A twice-monthly podcast dedicated to all things relating to Security, Privacy, Compliance and Reliability on the Microsoft Cloud Platform. Hosted by Microsoft security experts, Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos. https://aka.ms/azsecpod ©2020-2025 Michael Howard, Sarah Young, Gladys Rodriquez, and Mark Simos.
Gladys and Michael talk to Jason Zann, VP, Head of Platform about RiskIQ, a recent Microsoft acquisition. We also cover the latest security news about API Management, Azure Monitor, Defender for Cloud, Identity Protection and Sensitivity labels.
We chat with Al Eardley about Compliance, Security and Microsoft Compliance Manager, as well as news about CosmosDB, Azure Load Testing, CodeQL, Azure Active Directory, Zero Trust, Sentinel and new cyber blog from Microsoft.
We talk to Chris Hallum about all things Microsoft Defender for IoT. He also discusses IoT security in detail, as well as some new features on the horizon. Also, we cover the news for Microsoft Sentinel, Azure Active Directory, Azure SQL DB, new Azure Learning resources, Azure Monitor and Payment HSM.
In this episode we speak to Matt Egen about how Microsoft Sentinel can pull in telemetry and threat intel data from various sources. He talks about the new Codeless Connectors as well as his views on IP-based filtering.
We talk to Kristin Burke about some of the lessons learned and best practices when moving to Zero Trust and how that affects the Security Operations Center or SOC. Lots of news too: Azure Cache for Redis, API Management, Kubernetes, PostgreSQL, Sentinel, KQL and Confidential Compute.
In this episode we talk to Jess Dodson about some of the basic security practices she sees Azure users do well and could improve. We also discuss the latest news about Log4j, Azure Key Vault and automatic key rotation, Storage and AD and ABAC and new security training.
In this episode Michael, Sarah, Gladys and Mark talk to Liz Kim about the innards of Azure Policy as well as best practices for effective deployment of Policy. She also outlines some of the exciting new features coming soon. We also discuss news about App Service and Azure Functions, new Confidential Compute VMs, Azure Bastion, Microsoft Defender for Cloud, AKS, ExpressRoute and more.
In this episode Michael and Mark talk to Dave Lubash about Azure Monitor. We also cover news about Zero Trust Commandments, Azure SQL DB, Logic Apps, Confidential Computing, AKS and Log Analytics.
In this episode we chat with Abbas Kudrati about the latest security news and announcements from the recent Microsoft Ignite event. There were numerous announcement including naming changes for some of the products you know and love.
We speak to Julie Koesmarno about Jupyter Notebooks on Azure generally, and specifically about using them to help with Incident Response. We also cover security news about .NET 6.0, Azure Monitor, HDInsight, Azure Static Web Apps, Azure Key Vault, Kubernetes, Firewall, Sentinel, Ransomware, IoT Solutions and more!
We talk to Mark McIntyre about the recent Microsoft Digital Defense Report. The two Marks discuss at length the report as well as cyber-crime, ransomware, digital currencies and more. We also cover security news about Azure Security Center, Windows 11, OWASP Top 10 2021 and the OWASP 20th anniversary, the recent 2.4Tbps DDoS against Azure Sentinel and Mark updates his 'Mark's List'
In this episode we talk to Daniel Wood about Conditional Access in Azure Active Directory, some best practices and a few hints about future updates, We also discuss security news about Azure disks, Purview, Site Recovery, Azure SQL DB, Defender for IoT, Ransomware and more. Daniel and Michael discuss 'Do no Harm' in Security...
In this episode we talk to Roberto Rodriguez about a Microsoft open source tool to help researchers understand how attackers attack and compromise systems. Simuland lets you deploy labs to reproduce and learn from attack techniques and test your own detection and prevention tooling. We also have awesome news about NSG and UDR support in Private Link, Azure Virtual Desktop, SMB 3.1.1, Azure Monitor and Azure Data Explorer, Azure Security Center, Windows 11 and Microsoft Cloud Reference Architectu...
Michael and David Trigano of the Azure Defender for SQL Vuln Assessment geek out about SQL security. Gladys discusses the ramifications of the recent Executive Order on Cybersecurity and Mark describes some new MS Cybersecurity Reference Architecture material. Sarah is still taking a break, but she'll be back soon.
In this episode we talk to Michael Makhlevich about Azure Defender for SQL - Threat Protection. Michael Howard and our guest geek out about common SQL security issues and MichaelM gives some interesting philosophical insights into securing SQL databases - it's not just the data! We also cover security news from Managed Hardware Security Module (MSH), App Config, Sentinel, Machine Learning, Azure Security Center and much more.
This episode is a little different; no news! Michael talks with Yuri Diogenes and Sarah about the various Azure Security certifications, and Sarah and Yuri talk about their upcoming study guide for SC-200: Microsoft Security Operations Analyst.
In this episode Michael, Sarah, Gladys and Mark talk with guest Carmichael Patton, a Senior Security Architect in the Digital Security and Resiliency group at Microsoft about Microsoft's journey to Zero Trust and some of the lessons learned along the way. We also discuss Azure Security news about: Azure Sentinel, Azure Automation, Azure SQL DB and Always Encrypted withe Secure Enclaves, App Insights, App Service and Functions, Azure Active Directory, Azure Firewall, Azure Kubernetes Service, Azu...
In this episode Michael, Sarah, Gladys and Mark talk with guest Rin Ure about the Azure Sentinel SOC Process Framework Workbook. We also discuss Azure Security news about Azure Web Application Firewall, Azure Front Door, Azure SQL DB, Azure Sphere, Confidential Compute VMs and episode 2 of the Spanish Azure Security Podcast is now out.
In this episode we talk to Nicholas DiCola about automating security tasks in Azure. We also cover security news about Azure Monitor, Confidential Computing, Azure Key Vault, Visual Studio Code, Azure Sentinel, Azure Defender for MySQL, MariaDB, PostgreSQL and IoT, and more. Make a point of listening to Mark's comments about the state of Human-operated Ransomware.
In this episode we interview Pete Bryan from the Microsoft Threat Intelligence Center - MSTIC - about lessons learned from the recent highly-public nation-state attacks on US infrastructure. We also cover news about GitHub, CosmosDB, Storage account key rotation, Azure Functions, SimuLand, Gladys also announces that there is now a Spanish edition of the Azure Security Podcast.
In this episode Michael, Sarah, Gladys and Mark talk with Minni Walia about Azure Data Explorer, a fast and highly scalable data exploration service for log and telemetry data. We also discuss Azure Security news about Bicep, VPN Gateway, Azure Backup, Azure Security Center, AKS, Azure Sentinel, IoT Hub, API Management, SimuLand and Microsoft Cybersecurity Reference Architectures and Microsoft Cloud Adoption Framework.
In this episode Michael, Gladys and Mark talk with guests Gopal Shankar and Arvind Chandaka discuss a new data governance product Azure Purview. We also discuss Azure Security news for the following: Azure Monitor, Storage, cryptography, Zero Trust, Incident Response, Azure Information Protection, Ransomware and more.
In this episode Michael, Sarah, Gladys and Mark talk with guest Sharon Xia about applied Artificial intelligence and Machine Learning in Cybersecurity. This is one of those episodes where many of us learned a great deal about something we know little about! We also discuss Azure Security news for: Azure VMs, Azure Charts, Zero Trust and the Open Group, Sentinel, App Gatewat, Security Technical Content Library and a new Azure Networking Security book.
We speak to Tanu Balla from the Azure Hybrid Networking team about Azure Bastion. We also cover security news about Azure Sentinel, DataBricks, PowerBI, App Service, Power Fx, TypeScript, Azure Active Directory, a new Azure Security Technical Implementation Guide (STIG) and Azure App Proxy.
In this episode we talk to Chuck Enstall about what he's hearing from customers about Azure security, including segregation of subscriptions, RBAC policies and more. We also cover security news about GitHub's CodeQL, SecDevOps, storage accounts, Azure SQL and Synapse, Event Grid, Media Services, Azure Communications Services, IoT Hub, ExpressRoute, Key Vault, Azure Cache for Redis, Azure Active Directory, PCI DSS, Exchange, a beta of the SC-200 exam, "Microsoft Security Operations Analyst (beta)...
This episode is a little different, we cover the latest security news and updates from the Microsoft Ignite conference. Lots of topics covering SQL Server, CosmosDB, Azure Security Center, Azure Kubernetes Service, Windows 2022, VM updates, Azure Sphere, Azure Backup, TypeScript, Azure Sentinel and Azure Purview.
In this episode we speak to Anthony Roman about Azure Network, topics include fundamentals like VNets, subnets, NSGs, User-defined routes, Azure Firewall and Azure Frontdoor. Mark has a public-service announcement about patching on-prem Exchange servers, and we discuss the latest news about the Microsoft Data Encryption SDK, TypeScript, customer managed keys for tables and queues, User and Entity Behavior Analytics, DataBricks and more.
In this episode Michael, Sarah, Gladys and Mark talk with guest Ofer Shezaf about Azure Sentinel. In the news we discuss Azure Security news for the following services: Azure Security Center, HDInight, Azure Attestation and IaaS SQL Server using Secure Enclaves. Gladys covers some of the material she learned this week about Privileged Access Workstations (PAWs), especially in light of Solorigate. PAWs are not just for tier-0 admins, but also for developers. Mark covers Azure Security Benchmarks,...
In this episode Michael, Sarah, Gladys and Mark talk with guest Alex DeDonker, and member of the Azure STRIKE team, about his team's role in helping secure the Microsoft Azure cloud platform. We also discuss the latest Azure Security news for the following services: Azure Sphere, Azure Backup, Managed Disks, Azure Security Center, Azure Policy, Azure Defender for SQL, Azure Health Bot and Azure Automation. Finally, Mark discusses some updated Solorigate resources and human operated ransomware....
In this episode we cover recent security news including the latest on the SolarWind attack and updates for Security Center, Azure Stream Analytics, Google's Web Signin, Power BI and BGP improvements. Then we speak to Suren Jamiyanaa about Azure Firewall.
