Episodes

  • THE Security Insights Show Episode 225a - Performanta

    THE Security Insights Show Episode 225a - Performanta
    May 30 2025

    Stop by the show as we welcome back Performanta. During the last Performanta appearance we were wowed by their Security Copilot automation. Join us to hear how the Microsoft partner is taking Security Copilot Agents to the next level.

    Watch the live replay



    This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com
    Show more Show less
    1 hr and 4 mins
  • The Microsoft Security Insights Show Episode 262 - Microsoft Layoffs

    The Microsoft Security Insights Show Episode 262 - Microsoft Layoffs
    May 19 2025

    In this episode, we dive into the recent wave of layoffs at Microsoft, where 6,000 employees—about 3% of the workforce—were let go. We explore the broader implications of these cuts, from the restructuring of management layers to the increasing role of AI in shaping the future of work.

    Join us as we hear from industry experts, affected employees, and analysts who break down what this means for tech professionals, corporate strategy, and the evolving job market. How do these layoffs fit into the larger trend of workforce reductions across the tech sector? What lessons can be learned from past restructuring efforts? And most importantly, how can professionals adapt and thrive in an industry that’s constantly evolving?

    Whether you're in tech, navigating career shifts, or simply curious about the forces shaping the modern workplace, this episode offers insights, perspectives, and strategies for moving forward.

    Tune in for a thoughtful discussion on resilience, adaptation, and the future of work in the age of AI.

    Show Links/Notes

    * Amanda's LinkedIn Profile: https://www.linkedin.com/in/amanda-schilling-5863a551/

    * Microsoft Build Books of News: aka.ms/BookofNews

    * Changes to Microsoft Authenticator autofill: https://support.microsoft.com/en-us/account-billing/changes-to-microsoft-authenticator-autofill-09fd75df-dc04-4477-9619-811510805ab6

    * MISA Partners: https://securitypartners.transform.microsoft.com/misa-members

    Watch the live replay



    This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com
    Show more Show less
    1 hr and 9 mins
  • The Microsoft Security Insights Show Episode 261 - Michael Fiorina, Tanium

    The Microsoft Security Insights Show Episode 261 - Michael Fiorina, Tanium
    May 12 2025
    Welcome to Partner month on the MSI Show. This episode we talk with Tanium to hear about the company’s latest developments for Microsoft Security Copilot and a new Agent that helps automate security operations.Show Notes/Links* Tanium: https://www.tanium.com/* Microsoft Partner Spotlight - Tanium: https://www.tanium.com/partners/microsoft/spotlight/* Michael Fiorina’s LinkedIn profile: https://www.linkedin.com/in/mikefiorina/* Microsoft Security Copilot Agent videos: https://adoption.microsoft.com/security-copilot/video-hub/* MDEAutomator: https://github.com/msdirtbag/MDEAutomator* SRA’s Crowpilot: https://sra.io/blog/crowpilot-the-ai-agent-that-connects-security-copilot-with-crowdstrike-falcon/GeneralSecuring generative AI models on Azure AI FoundryMicrosoft's Zero Trust approach Threat Intelligence & ESAMAzure Security & Defender for Cloud NewsSentinel NewsMicrosoft Sentinel Project Deployment TrackerIngesting Akamai Audit Logs into Microsoft Sentinel using Azure Function AppsDefender for IoTSensor Disconnection Notifications with Microsoft Defender for IoT and Microsoft SentinelWhat's new in Microsoft Defender for IoT?Microsoft 365 Security (All Up News)Security Update Release Summary March 2025 Microsoft EntraHelp Desk & Account Recovery - Face Check with Microsoft Entra Verified ID -VRemote Onboarding - Face Check with Microsoft Entra Verified ID -VSecure Access to Resources - Face Check with Microsoft Entra Verified ID -VDevice Management & Protection (Intune)Fortify your security posture with Microsoft Intune and WindowsStay ahead of evolving threats with the latest AI in IntuneExpand endpoint visibility across device platformsMicrosoft Intune provides key advantages for macOS managementWhat's New in Azure Firewall - March 2025 -VConfigure Entra Private Access and Quick Access in Microsoft Entra Global Secure Access What's new in Microsoft IntuneM365 Defender (Defender for Office, Defender for Endpoint, Defender for Identity, Defender for Cloud Apps)Resolving high CPU utilization in Microsoft Defender Antivirus Mastering endpoint security settings issues with Defender for Endpoint Client Analyzer Mastering onboarding issues with Defender for Endpoint Client Analyzer Microsoft Defender for Endpoint Client Analyzer overview What's new in Microsoft Defender XDRWhat's new in Microsoft Defender for EndpointWhat's new in Microsoft Defender for Office 365What's new in Microsoft Defender for IdentityWhat's new in Microsoft Defender for Cloud AppsDefender Experts for XDRCopilot for SecurityAnnouncing Alert Triage Agents in Microsoft Purview, powered by Security CopilotWhat's new in Microsoft Security Copilot?Incident ResponsePurview - Compliance & GovernanceMitigating insider risks in the age of AI with Microsoft Purview Insider Risk ManagementLearningMicrosoft Defender for Cloud Apps - Ninja TrainingWatch the live replay This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com
    Show more Show less
    1 hr and 2 mins
  • The Microsoft Security Insights Show Episode 260 - JP Bourget - Bluecycle

    The Microsoft Security Insights Show Episode 260 - JP Bourget - Bluecycle
    May 6 2025
    JP Bourget was the founder of Syncurity, an early entrant in the SOAR market, which sold to Swimlane in 2020. He currently is President Blue Cycle, a SecOps maturity advisory, services and development firm. Blue Cycle focuses on the core technologies, architecture, integration, and customization of modern sec ops programs and meet clients where they are to help level up their capabilities. Blue Cycle is a Microsoft Partner with designations in Security, Modern Work, Infrastructure, Data and AI, and Digital and App innovation. JP has designed Sentinel architecture for F500s and XDR providers and touched his first SIEM in 2005. JP is also the Entrepreneur/CISO in Residence at Lytical Ventures based in NYC, and lives in upstate NY.Show Notes/Links* JP’s LinkedIn Profile: JP Bourget* BlueCycle website: https://www.bluecycle.net/Tools, Blogs and Stuff:* Noodle’s new blog: https://sentinel.blog* https://aadinternals.comGeneral:* AI innovation requires AI security: Hear what’s new at Microsoft Secure* Transforming public sector security operations in the AI eraThreat Intelligence:* Malvertising campaign leads to info stealers hosted on GitHub* Silk Typhoon targeting IT supply chainAzure Security:* Implementing Multi-Layered Security with Azure DDoS Protection and Azure WAF Defender for Cloud:* API Security Posture with Defender for Cloud * Secure your AI application transformation with Microsoft Defender for CloudSentinel News:* New capabilities coming to Microsoft Sentinel this Spring* Microsoft Sentinel - Custom ASIM Parser for Solarwind Data sourceMicrosoft Entra:* Securing B2B Collaboration with Microsoft Entra ID -V* Microsoft Entra External ID: User activity insights * Quick Setup - Microsoft Entra Verified ID M365 Defender | XDR - (MDO, MDE, MDI, MDCA):* Transition to the Unified SOC Platform: Deep Dive and Interactive Q&A for SOC Professionals* Microsoft Defender for Endpoint Client Analyzer overview * Connecting your Apps to Defender for Cloud Apps Security Copilot:* Automate cybersecurity at scale with Microsoft Security Copilot agents* Take Flight with Microsoft Security Copilot Flight SchoolMicrosoft Purview:* Strengthen data security posture in the era of AI with Microsoft Purview* Prevent data loss across your ever-expanding data estate with Microsoft Purview Data Loss PreventionMicrosoft Learning | Skilling:* Microsoft Defender for Cloud Apps - Ninja TrainingWebinars and Stuff:* Microsoft Cloud Security Public WebinarsWatch the live replay This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com
    Show more Show less
    1 hr and 33 mins
  • The Microsoft Security Insights Show Episode 259 - Rick Kotlarz

    The Microsoft Security Insights Show Episode 259 - Rick Kotlarz
    Apr 28 2025
    Advanced Prompt Engineering for Security Copilot. As a cybersecurity professional with over 20 years of experience, Rick specializes in cybersecurity architecture and IT risk management. He is passionate about artificial intelligence, continuous learning, exchanging ideas, and contributing to endeavors that help others achieve success.Show Notes/LinksRick’s LinkedIn Profile: https://www.linkedin.com/in/rick-kotlarz/Tools, Blogs and Stuff:Noodle’s new blog: https://sentinel.bloghttps://aadinternals.comGeneral:* Create | Microsoft 365 Copilot* Microsoft Security Insider* Exploring the Extensibility of Active Directory Migration Service (ADMS) Device Migration* Introducing the Secure Future Initiative Tech Tips show!* Navigating Mergers and Acquisitions: IT Consolidation Best Practices and Approach* Blog Series: Charting Your Path to Cyber ResiliencyThreat Intelligence:* https://www.activecountermeasures.com/malware-of-the-day-ipv6-address-aliasing/* New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects* New innovations to protect custom AI applications with Defender for Cloud* Enhance AI security and governance across multi-model and multi-cloud environments* All Key Vaults Are Critical, But Some Are More Critical Than Others: Finding the Crown Jewels* Securing your organization from 'IngressNightmare' using Microsoft Security capabilitiesAzure Security:* Manage cloud security posture with Microsoft Defender for Cloud * What's new in Defender for Cloud featuresDefender for Cloud:* API Security Posture with Defender for Cloud * Secure your AI application transformation with Microsoft Defender for CloudSentinel News:Want to know how to view Sentinel incidents in Teams?Azure Lighthouse support for MSSP use of Security Copilot Sentinel scenarios in Public Preview | Microsoft Community HubMonitor User Activities and System Events with Security Copilot and Microsoft Sentinel | Microsoft Community Hub -Microsoft Entra:* Using phishing resistant creds | Protect identities and secrets * How do Microsoft Entra ID Protection Risk Signals Work? * Configure API driven Provisioning in Microsoft Entra ID Governance * Configure auto-assignment policies in Microsoft Entra ID Governance using Entitlement Management * Microsoft Entra custom authentication extension overview * Implementing managed identities | Protect identities and secrets * Create Custom reports for Microsoft Entra ID Governance data using Azure Data Explorer * What's new in Entra IDM365 Defender | XDR - (MDO, MDE, MDI, MDCA):* ​​Built-in report button is available in Microsoft Outlook across platforms* Monthly news - March 2025* Defending Against OAuth-Based Attacks with Automatic Attack Disruption* Level Up Your App Governance With Microsoft Defender for Cloud Apps Workshop Series* Strengthening Email Security: Our New Approach to Non-RFC Compliant Emails* Unveiling the Shadows: Extended Critical Asset Protection with MSEM* Level up your defense: protect against attacks using stale user accounts* Discover and protect Service Accounts with Microsoft Defender for Identity* Protect SaaS apps from OAuth threats with attack path, advanced hunting and more* General Availability for Collaboration Security for Microsoft TeamsSecurity Copilot:* Protect at the scale and speed of AI with Microsoft Security Copilot* Microsoft Security Copilot – Microsoft Adoption* Empowering Security Copilot with NL2KQL: Transforming Natural Language into Insightful KQL queries | Microsoft Community Hub* Advancing Security Copilot with MAGIC: Automating Self-Correction in NL2KQL and Beyond* Take Flight with Microsoft Security Copilot Flight SchoolMicrosoft Purview:* 3 Tips for Comprehensive Data Security* Advanced hunting for Microsoft Purview Data Loss Prevention (DLP) incidents | Microsoft Community Hub* New innovations in Microsoft Purview for protected, AI-ready data* Unlocking the Power of Microsoft Purview for ChatGPT Enterprise * What's new in Microsoft PurviewWebinars and Stuff:* Microsoft Cloud Security Public WebinarsWatch the live replay This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com
    Show more Show less
    1 hr and 6 mins
  • The Microsoft Security Insights Show Episode 258 - Linda Guðmundsdóttir

    The Microsoft Security Insights Show Episode 258 - Linda Guðmundsdóttir
    Apr 21 2025
    This episode we welcome Linda Dögg Guðmundsdóttir. Linda works as a Cybersecurity Architect Expert & Solution Architect in Iceland. In this episode, Linda shares her expertise on security M365 Copilot. Tune in for lots of talk about Purview, Defender for Cloud Apps, and Data Security.Show Notes/Links* Join the MSI Kusto Team for the upcoming Kusto Detective Agency - Call of Cyber Duty: https://www.microsoftsecurityinsights.com/p/join-the-msi-show-team-for-the-kusto* Just good old plain security stuff:General:* Everything Old Is New Again: Hardening the Trust Boundary of VBS Enclaves* Meet the IMS team* IMS Efficient Migration MethodsThreat Intelligence:* Analyzing open-source bootloaders: Finding vulnerabilities faster with AI* StilachiRAT analysis: From system reconnaissance to cryptocurrency theft* Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malwareAzure Security:* Secure containers software supply chain across the SDLC* Microsoft Defender for Cloud Customer Newsletter* Integrating Security into DevOps Workflows with Microsoft Defender CSPM* Public Preview: Key Attestation for Azure Managed HSMDefender for Cloud:* Secure your AI application transformation with Microsoft Defender for Cloud-V* Manage cloud security posture with Microsoft Defender for Cloud -V* What's new in Defender for Cloud featuresSentinel News:* Integrating Radware WAF Logs with Microsoft Sentinel Using Logic Apps* Case Management is now Generally Available* What's new in Microsoft SentinelMicrosoft Entra:* ADSS TSync vs Entra Cross-Tenant Sync: A Comprehensive Comparison* Introducing Microsoft Entra Health alerts: An enhancement to tenant health monitoring* Exploring the Extensibility of Active Directory Migration Service (ADMS)* Tell us what you think: The Microsoft Entra blog team wants to hear from you!* New innovations in Microsoft Entra to strengthen AI security and identity protection* Insights from the Secure Employee Access report reveal the need for unified access security* New user experience for consumer authentication* Replace your legacy VPN with an identity-centric ZTNAM365 Defender | XDR - (MDO, MDE, MDI, MDCA):* ​​Built-in report button is available in Microsoft Outlook across platforms* Monthly news - March 2025* Defending Against OAuth-Based Attacks with Automatic Attack Disruption* Level Up Your App Governance With Microsoft Defender for Cloud Apps Workshop Series* Strengthening Email Security: Our New Approach to Non-RFC Compliant Emails* Unveiling the Shadows: Extended Critical Asset Protection with MSEM* Level up your defense: protect against attacks using stale user accounts* Discover and protect Service Accounts with Microsoft Defender for Identity* Protect SaaS apps from OAuth threats with attack path, advanced hunting and moreSecurity Copilot:* Empowering Security Copilot with NL2KQL: Transforming Natural Language into Insightful KQL queries* Advancing Security Copilot with MAGIC: Automating Self-Correction in NL2KQL and BeyondMicrosoft Purview:* Improve your DLP maturity with DLP Analytics* 1000 Data Map Collections* Microsoft Purview – Data Security Posture Management (DSPM) for AI* Protecting sensitive information in the era of AI with Microsoft Purview Information ProtectionMicrosoft Security Learning:* Azure Network Security* Microsoft 365 Advanced eDiscovery* Microsoft Copilot for Security* Microsoft Defender XDR* Microsoft Defender External Attack Surface Management* Microsoft Defender for Cloud* Microsoft Defender for Cloud Apps* Microsoft Defender for Endpoint* Microsoft Defender Experts* Microsoft Defender for Identity* Microsoft Defender for IoT* Microsoft Defender for Office 365* Microsoft Defender Threat Intelligence* Microsoft Defender Vulnerability Management* Microsoft Purview Insider Risk Management* Microsoft Purview Data Lifecycle & Records Management* Microsoft Purview Information Protection* Microsoft Purview Data Loss Prevention* Microsoft Purview Communication Compliance* Microsoft Purview Compliance Manager* Microsoft Sentinel* Microsoft Sentinel Notebooks* Microsoft Unified SOC PlatformMicrosoft Security Github’s:* Azure Network Security GitHub* Microsoft Defender for Cloud GitHub* Microsoft Sentinel GitHub* Microsoft Defender XDR GitHub* Microsoft Defender for Cloud Apps GitHub* Microsoft Defender for Identity* Microsoft PurviewWebinars and Stuff:* APR 23 (9:00AM) Microsoft Defender XDR | SaaS Security Exposure Reduction via the Exposure Management Platform* APR 24 (9:00AM) Microsoft Defender XDR | Secure Your Servers with Microsoft's Server Protection SolutionNotes, Tips and Tools:* Blue Team Handbook: https://amzn.to/4ir9lfG* dnstwist: https://github.com/elceef/dnstwist* domain name permutation engine: https://www.mankier.com/1/dnstwist* Crime mapper: https://mr-r3b00t.github.io/crime-mapper/experimental_mapper.html* Website mapping: https://addons.mozilla.org/en-US/firefox/addon/lightbeam-chik This is a public episode. If you...
    Show more Show less
    1 hr and 25 mins
  • The Microsoft Security Insights Show Episode 257 - Nathan Swift

    The Microsoft Security Insights Show Episode 257 - Nathan Swift
    Apr 14 2025
    Join us this episode as we welcome back fan favorite, Nathan Swift. This is a demo-heavy episode, so make sure to catch the live video replay if you can. Dive into the incredible potential of tools like Microsoft Defender EASM—a budget-friendly powerhouse for countless use cases—and unravel the magic of the TwistDNS algorithm in spotting typosquatting and phishing threats. From building Microsoft Sentinel Watchlists to crafting advanced integrations with Azure Container Instances, Logic Apps, and Functions, we’re here to keep your mind buzzing and your solutions thriving.Show Notes/Links* Nathan's GitHub repo: https://github.com/SwiftSolves-msft* Nathan's old GitHub repo: https://github.com/SwiftSolves * Sentinel DNSTwist Solution: https://github.com/swiftsolves-msft/Sentinel-DNSTwist-SolutionJust good old plain security stuff:General:* Everything Old Is New Again: Hardening the Trust Boundary of VBS Enclaves* Meet the IMS team* IMS Efficient Migration MethodsThreat Intelligence:* Analyzing open-source bootloaders: Finding vulnerabilities faster with AI* StilachiRAT analysis: From system reconnaissance to cryptocurrency theft* Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malwareAzure Security:* Secure containers software supply chain across the SDLC* Microsoft Defender for Cloud Customer Newsletter* Integrating Security into DevOps Workflows with Microsoft Defender CSPM* Public Preview: Key Attestation for Azure Managed HSMDefender for Cloud:* Secure your AI application transformation with Microsoft Defender for Cloud-V* Manage cloud security posture with Microsoft Defender for Cloud -V* What's new in Defender for Cloud featuresSentinel News:* Integrating Radware WAF Logs with Microsoft Sentinel Using Logic Apps* Case Management is now Generally Available* What's new in Microsoft SentinelMicrosoft Entra:* ADSS TSync vs Entra Cross-Tenant Sync: A Comprehensive Comparison* Introducing Microsoft Entra Health alerts: An enhancement to tenant health monitoring* Exploring the Extensibility of Active Directory Migration Service (ADMS)* Tell us what you think: The Microsoft Entra blog team wants to hear from you!* New innovations in Microsoft Entra to strengthen AI security and identity protection* Insights from the Secure Employee Access report reveal the need for unified access security* New user experience for consumer authentication* Replace your legacy VPN with an identity-centric ZTNAM365 Defender | XDR - (MDO, MDE, MDI, MDCA):* ​​Built-in report button is available in Microsoft Outlook across platforms* Monthly news - March 2025* Defending Against OAuth-Based Attacks with Automatic Attack Disruption* Level Up Your App Governance With Microsoft Defender for Cloud Apps Workshop Series* Strengthening Email Security: Our New Approach to Non-RFC Compliant Emails* Unveiling the Shadows: Extended Critical Asset Protection with MSEM* Level up your defense: protect against attacks using stale user accounts* Discover and protect Service Accounts with Microsoft Defender for Identity* Protect SaaS apps from OAuth threats with attack path, advanced hunting and moreSecurity Copilot:* Empowering Security Copilot with NL2KQL: Transforming Natural Language into Insightful KQL queries* Advancing Security Copilot with MAGIC: Automating Self-Correction in NL2KQL and BeyondMicrosoft Purview:* APR 22 (8:00AM) Microsoft Purview | eDiscovery New User Experience and Retirement of Classic* Inheriting Sensitivity Labels from Shared Files to Teams Meetings * Export Search Results in eDiscovery * Microsoft Purview AMA - Data Security, Compliance, and Governance Microsoft Security Learning:* Azure Network Security* Microsoft 365 Advanced eDiscovery* Microsoft Copilot for Security* Microsoft Defender XDR* Microsoft Defender External Attack Surface Management* Microsoft Defender for Cloud* Microsoft Defender for Cloud Apps* Microsoft Defender for Endpoint* Microsoft Defender Experts* Microsoft Defender for Identity* Microsoft Defender for IoT* Microsoft Defender for Office 365* Microsoft Defender Threat Intelligence* Microsoft Defender Vulnerability Management* Microsoft Purview Insider Risk Management* Microsoft Purview Data Lifecycle & Records Management* Microsoft Purview Information Protection* Microsoft Purview Data Loss Prevention* Microsoft Purview Communication Compliance* Microsoft Purview Compliance Manager* Microsoft Sentinel* Microsoft Sentinel Notebooks* Microsoft Unified SOC PlatformMicrosoft Security Github’s:* Azure Network Security GitHub* Microsoft Defender for Cloud GitHub* Microsoft Sentinel GitHub* Microsoft Defender XDR GitHub* Microsoft Defender for Cloud Apps GitHub* Microsoft Defender for Identity* Microsoft PurviewWebinars and Stuff:* APR 23 (9:00AM) Microsoft Defender XDR | SaaS Security Exposure Reduction via the Exposure Management Platform* APR 24 (9:00AM) Microsoft Defender XDR | Secure Your Servers with Microsoft's Server Protection SolutionNotes, Tips...
    Show more Show less
    1 hr and 3 mins
  • The Microsoft Security Insights Show Episode 256 - Cyclotron

    The Microsoft Security Insights Show Episode 256 - Cyclotron
    Apr 7 2025

    For the start of TechHeavy month, we welcome Cyclotron. Join us with Nathan Berger (Director of Security) and Nicholas Geil (Head of Products) of Cyclotron to hear about their Compliance & Data Protection, Identity & Access Management, Endpoint Management & Virtual Desktop, and Threat Protection services.

    Show Notes/Links

    * Nathan’s LinkedIn profile: https://www.linkedin.com/in/nathan-berger-780846149/

    * Nicholas’ LinkedIn profile: https://www.linkedin.com/in/nicholas-geil/

    * Cyclotron website: https://www.cyclotron.com/

    * Cyclotron Beam: https://cyclotronbeam.com/

    * Kapton: https://kapton.io/

    * Compliance and Data Protection: https://www.cyclotron.com/compliance-data-protection

    * Cyclotron Blogs: https://www.cyclotron.com/blog

    Watch the live replay



    This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com
    Show more Show less
    1 hr and 46 mins
adbl_web_global_use_to_activate_T1_webcro805_stickypopup