (SAP SLT) which integrates with the ODP services and enables direct access to SAP tables. These tables are constantly monitored and changes are recorded and can be made immediately available to Azure. Manish introduces us to the topic and shows an end-to-end demo. https://www.saponazurepodcast.de/episode137 Reach out to us for any feedback / questions: * Robert Boban: https://www.linkedin.com/in/rboban/ * Goran Condric: https://www.linkedin.com/in/gorancondric/ * Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #Data #ADF
With sophisticated cyber-attacks on the rise, get detailed and current intel on trending attacks with Microsoft Defender Threat Intelligence. Enrich investigations and contain threats before they impact your organization with exclusive access to the same raw attack signals our Microsoft Researchers have. Easily gauge the severity of a threat and seek specialist assistance with Threat Profiles that link threats and their methods to known threat actors. Lou Manousos, Threat Intelligence expert and Microsoft Security CVP, joins Jeremy Chapman to share how to use raw data on active attacks as they unfold. ► QUICK LINKS: 00:00 - Introduction 01:33 - Track and understand attacks 03:39 - Native integration of RiskIQ data with Microsoft Defender 06:14 - Raw data in the Threat Intelligence portal 07:32 - How to see evolving threats 09:16 - Connect a threat actor to an active incident 11:28 - How to use raw data in an active incident 13:32 - Host pairs 15:29 - Wrap up ► Link References: More on Threat Intelligence at https://aka.ms/mdti-tech Access the most current 2 weeks of data for free at https://ti.defender.microsoft.com ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Investigate and contain sophisticated attacks in real-time using updates to Microsoft's integrated XDR solutions. Get an inside look at a multi-stage and multi-cloud incident inspired by real tactics, techniques, and procedures in Microsoft Sentinel, and visibility into the attack sequence and timeline of alerts with Microsoft 365 Defender. Use Threat Intelligence to investigate and stop threat actors in their tracks with real-time threat disruption, and automate mitigations to contain the damage. Microsoft cybersecurity expert and CVP, Rob Lefferts, joins Jeremy Chapman to share how to navigate fast-moving cyber attacks that can span across clouds and infrastructure. ► QUICK LINKS: 00:00 - Introduction 00:59 - Streamline workflow across security teams 02:25 - Demo: See a sophisticated attack in action 04:24 - How to prioritize where to start 07:14 - Investigate an attack 10:35 - Microsoft Defender 13:36 - Wrap up ► Link References: Watch our show on Microsoft Defender Threat Intelligence at https://aka.ms/TiMechanics Watch our Secure Event on demand at https://aka.ms/mssecureevent ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
In episode 135 of our SAP on Azure video podcast we talk about Protecting your Rise and S/4HANA application layer with MS Sentinel today and the certified Microsoft Sentinel 1.0 connector for SAP, Microsoft Azure Applications for Neptune DXP, a new ebook on modernizing SAP on the Microsoft Cloud, updates to the SAP Collaborative ERP with Share to Microsoft Teams, and an upcoming reCAP event which will also look at Cosmos DB integration. Then we Robert will talk about a "refresh day" which should remind customers and partners to revisit their cloud implementations with SAP on Azure. The Microsoft Assessments, like the Azure Well-Architected assessment can be a good starting point for this. https://www.saponazurepodcast.de/episode135 Reach out to us for any feedback / questions: * Robert Boban: https://www.linkedin.com/in/rboban/ * Goran Condric: https://www.linkedin.com/in/gorancondric/ * Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure
In this latest episode I take a quick look at Microsoft Sentinel as well as speak to the benefits and why if you are serious about cybersecurity you should be considering it in every environment. There is also the latest news and updates from the Microsoft Cloud. Listen along and enjoy. This episode was recorded using Microsoft Teams and produced with Camtasia 2022. Brought to you by www.ciaopspatron.com Resources @directorcia @directorcia@twit.social Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog YouTube edition of this podcast 2023 identity security trends and solutions from Microsoft Seamless application access and lifecycle management for multi-tenant Azure AD organizations Skilling up on Microsoft Security, compliance, and identity: Quarterly recap Cloud Skills Challenge 2023 End-of-Support Milestone in Microsoft 365 New Microsoft Intune troubleshooting experience Intune remote help introduction Combatting Risky Sign-ins in Azure Active Directory Introducing Microsoft Teams Premium, now available What is Microsoft Sentinel Introduction to Sentinel Getting Started with Azure Sentinel
Welcome to our January 2023 Microsoft Reactor edition episode where we talk with Chris Stelzer, Senior Technical Specialist at Microsoft. Listen in as Chris digs into how to use service principles for automation in Microsoft Sentinel. Lots of great knowledge to glean. Show links: Introduction to Microsoft Sentinel: https://learn.microsoft.com/en-us/training/modules/intro-to-azure-sentinel/ Microsoft Sentinel skill-up training: https://learn.microsoft.com/en-us/azure/sentinel/skill-up-resources Microsoft Sentinel Triage AssistanT (STAT): https://github.com/briandelmsft/SentinelAutomationModules
En este episodio charlamos con los expertos de Sentinel, Defender for Cloud y Microsoft Identity sobre las ultimas novedades, entre ellas destacando el anuncio de Microsoft Sentinel como lider reconocido por Gartner en el Magic Quadrant
Show Links: Microsoft Sentinel StaT Link: aka.ms/MSTAT Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po Show notes can be found on the podcast website at: http://microsoftsecurityinsights.com/
Marius trenger ikke å søke for å huske at Security information and event managment forkortes ned til SIEM, men klarer han å forklare til det Olav og Alexander?SIEM er et buzz ord som mange hører med jevne mellom rom, men hva er det egentlig? Når trenger man det og hva trenger man det til egentlig. Det finnes mange produkter på marked, Microsoft Sentinel er et eksempel, men i prinsippet bør de alle en del funksjoner for å kategoriseres som en SIEM løsning.Følg og på LinkedIN: https://bit.ly/blalinked og kommenter Hosted on Acast. See acast.com/privacy for more information.
Episode Notes Alan and Sam discuss how Microsoft Sentinel can help organisations have visibility of malicious activity in their environment. Alan takes the role of the 'Expert' and explains the capability of Microsoft Sentinel and how it is for any size organisation. Alan dives into the process from log ingestion to automated response to an incident. Find out more at http://www.letstalkpodcast.co.uk Send us your feedback online: https://pinecast.com/feedback/lets-talk-azure/cfa2fda1-11c8-482b-88e7-2167cf1efd5d
Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Reference: https://www.rapid7.com/c/gartner-siem-mq-2022/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support
Show Links: Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po Show notes can be found on the podcast website at: http://microsoftsecurityinsights.com/
株式会社カスペルスキーは9月1日、Microsoft Sentinelユーザーへの脅威インテリジェンスの提供開始を発表した。
In Microsoft's public cloud platform, Microsoft Sentinel is a Security Information and Event Management (SIEM) and Security Orchestration and Automated Response (SOAR) system that combines attack detection, threat visibility, proactive hunting, and threat response into a unified platform. Microsoft Sentinel is a single solution that can handle both SIEM and SOAR. A SIEM solution collects data and analyses security warnings in real-time. SOAR is a set of software solutions and tools that help businesses streamline their security operations. How does Microsoft Sentinel work?
Show Links: Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po Show notes can be found on the podcast website at: http://microsoftsecurityinsights.com/
Microsoft Azure is the market's second most dominant cloud service provider. Several Fortune 500 and other top-tier firms take advantage of Azure's different offerings. The Microsoft Sentinel service scales automatically to meet your needs, just like any other Azure service. Interview Questions for Microsoft Sentinel
Show Links: Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po podcast website: http://microsoftsecurityinsights.com/
In episode 104 of our SAP on Azure video podcast we talk about additional information on Azure Monitor for SAP Solutions, Microsoft Sentinel for SAP solutions, combining Azure Machine Learning with SAP Data Warehouse Cloud, embedding self-hosted SAP Fiori Launchpad into Microsoft Teams and then take a closer look with Uma Anbazhagan from SAP on how to integrate SAP Business Processes in Microsoft Teams using SAP Event Mesh and the Azure Bot Framework. https://www.saponazurepodcast.de/episode104 https://blogs.sap.com/2022/07/04/integrating-sap-business-processes-in-microsoft-teams-using-sap-business-technology-platform/" #SAPonAzure
In this episode, Michael, Sarah and Mark talk to Roey Ben Chaim about Microsoft Sentinel Content Hub. We also cover the latest security news about Exchange Online, Microsoft Entra Permissions Manager, MSTICPy, Purview DLP, Azure Monitor, Backup and App Insights.
Show Links: Gary's blog: https://www.garybusheyllc.com/ Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po
Show Links: Nicolas website: https://www.inthenicoftime.us/ and https://p1.dso.mil Leverage new and existing features to optimize cost in Microsoft Sentinel https://www.youtube.com/watch?v=0cIYB92Qb60&feature=youtu.be Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po
This episode taught us about Microsoft Sentinel, a SIEM (Security Information and Event Management) and SOAR (Security, Orchestration, Automation, and Response) product. Security is a constantly changing landscape, and Sabrina gives some tips on a successful test/deployment of Microsoft Sentinel to that you can get robots (AI) to help you think! Then we discuss Sabrina's journey through IT, and how she ended up as a consultant standing up security AI, we learn that Jordan does speak a second language after all. Not to spoil it, but it is food. Guest Bio and links: Sabrina Kay is a Microsoft Enterprise Administrator Expert and a Microsoft Enterprise Mobility MVP. She has a passion for learning and shares her knowledge with the community through her blog, speaking at conferences, making YouTube videos, and more. She speaks 5 languages (6 if you include PowerShell) and has an awesome and positive mindset. Sabrina Website - https://sabrinaksy.com/ Sabrina Twitter - https://twitter.com/oh_is_sabrina Sabrina YouTube - https://www.youtube.com/watch?v=ss1-VZuw8Kk Jaap Twitter - https://twitter.com/jaap_brasser Abstracting code - Think Abstract, abstracting your PowerShell code by Jaap Brasser Sentinel Docs - https://docs.microsoft.com/en-us/azure/sentinel/ Rod Trent Twitter - https://twitter.com/rodtrent Get-ConditionalAccessPolicyExclusions - https://github.com/jostuffl/AzureSentinel_Stuff/blob/main/Scripts/GetConditionalAccessPolicyExclusions-Runbook.ps1 Link to Show Notes: https://github.com/PowerShellPod/show-notes/blob/main/episodes/17-securing-and-setting-up-microsoft-sentinel-with-sabrina-kay.md
Show Links: Microsoft Learn Cloud Games https://docs.microsoft.com/en-us/learn/certifications/cloud-games Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po
Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po
Welcome to this episode of the EUCdigest ThrowDown. In the ThrowDown we'll discuss and debate on the news of the past month in the EUC space:Google Cloud now lets you suspend and resume VMsNew innovations at NVIDIA GTCLapsus$ gang claims Okta hack, access to Microsoft source code, NVIDIA access and moreCitrix integrated Citrix Analytics with Microsoft Sentinel and raises the threat-hunting gameGoogle Chrome OS Flex, a cloud-first operating system for your enterpriseThe British government reportedly asked when Microsoft would 'get rid' of algorithms Microsoft introduced a new icon for Windows 11HostIngmar Verheij - https://www.linkedin.com/in/ingmarverheij/Co-hostsEric van Klaveren - https://www.linkedin.com/in/klvrn/Jits Langedijk - https://www.linkedin.com/in/jitslangedijk/Johan van Amersfoort - https://www.linkedin.com/in/hojan/Kees Baggerman - https://www.linkedin.com/in/keesbaggerman/
Show Links: 365 Days of KQL Scavenger Hunt https://forms.office.com/pages/responsepage.aspx?id=2UMuhG9dY0uckAjsv2sRQM1VCVAgs1lCl3wwGmNzlMtUMjA4Tk9CTzNOTzlQMFBKVTFLUlpBOVZBMS4u Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po
Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po
In Episode 81 of our SAP on Azure video podcast we continue to talk about the SAP SuccessFactors and Teams integration blob post series by Martin Frick, highlight a blog post on Understanding Token Exchange of OAuth 2.0 with Carlos Roggan, look at how to import SAP OData services in Azure API Management using an OData metadata converter to OpenAPI by Martin Pankraz and Will Eastbury, how to connect Power BI to SAP Data Warehouse Cloud by Rangesh T K B, talk about the latest announcement to run SAP workload on Windows 2022, look at SAPPHIRE 2022 events across the world and then look at Microsoft Sentinel for SAP: a dedicated Partner Airlift now available on YouTube, a FastTrack for Azure Live webinar and how Microsoft Digital is using Microsoft Sentinel to protect SAP workload. For this we have Yoav Daniely and Koby Mymon from the Microsoft Sentinel product group and Aaron Hillard from Microsoft Digital joining us. #SAPonAzure https://www.saponazurepodcast.de/episode081/ https://youtu.be/mn0kqpxitsQ
We talk to Chris Hallum about all things Microsoft Defender for IoT. He also discusses IoT security in detail, as well as some new features on the horizon. Also, we cover the news for Microsoft Sentinel, Azure Active Directory, Azure SQL DB, new Azure Learning resources, Azure Monitor and Payment HSM.
In this episode we speak to Matt Egen about how Microsoft Sentinel can pull in telemetry and threat intel data from various sources. He talks about the new Codeless Connectors as well as his views on IP-based filtering.
Рад представить вам 141-й выпуск подкаста, в котором речь вновь идёт про безопасность приложений. У меня в гостях Александр Герасимов, директор по информационной безопасности в компании Awillix и Сергей Овчинников, cloud security architect. В этом выпуске мы говорим о том, что же такое Application Security (AppSec), как обеспечивается безопасность на всех этапах жизненного цикла разработки ПО, какие методы и подходы применяются в тех или иных случаях. Обсуждаем взаимодействие бизнеса, разработки, специалистов по информационной безопасности и devops инженеров. Обсуждаем различные подходы, приёмы и инструменты для непосредственно разработки безопасных приложений, такие как шаблоны приложений, инструменты анализа кода, подходы к созданию контейнеров и базовых образов. Отдельно поговорили про фаззинг приложений: что это такое, как он устроен и как его применять. Не обошли стороной тему кадров и знаний: обсудили где искать специалистов и как выращивать своих, где черпать знания и какие в принципе знания необходимы специалисту по информационной безопасности. В заключении выпуска немного подискутировали о будущем сферы информационной безопасности. Ссылки на ресурсы по темам выпуска: * Just Security (https://t.me/justsecurity). Телеграм канал Александра про исследования, тренды и личный опыт в кибербезопасности. * ISO/IEC 27034-6 Information technology, Security techniques, Application security (https://www.iso.org/standard/60804.html) * CIS Benchmarks (https://www.cisecurity.org/cis-benchmarks/) * CodeQL (https://codeql.github.com/) - code analysis engine developed by GitHub to automate security checks * Заметка «Hunting for XSS with CodeQL» (https://medium.com/codex/hunting-for-xss-with-codeql-57f70763b938) * SonarQube (https://www.sonarqube.org/). Если кто-то его ещё не знает :) * “Software Bill of Materials” (SBOM) (https://www.ntia.gov/SBOM) * Yandex talk from ZeroNights "Company wide SAST" (https://www.youtube.com/watch?v=JK8uUKjo_ag) * Bandit (https://github.com/PyCQA/bandit). Helps to find common security issues in Python code * Owasp ZAP (https://medium.com/cloudadventure/security-in-a-ci-cd-pipeline-876ed8541fa4). Dynamic Application Security Testing tool (DAST) * IAST Seeker (https://www.synopsys.com/software-integrity/security-testing/interactive-application-security-testing.html) * The Docker Bench for Security (https://github.com/docker/docker-bench-security) is a script that checks for dozens of common best-practices around deploying Docker * Kube-bench (https://github.com/aquasecurity/kube-bench) - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark * Книга «Kubernetes Security» (https://kubernetes-security.info/) * RESTler for RESP API fuzzing (https://github.com/microsoft/restler-fuzzer) * libFuzzer (https://llvm.org/docs/LibFuzzer.html) a library for coverage-guided fuzz testing * ClusterFuzz (https://google.github.io/clusterfuzz/) is a scalable fuzzing infrastructure that finds security and stability issues in software * OSS-Fuzz (https://github.com/google/oss-fuzz) - continuous fuzzing for open source softwar * Microsoft Sentinel (https://azure.microsoft.com/en-us/services/microsoft-sentinel/). Next-generation security operations with cloud and AI * Книга «Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats» (https://www.amazon.es/Rootkits-Bootkits-Reversing-Malware-Generation/dp/1593277164) Понравился выпуск? — Поддержи подкаст на patreon.com/KSDaemon (https://www.patreon.com/KSDaemon), звёздочками в iTunes (https://podcasts.apple.com/ru/podcast/software-development-podcast/id890468606?l=en) или своём подкаст-плеере, а так же ретвитом или постом! Заходи в телеграм-чат SDCast (https://t.me/SDCast), где можно обсудить выпуски, предложить гостей и высказать свои замечания и пожелания!
Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe
In Episode 72 of the SAP on Azure Video Podcast we talk about the new Resource Group Copy tool for SAP solutions, Updates in Microsoft Sentinel for SAP with lots of new workbooks, Immutable Storage for Blob storage now GA, availability zones in the India central region, restore points for virtual machines, updates to Azure Files NFS v4.1 and Log4J. Then we celebrate Evren Buyruk's birthday in an episode focusing on Microsoft Networking and Security tools for SAP like Azure DDoS protection, Azure Firewall, Azure Application Gateway and Azure Sentinel. https://youtu.be/f7bpkx65eYY https://www.linkedin.com/in/evren-buyruk-3951297b/ https://github.com/hobru/SAPonAzure
Hosted by Edward Walton, Frank Grimberg, Rod Trent, Brodie Cassell Sreedhar Ande Github: https://github.com/andedevsecops 1. https://aka.ms/asnew --> up to date info on the improvements we make in the product 2. NRT Rules considerations Detect threats quickly with near-real-time (NRT) analytics rules in Microsoft Sentinel | Microsoft Docs https://docs.microsoft.com/en-us/azure/sentinel/near-real-time-rules#considerations 3. Analytical Rules Health a. Playbook : Azure-Sentinel/Playbooks/Send-AnalyticalRulesHealthNotifications at master · Azure/Azure-Sentinel (github.com) https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Send-AnalyticalRulesHealthNotifications b. Blog: Monitoring Microsoft Sentinel Analytical Rules – Push Health Notifications - Microsoft Tech Community https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/monitoring-microsoft-sentinel-analytical-rules-push-health/ba-p/2793694 4. Guide to build Microsoft Sentinel Solutions a. Webinar: Create Your Own Microsoft Sentinel Solutions https://youtu.be/oYTgaTh_NOU b. Azure-Sentinel/Solutions at master · Azure/Azure-Sentinel (github.com) https://github.com/Azure/Azure-Sentinel/tree/master/Solutions#guide-to-building-microsoft-sentinel-solutions 5. Microsoft Sentinel Repositories demo a. Managing security content as code - Microsoft Sentinel in the Field #1 - YouTube https://www.youtube.com/watch?v=vqLqJhaFNBk Show Links: Twitch: https://www.twitch.tv/microsoftsecurityinsights Discord: https://discord.gg/thCAR7RMUe
In Episode 69 of the SAP on Azure Video Podcast we talk about SAP TechEd news from the Microsoft, side, the SAP deployment automation framework for Azure, Microsoft Sentinel for SAP, Azure Monitor for SAP Solutions, Switching SBD Devices for SLES pacemaker clusters, Part 2 of the extracting SAP data using OData series and an upcoming webinar on Power Platform & Neptune Software. Then we have Trond Stroemme joining us talking about sizing SAP workload on Azure, best practices, tips & tricks and finally showing us the SAP on AZure Pricing calculator. https://github.com/hobru/SAPonAzure https://youtu.be/CK_RZndvt64 https://www.linkedin.com/in/trond-stroemme-a07559/
Microsoft Security er på en vækstrejse i ekspresfart. Hør hvorfor du skal med om bord. Microsoft har investeret massivt i sikkerhed i de seneste år, og forretningsområdet er vokset markant. Sikkerhed er en stor forretningsmulighed for partnere, fordi it-sikkerhed ikke længere er en it-løsning, man kan vælge fra eller til. It-sikkerhed er fundamentet for at kunne drive en virksomhed og følger virksomheder på hvert eneste skridt i deres digitale rejse. Ifølge Aline Harmand, Cloud Solution Architect inden for sikkerhed i Microsoft, er Microsofts tilgang til it-sikkerhed enestående af flere grunde. Microsofts cloudbaserede sikkerhedsplatform, Microsoft Sentinel, bygger på nem integration, kunstig intelligens og automatisering. Platformen integrerer med andre sikkerhedsproducenter for at kunne lave så nøjagtige og favnende analyser som muligt - på tværs af alle typer enheder, herunder netværk, firewall, servere, it-systemer, endpoints og cloud. Microsoft analyserer hver dag 65 trillioner sikkerhedssignaler, dvs. potentielle sikkerhedstrusler. I podcasten fortæller Aline Harmand om Hvordan Microsoft Security's strategi om åbenhed, kunstig intelligens og automatisering gavner virksomheders it-sikkerhed Hvordan Microsoft Sentinel er meget mere end 'blot' en SIEM-løsning Hvad Microsoft Defender dækker over og kan tilbyde virksomheder Hvorfor partnere bør opgradere deres kompetencer og tage certificeringer i Microsoft Security Thomas Egesø fra Arrows Microsoft team er vært i denne podcast.
ServiceNow NOW has announced a collaboration with Microsoft MSFT to improve business enterprise security. Microsoft services such as Microsoft Teams, Microsoft Threat & Vulnerability Management, and Microsoft SharePoint were incorporated into the company's Security Operations Solution Suite. Microsoft Teams and SharePoint interfaces will be available in limited quantities beginning in June 2021, but will be completely accessible in June 2021. Microsoft Sentinel and Microsoft threat and vulnerability management connections are expected to be available in the future months, according to ServiceNow.