Blue Security

Blue Security

A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.

Episodes

October 8, 2024 39 mins

Summary

In this episode of the BlueScarity Podcast, hosts Andy Jaw and Adam Brewer discuss the evolution of password guidelines, focusing on the recent updates from NIST and Microsoft. They explore the implications of these changes, emphasizing the importance of understanding human behavior in password security and the need for organizations to adopt passwordless solutions. The conversation highlights practical steps for reducing r...

Mark as Played

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the critical topic of token theft in identity management. They discuss the importance of multi-factor authentication (MFA) as a primary defense against identity attacks, the nature of tokens, and how attackers exploit vulnerabilities to steal these tokens. The conversation highlights the introduction of token binding as a new protective ...

Mark as Played

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer celebrate four years of podcasting, reflecting on their journey and the importance of providing actionable insights to their audience. They discuss the significance of education in technology, particularly in relation to Microsoft products and the recent deprecation of WSUS. The conversation also covers the implications of Apple's latest OS rel...

Mark as Played

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the world of containers, exploring their functionality, differences from virtual machines, and the importance of securing them. They discuss key tools like Docker and Kubernetes, and introduce Microsoft's Defender for Containers as a solution for managing security in containerized environments. The conversation emphasizes the simplic...

Mark as Played
September 10, 2024 48 mins

Summary

In this episode, Andy and Adam discuss the key findings from IBM's report on the costs of a data breach in 2024. They cover topics such as the increase in the cost of data breaches, the use of security AI and automation, the cyber skills shortage, the challenges of shadow data, and the importance of insider risk management. They also highlight the need for password protection, fish-resistant MFA, and data consolidation,...

Mark as Played
September 3, 2024 39 mins

Summary

In this episode of the Blue Security Podcast, Andy and Adam discuss Entra Suite, a new package from Microsoft that includes various Entra products and solutions. They provide an overview of each component, including Entra Private Access, Entra Internet Access, Entra ID Governance, Entra ID Protection, and Entra Verified ID. They highlight the benefits and use cases of each component and discuss the pricing options. They als...

Mark as Played
August 27, 2024 40 mins

Summary

In this episode, Andy and Adam discuss various resources and methods for getting training and learning about Microsoft and other technology solutions. They cover topics such as official documentation, certification tracks, Ninja training, Microsoft Mechanics, the Tech Community, customer connection programs, building a personal lab, and the importance of having a supportive network.

Takeaways

- learn.microsoft.com is the of...

Summary

In this episode of the Blue Security Podcast, Andy and Adam discuss several cybersecurity news stories. They cover the hack of the Trump campaign's emails by Iranian hackers, the breach of the National Public Data records, and Microsoft's new requirement for admins to enable multi-factor authentication (MFA). They also touch on the importance of data privacy and the need for companies to be responsible stewards of c...

Summary

In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft's Defender for Storage, a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. They highlight the three major impacts on data workloads: malicious file uploads, sensitive data exfiltration, and data corruption. The solution offers activity monitoring, malware scanning, and sensitive data threat detec...

Mark as Played

Summary

In this episode of the Blue Security Podcast, Andy and Adam discuss new features and updates in Intune, including autopilot for existing devices, Intune enrollment attestation, and mobile application management (MAM). They explain how autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence. They also highlight the importance of monitoring de...

Mark as Played

Summary

In this episode of the Blue Security Podcast, Andy and Adam discuss Defender CSPM (Cloud Security Posture Management). They explain that CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations. They highlight the key capabilities of CSPM, including automation, monitoring and managing IaaS, SaaS, and PaaS platforms, and ensuring regulatory compliance. They also introduce Defen...

Mark as Played
July 22, 2024 50 mins

Summary

In this episode of the Blue Security Podcast, Andy and Adam discuss the aftermath of the CrowdStrike failed software update. They express empathy for those impacted by the incident and discuss the importance of collaboration in the cybersecurity industry. They also explore the need for transparency from security vendors and the potential impact on cybersecurity teams and funding. The conversation touches on the level of acc...

Mark as Played
July 16, 2024 40 mins

Summary

In this episode, Andy and Adam discuss a blog post titled 'Cybersecurity is Full' that challenges the hype around cybersecurity careers. They explore the saturation of the field, the value of certifications and conferences, the optional nature of cybersecurity in organizations, and the stress and challenges of the industry. They emphasize the importance of having a strong foundation in technology before pursuing a c...

Mark as Played

In this episode of the Blue Security Podcast, Andy and Adam discuss Defender for Servers, a cloud security solution offered by Microsoft. They explain that Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers. They discuss the different plans available, including Plan 1 and Plan 2, which offer varying levels of endpoint protection and vulnerabil...

Mark as Played
July 2, 2024 39 mins

In this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by default feature in EOP and the use of admin submissions to report false positives an...

Mark as Played

In this episode, Andy and Adam discuss three cybersecurity news stories. They talk about a small town in Massachusetts that lost over $445,000 in an email scam, the Biden administration's ban on Kaspersky antivirus software, and a cyber attack on Crown Equipment, a forklift manufacturer. The main takeaways from the conversation are the importance of cybersecurity training, the need for secure remote access methods, and the impa...

Mark as Played

In this episode of the Blue Security Podcast, Andy and Adam discuss three main topics: the unauthorized user access at Snowflake, the cybersecurity issue at Finley Automotive Group, and the cyber threats surrounding the upcoming Olympics in Paris. They highlight the importance of implementing strong security controls like multi-factor authentication and regular credential rotation. They also emphasize the need for organizations to ...

Mark as Played

In this episode, Andy and Adam discuss the updates and clarifications made by Microsoft regarding the security concerns surrounding the Recall feature on Copilot Plus PCs. They highlight the changes, such as the option to proactively enable Recall during the out-of-box experience, the requirement of Windows Hello enrollment and proof of presence for accessing Recall, and the additional layers of protection, including just-in-time d...

The conversation covers three primary themes: Ticketmaster data breach, Slack's data scraping, and Windows Recall feature. The Ticketmaster breach is discussed in detail, highlighting the stolen data, phishing risks, and the importance of password management. The conversation then shifts to Slack's data scraping controversy, addressing concerns about privacy and opt-in policies. Finally, the Windows Recall feature is explor...

Mark as Played
May 28, 2024 39 mins

In this episode of the Blue Security Podcast, Andy and Adam discuss the security and privacy announcements from Microsoft Build. They cover topics such as AI content safety, Copilot capabilities, security enhancements in Microsoft Edge, and new Windows security features. They also touch on the deprecation of NTLM and the introduction of Copilot Plus PCs with Qualcomm's new dev kit for Windows. Overall, the episode highlights th...


Popular Podcasts

    If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.

    2. Dateline NBC

    Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.

    3. Crime Junkie

    If you can never get enough true crime... Congratulations, you’ve found your people.

    4. The Clay Travis and Buck Sexton Show

    The Clay Travis and Buck Sexton Show. Clay Travis and Buck Sexton tackle the biggest stories in news, politics and current events with intelligence and humor. From the border crisis, to the madness of cancel culture and far-left missteps, Clay and Buck guide listeners through the latest headlines and hot topics with fun and entertaining conversations and opinions.

    5. The Bobby Bones Show

    Listen to 'The Bobby Bones Show' by downloading the daily full replay.

Advertise With Us
Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

© 2024 iHeartMedia, Inc.