Episodi
-
This episode we welcome Linda Dögg Guðmundsdóttir. Linda works as a Cybersecurity Architect Expert & Solution Architect in Iceland. In this episode, Linda shares her expertise on security M365 Copilot. Tune in for lots of talk about Purview, Defender for Cloud Apps, and Data Security.
Show Notes/Links
* Join the MSI Kusto Team for the upcoming Kusto Detective Agency - Call of Cyber Duty: https://www.microsoftsecurityinsights.com/p/join-the-msi-show-team-for-the-kusto
* Just good old plain security stuff:
General:
* Everything Old Is New Again: Hardening the Trust Boundary of VBS Enclaves
* Meet the IMS team
* IMS Efficient Migration Methods
Threat Intelligence:
* Analyzing open-source bootloaders: Finding vulnerabilities faster with AI
* StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
* Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Azure Security:
* Secure containers software supply chain across the SDLC
* Microsoft Defender for Cloud Customer Newsletter
* Integrating Security into DevOps Workflows with Microsoft Defender CSPM
* Public Preview: Key Attestation for Azure Managed HSM
Defender for Cloud:
* Secure your AI application transformation with Microsoft Defender for Cloud-V
* Manage cloud security posture with Microsoft Defender for Cloud -V
* What's new in Defender for Cloud features
Sentinel News:
* Integrating Radware WAF Logs with Microsoft Sentinel Using Logic Apps
* Case Management is now Generally Available
* What's new in Microsoft Sentinel
Microsoft Entra:
* ADSS TSync vs Entra Cross-Tenant Sync: A Comprehensive Comparison
* Introducing Microsoft Entra Health alerts: An enhancement to tenant health monitoring
* Exploring the Extensibility of Active Directory Migration Service (ADMS)
* Tell us what you think: The Microsoft Entra blog team wants to hear from you!
* New innovations in Microsoft Entra to strengthen AI security and identity protection
* Insights from the Secure Employee Access report reveal the need for unified access security
* New user experience for consumer authentication
* Replace your legacy VPN with an identity-centric ZTNA
M365 Defender | XDR - (MDO, MDE, MDI, MDCA):
* Built-in report button is available in Microsoft Outlook across platforms
* Monthly news - March 2025
* Defending Against OAuth-Based Attacks with Automatic Attack Disruption
* Level Up Your App Governance With Microsoft Defender for Cloud Apps Workshop Series
* Strengthening Email Security: Our New Approach to Non-RFC Compliant Emails
* Unveiling the Shadows: Extended Critical Asset Protection with MSEM
* Level up your defense: protect against attacks using stale user accounts
* Discover and protect Service Accounts with Microsoft Defender for Identity
* Protect SaaS apps from OAuth threats with attack path, advanced hunting and more
Security Copilot:
* Empowering Security Copilot with NL2KQL: Transforming Natural Language into Insightful KQL queries
* Advancing Security Copilot with MAGIC: Automating Self-Correction in NL2KQL and Beyond
Microsoft Purview:
* Improve your DLP maturity with DLP Analytics
* 1000 Data Map Collections
* Microsoft Purview – Data Security Posture Management (DSPM) for AI
* Protecting sensitive information in the era of AI with Microsoft Purview Information Protection
Microsoft Security Learning:
* Azure Network Security
* Microsoft 365 Advanced eDiscovery
* Microsoft Copilot for Security
* Microsoft Defender XDR
* Microsoft Defender External Attack Surface Management
* Microsoft Defender for Cloud
* Microsoft Defender for Cloud Apps
* Microsoft Defender for Endpoint
* Microsoft Defender Experts
* Microsoft Defender for Identity
* Microsoft Defender for IoT
* Microsoft Defender for Office 365
* Microsoft Defender Threat Intelligence
* Microsoft Defender Vulnerability Management
* Microsoft Purview Insider Risk Management
* Microsoft Purview Data Lifecycle & Records Management
* Microsoft Purview Information Protection
* Microsoft Purview Data Loss Prevention
* Microsoft Purview Communication Compliance
* Microsoft Purview Compliance Manager
* Microsoft Sentinel
* Microsoft Sentinel Notebooks
* Microsoft Unified SOC Platform
Microsoft Security Github’s:
* Azure Network Security GitHub
* Microsoft Defender for Cloud GitHub
* Microsoft Sentinel GitHub
* Microsoft Defender XDR GitHub
* Microsoft Defender for Cloud Apps GitHub
* Microsoft Defender for Identity
* Microsoft Purview
Webinars and Stuff:
* APR 23 (9:00AM) Microsoft Defender XDR | SaaS Security Exposure Reduction via the Exposure Management Platform
* APR 24 (9:00AM) Microsoft Defender XDR | Secure Your Servers with Microsoft's Server Protection Solution
Notes, Tips and Tools:
* Blue Team Handbook: https://amzn.to/4ir9lfG
* dnstwist: https://github.com/elceef/dnstwist
* domain name permutation engine: https://www.mankier.com/1/dnstwist
* Crime mapper: https://mr-r3b00t.github.io/crime-mapper/experimental_mapper.html
* Website mapping: https://addons.mozilla.org/en-US/firefox/addon/lightbeam-chik
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Join us this episode as we welcome back fan favorite, Nathan Swift. This is a demo-heavy episode, so make sure to catch the live video replay if you can. Dive into the incredible potential of tools like Microsoft Defender EASM—a budget-friendly powerhouse for countless use cases—and unravel the magic of the TwistDNS algorithm in spotting typosquatting and phishing threats. From building Microsoft Sentinel Watchlists to crafting advanced integrations with Azure Container Instances, Logic Apps, and Functions, we’re here to keep your mind buzzing and your solutions thriving.
Show Notes/Links
* Nathan's GitHub repo: https://github.com/SwiftSolves-msft
* Nathan's old GitHub repo: https://github.com/SwiftSolves
* Sentinel DNSTwist Solution: https://github.com/swiftsolves-msft/Sentinel-DNSTwist-Solution
Just good old plain security stuff:
General:
* Everything Old Is New Again: Hardening the Trust Boundary of VBS Enclaves
* Meet the IMS team
* IMS Efficient Migration Methods
Threat Intelligence:
* Analyzing open-source bootloaders: Finding vulnerabilities faster with AI
* StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
* Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Azure Security:
* Secure containers software supply chain across the SDLC
* Microsoft Defender for Cloud Customer Newsletter
* Integrating Security into DevOps Workflows with Microsoft Defender CSPM
* Public Preview: Key Attestation for Azure Managed HSM
Defender for Cloud:
* Secure your AI application transformation with Microsoft Defender for Cloud-V
* Manage cloud security posture with Microsoft Defender for Cloud -V
* What's new in Defender for Cloud features
Sentinel News:
* Integrating Radware WAF Logs with Microsoft Sentinel Using Logic Apps
* Case Management is now Generally Available
* What's new in Microsoft Sentinel
Microsoft Entra:
* ADSS TSync vs Entra Cross-Tenant Sync: A Comprehensive Comparison
* Introducing Microsoft Entra Health alerts: An enhancement to tenant health monitoring
* Exploring the Extensibility of Active Directory Migration Service (ADMS)
* Tell us what you think: The Microsoft Entra blog team wants to hear from you!
* New innovations in Microsoft Entra to strengthen AI security and identity protection
* Insights from the Secure Employee Access report reveal the need for unified access security
* New user experience for consumer authentication
* Replace your legacy VPN with an identity-centric ZTNA
M365 Defender | XDR - (MDO, MDE, MDI, MDCA):
* Built-in report button is available in Microsoft Outlook across platforms
* Monthly news - March 2025
* Defending Against OAuth-Based Attacks with Automatic Attack Disruption
* Level Up Your App Governance With Microsoft Defender for Cloud Apps Workshop Series
* Strengthening Email Security: Our New Approach to Non-RFC Compliant Emails
* Unveiling the Shadows: Extended Critical Asset Protection with MSEM
* Level up your defense: protect against attacks using stale user accounts
* Discover and protect Service Accounts with Microsoft Defender for Identity
* Protect SaaS apps from OAuth threats with attack path, advanced hunting and more
Security Copilot:
* Empowering Security Copilot with NL2KQL: Transforming Natural Language into Insightful KQL queries
* Advancing Security Copilot with MAGIC: Automating Self-Correction in NL2KQL and Beyond
Microsoft Purview:
* APR 22 (8:00AM) Microsoft Purview | eDiscovery New User Experience and Retirement of Classic
* Inheriting Sensitivity Labels from Shared Files to Teams Meetings
* Export Search Results in eDiscovery
* Microsoft Purview AMA - Data Security, Compliance, and Governance
Microsoft Security Learning:
* Azure Network Security
* Microsoft 365 Advanced eDiscovery
* Microsoft Copilot for Security
* Microsoft Defender XDR
* Microsoft Defender External Attack Surface Management
* Microsoft Defender for Cloud
* Microsoft Defender for Cloud Apps
* Microsoft Defender for Endpoint
* Microsoft Defender Experts
* Microsoft Defender for Identity
* Microsoft Defender for IoT
* Microsoft Defender for Office 365
* Microsoft Defender Threat Intelligence
* Microsoft Defender Vulnerability Management
* Microsoft Purview Insider Risk Management
* Microsoft Purview Data Lifecycle & Records Management
* Microsoft Purview Information Protection
* Microsoft Purview Data Loss Prevention
* Microsoft Purview Communication Compliance
* Microsoft Purview Compliance Manager
* Microsoft Sentinel
* Microsoft Sentinel Notebooks
* Microsoft Unified SOC Platform
Microsoft Security Github’s:
* Azure Network Security GitHub
* Microsoft Defender for Cloud GitHub
* Microsoft Sentinel GitHub
* Microsoft Defender XDR GitHub
* Microsoft Defender for Cloud Apps GitHub
* Microsoft Defender for Identity
* Microsoft Purview
Webinars and Stuff:
* APR 23 (9:00AM) Microsoft Defender XDR | SaaS Security Exposure Reduction via the Exposure Management Platform
* APR 24 (9:00AM) Microsoft Defender XDR | Secure Your Servers with Microsoft's Server Protection Solution
Notes, Tips and Tools:
* Blue Team Handbook: https://amzn.to/4ir9lfG
* dnstwist: https://github.com/elceef/dnstwist
* domain name permutation engine: https://www.mankier.com/1/dnstwist
* Crime mapper: https://mr-r3b00t.github.io/crime-mapper/experimental_mapper.html
* Website mapping: https://addons.mozilla.org/en-US/firefox/addon/lightbeam-chik
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Episodi mancanti?
-
For the start of TechHeavy month, we welcome Cyclotron. Join us with Nathan Berger (Director of Security) and Nicholas Geil (Head of Products) of Cyclotron to hear about their Compliance & Data Protection, Identity & Access Management, Endpoint Management & Virtual Desktop, and Threat Protection services.
Show Notes/Links
* Nathan’s LinkedIn profile: https://www.linkedin.com/in/nathan-berger-780846149/
* Nicholas’ LinkedIn profile: https://www.linkedin.com/in/nicholas-geil/
* Cyclotron website: https://www.cyclotron.com/
* Cyclotron Beam: https://cyclotronbeam.com/
* Kapton: https://kapton.io/
* Compliance and Data Protection: https://www.cyclotron.com/compliance-data-protection
* Cyclotron Blogs: https://www.cyclotron.com/blog
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
For our 3rd annual Women in Cybersecurity month, we topped-off another amazing set of episodes with our first day-long conference. Listen in as our esteemed guests discuss how their personal and professional perspectives shaped a life in Cybersecurity.
* Keynote Address by Dona Sarkar
* Second session with Heike Ritter
* Finale session with Renuka Iyer
The original event link: https://developer.microsoft.com/reactor/events/25104/
Watch all the March 2025 episodes: https://www.youtube.com/playlist?list=PLT7gsT16FK5Z40NqLf1Rl3tbQZyRuCHid
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Join us as we talk with Liz Tesch. Liz is a treasured commodity at Microsoft. She is a Cybersecurity Cloud Solutions Architect with strong community and mentoring skills.
Show Notes/Links
* Liz’s LinkedIn Profile: https://www.linkedin.com/in/liz-tesch-81652121/
* Liz’s blog post: Active Directory is 25 Years Old. Do You Still Manage It Like It's 1999?
General links
* Create | Microsoft 365 Copilot
* Microsoft Security Insider
* Protect enterprise solutions with new Microsoft Power Platform security features - Microsoft Power Platform Blog
* Cool Tools:
* https://aadinternals.com
* Threat Intelligence:
* Malware of the Day – IPv6 Address Aliasinghttps://www.activecountermeasures.com/malware-of-the-day-ipv6-address-aliasing/
* Sentinel News:
* Want to know how to view Sentinel incidents in Teams?
* Azure Lighthouse support for MSSP use of Security Copilot Sentinel scenarios in Public Preview | Microsoft Community Hub
* Monitor User Activities and System Events with Security Copilot and Microsoft Sentinel | Microsoft Community Hub -
* Security Copilot:
* Protect at the scale and speed of AI with Microsoft Security Copilot
* Microsoft Security Copilot – Microsoft Adoption
* Empowering Security Copilot with NL2KQL: Transforming Natural Language into Insightful KQL queries | Microsoft Community Hub
* Microsoft Purview:
* 3 Tips for Comprehensive Data Security
* Advanced hunting for Microsoft Purview Data Loss Prevention (DLP) incidents | Microsoft Community Hub
* Microsoft Security Learning:
* Microsoft Security Immersion Experience: Shadow Hunter
* Microsoft Cloud Security Public Webinars
* Microsoft Learning Paths
* Azure-Security-Engineer-Learning-Pathway.pdf
* Security hub - Security | Microsoft Learn
* Home - Microsoft Cloud Learning Pathways
* Azure-Sentinel/Playbooks at master · Azure/Azure-Sentinel
* Azure-Security-Engineer-Learning-Pathway.pdf
* Microsoft-Security-Operations-Analyst.pdf
* Microsoft-Sentinel-Learning-Companion.pdf
* https://w365community.azurewebsites.net/category/newsletter
Watch the Live Replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Cat Daniels is a highly accomplished cybersecurity professional currently serving as the Security Strategy lead for Microsoft's Global System Integrators, who in turn drive innovation & technology solutions at scale with some of Microsoft's largest customers. In this dynamic role, Cat plays a pivotal part in building bridges, advocating for partners, and finding creative solutions to challenges. Before joining Microsoft, Cat worked at Dell in a variety of roles, starting as a salesperson in a call center, and finishing her tenure as a people manager. During her time at Dell, she was instrumental in onboarding CDW as a commercial partner, which resulted in $90M of net-new datacenter revenue in 6 months, helped design the telemetry off-boarding system for the F-35 fighter in partnership with Lockheed Martin, and learned how to navigate the complexity of a large organization. With certifications including degrees in both Economics and Spanish from Hillsdale College, a Master of Business from Texas State University, and a whole bunch of Microsoft and Industry security certifications, Cat brings a wealth of unique expertise to the field. When not leading cybersecurity initiatives, Cat enjoys board games (Wingspan, Red Rising, Horrified, Zombicide), which fuels her passion for strategic thinking, and gardening, which keeps her inspired and balanced.
Show Notes/Links
* Noodle’s new blog: https://sentinel.blog
* Wingspan board game: https://amzn.to/4kKMNsC
* Star Trek Away Missions board game: https://amzn.to/4hDIvQL
Just good old plain security stuff:
General:
Microsoft Security Insider
Cool Tools:
https://aadinternals.com
Threat Intelligence:
Malware of the Day – IPv6 Address Aliasinghttps://www.activecountermeasures.com/malware-of-the-day-ipv6-address-aliasing/
Sentinel News:
Want to know how to view Sentinel incidents in Teams?
Security Copilot:
Protect at the scale and speed of AI with Microsoft Security Copilot
Microsoft Purview:
3 Tips for Comprehensive Data Security
Microsoft Security Learning:
Microsoft Security Immersion Experience: Shadow Hunter
Microsoft Cloud Security Public Webinars
Microsoft Learning Paths
https://w365community.azurewebsites.net/category/newsletter
Watch the Live Replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Women In Cyber Month!!!
A warm welcome to the MSI Pod (show) Cast!!! On todays show for Women in Cyber month, we have the honor of having Lisa Perdelwitz as our guest! Lisa brings over 20 years of global leadership and cybersecurity experience. Her dual roles—working full-time in corporate cybersecurity while serving part-time in the military— have given her a unique perspective on how to integrate the strengths of both environments to achieve business and security objectives.
Please visit her site to see the professional services she provides to the C-suite security executive. https://ligilo.tech
Show Links:
Just good old plain security stuff:
* Windows Server 2025 now generally available, with advanced security, improved performance, and cloud agility
* Windows Server 2025 Security Book
* Windows security and resiliency: Protecting your business
General:
* Hear from Microsoft Security experts at these top cybersecurity events in 2025
* Join us for the end-to-end Microsoft RSAC 2025 Conference experience
Threat Intelligence:
* Code injection attacks using publicly disclosed ASP.NET machine keys
* Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Azure Security:
* Boost Security with API Security Posture Management
* Configuring total retention period for log analytics workspace tables at scale
Defender for Cloud:
* Microsoft Defender for Cloud Customer Newsletter
* Microsoft Defender for Cloud – Elevating Runtime Protection
Sentinel News:
* Announcing Public Preview: New STIX Objects in Microsoft Sentinel
* What’s new: Find the Sentinel content you need using AI search
* Ingesting Palo Alto Cortex XDR Logs into Microsoft Sentinel with the Updated CCP Connector
Microsoft Entra:
* Automating Active Directory Domain Join in Azure
* Microsoft Entra: Top 50 features of 2024
* Microsoft Entra PowerShell module now generally available
M365 Defender (MDO, MDE, MDI, MDCA):
* Microsoft Exchange Online: Search-MailboxAuditLog and New-MailboxAuditLogSearch will retire
* Microsoft Defender XDR unified role-based access control (RBAC) model is now generally available
Security Copilot:
* Microsoft Copilot for Security: Plugin Spotlight – Microsoft Entra Application Risk Skills
* Microsoft Copilot for Security Skilling Series: Plugin Spotlight – Defender EASM
* Microsoft Security Copilot – Microsoft Adoption
Microsoft Purview:
* Upcoming Microsoft Purview Webinars
Microsoft Security Learning:
* Showcase your skills with this new Security Certification
Tips and Notes from the field:
* From our favorite security MAD scientist - Automating Microsoft Sentinel Deployment with Azure DevOps CI/CD | by noodlemctwoodle | Mar, 2025 | Medium
* Need some quick cash? Leave a review of a Microsoft security product and you can get some loot. - Penny for your thoughts
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Women In Cyber
Join us as we talk with Laura Buska. Laura is a Cloud Solution Architect Director at Microsoft. Laura's focus is on AI Solutions and security.
Laura Buska led the establishment of an AI practice at Microsoft, managing a team of architects who guide Microsoft customers in adopting Copilot AI with security top of mind. With 17 years at Microsoft and a career spanning app development, infrastructure, security, and now AI, she's seen firsthand the transformative power of technology. Her journey in cybersecurity has been pivotal, especially when she started a Microsoft security practice from scratch. Today, she blends her passion for AI and cybersecurity, fostering a culture of making powerful offers and building trust. She's excited to share insights on how we bring care and innovation to Microsoft's customers through security and AI.
Show Links:
General:
* Applying Zero Trust principles to the cloud-native journey
* Microsoft Security in Action: Zero Trust Deployment Essentials for Digital Security
Threat Intelligence:
* Storm-2372 conducts device code phishing campaign
* The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
Azure Security:
* General Availability: Monitoring and Logging for Azure Managed HSM in Azure Portal
* Protecting Azure AI Workloads using Threat Protection for AI in Defender for Cloud
Defender for Cloud:
* Microsoft Defender for Cloud Customer Newsletter
* The security benefits of structuring your Azure OpenAI calls – The System Role
* What's new in Defender for Cloud features
Sentinel News:
* What's new in Microsoft Sentinel
* What's new in Microsoft's unified security operations platform
Microsoft Entra:
* Microsoft Security in Action: Deploying and Maximizing Advanced Identity Protection
* New webinar series: How to secure access for your employees with the Microsoft Entra Suite
* What's new in Entra ID
Device Management:
* Your guide to Intune at Microsoft Technical Takeoff 2025
M365 Defender (MDO, MDE, MDI, MDCA):
* What's new in Microsoft Defender XDR
* What's new in Microsoft Defender for Endpoint
* What's new in Microsoft Defender for Office 365
* What's new in Microsoft Defender for Identity
* What's new in Microsoft Defender for Cloud Apps
Defender Experts for XDR:
* Why security teams rely on Microsoft Defender Experts for XDR for managed detection and response
Security Copilot:
* Exciting updates to the Copilot (AI) Bounty Program: Enhancing security and incentivizing innovation
Microsoft Purview:
* General Availability: Dynamic watermarking for sensitivity labels in Word, Excel, and PowerPoint
Microsoft Security Learning:
* https://learning-pathways.co.uk/wp-content/uploads/2025/02/Microsoft-Sentinel-Learning-Companion.pdf
Tips and Notes from the field:
Protect enterprise solutions with new Microsoft Power Platform security features - Microsoft Power Platform Blog
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Hey! Hey! Hey! MSI Pod-Show Family
We are switching up the live show time today to broadcast the show at 10:00am EST. Today our awesome guest is Femke Cornelissen. Femke founded Dutch Women in Tech, an initiative that empowers women to pursue careers in IT, and co-organize the Women in Cyber program, promoting diversity in cybersecurity. Through her work with Experts Live Netherlands and global tech events, I help create opportunities for professionals to connect and thrive.
Tech Links:
Show Notes - Femke Cornelissen
a. https://www.linkedin.com/in/femcornelissen/
b. https://linktr.ee/Femcornelissen
c. https://teamcopilot.nl/team-copilot/
d. https://femkecornelissen.com/
Slowing down AI in your enterprise:
If you're a Microsoft Defender stack customer and you're struggling to handle Ungoverned AI Tools like Deepseek or Chatgpt, here are some things you can do about it using various technology across the Microsoft security stack:
1) Hunt using the following KQL query (https://lnkd.in/exHTT6ks), decide what is sanctioned from any hits you find. Afterwards Upload the Bulk IOC list to MDE (https://lnkd.in/ekS4JZsG ), removing any lines in the CSV for tools you sanction across the org. [Ensure Network protection + Custom indicators is on + smartscreen forced]2) Defender for Cloud Apps MDA) app discovery to unsanctioned new Gen AI (https://lnkd.in/eShZsb54 ). If you're an E5 Customer you can also enable this setting to enforce MDA Unsanctions back to MDE, automatically blocking new GenAI apps as they are discovered. (https://lnkd.in/e5BK_ME6). Blocked by default until allowed should be the norm with AI tools IMO.3) Endpoint DLP to block copy paste of Sensitivity Labels/Sensitive Info Types (SITs) into AI tools (Check out the video on: https://lnkd.in/emE2zwVq ). Also in Purview check out DPSM for AI recommendation and deploy the "Fortify Your Data Security: Data security for AI" policy which can block elevated Insider risk users from pasting or uploading sensitive info on AI sites. You may want to edit this policy after it has been deployed to tailor it to your organization (the video demonstrates just this but the policy uses an older name - we all love a good name change). Notably, it deploys in "block with override" mode. [Also note Insider Risk is another preq, I would check out Ewelina Paczkowska's Guide on Insider Risk here: https://lnkd.in/eWSF2kRJ]Also MDA Session Proxy also has abilities to block copy paste (https://lnkd.in/e9EcX4yZ) if you need protection on devices not onboarded onto Purview/MDE.4) Global Secure Access has a Web content filtering Policy for Artificial intelligence under the liability category (though annoyingly MDE Web content filtering does not have this category). A good blog comparing the Web Content Filtering for both MDE and GSA can be found here: https://lnkd.in/euNYjDpP by Kenneth van Surksum.5) Enabling "Block other LLM chatbots" in Microsoft Edge For Business (i.e. cloud based Edge Management) will add a blocklist for some LLMs under "URLBlocklist" policy, however this control is quite lackluster and only contains 11 URLs. Its also more likely you manage Edge on a Platform level. For more on Edge For Business, see: https://lnkd.in/eCrYhMaAAdditionally blocking Browser Extensions, Office Add-ins, Team Apps etc. as these can be a source of AI tool leakage also. Blocking . ai TLD in Intune Firewall is another option however legitimate businesses may use this TLD. (Arguably another could be purchasing & deploying copilot just to deter the need of a user to leverage another AI tool, it might actually make sense vs. the cost of a data leak ...)
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Hey everyone,
In the latest episode of the MSI PodCastShow it was the "Usual Suspects" minus Rod. We had some fantastic discussions about data and identity governance between government cloud and commercial cloud environments. We also delved into Microsoft Purview and the various modules that work seamlessly with Security Copilot.
We are thrilled to share that the theme for our March 2025 shows is the upcoming Women in Cybersecurity Month. It's going to be an exciting time as we celebrate and highlight the contributions of women in the cybersecurity field. And don't forget, next week on March 3rd, we kick off Women In Cyber!
Looking ahead, we have a new theme for April 2025 called "Tech Heavy". All of our shows that month will be packed with deep tech topics and lots of demos. It's going to be a tech enthusiast's dream!
Additionally, we announced that we are moving our MSFT partner month to May 2025. And here's a little teaser - we will have a month of shows dedicated to highlighting our guests' certification journeys over the years, which we are calling "Show us your CERTS"! It's going to be an inspiring and informative and FUNNY series that you won't want to miss.
Stay tuned for more updates and exciting content. Thanks for being a part of our community!
Key Takeaways:
* Is Purview for you? Security Copilot may help you decide and turn the tide.
* It doesn’t hurt to have CERTS!
* Managing data and identity between government and commercial cloud environments isn’t easy.
* Raae likes to make espresso coffee with Red Bull instead of water.
* We are in our third year of Women In Cybersecurity month.
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
In this episode, Sergey explores how Azure OpenAI can improve incident response strategies by leveraging advanced AI capabilities. You will gain insights into integrating Azure OpenAI with existing XDR and SIEM to enhance analysis, and mitigation of security threats.
Key Takeaways:
* The Easy Starter: How Microsoft 365 Copilot & Security Copilot can be used in security scenarios.
* Understanding Azure OpenAI: Learn about the core features and functionalities of Azure OpenAI and how they can be applied to security.
* Incident Response Automation: Discover how AI can automate and accelerate incident response processes, reducing the time to detect and respond to threats.
* Retrieval-Augmented Generation (RAG): Understand how RAG enhances AI models by retrieving relevant information from external data sources, improving the accuracy and relevance of AI-generated responses.
* Fine-Tuning: Explore the process of fine-tuning pre-trained AI models to adapt them for specific security tasks, enhancing their performance and effectiveness
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Andy has been in the information security industry for over 10 years and held various roles from security operations, analyst, engineer, and architect at companies like Trek, Exact Sciences, and most recently, Microsoft. Andy served 10 years in the Air Force and deployed to Afghanistan as a civil engineering officer and held leadership positions leading the emergency management, engineering, and operations units.
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Join us today to chat with the organizers of the hottest event in Europe, Experts Live, and how the Denmark edition has sold out. Hear about how the event is planned, what is planned, what the future looks like, and why you should consider attending next time. Want to help bring an Experts Live event to your area? Find out how to do that, too!
Show Notes/Links
Experts Live Denmark: https://expertslive.dk/
Watch the Live Show Replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
With over two decades dedicated to safeguarding our nation's digital landscape as an FBI Supervisory Special Agent, Miguel had the privilege of leading complex cybercrime investigations alongside remarkable teams.
Show Notes/Links
Miguel’s LinkedIn profile: https://www.linkedin.com/in/miguel-a-clarke/
Lessons from red teaming 100 generative AI products (PDF): https://airedteamwhitepapers.blob.core.windows.net/lessonswhitepaper/MS_AIRT_Lessons_eBook.pdf
Microsoft Sentinel REST APIs vs MS Graph: https://garybushey.com/2025/01/13/microsoft-sentinel-rest-apis-vs-ms-graph/
Monday Minutes podcast:
How the FBI's fake cell phone company put criminals into real jail cells: https://www.npr.org/2024/05/31/1197959218/fbi-phone-company-anom
Inside the FBI’s Secret Encrypted Phone Company ‘Anom’: https://www.geeky-gadgets.com/fbi-anom-phones-criminal-network-infiltration/
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Welcome back! It’s our first episode for 2025! This episode let’s drop back in on our esteemed crew to find out what’s new in security and what to expect for the 2025 show. All are welcome!
Show Notes/Links
* Best Practice to Secure Office 365: https://lazyadmin.nl/office-365/best-practice-to-secure-office-365/
* Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents: https://thehackernews.com/2024/12/chinese-apt-exploits-beyondtrust-api.html
* Security Certification Roadmap: https://pauljerimy.com/security-certification-roadmap/
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
“Always be on the administrative end”
Join us for our holiday episode for 2024 where we invite the "guests of episodes past" from the past year to stop by and join in the warmth and wealth of kinship around Microsoft Security.
Show Notes/Links
* THE Microsoft Security Insights Show Holiday Gear: https://www.microsoftsecurityinsights.com/p/the-microsoft-security-insights-show-12f
* Microsoft Security Incident Prediction data: https://www.kaggle.com/datasets/Microsoft/microsoft-security-incident-prediction
* Tinka og Kongespillet: https://juleweb.dk/julekalendere/tinka-og-kongespillet/
* Application discovery (Preview) for Global Secure Access: https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-application-discovery
Watch the Live Replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Come join the entire crew as we have one of our last shows of the year - leading up to the final 2024 holiday episode.
Show Notes/Links
* Microsoft Cloud for Sovereignty: https://learn.microsoft.com/industry/sovereignty/sovereignty-capabilities
* Cybersecurity Maturity Model Certification (CMMC): https://learn.microsoft.com/azure/compliance/offerings/offering-cmmc
* Festive Tech Calendar 2024: https://www.festivetechcalendar.com/
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com -
Join us this episode as we discuss an enterprising area within Microsoft that focuses on Tech for Social Impact. We’re joined by Chief Security Advisor, Jerry Carlson, to discuss how this area helps customers strategize on cybersecurity and coordinate resources to help them in their missions.
Show Notes/Links
* Jerry’s LinkedIn profile: https://www.linkedin.com/in/jerrycar/
* Any nonprofit that wants to take advantage of Microsoft offers: https://nonprofit.microsoft.com/getting-started
* A PDF of all the offers available: Non-profit Offers
Watch the live replay
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com - Mostra di più
