A twice-monthly podcast dedicated to all things relating to Security, Privacy, Compliance and Reliability on the Microsoft Cloud Platform. Hosted by Microsoft security experts, Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos. https://aka.ms/azsecpod ©2020-2025 Michael Howard, Sarah Young, Gladys Rodriquez, and Mark Simos.
Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos 2022
Apr 30, 2026Episodes (126)
Episode 127: Threat intel update and AI
Apr 30, 202635m
In this episode, Michael, Sarah and Mark talk with Sherrod DeGrippo about some of the latest tactics and strategies used by modern threat actors, we also wander into the AI security weeds! We only have one news item rela
Episode 126: Microsoft Baseline Security Mode
Mar 21, 202636m#126
In this episode, Michael and Sarah talk to Sophie Ke and Dave Minasyan about Microsoft Baseline Security Mode, a new feature to help ease security settings. We also cover the latest Azure security news including Microsof
Episode 125: Origins of MITRE ATT&CK
Feb 27, 202634m#125
In this episode Michael and Mark talk with guest Blake Strom about the origins of the MITRE ATT&CK framework, how it was developed, and how it has evolved over time. We also discuss how the framework is used in the indus
Episode 124: Microsoft Security Response Center for AI
Jan 30, 202629m#124
In this episode Michael talks to Raji Vanninathan about the Microsoft Security Response Center for AI. We also cover security news about AKS Deployment Safeguards policies. https://aka.ms/azsecpod
Episode 123: Agentic Identity
Jan 21, 202636m#123
In this episode, Michael, Sarah and Mark talk to Nick Wryter about agentic AI identity, with a big focus on least privilege issues. We also cover news about: Microsoft AI Tour Azure Database for PostgresSQL Azure MCP Ser
Episode 122: Microsoft Ignite 2025 Wrap-up
Dec 15, 202532m
In this episode Michael, Sarah and Mark discuss security-related topics from the recent Microsoft Ignite 2025 event. Lots of AI-related security topics, including using AI for security and defending AI systems. Bitlocker
Episode 121: New Open Group Security Standards Documentation
Nov 21, 202547m#121
In this episode Michael and Sarah talk with co-host Mark Simos about new security standards documentation from the Open Group. It's a long episode but worth it! We also discuss Azure Security news about Private Endpoints
Episode 120: The Zero Trust Workshop (and so much more!)
Oct 29, 202558m#120
In this episode Michael talks with guest Merill Fernando about the Zero Trust Workshop, but we also spend time talking about all things identity! Merill's final thought is pure gold, too! The only bit of news is about Az
Episode 119: Pedantic Security Wording and Taxonomies
Oct 9, 202539m#119
In this episode Michael, Sarah and Mark talk with guest Ryen Macababbad, Principal Security Program Manager at Microsoft about her current work on standardizing security terminology and taxonomy across Microsoft. Also, h
Episode 118 - Quantum Cryptography and Quantum Computing with Mark Russinovich
Sep 19, 202533m#118
In this episode Michael and Mark talk with guest Mark Russinovich, Technical Fellow, Deputy CISO and Chief Technology Officer of Microsoft Azure about quantum cryptography and quantum computing and its implications for s
Episode 117: Cloud Gaming Security
Aug 29, 202543m#117
In this episode Michael and Sarah talk to Russ Rogers from the Xbox team about gaming security in general and Xbox specifically. This is the first time we have covered the topic! There is also so much news, we really lis
Episode 116: Microsoft Sentinel Data Lake
Jul 31, 202540m#116
In this episode Michael, Sarah and Mark talk to Mark Kendrick about Microsoft Sentinel Data Lake. We also cover news about The Open Group - Roles and Glossary standards, Security Adoption Module 5 - Data Security, Micros
Episode 115: Security in Model Context Protocol (MCP)
Jul 10, 202551m#115
In this episode, Michael, Sarah and Mark talk to Den Delimarksy about the current posture of Model Context Protocol. Den serves on the committee that oversees MCP. We also cover the latest security news about Azure Firew
Episode 114: SQL Server 2025 Security Improvements
Jun 9, 202525m#114
In this episode, Michael talks to Pieter Vanhove and Pratim Dasgupta about the new security changes in SQL Server 2025. The news includes updates on MCP, Private Link and Microsoft Build 2025 security sessions presented
Episode 113: Microsoft Red Team
May 16, 202535m#113
In this episode, Michael, Sarah, and Mark talk to Craig Nelson, VP of the Microsoft Red Team about how the Red Team works to help secure Microsoft and its customers. In life, there are things you know you know, things yo
Episode 112: Security Copilot Agents
May 13, 202529m#112
In this episode Michael talks with guest Ran Munsch, Principal Product Manager at Microsoft about Security Copilot and Security Copilot Agents. We also discuss Azure Security news about System.Data .SqlClient, April 2025
Episode 111: Securing Agentic AI
Apr 17, 202523m#111
In this episode Michael and Sarah talk with guest Amanda Minnich about securing agentic AI systems, the security challenges they face, and how to secure them. We also discuss Azure Security news about Azure File Sync, Do
Episode 110: Securing GenAI Applications with Entra (3 of 4): Monitoring and More
Apr 1, 202540m#110
In this episode Michael and Gladys talk to Sharon Chahal who is a Principal Program Manager in the Identity team at Microsoft about monitoring and auditing when building GenAI applications. We also cover other related to
Episode 109: Securing GenAI Applications with Entra (2 of 4) - Overpermissioning
Feb 19, 202537m#109
In this episode, Michael, Gladys and Mark talk to guest Bailey Bercik about the problem of overpermissioning and how to use Microsoft Entra Permissions Management to identify and manage over-permissioned identities in mu
Episode 108: Securing GenAI Applications with Entra
Jan 20, 202522m#108
In this episode Michael, Gladys, Mark and Sarah talk to guest Diana Vicezar from the Microsoft Entra team about security Generative AI applications. Note, this is a short, simple intro episode to introduce three follow-o
Episode 107: Secure by default and Copilot Overshare Blueprints
Jan 6, 202537m#107
Happy New Year! In this episode Michael, Sarah and Mark talk to Maxime Bombardier and Emily Blundo about the Secure by default and Copilot overshare blueprints. We also cover news about Always Encrypted Assessment in SQL
Episode 106: Microsoft Ignite Security Wrap-up
Dec 10, 202444m#106
In this episode, Michael, Mark, and Sarah go over what they found interesting from Microsoft Ignite. Mark has a discount code for his Zero Trust Book, too. https://aka.ms/aszecpod
Episode 105: Azure and Entra ID Security Tools
Nov 22, 202436m#105
In this episode, Michael, Sarah, and Mark talk to Merill Fernando about a set of open source tools he and his team have developed to help people understand their Azure and Entra ID security postures. We also cover news a
Episode 104: The Post Bluehat Wrap-up
Nov 8, 202437m#104
In this episode, Michael talks to Nic Fillingham about the recent Microsoft Bluehat Security conference held at the Microsoft HQ in Redmond, WA. We also discuss how to tell the NZ and Australian accents apart. This alone
Episode 103: Security Conferences and Bluehat
Oct 17, 202448m#103
In this episode we speak to Nic Fillingham who is a Senior Program Manager at Microsoft about security conferences and mainly about the Microsoft Bluehat conference he runs. We also discuss security about PostgreSQL, Cos