The Azure Security Podcast  

In this episode Michael, Sarah, Gladys and Mark talk about our careers so far, explain some funny stories and our wishes for a more secure future.

Our Stories

Mark at the start

Sarah 4m 5s

Gladys 6m 50s

Michael 12m 22s

Funny Stories

Mark 19m 31s

Sarah 20m 33s

Gladys 22m 46s

Michael 24m 39s

Career Advice

Mark 26m 58s

Sarah 29m 18s

Gladys 31m 48s

Michael 34m 40s

Future

Mark 36m 27s

Sarah 38m 33s

Gladys 40m 34s

Michael 42m 24s

Behind the Scenes

43m 36s

BLOOPER: Not Michael's proudest moment!

Links

• Transcript

In this (late) episode Michael, Sarah, Gladys and Mark talk with guest Andrew McMurray  ( ) a Principal Product Manager at Microsoft about securing Copilot AI data and the role Purview can play for end-to-end protection.
We also cover news about MFA access to the Azure Portal (Important), PostgreSQL, Entra ID and Windows authn metadata, Backup Vaults, Conditional Access Policy, ADFS, and Azure Container Apps.

Links

• Transcript
• Update on MFA requirements for Azure sign-in
• Azure Policy Support is Generally Available for PostgreSQL Flexible Server
• Authenticating Microsoft Entra ID using windows principal metadata - Public Preview
• Generally Available: Encryption using Customer Managed Keys for Backup Vaults
• Common Conditional Access policy: Block access for users with insider risk
• Use AD FS application migration to move AD FS apps to Microsoft Entra ID
• Generally Available: Support for Azure Key Vault certificates in Azure Container Apps
• Public Preview: Managed identity support for scaling rules in Azure Container Apps

In this episode Michael and Gladys talk with guest Dave Weston  ( ) about Secure Future Initiative and the growing use of the Rust programming language at Microsoft. On the topic of Rust, Michael and Dave nerd out, and we make no apologies! Rust conversation starts at 13m:30s.

We also discuss Azure Security news about Defender for Cloud, Azure Bastion and Log Search.

Links

• Transcript
• Analyze recommendations with Copilot for Security
• Public preview: Azure Bastion Premium
• Log search alert rules using linked storage will require using a managed identity starting July 2024
• Security above all else—expanding Microsoft’s Secure Future Initiative
• Open-source Rust driver development platform
• Rust support for UEFI development through Project Mu
• Rust: Surface UEFI - Evolution in boot, security & device management to build an industry leading secure PC
• Microsoft Pluton Firmware ported to Rust @ TockWorld 7
• Comprehensive Rust
• The Rust Programming Language
• Circle Compiler
• C++ Safety with Herb Sutter
• Keynote: Safety, Security, Safety[sic] and C/C++[sic] - C++ Evolution - Herb Sutter - ACCU 2024
• C++ safety, in context
• David Weston Posts
• Arm memory tagging extension

In this episode Michael and Sarah talk with guest Richard Diver  ( ) about securing solutions that use AI and LLMs. Richard also talks about his new book on AI Security, and Michael and Richard talk about what it takes to write a book.
We also discuss Azure Security news about Chaos Studio, API Management, Azure Bastion, Front Door, AKS and Copilot for Security and lots more!

Links

• Transcript
• Generally Available: Azure Chaos Studio supports a new Pause Process fault for Windows virtual machines
• API Management: Circuit breaker
• General availability: Azure Bastion Developer SKU
• Azure Front Door log scrubbing of sensitive data is generally available
• Draft now supports best practices via deployment safeguards
• GA: Support for disabling Windows outboundNAT in AKS
• Public preview: Azure Firewall integration in Microsoft Copilot for Security
• Public preview: Azure Web Application Firewall (WAF) integration in Microsoft Copilot for Security
• Guardians of AI: Building innovation with safety and security (Richard's Book)
• Drawing Cybersecurity (Richard's Newsletter)
• Microsoft Security Development Lifecycle (SDL)
• Microsoft Build 2024 Session catalog
• Inside AI Security with Mark Russinovich
• Secure your AI application transformation with Microsoft Security
• Data Security Considerations for AI Adoption
• Fundamentals of AI safety and security
• How Microsoft Approaches AI Red Teaming

In this episode Michael, Sarah, and Mark talk with guest (and good friend of the podcast) Yuri Diogenes  ( ) about CNAPP - Cloud Native Applications Protection Platform and announce the release of a CNAPP e-book.
We also discuss Azure Security news about Azure SQL DB, Defender for Cloud, Data Box and Trusted Signing.

Links

• Transcript
• Public preview: Label-based access control for Azure SQL Database using Microsoft Purview policies
• Microsoft Defender for Cloud Adds Full Coverage for Azure Open-Source Relational Databases
• Azure Data Box Disk is now available with hardware encryption
• Trusted Signing is in Public Preview
• Introducing our CNAPP mastery e-book!
• Planning and Operationalizing Microsoft CNAPP

In this episode Michael, Sarah and Mark talk with guest Sherrod DeGrippo  ( ) Director of Threat Intelligence Strategy at Microsoft about the current state of Threat Intelligence.
We also discuss Azure Security news about Tampa BSides, Virtual Networks, Azure Database for MySQL and PostgreSQL, and SQL Server on Linux.

Links

• Transcript
• Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
• Azure Virtual Network Manager Security Admin Rule generally available in 45 regions
• Public Preview: Long-term retention for Azure Database for MySQL - Flexible Server
• General Availability: Azure Database for PostgreSQL - Flexible Server networking with Azure Private Link
• Enabling Azure Key Vault for SQL Server on Linux
• General availability: Azure Virtual Network encryption availability in all regions
• The Microsoft Threat Intelligence Podcast
• How Microsoft names threat actors
• Threat Intelligence Blog

In this episode Michael, Sarah and Mark talk with guest Ryan Munsch  ( ) about the newly released Copilot for Security.
We also discuss Azure Security news about Azure SQL DB, SSMS 20, Change Actor, Copilot for Azure SQL DB, Azure Container Apps, AI Prompt Shields, AI Groundedness Detection and BlueHat India and Israel.

Links

• Transcript
• Advance notifications for planned maintenance events in Azure SQL Database
• Introducing database watcher for Azure SQL
• Upcoming changes for SQL Server Management Studio (SSMS)
• Announcing the Public Preview of Change Actor
• Introducing Copilot in Azure SQL Database (Private Preview) | Data Exposed
• Public preview: Support for Key Vault Certificates in Azure Container Apps
• Generally Available: Free managed certificates on Azure Container Apps
• BlueHat Israel
• Application to Attend BlueHat India, May 16-17, 2024
• Quickstart: Prompt Shields (preview)
• Quickstart: Groundedness detection (preview)
• Microsoft Copilot for Security
• Get started with Microsoft Copilot for Security
• Copilot for Security Technical Resources
• Intro to Microsoft Copilot for Security webinar series
• Microsoft Copilot for Security - Videos
• The Shift from Models to Compound AI Systems

In this episode Michael, Sarah and Mark talk with guests Tony Rice  ( ) and David Ornstein about advances in Continuous SDL (Security Development Lifecycle).
We also discuss Azure Security news about Azure Key Vault, Cloud PKI, OAuth2, updated SQL Server password verifiers, Memory Safety and Azure SQL DB.

Links

• Transcript
• RSA Conference: You're Doing It Wrong! Common Security Anti Patterns
• BSides Tampa Agenda
• BSides Tampa Training & Workshops (Friday April 5th)
• Trusted launch (preview) for Azure Kubernetes Service (AKS)
• General availability: Improvements in Azure Key Vault
• Microsoft Cloud PKI launches as a new addition to the Microsoft Intune Suite
• Microsoft Cloud PKI
• Run a quick OAuth app audit of your tenant using this command and protect yourself
• MSIdentityTools
• Support for Iterated and Salted Hash Password Verifiers in SQL Server 2022 CU12
• Memory safety discussion
• C++ creator rebuts White House warning
• Microsoft Entra logins and users with nonunique display names (preview)
• Evolving Microsoft Security Development Lifecycle (SDL)

In this episode Michael and Sarah talk with guest Martin Abbott  ( ) about the Global Azure event that starts soon, https://globalazure.net/. We talk about how to successfully fill out a Call for Papers (CFP) so YOU can present to a global audience about security topics that interest you.
We also cover security news AI security, SQL Always Encrypted, SymCrypt and Rust, SQL Security Fundamentals, and free Security 101 material.

Links

• Transcript
• Global Azure 2024
• Global Azure Blog
• Global Azure Communities
• Always Encrypted with secure enclaves - Intel SGX vs VBS
• Rust crates for SymCrypt
• [Some] SQL Server and Azure SQL DB Security Fundamentals | Data Exposed
• (Preview) Defender for Cloud Compliance standards added to compliance dashboard
• Join us in 2024 — events to get your teams AI-ready
• Security-101
• Copilot L33t Sp34k
• Smashing The Stack For Fun And Profit

In this episode Michael talks with guest Rigel Carlson   ( ) about Azure Chaos Studio.
We also discuss Azure Security news about Midnight Blizzard and Michael has some advice about using Azure's DefaultAzureCredential()

Links

• Transcript
• Using DefaultAzureCredential() 1 of 2
• Using DefaultAzureCredential() 2 of 2
• Optimize app reliability with automated Load and Chaos testing
• Azure Chaos Studio
• Azure Chaos Studio fault and action library
• John Savill's Technical Training: Azure Chaos Studio
• Conf42 Chaos Engineering 2023 - Online
• Virtual network injection in Azure Chaos Studio
• Contoso Traders - Cloud testing tools demo app
• Continuously validate your mission-critical workload
• Recommendations for designing a reliability testing strategy
• PRINCIPLES OF CHAOS ENGINEERING
• Security Chaos Engineering

In this episode Michael, Sarah and Mark talk with guests Dr. Amanda Minnich ( ) and Pete Bryan ( ) about AI Red Teaming.
We also discuss Azure Security news about Azure SQL DB, Trusted VMs, NetApp Files, Azure Load Testing and Front Door. Mark covers further details about Zero Trust and the CISO Workshop.

Links

• Transcript
• What's new in security for Azure SQL and SQL Server
• Private Preview: Upgrade existing Azure Gen1 VMs to Gen2-Trusted launch
• General Availability: Premium SSD v2 and Ultra disks support with Trusted launch
• General Availability: Azure Virtual Network encryption
• General Availability: Customer-managed keys for Azure NetApp Files volume encryption
• Azure Load Testing supports fetching secrets from Azure Key Vault with access restrictions (private AKV)
• General availability: Security Update for Azure Front Door WAF CVE-2023-50164
• Security Adoption Resources
• New Microsoft Incident Response guides help security teams analyze suspicious activity
• Frequently asked questions about Microsoft Copilot for Azure in Cosmos DB (preview)
• Exam AI-900: Microsoft Azure AI Fundamentals
• Microsoft Responsible AI Standard, V2
• Microsoft AI Red Team building future of safer AI
• Planning red teaming for large language models (LLMs) and their applications
• MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems)
• How Johnny Can Persuade LLMs to Jailbreak Them
• Microsoft’s AI Red Team Has Already Made the Case for Itself
• Researchers Discover New Vulnerability in Large Language Models
• Embrace The Red
• Prompt Engineering Guide
• NIST Identifies Types of Cyberattacks That Manipulate Behavior of AI Systems
• Tree of Attacks: Jailbreaking Black-Box LLMs Automatically
• LLM Data Security Best Practices
• Comprehensive Guide to Large Language Model (LLM) Security
• Make Gandalf reveal the secret password
• Jailbreak Chat

In this episode Michael, Sarah, Gladys and Mark discuss what is top of mind as we draw to the end of 2023. Topics include what work we've done over the year, as well as items from Ignite. There's also a discsussion of EQ and IQ and a different sign-off! See you all in 2024!

Links

• Transcript
• Microsoft Ignite Book of News
• CodeQL
• Tree of Attacks: Jailbreaking Black-Box LLMs Automatically
• Designing and Developing Secure Azure Solutions (Developer Best Practices)
• Microsoft Azure Security: Bewährte Methoden, Prozesse und Grundprinzipien für das Entwerfen und Entwickeln sicherer Anwendungen in der Cloud (Best Practices) (German Edition)
• Zero Trust Overview and Playbook Introduction: Guidance for business, security, and technology leaders and practitioners
• Exam Ref SC-100 Microsoft Cybersecurity Architect
• 'In the Long Run, EQ Trumps IQ': Microsoft CEO Satya Nadella Tells Students
• Announcing Microsoft Secure Future Initiative to advance security engineering
• Give security teams an edge with Microsoft Security Copilot
• Dogs Make Fine Companions for Cheetahs at San Diego Zoo
• Making end to end security real | Ignite BRK267H
• Security Advocacy Shouldn't Be for Security Professionals: How the Industry Misses the Mark.
• Strengthening identity protection in the face of highly sophisticated attacks
• Identify and remediate attack paths
• Microsoft AI Tour
• Artificial intelligence (AI) shared responsibility model

In this episode Michael talks with guests Sharath Unni  ( ) and Raul Garcia  ( ) about securing Azure SQL DB, SQL MI and SQL Server through the eyes of an attacker.

Links

• Transcript
• Tutorial: Signing Stored Procedures with a Certificate
• CodeQL Rule for C#: SQL query built from user-controlled sources
• An overview of Azure SQL Database and SQL Managed Instance security capabilities
• Overview of Microsoft Defender for Azure SQL
• Protect your databases with Defender for Databases
• Azure security baseline for Azure SQL
• The Protection of Information in Computer Systems

In this episode Michael talk with colleagues Pieter Vanhove  ( ) and Mirek Sztajno about recent updates to Always Encrypted and Transparent Data Encryption (TDE) in SQL Server 2022 and Azure SQL DB.

Links

• SGX Enclaves
• VBS Enclaves
• Always Encrypted with secure enclaves
• TDE with database-level CMK now generally available for Azure SQL Database
• Transparent data encryption (TDE) with customer-managed keys at the database level
• Identity and key management for TDE with database level customer-managed keys
• Cross-tenant customer-managed keys with transparent data encryption
• Configure geo replication and backup restore for transparent data encryption with database level customer-managed keys

In this episode Michael talks with guest Nikhil Kumar  ( ) and our own Mark Simos about a new book they have co-authored named "Zero Trust Playbook Series Zero Trust Overview and Playbook Introduction: Actionable Guidance for Business, Security, and Technology Leaders and Practitioners."

Links

• Transcript
• Zero Trust Playbook Series Zero Trust Overview and Playbook Introduction: Actionable Guidance for Business, Security, and Technology Leaders and Practitioners
• [Save 20%]
• Zero Trust Reference Model
• Zero Trust Commandments

In this episode Michael and Sarah talk with guest Madeline Eckert  ( ) about Security Bug Bounties.
We also discuss Azure Security news about SQL Server 2022, Azure certificate changes, TLS 1.0 and 1.1 deprecation, GitHub security scanning, Ransomeware defenses, Zero Trust and more; and by 'more' we mean lock-picking!

Links

• Transcript
• Azure Defenses for Ransomware Attack
• Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
• SQL Server 2022 Common Criteria
• General Availability: GitHub Advanced Security for Azure DevOps
• Upcoming Certificate Changes Impacting Direct Routing Users
• TLS 1.0 and TLS 1.1 soon to be disabled in Windows
• Hack The Box
• NahamSec
• MIT Guide To Lock Picking

In this episode Michael, Sarah, Gladys and Mark talk with guest Roberto Rodriguez  ( ) about attack simulation, Cloud Katana and AI.
We also discuss Azure Security news about Azure SQL DB, Azure Key Vault, Cosmos DB, Trusted Launch VMs, Azure Artifacts, Zero Trust, Windows and TLS and Entra ID.

Links

• Transcript
• Use Azure Key Vault to securely store and retrieve access key when mounting Azure Storage as a local share in App Service
• Configure customer-managed keys on existing Cosmos DB accounts
• Trusted launch as default for VMs deployed through the Azure portal
• Azure Container Apps supports environment level mTLS encryption
• Delegating permission management using Roles vs WITH GRANT OPTION
• Introducing Azure Artifacts support for Rust Crates
• What is Block T-SQL CRUD feature?
• What are protected actions in Azure AD?
• TLS 1.0 and TLS 1.1 soon to be disabled in Windows
• The Open Group Summit
• Zero Trust Commandments
• Cloud-Katana (GitHub)
• Cloud Katana (Jupyter Notebook and other Docs)
• SimuLand: Understand adversary tradecraft and improve detection strategies
• Some abbreviations used: TI == Threat Intel, C2 == Command and Control

In this episode Michael and Sarah with guest Miriam Wiesner  ( ) about her new book, "PowerShell Automation and Scripting for Cybersecurity" which comes out soon.

We also discuss Azure Security news about: Azure SQL DB Always Encrypted improvements, Azure SQL Managed Instance, App Gateway for Containers and Bring your own Key for AKS Ephemeral Disks.

Links

• Transcript
• Always Encrypted Wizard now supports secure enclaves and in-place encryption
• Always Encrypted with secure enclaves – DC-series databases with up to 40 vCores
• Azure Private Link for Azure SQL Managed Instance
• Public preview: Azure Application Gateway for Containers
• Public preview: Bring your own key on Ephemeral OS disk for AKS
• PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers (Use 20MIRIAM at checkout)
• Packt Publishing
• Packt SecPro

In this episode Michael and Mark talk with Microsoft Security MVP Truls Dahlsveen  ( ) about modern security strategy. Actually, Mark and Truls mainly do the talking :)
We also discuss Azure Security news about Application Gateway TLS policy, Defender for IoT and the Zero Trust Commandments.

Links

• Transcript
• Zero Trust Commandments
• Updated default TLS policy for Azure Application Gateway
• Public Preview: Firmware analysis in Defender for IoT
• Preview: Azure Boost
• Truls' Security Automation Blog
• Field notes on security strategy
• Microsoft Security Insights
• Microsoft EMS Community

In this special episode Michael talks to prior podcast guest and Azure SQL DB colleague Sravani Saluru  ( ) about how to configure, monitor and manage audit logging in Azure SQL Database. She also shares some inside hints and tips!

Links

• Transcript
• Configure Auditing for Azure SQL Database series - Part1
• Configure Auditing for Azure SQL Database series - Part2
• Auditing for Azure SQL Database and Azure Synapse Analytics
• View a SQL Server Audit Log
• sys.fn_get_audit_file

In this episode Michael and Sarah talk with guest Matt Zorich  ( ) about Microsoft's Incident Reponse process and services.
We also discuss Azure Security news about Azure Monitor RBAC and some Web Application Firewall (WAF) updates.

Links

• Transcript
• Public Preview: Azure Monitor Logs improved table-level RBAC
• Public preview: Sensitive Data Protection for Application Gateway Web Application Firewall logs
• Public Preview: Default Rule Set 2.1 for Regional WAF with Application Gateway
• Microsoft Incident Response
• Why the cyber resilience bell curve matters
• Microsoft Digital Defense Report 2022