Blue Security
Subscribed: 53Played: 966
Subscribe
© Andy Jaw & Adam Brewer
Description
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
237 Episodes
Reverse
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft Entra's conditional access. They explore the fundamental concepts of conditional access, its policies, and the integration of identity management with device management. The discussion highlights the importance of risk assessment, granular control, and the various conditions that can be applied to access controls. The hosts emphasize the significance of compliance policies and the interplay between different security measures to ensure robust protection against potential threats. In this conversation, Adam Brewer and Andy Jaw delve into the complexities of compliance and security in hybrid environments, focusing on access control mechanisms, session controls, and the innovative concept of authentication context. They explore the importance of ensuring devices are compliant and the various strategies organizations can implement to enhance security measures, including the use of approved client apps and continuous access evaluation. The discussion emphasizes the need for a layered security approach to protect sensitive information effectively.----------------------------------------------------YouTube Video Link: https://youtu.be/qvfEt49j2qQ----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/entra/identity/conditional-access/overviewhttps://learn.microsoft.com/en-us/sharepoint/authentication-context-examplehttps://techcommunity.microsoft.com/blog/microsoft-entra-blog/conditional-access-authentication-context-now-in-public-preview/1942484https://techcommunity.microsoft.com/blog/coreinfrastructureandsecurityblog/enhancing-security-with-entra-pim-and-conditional-access-policy-using-authentica/4368002----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of granting secure access to third-party vendors and contractors. They discuss the best practices for managing elevated permissions, the implications of B2B collaboration, and the importance of lifecycle management for contractor accounts. The conversation also covers licensing considerations for external identities and compares access methods like Azure Bastion and Azure Virtual Desktop (AVD). In this conversation, Adam Brewer and Andy Jaw delve into the complexities of RDP security, Azure environments, and the management of contractor accounts. They discuss the inherent risks associated with RDP, the importance of mitigating these risks through proper governance and lifecycle management, and the advantages of using Azure Virtual Desktop (AVD) versus Windows 365 for contractors. The discussion emphasizes the need for a zero trust approach and the benefits of network segmentation, while also addressing licensing considerations and user management strategies.----------------------------------------------------YouTube Video Link: https://youtu.be/PQSLdNK_Yv4----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/windows-365/overviewhttps://learn.microsoft.com/en-us/azure/virtual-desktop/overviewhttps://learn.microsoft.com/en-us/entra/external-id/b2b-fundamentals----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with cybersecurity architect Karl Niblock to discuss the evolution of logging practices in security information and event management (SIEM) systems. The conversation explores the shift from a 'log everything' mentality to a more strategic approach that emphasizes quality over quantity in data ingestion. Karl highlights the challenges posed by exponential data growth and the importance of customer empathy in designing effective security operations. The discussion also delves into the cost of detection, the value of high-quality logs, and the need for organizations to rethink their logging strategies to enhance threat detection and response capabilities. In this conversation, Karl discusses the intricacies of data logging in cybersecurity, emphasizing the importance of understanding the layers of data fidelity and how to effectively manage and utilize logs within Azure Sentinel. He introduces a pyramid model to categorize different types of logs based on their security value and discusses the significance of data-driven decision-making in optimizing security operations. The conversation also touches on the need for evolving data architecture to keep pace with modern threats and the practical implications of data management in security operations.----------------------------------------------------YouTube Video Link: https://youtu.be/V3KEpNIJl-o----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/azure/data-explorer/data-explorer-overviewhttps://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-workspace-overviewhttps://techcommunity.microsoft.com/blog/microsoftsentinelblog/using-azure-data-explorer-for-long-term-retention-of-microsoft-sentinel-logs/1883947https://learn.microsoft.com/en-us/azure/sentinel/basic-logs-use-caseshttps://www.linkedin.com/in/karlniblock/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with Ray Wolfram, Senior Product Manager for Defender Experts at Microsoft. Ray shares her extensive background in healthcare IT and cybersecurity, detailing her journey to Microsoft and the impact of COVID-19 on the cybersecurity landscape. The conversation delves into the two offerings of Defender Experts: Defender Experts for Hunting and Defender Experts for XDR, highlighting their unique features and the role of Microsoft in providing unparalleled threat intelligence. The episode emphasizes the importance of human expertise in cybersecurity and the proactive approach of Defender Experts in threat hunting and incident response. In this conversation, the speakers discuss the evolving landscape of cybersecurity, focusing on the role of threat hunters, the capabilities of Microsoft Defender Experts for XDR, and the importance of partnerships in providing comprehensive security solutions. They explore how Microsoft meets customers where they are, the onboarding process for new customers, and the integration of third-party solutions into the Defender ecosystem. The discussion also highlights the proactive nature of Defender Experts and the future roadmap for Defender for Cloud, emphasizing the need for collaboration in the cybersecurity space.----------------------------------------------------YouTube Video Link: https://youtu.be/zY9zOEFkZOc----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/defender-xdr/defender-experts-for-huntinghttps://learn.microsoft.com/en-us/defender-xdr/dex-xdr-overviewhttps://www.microsoft.com/en-us/security/blog/2023/03/27/microsoft-incident-response-retainer-is-generally-available/https://www.linkedin.com/in/raaewolfram/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the ongoing battle between governments and tech companies over encryption, focusing on Apple's recent response to the UK government's demands for access to iCloud data. They explore the implications of Apple's decision to disable advanced data protection for UK users and the broader context of encryption in cybersecurity. The conversation then shifts to the latest MITRE evaluation of endpoint protection platforms, highlighting Microsoft's performance and the challenges of the evaluation methodology. In this conversation, Andy Jaw and Adam Brewer delve into the complexities of cybersecurity, focusing on the limitations of current testing methods, the importance of realistic evaluations, and the need for a shared responsibility culture within organizations. They critique the MITRE evaluation process, discuss the shortcomings of phishing simulations, and emphasize the necessity of integrating security into the organizational culture to foster collaboration rather than hostility between security teams and users.----------------------------------------------------YouTube Video Link: https://youtu.be/TL_cu-vnu58----------------------------------------------------Documentation:https://www.theverge.com/policy/612136/uk-icloud-investigatory-powers-act-war-on-encryptionhttps://arstechnica.com/tech-policy/2025/02/apple-pulls-data-protection-tool-instead-of-caving-to-uk-demand-for-a-backdoor/https://www.microsoft.com/en-us/security/blog/2024/12/11/microsoft-defender-xdr-demonstrates-100-detection-coverage-across-all-cyberattack-stages-in-the-2024-mitre-attck-evaluations-enterprise/https://www.wsj.com/tech/cybersecurity/phishing-tests-the-bane-of-work-life-are-getting-meaner-76f30173----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
SummaryIn this episode, Andy and Adam discuss the evolution of messaging security, focusing on end-to-end encryption and the implications of RCS messaging. They explore the recent market reactions to AI developments, particularly the impact of the DeepSeek app on Nvidia's stock value and delve into the nuances of AI model efficiency and its potential effects on the tech industry. In this conversation, Adam Brewer and Andy Jaw explore the evolving landscape of AI technology, particularly in the context of US-China relations, the ethical implications of AI scraping, and the pressing concerns surrounding data privacy. They discuss the importance of building a record of work efforts, the innovative spirit that arises from constraints, and the public's perception of data security. The dialogue emphasizes the need for awareness and proactive conversations about data handling and privacy policies in an increasingly digital world.----------------------------------------------------YouTube Video Link: https://youtu.be/yicYSkuECcQ----------------------------------------------------Documentation:https://www.tomsguide.com/phones/iphones/fbi-warns-apple-and-android-users-to-avoid-rcs-messaging-heres-whyhttps://www.bbc.com/news/articles/c0qw7z2v1pgohttps://techcrunch.com/2025/01/29/microsoft-probing-whether-deepseek-improperly-used-openais-api/https://www.fastcompany.com/91267968/how-the-biden-chip-bans-created-a-monster-called-deepseekhttps://lifehacker.com/tech/how-to-try-deepseek-ai-and-why-you-might-not-want-to----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of securing CI/CD environments, highlighting the risks associated with these systems and the best practices for mitigating vulnerabilities. They delve into specific threats, including insecure code and supply chain compromises, and emphasize the need for a collaborative approach between security professionals and developers to ensure secure software development practices.
----------------------------------------------------
YouTube Video Link: https://youtu.be/zQwFAN6PHrE
----------------------------------------------------
Documentation:
https://www.cisa.gov/news-events/alerts/2023/06/28/cisa-and-nsa-release-joint-guidance-defending-continuous-integrationcontinuous-delivery-cicd
https://owasp.org/www-project-top-10-ci-cd-security-risks/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft FastTrack with guest Thomas Finney. They explore the benefits and eligibility of FastTrack, which is designed to help organizations adopt and deploy Microsoft 365 services. The conversation covers various aspects of FastTrack, including various Microsoft services, focusing on Defender, Entra, Intune, Microsoft Viva, Windows deployment, App Assure, and the Microsoft 365 Copilot. They explore how FastTrack can assist organizations in leveraging these services effectively, including the role of FastTrack Ready partners in delivering benefits and support. The discussion emphasizes the importance of maximizing investments in Microsoft technologies and ensuring seamless transitions and integrations within organizations.
----------------------------------------------------
YouTube Video Link: https://youtu.be/TwaOZrDhm2M
----------------------------------------------------
Documentation:
https://www.linkedin.com/in/thomascfinney/
tc.finney@microsoft.com
FastTrack Service Description - https://aka.ms/ftcsd
FastTrack Eligibility - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/eligibility
Microsoft Defender - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-defender
Microsoft Entra, including Zero Trust - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-entra-id
Microsoft Intune - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-intune
Microsoft Purview - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-purview
Microsoft Sentinel - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-sentinel
Microsoft Viva - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-viva
Office 365 - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/office-365
Windows, Windows 365, Universal Print, Microsoft 365 Apps, Microsoft Edge - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/windows-and-other-services
App Assure - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/windows-and-other-services#app-assure
FastTrack Process and Expectations - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/process-and-expectations
Request FastTrack assistance for Microsoft 365 - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/process-and-expectations#engaging-fasttrack
https://learn.microsoft.com/en-us/microsoft-365/enterprise/request-fasttrack-assistance-microsoft-365?view=o365-worldwide
FastTrack Ready approved partners
https://cloudpartners.transform.microsoft.com/fasttrack-ready-approved-partners
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, host Andy Jaw and co-host Adam Brewer welcome Brodie Cassell, a principal security consultant at Microsoft. Brodie shares his journey from various IT roles to his current position at Microsoft, discussing the importance of adapting to new technologies and the challenges of data security in the age of AI. The conversation delves into the significance of a holistic approach to security, the role of Microsoft Industry Solutions Delivery, and the need for organizations to evolve their security practices to keep pace with technological advancements. In this conversation, Brodie Cassell and Adam Brewer discuss their experiences in the cybersecurity field, particularly focusing on the dynamics of consulting work, the evolution of security practices at Microsoft, and the differences between public and private sector security. They emphasize the importance of passion in their work, the value of community in cybersecurity, and the need for continuous learning and adaptation in a rapidly changing environment.
----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://www.linkedin.com/in/brodiecassell/
brodie.cassell@microsoft.com
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the Zero Trust Maturity Model and its implications for organizations looking to enhance their cybersecurity posture. They delve into CISA's guidance and Microsoft's mapping of this model, emphasizing the importance of prescriptive guidance in navigating the complexities of cybersecurity. The conversation also touches on the distinction between education and sales in the cybersecurity space, highlighting the value of continuous learning and the purpose behind their podcast. In this episode, Andy Jaw and Adam Brewer discuss the emergence of Banshee malware targeting MacOS users, emphasizing the importance of vigilance in application downloads and the effectiveness of Mac's security features. They also highlight the IRS's Identity Protection PIN program, which aims to prevent tax fraud, and the newly launched Cybersecurity Safety Label for IoT devices, designed to help consumers identify secure products. The conversation underscores the need for robust security measures and user awareness in an increasingly digital world.
----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/security/zero-trust/cisa-zero-trust-maturity-model-intro
https://www.msn.com/en-us/news/technology/new-macos-malware-uses-apples-own-code-to-quietly-steal-credentials-and-personal-data-how-to-stay-safe/ar-BB1rglVj
https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/
https://www.bleepingcomputer.com/news/security/us-govt-launches-cybersecurity-safety-label-for-smart-devices/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest cybersecurity trends, focusing on CISA's Scuba Project and its implications for federal agencies. They explore the transition to cloud-based passwordless authentication, the Binding Operational Directive 25-01, and provide prescriptive guidance for security configurations. The conversation emphasizes the importance of modernizing cybersecurity practices and the positive impact of CISA's initiatives on national security.
----------------------------------------------------
YouTube Video Link: https://youtu.be/vR3ebqm0MVs
----------------------------------------------------
Documentation:
https://www.cisa.gov/resources-tools/services/bod-25-01-implementing-secure-practices-cloud-services-required-configurations
https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant cybersecurity updates, including the indictment of a Chinese hacker involved in attacks on Sophos firewalls. They explore the growing competition from Chinese electric vehicle manufacturers and the vulnerabilities of digital license plates. The conversation also covers the investigation into TP-Link routers due to national security concerns and the launch of a free tier for GitHub Copilot, enhancing accessibility for developers.
----------------------------------------------------
YouTube Video Link: https://youtu.be/_xXm3Gdr6rg
----------------------------------------------------
Documentation:
https://www.justice.gov/opa/pr/china-based-hacker-charged-conspiring-develop-and-deploy-malware-exploited-tens-thousands
https://www.wired.com/story/digital-license-plate-jailbreak-hack/
https://9to5mac.com/2024/12/18/most-popular-home-internet-routers-in-us-may-be-banned-as-national-security-risk/
https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest developments in Azure cloud security, focusing on the Defender solutions for Resource Manager, DNS, and AI workloads. They emphasize the importance of protecting these foundational elements of Azure, particularly the Resource Manager, which serves as the control plane for all resources. The conversation also touches on the emerging threats in AI applications and the need for a holistic security strategy as organizations modernize their cloud infrastructure. The episode concludes with a reflection on the importance of security in cloud modernization and a look ahead to future topics.
----------------------------------------------------
YouTube Video Link: https://youtu.be/T2P3QbdjmlQ
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-resource-manager-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-dns-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/ai-threat-protection
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of cloud security, focusing on Microsoft's Defender services. They explore Defender for App Service, highlighting its ease of activation and the security recommendations it provides. The conversation then shifts to Defender for Databases, detailing its capabilities in protecting SQL databases from various threats, including SQL injection attacks. The hosts emphasize the necessity of a layered security approach, known as defense in depth, to ensure comprehensive protection for cloud workloads.
----------------------------------------------------
YouTube Video Link: https://youtu.be/LJCohdB5ER8
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-app-service-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-databases-plan
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into Azure Key Vault and its security features, particularly focusing on Defender for Key Vault and Defender for API. They discuss the importance of securely managing sensitive information, the ease of deploying these security solutions, and the critical need for visibility and threat detection in cloud environments. The conversation highlights the differences between the two defenders, emphasizing the growing threat landscape for APIs and the necessity of robust security measures.
----------------------------------------------------
YouTube Video Link: https://youtu.be/JxfdKZTWF3c
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-key-vault-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-apis-introduction
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode, Andy and Adam discuss various resources available for training on Microsoft technologies. They emphasize the importance of the Learn Microsoft portal, highlight the benefits of Ninja training for deep dives into specific topics, and recommend various YouTube channels for bite-sized learning. The conversation also covers the significance of tech community blogs, hands-on learning through applied skills, and creating personal lab environments for experimentation. Additionally, they touch on other learning resources available beyond Microsoft, including LinkedIn Learning and the value of networking with peers.
----------------------------------------------------
YouTube Video Link: https://youtu.be/5A54j9wmHt4
----------------------------------------------------
Documentation:
https://rodtrent.substack.com/p/all-the-microsoft-ninja-training
https://www.youtube.com/@MSFTMechanics
https://www.youtube.com/@MicrosoftSecurity
https://www.youtube.com/@MicrosoftSecurityCommunity
https://techcommunity.microsoft.com/t5/security-compliance-and-identity/bg-p/MicrosoftSecurityandCompliance
https://learn.microsoft.com/en-us/credentials/browse/?credential_types=applied%20skills
https://ajawzero.medium.com/my-unraid-build-thoughts-and-lessons-learned-881781c2cf97
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode, hosts Andy and Adam recap the key announcements from Microsoft Ignite, focusing on new features in Microsoft Edge, enhancements in Microsoft Teams for global collaboration, and significant updates in security management tools like Security Co-Pilot and Microsoft Purview. They discuss the importance of data security, the role of AI in improving security posture, and the latest improvements in Intune for device management. The conversation covers significant advancements in Microsoft's technology offerings, focusing on improvements in Intune for device management, updates to the Entra Suite and Security Service Edge, AI integration in security management, innovations in Defender for Cloud, and enhancements aimed at strengthening security posture for SMBs. Additionally, the discussion highlights new features in Windows 365 and concludes with insights into Microsoft's progress in quantum computing.
----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://news.microsoft.com/ignite-2024-book-of-news/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer welcome Justin Orcutt from Microsoft to discuss the Cybersecurity Maturity Model Certification (CMMC). The conversation covers the history and requirements of CMMC, the steps companies need to take to prepare for audits, and the importance of continuous monitoring. Justin shares insights on the anxiety surrounding CMMC compliance, the tools available for tracking progress, and the broader implications of CMMC for various industries beyond defense contracting. He emphasizes the need for organizations to understand their data security requirements and engage with communities for support.
----------------------------------------------------
YouTube Video Link: https://youtu.be/dCMeiEXhRTI
----------------------------------------------------
Documentation:
https://www.defense.gov/News/Releases/Release/Article/3932947/cybersecurity-maturity-model-certification-program-final-rule-published/
Justin Orcutt: https://www.linkedin.com/in/justinorcutt/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the recent T-Mobile breach attributed to Chinese state-sponsored hackers, emphasizing the importance of parsing corporate statements. They delve into the implications of cybersecurity threats, referencing a Sophos report detailing a five-year cat-and-mouse game with Chinese attackers. The conversation shifts to the rise of the new social media platform, Bluesky, exploring its potential to attract users from Twitter and its unique features.
----------------------------------------------------
YouTube Video Link:
----------------------------------------------------
Documentation:
https://www.cisa.gov/news-events/news/joint-statement-fbi-and-cisa-peoples-republic-china-prc-targeting-commercial-telecommunications
https://www.sophos.com/en-us/content/pacific-rim
https://www.bbc.com/news/articles/c8dm0ljg4y6o
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Summary
In this episode, Andy and Adam discuss the challenges and strategies for securing seasonal and contingent workers using a Zero Trust approach. They emphasize the importance of managed devices, the complexities of hybrid domain joins, and explore alternative solutions such as cloud-based services. The conversation also touches on the significance of security policies and the need for exceptions in certain scenarios, ultimately advocating for a balanced approach to cybersecurity that enables business productivity.
----------------------------------------------------
YouTube Video Link: https://youtu.be/RsR0XsFWDjQ
----------------------------------------------------
Documentation:
https://kanenarraway.com/posts/bpo-security-zero-trust/
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
Download from Google Play
Download from App Store
United States
SRD grant application online via the SASSA SRD website. By entering their ID number and cellphone number, applicants can view the status of their application as https://srdsassacheck.org.za/ , including whether it has been approved or rejected. If rejected, reasons are provided, and applicants have the right to appeal through a formal reconsideration process.