The Azure Security Podcast

In this episode Michael, Mark and Sarah talk to Matt Zorich and Waymon Ho of the Microsoft GHOST team. We discuss the role GHOST plays in protecting both Microsoft and our customers from nation-state threat actors. We also cover the latest security news about Event Grid, NetApp Files, Chaos Studio and AKS. https://aka.ms/azsecpod

In this episode Michael, Sarah, Gladys and Mark talk about our careers so far, explain some funny stories and our wishes for a more secure future. Our storiesMark at the startSarah 4m 5sGladys 6m 50sMichael 12m 22sFunny StoriesMark 19m 31sSarah 20m 33sGladys 22m 46sMichael 24m 39sCareer AdviceMark 26m 58sSarah 29m 18sGladys 31m 48sMichael 34m 40sFutureMark 36m 27sSarah 38m 33sGladys 40m 34sMichael 42m 24sBehind the ScenesMark 43m 36s

In this (late) episode, we chat to Andrew McMurray, a Principal Product Manager at Microsoft about securing Copilot data as well as how Purview can play a role in doing so. We also cover news about MFA access to the Azure Portal (Important), PostgreSQL, Entra ID and Windows authn metadata, Backup Vaults, Conditional Access Policy, ADFS, and Azure Container Apps.

In this episode Michael and Gladys talk with guest Dave Weston about Secure Future Initiative and the growing use of the Rust programming language at Microsoft.On the topic of Rust, Michael and Dave nerd out, and we make no apologies!https://aka.ms/azsecpod

In this episode Michael and Sarah talk with guest Richard Diver about securing solutions that use AI and LLMs. Richard also talks about his new book on AI Security, and Michael and Richard talk about what it takes to write a book. We also discuss Azure Security news about Chaos Studio, API Management, Azure Bastion, Front Door, AKS and Copilot for Security and lots more!Also note, we have changed the URL for the show notes web site, so please use this from now on: https://aka.ms/azsecpod.

Yuri Diogenes shares insights on Cloud Native Application Protection Platform (CNAPP), discussing unified security solutions, threat hunting, and CNAB adoption. The episode also explores Microsoft Defender for Cloud protection plans and the importance of cybersecurity basics.

Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, discusses the current state of Threat Intelligence, including threat actor naming conventions, advanced persistent threats, and the adversarial relationship between analysts and cybercriminals. They also explore the importance of integrating threat intelligence into products for enhanced protection.

Ryan Munsch, an expert in Copilot for Security, discusses Azure Security news including Azure SQL DB, SSMS 20, Change Actor, Copilot for Azure SQL DB, Azure Container Apps, AI Prompt Shields, AI Groundedness Detection, and BlueHat India and Israel. They explore grounding AI models, Blue Hat Conferences, updates in Azure Services for security, the complexity and design considerations of Co-Pilot for Security, and its innovative AI systems.

Guests Tony Rice and David Ornstein discuss Continuous Security Development Lifecycle, Azure Key Vault, Cloud PKI, OAuth2, SQL Server password verifiers, Memory Safety, Azure SQL DB. They emphasize continuous evaluation, data-driven approach, transparent evidence, and data-driven security in compliance work for enhanced security measures.

In this episode Michael and Sarah talk to Martin Abbott about the Global Azure event that starts soon, https://globalazure.net/. We talk about how to successfully fill out a Call for Papers (CFP) so YOU can present to a global audience about security topics that interest you. We also cover security news SQL Always Encrypted, SymCrypt and Rust, SQL Security Fundamentals, and free Security 101 material.