The Art and Science of Microsoft’s Red Team

In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Craig Nelson, who leads the elite Microsoft Red Team. Together, they dive into the art and impact of red teaming at Microsoft: what it means to simulate real-world attacks, how threat intelligence informs operations, and why collaboration between red and blue teams is crucial for organizational resilience.  

Craig shares the surprising mission that blurred the lines between physical and cyber security, reflects on how AI is reshaping attacker tactics and defensive strategies, and offers advice for aspiring red teamers. From stories of early hacker days in the ’90s to navigating the complexities of securing cloud and AI systems, this conversation is packed with insights on how Microsoft stays ahead of evolving threats. 

In this episode you’ll learn:      

• The role of human behavior in real-world security breaches 

• How Microsoft’s Secure Future Initiative impacts security culture 

• What the Microsoft Red Team does and what it doesn’t do 

  
  

Some questions we ask:     

• How do you feel about getting caught during a red team operation? 

• What do you wish people paid more attention to in red team findings? 

• Is this new AI complexity good or bad for red teaming? 

Resources:  

View Craig Nelson on LinkedIn  

View Sherrod DeGrippo on LinkedIn  

Related Microsoft Podcasts:                   

• Afternoon Cyber Tea with Ann Johnson 

• The BlueHat Podcast 

• Uncovering Hidden Risks     

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.