The Azure Security Podcast

In this episode Michael and Gladys talk with guest Dave Weston about Secure Future Initiative and the growing use of the Rust programming language at Microsoft.On the topic of Rust, Michael and Dave nerd out, and we make no apologies!https://aka.ms/azsecpod

In this episode Michael and Sarah talk with guest Richard Diver about securing solutions that use AI and LLMs. Richard also talks about his new book on AI Security, and Michael and Richard talk about what it takes to write a book. We also discuss Azure Security news about Chaos Studio, API Management, Azure Bastion, Front Door, AKS and Copilot for Security and lots more!Also note, we have changed the URL for the show notes web site, so please use this from now on: https://aka.ms/azsecpod.

Yuri Diogenes shares insights on Cloud Native Application Protection Platform (CNAPP), discussing unified security solutions, threat hunting, and CNAB adoption. The episode also explores Microsoft Defender for Cloud protection plans and the importance of cybersecurity basics.

Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, discusses the current state of Threat Intelligence, including threat actor naming conventions, advanced persistent threats, and the adversarial relationship between analysts and cybercriminals. They also explore the importance of integrating threat intelligence into products for enhanced protection.

Ryan Munsch, an expert in Copilot for Security, discusses Azure Security news including Azure SQL DB, SSMS 20, Change Actor, Copilot for Azure SQL DB, Azure Container Apps, AI Prompt Shields, AI Groundedness Detection, and BlueHat India and Israel. They explore grounding AI models, Blue Hat Conferences, updates in Azure Services for security, the complexity and design considerations of Co-Pilot for Security, and its innovative AI systems.

Guests Tony Rice and David Ornstein discuss Continuous Security Development Lifecycle, Azure Key Vault, Cloud PKI, OAuth2, SQL Server password verifiers, Memory Safety, Azure SQL DB. They emphasize continuous evaluation, data-driven approach, transparent evidence, and data-driven security in compliance work for enhanced security measures.

In this episode Michael and Sarah talk to Martin Abbott about the Global Azure event that starts soon, https://globalazure.net/. We talk about how to successfully fill out a Call for Papers (CFP) so YOU can present to a global audience about security topics that interest you. We also cover security news SQL Always Encrypted, SymCrypt and Rust, SQL Security Fundamentals, and free Security 101 material.

In this episode, Michael talks with Rigel Carlson from the Chaos Studio development team about Chaos Studio through a security lens. Michael also discusses news about Midnight Blizzard and \has some advice about using Azure's DefaultAzureCredential()The Microsoft Azure Security Podcast (azsecuritypodcast.net)

The podcast covers a range of interesting topics, including AI Red Teaming and the concept of 'jail-breaking' large language models. They discuss the interplay between language and AI models, as well as the importance of red teaming and mitigating risks in AI. Updates on security for Azure SQL and SQL Server are also provided.

In this episode we look back at what stood out for each of us and what we go up to. We also cover something not security-related, but of interest to all your geeks out there - EQ vs IQ. So make sure you stay until the end!