Join us this episode as we continue our Passion to Profession month as we welcome Arielle Cireseanu-Acevedo, Cybersecurity Governance, Risk and Compliance Analyst.

Show Notes/Links

* Arielle’s LinkedIn profile: https://www.linkedin.com/in/arielle-cireseanu-acevedo/

* Accelerate your observability journey with Azure Monitor pipeline (preview): https://techcommunity.microsoft.com/t5/azure-observability-blog/accelerate-your-observability-journey-with-azure-monitor/ba-p/4124852

* Download the Azure Monitor pipeline deck: https://github.com/The-Microsoft-Security-Insights-Show/ShowCode/blob/main/Docs/Arc%20Jumpstart%20deck.pdf

Watch the Live Replay

Join us this episode as we continue our Passion to Profession month as we welcome Hatim Othman, Information Security Leader at Cisco Meraki.

Show Notes/Links

* Morten's blog link: https://mortenknudsen.net/?p=3200

* Reddit: https://old.reddit.com/r/sysadmin/comments/1eqziiy/patch_tuesday_megathread_20240813/li5kt6n/

* Bay Area Coffee Roasters: https://hdehal.github.io/coffee-maps/?fbclid=IwAR1RlnylrsBIaLhe8jPbRSAEwhIZs70MopkBMpbhF4k0REW6gJx0szedfWQ

Watch the live replay

Join us this episode as we talk with Angela Brown. Continuing our Passion to Profession month.

Show Notes/Links

* Angela’s LinkedIn profile: https://www.linkedin.com/in/angsec/

* Partner training on CfS: Copilot for Security (microsoft.github.io)

Microsoft 365 Message Center Archive (merill.net) – M365 updates (including security updates)

https://merill.net

– Awesome site and blog for Entra and AD tools and news

Entra ID has announced a new User Risk detection focused on Attacker in the Middle (AiTM). Click Here to Learn More.

Microsoft Research Published a blog about AiTM, describing architecture patterns that step in to block this using defense in depth strategies. Here is the blog

The NIST Zero Trust Implementation Guide featuring Microsoft’s Security Capabilities. This is the first industry wide effort that provides customers with a guide on how to implement Zero Trust security from a trusted “neutral” source (NIST) that tries to showcase how to implement the user cases using the different security vendors out there. Microsoft’s Security products featured prominently and we now have this beautiful mapping that shows that our products across the division can truly cover almost all the required capabilities to satisfy NIST’s requirements. Microsoft security partnered with NIST to announce the publication on our own blogs:Smoother Zero Trust with Microsoft and NIST | Microsoft Security BlogAnd this is the full picture blessed by NIST:

What is this effort?

Since early 2022, I have a lead a team of Zero Trust implementation experts across CXE, DSR and PG to collaborate with NIST’s NCCoE on this publication. After initial reception to their proposed Zero Trust reference architecture was mixed, NIST sought out this lab to make the architecture real by showing how it can be implemented. The lab featured over 20 of the most impactful security vendors in the industry. The lab organized the vendors into four “enterprises” each one showcasing a mix of different vendors and trying to implement the same use cases. We were able to both showcase our own capabilities for Microsoft Security as well as show that we play well with others as our “Enterprise 3” features Lookout, Forescout, Appgate and F5, for example.

Why is this important?

* NIST’s Zero Trust Reference Architecture is likely to be the blueprint used by other organizations and regulatory bodies to guide enterprise customers in how to deploy Zero Trust Access and security end to end. Having Microsoft represented shows our thought leadership as well as our desire to play well with others.

* Having all our capabilities on full display helps customers who decide to with the better together Microsoft story build the comfort that our suite of products covers all if not most of their needs.

* We were also able to influence many of the use cases themselves and add to them to showcase capabilities unique to the Microsoft story or better with the Microsoft story. For example, authentication context, authentication strength, access revocation and data security use cases were all added based on our feedback.

Watch the Live Replay

Join us this episode as we talk with Thomas Marsh, Cybersecurity Analyst at Telstra. Continuing our Passion to Profession month, Thomas has an interesting story to tell about his journey and his experience as a newbie in Cybersecurity.

Show Notes/Links

* (GA) You can now release or move email messages from quarantine back to the user's inbox directly from Take actions in advanced hunting and in custom detections. https://learn.microsoft.com/en-us/defender-xdr/custom-detection-rules#actions-on-emails

Watch the Live Replay

Robert Disney returns to the show to continue his demo of AI driven development. Code writing code to make the code better!

Show Notes/Links:

* Robert’s LinkedIn profile: https://www.linkedin.com/in/robertdisney/

* FauxPilot: https://github.com/robdisney/fauxpilot

* Copilot for Security: https://learn.microsoft.com/en-us/copilot/security/get-started-security-copilot

* The Perils of AI Self-Replication: Averting a "Model Collapse" https://rodtrent.substack.com/p/the-perils-of-ai-self-replication

* Jupiter Notebooks: https://jupyter.org/

*

Watch the live replay...

Join us this episode as we welcome the authors of The Definitive Guide to KQL from Microsoft Press, Mark Morowczynski, Matthew Zorich, and Rod Trent. Learn about the writing process. Hear how this book was put together, why it’s such an important release, and learn how this is not just a book, but a community collaboration. It takes a village.

Show Notes/Links

* Definitive Guide to KQL on Amazon: https://amzn.to/46ix0tX

* Definitive Guide to KQL on Microsoft Press: https://www.microsoftpressstore.com/store/definitive-guide-to-kql-using-kusto-query-language-9780138293383

* Definitive Guide to KQL GitHub repo: https://github.com/KQLMSPress/definitive-guide-kql

* Definitive Guide to KQL Copilot for Security Plugin: https://github.com/KQLMSPress/definitive-guide-kql/tree/main/Other/CfSPlugin

Watch the Live Replay

Join us this episode as we talk with Michael Melone, Cyber Threat Hunter at Microsoft. Michael Melone is a cybersecurity professional with over 20 years of experience, specializing in determined human adversary incident response, security operations, and KQL. As a principal security researcher for Microsoft's Defender Experts for XDR, Michael works as part of a team of analysts overseeing security operations for its customers and drives product design for the software used in its delivery. Prior to this role, he spent over 7 years investigating targeted attack incidents at customers across the globe as well as 3 years helping large enterprise customers onboard and operationalize the Microsoft 365 Defender XDR suite. Michael holds an executive MBA from USF, a Master of Science in IT Management specializing information assurance and security from Capella University, as well as being a long-time holder of the CISSP certification and a variety of other IT industry certifications. Michael is also the author of the books Designing Secure Systems and Think like a Hacker.

Show Notes/Links

* Michael Melone's LinkedIn profile - https://www.linkedin.com/in/mjmelone/

* Michael’s YouTube channel: https://www.youtube.com/channel/UCm4mtCNoTEVSPoxUhO4ssbg

* Michael's blog: https://melone.co/

Watch the live replay

Join us this episode as we welcome Heike Ritter, Principal Product Manager at Microsoft! Many of you already know (or have heard of) Heike, but this episode we get her all to ourselves to talk about how in her role at Microsoft she is leading knowledge building through the Virtual Ninja Training series, among other things.

Show Notes/Links

* Defender News: https://aka.ms/DefenderNews

* Ninja Training: https://aka.ms/NinjaTraining

* The Ninja Show: https://aka.ms/NinjaShow

* Sword of the Shattered Kingdoms: Ancient Crystal of Eldoria: https://amzn.to/3LfKKME

Watch the live replay