Blue Security

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the integration of Microsoft Security Solutions with third-party security tools. They explore how organizations can leverage Microsoft Defender for Endpoint, Defender for Office, Entra, Intune, and Cloud Access Security Broker solutions to enhance their security posture. The conversation emphasizes the importance of utilizing existing tools ...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft's Automatic Attack Disruption feature, particularly focusing on its integration with OAuth protection. They discuss the risks associated with OAuth applications, the importance of signal correlation in detecting and mitigating attacks, and the capabilities of Microsoft's Defender XDR platform. The conv...

Summary

In this episode, Andy and Adam discuss a significant breach of sensitive military information that was leaked through a Signal chat involving high-level government officials. They explore the implications of this breach, the role of technology in government security, and the human errors that led to the violation of established policies. The conversation delves into the cultural influences on compliance, the challenges posed...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft Entra's conditional access. They explore the fundamental concepts of conditional access, its policies, and the integration of identity management with device management. The discussion highlights the importance of risk assessment, granular control, and the various conditions that can be applied to access c...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of granting secure access to third-party vendors and contractors. They discuss the best practices for managing elevated permissions, the implications of B2B collaboration, and the importance of lifecycle management for contractor accounts. The conversation also covers licensing considerations for external identities and c...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with cybersecurity architect Karl Niblock to discuss the evolution of logging practices in security information and event management (SIEM) systems. The conversation explores the shift from a 'log everything' mentality to a more strategic approach that emphasizes quality over quantity in data ingestion. Karl highlights the challenges ...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with Ray Wolfram, Senior Product Manager for Defender Experts at Microsoft. Ray shares her extensive background in healthcare IT and cybersecurity, detailing her journey to Microsoft and the impact of COVID-19 on the cybersecurity landscape. The conversation delves into the two offerings of Defender Experts: Defender Experts for Hunting and D...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the ongoing battle between governments and tech companies over encryption, focusing on Apple's recent response to the UK government's demands for access to iCloud data. They explore the implications of Apple's decision to disable advanced data protection for UK users and the broader context of encryption in cybersecurity. The con...

Summary

In this episode, Andy and Adam discuss the evolution of messaging security, focusing on end-to-end encryption and the implications of RCS messaging. They explore the recent market reactions to AI developments, particularly the impact of the DeepSeek app on Nvidia's stock value and delve into the nuances of AI model efficiency and its potential effects on the tech industry. In this conversation, Adam Brewer and Andy Jaw e...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of securing CI/CD environments, highlighting the risks associated with these systems and the best practices for mitigating vulnerabilities. They delve into specific threats, including insecure code and supply chain compromises, and emphasize the need for a collaborative approach between security professionals and developers t...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft FastTrack with guest Thomas Finney. They explore the benefits and eligibility of FastTrack, which is designed to help organizations adopt and deploy Microsoft 365 services. The conversation covers various aspects of FastTrack, including various Microsoft services, focusing on Defender, Entra, Intune, Microsoft Viva, Windows deploy...

Summary

In this episode of the Blue Security Podcast, host Andy Jaw and co-host Adam Brewer welcome Brodie Cassell, a principal security consultant at Microsoft. Brodie shares his journey from various IT roles to his current position at Microsoft, discussing the importance of adapting to new technologies and the challenges of data security in the age of AI. The conversation delves into the significance of a holistic approach to sec...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the Zero Trust Maturity Model and its implications for organizations looking to enhance their cybersecurity posture. They delve into CISA's guidance and Microsoft's mapping of this model, emphasizing the importance of prescriptive guidance in navigating the complexities of cybersecurity. The conversation also touches on the distinction betw...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest cybersecurity trends, focusing on CISA's Scuba Project and its implications for federal agencies. They explore the transition to cloud-based passwordless authentication, the Binding Operational Directive 25-01, and provide prescriptive guidance for security configurations. The conversation emphasizes the importance of modernizing...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant cybersecurity updates, including the indictment of a Chinese hacker involved in attacks on Sophos firewalls. They explore the growing competition from Chinese electric vehicle manufacturers and the vulnerabilities of digital license plates. The conversation also covers the investigation into TP-Link routers due to national secur...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest developments in Azure cloud security, focusing on the Defender solutions for Resource Manager, DNS, and AI workloads. They emphasize the importance of protecting these foundational elements of Azure, particularly the Resource Manager, which serves as the control plane for all resources. The conversation also touches on the emergi...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of cloud security, focusing on Microsoft's Defender services. They explore Defender for App Service, highlighting its ease of activation and the security recommendations it provides. The conversation then shifts to Defender for Databases, detailing its capabilities in protecting SQL databases from various threats, including S...

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into Azure Key Vault and its security features, particularly focusing on Defender for Key Vault and Defender for API. They discuss the importance of securely managing sensitive information, the ease of deploying these security solutions, and the critical need for visibility and threat detection in cloud environments. The conversation highligh...

Summary

In this episode, Andy and Adam discuss various resources available for training on Microsoft technologies. They emphasize the importance of the Learn Microsoft portal, highlight the benefits of Ninja training for deep dives into specific topics, and recommend various YouTube channels for bite-sized learning. The conversation also covers the significance of tech community blogs, hands-on learning through applied skills, and ...