The Azure Security Podcast  

In this episode Michael, Sarah, Gladys and Mark talk with guest Mark Wryter ( ) about agentic identity, what it is, why it matters, and how to secure it.
We also discuss Azure Security news about the Microsoft AI Tour, Azure Database for PostgresSQL, Azure MCP Server for Azure Confidential Ledger, Application Gateway, FIPS 140-2 and TLS, Outbound internet access from VMs, Azure NetApp Files and Ransomware protection and Azure Cosmos DB Mirroring.

Links

• Transcript
• SECURITY ROLES AND GLOSSARY
• Microsoft AI Tour
• Generally Available: The credcheck extension in Azure Database for PostgreSQL Flexible Server
• Generally Availaible: Azure MCP Server support for Azure confidential ledger
• Generally Available: FIPS compliant mode for Application Gateway V2 SKUs
• Update: The retirement date for default outbound access has been extended to March 31, 2026.
• Public Preview: Azure NetApp Files advanced ransomware protection
• Public Preview: Azure Cosmos DB Mirroring with Private Endpoints

In this episode Michael, Sarah and Mark talk about the Microsoft Ignite 2025 conference and the topics we found of interest about security. Inlcuding Post Quantum crypto, Bitlocker and heaps of AI security related items.

Links

• Transcript
• Microsoft Ignite 2025 Book of News
• Learn about Security Copilot inclusion in Microsoft 365 E5 subscription
• Ignite 2025 Session catalog
Sarah's career advice prompt: Act like a professional career coach, someone who’s been in my corner for a long time—who’s seen my wins, my struggles, and my patterns. I ask for honesty, not comfort. Based on everything you know from our past interactions, my mails and team chats, tell me 10 things I need to hear right now that will help me in the long run. For each one, explain why you’re saying it, link it directly to a pattern, habit, strength, or struggle you’ve seen in me before. Be honest. Be direct. Be specific.

In this episode Michael and Sarah talk with co-host Mark Simos ( ) about new material from The Open Group. It's a long episode but worth it!
We also discuss Azure Security news about Private Endpoints, Azure Front Door, Azure WAF CAPTCHA, Azure Sphere, Private Link Service Direct Connect, Azure Integrated HSM, Azure Firewall pre-scaling and observed capacity metric, and Microsoft Ignite.

Links

• Transcript
• Generally Available: High Scale Private Endpoints
• Public Preview: Signed request on Azure Front Door
• Generally Available: Azure WAF CAPTCHA Challenge for Azure Front Door
• Generally Available: Azure Sphere OS version 25.10 is now available for evaluation
• Public Preview: Private Link Service Direct Connect
• Public Preview: Azure Integrated HSM
• Generally Available: Prescaling in Azure Firewall
• Generally Available: Observed capacity metric in Azure Firewall
• Welcome to Microsoft Ignite—happening now!
• Security Roles and Glossary
• SECURITY ROLES AND GLOSSARY - PART 1: INTRODUCTION AND DEFINITIONS
• SECURITY ROLES AND GLOSSARY - PART 2: ROLES IMPLEMENTATION
• SECURITY ROLES AND GLOSSARY - PART 3.1: ROLES AND ACCOUNTABILITIES FOR ORGANIZATIONAL LEADERSHIP AND GOVERNANCE
• SECURITY ROLES AND GLOSSARY PART 3.2: ROLES AND RESPONSIBILITIES FOR SECURITY OPERATIONS (SECOPS/SOC)

In this episode Michael talks with guest Merill Fernando ( ) about the Zero Trust Workshop, but we also spend time talking about all things identity! Merill's final thought is pure gold.
The only Azure Security news item is about Azure SQL DB and TDE.

Links

• Transcript
• Everything you need to know about TDE key management for database restore
• Microsoft Zero Trust Workshop
• Merill's Blog
• Entra.News - Your weekly dose of Microsoft Entra

In this episode Michael, Sarah and Mark talk with guest Ryen Macababbad, ( ) Principal Security Program Manager at Microsoft about her current work on standardizing security terminology and taxonomy across Microsoft. Also, how getting terminology right is important to security, especially for those with neurodiverse conditions, such as autism.
We also discuss Azure Security news about the Microsoft AI Tour Sarah is doing, Cosmos DB, and Michael goes on a rant about TLS certificate checking.

Links

• Transcript
• Microsoft AI Tour
• Updated version of the Access and Identity module of the Security Adoption Framework (SAF)
• AI antipatterns and best practices
• Generally Available: Azure Cosmos DB for MongoDB (vCore) encryption with customer-managed key
• Generally Available: Backend TLS validation controls in Azure Application Gateway
• Generally Available: Azure Databricks automatic identity management

In this episode Michael and Mark talk with guest Mark Russinovich ( ) Technical Fellow, Deputy CISO and Chief Technology Officer of Microsoft Azure about quantum computing and its implications for security and the future.
We decided to not cover any Azure Security news in this episode.

Links

• Transcript
• Quantum-safe security: Progress towards next-generation cryptography
• Post-quantum resilience: building secure foundations
• EPISODE 18 - Scott & Mark Learn To… Self-Promotion
• What Is Superposition and Why Is It Important?
• What is Azure Quantum?
• Microsoft's quantum-resistant cryptography is here
• SymCrypt
• Famous double-slit experiment holds up when stripped to its quantum essentials
• Welcome to the Official Site of Richard Feynman
• The Feynman Lectures on Physics, Volume III quantum mechanics
• First sighting of mysterious Majorana fermion on a common metal
• Microsoft unveils Majorana 1, the world's first quantum processor powered by topological qubits
• Majorana 1 Explained: The Path to a Million Qubits
• Scientists used AI to build a low-lithium battery from a new material that took just hours to discover
• Caliptra Root of Trust
• Michael's Github Repo: Agile Crypto using metadata
• Michael's Github Repo: Agile Crypto using version numbers
• SQL Server Always Encrypted cryptography
• EncryptionInfo Stream (Agile Encryption)
• Microsoft Excel Workbook Encryption