Episodi
-
We have a new plugin available for Security Copilot. This one supplies new intelligence to Security Copilot from the expertise and experiences of Microsoft's own security analysts.
* Read the announcement: Enhancing Threat Hunting with Microsoft Defender Experts Plugin
* Get the plugin: https://aka.ms/DEXPlugin
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[ Subscribe to the Bi-weekly Copilot for Security Newsletter]
[Subscribe to the Weekly SIEM and XDR Newsletter]
[Learn KQL with the Must Learn KQL series and book]
[Learn AI Security with the Must Learn AI Security series and book]
** Need a Tech break?? Sure, we all do! Check out my fiction novels: https://RodsFictionBooks.com
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
You may have (or may not) have seen news about the latest update to the Security Copilot Usage Dashboard.
So, if not â thereâs an update available for everyone that GAâd on October 25th that brings the Usage Dashboard some much needed and much requested features and brings the revision level for the dashboard to 2.0.
In this walkthrough, I want to show and talk about the new data dimensions available, so you have a much clearer picture of just how valuable this update truly is.
Documentation: https://learn.microsoft.com/en-us/copilot/security/manage-usage
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Episodi mancanti?
-
In this episode, I welcome back Microsoft Copilot to have a discussion about a growing threat - Security Drift. In short, security drift is when security measures or compliance standards deteriorate over time due to neglect, misconfigurations, or evolving threats. This can lead to vulnerabilities and potential breaches, making it crucial to regularly audit and update security practices. Think of it as your security protocols drifting away from best practices, becoming less effective.
Go deeper!
Check out the blog: https://senserva.com/blog/security-drift-the-silent-killer
Grab the whitepaper: https://senserva.com/drift-management-whitepaper
Listen above or watch the video interview belowâŠ
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
In this episode, I sit down once again with Microsoft Copilot to chat about Microsoft Ignite 2024 in Chicago. This time we chat about things you can do around Chicago. Places to eat, places to visit, how to dress for November, and how to travel to and from the airport.
Listen above or watch the video interview belowâŠ
The in-person event is sold out (yeah, itâs popular), but you can still register as a Digital attendee which gives you a free online pass.
What you get with a free pass:
* Live-stream keynote
* Live-stream sessions
* Digital swag
* Access to all the online experience and features like:
* Session scheduler
* Attendee and Featured Partner directory
* Digital favorites
* On-demand access to keynotes and sessions
Register now!
https://register.ignite.microsoft.com/
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
In this episode, I sit down with Microsoft Copilot to chat about Microsoft Ignite 2024 in Chicago. Hear about what to expect and get some tips on how to make the event your best ever.
Listen above or watch the video interview belowâŠ
The in-person event is sold out (yeah, itâs popular), but you can still register as a Digital attendee which gives you a free online pass.
What you get with a free pass:
* Live-stream keynote
* Live-stream sessions
* Digital swag
* Access to all the online experience and features like:
* Session scheduler
* Attendee and Featured Partner directory
* Digital favorites
* On-demand access to keynotes and sessions
Register now! https://register.ignite.microsoft.com/
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
In this experimental episode, I hope you enjoy the effort to test Microsoftâs new Copilot conversational capabilities through a short interview about Copilot for Security.
Listen above or watch the video interview belowâŠ
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Sometimes I feel a bit like Mr. Roark from Fantasy Island where I build and deliver the wishes of the community. Welcome to my island. Smiles everyone!
This episode, here about a new endeavor to consolidate and curate all the great community content for Copilot for Security into a bi-weekly newsletter.
* Subscribe or follow âThe CfS Promptâ: https://aka.ms/TheCfSPrompt
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Learning KQL is a necessity for system administrators, Azure operators, and security analysts alike, ensuring workloads are monitored to be active, accessible, and secure in the Microsoft Azure cloud platform.
KQL is a powerful query language that helps analyze a large volume of structured, semi structured, and unstructured data. KQL has inbuilt operators and functions that lets a user analyze data to find trends, patterns, anomalies, create forecasting, and machine learning. KQL underpins a variety of Microsoft cloud productsâMicrosoft Sentinel, Azure Data Explorer, Microsoft 365 Advanced Hunting, Azure Resource Graph, Azure Monitor and more.
This book is designed to be the definitive guide to not only learning KQL but also to using KQL to solve real-world problems. As you learn parts of the language, the authors will show how that can be used to aid with daily operations and security investigations. At the completion of the book, you will have not only learned the language, but also operationalized KQL in your environment.
This topic is important for anyone who manages anything in Azure and any service (AWS, GCP, etc.) being managed through an Azure-based security platform, as well as systems administrators, security consultants, security operations center analysts, and data scientists.
Get it from Amazon: https://amzn.to/4aMHfrI
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Iâm super happy to announce the schedule for Women in Cybersecurity for March 2024. I hope youâll join us, and I hope youâll share this with your colleagues, teammates, and just anyone that will benefit from listening to some great stories about how anyone can pivot into a life of cybersecurity.
Show Notes/Links:
* The Microsoft Security Insights Show: https://aka.ms/GetMSIShow
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Join me this episode as I give my perspective of the Microsoft AI Tour and why you should consider attending if you can.
Show Notes/Links:
* Microsoft AI Tour: https://envision.microsoft.com
* Microsoft AI Tour in NYC: https://msevents.microsoft.com/event?id=2474845579
* Microsoft Security Copilot (or, Copilot for Security): https://aka.ms/CopilotforSecurity
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Welcome back everyone! Thank you so much for listening in to this podcast. Thank you for all the listeners who have found it and have come back again and again.
This is my last podcast for 2023. So, I trust your holiday season will be happy, healthy, and safe.
Show Notes/Links:
HASMUG event: https://www.eventbrite.com/e/hasmug-2023-december-13-microsoft-security-compliance-and-identity-registration-722821026147
The Microsoft AI Tour: https://envision.microsoft.com/
Prepare for Microsoft Security Copilot: https://rodtrent.substack.com/t/security-copilot
Must Learn KQL: https://aka.ms/MustLearnKQL
KQL Christmas Merch - All proceeds go to St. Jude Childrenâs Research Hospital.
* The KQL Carolers: 'Tis the Season for KQL'Ling: https://must-learn-kql.creator-spring.com/listing/the-kql-carolers
* Must Learn KQL Christmas T-shirt - Style 1: https://must-learn-kql.creator-spring.com/listing/must-learn-kql-christmas-t-shi
* Must Learn KQL Christmas T-shirt - Style 2: https://must-learn-kql.creator-spring.com/listing/new-must-learn-kql-christmas-t
* Must Learn KQL Christmas T-shirt - Style 3: https://must-learn-kql.creator-spring.com/listing/get-must-learn-kql-christmas-t
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Join me this episode as I talk about Microsoft Security Copilot at Microsoft Ignite 2023. I give you an overview of the excitement generated by this upcoming product, a quick summary of announcements, and how to get access now. I also talk about one of our latest integration partners, Tanium.
This post brought to you by:
* Tip: Catch up on Microsoft Security Copilot Over a Weekend: https://rodtrent.substack.com/p/tip-catch-up-on-microsoft-security
* How Microsoft Security Copilot Can Help Defend Against Cyberthreats: https://rodtrent.substack.com/p/microsoft-security-copilot-the-introduction
* Microsoft Security Copilot - the Introduction: https://rodtrent.substack.com/p/microsoft-security-copilot-the-introduction
Additional notes and links:
* Microsoft Ignite 2023 Book of News: https://news.microsoft.com/ignite-2023-book-of-news/
* The Microsoft Security Copilot official product page: https://www.microsoft.com/security/business/ai-machine-learning/microsoft-security-copilot
* Microsoft Security Copilot Docs: https://learn.microsoft.com/en-us/security-copilot/microsoft-security-copilot
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
This episode is brought to you by the Microsoft Sentinel SOC 101 series.
Here's the posts already available now:
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Brute Force Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Phishing Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-443
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Malware Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-321
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Cross-Site Scripting (XSS) Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-658
* Microsoft Sentinel SOC 101: Leveraging MITRE ATT&CK Techniques with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-leveraging
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Supply Chain Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-f83
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Angelica Faber joins me this episode to close out some burning questions that have plagued my brain for days. Thanks, Angelica for letting me sleep at night again!
This episode of After the Blog is brought to you by:
* Preparing the SOC for Generative AI
* My Current Thoughts on Using AI with a Modern SIEM
* Microsoft Security Insights Show Episode 167 - Angelica Faber
Notes/Links:
* Angelica on LinkedIn: https://www.linkedin.com/in/angelica-faber/
* Angelicaâs blog: https://myfabersecurity.com/
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Question of the week: Should someone focused on security take the Microsoft AI exams?
Notes/Links:
* Exam AI-900: Microsoft Azure AI Fundamentals: https://learn.microsoft.com/en-us/certifications/exams/ai-900/
* Exam AI-102: Designing and Implementing a Microsoft Azure AI Solution: https://learn.microsoft.com/en-us/certifications/exams/ai-102/
* Rodâs AI Repo: https://aka.ms/RodAI
* The Must Learn AI Security series: https://aka.ms/MustLearnAISecurity
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Thanks so much to my guest for this episode for his expertise, Richard âDisneyâ Diver.
Answered in this episode:
* Just because it can, should Microsoft Sentinel be used for anything other than security purposes?
* Is Content Filtering and Abuse Monitoring for AI considered part of cybersecurity?
This episode is related to the original post here:
Catch the podcast at any of the following locations: Finding the After the Blog Podcast
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Microsoft Sentinel Newsletter]
[Subscribe to the Weekly Microsoft Defender Newsletter]
[Subscribe to the Weekly Azure OpenAI Newsletter]
[Learn KQL with the Must Learn KQL series and book]
[Learn AI Security with the Must Learn AI Security series and book]
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
This episode of After the Blog is based off the following blog postâŠ
Show links and notes:
* St. Judeâs: https://www.stjude.org/
* The Microsoft Security Insights show: https://aka.ms/GetMSIShow
* Ontinue: https://www.ontinue.com/
* Book: Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What To Do About Them
* Book: Must Learn KQL: Essential Learning for the Cloud-focused Data Scientist
* Must Learn KQL series: https://aka.ms/MustLearnKQL
Must Learn KQL statsâŠ
Catch the podcast at any of the following locations: Finding the After the Blog Podcast
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Microsoft Sentinel Newsletter]
[Subscribe to the Weekly Microsoft Defender Newsletter]
[Subscribe to the Weekly Azure OpenAI Newsletter]
[Learn KQL with the Must Learn KQL series and book]
[Learn AI Security with the Must Learn AI Security series and book]
This is a public episode. If youâd like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe