
The Azure Security Podcast
A twice-monthly podcast dedicated to all things relating to Security, Privacy, Compliance and Reliability on the Microsoft Cloud Platform. Hosted by Microsoft security experts, Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos. https://aka.ms/azsecpod ©2020-2025 Michael Howard, Sarah Young, Gladys Rodriquez, and Mark Simos.
Latest episodes

Apr 17, 2025 • 23min
Episode 111: Securing Agentic AI
In this episode Michael and Sarah talk with guest Amanda Minnich about securing agentic AI systems, the security challenges they face, and how to secure them.We also discuss Azure Security news about Azure File Sync, Docker support in Azure and a new series of Secure Future Initiative videos with appearances from Michael, Sarah, and various guests.

Apr 1, 2025 • 40min
Episode 110: Securing GenAI Applications with Entra (3 of 4): Monitoring and More
In this episode Michael and Gladys talk to Sharon Chahal who is a Principal Program Manager in the Identity team at Microsoft about monitoring and auditing when building GenAI applications. We also cover other related topics.Michael and Gladys cover the latest security news about API Security Posture Management, Azure Key Vault in China, Azure Data Studio retirement, new least privilege permissions in Graph and more.https://aka.ms/azsecpod

Feb 19, 2025 • 38min
Episode 109: Securing GenAI Applications with Entra (2 of 4) - Overpermissioning
In this episode, Michael, Gladys and Mark talk to guest Bailey Bercik about the problem of overpermissioning and how to use Microsoft Entra Permissions Management to identify and manage over-permissioned identities in multi-cloud environments to reduce security risks, especially for AI apps.We also cover the latest security news about AI red teaming, Azure SQL DB logging, Azure Confidential Ledger, Star Blizzard spear-phishing campaign and CISA Zero Trust Maturity Model.https://aka.ms/azsecpod

Jan 20, 2025 • 22min
Episode 108: Securing GenAI Applications with Entra
In this episode Michael, Gladys, Mark and Sarah talk to guest Diana Vicezar from the Microsoft Entra team about security Generative AI applications. Note, this is a short, simple intro episode to introduce three follow-on episodes. We also cover security news about TLS 1.3 and Azure Event Grid, big updates to Microsoft Defender for Cloud, Azure Database for MySQL, SQL Managed Instance and Confidential Ledger.

Jan 6, 2025 • 37min
Episode 107: Secure by default and Copilot Overshare Blueprints
Maxime Bombardier, a data security expert aiding clients in deploying Purview solutions, discusses essential topics. He delves into the significance of encryption and the critical need for user training. The conversation also covers the oversharing blueprint for Microsoft 365 Copilot, emphasizing a 'secure by default' strategy to protect sensitive information. Maxime highlights the integration challenges with Purview Blueprints and the importance of documentation for effective data governance, promoting best practices to enhance organizational security.

Dec 10, 2024 • 44min
Episode 106: Microsoft Ignite Security Wrap-up
In this episode, Michael, Mark, and Sarah go over what they found interesting from Microsoft Ignite. Mark has a discount code for his Zero Trust Book, too.https://aka.ms/aszecpod

Nov 22, 2024 • 37min
Episode 105: Azure and Entra ID Security Tools
Merill Fernando, Principal Product Manager at Microsoft Entra, shares his expertise on open-source security tools designed to enhance Azure and Entra ID security. He discusses recent developments from the Microsoft Ignite event, including FIDO2 authentication and the retirement of older TLS versions. Insights on Zero Trust principles and the new security tool, Maester, highlight the importance of collaboration in tech solutions. Merill emphasizes the urgent need for Multi-Factor Authentication across organizations to bolster security awareness and frameworks.

Nov 8, 2024 • 37min
Episode 104: The Post Bluehat Wrap-up
In this episode, Michael talks to Nic Fillingham about the recent Microsoft Bluehat Security conference held at the Microsoft HQ in Redmond, WA. We also discuss how to tell the NZ and Australian accents apart. This alone is worth listening to :)This is a follow-on from episode 103 when we talked about what was coming up for Bluehat.No news, as this is a special, smaller episode. It's also the least edited; other than some ums and ers getting removed and a small retake, the result is as was recorded. Let us know what you think, this feels a little more 'chatty' and personable.https://aka.ms/azsecpod

Oct 17, 2024 • 48min
Episode 103: Security Conferences and Bluehat
In this episode we speak to Nic Fillingham who is a Senior Program Manager at Microsoft about security conferences and mainly about the Microsoft Bluehat conference he runs. We also discuss security about PostgreSQL, Cosmos DB, IP address management, containers and AI Studio. https://aka.ms/azsecpod

Oct 7, 2024 • 37min
Episode 102: Entra ID Purple-teaming with Dr Azure AD
In this episode Michael and Sarah talk to Nestori Syynimaa about Entra ID security and his purple-team tool, AADInternals. We also cover the latest security news about Secure Future Initiative (SFI), MFA for Azure Portal, Playright, WordPress, NSG, Bastion, Azure Functions, MS Ignite, App Service, Defender for Cloud, Containers, Azure Monitor, AKS, Trustworthy AI and Azure AI Content Safety.https://aka.ms/azsecpod
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.