Let's Talk Azure!

Alan and Sam explore exciting new features from Microsoft, including updates in Microsoft Entra, Intune, and Defender. They discuss the recent Azure changes, highlighting a notable retirement of a feature. The conversation dives into security enhancements, especially the integration of Sentinel into Defender XDR, and AI improvements across platforms. Listeners will also learn about new functionalities in Microsoft 365, such as AI-driven retention policies. The episode wraps up with insights on navigating Azure Local and its relationship with Microsoft 365.

Alan and Sam discuss the topic of Generative AI usage and it should be monitored by organisations. Alan talks about some of the Microsoft tooling that can help monitor these services and protect data being consumed. The importance of monitoring Generative AI usage. How Microsoft tooling can help monitor and protect Gen AI usage What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Discover the latest buzz from Microsoft as the hosts dive into exciting updates like features from Entra, Intune, and Defender. AI's transformative role in marketing takes center stage, discussing personalized content amidst authenticity concerns. Barclays Bank's adoption of Microsoft's Copilot aims to boost productivity for 100,000 employees. Key enhancements to Microsoft Defender XDR are unveiled, alongside discussions on integrating Azure Purview with third-party services and addressing data security in the generative AI era. Finally, learn about Azure's ongoing evolution with fresh features and improved security management.

In this episode, we dive deep into ScubaGear, an open-source tool developed by the Cybersecurity and Infrastructure Security Agency (CISA) as part of the Secure Cloud Business Applications (SCuBA) project. Designed to assess Microsoft 365 (M365) tenant configurations, ScubaGear helps organizations align with CISA’s Secure Configuration Baselines (SCBs) to prevent costly misconfigurations. From setup to real-world applications, we unpack how ScubaGear strengthens M365 security and share practical tips for IT admins and security teams. What You’ll Learn: Why ScubaGear Matters: Learn how ScubaGear addresses the growing threat of cloud misconfigurations, which accounted for 30% of cloud attacks in early 2024. We discuss its origins in CISA’s SCuBA project, and its value for US federal agencies, private organizations, and critical infrastructure. How ScubaGear Works: A technical breakdown of ScubaGear’s PowerShell-based workflow, using Microsoft Graph APIs and Open Policy Agent (OPA) to compare tenant settings against SCBs. We cover setup requirements. Common Misconfigurations: Examples like disabled MFA or weak DLP policies, and how ScubaGear’s HTML, JSON, and CSV reports provide actionable remediation steps. Best Practices: Tips for integrating ScubaGear into security workflows, including regular scans, policy customization, and combining with tools like Microsoft Secure Score. Real-World Insights: Sam shares experiences from consulting. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Alan and Sam discuss the benefits and use cases of Security Copilot. Alan Dives into how Security Pilot works and what some of the capabilities are. Here are a few things we covered: What is Generative AI What is Security Copilot What are Agents How much does it cost? What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Explore the latest Microsoft updates, including exciting features from Entra, Intune, and Defender. Discover insights into recent cybersecurity incidents and the vital enhancements in Microsoft Defender, particularly around privileged access management. Delve into advancements in Azure services, from security improvements to expanded functionalities. The conversation also covers Azure pricing nuances and hints at future topics like the security copilot. Stay tuned for the evolution of Microsoft's security landscape!

The hosts dive into fresh innovations unveiled at Microsoft Secure 2025. Key highlights include the powerful Security Copilot Agents and advancements in Microsoft Entra. They discuss the critical challenge of protecting against emerging AI threats. Insights on navigating phishing reports reveal how organization size affects user vigilance. Additionally, there's a focus on enhancing data security tools and the complexities of responding to privacy breaches. AI's role in streamlining security operations also sparks intriguing conversations throughout.

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest. Some of the Microsoft product features and update we covered: Key Microsoft Entra, Intune and Defender features and updates Lots of Azure changes and new features What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

The hosts explore the crucial role of OAuth apps in data security and the potential risks they pose to organizations. They discuss how Microsoft Defender for Cloud Apps can enhance app governance and monitor permissions effectively. Key topics include best practices for managing user consent, overprivileged apps, and the importance of real-time visibility into app usage. The conversation highlights the challenges of securing personally identifiable information while leveraging cloud technology. It’s a deep dive into safeguarding cloud applications!

In this episode, we dive into two great features of Microsoft Defender for Cloud: Security Explorer and Attack Paths. Join us as we unpack how these tools leverage the Cloud Security Graph to help you hunt down risks, map potential attack routes, and prioritize your cloud security efforts like never before. Whether you’re managing Azure, AWS, or a hybrid setup, this episode is packed with insights to level up your defense strategy. What You’ll Learn: How the Cloud Security Graph provides a unified view of your multicloud environment. Using Security Explorer to proactively identify vulnerabilities and misconfigurations with custom queries. Visualizing Attack Paths to see how attackers could move from an entry point to your critical assets. Practical tips for prioritizing fixes and boosting your Secure Score. Real-world examples of these tools in action and how to get started today. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript