Applying "Assume Breach" to Layoffs
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the recent layoffs at Microsoft and the broader implications for the tech industry. They share personal experiences and insights on navigating job loss, the randomness of layoffs, and the importance of preparation. The conversation also covers practical advice for job seekers, including tips for interviews and negotiating severance packages. The hosts emphasize the need for continuous networking and maintaining an updated resume to stay prepared for unexpected career changes.----------------------------------------------------YouTube Video Link: https://youtu.be/mDZXNqmGpas----------------------------------------------------Documentation:https://www.cnn.com/2025/07/02/tech/microsoft-layoffs-9000-employees----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
8 Jul 55min
CIAM Deployment Guide; external authentication methods
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the intricacies of Entra External ID, a customer identity and access management solution. They discuss the importance of security considerations in application development, the risks associated with customer-facing technologies, and the need for effective authentication methods. The conversation also touches on international revenue share fraud and the implementation of authentication context to enhance security measures. The episode concludes with insights on external authentication methods and their integration into existing systems, emphasizing the collaborative nature of cybersecurity.----------------------------------------------------YouTube Video Link: https://youtu.be/SKxShnv6z3I----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/entra/architecture/deployment-external-operationshttps://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-external-method-manage----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
1 Jul 26min
Securing AI Agents; Using AI Agents for Security
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the emerging concept of AI agents, their implications for security, and how Microsoft is integrating these technologies into their solutions. They explore the evolution of AI from simple prompt-response interactions to autonomous agents capable of making decisions and taking actions. The conversation highlights the importance of security in the development of AI technologies and introduces the Conditional Access Optimizer, a tool designed to enhance security policies within organizations.----------------------------------------------------YouTube Video Link: https://youtu.be/v45Tzw8VbiM----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/microsoft-entra-blog/the-future-of-ai-agents%E2%80%94and-why-oauth-must-evolve/3827391https://learn.microsoft.com/en-us/defender-xdr/phishing-triage-agenthttps://www.microsoft.com/en-us/security/blog/2025/05/19/microsoft-extends-zero-trust-to-secure-the-agentic-workforce/https://learn.microsoft.com/en-us/entra/identity/conditional-access/agent-optimization----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
24 Jun 29min
JP Morgan's CISO open letter, Microsoft & Crowdstrike working together on threat intel
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the implications of JP Morgan's open letter to SaaS vendors, emphasizing the need for improved security practices in the software industry. They explore the challenges posed by the SaaS model, the importance of collaboration among security practitioners, and Microsoft's initiatives to enhance security. The conversation also highlights a new partnership between Microsoft and CrowdStrike aimed at standardizing threat intelligence naming conventions, showcasing the importance of teamwork in cybersecurity.----------------------------------------------------YouTube Video Link: https://youtu.be/EL0OfDiyQg0----------------------------------------------------Documentation:https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliershttps://www.microsoft.com/en-us/security/blog/2025/06/02/announcing-a-new-strategic-collaboration-to-bring-clarity-to-threat-actor-naming/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
17 Jun 38min
Microsoft Deputy CISOs, Defending Identity Attacks
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the formation and function of the Cybersecurity Governance Council at Microsoft, highlighting the roles of various deputy CISOs and their focus on specific security areas. They delve into misconceptions in cybersecurity, the importance of shared responsibility, and the evolving techniques used in identity attacks. The conversation emphasizes the need for robust security measures, including fish-resistant MFA and conditional access policies, while also addressing emerging threats like device code phishing and OAuth consent phishing. The episode concludes with practical recommendations for organizations to enhance their identity security practices.----------------------------------------------------YouTube Video Link: https://youtu.be/jvDK8WNYdrQ----------------------------------------------------Documentation:https://www.microsoft.com/en-us/security/blog/2025/04/08/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity/https://www.microsoft.com/en-us/security/blog/2025/05/29/defending-against-evolving-identity-attack-techniques/https://techcommunity.microsoft.com/blog/microsoft-entra-blog/tls-inspection-now-in-microsoft-entra-internet-access/4395972----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
10 Jun 39min
Windows 11 Security Book
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into the critical aspects of Windows security, focusing on the recently published Windows 11 security book. They discuss various security features, including hardware security, operating system enhancements, application security, identity protection, privacy features, and cloud services. The conversation emphasizes the evolution of Windows security, the importance of balancing security with user configurability, and the ongoing efforts by Microsoft to enhance security across its platforms.----------------------------------------------------YouTube Video Link: https://youtu.be/P6NerTxY3gA----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/windows/security/book/https://news.microsoft.com/source/features/ai/microsofts-majorana-1-chip-carves-new-path-for-quantum-computing/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
3 Jun 37min
Microsoft News Update
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss various Microsoft news topics, including the upcoming end of life for Windows 10 and the options for extended security updates. They also delve into the exciting news of the Windows Subsystem for Linux becoming open source, the discontinuation of password autofill in Microsoft Authenticator, and the impactful work of Microsoft's Digital Crimes Unit in combating cyber threats.----------------------------------------------------YouTube Video Link: https://youtu.be/4hiaInM3O3I----------------------------------------------------Documentation:https://www.microsoft.com/en-us/windows/end-of-supporthttps://learn.microsoft.com/en-us/windows/whats-new/extended-security-updateshttps://www.theverge.com/news/669286/microsoft-windows-subsystem-for-linux-open-sourcehttps://support.microsoft.com/en-us/account-billing/changes-to-microsoft-authenticator-autofill-09fd75df-dc04-4477-9619-811510805ab6https://blogs.microsoft.com/on-the-issues/2025/05/21/microsoft-leads-global-action-against-favored-cybercrime-tool/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
27 Mai 23min
Microsoft Security Exposure Management
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam delve into Microsoft's new feature, Security Exposure Management (XSPM). They discuss the evolution of vulnerability management, the importance of understanding exposure management, and the five phases of continuous threat exposure management. The conversation also covers licensing requirements, the functionality of the exposure management portal, and the proactive approach to cybersecurity that this new feature embodies. The hosts emphasize the need for organizations to adopt a holistic view of their security posture and to continuously assess their vulnerabilities and risks.----------------------------------------------------YouTube Video Link: https://youtu.be/fuHMhE4gRrA----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/security-exposure-management/microsoft-security-exposure-management----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
20 Mai 29min
