The Azure Security Podcast

Episode 126: Microsoft Baseline Security Mode

Sat, 21 Mar 2026 01:59:20 GMT

In this episode, Michael and Sarah talk to Sophie Ke and Dave Minasyan about Microsoft Baseline Security Mode, a new feature to help ease security settings. We also cover the latest Azure security news including Microsoft 365 E7, Microsoft 365 Copilot, Azure Blob Storage SFTP, Azure Database for PostgreSQL, and new Confidential VM types.

https://aka.ms/azsecpod

Episode 125: Origins of MITRE ATT&CK

Fri, 27 Feb 2026 19:19:29 GMT

In this episode Michael and Mark talk with guest Blake Strom about the origins of the MITRE ATT&CK framework, how it was developed, and how it has evolved over time. We also discuss how the framework is used in the industry and its impact on cybersecurity.

We also discuss Azure Security news about Azure Monitor, Azure Application Gateway, AKS, Azure Front Door, AMD v6 Confidential VMs, and xxx

https://aka.ms/azsecpod

Episode 124: Microsoft Security Response Center for AI

Fri, 30 Jan 2026 23:15:20 GMT

In this episode Michael talks to Raji Vanninathan about the Microsoft Security Response Center for AI.

We also cover security news about AKS Deployment Safeguards policies.

https://aka.ms/azsecpod

Episode 123: Agentic Identity

Wed, 21 Jan 2026 20:58:49 GMT

In this episode, Michael, Sarah and Mark talk to Nick Wryter about agentic AI identity, with a big focus on least privilege issues. We also cover news about:

Microsoft AI Tour
Azure Database for PostgresSQL
Azure MCP Server for Azure Confidential Ledger
Application Gateway, FIPS 140-2 and TLS
Outbound internet access from VMs
Azure NetApp Files and Ransomware protection
Azure Cosmos DB Mirroring

https://aka.ms/azsecpod

Episode 121: New Open Group Security Standards Documentation

Fri, 21 Nov 2025 20:24:25 GMT

In this episode Michael and Sarah talk with co-host Mark Simos about new security standards documentation from the Open Group. It's a long episode but worth it!

We also discuss Azure Security news about Private Endpoints, Azure Front Door, Azure WAF CAPTCHA, Azure Sphere, Private Link Service Direct Connect, Azure Integrated HSM, Azure Firewall pre-scaling and observed capacity metric, and Microsoft Ignite.

https://aka.ms/azsecpod

Episode 120: The Zero Trust Workshop (and so much more!)

Wed, 29 Oct 2025 15:58:52 GMT

In this episode Michael talks with guest Merill Fernando about the Zero Trust Workshop, but we also spend time talking about all things identity! Merill's final thought is pure gold, too!

The only bit of news is about Azure SQL DB and how TDE key management during restore,

Episode 119: Pedantic Security Wording and Taxonomies

Thu, 09 Oct 2025 21:04:00 GMT

In this episode Michael, Sarah and Mark talk with guest Ryen Macababbad, Principal Security Program Manager at Microsoft about her current work on standardizing security terminology and taxonomy across Microsoft.

Also, how getting terminology right is important to security, especially for those with neurodiverse conditions, such as autism.

We also discuss Azure Security news about the Microsoft AI tour Sarah is doing, Cosmos DB, and Michael goes on a rant about TLS certificate checking.

https://aka.ms/azsecpod

Episode 118 - Quantum Cryptography and Quantum Computing with Mark Russinovich

Fri, 19 Sep 2025 18:01:03 GMT

In this episode Michael and Mark talk with guest Mark Russinovich, Technical Fellow, Deputy CISO and Chief Technology Officer of Microsoft Azure about quantum cryptography and quantum computing and its implications for security and the future.

NOTE: There's a portion where Mark and Michael talk about a quote made by Richard Feynman about understanding technical topics, but this is actually attributed to Albert Einstein. However, there is no definitive record of Einstein writing or saying this exact phrase in his published works or speeches.

We decided to not cover any Azure Security news in this episode.

Episode 117: Cloud Gaming Security

Fri, 29 Aug 2025 19:15:00 GMT

In this episode Michael and Sarah talk to Russ Rogers from the Xbox team about gaming security in general and Xbox specifically. This is the first time we have covered the topic! There is also so much news, we really list all the announcements here! It's about 9 mins of security news!

https://aka.ms/azsecpod

Episode 116: Microsoft Sentinel Data Lake

Thu, 31 Jul 2025 19:22:26 GMT

In this episode Michael, Sarah and Mark talk to Mark Kendrick about Microsoft Sentinel Data Lake. We also cover news about The Open Group - Roles and Glossary standards, Security Adoption Module 5 - Data Security, Microsoft Azure Cloud HSM, WAF and Containers, PostgreSQL and PowerBI, Azure Managed Lustre, and more. Also, Sarah mentions some Developer Security YouTube videos coming out from MS Build!

https://aka.ms/azsecpod

Episode 115: Security in Model Context Protocol (MCP)

Thu, 10 Jul 2025 21:12:27 GMT

In this episode, Michael, Sarah and Mark talk to Den Delimarksy about the current posture of Model Context Protocol. Den serves on the committee that oversees MCP.

We also cover the latest security news about Azure Firewall, OpenTelemetry, Azure Front Door, Azure Database for PostgreSQL and Azure Kubernetes Service.

https://aka.ms/azsecpod

Episode 114: SQL Server 2025 Security Improvements

Mon, 09 Jun 2025 17:44:50 GMT

In this episode, Michael talks to Pieter Vanhove and Pratim Dasgupta about the new security changes in SQL Server 2025.

The news includes updates on MCP, Private Link and Microsoft Build 2025 security sessions presented by Michael and Sarah.

https://aka.ms/azsecpod

Episode 113: Microsoft Red Team

Fri, 16 May 2025 21:03:26 GMT

In this episode, Michael, Sarah, and Mark talk to Craig Nelson, VP of the Microsoft Red Team about how the Red Team works to help secure Microsoft and its customers.

In life, there are things you know you know, things you know you don't know, and finally, things you don't know you don't know. This episode is full of the latter.

We also cover security news about LLMs and MCP, TLS 1.1 and 1.0 deprecation, Private End Point Improvements, Containers and more.

https://aka.ms/azsecpod

Episode 112: Security Copilot Agents

Tue, 13 May 2025 19:19:50 GMT

In this episode Michael talks with guest Ran Munsch, Principal Product Manager at Microsoft about Security Copilot and Security Copilot Agents.

We also discuss Azure Security news about System.Data.SqlClient, April 2025 Secue Future Initiative progress report, Azure Database for PosrgreSQL, Azure DevTest Labs, VNets, Front Door WAF CAPTCHA, API management and more.

https://aka.ms/azsecpod

Episode 111: Securing Agentic AI

Thu, 17 Apr 2025 19:41:02 GMT

In this episode Michael and Sarah talk with guest Amanda Minnich about securing agentic AI systems, the security challenges they face, and how to secure them.

We also discuss Azure Security news about Azure File Sync, Docker support in Azure and a new series of Secure Future Initiative videos with appearances from Michael, Sarah, and various guests.

Episode 110: Securing GenAI Applications with Entra (3 of 4): Monitoring and More

Tue, 01 Apr 2025 17:51:05 GMT

In this episode Michael and Gladys talk to Sharon Chahal who is a Principal Program Manager in the Identity team at Microsoft about monitoring and auditing when building GenAI applications. We also cover other related topics.

Michael and Gladys cover the latest security news about API Security Posture Management, Azure Key Vault in China, Azure Data Studio retirement, new least privilege permissions in Graph and more.

https://aka.ms/azsecpod

Episode 109: Securing GenAI Applications with Entra (2 of 4) - Overpermissioning

Wed, 19 Feb 2025 04:15:04 GMT

In this episode, Michael, Gladys and Mark talk to guest Bailey Bercik about the problem of overpermissioning and how to use Microsoft Entra Permissions Management to identify and manage over-permissioned identities in multi-cloud environments to reduce security risks, especially for AI apps.

We also cover the latest security news about AI red teaming, Azure SQL DB logging, Azure Confidential Ledger, Star Blizzard spear-phishing campaign and CISA Zero Trust Maturity Model.

https://aka.ms/azsecpod

Episode 108: Securing GenAI Applications with Entra

Mon, 20 Jan 2025 22:55:45 GMT

In this episode Michael, Gladys, Mark and Sarah talk to guest Diana Vicezar from the Microsoft Entra team about security Generative AI applications. Note, this is a short, simple intro episode to introduce three follow-on episodes.

We also cover security news about TLS 1.3 and Azure Event Grid, big updates to Microsoft Defender for Cloud, Azure Database for MySQL, SQL Managed Instance and Confidential Ledger.

Episode 107: Secure by default and Copilot Overshare Blueprints

Mon, 06 Jan 2025 21:17:14 GMT

Happy New Year!

In this episode Michael, Sarah and Mark talk to Maxime Bombardier and Emily Blundo about the Secure by default and Copilot overshare blueprints.

We also cover news about Always Encrypted Assessment in SQL Server Management Studio, MVP Summit, mapping Entra to the Open Group standard for Adaptive Access, and various CISO Workshop topics!

https://aka.ms/azsecpod

Episode 106: Microsoft Ignite Security Wrap-up

Tue, 10 Dec 2024 21:48:04 GMT

In this episode, Michael, Mark, and Sarah go over what they found interesting from Microsoft Ignite. Mark has a discount code for his Zero Trust Book, too.

https://aka.ms/aszecpod

Episode 105: Azure and Entra ID Security Tools

Fri, 22 Nov 2024 15:03:43 GMT

In this episode, Michael, Sarah, and Mark talk to Merill Fernando about a set of open source tools he and his team have developed to help people understand their Azure and Entra ID security postures.

We also cover news about Fabric, TLS 1.o and 1,1 retirement, Microsoft Ignite, FIDO2, Confidential Containers and Red Hat OpenShift and various Zero Trust news.

https://aka.ms/azsecpod

Episode 104: The Post Bluehat Wrap-up

Fri, 08 Nov 2024 22:39:52 GMT

In this episode, Michael talks to Nic Fillingham about the recent Microsoft Bluehat Security conference held at the Microsoft HQ in Redmond, WA. We also discuss how to tell the NZ and Australian accents apart. This alone is worth listening to :)

This is a follow-on from episode 103 when we talked about what was coming up for Bluehat.

No news, as this is a special, smaller episode. It's also the least edited; other than some ums and ers getting removed and a small retake, the result is as was recorded. Let us know what you think, this feels a little more 'chatty' and personable.

https://aka.ms/azsecpod

Episode 103: Security Conferences and Bluehat

Thu, 17 Oct 2024 14:49:53 GMT

In this episode we speak to Nic Fillingham who is a Senior Program Manager at Microsoft about security conferences and mainly about the Microsoft Bluehat conference he runs.

We also discuss security about PostgreSQL, Cosmos DB, IP address management, containers and AI Studio.

https://aka.ms/azsecpod

Episode 102: Entra ID Purple-teaming with Dr Azure AD

Mon, 07 Oct 2024 18:27:27 GMT

In this episode Michael and Sarah talk to Nestori Syynimaa about Entra ID security and his purple-team tool, AADInternals.

We also cover the latest security news about Secure Future Initiative (SFI), MFA for Azure Portal, Playright, WordPress, NSG, Bastion, Azure Functions, MS Ignite, App Service, Defender for Cloud, Containers, Azure Monitor, AKS, Trustworthy AI and Azure AI Content Safety.

https://aka.ms/azsecpod

Episode 101: The GHOST Threat Hunting Team

Fri, 20 Sep 2024 22:15:34 GMT

In this episode Michael, Mark and Sarah talk to Matt Zorich and Waymon Ho of the Microsoft GHOST team. We discuss the role GHOST plays in protecting both Microsoft and our customers from nation-state threat actors.

We also cover the latest security news about Event Grid, NetApp Files, Chaos Studio and AKS.

https://aka.ms/azsecpod

Episode 100: Our stories so far

Thu, 29 Aug 2024 19:56:14 GMT

In this episode Michael, Sarah, Gladys and Mark talk about our careers so far, explain some funny stories and our wishes for a more secure future.

Our stories

Mark at the start
Sarah 4m 5s
Gladys 6m 50s
Michael 12m 22s

Funny Stories

Mark 19m 31s
Sarah 20m 33s
Gladys 22m 46s
Michael 24m 39s

Career Advice

Mark 26m 58s
Sarah 29m 18s
Gladys 31m 48s
Michael 34m 40s

Future

Mark 36m 27s
Sarah 38m 33s
Gladys 40m 34s
Michael 42m 24s

Behind the Scenes

Mark 43m 36s

Episode 99: Securing Copilot AI Data and Purview

Fri, 16 Aug 2024 20:06:59 GMT

In this (late) episode, we chat to Andrew McMurray, a Principal Product Manager at Microsoft about securing Copilot data as well as how Purview can play a role in doing so. We also cover news about MFA access to the Azure Portal (Important), PostgreSQL, Entra ID and Windows authn metadata, Backup Vaults, Conditional Access Policy, ADFS, and Azure Container Apps.

Episode 98: Secure Future Initiative and Rust at Microsoft

Fri, 21 Jun 2024 18:07:42 GMT

In this episode Michael and Gladys talk with guest Dave Weston about Secure Future Initiative and the growing use of the Rust programming language at Microsoft.

On the topic of Rust, Michael and Dave nerd out, and we make no apologies!

https://aka.ms/azsecpod

Episode 97: Securing AI

Thu, 06 Jun 2024 18:54:51 GMT

In this episode Michael and Sarah talk with guest Richard Diver about securing solutions that use AI and LLMs. Richard also talks about his new book on AI Security, and Michael and Richard talk about what it takes to write a book.

We also discuss Azure Security news about Chaos Studio, API Management, Azure Bastion, Front Door, AKS and Copilot for Security and lots more!

Also note, we have changed the URL for the show notes web site, so please use this from now on: https://aka.ms/azsecpod.

Episode 96: Cloud Native Applications Protection Platform (CNAPP)

Fri, 03 May 2024 19:23:40 GMT

In this episode Michael, Sarah, and Mark talk with guest (and good friend of the podcast) Yuri Diogenes about CNAPP - Cloud Native Application Protection Platform and announce the release of a CNAPP e-book.

Episode 95: Threat Intelligence

Thu, 25 Apr 2024 16:11:01 GMT

In this episode Michael, Sarah and Mark talk with guest Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft about the current state of Threat Intelligence.

We also discuss Azure Security news about Tampa BSides, Virtual Networks, Azure Database for MySQL and PostgreSQL, and SQL Server on Linux.

The Microsoft Azure Security Podcast (azsecuritypodcast.net )

Episode 94: Copilot for Security

Mon, 01 Apr 2024 16:00:27 GMT

In this episode Michael, Sarah and Mark talk with guest Ryan Munsch about the newly released Copilot for Security. We also discuss Azure Security news about Azure SQL DB, SSMS 20, Change Actor, Copilot for Azure SQL DB, Azure Container Apps, AI Prompt Shields, AI Groundedness Detection and BlueHat India and Israel.

New tab (azsecuritypodcast.net )

Episode 93: Continuous Security Development Lifecycle

Mon, 25 Mar 2024 18:15:29 GMT

In this episode Michael, Sarah, and Mark talk with guests Tony Rice and David Ornstein about insights into the Continuous SDL (Security Development Lifecycle).

We also discussed Azure Security news about Azure Key Vault, Cloud PKI, OAuth2, updated SQL Server password verifiers, Memory Safety and Azure SQL DB.

The Microsoft Azure Security Podcast (azsecuritypodcast.net )

Episode 92: Global Azure is soon, sign up and give a security presentation!

Fri, 15 Mar 2024 15:44:57 GMT

In this episode Michael and Sarah talk to Martin Abbott about the Global Azure event that starts soon, https://globalazure.net/. We talk about how to successfully fill out a Call for Papers (CFP) so YOU can present to a global audience about security topics that interest you. We also cover security news SQL Always Encrypted, SymCrypt and Rust, SQL Security Fundamentals, and free Security 101 material.

Episode 91: Azure Chaos Studio

Tue, 13 Feb 2024 19:04:40 GMT

In this episode, Michael talks with Rigel Carlson from the Chaos Studio development team about Chaos Studio through a security lens. Michael also discusses news about Midnight Blizzard and \has some advice about using Azure's DefaultAzureCredential()

The Microsoft Azure Security Podcast (azsecuritypodcast.net )

Episode 90: AI Red Teaming

Mon, 29 Jan 2024 18:03:47 GMT

This is a MUST LISTEN episode for anyone involved in products using AI, or for people who want to learn some of the latest attacks against large language models. Make sure you peruse the exhaustive list of AI security links at The Microsoft Azure Security Podcast (azsecuritypodcast.net ),

We cover news about Azure SQL DB, Trusted VMs, NetApp Files, Azure Load Testing and Front Door. Mark covers further details about Zero Trust and the CISO Workshop.

Episode 89: We Look Back on 2023

Mon, 18 Dec 2023 20:05:43 GMT

In this episode we look back at what stood out for each of us and what we go up to. We also cover something not security-related, but of interest to all your geeks out there - EQ vs IQ. So make sure you stay until the end!

Episode 88: Securing SQL Databases though the eyes of an attacker

Fri, 01 Dec 2023 17:15:33 GMT

In this episode Michael talks with colleagues in the Azure Data Platform Security Team, Sharath Unni and Raul Garcia about securing Azure SQL DB, SQL MI and SQL Server through the eyes of an attacker.

Episode 87: Advances in Always Encrypted and Transparent Data Encryption

Wed, 15 Nov 2023 17:00:17 GMT

In this episode, Michael talks with his colleagues Pieter Vanhove and Mirek Sztajno about updates to Always Encrypted and Transparent Data Encryption in SQL Server and Azure SQL DB.

Episode 86: Zero Trust Playbook Series Zero Trust Overview and Playbook Introduction

Tue, 31 Oct 2023 01:05:56 GMT

In this episode Michael talks with guest Nikhil Kumar and our own Mark Simos about a new book they have co-authored named "Zero Trust Playbook Series Zero Trust Overview and Playbook Introduction: Actionable Guidance for Business, Security, and Technology Leaders and Practitioners."

Episode 85: Security Bug Bounties

Wed, 11 Oct 2023 22:09:25 GMT

In this episode Michael and Sarah talk with guest Madeline Eckert about Security Bug Bounties.We also discuss Azure Security news about SQL Server 2022, Azure certificate changes, TLS 1.0 and 1.1 deprecation, GitHub security scanning, Ransomeware defenses, Zero Trust and more.; and by 'more' we mean lock-picking!

Episode 84: Attack Simulation

Fri, 22 Sep 2023 16:53:00 GMT

In this episode Michael, Sarah, Gladys, and Mark talk with guest Roberto Rodriguez about attack simulation, Cloud Katana, and AI.We also discuss Azure Security news about Azure SQL DB, Azure Key Vault, Cosmos DB, Trusted Launch VMs, Azure Artifacts, Zero Trust, Windows and TLS and Entra ID.

Episode 83: PowerShell Automation and Scripting for Cybersecurity

Mon, 14 Aug 2023 14:52:21 GMT

In this episode Michael and Sarah with guest Miriam Wiesner about her new book, "PowerShell Automation and Scripting for Cybersecurity" which comes out soon. We also discussed Azure Security news about: Azure SQL DB Always Encrypted improvements, Azure SQL Managed Instance, App Gateway for Containers and Bring your own Key for AKS Ephemeral Disks.

Episode 82: Modern Security Strategy

Tue, 08 Aug 2023 12:55:08 GMT

This week Michael and Mark talk to Microsoft Security MVP Truls Dahlsveen about his thoughts on Modern Security Strategy. It's a fascinating and practical discussion!

We also cover security news about Application Gateway TLS policy, Defender for IoT and some new documentation from the OpenGroup about Zero Trust Commandments.

Episode 81: Audit logging in Azure SQL Database

Fri, 28 Jul 2023 19:15:52 GMT

In this special episode Michael talks to his colleague Sravani Saluru about how to configure, monitor and manage audit logging in Azure SQL Database. She also shares some inside hints and tips!

Episode 80: Microsoft Incident Response

Fri, 14 Jul 2023 18:39:31 GMT

In this episode Michael and Sarah talk with guest Matt Zorich from the Microsoft Incident Response team. We also cover the latest Azure security news about Azure's Web Application Firewall and Azure Monitor RBAC.

Episode 79: Threat Intelligence with MSTICPy

Tue, 13 Jun 2023 18:03:11 GMT

In this episode, Michael and Sarah talk to Thomas Roccia about Threat Intelligence with MSTICPy. We also cover security news about Azure Files SMB, App Gateway, Event Hubs and Linux Containers.

Episode 78: Entra Permissions Management updates

Fri, 02 Jun 2023 17:13:31 GMT

In this episode Michael and Gladys talk with guests Marcelo di lorio and Neil Walker about all the latest news in Entra Permissions Management.We also cover the latest Azure security news about Microsoft Build, Confidential Computing, Key Vault, SQL MI, and Azure Content Safety and more.

Episode 77: Securing Infrastructure as Code (IaC)

Fri, 19 May 2023 17:11:25 GMT

This week, Michael, Mark and Gladys talk to Anthony Shaw about some of the best practices and tooling for securing Infrastructure as Code (IaC) solutions. Sarah is away in Singapore, presenting at BlackHat.We also cover security news about DDoS, Cosmos DB, Microsoft Defender for APIs, Load Balancer, Zero Trust and discovering Internet-facing devices.

Episode 76: Microsoft Security Research Insights

Wed, 03 May 2023 20:25:31 GMT

In this episode Michael, Sarah, and Mark talk with guest Negar Shabab. We also discuss Azure Security news about new Confidential Computing VMs, SQL Server, T-SQL Parsing, Auditing in Azure SQL DB, Sentinel and more.

Make sure you go to The Microsoft Azure Security Podcast (azsecuritypodcast.net ), because Mark ordered pizza during the recording.

Episode 75: What's new in Microsoft Defender for Cloud

Fri, 14 Apr 2023 18:01:58 GMT

In this episode Michael, Sarah, Gladys, and Mark talk with a good friend of the Podcast, Yuri Diogenes, about the latest Microsoft Defender for Cloud news.We also discuss Azure Security news about Trusted VM Launch, Chaos Studio, Azure SQL DB, DDoS protection, Confidential Containers, Firewall and more.

Episode 74: What's New in Azure Policy

Fri, 07 Apr 2023 20:17:52 GMT

Michael and Mark talk to Kemley Nieva from the Azure Governance team about some of the recent updates and improvements to Azure Policy. We also cover the latest Azure security news covering Microsoft Security Copilot, Azure Functions, SQL Managed Instance, Azure Backup, Ephemeral OS disks, Azure Cache for Redis, Azure SQL Database, Azure Monitor, API Management, Azure Maps and Storage.

Episode 73: Microsoft Defender for Cloud as Code

Thu, 23 Mar 2023 20:01:02 GMT

In this episode Michael and Gladys talk with guests Sean Wesonga and Bojan Magusic about using Infrastructure as Code (IaC) with Microsoft Defender for Cloud. We also discuss Azure Security news about new Azure SQL Database migration abilities for authentication and Transparent Data Encryption (TDE).

Episode 72: What's top of mind for the hosts and career advice!

Wed, 08 Mar 2023 16:26:43 GMT

In this episode Michael, Sarah, Gladys and Mark interview each other! The Podcast is almost three years old, and things have changed for each of us, so we thought we'd re-introduce ourselves, reflect, give career advice, and talk about what's top of mind for each of us!

We also discuss Azure Security news about SQL Server and Azure SQL DB, MFA and AAD, AAD and IPv6, new SC-100 study guide and more.

Episode 71: Azure SQL Database and Always Encrypted using Virtualization-Based Security Enclaves

Wed, 15 Feb 2023 18:51:40 GMT

In this special episode, Michael sits down with Pieter Vanhove about a new addition to the SQL Server 'Always Encrypted' family. The new addition, Virtualization-Based Security Enclaves (VBS), is now in Preview and allows for more scalability and lower cost when using secure enclaves compared to the current SGX-based enclaves.

Episode 70: Microsoft Purview

Mon, 13 Feb 2023 23:16:45 GMT

In this episode Michael and Sarah talk with guests Beau Faull and Lou Mercuri about some new features and updated naming in Microsoft Purview. Beau and Lou are also co-hosts of the Coast2Coast Podcast on YouTube.

We also discuss Azure Security news about Trusted Boot VMs, Sentinel and Defender for Cloud.

Episode 69: Secured Supply Chain and Software Bill of Materials (SBOM)

Thu, 02 Feb 2023 19:32:54 GMT

In this episode, Michael and Mark talk to Adrian Diglio about Software Bill of Materials and its role in helping secure the software supply chain.

We also have news items about SQL Server, Azure SQL DB, Azure Database for PostgreSQL, Azure Database for MySQL and Application Secure Groups and Private Endpoints. Mark goes over MCRA, Immutable Laws of Cybersecurity and Security Architecture Design.

Episode 68: SQL Server 2022

Wed, 07 Dec 2022 23:30:40 GMT

Michael sits down with Ajay Jagannathan who is the Principal Group PM Manager for SQL Server. Michael also covers a couple of SQL Server related news items.

Privileged Access

Thu, 24 Nov 2022 14:25:59 GMT

Michael and Sarah talk to Bronwyn Mercer from Microsoft Australia about Privileged Access as well as some ideas and processes to help you succeed. Also, the latest security news about Managed HSM, Defender for DevOps, TLS and ARM, SQL Server 2022, Application Gateway.

Finally, 'Designing and Developing Secure Azure Solutions' is now available. https://azsec.tech/get

Workload Identities

Fri, 11 Nov 2022 18:09:55 GMT

In this episode Michael, Sarah and Mark talk with guest Joey Snow about Workload Identities in Azure. We also chat about least privilege and privileged accounts in general. Finally, the latest Azure Security news about: Azure Front Door, Log Analytics, Web Application Firewall and AKS SSH keys.

Microsoft Defender for Threat Intelligence

Fri, 04 Nov 2022 21:37:15 GMT

EDIT: Nov 11th, there was an error at around 27m; Gladys and Rijuta were talking over each other.

In this episode Michael, Sarah, Gladys and Mark talk with guests Rijuta Kapoor and Brandon about Microsoft Defender for Threat Intelligence. We also discuss Azure Security news about Azure Service Bus and TLS, PostgreSQL, VMs, SQL Server and Confidential VMs, Azure SQL DB, Workload Identities, Microsoft Entra and other security news from Ignite.

The SQL Server Permission Model Explained

Sat, 15 Oct 2022 00:43:04 GMT

In this special, out of band episode, Michael talks to Andreas Wolter about the SQL Server and Azure SQL Database permission model. To many, the model is a mystery, but Andreas explains how it works as Michael poses security challenges.

Microsoft Entra Permissions Management

Fri, 07 Oct 2022 21:07:40 GMT

In this episode we talk to Nick Wryter about Microsoft Entra Permissions Management. We also cover the latest security news about Azure Firewall, Azure Database for MySQL, NetApp files, ADLS Gen2, AKS, Conditional Access and Identity Federation.

Microsoft Defender for Endpoint Tamper Protection

Wed, 28 Sep 2022 15:03:48 GMT

In this episode, Josh Bregman discusses a critically important feature in MDE - Tamper Protection which helps prevent unwanted changes to your security and essential functions.

We also cover the latest security news about Synapse SQL, Service Bus, Storage, Redis, Azure SQL, MySQL, AKS, Managed Disks and Microsoft Defender.

Securing Operational Technology (OT)

Fri, 26 Aug 2022 22:01:48 GMT

In this episode we speak to Elizabeth Stephens about practices and philosophies for protecting OT. We also cover news about SQL MI, Private Endpoints, Load Testing, TLS 1.3, AKS and Confidential VMs and Azur Firewall.

Also, this is the first episode to use the phrase "things that are not supposed to blow up!"

Microsoft Defender for Cloud - AWS and GCP

Tue, 23 Aug 2022 23:28:46 GMT

In this episode, we talk to Safeena about Begun about Microsoft Defender for Cloud to monitor multi-cloud environments including Azure, on-prem, AWS and GCP. We also talk about changes coming to Azure's root CA certificates, Microsoft Entra and more.

Chief Information Security Officer (CISO) Workshop

Tue, 09 Aug 2022 18:54:15 GMT

In this episode Michael and Sarah talk to Mark about the newly version of the CISO Workshop. We also have news about Confidential Ledger, Gateway Load Balancer (new!), Azure Database for MySQL and Trust Launch.

Innovations in Azure Confidential Computing

Fri, 22 Jul 2022 16:41:07 GMT

In this episode, Michael talks to Run Cai and Vikas Bhatia about some of the latest Confidential Computing services available on Azure including new Confidential VMs from AMD.

Microsoft Sentinel Content Hub

Tue, 12 Jul 2022 21:05:37 GMT

In this episode, Michael, Sarah and Mark talk to Roey Ben Chaim about Microsoft Sentinel Content Hub. We also cover the latest security news about Exchange Online, Microsoft Entra Permissions Manager, MSTICPy, Purview DLP, Azure Monitor, Backup and App Insights.

Advanced Threat Hunting with Microsoft 365 Defender

Fri, 08 Jul 2022 18:57:50 GMT

Michael sits down with Michael Melone to discuss hunting for adversaries using Microsoft 365 Defender's Advanced hunting capabilities.

Azure security news this week includes Azure Advisor for MySQL, using custom CAs with AKS, App Gateway Private Link, continuous backup in Cosmos DB, and API Management CSP and CORS support.

Practical Zero Trust

Tue, 28 Jun 2022 19:39:04 GMT

Michael and Sara talk to Matt Soseman about his take on practical Zero Trust and Michael goes on a rant about Zero Trust's Assume Breach pillar. We also cover Azure news about Azure SQL DB, Container Apps, Bastion, Sentinel and Microsoft Entra.

Azure SQL Managed Instance Windows Authentication

Tue, 14 Jun 2022 14:58:56 GMT

In this episode Michael talks to Sravani Saluru who is a Senior Program Manager in the Azure Data Platform, about Azure SQL Managed Instance and Windows authentication support which is in preview. We talk about where SQL MI fits in the SQL family, as well as how to configure SQL MI so your one-prem client can access SQL MI in Azure seamlessly.

Azure SQL Database Ledger

Tue, 24 May 2022 15:00:19 GMT

In this special episode Sarah and Michael talk to Pieter Vanhove about Azure SQL Database Ledger.

Ledger is a new feature built into Azure SQL DB and SQL Server 2022. that helps protect data from tampering from attackers or high-privileged users, including database administrators (DBAs), system administrators, and cloud administrators.

Microsoft Defender for Containers

Wed, 18 May 2022 20:49:59 GMT

In this episode we talk to Shay Amar about Microsoft Defender for Containers, we go into the weeds in places! Also, Azure security news about Confidential Compute VMs, Azure Arc, Sentinel and Ransomware. Michael and Sarah also discuss their experiences with the AZ-500 exam refresh.

Updates to CosmosDB Security

Mon, 18 Apr 2022 18:48:28 GMT

In this episode we speak to Thomas Weiss from the Azure Data team about new security capabilities in CosmosDB, specifically Always Encrypted and data-plane RBAC. We also have security news about Confidential Compute, Azure Data Explorer, Load Balancer, DNS Reservations, ZLoader malware, Azure Monitor, MSTICPy and NIST SP 800-40.

Microsoft Cybersecurity Reference Architectures

Mon, 04 Apr 2022 21:12:15 GMT

In this special episode, Mark chats about the MCRA as well as the Cloud Adoption Framework (CAF), and various related topics. We shied away from the news this week to focus on Mark's topic, but Michael couldn't resist talking about the fact that CosmosDB now supports Always Encrypted.

RiskIQ Explained

Wed, 23 Mar 2022 16:32:44 GMT

Gladys and Michael talk to Jason Zann, VP, Head of Platform about RiskIQ, a recent Microsoft acquisition. We also cover the latest security news about API Management, Azure Monitor, Defender for Cloud, Identity Protection and Sensitivity labels.

Microsoft Compliance Manager

Fri, 11 Mar 2022 18:56:16 GMT

We chat with Al Eardley about Compliance, Security and Microsoft Compliance Manager, as well as news about CosmosDB, Azure Load Testing, CodeQL, Azure Active Directory, Zero Trust, Sentinel and new cyber blog from Microsoft.

Microsoft Defender for IoT

Tue, 22 Feb 2022 23:58:12 GMT

We talk to Chris Hallum about all things Microsoft Defender for IoT. He also discusses IoT security in detail, as well as some new features on the horizon. Also, we cover the news for Microsoft Sentinel, Azure Active Directory, Azure SQL DB, new Azure Learning resources, Azure Monitor and Payment HSM.

Microsoft Sentinel Extensions

Fri, 11 Feb 2022 19:27:21 GMT

In this episode we speak to Matt Egen about how Microsoft Sentinel can pull in telemetry and threat intel data from various sources. He talks about the new Codeless Connectors as well as his views on IP-based filtering.

Lessons from moving to Zero Trust in a SOC

Wed, 26 Jan 2022 22:48:30 GMT

We talk to Kristin Burke about some of the lessons learned and best practices when moving to Zero Trust and how that affects the Security Operations Center or SOC.

Lots of news too: Azure Cache for Redis, API Management, Kubernetes, PostgreSQL, Sentinel, KQL and Confidential Compute.

Security: The Boring Bits!

Fri, 14 Jan 2022 21:31:04 GMT

In this episode we talk to Jess Dodson about some of the basic security practices she sees Azure users do well and could improve. We also discuss the latest news about Log4j, Azure Key Vault and automatic key rotation, Storage and AD and ABAC and new security training.

Everything you need to know about Azure Policy

Wed, 29 Dec 2021 05:50:36 GMT

In this episode Michael, Sarah, Gladys and Mark talk to Liz Kim about the innards of Azure Policy as well as best practices for effective deployment of Policy. She also outlines some of the exciting new features coming soon.

We also discuss news about App Service and Azure Functions, new Confidential Compute VMs, Azure Bastion, Microsoft Defender for Cloud, AKS, ExpressRoute and more.

Inside Azure Monitor

Fri, 10 Dec 2021 02:33:56 GMT

In this episode Michael and Mark talk to Dave Lubash about Azure Monitor. We also cover news about Zero Trust Commandments, Azure SQL DB, Logic Apps, Confidential Computing, AKS and Log Analytics.

MS Ignite Security Highlights

Tue, 16 Nov 2021 20:23:55 GMT

In this episode we chat with Abbas Kudrati about the latest security news and announcements from the recent Microsoft Ignite event. There were numerous announcement including naming changes for some of the products you know and love.

Jupyter Notebooks for Incident Response

Fri, 05 Nov 2021 17:24:49 GMT

We speak to Julie Koesmarno about Jupyter Notebooks on Azure generally, and specifically about using them to help with Incident Response. We also cover security news about .NET 6.0, Azure Monitor, HDInsight, Azure Static Web Apps, Azure Key Vault, Kubernetes, Firewall, Sentinel, Ransomware, IoT Solutions and more!

Microsoft Digital Defense Report

Fri, 22 Oct 2021 22:01:38 GMT

We talk to Mark McIntyre about the recent Microsoft Digital Defense Report. The two Marks discuss at length the report as well as cyber-crime, ransomware, digital currencies and more. We also cover security news about Azure Security Center, Windows 11, OWASP Top 10 2021 and the OWASP 20th anniversary, the recent 2.4Tbps DDoS against Azure Sentinel and Mark updates his 'Mark's List'

Azure Active Directory Conditional Access

Wed, 06 Oct 2021 17:56:57 GMT

In this episode we talk to Daniel Wood about Conditional Access in Azure Active Directory, some best practices and a few hints about future updates,

We also discuss security news about Azure disks, Purview, Site Recovery, Azure SQL DB, Defender for IoT, Ransomware and more.

Daniel and Michael discuss 'Do no Harm' in Security...

Attacker Tradecraft with Simuland

Wed, 22 Sep 2021 21:52:09 GMT

In this episode we talk to Roberto Rodriguez about a Microsoft open source tool to help researchers understand how attackers attack and compromise systems. Simuland lets you deploy labs to reproduce and learn from attack techniques and test your own detection and prevention tooling.

We also have awesome news about NSG and UDR support in Private Link, Azure Virtual Desktop, SMB 3.1.1, Azure Monitor and Azure Data Explorer, Azure Security Center, Windows 11 and Microsoft Cloud Reference Architectures.

Azure Defender for SQL - Vulnerability Assessment

Fri, 10 Sep 2021 22:40:59 GMT

Michael and David Trigano of the Azure Defender for SQL Vuln Assessment geek out about SQL security. Gladys discusses the ramifications of the recent Executive Order on Cybersecurity and Mark describes some new MS Cybersecurity Reference Architecture material. Sarah is still taking a break, but she'll be back soon.

A Deep Look at Azure Defender for SQL - Threat Protection

Tue, 24 Aug 2021 20:09:17 GMT

In this episode we talk to Michael Makhlevich about Azure Defender for SQL - Threat Protection. Michael Howard and our guest geek out about common SQL security issues and MichaelM gives some interesting philosophical insights into securing SQL databases - it's not just the data! We also cover security news from Managed Hardware Security Module (MSH), App Config, Sentinel, Machine Learning, Azure Security Center and much more.

Study Guide for SC-200: Microsoft Security Opertions Analyst

Mon, 02 Aug 2021 21:03:59 GMT

This episode is a little different; no news! Michael talks with Yuri Diogenes and Sarah about the various Azure Security certifications, and Sarah and Yuri talk about their upcoming study guide for SC-200: Microsoft Security Operations Analyst.

Zero Trust at Microsoft

Wed, 28 Jul 2021 22:40:28 GMT

In this episode Michael, Sarah, Gladys and Mark talk with guest Carmichael Patton, a Senior Security Architect in the Digital Security and Resiliency group at Microsoft about Microsoft's journey to Zero Trust and some of the lessons learned along the way.

We also discuss Azure Security news about: Azure Sentinel, Azure Automation, Azure SQL DB and Always Encrypted withe Secure Enclaves, App Insights, App Service and Functions, Azure Active Directory, Azure Firewall, Azure Kubernetes Service, Azure Security Center, Azure Bastion.

Mark also talks about some Open Group actitivites and recent Microsoft security acquisitions.

Azure Sentinel SOC Process Workbook

Wed, 07 Jul 2021 03:40:33 GMT

In this episode Michael, Sarah, Gladys and Mark talk with guest Rin Ure about the Azure Sentinel SOC Process Framework Workbook. We also discuss Azure Security news about Azure Web Application Firewall, Azure Front Door, Azure SQL DB, Azure Sphere, Confidential Compute VMs and episode 2 of the Spanish Azure Security Podcast is now out.

Azure Security Automation

Tue, 29 Jun 2021 23:17:11 GMT

In this episode we talk to Nicholas DiCola about automating security tasks in Azure. We also cover security news about Azure Monitor, Confidential Computing, Azure Key Vault, Visual Studio Code, Azure Sentinel, Azure Defender for MySQL, MariaDB, PostgreSQL and IoT, and more. Make a point of listening to Mark's comments about the state of Human-operated Ransomware.

Microsoft Threat Intelligence - MSTIC

Tue, 15 Jun 2021 19:13:22 GMT

In this episode we interview Pete Bryan from the Microsoft Threat Intelligence Center - MSTIC - about lessons learned from the recent highly-public nation-state attacks on US infrastructure. We also cover news about GitHub, CosmosDB, Storage account key rotation, Azure Functions, SimuLand, Gladys also announces that there is now a Spanish edition of the Azure Security Podcast.

Azure Data Explorer

Fri, 04 Jun 2021 19:18:03 GMT

In this episode Michael, Sarah, Gladys and Mark talk with Minni Walia about Azure Data Explorer, a fast and highly scalable data exploration service for log and telemetry data.

We also discuss Azure Security news about Bicep, VPN Gateway, Azure Backup, Azure Security Center, AKS, Azure Sentinel, IoT Hub, API Management, SimuLand and Microsoft Cybersecurity Reference Architectures and Microsoft Cloud Adoption Framework.

Azure Purview

Fri, 21 May 2021 02:58:58 GMT

In this episode Michael, Gladys and Mark talk with guests Gopal Shankar and Arvind Chandaka discuss a new data governance product Azure Purview. We also discuss Azure Security news for the following: Azure Monitor, Storage, cryptography, Zero Trust, Incident Response, Azure Information Protection, Ransomware and more.

Applied Data Science, AI and machine learning in Security

Wed, 05 May 2021 15:49:04 GMT

In this episode Michael, Sarah, Gladys and Mark talk with guest Sharon Xia about applied Artificial intelligence and Machine Learning in Cybersecurity. This is one of those episodes where many of us learned a great deal about something we know little about! We also discuss Azure Security news for: Azure VMs, Azure Charts, Zero Trust and the Open Group, Sentinel, App Gatewat, Security Technical Content Library and a new Azure Networking Security book.

Azure Bastion

Mon, 19 Apr 2021 22:33:31 GMT

We speak to Tanu Balla from the Azure Hybrid Networking team about Azure Bastion. We also cover security news about Azure Sentinel, DataBricks, PowerBI, App Service, Power Fx, TypeScript, Azure Active Directory, a new Azure Security Technical Implementation Guide (STIG) and Azure App Proxy.

Customer Questions about Azure Security

Mon, 05 Apr 2021 23:05:37 GMT

In this episode we talk to Chuck Enstall about what he's hearing from customers about Azure security, including segregation of subscriptions, RBAC policies and more. We also cover security news about GitHub's CodeQL, SecDevOps, storage accounts, Azure SQL and Synapse, Event Grid, Media Services, Azure Communications Services, IoT Hub, ExpressRoute, Key Vault, Azure Cache for Redis, Azure Active Directory, PCI DSS, Exchange, a beta of the SC-200 exam, "Microsoft Security Operations Analyst (beta)" and more!

Security News Dump from Ignite

Wed, 24 Mar 2021 01:58:52 GMT

This episode is a little different, we cover the latest security news and updates from the Microsoft Ignite conference. Lots of topics covering SQL Server, CosmosDB, Azure Security Center, Azure Kubernetes Service, Windows 2022, VM updates, Azure Sphere, Azure Backup, TypeScript, Azure Sentinel and Azure Purview.

Azure Network Security

Fri, 05 Mar 2021 23:31:25 GMT

In this episode we speak to Anthony Roman about Azure Network, topics include fundamentals like VNets, subnets, NSGs, User-defined routes, Azure Firewall and Azure Frontdoor.

Mark has a public-service announcement about patching on-prem Exchange servers, and we discuss the latest news about the Microsoft Data Encryption SDK, TypeScript, customer managed keys for tables and queues, User and Entity Behavior Analytics, DataBricks and more.

Azure Sentinel

Mon, 08 Feb 2021 17:03:46 GMT

In this episode Michael, Sarah, Gladys and Mark talk with guest Ofer Shezaf about Azure Sentinel.

In the news we discuss Azure Security news for the following services: Azure Security Center, HDInight, Azure Attestation and IaaS SQL Server using Secure Enclaves.

Gladys covers some of the material she learned this week about Privileged Access Workstations (PAWs), especially in light of Solorigate. PAWs are not just for tier-0 admins, but also for developers.

Mark covers Azure Security Benchmarks, extending threat and vulnerability management to macOS and shares details about Cybersecurity Maturity Model Certification (CMMC) Workbook.

Ofer is a Principal Product Manage in the Azure Sentinel team and has years of experience building Security Information and Events Management (SIEM) systems.

Ofer also discusses the history of Azure Sentinel and shares some of his insightful philosophies about SIEMs.

An Inside look at Securing Azure

Fri, 22 Jan 2021 23:41:31 GMT

In this episode Michael, Sarah, Gladys and Mark talk with guest Alex DeDonker, and member of the Azure STRIKE team, about his team's role in helping secure the Microsoft Azure cloud platform. We also discuss the latest Azure Security news for the following services: Azure Sphere, Azure Backup, Managed Disks, Azure Security Center, Azure Policy, Azure Defender for SQL, Azure Health Bot and Azure Automation. Finally, Mark discusses some updated Solorigate resources and human operated ransomware.

Azure Security Podcast - Azure Firewall

Fri, 08 Jan 2021 21:51:23 GMT

In this episode we cover recent security news including the latest on the SolarWind attack and updates for Security Center, Azure Stream Analytics, Google's Web Signin, Power BI and BGP improvements. Then we speak to Suren Jamiyanaa about Azure Firewall.

Azure Security Podcast - Security and Compliance with Microsoft 365

Fri, 11 Dec 2020 02:18:51 GMT

In this episode we cover recent Azure security news for SQL Server, IoT Hub, Azure Security Center, Databricks, Azure Policy with GitHub and Connection Manager. Gladys introduces a new product Azure Purview. We then talk to Miriam Wiesner about Security and Compliance using Microsoft 365 as well as her pet project: EventLists. If you're confused about Azure Defender, Microsoft Defender or Microsoft 365 Defender, then this is the podcast for you!

Recommended that you have this diagram handy: M365.png (2475×1292) (azsecuritypodcast.net)

Website: The Microsoft Azure Security Podcast (azsecuritypodcast.net)

Azure Security Podcast - Azure Data Centers

Mon, 30 Nov 2020 20:57:49 GMT

In this episode Michael Howard and Sarah Young talk to Gary Buckmaster a Senior Architect in the Microsoft Technology Center in Sydney, Australia, about Azure Datacenter security, compliance and reliability. We also cover news about Azure Attestation, Confidential Computing, Storage and Virtual Machines.

Azure Security Podcast - Azure Policy

Sat, 14 Nov 2020 06:19:40 GMT

Michael Howard, Sarah Young and Mark Simos with guest Nick Fadziewicz who is a Principal Consultant at Microsoft working in the Azure and AI team.

In this episode we cover security news about Azure Datalake Storage Gen 2 ACLs, HDInsight and Azure Batch now support Private Link in preview. TLS protocol version support on Storage accounts, Azure Security Center vulnerability assessments and improved Kubernetes support, Azure Firewall DNS updates and more.

Of note is a free e-book "Azure for Architects 3rd Ed" is now available.

Azure Security Podcast - Azure Security Top 10 Practices

Fri, 30 Oct 2020 18:02:26 GMT

This week we cover security news about Log Analytics, Azure Key Vault, IoT, Zero Trust and more. Mark talks about VPN tech, and we then speak to Tom Quinn about the Top 10 Azure Security Practices.

Azure Security Podcast - Azure Security Benchmarks

Fri, 16 Oct 2020 18:46:55 GMT

In this episode we discuss Azure security news, including a new member to the Azure Key Vault family, immutable storage, PowerBI and private endpoints, Azure Security Center updates and Azure Top 10 Security practices. Finally, the team chats with Amrita about the Azure Security Benchmark project.

Azure Security Podcast - Security News from Microsoft Ignite 2020

Wed, 07 Oct 2020 22:09:12 GMT

In this special episode Michael Howard and Mark Simos sit down with guest Cyril Voisin to cover the Azure security, compliance and governance news that came out of Microsoft Ignite 2020.

The topics covered include updated news on the Microsoft Defender suite, Key Vault, SQL Server, Kubernetes, Data Loss Prevention, Azure Security Center, Zero Trust, Microsoft Information Governance and much more.

Azure Security Podcast - Confidential Computing

Fri, 02 Oct 2020 19:18:15 GMT

In this episode we discuss current Azure security news for VMs, IoT, Azure Arc, Sentinel and more.

Mark gives his analysis of the latest Microsoft Digital Defense Report and then Sarah and Michael talk to Aeva about the technology, benefits and future of Confidential Computing on Azure at various levels of the hardware and software stack.

Azure Security Podcast - Microsoft Graph

Thu, 17 Sep 2020 21:23:12 GMT

In this episode we discuss recent Azure security news including TLS in IoT (again!), Log Analytics REST APIs, Azure Information Protection, Azure Monitor and Confidential Computing.

We then talk to Yina Arenas about the vision behind Microsoft Graph and how it can be used to help build security and IT management solutions.

Azure Security Podcast - Threat Hunting with Microsoft Threat Protection

Fri, 04 Sep 2020 19:52:01 GMT

After covering the new we interview Tali Ash from Microsoft Israel to discuss the tools available in Microsoft Threat Protection to secure Azure and on-prem networks

Azure Security Podcast - Cybersecurity Maturity Model Certification

Fri, 21 Aug 2020 18:21:15 GMT

In this episode we cover the latest Azure security news and Mark chats about the role of threat models and shared responsibility in Azure. Guest, Maryam Rahmani then discusses the Cybersecurity Maturity Model Certification (CMMC) and the role it plays in protecting Dept. of Defense (DoD) contractors from cyber attacks.

Azure Security Podcast - Network Isolation and Private Endpoints

Fri, 07 Aug 2020 20:16:20 GMT

In this episode we cover the latest Azure security news. Gladys discusses some IT training available from Microsoft to help people looking for IT positions in the wake of COVID-19 job-related issues.

Michael then talks to Randy about the history of network isolation in Azure, as well as some DNS gotchas when using private endpoints.

Azure Security Podcast - Identity

Thu, 23 Jul 2020 19:53:40 GMT

In this episode we cover recent Azure security news, Gladys discusses some security research findings about weak security caused by companies rushing to deploy remte solutions for their workers and finally, Sarah chats to Ryen Macababbad about Azure identity, MFA and why having numerous security agents running on a box is bad.

Azure Security Podcast - Incident Response and Compromise Recovery

Thu, 09 Jul 2020 23:59:22 GMT

In this episode we speak to Jay Yuzwenko about Incident Response and Compromise Recovery, especially as it relates to admins accessing Azure from compromised systems.

Azure Security Podcast - Azure Security Topics You Should Be Aware Of

Fri, 26 Jun 2020 19:28:35 GMT

In this episode we interview David Sanchez, a Microsoft Azure Security specialist, and cover topics like bots, crypto miners, private link, DDoS and much more.

Azure Security Podcast - CosmosDB Security

Thu, 11 Jun 2020 20:04:29 GMT

In this episode we speak to Thomas Weiss and Tony Voellm about CosmosDB security; we cover the basics of CosmosDB, encryption of data at rest, authentication, authorization, network isolation and monitoring. We also cover some near-term updates for client-side encryption and data-plane RBAC.

Azure Security Podcast - Azure Security Center and AZ-500

Thu, 28 May 2020 19:35:46 GMT

In this episode Michael and Sarah go over their experiences clearing the AZ-500 Azure Security Exam. Gladys talks more about Zero Trust, Mark Cloud Adoption Framework and finally, we interview Yuri Diogenes about some new Azure Security Center features announced at Microsoft Build.

Azure Security Podcast - In-depth Container Security

Thu, 14 May 2020 19:33:52 GMT

In this episode Sarah chats to Michael Withrow about some of the finer details regarding container security on Azure.

Azure Security Podcast #001 - Containers and Secure Enclaves

Sat, 02 May 2020 23:30:00 GMT

Recorded 30th April, 2020. Michael Howard, Sarah Young, Gladys Rodriquez and Mark Simos. In this episode, we introduce the hosts and discuss Azure Security Center's ability to scan containers for malware as well as new Confidential Computing VMs that support Intel's SGX enclave technology.

Episode 127: Threat intel update and AI

Thu, 30 Apr 2026 15:41:54 GMT

In this episode, Michael, Sarah and Mark talk with Sherrod DeGrippo about some of the latest tactics and strategies used by modern threat actors, we also wander into the AI security weeds!

We only have one news item related to Azure SQL databases.

https://aka.ms/azsecpod

Episode 122: Microsoft Ignite 2025 Wrap-up

Mon, 15 Dec 2025 15:48:21 GMT

In this episode Michael, Sarah and Mark discuss security-related topics from the recent Microsoft Ignite 2025 event. Lots of AI-related security topics, including using AI for security and defending AI systems. Bitlocker, Windows and so much more!

This is the last episode of 2025! It was a blast, and thanks for listening! We hope you find this material useful!

https://aka.ms/azsecpod

@AzureSecPod

See you in 2026!