The Security Insights Show

After a week off during the 2023 holiday season, the crew is back to catch up and discuss what's on tap for 2024.Show Notes/Links:* Must Learn AI Security: aka.ms/MustLearnAISecurity* Must Learn Quantum Security: aka.ms/MustLearnQuantumSecurityWatch the live video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

In our annual holiday episode, we've invited a few guests back from the past year to help share in the holiday spirit.Show Notes/Links:* KQL Mysteries: https://aka.ms/KQLMysteries* Conquest Cyber: https://conquestcyber.com* BlueVoyant: https://bluevoyant.com* Eric Mannon’s Defender for Cloud Quickstart (GitHub): github.com/msdirtbagCatch the live stream replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Stop by and hear from Kijo Girardi on advanced threat hunting techniques using KQL.Show Notes/Links:* SC-200 Microsoft Security Operations Analyst blueprint survey link:https://microsoftlearning.co1.qualtrics.com/jfe/form/SV_d9Z64dYi2oVFjWS* Kijo's GitHub repo: https://github.com/LearningKijo* Must Learn KQL: https://aka.ms/MustLearnKQL * SANS Kusto Detective: https://detective.kusto.io/sans2023* KQL Search: https://www.kqlsearch.com/* KC7: https://kc7cyber.com/* The CentOS Project: https://www.centos.org/Watch the video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Brian Hooper and Phoebe Rogers stop by to talk about "A Day in the life of a Defender Experts for XDR analyst." Show Notes/Links:Microsoft Defender Experts: https://learn.microsoft.com/en-us/microsoft-365/security/defender/defender-experts-for-hunting?view=o365-worldwideWatch the live replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

We're here, we're clear, and we're talking security - and Edward’s trip to Morrocco. Show Notes/Links:Must Learn AI Security book on Amazon: https://amzn.to/47BkSEjThe Definitive Guide to KQL from MS Press: https://amzn.to/49WHEIpConnect Microsoft Sentinel to Microsoft Defender XDR (preview): https://learn.microsoft.com/en-us/microsoft-365/security/defender/microsoft-sentinel-onboard?view=o365-worldwideNew Blogs section on the site: https://securityinsights.substack.com/t/blogs Catch the live replay to see the demos and photos… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Brodie has something planned and he won't tell us what it is. Are you as curious as we are?Show Notes/Links:* Microsoft Ignite Books of News: https://aka.ms/book-of-news* Andrea's blog post - Using KQL in a Playbook for Sentinel: https://securityinsights.substack.com/p/using-kql-in-a-playbook-for-sentinel* KQL Mysteries: https://aka.ms/KQLMysteries* The Definitive Guide to KQL: Using Kusto Query Language for Operations, Defending, and Threat Hunting KQL: https://amzn.to/3uzi3Vz* After the Blog Episode 6: Security Copilot at Microsoft Ignite 2023: https://rodtrent.substack.com/p/episode-6-security-copilot-at-microsoft#detailsFor the on-screen visuals, catch the live replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

It's Microsoft Ignite week! Edward and Rod are onsite in Redmond and Seattle and ready to report and discuss all the goodness. Hey…and Brodie is back!Show Notes/Links:* Watch the keynotes and get all the latest photos, videos and more from Microsoft Ignite* The online event for Microsoft Ignite* Microsoft Ignite Book of News* Microsoft Ignite Pre-day Security workshop: https://aka.ms/PreDayLab346Watch the live replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Fan favorite, Senior Product Manager for Sentinel, and avid live audience member, Gary Bushey, returns to the show to talk about a new tool he's developed to provide a way to document a Microsoft Sentinel environment.Oh…and with Brodie, Andrea, and Rod on the lam, who will host this week? Thank heavens for Beth Bischoff!Show Notes/Links:* Gary’s blog: https://garybushey.com/* Create a Word document that describes your Microsoft Sentinel environment* Book on programming Microsoft SentinelCatch the live replay for Gary’s demos… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

This episode we all try to congregate back together before a busy few weeks of travel and holiday festivities.Catch the live event replay... This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us this episode as Nathalia Borges and Tina Romeo guest to help celebrate 20 years of Cybersecurity Awareness Month!Show Notes/Links* Microsoft Cybersecurity Awareness Website: https://aka.ms/cybersecurity-awareness* Security Insider: https://www.microsoft.com/en-us/security/business/security-insider/* Further reading on the some of the cybersecurity awareness initiatives Tina and Nathalia are driving at Microsoft: https://www.microsoft.com/en-us/security/blog/2023/10/02/celebrate-20-years-of-cybersecurity-awareness-month-with-microsoft-and-lets-secure-our-world-together/Catch the live video replaySubscribe to our YouTube channel: https://www.youtube.com/@microsoftsecurityinsights This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Stop by this episode to hear from Joel Platek, Compromise Recovery Cybersecurity Consultant. Joel is a cybersecurity professional focused on Identity and Data Security! He deals with incidents and recovery from customers that have been completely breached with stories you’ve read about in the news.Joel’s YouTube channel, IT Candor: https://www.youtube.com/@it-candorWatch the live video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Security Global Black Belt Beth Bischoff joins us to talk about technical certifications. Beth tells us about her latest SANS certification, and we'll discuss the value of certs. Do you love them? Hate them? Need them for your job?This episode is affectionately what we’ll forever refer to as the Cliffhanger episode. Show Notes/Links* Sans Sec540: https://www.sans.org/cyber-security-courses/cloud-security-devsecops-automation/* Security Copilot Docs: https://aka.ms/SecurityCopilotDocs* MMS Miami: https://mmsmoa.com/registration/2023-miami.html* Microsoft Ignite: https://ignite.microsoft.com/home * Beth before Microsoft at CDW:Catch the live video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

This week is a not miss episode as we sit down with Sameh Younis, Senior Security Solutions Architect at Microsoft, to talk about how to use a bit of creativity to make Microsoft's security portfolio easy to understand using graphics.Show Links/Notes:* Follow Sameh Younis on LinkedIn: https://www.linkedin.com/in/samehyounis/This is a graphic-heavy episode. Catch the live replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

🔒 Introducing the Minecraft Education Cybersecurity Pathway: From Learning to Defending 🔒 🚀 Embark on an exciting journey with us as we unveil the groundbreaking Minecraft Education Cybersecurity Pathway! 🚀 We're thrilled to announce a comprehensive cybersecurity program designed to guide individuals from all walks of life, from kindergarten to professional experts with the specific focus on Cyber Defender (18+ Years Old). A strategic tower defense game where you need to guard your berry farm against waves of relentless intruders. Engage in thrilling gameplay while deepening your understanding of cybersecurity concepts & mastering defense in-depth tactics. 🎮 What to Expect: Join us for an immersive experience as we explore the fascinating world of cybersecurity through interactive activities, video presentations, and engaging discussions. Uncover the art of game creation with a cybersecurity twist and gain hands-on experience by playing CyberDefender, where you'll apply your knowledge to protect digital landscapes. 🌐 Amplify the Message: Help us spread the word about this innovative program! Share this exciting news with your friends, family, colleagues, and social networks. Together, let's build a safer digital world by empowering individuals with the skills needed to combat cyber threats.Show Notes/LinksMinecraft Education: https://education.minecraft.net/Cyber Defender releases Tuesday, October 3rd at this link: aka.ms/CyberDefenderThis episode is a much watch experience. Catch the video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

This episode…Our original guest had fallen ill (and has already been rescheduled for October 11th) and Brodie couldn’t find a restroom, so Edward, Andrea, and Rod spent the time hitting a wide range of topic hotspots including:* Microsoft Ignite is almost sold out. (register quickly!)* Andrea reached her 10-year milestone and has the award to prove it.* Microsoft Defender Experts - the Steve Lee show had the biggest traffic yet!* The best movies of the week are…* Triumph the insult dog* Tom Cruise celebrates his 110th birthday* Security cocktails * Trying to be nice* Purview is important* Microsoft cert renewals* Matt SosemanNotes/Links:* Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK Evaluations: Enterprise https://www.microsoft.com/en-us/security/blog/2023/09/20/microsoft-365-defender-demonstrates-100-percent-protection-coverage-in-the-2023-mitre-engenuity-attck-evaluations-enterprise/* Using Kali Linux and Hydra for Attack Testing and Alert Generation https://rodtrent.substack.com/p/using-kali-linux-and-hydra-for-attack* A day in the life of a Defender Experts for XDR analyst https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-day-in-the-life-of-a-defender-experts-for-xdr-analyst/ba-p/3932140* Jean Claude Van Damme in Kickboxer https://www.imdb.com/title/tt0097659/The full experience replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us this episode as we welcome Rod's teammate and security extraordinaire, Sarah Young. Sarah recently spent time attending and participating at Blackhat and Defcon in Las Vegas. With Microsoft proposing a bigger presence there next year, hear about the value of attending.Show Notes/Links:* Sarah Young LinkedIn: https://www.linkedin.com/in/sarahyo16/* Bsides link: http://www.securitybsides.com/w/page/12194156/FrontPage* BlackHat: https://www.blackhat.com/* Defcon: https://defcon.org/* KQL Hat: https://must-learn-kql.creator-spring.com/listing/keep-on-kqlin-trucker-s-hat?product=2172&variation=106057&size=7042Catch the live experience replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

This episode we've invited Steve Lee, Product Manager - Customer Experience Engineering (CxE), Security at Microsoft - to chat about the Defender Experts service. This is a relatively new offering, but there's already been lots of excitement about it.Show Notes/Links:* Steve Lee on LinkedIn: https://www.linkedin.com/in/steve-lee/* Microsoft Defender Experts for XDR aka.ms\DefenderExpertsforXDR* ​Defender Experts for Hunting and Defender Experts for mXDR: https://www.microsoft.com/en-us/security/blog/2023/07/24/microsoft-defender-experts-for-xdr-helps-triage-investigate-and-respond-to-cyberthreats/* Endpoint Attack Notifications: https://learn.microsoft.com/en-au/microsoft-365/security/defender-endpoint/endpoint-attack-notifications?view=o365-worldwideCatch the full live experience below. (and subscribe to our channel!) This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Stop by this episode to see and hear what Angelica Faber, Security Architect at Microsoft, has been working on. Angelica has produced some great content and guidance using Azure OpenAI with Microsoft Sentinel to provide better efficiency and deeper knowledge for Security Operations teams.Show Notes/Links:* Angelica's blog: https://myfabersecurity.com/* Angelica on LinkedIn: https://www.linkedin.com/in/angelica-faber/* Rubrick: https://www.rubrik.com/* Microsoft Envision The Tour: https://envision.microsoft.com/* Microsoft Sentinel Triage AssistanT (STAT): https://github.com/briandelmsft/SentinelAutomationModulesThis is a demo-heavy episode. Catch the full experience with the live show video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us this week as we talk with Merill Fernando, Principal Product Manager about all things Microsoft Entra. There's been lots of news and announcement recently. In this episode, Merill will attempt to explain them all. And maybe we can get his take on the rebranding of AAD.Show Notes/Links:* Entra.News - Your weekly dose of Microsoft Entra * Merill's blog: https://merill.net* Identity Blog: https://aka.ms/IdentityBlog* Microsoft Entra Family: https://www.microsoft.com/en-us/security/business/microsoft-entra* Microsoft Entra delivers 240 percent ROI, according to new Forrester study: https://www.microsoft.com/en-us/security/blog/2023/04/20/microsoft-entra-delivers-240-percent-roi-according-to-new-forrester-study/* Entra Learn Paths: https://learn.microsoft.com/en-us/training/browse/?products=entra* Microsoft Certified: Identity and Access Administrator Associate - SC-300: https://learn.microsoft.com/en-us/certifications/identity-and-access-administrator/* Azure AD is now Microsoft Entra ID: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-is-becoming-microsoft-entra-id/ba-p/2520436* Conditional Access for Protected Actions is Now Generally Available: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/conditional-access-for-protected-actions-is-now-generally/ba-p/3888723* Navigating Microsoft Security & Compliance Products: Skill Map - A Guided Journey for Experts and Beginners Alike: https://www.linkedin.com/posts/samehyounis_microsoftsecurity-cybersecurityskills-navigateyourgrowth-activity-7097185759572480000-VcUS/* Security 101: https://www.microsoft.com/en-us/security/business/security-101* Open book Microsoft certification exams: https://techcommunity.microsoft.com/t5/microsoft-learn-blog/introducing-a-new-resource-for-all-role-based-microsoft/ba-p/3500870Catch the full experience with the live show video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us this week as we dig into some of the burning Microsoft Security topics of the day and listen to hear how many times the term 'AI' is used.Show Notes/Links:* Microsoft Entra Management and Security Tools: https://www.cloud-architekt.net/links/* How to Setup User Risk Reports to Email in Microsoft Entra: https://ourcloudnetwork.com/how-to-setup-user-risk-reports-to-email-in-microsoft-entra/* Microsoft Defender for Identity expands its coverage with new AD CS sensor! https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/microsoft-defender-for-identity-expands-its-coverage-with-new-ad/ba-p/3894215* AZ Mask Plugin for Masking: https://chrome.google.com/webstore/detail/az-mask/amobeamdmdnloajcaiomgegpakjdiacm* I AM AI Merch: https://must-learn-kql.creator-spring.com/listing/get-i-am-ai * After the Blog Episode 2: https://rodtrent.substack.com/p/episode-2-azure-openai-content-filtering#details Catch the full experience with the live show video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

It's been a long, long while since we've not had a guest on the show. But there's been lots and lots of news, thoughts, and discussions we've wanted to catch you all up on. This is the episode for all of that! Come join us as we dig deep into the burning horizons of security at Microsoft. We live for audience questions!Show Notes and Links* Azure Stack Sentinel Support - November 13, 2019: https://techcommunity.microsoft.com/t5/azure-stack-blog/the-latest-security-enhancements-for-azure-stack-hub/ba-p/1006241* Help Protect your Exchange Environment With Microsoft Sentinel - https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/help-protect-your-exchange-environment-with-microsoft-sentinel/ba-p/3872527* Last time we had a show without a guest - February 6, 2023 - https://microsoftsecurityinsights.com/microsoft-security-insights-show-episode-138-just-us-probably* KQL Datasets for Azure OpenAI Bot: https://github.com/rod-trent/OpenAISecurity/tree/main/Datasets* Must Learn AI Security series: https://aka.ms/MustLearnAISecurityCatch the full experience with the live show video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us as we discuss what was important enough for Matt Soseman to leave 11 years at Microsoft to join The Partner Masters as their CTO & Co-Founder. If you're a Microsoft partner struggling to take advantage of all that partnership has to offer or don't believe that your org is getting the best value, this episode will awaken you to the benefits of a managed partnership.Show Notes/Links:* Must Learn AI Security: https://aka.ms/MustLearnAISecurity* The Partner Masters website: https://thepartnermasters.com/* Matt Soseman LinkedIn: https://www.linkedin.com/in/mattsoseman/There were no demos this episode, but make sure to catch the full experience with the live show video replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Welcome back Chris Stelzer! Chris was on the show recently but is back to show us how he's architected ChatGPT into SOC operations with Microsoft Sentinel. Now that ChatGPT has been updated with many new features - including functions - don't miss this live! Lots of demos.Show Notes/Links:* WSUS News: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/importing-updates-into-wsus-is-changing/ba-p/3882937* Chris' Postman page: https://www.postman.com/scstelz* Microsoft Security Insights Show Episode 136 - Chris Stelzer, Senior TS at Microsoft: https://microsoftsecurityinsights.com/microsoft-security-insights-show-episode-136-chris-stelzer-senior-ts-at-microsoft* Episode 127: Microsoft Sentinel StaT with Mike Palitto and Andrea Fisher https://microsoftsecurityinsights.com/episode-127-microsoft-sentinel-stat-with-mike-palitto-and-andrea-fisher* Microsoft Ignite: https://ignite.microsoft.com/There’s LOTS of demos this episode, so make sure to catch the live show video replay…Live show video replay: https://www.youtube.com/live/_JHXnkKcfq4?feature=shareWant to watch the live show? You can always go back and watch this episode and others on our YouTube channel. Subscribe today! This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

What a unique and valuable time. We chat with Philippe Humeau, the CEO and co-founder of CrowdSec (crowdsec.net). CrowdSec is an open-source & collaborative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks. The game-changer is that the solution also enables users to protect each other. Each time an IP is blocked, all community members are informed so they can also block it. That way, they are generating a real-time crowdsourced CTI database.We’ll be working together to create an integration with Microsoft Sentinel. Show Notes/Links:* CrowdSec* Basic Steps to Create Your Own Simple Copilot * Bing Chat Enterprise, your AI-powered chat for work, available in Microsoft Edge sidebar* Microsoft adds a 'Security Copilot' to its AI assistant line-up* Microsoft puts a price tag on its AI "copilots" for businessWant to watch the live show? You can always go back and watch this episode and others on our YouTube channel. Subscribe today! This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us this episode as we cover the burning, audience requested topic of Cybersecurity Insurance. John O'Neill, Sr. CIO at MFG is an expert in this area and speaks about it regularly at conferences and in webinars.Show links* Azure AD is Becoming Microsoft Entra ID - Microsoft Community Hub * Microsoft Entra Internet Access Preview* Microsoft Incident Response This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join the crew as we chat with Morten Waltorp Knudsen, the hardest working Microsoft MVP around about some solutions he's developed. In this episode, we get a couple extra wonderful surprise in Nick Kiest, the PM for Data Collection Rules (DCRs), and Niclas Madson, Microsoft Community Connection Program Blackbelt!Show Links:* AzLogDcrIngestPS PowerShell Module on GitHub: https://github.com/KnudsenMorten/AzLogDcrIngestPS* Module in the PowerShell gallery: https://www.powershellgallery.com/packages/AzLogDcrIngestPS/1.4.1* Master Azure Logging in depth: https://mortenknudsen.net/?p=1687* Set up resources required to send data to Azure Monitor Logs using the Logs Ingestion API: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/set-up-logs-ingestion-api-prerequisites* Migrate from the HTTP Data Collector API to the Log Ingestion API to send data to Azure Monitor Logs: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/custom-logs-migrate * Join the Custom Connection Program: https://aka.ms/JoinCCP This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

This week we talk with Grant Thornton’s National Cybersecurity Leader Peter Morin about the differences between IT and OT (the Hatfield’s and the McCoys) and securing critical scale operations for manufacturing, energy, and the like. What a most interesting discussion! And of course, there were first-ever announcements. There are always announcements.Show links:PSA: Migrate from the Threat Intelligence Platform Connector to the Threat Intelligence Solution in Microsoft SentinelKQL Queries Behind the Microsoft Sentinel Overview PageGrant Thornton This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

In this episode, we catch up with friend of the show, Rin Ure, about his new role at Microsoft and how he sees AI changing the way SOCs operate. Rin runs the Cyber Defense Operations Center One Cloud SOC Triage and Analysis team in the US. They are the team that handles the triage and analysis SOC requests for Microsoft, it’s services and for their Cloud and AI customers.Show Links:Weekly OpenAI Newsletter: https://rodtrent.com/jtlAzure OpenAI community on LinkedIn: https://rodtrent.com/65gMicrosoft Cyber Defense Operations Center (CDOC): https://rodtrent.com/594Microsoft Security Copilot: https://rodtrent.com/6ptMicrosoft Corporate, External, and Legal Affairs (CELA): https://rodtrent.com/hdyPluralsight AI learning: https://rodtrent.com/3i5SANS (SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals): https://rodtrent.com/1i3Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What To Do About Them: https://amzn.to/42AM3vKMicrosoft Security Insights Discord Server: https://discord.gg/2ktJHTrSAt This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us as we endeavor to tap into Yuri Diogenes' vast knowledge and expertise in navigating the landscape of building a career in cybersecurity.Show links:Microsoft Defender in the Field all episodes: https://aka.ms/MDFCInTheFieldYuri's Overcome podcast: http://overcomepodcast.us/Defender for Cloud labs: https://aka.ms/MDCLabsCloud Security Posture Management (CSPM): https://rodtrent.com/8o3Cloud Security Customer Connection Program (CCP): https://www.aka.ms/prseccomOverview of Defender for DevOps: https://rodtrent.com/738About Microsoft Defender for APIs: https://rodtrent.com/7jhWhat's new in Microsoft Defender for Cloud: https://rodtrent.com/gv2RSS feed for Defender for Cloud What's New: https://aka.ms/mdc/rssEntra integration with Defender for Cloud: This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Come join us as we talk with Ed Fisher about all things Microsoft security.Show links:* The Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA): https://github.com/cammurray/orca This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Show Guest: Tim McCreight MSc - National Director, Market Development and Strategic Advisory & 2023 President - ASIS InternationalTopic: Innovators will always search for the next solution to the challenges they’re faced with. However, in a world full of buzzwords and flavors of the week, it’s important to understand what ESRM truly is and how it supports the work of security professionals. From Tim’s perspective, ESRM is a philosophy and framework that will “change the way we operate as security professionals.”-Show Links-* Caffeinated Risk podcast (buzzsprout.com) https://caffeinatedrisk.buzzsprout.com/* Essentials of Enterprise Security Risk Management (ESRM) Certificate Course (asisonline.org) https://www.asisonline.org/professional-development/essentials-of-enterprise-security-risk-management-esrm-certificate-course/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Stop by as we talk with Ricky Simpson and Federico Charosky from Quorum Cyber - Managed & Professional Cyber Security Services.Show notes and links:* Quorum Cyber: https://www.quorumcyber.com/* Microsoft Sentinel Managed Detection and Response (MDR) Service: https://www.quorumcyber.com/services/microsoft-sentinel-mdr/* Managed Extended Detection & Response (XDR) Service: https://www.quorumcyber.com/services/managed-xdr/* Security Workshops: https://www.quorumcyber.com/services/microsoft-security-workshops/* Microsoft Intelligent Security Association: https://www.microsoft.com/en-us/security/business/intelligent-security-association* Run Quorum Run: https://www.imdb.com/title/tt0109830/* Best Bluetooth headsets (for Ricky): https://amzn.to/41GKn3q This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Dale O'Grady joins us from Vectra AI, joins Rod and Brodie to demonstrate the integrations of Vectra’s capabilities within Microsoft Sentinel.Show notes and links:Vectra® uses artificial intelligence to automate real-time cyber attack detection and response – from network users and IoT devices to data centers and the cloud. All internal traffic is continuously monitored to detect hidden attacks in progress. Detected threats are instantly correlated with host devices that are under attack and unique context shows where attackers are and what they are doing. Threats that pose the biggest risk to an organization are automatically scored and prioritized based on their severity and certainty, which, enables security operations teams to quickly focus their time and resources on preventing and mitigating loss.https://www.vectra.ai/ Microsoft Azure Marketplace - Vectra AIhttps://azuremarketplace.microsoft.com/en-us/marketplace/apps/vectraaiinc.ai_vectra_detect_mss?Vectra AI Detect connector for Microsoft Sentinelhttps://learn.microsoft.com/en-us/azure/sentinel/data-connectors/vectra-ai-detect This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join Mia Reyes, Olivia Armstrong, and Richard Diver for a fun and informative discussion about the Foundational Security Team, and insights into how Microsoft’s marketing team works with both the product group and our customers to inform you on the latest and greatest in cybersecurity, and more.Show notes and links:See how Microsoft customers can take advantage of out-of-the-box security and be secure from the start. https://aka.ms/BuiltInSecurityRead the Azure Built-In Security Series to discover how Microsoft evolves our defense in depth approach to security to keep customers safe in the cloud. https://aka.ms/AzureBuiltinSecurity This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

It’s MISA Month and this is our last episode of an amazing series. Just off winning MISA award “MSSP Partner of the Year,” Mona ‘Excellence’ Ghadiri with BlueVoyant joins us for an amazing discussion.Show notes and links:* BlueVoyant: https://www.bluevoyant.com/* Microsoft announces the 2023 Microsoft Security Excellence Awards winners: https://rodtrent.com/4u9* How to become a Microsoft MVP: https://rodtrent.com/5u3* Microsoft shifts to a new threat actor naming taxonomy: https://rodtrent.com/tb1* Building healthy habits to fight off credential attacks: https://rodtrent.com/q78 This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us as we prepare for RSA conference with a chat with MISA partner Senserva. Mark Shavlik, long time Microsoft security vet who has created a number of widely used security products will talk about the state of Azure Security from a product creator’s perspective. We'll also ask to find out why Senserva has opted to for the Midwest Management Summit instead of RSA this year. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us as we prepare for RSA conference with a chat with MISA partner Ontinue. Drew Perry joins the MSI Show crew to catch us up on Ontinue’s super-cool Microsoft Teams-based SIEM solution how to catch demos and Sentinel cost discussions at RSA.Show links:* The Ontinue website: https://www.ontinue.com/* Request a demo: https://get.ontinue.com/demo-request/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us as we prepare for RSA conference with a chat with MISA partner Difenda. Juliana Zaremba from Difenda joins the MSI Show crew to catch us up on Difenda’s valued and valuable offerings and how to catch them at RSA.Meet Difenda at RSA! Register for a meeting and be entered to win a fantastic LEGO Technic Land Rover Defender! Register here: https://insights.difenda.com/meet-difenda-at-rsa-2023 Show links:* Difenda website: https://www.difenda.com/ * The Difenda Shield: https://www.difenda.com/cyber-security-solutions/difenda-shield-suite/ * Difenda MXDR for IT: https://www.difenda.com/cyber-security-solutions/managed-extended-detection-response/ * Difenda MXDR for OT: https://www.difenda.com/cyber-security-solutions/mxdr-for-ot/ * Difenda EDR: https://www.difenda.com/cyber-security-solutions/managed-endpoint-detection-and-response/ * Difenda Managed SIEM: https://www.difenda.com/cyber-security-solutions/managed-siem/ * Difenda AVM: https://www.difenda.com/cyber-security-solutions/advanced-vulnerability-management/ * Difenda SAT: https://www.difenda.com/cyber-security-solutions/sat-cybersecurity-solutions/ * Advisory Services: https://www.difenda.com/cyber-security-solutions/advisory/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Welcome to Women in Cybersecurity month!Join us for our last episode in the Women in Cybersecurity month series for 2023 as we chat with Elizabeth Stephens, Director Data Center Cyber Risk Intelligence.In this episode, hear Elizabeth talk about her passion in Cybersecurity that is driven by the needful things.Show links:* Flight of the V-22 Osprey* Microsoft Software and Systems Academy (MSSA)* Lebron James’ agent, Rich PaulWe hope these discussions with leaders in the Cybersecurity industry will help drive your excitement in sharing the message. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Welcome to Women in Cybersecurity month!In our fourth episode in the series for Women in Cybersecurity month Future and Lara stop by to chat about Microsoft Defender for Cloud (a CNAPP Solution). If you listen in, you may also learn about leg presses. Show links:* The next wave of multicloud security with Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP) To learn more about critical upcoming CNAPP innovations in Microsoft Defender for Cloud, register to join me at Microsoft Secure, our free, virtual Microsoft Security event on March 28, 2023: https://secure.microsoft.com * Announcing Microsoft cloud security benchmark v1 (General Availability) * Microsoft Defender for Cloud Price Estimation Dashboard * Overview of Defender for DevOps* Overview of Microsoft Defender for ContainersAnd don’t forget to stay tuned the entire month for more!Our remaining Women in Cybersecurity month 2023 schedule:* March 29th (Wed), 5pm EST - Microsoft Security Insights Show Episode 146 - Elizabeth Stephens, Dir of DC Cyber Risk IntelligenceWe hope you’ll join us live or listen to the replays. But more than that, we hope these discussions with leaders in the Cybersecurity industry will help drive your excitement in sharing the message. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Welcome to Women in Cybersecurity month! In our third episode in the series for Women in Cybersecurity month, CVP at Microsoft SCI, Ann Johnson, joins us to chat about filling the skills gap in cybersecurity and how Artificial Intelligence (AI) is positioned to change this industry.Show links:* Afternoon Cyber Tea with Ann Johnson - Ann Johnson, Corporate Vice President, Business Development, Security, Compliance & Identity at Microsoft, talks with cybersecurity thought leaders and influential industry experts about the trends shaping the cyber landscape and what should be top-of-mind for the C-suite and other key decision makers. Ann and her guests explore the risk and promise of tools and systems powered by AI, IoT, machine learning, and other emerging technology, as well as the impact on how humans work, communicate, consume information, and live in this era of digital transformation. Please note, the opinions expressed by guests on this podcast are their own and are not endorsed by, nor do they necessarily reflect opinions of, Microsoft or Ann Johnson.* Book: Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What To Do About Them by Ram Shankar Siva Kumar and Hyrum Anderson* Girl Security Partnership provides training and resources to girls and young women to help them explore careers in cybersecurity and gain the skills they need to succeed in the field. Since its inception, Girl Security’s mentorship program has served almost 1,000 mentees and aims to drive change in national security through education, mentoring, and workforce training.* DigiGirlz gives middle and high school girls opportunities to learn about careers in technology and connect with Microsoft employees. The DigiGirlz program gives high school girls the chance to participate in hands-on computer and technology workshops and learn about careers in technology. More than 65,000 students have attended the Microsoft DigiGirlz Technology Program since its inception in 2000.* Cyverysity.org - To achieve the consistent representation of women and underrepresented minorities in the cybersecurity industry through programs designed to diversify, educate, and empower.And don’t forget to stay tuned the entire month for more!Our remaining Women in Cybersecurity month 2023 schedule:* March 22nd (Wed), 5pm EST - Microsoft Security Insights Show Episode 145 - Future Kortor / Lara Goldstein, Cloud Security PMs* March 29th (Wed), 5pm EST - Microsoft Security Insights Show Episode 146 - Elizabeth Stephens, Dir of DC Cyber Risk IntelligenceWe hope you’ll join us live or listen to the replays. But more than that, we hope these discussions with leaders in the Cybersecurity industry will help drive your excitement in sharing the message. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

It's Women in Cybersecurity month and International Women’s Day 2023!In our second episode in the series for Women in Cybersecurity month, CVP at Microsoft SCI, Vasu Jakkal, joins us to discuss Sci-Fi, Star Trek, and how to close the talent gap in Cybersecurity by having an abundant mindset.Oh, and — there’s Tim Tams.And don’t forget to stay tuned the entire month for more!Our remaining Women in Cybersecurity month 2023 schedule:* March 14th (Tues), 1pm EST - Microsoft Security Insights Show Episode 144 - Ann Johnson, CVP SCI* March 22nd (Wed), 5pm EST - Microsoft Security Insights Show Episode 145 - Future Kortor / Lara Goldstein, Cloud Security PMs* March 29th (Wed), 5pm EST - Microsoft Security Insights Show Episode 146 - Elizabeth Stephens, Dir of DC Cyber Risk IntelligenceWe hope you’ll join us live or listen to the replays. But more than that, we hope these discussions with leaders in the Cybersecurity industry will help drive your excitement in sharing the message.Watch the Live Replay This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

It's Women in Cybersecurity month 2023! To kick-off this event, we visit with Maria Thomson, Microsoft Intelligent Security Association lead. Hear how Maria went from dance instructor to the lead of Microsoft's partner association.And don’t forget to stay tuned the entire month for more! Our remaining Women in Cybersecurity month 2023 schedule:* March 8th (Wed), 5pm EST - Microsoft Security Insights Show Episode 143 - Vasu Jakkal, CVP Microsoft SCI* March 14th (Tues), 1pm EST - Microsoft Security Insights Show Episode 144 - Ann Johnson, CVP SCI* March 22nd (Wed), 5pm EST - Microsoft Security Insights Show Episode 145 - Future Kortor / Lara Goldstein, Cloud Security PMs* March 29th (Wed), 5pm EST - Microsoft Security Insights Show Episode 146 - Elizabeth Stephens, Dir of DC Cyber Risk IntelligenceWe hope you’ll join us live or listen to the replays. But more than that, we hope these discussions with leaders in the Cybersecurity industry will help drive your excitement in sharing the message. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Jake Mowrer talks about Security in the Microsoft partner space. He also gives us his thoughts around writing SC exam books.Links from the show: * Identify anomalies and unexpected changes in cost: https://rodtrent.com/bsx* All the Ways to Catch the Microsoft Security Insights Show Weekly: https://rodtrent.com/6ur* Jake's Book: Exam Ref SC-200 Microsoft Security Operations Analyst: https://amzn.to/3ExpWgC* Reddit Managed Service Providers: https://www.reddit.com/r/msp/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Microsoft Security Insights Show Episode 140 - Tony Sims, Threat Intelligence Specialist Listen in as Tony talks about his role at Microsoft in Cyber Threat Intelligence. We also discuss:* Role gaps in cybersecurity* The definitions of cybersecurity* How easy it can be to transition to a life of cybersecurity* Tony runs a very cool cyber game* Cafeteria communications and food fights* Alien food Links from the show:* Microsoft Software & Systems Academy (MSSA)* Microsoft shifts to a comprehensive SaaS security solution This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Join us as we talk with Josh Bregman, his role at Microsoft, his superpowers, and the things he's working on. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Microsoft Security Insights Show Episode 138 - Just us, probablyOur regularly scheduled guest, Ann Johnson, was sick for today’s show. We wish Ann the best and hope she recovers quickly. Ann will be joining us in March during Women in Cybersecurity month.Show links:* ChatGPT: https://openai.com/blog/chatgpt/* Azure Podcast: https://azpodcast.azurewebsites.net/* Kusto Explorer: https://learn.microsoft.com/en-us/azure/data-explorer/kusto/tools/kusto-explorer This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Microsoft Security Insights Show Episode 137 - Craig Fretwell, MVP, Cybersecurity ArchitectShow links:* Craig's YouTube channel: https://www.youtube.com/@CraigCloudITPro* Craig's blog: https://craigclouditpro.wordpress.com/ * Craig's LinkedIn profile: https://www.linkedin.com/in/craig-fretwell/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Welcome to our January 2023 Microsoft Reactor edition episode where we talk with Chris Stelzer, Senior Technical Specialist at Microsoft.Listen in as Chris digs into how to use service principles for automation in Microsoft Sentinel. Lots of great knowledge to glean.Show links:* Introduction to Microsoft Sentinel: https://learn.microsoft.com/en-us/training/modules/intro-to-azure-sentinel/ * Microsoft Sentinel skill-up training: https://learn.microsoft.com/en-us/azure/sentinel/skill-up-resources* Microsoft Sentinel Triage AssistanT (STAT): https://github.com/briandelmsft/SentinelAutomationModules This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

What's up with Nathan? Nathan has been working on some awesome security stuff since we last checked in. Join us as we catch-up with all the Nathan awesomeness.Show Links…* Our new Substack Channel: https://securityinsights.substack.com/* Our GitHub repo: https://github.com/The-Microsoft-Security-Insights-ShowNathan’s stuff: * Nathan's Substack: https://swiftsolves.substack.com/* Nathan's Join article: https://swiftsolves.substack.com/p/simple-table-joins* Nathan's REAL GitHub repo: https://github.com/SwiftSolves-MSFTBook recommendation: Tribe of Hackers book: https://amzn.to/3ZvrtNa This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com