

The Azure Security Podcast
Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos
A twice-monthly podcast dedicated to all things relating to Security, Privacy, Compliance and Reliability on the Microsoft Cloud Platform. Hosted by Microsoft security experts, Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos. https://aka.ms/azsecpod ©2020-2025 Michael Howard, Sarah Young, Gladys Rodriquez, and Mark Simos.
Episodes
Mentioned books

5 snips
Jul 10, 2025 • 52min
Episode 115: Security in Model Context Protocol (MCP)
Den Delimarksy, a principal product engineer at Microsoft and member of the Model Context Protocol steering committee, shares key insights on enhancing security in AI. He discusses the significance of the Model Context Protocol's ability to provide essential context for large language models. Delimarksy also addresses security challenges like tool poisoning and the importance of threat modeling. Listeners will learn about how MCP's integration of control and data can boost operational efficiency while necessitating strong security measures.

Jun 9, 2025 • 25min
Episode 114: SQL Server 2025 Security Improvements
Join Pieter Vanhove, a Product Manager at Microsoft specializing in data security, as he delves into the exciting security advancements in SQL Server 2025. The discussion covers enhanced user authentication and a shift away from traditional passwords towards managed identities. Pieter highlights significant improvements in the Tabular Data Stream protocol, making TLS upgrades smoother. He also shares insights on cache invalidation enhancements that elevate server performance without compromising user experience, showcasing the latest trends in data security.

May 16, 2025 • 36min
Episode 113: Microsoft Red Team
Craig Nelson, VP of Microsoft's Red Team, dives into the fascinating world of cybersecurity, focusing on the team's role in simulating real-world attacks to uncover vulnerabilities. He discusses the critical skills needed for effective red teaming and the ethical implications of their work. The guests also tackle emerging threats, particularly the influence of AI on cybersecurity strategies. From measuring red team effectiveness to addressing common vulnerabilities, this conversation is packed with insights essential for anyone interested in protecting digital landscapes.

5 snips
May 13, 2025 • 30min
Episode 112: Security Copilot Agents
In this episode Michael talks with guest Ran Munsch, Principal Product Manager at Microsoft about Security Copilot and Security Copilot Agents. We also discuss Azure Security news about System.Data.SqlClient, April 2025 Secue Future Initiative progress report, Azure Database for PosrgreSQL, Azure DevTest Labs, VNets, Front Door WAF CAPTCHA, API management and more.https://aka.ms/azsecpod

10 snips
Apr 17, 2025 • 23min
Episode 111: Securing Agentic AI
Amanda Minnich leads the Microsoft AI Red Team, focusing on the security of agentic AI systems. She dives into the evolution and capabilities of these advanced digital agents, emphasizing the expanded attack surface they create. The conversation highlights real vulnerabilities, like exploited chatbots, and stresses the importance of oversight. Best practices for securing AI agents are discussed, along with the unique challenges posed by large language models. Minnich also discusses the collaborative efforts needed to navigate the complexities of AI security.

9 snips
Apr 1, 2025 • 40min
Episode 110: Securing GenAI Applications with Entra (3 of 4): Monitoring and More
Sharon Chahal, a Principal Program Manager at Microsoft focusing on Security Co-Pilot and Entra Identity Protection, dives into securing GenAI applications. She discusses vital enhancements in cloud security, including API management and updates on Azure Key Vault. The conversation also highlights the significance of controlled access and the tools available for auditing and monitoring. Additionally, Sharon emphasizes the transition to phishing-resistant authentication methods to safeguard sensitive data while fostering ethical practices and continuous learning in tech.

8 snips
Feb 19, 2025 • 38min
Episode 109: Securing GenAI Applications with Entra (2 of 4) - Overpermissioning
Bailey Bercik, a Senior Product Manager at Microsoft Entra, discusses the critical issue of overpermissioning in generative AI applications. He dives into how to leverage Microsoft Entra Permissions Management to tackle over-permissioned identities and enhance security in multi-cloud settings. The conversation touches on the implications of large models in automating scams and highlights the importance of managing permissions for data privacy. Bercik also shares insights on governance and the latest security developments related to Azure Confidential Ledger and AI red teaming.

10 snips
Jan 20, 2025 • 22min
Episode 108: Securing GenAI Applications with Entra
Diana Vicezar, a Product Manager at Microsoft, shares her insights on securing Generative AI applications with Entra. She highlights the necessity of awareness around AI security in today's business landscape. The conversation also touches on the potential risks of AI, including unauthorized access to information. Diana emphasizes the importance of basic security practices that are often overlooked, setting the stage for a deeper exploration in future discussions about integrating security into AI applications.

Jan 6, 2025 • 37min
Episode 107: Secure by default and Copilot Overshare Blueprints
Maxime Bombardier, a data security expert aiding clients in deploying Purview solutions, discusses essential topics. He delves into the significance of encryption and the critical need for user training. The conversation also covers the oversharing blueprint for Microsoft 365 Copilot, emphasizing a 'secure by default' strategy to protect sensitive information. Maxime highlights the integration challenges with Purview Blueprints and the importance of documentation for effective data governance, promoting best practices to enhance organizational security.

Dec 10, 2024 • 44min
Episode 106: Microsoft Ignite Security Wrap-up
In this episode, Michael, Mark, and Sarah go over what they found interesting from Microsoft Ignite. Mark has a discount code for his Zero Trust Book, too.https://aka.ms/aszecpod