The Azure Security Podcast  

Links

• Transcript
• .NET Rocks: Thirty Years of Application Security with Michael Howard
• CodeQL support for Rust now in public preview
• Passkey support for ASP.NET Core identity
• Public Preview: Roslyn Analyzer for Durable Functions in .NET isolated
• Private Preview: DCesv6 and ECesv6 series confidential VMs with Intel® TDX
• Public Preview: Azure Cosmos DB for MongoDB (vCore) encryption with customer-managed key
• Generally Available: Private Application Gateway on Azure Application Gateway v2
• Public Preview: Confidential VMs for Azure Linux
• Generally Available: Network security perimeter
• Safeguarding VS Code against prompt injections
• The first known AI-powered ransomware
• Welcome to QRiskTree Editor!
• Public Preview: Azure Bastion now supports connectivity to private AKS clusters via tunneling
• Generally Available: App Service Inbound IPv6 Support
• Generally Available: Confidential VMs for Ubuntu 24.04 in AKS
• Generally Available: Deployment safeguards in AKS
• Public Preview: Web Application Firewall on Application Gateway for Containers
• Public Preview: AKS Model Context Protocol (MCP) server
• Public Preview : Azure Bastion integration with AKS
• Generally Available: AKS Security Dashboard
• Keys or tokens for authorization?
• What's your worst security related coding mistake?
• AI content safety filter high or low?
• How do you stay on top of new security issues?
• Security test your AI app or leave it to someone else?
• What's the best piece of advice you've received about coding securely? (Funny at the end!)
• Have you ever pushed a hard-coded key to a repo?
• Do you copy and paste random code snippets into your apps?
• What's the number one piece of advice you can give developers about security?
• Do you security check AI models you pull from online repos?: Developer Security Quick Fire Questions
• Family Gaming Guide
• Balancing Creativity with Cybersecurity in Game Development
• The Impact of Cybersecurity on Game Development
• Best Security Practices in Game Development

Links

• Transcript
• What is Microsoft Sentinel data lake (preview)?
• Understand medallion lakehouse architecture for Microsoft Fabric with OneLake
• Microsoft Entra ID authentication to connect to Azure Database for PostgreSQL from Power BI Desktop
• Azure Managed Lustre now supports Virtual Network (VNet) Encryption
• Azure Cloud HSM
• How to choose the right Azure key management solution
• Application Gateway for Containers now supports Web Application Firewall (WAF)
• Do you security check AI models you pull from online repos?: Developer Security Quick Fire Questions
• Data Security module of the Security Adoption Framework
• Security Roles and Responsibilities
• The Open Group - Roles and Glossary
• People Matter - Security Operations Roles
• Does your organization formalize security experts as a powerless scapegoat?
• Was it really a “Breach“? Really? (Glossary)

Links

• Transcript
• Azure Firewall FQDN filtering
• Azure Firewall Draft + Deployment (preview)
• OpenTelemetry support in Azure Functions
• Azure Front Door standard and premium profiles now support managed certificate for wildcard domains
• What is container network logs (preview)?
• Security Architecture: What It Is, Why Bother, and How To Do It
• Data Security module of the Security Adoption Framework (SAF)
• Blame vs. Accountability
• Security is a team sport across the organization
• Get started with the Model Context Protocol (MCP)
• Den's Blog
• The New MCP Authorization Specification

Links

• Transcript
• Deploying an end-to-end secure AI application
• Reflections on 25 years of Writing Secure Code
• Demystifying Azure Private Link: Benefits, Pitfalls & Best Practices
• The future of AI agents—and why OAuth must evolve
• Understanding and mitigating security risks in MCP implementations
• What's new in SQL Server 2025 Preview

Links

• Transcript
• Entra Domain Services customers who are using TLS 1.0 and 1.1 need to migrate to 1.2 by August 31, 2025
• Public Preview: Continuous patching in Azure Container Registry
• Azure Virtual Network Manager high-scale private endpoints in connected groups is now in public preview
• Understanding and mitigating security risks in MCP implementations
• Protecting against indirect prompt injection attacks in MCP
• Empowering multi-agent apps with the open Agent2Agent (A2A) protocol
• The Open Group Security Forum
• Clarity From Confusion: Security And Zero Trust Standards To Connect And Organize Security
• People Matter - Security Operations Roles
• Disrupting Nation State Hackers
• Lazarus Group
• The Untold Story of NotPetya, the Most Devastating Cyberattack in History
• Stuxnet

Links

• Transcript
• Improve the security of Generation 2 VMs via Trusted Launch in Azure DevTest Labs
• Virtual network TAP
• Configure cross-tenant customer-managed keys for Azure NetApp Files volume encryption (preview)
• Azure Front Door Web Application Firewall CAPTCHA (preview)
• Announcing open public preview of inbound private endpoint for Standard v2 tier of API Management
• Azure Firewall integration in Microsoft Security Copilot
• Why It's Time to Migrate from System.Data.SqlClient to Microsoft.Data.SqlClient
• Securing our future: April 2025 progress report on Microsoft’s Secure Future Initiative
• New: Versionless CMK in Azure Database for PostgreSQL
• RSA Conference 2025: Security Copilot Agents now in preview
• Microsoft Security Copilot
• Microsoft Security Copilot Blog

Links

• Transcript
• Secure Future Initiative: Tech Tips
• Azure File Sync support for managed identities
• Retirement: Docker Content Trust on March 31, 2028
• Michael joking about Bogosort
• Zero Trust Agent (ZTA) Framework for Multi-Agent Collaboration
• AI Agents Under Threat: A Survey of Key Security Challenges and Future Pathways
• Security of AI Agents
• Context is Key for Agent Security
• AGENTPOISON: Red-teaming LLM Agents via Poisoning Memory or Knowledge Bases
• Technical Blog: Strengthening AI Agent Hijacking Evaluations
• Agentic AI - Threats and Mitigations
• Microsoft Responsible AI Standard, v2
• Agentic Autonomy Levels and Security
• MemGPT: Towards LLMs as Operating Systems
• Magma: A Foundation Model for Multimodal AI Agents
• Magentic-One: A Generalist Multi-Agent System for Solving Complex Tasks
• AgentPoison: Red-teaming LLM Agents via Poisoning Memory or Knowledge Bases
• Agentic Systems: A Guide to Transforming Industries with Vertical AI Agents

Links

• Transcript
• Boost Security with API Security Posture Management
• Azure Key Vault Premium, featuring FIPS 140 Level 3 Hardware Security Modules (HSMs), is accessible in China.
• Service principal support for Fabric Data Warehouse
• Azure Data Studio Retirement
• Avoid granting super privileges like Directory.ReadWrite.All and User.ReadWrite.All to apps
• Block Device Code Flow in Microsoft Entra ID Conditional Access
• Azure Updates for TLS
• DNSSEC overview
• February 2025: A look at the latest Microsoft Entra key feature releases, announcements, and updates

Links

• Transcript
• 3 takeaways from red teaming 100 generative AI products
• Enhanced Server Audit for Azure SQL Database: Greater Performance, Availability and Reliability
• Azure - Compliance Offerings (January 2025)
• New Star Blizzard spear-phishing campaign targets WhatsApp accounts
• New Microsoft guidance for the CISA Zero Trust Maturity Model
• Secure Generative AI with Microsoft Entra
• Least Privilege in 2025 with Bailey Bercik

Links

• Transcript
• Configure the minimum TLS version for an Event Grid topic or domain
• Accelerated logs feature in Azure Database for MySQL - Flexible Server
• Service endpoint policies for Azure Storage now generally available in SQL Managed Instance subnets
• Still doing 'scan and shame' vulnerability management?
• Azure Confidential Ledger is now SOC 2 Type II compliant
• What's new in Defender for Cloud features
• Secure Generative AI with Microsoft Entra

Links

• Transcript
• MVP Global Summit 2024: Learn, Connect, and Share
• Purview deployment models
• Address internal oversharing concerns in Microsoft 365 Copilot deployment blueprint
• Zero Trust Reference Model
• Asset-Centric Security Operations
• Security metrics
• Maturity models

Links

• Transcript
• MICROSOFT IGNITE 2024 BOOK OF NEWS
• Securing AI and Cloud with the Zero Day Quest
• Microsoft Ignite 2024: Embracing the future of Windows at work
• Security Innovation to Strengthen Cyber Defense in the Age of AI
• Prepare your data for Microsoft Copilot with new tools
• What's New in Windows Security Productivity and Cloud
• Inside Azure innovations with Mark Russinovich
• /hotpatch (Create Hotpatchable Image)
• Announcing Zero Trust DNS Private Preview
• Zero Trust Overview and Playbook Introduction: Guidance for business, security, and technology leaders and practitioners
• Making Zero Trust Real: Top 10 Security Controls you can implement now

Links

• APIs for Managed Private Endpoint are now available
• Retirement: Support for TLS 1.0/1.1 in Application Insights Availability Tests will be retired
• Retirement: Update on retirement of TLS 1.0 and TLS 1.1 versions for Azure Services
• Transcript
• Microsoft Zero Trust Workshop
• Maester
• akaSearch
• Microsoft 365 Message Center Archive
• Refined Microsoft Learn
• Entra.News - Your weekly dose of Microsoft Entra
• Graph X-Ray :Beta
• MSIdentityTools
• idPowerApp
• Azure AD Assessment Guide
• EntraExporter
• Microsoft Graph Permissions Explorer
• Microsoft Ignite
• Support for FIDO2 authentication with Microsoft Entra ID
• Public Preview: Confidential Containers now in preview on Azure Red Hat OpenShift
• Making Zero Trust Real: Top 10 Security Controls you can implement now
• SECURITY PRINCIPLES FOR ARCHITECTURE
• ZERO TRUST COMMANDMENTS
• Zero Trust Overview and Playbook Introduction: Guidance for business, security, and technology leaders and practitioners

Links

• Transcript
• BLUEHAT 2024
• Bluehat on Youtube
• The BlueHat Podcast (Apple)
• The Bluehat Podcast (Spotify)

Links

• Transcript
• Public Preview: Azure Database for PostgreSQL – Flexible Server—support for postgresql_anonymizer extension version 1.3.2
• Generally Available: Dedicated gateway RBAC support and a new request option
• Public Preview: Azure Virtual Network IP address management
• Announcing Text PII Redaction Container Release
• Public Preview: Evaluations for indirect prompt injection attacks in Azure AI Studio
• Public Preview: Evaluations for protected material (text) in Azure AI Studio
• Youtube: Microsoft Security Response Center (MSRC)
• BlueHat Oct 23. S22: Security Content: Stop Flexing and Start Helping

Links

• Transcript
• Securing our future: September 2024 progress update on Microsoft’s Secure Future Initiative (SFI)
• Announcing mandatory multi-factor authentication for Azure sign-in
• Microsoft Entra Internet Access now generally available
• Managed Identity support for WordPress on App Service
• Manage NSG association on Subnets via Azure Policy
• Retirement: SQL Insights (preview)
• Public Preview: Entra ID support for SSH connections in portal
• Secure & scalable quick starts for Azure Functions using Azure Developer CLI
• Microsoft Ignite Sold Out? Not for Security Professionals! Secure Your Spot
• Build and secure your apps with Azure App Service and Defender for Cloud
• Public Preview: Advanced Container Networking Services: Enhancing security and observability in AKS
• Public Preview: Announcing Azure Monitor Metrics Export in public preview
• Generally Available: FIPS mutability support in AKS
• Microsoft Trustworthy AI
• Announcing the public preview of Hybrid Azure AI Content Safety (AACS)
• AADInternals

Links

• Transcript
• Retirement: Upcoming TLS changes for Azure Event Grid
• Generally Available: Double encryption at-rest for Azure NetApp Files
• Generally Available: Azure Chaos Studio supports a new Network Isolation fault for virtual machines
• Public Preview: FIPS mutability support in AKS
• Security Principles for Architecture
• Zero Trust Commandments
• Zero Trust Overview and Playbook Introduction: Guidance for business, security, and technology leaders and practitioners
• GHOST jobs

Our Stories

Funny Stories

Career Advice

Future

Behind the Scenes

Links

• Transcript

Links

• Transcript
• Update on MFA requirements for Azure sign-in
• Azure Policy Support is Generally Available for PostgreSQL Flexible Server
• Authenticating Microsoft Entra ID using windows principal metadata - Public Preview
• Generally Available: Encryption using Customer Managed Keys for Backup Vaults
• Common Conditional Access policy: Block access for users with insider risk
• Use AD FS application migration to move AD FS apps to Microsoft Entra ID
• Generally Available: Support for Azure Key Vault certificates in Azure Container Apps
• Public Preview: Managed identity support for scaling rules in Azure Container Apps

Links

• Transcript
• Analyze recommendations with Copilot for Security
• Public preview: Azure Bastion Premium
• Log search alert rules using linked storage will require using a managed identity starting July 2024
• Security above all else—expanding Microsoft’s Secure Future Initiative
• Open-source Rust driver development platform
• Rust support for UEFI development through Project Mu
• Rust: Surface UEFI - Evolution in boot, security & device management to build an industry leading secure PC
• Microsoft Pluton Firmware ported to Rust @ TockWorld 7
• Comprehensive Rust
• The Rust Programming Language
• Circle Compiler
• C++ Safety with Herb Sutter
• Keynote: Safety, Security, Safety[sic] and C/C++[sic] - C++ Evolution - Herb Sutter - ACCU 2024
• C++ safety, in context
• David Weston Posts
• Arm memory tagging extension

Links

• Transcript
• Generally Available: Azure Chaos Studio supports a new Pause Process fault for Windows virtual machines
• API Management: Circuit breaker
• General availability: Azure Bastion Developer SKU
• Azure Front Door log scrubbing of sensitive data is generally available
• Draft now supports best practices via deployment safeguards
• GA: Support for disabling Windows outboundNAT in AKS
• Public preview: Azure Firewall integration in Microsoft Copilot for Security
• Public preview: Azure Web Application Firewall (WAF) integration in Microsoft Copilot for Security
• Guardians of AI: Building innovation with safety and security (Richard's Book)
• Drawing Cybersecurity (Richard's Newsletter)
• Microsoft Security Development Lifecycle (SDL)
• Microsoft Build 2024 Session catalog
• Inside AI Security with Mark Russinovich
• Secure your AI application transformation with Microsoft Security
• Data Security Considerations for AI Adoption
• Fundamentals of AI safety and security
• How Microsoft Approaches AI Red Teaming

Links

• Transcript
• Public preview: Label-based access control for Azure SQL Database using Microsoft Purview policies
• Microsoft Defender for Cloud Adds Full Coverage for Azure Open-Source Relational Databases
• Azure Data Box Disk is now available with hardware encryption
• Trusted Signing is in Public Preview
• Introducing our CNAPP mastery e-book!
• Planning and Operationalizing Microsoft CNAPP

Links

• Transcript
• Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
• Azure Virtual Network Manager Security Admin Rule generally available in 45 regions
• Public Preview: Long-term retention for Azure Database for MySQL - Flexible Server
• General Availability: Azure Database for PostgreSQL - Flexible Server networking with Azure Private Link
• Enabling Azure Key Vault for SQL Server on Linux
• General availability: Azure Virtual Network encryption availability in all regions
• The Microsoft Threat Intelligence Podcast
• How Microsoft names threat actors
• Threat Intelligence Blog

Links

• Transcript
• Advance notifications for planned maintenance events in Azure SQL Database
• Introducing database watcher for Azure SQL
• Upcoming changes for SQL Server Management Studio (SSMS)
• Announcing the Public Preview of Change Actor
• Introducing Copilot in Azure SQL Database (Private Preview) | Data Exposed
• Public preview: Support for Key Vault Certificates in Azure Container Apps
• Generally Available: Free managed certificates on Azure Container Apps
• BlueHat Israel
• Application to Attend BlueHat India, May 16-17, 2024
• Quickstart: Prompt Shields (preview)
• Quickstart: Groundedness detection (preview)
• Microsoft Copilot for Security
• Get started with Microsoft Copilot for Security
• Copilot for Security Technical Resources
• Intro to Microsoft Copilot for Security webinar series
• Microsoft Copilot for Security - Videos
• The Shift from Models to Compound AI Systems

Links

• Transcript
• RSA Conference: You're Doing It Wrong! Common Security Anti Patterns
• BSides Tampa Agenda
• BSides Tampa Training & Workshops (Friday April 5th)
• Trusted launch (preview) for Azure Kubernetes Service (AKS)
• General availability: Improvements in Azure Key Vault
• Microsoft Cloud PKI launches as a new addition to the Microsoft Intune Suite
• Microsoft Cloud PKI
• Run a quick OAuth app audit of your tenant using this command and protect yourself
• MSIdentityTools
• Support for Iterated and Salted Hash Password Verifiers in SQL Server 2022 CU12
• Memory safety discussion
• C++ creator rebuts White House warning
• Microsoft Entra logins and users with nonunique display names (preview)
• Evolving Microsoft Security Development Lifecycle (SDL)

Links

• Transcript
• Global Azure 2024
• Global Azure Blog
• Global Azure Communities
• Always Encrypted with secure enclaves - Intel SGX vs VBS
• Rust crates for SymCrypt
• (Preview) Defender for Cloud Compliance standards added to compliance dashboard
• Join us in 2024 — events to get your teams AI-ready
• Security-101
• Copilot L33t Sp34k
• Smashing The Stack For Fun And Profit

Links

• Transcript
• Using DefaultAzureCredential() 1 of 2
• Using DefaultAzureCredential() 2 of 2
• Optimize app reliability with automated Load and Chaos testing
• Azure Chaos Studio
• Azure Chaos Studio fault and action library
• John Savill's Technical Training: Azure Chaos Studio
• Conf42 Chaos Engineering 2023 - Online
• Virtual network injection in Azure Chaos Studio
• Contoso Traders - Cloud testing tools demo app
• Continuously validate your mission-critical workload
• Recommendations for designing a reliability testing strategy
• PRINCIPLES OF CHAOS ENGINEERING
• Security Chaos Engineering

Links

• Transcript
• What's new in security for Azure SQL and SQL Server
• Private Preview: Upgrade existing Azure Gen1 VMs to Gen2-Trusted launch
• General Availability: Premium SSD v2 and Ultra disks support with Trusted launch
• General Availability: Azure Virtual Network encryption
• General Availability: Customer-managed keys for Azure NetApp Files volume encryption
• Azure Load Testing supports fetching secrets from Azure Key Vault with access restrictions (private AKV)
• General availability: Security Update for Azure Front Door WAF CVE-2023-50164
• Security Adoption Resources
• New Microsoft Incident Response guides help security teams analyze suspicious activity
• Frequently asked questions about Microsoft Copilot for Azure in Cosmos DB (preview)
• Exam AI-900: Microsoft Azure AI Fundamentals
• Microsoft Responsible AI Standard, V2
• Microsoft AI Red Team building future of safer AI
• Planning red teaming for large language models (LLMs) and their applications
• MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems)
• How Johnny Can Persuade LLMs to Jailbreak Them
• Microsoft’s AI Red Team Has Already Made the Case for Itself
• Researchers Discover New Vulnerability in Large Language Models
• Embrace The Red
• Prompt Engineering Guide
• NIST Identifies Types of Cyberattacks That Manipulate Behavior of AI Systems
• Tree of Attacks: Jailbreaking Black-Box LLMs Automatically
• LLM Data Security Best Practices
• Comprehensive Guide to Large Language Model (LLM) Security
• Make Gandalf reveal the secret password
• Jailbreak Chat

Links

• Transcript
• Microsoft Ignite Book of News
• CodeQL
• Tree of Attacks: Jailbreaking Black-Box LLMs Automatically
• Designing and Developing Secure Azure Solutions (Developer Best Practices)
• Microsoft Azure Security: Bewährte Methoden, Prozesse und Grundprinzipien für das Entwerfen und Entwickeln sicherer Anwendungen in der Cloud (Best Practices) (German Edition)
• Zero Trust Overview and Playbook Introduction: Guidance for business, security, and technology leaders and practitioners
• Exam Ref SC-100 Microsoft Cybersecurity Architect
• 'In the Long Run, EQ Trumps IQ': Microsoft CEO Satya Nadella Tells Students
• Announcing Microsoft Secure Future Initiative to advance security engineering
• Give security teams an edge with Microsoft Security Copilot
• Dogs Make Fine Companions for Cheetahs at San Diego Zoo
• Making end to end security real | Ignite BRK267H
• Security Advocacy Shouldn't Be for Security Professionals: How the Industry Misses the Mark.
• Strengthening identity protection in the face of highly sophisticated attacks
• Identify and remediate attack paths
• Microsoft AI Tour
• Artificial intelligence (AI) shared responsibility model

Links

• Transcript
• Tutorial: Signing Stored Procedures with a Certificate
• CodeQL Rule for C#: SQL query built from user-controlled sources
• An overview of Azure SQL Database and SQL Managed Instance security capabilities
• Overview of Microsoft Defender for Azure SQL
• Protect your databases with Defender for Databases
• Azure security baseline for Azure SQL
• The Protection of Information in Computer Systems

Links

• SGX Enclaves
• VBS Enclaves
• Always Encrypted with secure enclaves
• TDE with database-level CMK now generally available for Azure SQL Database
• Transparent data encryption (TDE) with customer-managed keys at the database level
• Identity and key management for TDE with database level customer-managed keys
• Cross-tenant customer-managed keys with transparent data encryption
• Configure geo replication and backup restore for transparent data encryption with database level customer-managed keys

Links

• Transcript
• Zero Trust Playbook Series Zero Trust Overview and Playbook Introduction: Actionable Guidance for Business, Security, and Technology Leaders and Practitioners
• [Save 20%]
• Zero Trust Reference Model
• Zero Trust Commandments

Links

• Transcript
• Azure Defenses for Ransomware Attack
• Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report
• SQL Server 2022 Common Criteria
• General Availability: GitHub Advanced Security for Azure DevOps
• Upcoming Certificate Changes Impacting Direct Routing Users
• TLS 1.0 and TLS 1.1 soon to be disabled in Windows
• Hack The Box
• NahamSec
• MIT Guide To Lock Picking

Links

• Transcript
• Use Azure Key Vault to securely store and retrieve access key when mounting Azure Storage as a local share in App Service
• Configure customer-managed keys on existing Cosmos DB accounts
• Trusted launch as default for VMs deployed through the Azure portal
• Azure Container Apps supports environment level mTLS encryption
• Delegating permission management using Roles vs WITH GRANT OPTION
• Introducing Azure Artifacts support for Rust Crates
• What is Block T-SQL CRUD feature?
• What are protected actions in Azure AD?
• TLS 1.0 and TLS 1.1 soon to be disabled in Windows
• The Open Group Summit
• Zero Trust Commandments
• Cloud-Katana (GitHub)
• Cloud Katana (Jupyter Notebook and other Docs)
• SimuLand: Understand adversary tradecraft and improve detection strategies
• Some abbreviations used: TI == Threat Intel, C2 == Command and Control

Links

• Transcript
• Always Encrypted Wizard now supports secure enclaves and in-place encryption
• Always Encrypted with secure enclaves – DC-series databases with up to 40 vCores
• Azure Private Link for Azure SQL Managed Instance
• Public preview: Azure Application Gateway for Containers
• Public preview: Bring your own key on Ephemeral OS disk for AKS
• PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers (Use 20MIRIAM at checkout)
• Packt Publishing
• Packt SecPro

Links

• Transcript
• Zero Trust Commandments
• Updated default TLS policy for Azure Application Gateway
• Public Preview: Firmware analysis in Defender for IoT
• Preview: Azure Boost
• Truls' Security Automation Blog
• Field notes on security strategy
• Microsoft Security Insights
• Microsoft EMS Community

Links

• Transcript
• Configure Auditing for Azure SQL Database series - Part1
• Configure Auditing for Azure SQL Database series - Part2
• Auditing for Azure SQL Database and Azure Synapse Analytics
• View a SQL Server Audit Log
• sys.fn_get_audit_file

Links

• Transcript
• Public Preview: Azure Monitor Logs improved table-level RBAC
• Public preview: Sensitive Data Protection for Application Gateway Web Application Firewall logs
• Public Preview: Default Rule Set 2.1 for Regional WAF with Application Gateway
• Microsoft Incident Response
• Why the cyber resilience bell curve matters
• Microsoft Digital Defense Report 2022

Links

• Transcript
• Public Preview: Azure AD Support for Azure Files SMB shares REST API
• Generally available: Private Link support for Application Gateway
• Generally available: Managed Identities support for Capture in Event Hubs
• Introducing the Azure Linux container host for AKS
• NDC Conferences
• UNPROTECT [PROJECT]: Unprotect Malware for the Mass
• The Unprotect Project: Search Evasion Techniques
• Visual Threat Intelligence
• Using Python to unearth a goldmine of threat intelligence from leaked chat logs
• MSTIC Jupyter and Python Security Tools

Links

• Transcript
• Microsoft Build 2023: Announcing new identity, compliance, and security features from Microsoft Security
• Introducing Microsoft Security Copilot: Empowering defenders at the speed of AI
• Preview: Red Hat Enterprise Linux (RHEL) 9.2 support for AMD confidential VMs
• Public Preview: AMD confidential VM option for Azure Data Explorer (ADX)
• Azure Key Vault Access Configuration Update
• General availability: Confidential containers on Azure Container Instances (ACI)
• Ledger now in preview in Azure SQL Managed Instance
• Announcing Azure Content Safety
• Trial user guide: Microsoft Entra Permissions Management
• Looking at Entra Permissions Management to Manage Permissions Across AWS, GCP and Azure
• 2023 State of Cloud Permissions Risks report now published
• Microsoft Entra Permissions Management

Links

• Transcript
• Public Preview: Azure API Management and Microsoft Defender for APIs integration
• General availability: Inbound ICMPv4 pings are now supported on Azure Load Balancer
• Public Preview : Azure Cosmos DB for PostgreSQL Data Encryption with Customer Managed Keys
• SecOps Tools Strategy in 2023, Part 1
• Discovering internet-facing devices using Microsoft Defender for Endpoint
• Defend against DDoS attacks with Azure DDoS IP Protection
• What is the Azure Developer CLI (preview)?
• Discover misconfigurations in Infrastructure as Code (IaC)
• CPython Internals

Links

• Transcript
• Mark ordered pizza during the podcast!
• Preview: Introducing DCesv5 and ECesv5-series Confidential VMs with Intel TDX
• The Importance of TLS with SQL Server
• ScriptDOM .NET library for T-SQL parsing is now open source
• Auditing for Azure SQL Database and Azure Synapse Analytics
• The Cybdersecurity Alignment Paradox
• Microsoft Cybersecurity Reference Architectures
• MCRA Intro
• Announcing Public Preview of Microsoft Sentinel in Azure China 21Vianet
• Meet Twins Noushin And Negar Shabab Who Are Making Their Mark In Cybersecurity

Links

• Transcript
• Private Preview: Enable Trusted launch on your existing Azure Gen2 VMs
• Public Preview: Azure Chaos Studio is now available in Sweden Central region
• General availability: IP Protection SKU for Azure DDoS Protection
• Transparent data encryption (TDE) with customer-managed keys at the database level
• Public preview: Confidential containers on ACI
• What's new in Microsoft Sentinel
• SecOps Tools Strategy in 2023, Part 1
• Announcing Azure Firewall enhancements for troubleshooting network performance and traffic visibility
• How to use number matching in multifactor authentication (MFA) notifications - Authentication methods policy
• Configure a user-assigned managed identity to trust an external identity provider
• Exam Ref SC-100 Microsoft Cybersecurity Architect 1st Edition (Amazon)
• Exam Ref SC-100 Microsoft Cybersecurity Architect (Microsoft Press Store)
• Building a Career in Cybersecurity: The Strategy and Skills You Need to Succeed 1st Edition
• Microsoft Defender for DevOps Preview
• Identify and remediate attack paths
• Build queries with cloud security explorer
• What's new in Microsoft Defender for Cloud?
• Microsoft Defender for Cloud Blog
• Microsoft-Defender-for-Cloud/Labs/
• MDC monthly newsletter

Links

• Transcript
• Introducing Microsoft Security Copilot
• Configure disk encryption for Azure Cache for Redis instances using customer managed keys (preview)
• User Managed Identity support for Auditing Azure SQL Database is in Public Preview Now
• Built-in policies for Azure Monitor
• Generally available: Azure Private Link support for Inbound traffic in Azure API Management
• Azure Private Link for Azure SQL Managed Instance (Preview)
• Azure Maps is now HIPAA (Health Insurance Portability and Accountability Act) compliant
• Generally available: Encryption scopes on hierarchical namespace enabled storage accounts
• Generally Available: Durable Functions support of managed identity for Azure Storage
• Generally available: Immutable vaults for Azure Backup
• General availability: Ephemeral OS disks supports encryption at host using customer managed keys
• Introducing Microsoft Security Copilot
• What is Azure Policy?
• Resource selectors (preview)

Links

• Transcript
• Public preview: Login and TDE-enabled database migrations with Azure Database Migration Service
• Microsoft Defender for Cloud as Code (GitHub)

Links

• Transcript
• IPv6 Coming to Azure AD
• Repudiation Threats and ledger in Azure SQL Database/SQL Server
• How to use number matching in multifactor authentication (MFA) notifications - Authentication methods policy
• Workshop: SQL Server Security Ground to Cloud
• Exam Ref SC-100 Microsoft Cybersecurity Architect
• Security Operations Specializations
• Technical Teams

Links

• Transcript
• Preview: VBS Enclaves for Always Encrypted in Azure SQL Database
• Always Encrypted with secure enclaves documentation
• Tutorial: Getting started with Always Encrypted with secure enclaves in Azure SQL Database
• Always Encrypted
• Virtualization-based Security (VBS)
• Hyper-V Technology Overview
• (Michael mentioned this, nothing to do with VBS AE) Azure Confidential Computing on 4th Gen Intel Xeon Scalable Processors with Intel TDX

Links

• Transcript
• General availability: Trusted launch for Azure VMs in Azure for US Government regions
• What's new in Microsoft Sentinel
• Identify and remediate attack paths
• Cloud security explorer
• What's new in Microsoft Purview risk and compliance solutions
• Microsoft Purview compliance documentation
• Coast2Coast - MSFTAU
• Introducing Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

Links

• Transcript
• Summary of the 2022 Security Investments in Azure SQL and SQL Server 2022
• Generally available: Azure Active Directory authentication for SQL Server 2022
• Public Preview: Microsoft Purview access policies for SQL Server 2022
• General availability: Encryption using CMK for Azure Database for PostgreSQL - Flexible Server
• General availability: Azure AD authentication with Azure Database for MySQL - Flexible Server
• General availability: Azure Database for MySQL - Flexible Server data encryption with CMK
• General availability: Application security groups support for private endpoints
• The Chief Information Security Officer (CISO) Workshop Training
• Microsoft Cybersecurity Reference Architectures
• The immutable laws of security
• MCRA Intro
• Executive Order 14028: Improving the Nation's Cybersecurity
• Generating Software Bills of Materials (SBOMs) with SPDX at Microsoft
• Microsoft open sources its software bill of materials (SBOM) generation tool
• GitHub: sbom-tool
• GitHub: component-detection
• GitHub: Demo-for-Microsoft-SBOM-Tool

Links

• Transcript
• DISA releases the Microsoft Azure SQL Database Security Technical Implementation Guide
• Troubleshooting external data and access policies in Azure SQL and SQL Server
• SQL Server 2022 is now generally available
• Explore SQL Server 2022 capabilities
• What's new in SQL Server 2022
• What's new in SQL Server 2022: Security
• SQL Server 2022 demos
• Workshop: The SQL Server 2022 Workshop
• Introduction to SQL Server 2022

Links

• Transcript
• Azure Resource Manager — Migrating to TLS 1.2 with Deprecation of Outdated Security Protocols
• Azure Managed HSM TLS Offload Library
• General availability: TLS 1.3 with Application Gateway
• Azure SQL New Updates @ PASS Summit, November 2022 | Data Exposed Live (Security)(
• Data Exposed with Anna Hoffman
• Privileged access: Strategy

Links

• Transcript
• Public preview: Azure Front Door integration with managed identities
• Public preview: Rotate SSH keys on existing AKS nodepools
• General availability: Manage your Log Analytics Tables in Azure Portal
• General availability: Default Rule Set 2.1 for Azure Web Application Firewall
• The immutable laws of security
• What are the top security Antipatterns you see?
• The Chief Information Security Officer (CISO) Workshop Training
• Microsoft Entra Workload Identities Preview
• Managing, governing, and securing identities for apps and services
• Introducing Microsoft Entra Workload Identities

Links

• Transcript
• Generally available: Control the minimum TLS version used with Azure Service Bus
• Public preview: Infrastructure encryption using customer managed key for PostgreSQL – Flexible Server
• General availability: AMD confidential VM guest attestation
• General availability: Confidential VM option for SQL Server on Azure Virtual Machines
• Azure SQL DB: TDE Automatic key rotation
• Learn how to secure and monitor Workload Identities with a series of events
• Introducing Microsoft Entra Workload Identities
• Extend the reach of Azure AD Identity Protection into workload identities
• Managing, governing, and securing identities for apps and services
• Overview of Azure AD certificate-based authentication
• Computer Vision
• The immutable laws of security
• Microsoft Ignite Book of News

Links

• Transcript
• Security: The Principle of Least Privilege (POLP)
• Private Preview: controlling access to Azure SQL at scale with policies in Purview
• New granular permissions for SQL Server 2022 and Azure SQL to improve adherence with PoLP
• Revamped SQL Permission system for Principle of Least Privilege and external policies – internals
• Schema-design for SQL Server: recommendations for Schema design with security in mind
• Tutorial: Ownership Chains and Context Switching

Links

• Transcript
• Public preview: Policy analytics for Azure Firewall
• Public preview: Azure AD authentication with Azure Database for MySQL – Flexible Server
• General availability: Azure Policy built-in definitions for Azure NetApp Files
• Public preview: Encryption scopes on hierarchical namespace enabled storage accounts
• Generally available: Immutable storage for Azure Data Lake Storage
• Public preview: API Server VNET Integration for AKS private cluster
• Configure authentication session management with Conditional Access
• Create a multi-stage access review
• Investigate alerts in Microsoft 365 Defender
• Workload identity federation
• Microsoft Entra Permissions Management
• What's Permissions Management?
• John Savill: Looking at Entra Permissions Management to Manage Permissions Across AWS, GCP and Azure

Links

• Transcript
• General availability: Managed private endpoint support to Synapse SQL output
• General availability: Authenticate to Service Bus using managed identity
• Public preview: Encrypt storage account with cross-tenant customer-managed keys
• General availability: Managed identity to connect Azure Cache for Redis to storage
• User-assigned managed identity in Azure AD for Azure SQL
• Automated key rotation for TDE BYOK now available in preview for Azure SQL
• General availability: Azure Database for MySQL - Flexible Server data encryption with CMK
• Public preview: Encrypt managed disks with cross-tenant customer-managed keys
• Public preview: Operation abort (AKS)
• Microsoft Defender Experts for Hunting
• Microsoft Defender Experts for Hunting - Explainer
• Choose between guided and advanced modes to hunt in Microsoft 365 Defender
• The most dangerous myth in IT is that technology systems don't ever need to be maintained
• Patching antipatterns
• Tamper protection will be turned on for all enterprise customers
• Built-in protection helps guard against ransomware
• Cyber Signals: Defend against the new ransomware landscape

Links

• Transcript
• Complete Patch Management Strategy
• Common patching anti-patterns
• Windows Authentication for Azure AD principals for SQL Managed Instance is now Generally Available
• General availability: Network security groups support for private endpoints
• General availability: User-defined routes support for private endpoints
• Public preview: Microsoft Azure Load Testing supports private endpoints testing
• Confidential VM node pool with AMD SEV-SNP protection available on AKS in public preview
• Generally available: Key management system integration with AKS
• Azure Firewall Premium is now ICSA labs certified
• Public preview: TLS 1.3 support on Application Gateway
• Conscious cloud: our Aotearoa datacenter pledge Microsoft’s datacenter region powered by 100% carbon free energy from day one
• Microsoft Defender for IoT Ninja Training
• Microsoft Defender for IoT
• MCRA OT & IIoT Security

Links

• Transcript
• Microsoft announces new solutions for threat intelligence and attack surface management
• New capabilities in Microsoft Entra Verified ID now available
• Microsoft Inspire Opening
• Azure TLS certificate changes

Links

• Transcript
• Gateway Load Balancer now generally available in all regions
• Azure confidential ledger is now Generally Available!
• Public preview: Azure Database for MySQL - Flexible Server data encryption with CMK
• Generally available: Trusted Launch support for DCsv3 and DCdsv3 series Virtual Machines
• The Chief Information Security Officer (CISO) Workshop Training

Links

• Transcript
• Latest innovations in Azure confidential computing
• Confidential Computing (Microsoft Research Cambridge)
• Azure confidential computing
• Confidential Computing Customer Stories
• Azure Confidential VM options on AMD
• Quickstart: Create confidential VM on AMD in the Azure portal
• DCasv5 and ECasv5 series confidential VMs

Links

• Transcript
• Announcing OAuth 2.0 Client Credentials Flow support for POP and IMAP protocols in Exchange Online
• Microsoft Entra Permissions Management is now generally available!
• MSTICPy Version 2.0
• Microsoft Purview Data Loss Prevention (DLP) integration in Microsoft Sentinel (Preview)
• Migrate to Azure Monitor agent from Log Analytics agent
• Multi-user authorization using Resource Guard
• General availability: Azure Active Directory authentication for Application Insights
• Designing and Developing Secure Azure Solutions Table of Contents
• Microsoft Sentinel and Microsoft 365 Defender - Contributing

Links

• Transcript
• Azure Advisor for MySQL
• Custom certificate authority (CA) in Azure Kubernetes Service (AKS) (preview)
• Configure Azure Application Gateway Private Link (preview)
• Public preview: Continuous backup enhancements in Azure Cosmos DB
• Generally available: API Management Content Security Policy and CORS configuration support
• Join Our Security Community
• Designing Secure Systems
• Hunting Queries
• On-demand webcast series: “Tracking the adversary”
• Microsoft-365-Defender-Hunting-Queries
• KQL quick reference
• Understand the advanced hunting schema

Links

• Transcript
• New server roles for Azure SQL Database and SQL Server 2022 in Public Preview: Database Management without admin-access
• Common Criteria EAL4 Certification for SQL19
• Azure Container Apps support for custom domains and TLS certificates
• Azure Bastion IP based connection
• Import or export an Azure SQL Database using Private Link without allowing Azure services to access the server
• Celebrating the Microsoft Sentinel Ecosystem at RSAC 2022
• Microsoft Defender for Cloud RSA announcements

Links

• Transcript
• Azure SQL Managed Instance documentation
• What is Windows Authentication for Azure Active Directory principals on Azure SQL Managed Instance?
• How Windows Authentication for Azure SQL Managed Instance is implemented with Azure Active Directory and Kerberos

Links

• Transcript
• Azure SQL Database Ledger now available
• Maintain Cryptographically Verifiable Data in Azure SQL Database
• What is the database ledger?
• Lenovo reinforces customer trust with ledger in Azure SQL Database
• RTGS.global automates financial transfers, unlocks trillions in capital with Azure
• Demos of Ledger
• Comparing options: Confidential Ledger and Azure SQL Database ledger
• Store business-critical blob data with immutable storage

Links

• Transcript
• What's new in Microsoft Sentinel
• Human-operated ransomware
• Azure Arc-enabled servers support for private endpoints
• Azure Virtual Machines DCsv3 in Australia, Japan, US, and Asia
• Overview of Microsoft Defender for Containers
• How to demonstrate the new containers features in Microsoft Defender for Cloud
• MITRE ATT&CK
• eBPF
• Getting Linux based eBPF programs to run with eBPF for Windows

Links

• Transcript
• Azure confidential computing with NVIDIA GPUs for trustworthy AI
• General availability: Azure Data Explorer supports Conditional Access
• Public preview: User-assigned managed identities in Stream Analytics
• Manage port forwarding for backend pool with Azure Load Balancer
• Generally available: DNS reservations to prevent subdomain takeover in Cloud Services deployments
• The next evolution of Azure Monitor Logs
• Threat Intelligence with MSTICPy
• Microsoft 365 Defender demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations
• What’s new: Unified Microsoft SIEM & XDR GitHub community
• Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware
• SP 800-40 Rev. 4 Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology
• NCCoE Releases Enterprise Patch Management Guidance
• Use client-side encryption with Always Encrypted for Azure Cosmos DB
• Azure role-based access control in Azure Cosmos DB
• Microsoft Defender for Cosmos DB (Preview)

Links

• Transcript
• Use client-side encryption with Always Encrypted for Azure Cosmos DB
• Microsoft Cybersecurity Reference Architectures
• Microsoft Cybersecurity Reference Architectures Intro
• Security in the Microsoft Cloud Adoption Framework for Azure
• Cloud Adoption Framework Intro
• Emotet Malware (discussed by Gladys and Mark)

Links

• Transcript
• Public preview: Azure Private Link support in Azure API Management
• Generally available: Support for private links in Azure Monitor agent
• Important upcoming changes to Microsoft Defender for Cloud
• Public preview - Create Azure AD access reviews with multiple stages of reviewers
• Sensitivity labels
• RiskIQ
• Microsoft acquired RiskIQ to strengthen cybersecurity of digital transformation and hybrid work
• RiskIQ Security Intelligence Services Connector
• RiskIQ Community - SIGN UP!
• Automate Your Microsoft Sentinel Triage Efforts with RiskIQ Threat Intelligence
• RiskIQ Cyber Threat-Hunting Workshops

Links

• Transcript
• Eric's Cyber Blog: Introduction to Drafting a Winning Cybersecurity Strategy
• What's new in Microsoft Sentinel
• Zero Trust Core Principles
• Zero Trust Commandments
• Stay on top of database threats with Microsoft Defender for Azure Cosmos DB
• Achieve a least privilege model using Azure AD's new multi-stage access reviews
• Introducing Azure Load Testing
• Custom logs API in Azure Monitor Logs (Preview)
• CloudKnox Permissions Management is now in Public Preview
• Leveraging machine learning to find security vulnerabilities
• Create and manage downloadable access review history report in Azure AD access reviews
• Microsoft 365 Defender’s Unified Experience for XDR
• All Microsoft Defender for Identity features now available in the Microsoft 365 Defender portal
• Microsoft Defender for Identity SIEM log reference
• Introduction to Microsoft Defender for Azure Cosmos DB
• Microsoft Compliance Manager

Links

• Transcript
• Microsoft Sentinel Deception Solution
• What's Next in Security from Microsoft
• Create a codeless connector for Microsoft Sentinel (Public preview)
• Bring your career to the next level with Learn Azure
• Overview of Azure AD certificate-based authentication (Preview)
• What is Azure Virtual Network Manager (Preview)?
• Security posture management
• Microsoft Cloud Adoption Framework for Azure
• Automate Your Microsoft Sentinel Triage Efforts with RiskIQ Threat Intelligence
• Threat intelligence integration in Microsoft Sentinel
• User-Assigned Managed Identity support for TDE BYOK for Azure SQL is in preview
• Azure Key Vault Managed HSM support for TDE BYOK now available for Azure SQL
• Generally available: Improved Syslog RFC compliance using the new Azure Monitor agent
• Public Preview: Microsoft Azure Payment HSM Service
• Microsoft Defender for IoT
• SPAN Overview
• Demo: Arduino library for Azure IoT deep dive this wasn't in the podcast, but Michael couldn't help himself

Links

• Transcript
• Deprecating weak cryptographic standards (TLS 1.0 and TLS 1.1) in Azure DevOps
• General availability: Azure Key Vault increased service limits for all its customers
• Create a codeless connector for Microsoft Sentinel
• KQL externaldata operator
• Sharing threat intelligence: STIX and TAXII

Links

• Transcript
• Public preview: Support for managed identity in Azure Cache for Redis
• Public Preview: Managed Certificate support for Azure API Management
• General availability: FIPS enabled node pool in Azure Kubernetes
• Generally available: Azure Database for PostgreSQL – Hyperscale (Citus): New certifications
• Announcing price reductions for Azure confidential computing
• What's new in Microsoft Sentinel
• Get Hands-On KQL Practice with this Microsoft Sentinel Workbook
• Mark's List
• Best practices for implementing Zero Trust at Microsoft
• Best of Inside Track: Securing Microsoft with Zero Trust in 2021
• Lessons learned in engineering Zero Trust networking
• Microsoft’s digital security team answers your Top 10 questions on Zero Trust

Links

• Transcript
• A Journey From JNDI/LDAP Manipulation To Remote Code Execution Dream Land
• Log4J Patches
• Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
• Some podcast preamble!
• Automated key rotation in Azure Key Vault is now in public preview
• Configure key auto-rotation in Azure Key Vault (preview)
• Please be pedantic when talking about cryptography
• Azure Storage: Attribute-based Access Control (ABAC) conditions with principal attributes now in public preview
• Azure Storage: Secure access to storage account from a virtual network/subnet in any region now in public preview
• General availability: Microsoft Defender for Cloud updates for December 2021
• Introducing Azure AD custom security attributes (ABAC)
• Join Our Security Community
• Authentication Fundamentals with Stuart Kwan
• Microsoft Cybersecurity Reference Architectures
• Privileged Access Workstation (PAW)

Links

• Transcript
• General availability of custom OpenID providers in App Service and Azure Functions
• Public preview: Azure Virtual Machines DCasv5 and ECasv5-series now available
• Public preview: Azure Bastion native client support
• Microsoft Defender for Cloud: General availability updates for November 2021
• General availability: Create AKS clusters without local user accounts
• Public preview: ExpressRoute private peering support for BGP communities
• Azure App Service - Diagnostic settings feature reaches general availability
• Microsoft Sentinel introduces enhancements in machine learning and productivity at Ignite 2021
• Introducing Microsoft Defender for Containers
• What is Azure Policy?
• Azure Policy exemption structure
• Azure Policy – A Love Story

Links

• Transcript
• Azure AD authentication for Application Insights (Preview)
• Azure AD-only authentication with Azure SQL
• Azure Logic Apps Announcement - Fall 2021 Release
• General availability: AKS support for Secrets Store CSI driver
• Log Analytics Workspace Insights
• Key foundations for protecting your data with Azure confidential computing
• General availability: Log Analytics Workspace Insights in Azure Monitor
• Zero Trust Commandments
• Azure Monitor overview
• What's new in Azure Monitor documentation
• Overview of Azure Monitor agents
• Purge Assessment Data in Log Analytics
• Azure Monitor best practices

Links

• Transcript
• Microsoft Ignite – November 2021
• Microsoft Ignite Book of News
• A new name for multi-cloud security: Microsoft Defender for Cloud
• Microsoft Security - Product name changes and What's new?
• Introducing Microsoft Defender for Business
• Identity at Ignite: Strengthen resilience with identity innovations in Azure AD
• Announcing Azure Security Benchmark v3
• Azure Security Benchmark v3

Links

• Transcript
• Announcing the new Azure Monitor Query client libraries
• Introducing experimental OpenTelemetry support in the Azure SDK for .NET
• General availability: Azure Spring Cloud application health monitoring and end-to-end TLS/SSL
• Azure HDInsight support for Restricted Public Connectivity is generally available
• Azure HDInsight support for Azure Private Link is generally available
• Generally available: IP-based website protection for Azure Static Web Apps
• Public preview: Customize Azure Static Web Apps authentication with a serverless function
• General availability: Azure governance policy for Azure Key Vault
• Generally available: Service Tag Discovery API
• Public preview: IPv6 for Kubenet
• Extended regional availability for Private Link NSG Support
• Azure Firewall Premium now generally available in five new Azure regions
• Azure Defenses for Ransomware Attack
• Maximize Ransomware Resiliency with Azure and Microsoft 365
• Microsoft scores highest in threat visibility coverage for MITRE ATT&CK for ICS
• National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems
• Microsoft Ignite: November 2–4, 2021; explore the latest tools, training, and technical expertise.
• .NET 6: The Rijndael and RijndaelManaged types are obsolete
• Demo on Notebook Views
• Tiger Toolbox GitHub Repo
• SQL Server 2019 Big Data Clusters Troubleshooting Notebooks
• Jupyter Book for SQL Sever professionals
• Troubleshooting SQL Server made easy via Notebooks – seeking your feedback
• Use Jupyter Notebooks in Azure Data Studio
• Automating Diagnostic Notebooks with Azure Serverless Architecture | Data Exposed
• Run Jupyter Notebooks in your workspace
• Create, develop, and maintain Synapse notebooks in Azure Synapse Analytics
• Jupyter Notebooks in GitHub Codespaces

Links

• Transcript
• Microsoft Ignite (November 2–4, 2021)
• Azure Security Center: Public preview updates for September 2021
• Create and customize Azure Sentinel playbooks from built-in templates
• Azure Sentinel DHCP normalization schema reference (Public preview)
• Windows 11 Security — Our Hacker-in-Chief Runs Attacks and Shows Solutions
• OWASP Top Ten: 2021
• OWASP is 20 years old - Happy Birthday! PS: Michael's at 4m36s
• Microsoft Digital Defense Report
• Mark's List
• Business as usual for Azure customers despite 2.4 Tbps DDoS attack
• Azure DDoS Protection Standard overview
• Microsoft named a Leader in 2021 Gartner® Magic Quadrant™ for data integration tools

Links

• Transcript
• Automatic key rotation of customer-managed keys for encrypting Azure disks
• Azure Purview is now generally available
• Azure Site Recovery: Upgrade to TLS 1.2 or later by November 15, 2021
• Server roles for Azure SQL Database: Database Management without admin-access
• Microsoft Azure Defender for IoT Training
• MCRA OT & IIoT Security
• Introduction and overview of Microsoft Cybersecurity Reference Architectures
• Azure Defenses for Ransomware Attack
• Public preview: At-scale management of Azure Monitor alerts in Backup center
• What is Conditional Access?

Links

• Transcript
• Public preview of Private Link UDR Support
• Public preview of Private Link Network Security Group Support
• Azure Private Link Service is now generally available in China
• Screen Capture Protection for Azure Virtual Desktop is now generally available
• General availability: Azure Files now supports SMB 3.1.1
• General availability: Cross service queries between Azure Monitor and Azure Data Explorer
• Azure Security Center: Public preview updates for August 2021
• Azure Security Center: General availability updates for August 2021
• General availability: Update in policy compliance for Azure Kubernetes Policies
• Windows Server IoT 2022 now generally available
• Azure AD Graph is retiring on 30 June 2022
• Upgrade to the latest version of Azure AD Connect before 31 August 2022
• Windows 11 public preview is now available on Azure Virtual Desktop
• Cloud Adoption Framework Intro
• MCRA Intro
• Detection and Hunting of Golden SAML Attack
• Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps
• Sharing the first SimuLand dataset to expedite research and learn about adversary tradecraft
• SimuLand Github Repo
• SimuLand: Understand adversary tradecraft and improve detection strategies
• Cloud Katana

Links

• Transcript
• Azure Network Security Ninja Training
• Perform network intrusion detection with Network Watcher and open source tools
• Executive Order on Improving the Nation's Cybersecurity
• Mapping the Cybersecurity Executive Order Milestones
• EO Strategies for Securing Critical Software & Classifying Agency Data
• Microsoft and NIST collaborate on EO to drive Zero Trust adoption
• Zero Trust architecture in Azure for government
• Announcing the Azure Sentinel: Zero Trust (TIC3.0) Workbook
• US government resources and training - cybersecurity
• Azure Government Top Secret now generally available for US national security missions
• Capabilities - Microsoft Cybersecurity Reference Architectures
• Zero Trust User Access - Microsoft Cybersecurity Reference Architectures
• People - Microsoft Cybersecurity Reference Architectures

Links

• Transcript
• Configure Applications with App Configuration and Key Vault
• Securing machine learning environments on Azure Machine Learning
• Implement Microsoft identity – Associate
• General availability: Azure Managed HSM Private Link
• Incident response process
• Fusion Detection for Ransomware
• Ensure compliance using separation of duties checks in access requests
• Security Center Compliance Over Time Report Now in Public Preview
• Azure Defender for SQL
• Introduction to Azure Defender for SQL
• Alerts for SQL Database and Azure Synapse Analytics
• Interview with Rain Forest Puppy about SQL Injection
• How Was SQL Injection Discovered?

Links

• Transcript
• Yuri's and Sarah's book: Exam Ref SC-200 Microsoft Security Operations Analyst (Pre-order)
• Exam SC-200: Microsoft Security Operations Analyst
• Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals
• Exam SC-300: Microsoft Identity and Access Administrator
• Exam AZ-500: Microsoft Azure Security Technologies
• Exam Ref AZ-500 Microsoft Azure Security Technologies
• SC-900 Learning Path
• John Savill: SC-900 Microsoft Security, Compliance, and Identity Fundamentals Study Cram