Blue Security
TeknologiA podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
Siste episoder av Blue Security podcast
- Kerberoasting in 2025 (00:35:07)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing the implications of these vulnerabilities in the context of a significant ransomware breach in the healthcare sector. The conversation covers the basics of RC4 encryption, the mechanics of Kerberosting attacks, and the necessary mitigations organizations should implement to protect against these threats. Additionally, they highlight Microsoft's Secure Future Initiative, which aims to prioritize security in its products and services, and the ongoing challenges of balancing security with legacy compatibility. The episode concludes with actionable takeaways for listeners to enhance their cybersecurity posture.----------------------------------------------------YouTube Video Link: ----------------------------------------------------Documentation:https://arstechnica.com/security/2025/09/senator-blasts-microsoft-for-making-default-windows-vulnerable-to-kerberoasting/https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2013/2868725----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Advanced Data Protection with Special Guest Amren Gill (01:06:31)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam celebrate their five-year anniversary with guest Amren Gill, a data security solutions engineer at Microsoft. They delve into the complexities of data protection, focusing on Microsoft Purview's capabilities, including data classification, data loss prevention (DLP), and advanced data protection features. The conversation highlights the importance of securing data by default, leveraging AI for enhanced security measures, and the role of data security posture management (DSPM) in identifying and addressing security gaps. Amren also discusses the new Data Security Investigations tool, which aids in responding to data breaches effectively.----------------------------------------------------YouTube Video Link: https://youtu.be/MZBEW265WwU----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/purview/deploymentmodels/depmod-securebydefault-introhttps://learn.microsoft.com/en-us/purview/purview----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Entra News (00:26:48)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest developments in Microsoft security technologies, particularly focusing on Entra and its features like Continuous Access Evaluation (CAE) and the integration of threat intelligence into the Global Secure Access (GSA) platform. They reflect on their journey over the past five years of podcasting, emphasizing the importance of security in the modern digital landscape and the evolution of their discussions around these technologies.----------------------------------------------------YouTube Video Link: https://youtu.be/5cNlP5_uVhE----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/entra/global-secure-access/concept-universal-continuous-access-evaluationhttps://learn.microsoft.com/en-us/entra/global-secure-access/how-to-configure-threat-intelligencehttps://learn.microsoft.com/en-us/entra/global-secure-access/how-to-transport-layer-security----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- FUD and Passkeys (00:41:18)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the concept of FUD (Fear, Uncertainty, and Doubt) prevalent in the cybersecurity industry. They discuss the implications of sensationalized reporting, particularly around Windows Hello for Business vulnerabilities and the importance of adopting fish resistant multi-factor authentication (MFA). The conversation also covers the security of passkeys, the risks of social engineering, and the need for critical consumption of cybersecurity news to avoid misinformation.----------------------------------------------------YouTube Video Link: https://youtu.be/IauO5oA2BA0----------------------------------------------------Documentation:https://cybersecuritynews.com/windows-hello-for-business-flaw/https://arstechnica.com/security/2025/08/new-research-claiming-passkeys-can-be-stolen-is-pure-nonsense/https://www.inc.com/jason-aten/why-google-is-warning-2-5-billion-gmail-users-to-stop-using-their-password/91234290----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Microsoft Licensing Overview - Part 3 - Niche Situations and Azure (00:48:36)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of Microsoft licensing, focusing on device-based versus user-based licensing, the nuances of shared mailboxes, and the implications of mixing E3 and E5 licenses. They also explore Azure billing models and the costs associated with Security Copilot, providing insights into how organizations can manage their licensing effectively and economically.----------------------------------------------------YouTube Video Link: https://youtu.be/S54uqVMH44A----------------------------------------------------Documentation:https://www.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-apps-for-enterprise-product?activetab=pivot:overviewtabhttps://azure.microsoft.com/en-us/pricing/calculator/https://youtu.be/-jG2BFPS45o?si=2BFEOt5J4ZwDtAmf----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Microsoft Licensing Overview - Part 2 (00:37:20)
SummaryThe hosts, Andy and Adam, delve into the nuances of licensing models, particularly focusing on the differences between frontline and information worker licenses. They explore the F1, F3, and F5 licensing models, highlighting key differences such as access to desktop applications and mailbox sizes. The episode also covers the integration of AI tools like M365 Copilot and Security Copilot, and discusses various Microsoft suites like Intune and Entra, emphasizing their components and benefits. The conversation aims to clarify the often confusing landscape of Microsoft licensing for security solutions.----------------------------------------------------YouTube Video Link: https://youtu.be/k-Qy4XjQDqw----------------------------------------------------Documentation:https://m365maps.com/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Microsoft Security Licensing Part 1 (01:02:36)
SummaryHosts Andy and Adam discuss the structure of enterprise agreements, the differences between Office 365 and Microsoft 365, and the transition from consumer-focused to enterprise-focused offerings. They explain the historical context of Microsoft's licensing evolution, the role of enterprise agreements, and the introduction of the Microsoft Customer Agreement for Enterprise (MCAE). The episode aims to demystify the licensing process, highlighting the importance of understanding what is included in various bundles and the benefits of moving to enterprise agreements for better pricing and comprehensive solutions.----------------------------------------------------YouTube Video Link: https://youtu.be/k-Qy4XjQDqw----------------------------------------------------Documentation:https://m365maps.com/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Shadow AI is already happening -- now what? (00:47:29)
SummaryIn this episode, Adam and Andy discuss various topics including Instagram's location sharing capabilities and the implications of AI in the workplace. They explore the challenges organizations face with AI adoption, the need for clear policies, and the importance of data security in protecting sensitive information. The conversation emphasizes the necessity for leadership to adapt to technological advancements and provide proper training to employees.----------------------------------------------------YouTube Video Link: https://youtu.be/gaIcWdj3UUY----------------------------------------------------Documentation:https://www.today.com/news/instagram-location-turn-off-on-rcna223521https://www.newsweek.com/nearly-half-employees-are-using-banned-ai-tools-work-2110261https://learn.microsoft.com/en-us/purview/data-security-posture-managementhttps://learn.microsoft.com/en-us/purview/dspm-for-aihttps://learn.microsoft.com/en-us/azure/defender-for-cloud/ai-security-posture----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Palo Alto acquires Cyberark, Sentinel News, MDTI is going to be FREE! (00:33:53)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant developments in the cybersecurity landscape, including Palo Alto's acquisition of CyberArk, the introduction of Microsoft Sentinel's Data Lake feature, and the integration of Defender Threat Intelligence into existing Microsoft security solutions. They emphasize the importance of a platform approach to cybersecurity and the challenges associated with acquisitions in the industry.----------------------------------------------------YouTube Video Link: https://youtu.be/8BRxQUyHNh4----------------------------------------------------Documentation:https://www.paloaltonetworks.com/company/press/2025/palo-alto-networks-announces-agreement-to-acquire-cyberark--the-identity-security-leaderhttps://techcommunity.microsoft.com/blog/microsoft-security-blog/introducing-microsoft-sentinel-data-lake/4434280https://techcommunity.microsoft.com/blog/defenderthreatintelligence/mdti-is-converging-into-microsoft-sentinel-and-defender-xdr/4427991----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- SharePoint Server, Help Desk Security, Terminating IT Admins (00:52:20)
SummaryIn this episode, Adam Brewer and Andy Jaw discuss recent SharePoint vulnerabilities, the importance of data protection and governance, and the implications of the Clorox cyber attack. They explore the challenges of managing insider threats in IT, emphasizing the need for robust security measures and proactive communication with customers. The conversation highlights the critical nature of cybersecurity in today's digital landscape and the responsibilities of organizations to protect their data and systems.----------------------------------------------------YouTube Video Link: https://youtu.be/gH8jS0mai2U----------------------------------------------------Documentation:https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/?msockid=247fdde1b8b2631d1f8bc80db91a6238https://arstechnica.com/security/2025/07/how-do-hackers-get-passwords-sometimes-they-just-ask/https://flaglerlive.com/it-attack-firing/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Power grid vulnerabilities, To Catch a Thief, AI Bug Hunter (00:43:05)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the vulnerabilities in solar technology, particularly focusing on smart inverters and their implications for power grids. They delve into the cybersecurity landscape, emphasizing China's role in technology transfer and its impact on national security. The conversation shifts to the potential of AI in cybersecurity, highlighting its ability to discover vulnerabilities and anomalies, and how it can enhance security operations. The episode concludes with a positive outlook on the integration of AI in cybersecurity practices.----------------------------------------------------YouTube Video Link: https://youtu.be/u3TfSpw10Qc----------------------------------------------------Documentation:https://www.newscientist.com/article/2487089-cyberattacks-could-exploit-home-solar-panels-to-disrupt-power-grids/https://open.spotify.com/show/1xFnf1ReS81p79TtR7f6vj?si=4d4ea5acc39c4bcehttps://www.pcmag.com/news/this-ai-is-outranking-humans-as-a-top-software-bug-hunter----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Windows Kernel & AV/EDR, BSOD Rebrand, Easier 3rd Party Updates (00:23:26)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant updates from Microsoft, focusing on security enhancements, the evolution of the blue screen of death, and new options for consumers regarding extended security updates. They also explore a new update orchestration platform aimed at improving the user experience for application updates on Windows.----------------------------------------------------YouTube Video Link: https://youtu.be/Xknb2FXh1GY----------------------------------------------------Documentation:https://www.crn.com/news/security/upcoming-microsoft-security-resilience-updates-includes-ability-to-run-services-outside-windows-kernelhttps://www.theverge.com/news/692648/microsoft-bsod-black-screen-of-death-color-change-officialhttps://www.windowscentral.com/software-apps/windows-10/windows-10-esu-support-free-updates-cloud-backuphttps://techcommunity.microsoft.com/blog/windows-itpro-blog/introducing-a-unified-future-for-app-updates-on-windows/4416354----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Applying "Assume Breach" to Layoffs (00:55:17)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the recent layoffs at Microsoft and the broader implications for the tech industry. They share personal experiences and insights on navigating job loss, the randomness of layoffs, and the importance of preparation. The conversation also covers practical advice for job seekers, including tips for interviews and negotiating severance packages. The hosts emphasize the need for continuous networking and maintaining an updated resume to stay prepared for unexpected career changes.----------------------------------------------------YouTube Video Link: https://youtu.be/mDZXNqmGpas----------------------------------------------------Documentation:https://www.cnn.com/2025/07/02/tech/microsoft-layoffs-9000-employees----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- CIAM Deployment Guide; external authentication methods (00:26:54)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the intricacies of Entra External ID, a customer identity and access management solution. They discuss the importance of security considerations in application development, the risks associated with customer-facing technologies, and the need for effective authentication methods. The conversation also touches on international revenue share fraud and the implementation of authentication context to enhance security measures. The episode concludes with insights on external authentication methods and their integration into existing systems, emphasizing the collaborative nature of cybersecurity.----------------------------------------------------YouTube Video Link: https://youtu.be/SKxShnv6z3I----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/entra/architecture/deployment-external-operationshttps://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-external-method-manage----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Securing AI Agents; Using AI Agents for Security (00:29:31)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the emerging concept of AI agents, their implications for security, and how Microsoft is integrating these technologies into their solutions. They explore the evolution of AI from simple prompt-response interactions to autonomous agents capable of making decisions and taking actions. The conversation highlights the importance of security in the development of AI technologies and introduces the Conditional Access Optimizer, a tool designed to enhance security policies within organizations.----------------------------------------------------YouTube Video Link: https://youtu.be/v45Tzw8VbiM----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/microsoft-entra-blog/the-future-of-ai-agents%E2%80%94and-why-oauth-must-evolve/3827391https://learn.microsoft.com/en-us/defender-xdr/phishing-triage-agenthttps://www.microsoft.com/en-us/security/blog/2025/05/19/microsoft-extends-zero-trust-to-secure-the-agentic-workforce/https://learn.microsoft.com/en-us/entra/identity/conditional-access/agent-optimization----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- JP Morgan's CISO open letter, Microsoft & Crowdstrike working together on threat intel (00:38:31)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the implications of JP Morgan's open letter to SaaS vendors, emphasizing the need for improved security practices in the software industry. They explore the challenges posed by the SaaS model, the importance of collaboration among security practitioners, and Microsoft's initiatives to enhance security. The conversation also highlights a new partnership between Microsoft and CrowdStrike aimed at standardizing threat intelligence naming conventions, showcasing the importance of teamwork in cybersecurity.----------------------------------------------------YouTube Video Link: https://youtu.be/EL0OfDiyQg0----------------------------------------------------Documentation:https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliershttps://www.microsoft.com/en-us/security/blog/2025/06/02/announcing-a-new-strategic-collaboration-to-bring-clarity-to-threat-actor-naming/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Microsoft Deputy CISOs, Defending Identity Attacks (00:39:22)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the formation and function of the Cybersecurity Governance Council at Microsoft, highlighting the roles of various deputy CISOs and their focus on specific security areas. They delve into misconceptions in cybersecurity, the importance of shared responsibility, and the evolving techniques used in identity attacks. The conversation emphasizes the need for robust security measures, including fish-resistant MFA and conditional access policies, while also addressing emerging threats like device code phishing and OAuth consent phishing. The episode concludes with practical recommendations for organizations to enhance their identity security practices.----------------------------------------------------YouTube Video Link: https://youtu.be/jvDK8WNYdrQ----------------------------------------------------Documentation:https://www.microsoft.com/en-us/security/blog/2025/04/08/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity/https://www.microsoft.com/en-us/security/blog/2025/05/29/defending-against-evolving-identity-attack-techniques/https://techcommunity.microsoft.com/blog/microsoft-entra-blog/tls-inspection-now-in-microsoft-entra-internet-access/4395972----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Windows 11 Security Book (00:37:18)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the critical aspects of Windows security, focusing on the recently published Windows 11 security book. They discuss various security features, including hardware security, operating system enhancements, application security, identity protection, privacy features, and cloud services. The conversation emphasizes the evolution of Windows security, the importance of balancing security with user configurability, and the ongoing efforts by Microsoft to enhance security across its platforms.----------------------------------------------------YouTube Video Link: https://youtu.be/P6NerTxY3gA----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/windows/security/book/https://news.microsoft.com/source/features/ai/microsofts-majorana-1-chip-carves-new-path-for-quantum-computing/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Microsoft News Update (00:23:54)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss various Microsoft news topics, including the upcoming end of life for Windows 10 and the options for extended security updates. They also delve into the exciting news of the Windows Subsystem for Linux becoming open source, the discontinuation of password autofill in Microsoft Authenticator, and the impactful work of Microsoft's Digital Crimes Unit in combating cyber threats.----------------------------------------------------YouTube Video Link: https://youtu.be/4hiaInM3O3I----------------------------------------------------Documentation:https://www.microsoft.com/en-us/windows/end-of-supporthttps://learn.microsoft.com/en-us/windows/whats-new/extended-security-updateshttps://www.theverge.com/news/669286/microsoft-windows-subsystem-for-linux-open-sourcehttps://support.microsoft.com/en-us/account-billing/changes-to-microsoft-authenticator-autofill-09fd75df-dc04-4477-9619-811510805ab6https://blogs.microsoft.com/on-the-issues/2025/05/21/microsoft-leads-global-action-against-favored-cybercrime-tool/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Microsoft Security Exposure Management (00:29:16)
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into Microsoft's new feature, Security Exposure Management (XSPM). They discuss the evolution of vulnerability management, the importance of understanding exposure management, and the five phases of continuous threat exposure management. The conversation also covers licensing requirements, the functionality of the exposure management portal, and the proactive approach to cybersecurity that this new feature embodies. The hosts emphasize the need for organizations to adopt a holistic view of their security posture and to continuously assess their vulnerabilities and risks.----------------------------------------------------YouTube Video Link: https://youtu.be/fuHMhE4gRrA----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/security-exposure-management/microsoft-security-exposure-management----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Administrator protection on Windows 11, Multi-tenancy in Unified SOC (00:28:29)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the new security features of Windows 11, focusing on Administrator Protection and its implications for user privilege management. They also explore the advancements in Microsoft Sentinel, particularly the introduction of multi-tenancy and workspace management, which enhances security operations for organizations with multiple tenants. The discussion emphasizes the importance of these features in improving security and operational efficiency.----------------------------------------------------YouTube Video Link: https://youtu.be/n4IsSrLmPPc----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/windows-itpro-blog/administrator-protection-on-windows-11/4303482https://techcommunity.microsoft.com/blog/microsoftsentinelblog/whats-new-multi-tenancy-in-the-unified-security-operations-platform-experience-i/4225658https://techcommunity.microsoft.com/blog/microsoftsentinelblog/multi-workspace-for-multi-tenant-is-now-in-public-preview-in-microsofts-unified-/4398229https://learn.microsoft.com/en-us/unified-secops-platform/mto-overview----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Microsoft's Secure by Design journey - One year of success (00:44:15)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft's Secure Future Initiative (SFI), which aims to enhance security standards across its products and services. They delve into the implementation of mandatory multi-factor authentication, the transition to passwordless accounts, and the adoption of memory-safe programming languages. The conversation highlights the importance of user experience in security measures and the ongoing efforts to reduce vulnerabilities in software development. In this conversation, Andy Jaw and Adam Brewer discuss significant advancements in Windows security, including just-in-time admin access, the Pluton processor, and the integration of security features in Windows 11. They emphasize the importance of mandatory security practices at Microsoft, the role of Xbox in hardware security, and the need for transparency in vulnerability disclosures. The discussion also highlights the impact of security framework initiatives on employee behavior and the overall security posture of the organization.----------------------------------------------------YouTube Video Link: https://youtu.be/GctR4oEo_PI----------------------------------------------------Documentation:https://www.microsoft.com/en-us/security/blog/2025/04/17/microsofts-secure-by-design-journey-one-year-of-success/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Quick Recovery, Hotpatch, Copilot Podcast (00:35:38)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the new Quick Recovery feature in Windows 11, which automates device remediation during critical failures. They explore its implications for cybersecurity, the Windows Resiliency Initiative, and the importance of user feedback in feature development. The conversation also covers the Hot Patch feature, which allows for security updates without requiring user reboots, and the performance of Windows on ARM devices. Finally, they delve into Copilot's new podcast generation feature, highlighting its potential to enhance user learning.----------------------------------------------------YouTube Video Link: https://youtu.be/emZcf3WvHb0----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/windows-itpro-blog/get-started-with-quick-machine-recovery-in-windows/4398487https://techcommunity.microsoft.com/blog/windows-itpro-blog/hotpatch-for-windows-client-now-available/4399808https://www.msn.com/en-us/news/technology/copilot-can-now-turn-your-favorite-topics-into-a-virtual-podcast-that-you-can-partake-in/ar-AA1CjDld----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- CVE Program under fire, NLRB whistleblower, Microsoft Zero-Day (00:30:25)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical updates in cybersecurity, focusing on the funding crisis of the CVE program, concerns over government efficiency and data security, and the recent Microsoft CLFS vulnerability that led to ransomware threats. They emphasize the importance of maintaining a centralized database for vulnerability tracking and the risks associated with data handling in government agencies.----------------------------------------------------YouTube Video Link: https://youtu.be/V6kCi3H-yLY----------------------------------------------------Documentation:https://www.theverge.com/news/649835/cve-cybersecurity-program-contract-renewedhttps://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-musk-spacex-securityhttps://www.microsoft.com/en-us/security/blog/2025/04/08/exploitation-of-clfs-zero-day-leads-to-ransomware-activity/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
- Side-by-Side with Third-Party Products (00:40:32)
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the integration of Microsoft Security Solutions with third-party security tools. They explore how organizations can leverage Microsoft Defender for Endpoint, Defender for Office, Entra, Intune, and Cloud Access Security Broker solutions to enhance their security posture. The conversation emphasizes the importance of utilizing existing tools to gain additional insights and telemetry, ensuring a more robust security framework without conflicts or performance degradation.----------------------------------------------------YouTube Video Link: https://youtu.be/kE2cVwjPzYs----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-compatibilityhttps://learn.microsoft.com/en-us/intune/intune-service/protect/device-compliance-partners#supported-device-compliance-partnershttps://learn.microsoft.com/en-us/defender-cloud-apps/zscaler-integrationhttps://learn.microsoft.com/en-us/defender-cloud-apps/additional-integrations----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com