In this episode of MVP Security Insights (Season 2, Episode 2), we sit down with Michael van Horenbeeck, Microsoft MVP for 14 consecutive years and renowned expert in identity, cloud security, and compliance.

We dive deep into:

* His journey into Microsoft Security and MVP life

* Top security challenges in regulated industries

* The impact of NIS2, ISO 27001, and the speed of change

* Trends shaping the future—AI, CoPilot agents, Zero Trust

* A fun twist: If Zero Trust were a Krav Maga move… what would it be?

* The value of community and staying grounded in a fast-moving world

🔐 Whether you're a seasoned security pro or just stepping into the world of identity and cloud security, this episode is packed with insights you won't want to miss.

👉 Chapters:

00:37 Intro

01:06 Introduction of this episode

03:26 Michael's introduction

06:00 Background & Microsoft MVP journey

08:02 Why focus on identity, cloud security, and compliance?

11:04 Security in regulated sectors

14:15 Regulations & governance challenges

17:53 Speed of change

21:02 Global cybersecurity threats

26:40 Future trends & AI

29:08 CoPilot and phishing defense

34:10 Zero Trust as Krav Maga

37:11 Community & collaboration

40:21 Personal goals & what's next

44:59 Closing this episode

46:04 Outro

🔗 Follow Michael on [https://www.linkedin.com/in/mvanhorenbeeck/]

🎙️ Hosted by Frans Oudendorp and Pouyan Khabazi

📢 Learn more: https://talkingsecurity.nl

#MicrosoftMVP #CyberSecurity #ZeroTrust #AI #IdentitySecurity #TalkingSecurity #MVPInsights

In this special Talking Security episode, recorded live from Microsoft HQ during the MVP Summit, hosts Frans Oudendorp and Pouyan Khabazi sit down with Ofer Shezaf, the mastermind behind Microsoft Sentinel—the first truly cloud-native SIEM.

With over 30 years in cybersecurity, Ofer takes us on a journey through the evolution of InfoSec, shares the origin story of Sentinel, and unpacks what it takes to grow a billion-dollar product. From the early days of SIEM to the role of AI in modern detection and response, this episode is packed with insights, strategy, and a few fun stories along the way.

Whether you're a seasoned SOC analyst, a cloud architect, or just curious about how Sentinel became a cornerstone of modern cyber defense—this one’s for you.

👉 Topics covered:

- Why existing SIEMs weren’t enough—and how Sentinel changed the game

- Lessons from building and scaling a $1B+ cybersecurity product

- Real vs. perceived risk in product strategy

- The role of community and open-source in shaping the future of cyber defense

- Ofer’s advice for the next generation of cybersecurity leaders

Grab your Favorito drink, and let’s talk security! 🔐

In the first episode of Season 2 of our MVP Security Insights series on the Talking Security podcast, we explore the ever-evolving landscape of cloud security and delve into practical strategies with our distinguished guest, Microsoft Security MVP Truls Dahlsveen.

Truls brings deep expertise in security monitoring, SIEM, and Endpoint Detection and Response (EDR), providing valuable insights gained from real-world experiences. Throughout the episode, we address significant cybersecurity trends, discuss innovative solutions, and highlight the essential role of community engagement in bolstering security practices.

Episode Outline:

0:26 - Intro

0:55 - Introduction of this episode

2:10 - Background and Expertise: Truls shares his journey to becoming an MVP and highlights his expertise in cloud security monitoring, SIEM, and EDR solutions.

5:35 - What are your primary areas of expertise within the realm of Microsoft technology and cybersecurity?

7:25 - Tools that are be used in the day job.

9:32 - Blogpost - https://www.infernux.no/5YearsOfSentinel - JOIN CCP - aka.ms/joinccp

12:36 - Current Projects and Focus: Discussing ongoing initiatives and how Microsoft technologies enhance security.

17:18 - How are you leveraging Microsoft technologies to enhance security in your current work?

23:15 - Global and Local Challenges: Examining major cybersecurity challenges globally and locally, including regulatory impacts.

30:30 - Future Trends and Advice: Insights into emerging cybersecurity trends and practical advice for professionals.

36:11 - Community and Collaboration: Importance of community collaboration featuring experiences from HackTheBox and TryHackMe.

42:30 - Question of AI: Creative reflections on cybersecurity roles and ultimate 'power-ups'.

45:18- Personal Insights and Goals: Truls shares his motivations and future objectives.

48:40 - What are your personal or professional goals for the coming period?

50:48 - Closing this episode

52:00 - Outro

Join us to gain actionable advice and inspiration from one of the community's leading cybersecurity experts.

In this episode of the Talking Security Podcast, we sit down with Itai Cohen from the Microsoft Defender for Cloud Apps team to explore the evolution of SaaS Security — from the traditional CASB (Cloud Access Security Broker) model to a broader, more proactive security strategy.

We cover:

• Why CASB isn’t enough anymore and what the future of SaaS Security looks like
• The growing threat of OAuth abuse — and why it’s such a hot target for attackers
• New innovations from Microsoft like Attack Path Analysis and Advanced Hunting for OAuth threats
• How Exposure Management is helping organizations proactively reduce SaaS risk

🎧 Whether you're a security architect, IT decision-maker, or Microsoft 365 enthusiast, this episode will help you rethink how you protect your SaaS environments.

👇 Don’t forget to like, subscribe, and share with your network.

📬 Got feedback or topics you'd like us to cover? Let us know in the comments or reach out via TalkingSecurity.nl!

Outline of the recording

0:00 - Intro

0:22 - Introduction of this episode

2:05 - Introduction of Itai Cohen - Microsoft

2:29 - What was the original goal of Microsoft Defender for Cloud Apps as a CASB solution?

4:10 - Why is Microsoft adding more capabilities on top of the traditional CASB model towards a broader SaaS Security approach?

6:08 - How do you see today’s SaaS threat landscape compared to when CASB solutions first appeared?

10:11 - Why is OAuth has become such an attractive attack vector?

13:53 - What are typical OAuth attack paths, and how do attackers exploit them?

14:50 - Microsoft blog - https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/protect-saas-apps-from-oauth-threats-with-attack-path-advanced-hunting-and-more/4395997-, you announced new capabilities to detect OAuth threats. Can you give us an overview of what’s new?

16:16 - How does Attack Path Analysis help customers better understand and mitigate OAuth risks?

19:10 - Advanced Hunting is now available for OAuth threats — how can security teams leverage this capability?

22:36 - What are some common mistakes you see organizations make when it comes to OAuth permissions and consent management?

26:40 - Exposure Management - How does Microsoft Defender for Cloud Apps contribute to a broader exposure management approach, and how can customers use it

31:47 - How do you see the role of SaaS Security evolving within the wider Exposure Management strategy that Microsoft is building?

33:09 - How does SaaS Security fit into Microsoft’s broader security strategy, alongside Defender XDR and Entra ID?

35:33 - SaaS Security is overlooked? Why?

40:42 - If you weren’t working in security, what would you be doing instead?

42:20 - Closing the episode

43:23 - Outro

#SaaSSecurity #MicrosoftDefender #OAuth #CASB #CloudSecurity #TalkingSecurityPodcast

Join your hosts Frans Oudendorp and Pouyan Khabazi in this month's episode of "Let's Talk" on the Talking Security podcast. We dive into critical cybersecurity developments from March, including Microsoft's latest Patch Tuesday addressing seven zero-day vulnerabilities (https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2025-patch-tuesday-fixes-7-zero-days-57-flaws/), and emerging OAuth app attack campaigns targeting Microsoft 365 accounts (https://www.bleepingcomputer.com/news/security/fake-security-alert-issues-on-github-use-oauth-app-to-hijack-accounts/, https://www.bleepingcomputer.com/news/security/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts/).

We highlight important updates across Microsoft security solutions, such as Microsoft Defender for Office's improved reporting tools, Defender for Identity's Enhanced Identity Inventory (preview) (https://learn.microsoft.com/en-us/defender-for-identity/identity-inventory), and Defender for Cloud Apps' new RBAC scoping for behaviors (https://learn.microsoft.com/en-us/defender-cloud-apps/manage-admins, https://learn.microsoft.com/en-us/defender-cloud-apps/behaviors). We also discuss the new GA release of on-demand malware scanning in Defender for Storage, capable of scanning blobs up to 50 GB, and introduce the preview of the Defender for Cloud Cost Calculator.

Stay informed with our community spotlight featuring Rod Trent's Security Copilot prompts (https://github.com/rod-trent/Security-Copilot/tree/main/Prompts/Workshop), and get your calendars ready for upcoming industry events, including the Swiss Microsoft Security Summit, ExpertsLive 2025, Microsoft Secure, and RSAC.

Plus, tune in for a fun geeky trivia about the first-ever internet domain!

Stay vigilant, stay informed, and let's talk security!

Welcome to another episode of "Talking Security - Let's Talk!" 🚀 This month, we bring you the latest cybersecurity updates, breaking news, and expert insights to keep you informed and ahead of threats.

🔹 Topics in this episode:

✅ Safer Internet Day 2025 – Promoting a safer online world for everyone

✅ DeepSeek Database Leak – Exposing sensitive chat history & backend data

✅ Defender for Endpoint & Office – New reporting and security enhancements

✅ Defender for Identity – Improved attack path visibility & security updates

✅ Microsoft Sentinel Updates – New features & integrations for threat intelligence

✅ Community Spotlight – A new detection engine to protect the Netherlands - https://Threathunters.nl

✅ Event Roundup – The must-attend cybersecurity events of 2025 - https://www.microsoft.com/en-us/security/blog/2025/02/03/hear-from-microsoft-security-experts-at-these-top-cybersecurity-events-in-2025/

✅ Geeky Fun Fact – The first computer virus & its creators

📢 Join the discussion! Want to be part of our monthly recordings? Fill out the form on - https://forms.office.com/e/DhYZzQ8t6z

👍 Like, share, and subscribe for more cybersecurity insights!

🔔 Turn on notifications so you never miss an update!

💬 What are your thoughts on this month's cybersecurity updates? Drop a comment below! ⬇️

#CyberSecurity #MicrosoftDefender #LetsTalkSecurity #ThreatHunting #MicrosoftSentinel #DataLeak #SIEM #SecurityUpdates

🎧 Welcome to the latest episode of "Talking Security" - Let's Talk series! Join your host, Frans Oudendorp, and co-host Pouyan Khabazi, as they dive into the crucial advancements and developments in cybersecurity over the past two months. 🕵️‍♂️

In this episode, we cover:

- DORA Giveaway: All about the Digital Operational Resilience Act (DORA), now enforced.

- Defender for Office 365 LLM: Breaking down new threat classification details - https://www.linkedin.com/posts/markolauren_defenderforoffice-xdr-mdo-activity-7283818118110470145-6_pp

- LDAPNightMare: What has happened in LDAP.

- Microsoft Sentinel Updates: From Bicep templates to SOC optimizations and more.

- Community Spotlight - https://rogierdijkman.medium.com/detecting-fasthttp-bruteforce-attacks-on-entra-users-42ceb13bf856

- Event Roundup -

38C3 - From phishing to Tenant takeover - https://www.youtube.com/watch?v=uowTmPomYcg

YellowHat - https://yellowhat.live/

WPNinjaNL Connect / MC2MC Connect - https://wpninjas.nl/connect/

- Fun Geeky Element: Trivia challenge - reach out on our LinkedIn page - https://www.linkedin.com/company/talkingsecurity

🚀 Don't miss out on these essential updates and expert insights that can help fortify your organization’s defenses. Tune in now, stay informed, and remember - stay safe, stay secure, and let’s keep the conversation going!

Thank you for your continued support. Don't forget to like, share, and subscribe for more insights from the world of cybersecurity!

Join us for the inaugural episode of "Let's Talk," a new series within the Talking Security podcast, where hosts Pouyan Khabazi and Frans Oudendorp delve into the latest updates from Microsoft Ignite 2024.

In this episode, we cover the groundbreaking advancements in Microsoft Security products, including updates to Defender for Cloud, the launch of Defender for APIs, and new capabilities in Microsoft Entra and Microsoft XDR.

Discover how these innovations will shape the future of cybersecurity, with discussions on AI advancements, quantum computing partnerships, and enhanced security measures.

Tune in for a comprehensive recap of Ignite 2024 and insights into staying ahead in the ever-evolving world of cybersecurity.

Don't miss out on the key highlights and expert analysis in this exciting new series!

KustoCon Playlist - https://youtube.com/playlist?list=PL9sQKc0RBCiB73e4q-847W02Rzt3qPzbR&si=f0MbGvjGml8SOTxP

Ignite 2024 Book of News - https://news.microsoft.com/ignite-2024-book-of-news/

In this engaging episode of the TalkingSecurity podcast – DevSecOps series, host Frans Oudendorp, along with co-hosts Pouyan Khabazi and Sander ten Brinke, sits down online with special guest April Yoho from GitHub. Together, they explore April's unique journey in the DevSecOps field, delve into the world of GitHub and GitHub Advanced Security, and discuss the transformative impact of Copilot. Tune in for an insightful conversation packed with practical tips and expert advice, perfect for anyone looking to enhance their knowledge in DevSecOps.

In the sixth episode of the "Security MVP Insights" series on the TalkingSecurity podcast, hosts Frans Oudendorp and Pouyan Khabazi welcome special guests Pablo Chacon and Katie Ryckman. Both esteemed professionals at Microsoft, Pablo and Katie lead the Customer Connection Program (CCP), playing a pivotal role in fostering collaboration between the community, MVPs, and Microsoft.

During this insightful episode, Pablo and Katie delve into their work with the CCP, sharing how they bridge the gap between Microsoft's internal teams and its diverse user community. They discuss the importance of community engagement, the impact of feedback from MVPs, and the initiatives they have implemented to strengthen these connections.

Episode Highlights:

0:00 Intro with music

0:28 Introduction of the Episode

1:16 3 questions in 1

1:34 Katie - Journey to the current Role

3:13 Pablo - Journey to the current Role

7:15 The beginning of Intune

8:12 What is the Microsoft Customer Connection Program (CCP)

20:22 Specific challenges or cultural differences that impact the work

28:26 What trends do we foresee in the cybersecurity community

32:47 Advice for IT and Security professionals to get more involved in the community

40:49 Personal or Professional goals

41:26 The goals from Katie

42:20 The goals from Pablo

44:00 Thanks to Katie and Pablo

45:10 Closing the episode

45:39 Outro with music

This episode is a must-listen for anyone interested in the dynamics of community building within the tech industry. Subscribe to the "Security MVP Insights" series and stay tuned for more in-depth discussions on bridging the gap between technology providers and their users.

Connect with Pablo Chacon - https://www.linkedin.com/in/pjchacon/ - and Katie Ryckman - https://www.linkedin.com/in/katieryckman/ - on LinkedIn to learn more about their work with the Customer Connection Program at Microsoft.

Join the CCP Program - https://AKA.MS/joinCCP

Stay informed and engaged with the latest trends in cybersecurity and community collaboration by tuning in now!