2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. Having a list of the libraries that internal applications depend on helps you respond in a time of crisis, being able to answer the question "where are we vulnerable?" This leads to a conversation about better DevSecOps - where development, security, and operations all take security seriously and help each other to help the organization succeed! Links:Power AppsAzure SentinelSoftware Bill of MaterialsConfiguration Management DatabaseRecorded December 20, 2021

DevSecOps in 2022 with Jess Dodson

RunAs Radio is a weekly Internet Audio Talk Show for IT Professionals working with Microsoft products.

Technology

Tech News

Podcasting

Gadgets

Software How-To

Business

Investing

Careers

Management & Marketing

Business News

Shopping

What are the hard parts of machine learning? Richard chats with Lynn Langit about her work helping the Mayo Clinic improve patient outcomes using machine learning to understand patient data better. Lynn talks about the challenges of multi-modal data analytics - taking all the different data collected from a patient, like an X-ray or video, along with treatment notes, to create an overall picture of treatment and outcome. Then multiply that by thousands of patients, making a complicated data problem with huge challenges in testing and validation. How do you know that the machine learning model is correct? The key to practical machine learning is in the fundamentals - working on each step before you jump to the more complex goals! LinksLynn on GitHubBiomedCLIPEvaluation Metrics and Statistical Tests for Machine LearningGitHub Copilot WorkspaceGemini in BigQueryBasic Bioinformatics for ITHistoGPTRecorded May 17, 2024

The Hard Part of Machine Learning with Lynn Langit

Have you rolled out Microsoft Defender for Cloud? Richard chats with Yuri Diogenes about the bundle of tools under the Defender for Cloud moniker. Yuri describes Defender for Cloud as a Cloud-Native Application Protection Platform (CNAPP). This Gartner term covers the various elements that go into a cloud-native application, including APIs, servers, containers, storage, resource manager, and more! Defender for Cloud integrates with Microsoft Purview to understand data sensitivity, and Microsoft Sentinel helps detect breaches or data misuse. It also offers attack path analysis and remediation so you can get ahead of the attackers to close off potential breach risks before they happen! Check the links in the show notes for great resources, including an ebook on CNAPP strategy! LinksDefender for CloudOWASP Top 10 API Security RisksDefender for APIsMicrosoft SentinelData Security DashboardAttack PathsMicrosoft PurviewCloud Security Posture ManagementMicrosoft Copilot for SecuritySecurity Remediation with GovernanceDefender for Cloud ServiceNow IntegrationCNAPP Strategy EbookRecorded May 13, 2024

Microsoft Defender for Cloud with Yuri Diogenes

How can Microsoft Copilot make your intranet better? Richard chats with Susan Hanley about her experiences adding Copilot into the intranet via the Copilot Studio and Viva Engage. Susan talks about the challenges of getting your intranet data in order - most notably, archiving old information so that it doesn't clutter up a Copilot with out-of-date and inaccurate data. The conversation explores making smaller Copilots focused on specific domains, like company policy. It's still the early days for copilots, so there are some challenges to getting things done right, but the potential is there! LinksRestricting SharePoint SearchCopilot with Commercial Data ProtectionM365 CopilotMicrosoft Copilot StudioCopilot for Viva EngageViva ConnectionsViva SuiteAnswers in VivaRecorded May 10, 2024

Copilot in your Intranet with Susan Hanley

How are your company's Apple devices connected to the enterprise? Richard talks to Michael Epping about the recent additions in Entra that support the authentication of Apple MacOS and iPadOS devices. Michael discusses Apple's Secure Enclave as the equivalent of Trusted Platform Management in Windows. With Entra Platform SSO, you can now use that authentication to access Azure resources and, ultimately, on-premises Kerberos-secured resources! These features are still in public preview but fully supported, and more is coming! LinksMicrosoft IntuneWindows AutopilotMicrosoft Entra HybridMicrosoft Entra SSO Plug-in for Apple DevicesApple Secure EnclaveIntegrate Apple Devices with Microsoft Entra IDApple Automated Device EnrollmentEntra Conditional AccessmacOS Platform Single Sign-onJoin a Mac device with Microsoft Entra IDRecorded May 13, 2024

Apple and Microsoft Entra with Michael Epping

How can you use PowerApps to extend the functionality of other apps? Richard talks to Christina Wheeler about her efforts to teach folks to use PowerApps to add the functionality they need to Dynamics 365 and elsewhere! Christina talks about her move to Microsoft, shifting from SharePoint to PowerApps, but still essentially doing the same thing - finding customer solutions. The conversation ranges over the power of the Dataverse to provide access to all sorts of data and the emerging role of the Microsoft Copilot Studio to build custom copilots for your organization.  LinksDataverseConnect to Dynamics 365 from Power AppsXrmToolboxModel-Driven Apps in Power AppsCanvas Apps in Power AppsMicrosoft Power FxMicrosoft Copilot StudioMicrosoft Bot FrameworkAI CopilotPower Up ProgramPower Platform ConferenceRecorded April 26, 2024

DevSecOps in 2022 with Jess Dodson

Download our free app to listen on your phone