Share Blue Security
Share to email
Share to Facebook
Share to X
By Andy Jaw & Adam Brewer
4.7
1414 ratings
The podcast currently has 211 episodes available.
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer celebrate four years of podcasting, reflecting on their journey and the importance of providing actionable insights to their audience. They discuss the significance of education in technology, particularly in relation to Microsoft products and the recent deprecation of WSUS. The conversation also covers the implications of Apple's latest OS release and the challenges faced by enterprise users. Finally, they emphasize the need for resilience in technology and the importance of having backup plans in place.
YouTube Video Link: https://youtu.be/cIcE-hXtCNs
----------------------------------------------------
Documentation:
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-server-update-services-wsus-deprecation/ba-p/4250436
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the world of containers, exploring their functionality, differences from virtual machines, and the importance of securing them. They discuss key tools like Docker and Kubernetes, and introduce Microsoft's Defender for Containers as a solution for managing security in containerized environments. The conversation emphasizes the simplicity and efficiency of containers, while also addressing the shared responsibility of security in modern application development.
----------------------------------------------------
YouTube Video Link: https://youtu.be/zjhIC4IoxgE
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode, Andy and Adam discuss the key findings from IBM's report on the costs of a data breach in 2024. They cover topics such as the increase in the cost of data breaches, the use of security AI and automation, the cyber skills shortage, the challenges of shadow data, and the importance of insider risk management. They also highlight the need for password protection, fish-resistant MFA, and data consolidation, as well as the benefits of using generative AI tools. The episode concludes with a reminder to not be afraid of AI and to embrace its potential to enhance productivity and efficiency.
----------------------------------------------------
YouTube Video Link: https://youtu.be/mbwJGjg7g0s
----------------------------------------------------
Documentation:
https://www.ibm.com/downloads/cas/1KZ3XE9D
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss Entra Suite, a new package from Microsoft that includes various Entra products and solutions. They provide an overview of each component, including Entra Private Access, Entra Internet Access, Entra ID Governance, Entra ID Protection, and Entra Verified ID. They highlight the benefits and use cases of each component and discuss the pricing options. They also emphasize the importance of using open standards and collaboration in the identity space.
----------------------------------------------------
YouTube Video Link: https://youtu.be/9zlC8NmBEp8
----------------------------------------------------
Documentation:
https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-suite-now-generally-available/ba-p/2520427
https://learn.microsoft.com/en-us/entra/global-secure-access/concept-private-access
https://learn.microsoft.com/en-us/entra/global-secure-access/concept-internet-access
https://learn.microsoft.com/en-us/entra/id-governance/identity-governance-overview
https://learn.microsoft.com/en-us/entra/id-governance/licensing-fundamentals
https://learn.microsoft.com/en-us/entra/id-protection/overview-identity-protection
https://learn.microsoft.com/en-us/entra/verified-id/decentralized-identifier-overview
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode, Andy and Adam discuss various resources and methods for getting training and learning about Microsoft and other technology solutions. They cover topics such as official documentation, certification tracks, Ninja training, Microsoft Mechanics, the Tech Community, customer connection programs, building a personal lab, and the importance of having a supportive network.
Takeaways
- learn.microsoft.com is the official documentation and training resource for Microsoft products and solutions.
- Microsoft offers certification tracks for various roles and technologies, and free training is available for these certifications.
- Ninja training provides deep dives and technical content on security, compliance, and other Microsoft products.
- Microsoft Mechanics is a YouTube channel and podcast that offers bite-sized videos on various Microsoft technologies.
- Building a personal lab using virtualization software or cloud services is a great way to gain hands-on experience.
- Having a supportive network of coworkers and friends who are curious and willing to share experiences can greatly enhance learning and professional growth.
----------------------------------------------------
YouTube Video Link: https://youtu.be/5cgUfci9M9c
----------------------------------------------------
Documentation:
https://rodtrent.substack.com/p/all-the-microsoft-ninja-training
https://www.youtube.com/@MSFTMechanics
https://www.youtube.com/@MicrosoftSecurity
https://techcommunity.microsoft.com/t5/security-compliance-and-identity/bg-p/MicrosoftSecurityandCompliance
https://aka.ms/joinccp
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss several cybersecurity news stories. They cover the hack of the Trump campaign's emails by Iranian hackers, the breach of the National Public Data records, and Microsoft's new requirement for admins to enable multi-factor authentication (MFA). They also touch on the importance of data privacy and the need for companies to be responsible stewards of consumer data.
Takeaways
-Iranian hackers targeted the Trump campaign's emails in an attempt to influence the US presidential election.
-The breach of the National Public Data records compromised personal information for billions of individuals, highlighting the need for stronger data privacy regulations.
-Microsoft is enforcing the use of multi-factor authentication (MFA) for admins to enhance security and reduce the risk of account takeovers.
-Companies should prioritize data security and be responsible stewards of consumer data, minimizing data collection and protecting it from unauthorized access.
----------------------------------------------------
YouTube Video Link: https://youtu.be/xFPPyec6GJQ
----------------------------------------------------
Documentation:
https://blogs.microsoft.com/on-the-issues/2024/08/08/iran-targeting-2024-us-election/
https://npd.pentester.com/search
https://www.bleepingcomputer.com/news/microsoft/microsoft-enable-mfa-or-lose-access-to-admin-portals-in-october/
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft's Defender for Storage, a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. They highlight the three major impacts on data workloads: malicious file uploads, sensitive data exfiltration, and data corruption. The solution offers activity monitoring, malware scanning, and sensitive data threat detection. They also mention the pricing model, the integration with Microsoft Purview, and the ease of deployment using Azure Policy and Logic Apps.
Takeaways
-Defender for Storage is a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage.
-The solution protects against malicious file uploads, sensitive data exfiltration, and data corruption.
-It offers activity monitoring, malware scanning, and sensitive data threat detection.
-Integration with Microsoft Purview allows for seamless inheritance of sensitivity settings.
-Deployment can be done through the Azure portal, Azure Policy, or infrastructure as code using the REST API.
-Logic Apps can be used to automate responses and streamline security operations.
-A pre-purchase plan is available for Defender for Cloud workloads, offering programmatic discounts and predictable billing.
----------------------------------------------------
YouTube Video Link: https://youtu.be/_DNCcy4V5Uo
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
LinkedIn: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss new features and updates in Intune, including autopilot for existing devices, Intune enrollment attestation, and mobile application management (MAM). They explain how autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence. They also highlight the importance of monitoring device enrollments and implementing security measures such as requiring a pin for app access and blocking third-party keyboards.
Takeaways
- Autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence.
- Monitoring device enrollments and implementing security measures such as requiring a pin for app access and blocking third-party keyboards are important for protecting corporate data.
-Intune enrollment attestation stores the MDM ID in the TPM of the device, preventing attacks that export the MDM device to attack other devices.
-Mobile application management (MAM) is a lightweight way to protect corporate data on unmanaged devices, and it can be used in conjunction with MDM on managed devices.
-MAM capabilities are now available for Windows 365 and AVD clients on Windows, iOS, PadOS, and Android clients, allowing for more secure access to corporate data.
----------------------------------------------------
YouTube Video Link: https://youtu.be/R8GYUQjr7ds
----------------------------------------------------
Documentation:
https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-upcoming-changes-for-deploying-windows-autopilot-for/ba-p/4181554
https://learn.microsoft.com/en-us/autopilot/existing-devices
https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-attestation#resources
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/mam-preview-for-windows-365-and-azure-virtual-desktop/ba-p/4171051
https://learn.microsoft.com/en-us/mem/intune/protect/mobile-threat-defense
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss Defender CSPM (Cloud Security Posture Management). They explain that CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations. They highlight the key capabilities of CSPM, including automation, monitoring and managing IaaS, SaaS, and PaaS platforms, and ensuring regulatory compliance. They also introduce Defender CSPM, a paid subscription service that offers additional features such as agentless scanning, container vulnerability assessments, and DevOps security. They mention the inclusion of Entra Permissions Management and external attack surface management in Defender CSPM. They emphasize the value of Defender CSPM for regulatory compliance and the ease of reporting on security posture against specific standards.
Takeaways
-CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations.
-Defender CSPM is a paid subscription service that offers additional features such as agentless scanning, container vulnerability assessments, and DevOps security.
-Defender CSPM includes Entra Permissions Management and external attack surface management.
-Defender CSPM is valuable for regulatory compliance and provides ease of reporting on security posture against specific standards.
----------------------------------------------------
YouTube Video Link: https://youtu.be/lqvWnxyQqVs
----------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-cloud-security-posture-management
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-cloud-introduction#protect-cloud-workloads
https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-devops-environment-posture-management-overview
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
Summary
In this episode of the Blue Security Podcast, Andy and Adam discuss the aftermath of the CrowdStrike failed software update. They express empathy for those impacted by the incident and discuss the importance of collaboration in the cybersecurity industry. They also explore the need for transparency from security vendors and the potential impact on cybersecurity teams and funding. The conversation touches on the level of access that security solutions have and the need for a balanced approach. They emphasize the importance of having an incident response plan and implementing deployment rings for security updates.
----------------------------------------------------
YouTube Video Link: https://youtu.be/_ajB1t89VrQ
----------------------------------------------------
Documentation:
https://www.crowdstrike.com/blog/falcon-update-for-windows-hosts-technical-details/
https://www.linkedin.com/posts/racheltobac_lets-get-actionable-criminals-will-attempt-activity-7220134391350538240-8ZNN/
https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/
https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959
----------------------------------------------------
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
The podcast currently has 211 episodes available.
1,916 Listeners
352 Listeners
608 Listeners
357 Listeners
981 Listeners
299 Listeners
367 Listeners
910 Listeners
7,609 Listeners
134 Listeners
180 Listeners
297 Listeners
66 Listeners
101 Listeners
31 Listeners