AI Pen Testing Power- What is the deal with Mythos?

Sentinel Cost Estimator Tool is a go. - Sentinel Cost Estimator

Words of Wisdom:

“Don’t believe everything you think you believe”

“Actual great opportunities do NOT have “Great Opportunies” in the subject line”

General

· Secure agentic AI for your Frontier Transformation [agenticainews.net]

· Secure agentic AI end-to-end [microsoft.com]

· Microsoft Pre-Day: Your first look at what’s next in Security [techcommun...rosoft.com]

· Strengthening your Security Posture with Microsoft Security Store Innovations at RSAC 2026 [techcommun...rosoft.com]

· Crawl, Walk, Run: A Practitioner’s Guide to AI Maturity in the SOC [techcommun...rosoft.com]

· From Manual Vetting to Continuous Trust: Automating Publisher Screening with AI

AI Security

· Join the Agent 365 “Ask Microsoft Anything” session on March 18 [techcommun...rosoft.com]

· Get to know these Agent 365 community all-stars [techcommun...rosoft.com]

· ICYMI: Microsoft Agent 365 AMA [techcommun...rosoft.com]

· Governing AI Agent Behavior: Aligning User, Developer, Role, and Organizational Intent

Azure Security & Defender for Cloud News

· Microsoft Defender for Cloud Customer Newsletter (March edition) [techcommun...rosoft.com]

· Malware scan results now in blob tags (ADLS Gen2 HNS | Public Preview) [techcommun...rosoft.com]

· Defending Container Runtime from Malware with Microsoft Defender for Containers [techcommun...rosoft.com]

· Defending the AI Era: New Microsoft Capabilities to Protect AI [techcommun...rosoft.com]

· New innovations in Microsoft Defender to strengthen multi-cloud, containers, and AI model security [techcommun...rosoft.com]

· Secure AI Workloads in Azure: Join Our Next Azure Decoded Session on April 8th [techcommun...rosoft.com]

· Detect, correlate, contain: New Azure Firewall IDPS detections in Microsoft Sentinel and XDR [techcommun...rosoft.com]

· Azure Bastion: Enterprise-grade secure access made simple

Threat Intelligence

When Trust Becomes the Attack Vector: Analysis of the EmEditor Supply-Chain Compromise [techcommun...rosoft.com]

Microsoft Entra

· Secure access in the age of AI: Key findings from our 2026 Report [techcommun...rosoft.com]

· Microsoft Entra innovations announced at RSAC 2026 [techcommun...rosoft.com]

· Microsoft Entra Tenant Governance: Secure and Manage Multi-Tenant Environments at Scale [techcommun...rosoft.com]

· Evolving Identity Security: How the Conditional Access Optimization Agent Helps You Adapt [techcommun...rosoft.com]

Device Management & Protection (Intune)

· Announcing three new partners for multi-tenant management with Microsoft Intune [techcommun...rosoft.com]

· Secure apps: Where people, data, and AI intersect

Defender XDR & Sentinel

· Monthly news – March 2026 (Microsoft Defender) [techcommun...rosoft.com]

· RSA 2026: What’s new in Microsoft Defender? [techcommun...rosoft.com]

· Security Copilot in Defender: empowering the SOC with assistive and autonomous AI [techcommun...rosoft.com]

· From Impersonation Calls to Transparent Reporting: Defending the New Front Door of Attacks [techcommun...rosoft.com]

· What’s New in Microsoft Sentinel: March 2026 [techcommun...rosoft.com]

· What’s new in Microsoft Sentinel: RSAC 2026 [techcommun...rosoft.com]

· How Granular Delegated Admin Privileges (GDAP) allows Sentinel customers to delegate access

Copilot for Security

· Introducing Secret Finder: Finding Real Credentials Where Traditional Tools Fail [techcommun...rosoft.com]

· From alert overload to decisive action: How Security Copilot agents are transforming security and IT

Purview - Compliance & Governance

· AI‑Powered Troubleshooting for Microsoft Purview Data Lifecycle Management [techcommun...rosoft.com]

· Priority Cleanup V2: Faster, Simpler Data Purging for Exchange Online [techcommun...rosoft.com]

· Microsoft Purview securing data and enabling apps and agents across your AI stack [techcommun...rosoft.com]

· Secure data as AI scales: New Microsoft Purview innovations at RSA 2026 [techcommun...rosoft.com]

· New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation

✨ Featured Items This Week

New Roadmap Items:

* Microsoft Teams: New chat sections for muted and meeting chatsID: MC1269864 | Service: Microsoft Teams | Tags: New feature, User impact, Admin impactMicrosoft Teams will introduce two new chat sections—Muted chats (enabled by default) and Meeting chats (disabled by default)—to organize chats. These...

Microsoft 365 Copilot (Premium): Choose your AI model when editing presentations in PowerPointID: MC1267867 | Service: Microsoft 365 apps, Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactMicrosoft 365 Copilot (Premium) in PowerPoint will let users choose AI models, including OpenAI and Anthropic’s Claude, when editing presentations. Th...

Microsoft Secure Score: New recommendation for Microsoft Defender for EndpointID: MC1266905 | Service: Microsoft Defender XDR | Tags: New feature, User impact, Admin impactMicrosoft Secure Score will add a new recommendation to block outbound traffic from mshta.exe in Microsoft Defender for Endpoint, starting public prev...

Copilot Cowork now available in FrontierID: MC1265767 | Service: Microsoft Copilot (Microsoft 365), Microsoft 365 Copilot Chat | Tags: New feature, User impactCopilot Cowork is now available in Frontier for Microsoft 365 Copilot Premium users, enabling multi-step task orchestration across apps with user appr...

Auto Critique and Model Council features in Researcher (Frontier program)ID: MC1265765 | Service: Microsoft Copilot (Microsoft 365), Microsoft 365 Copilot Chat | Tags: New feature, User impact, Admin impactResearcher’s new Auto Critique improves draft quality by reviewing structure, sources, and citations. Model Council compares reports from multiple AI ...

Updated Roadmap Items:

* Microsoft Teams: Sharing recap accessID: 559606 | Product: Microsoft Teams, Microsoft Copilot (Microsoft 365) | Status: In developmentRecording and transcript owners can now grant recording and transcript access to specified people when copying or sharing recap link, and the specifie...

Microsoft Purview: Purview in Microsoft Admin CenterID: 559617 | Product: Microsoft Purview | Status: In developmentAI and IT admins in Microsoft Admin Center can 1) gain visibility around oversharing risks and drive remediations 2) Understand how much of sensitive ...

Microsoft Teams: Annotations on Teams Single Window Sharing on macOSID: 559611 | Product: Microsoft Teams | Status: In developmentPresenters can now share a single application window and enable participants to annotate directly on top of that content, without exposing their entir...

Microsoft Purview: Data Loss Prevention – Inline DLP for Prompts for Microsoft Foundry apps and agentsID: 558565 | Product: Microsoft Purview | Status: In developmentWith Purview enabled in Microsoft Foundry, Purview admins can setup inline DLP policies to prompts on Foundry built apps and agents to ensure data los...

Microsoft Viva: Viva Glint and Viva Insights Integration - Exclusion List for data sharingID: 559266 | Product: Microsoft Viva | Status: In developmentViva Glint admins will be able to manage an exclusion list in Viva Feature Access Management that prevents selected people and groups from being inclu...

New Message Center Items:

* Microsoft Teams: Meeting Notes now available for instant meetingsID: 541831 | Product: Microsoft Teams | Status: Rolling outTeams meeting Notes, powered by Loop, are now available for instant meetings that started via ‘Meet now’ from the calendar. Notes are Loop components ...

Microsoft 365 app: Overview Page in Copilot NotebooksID: 512430 | Product: Microsoft 365, Microsoft 365 app, Microsoft Copilot (Microsoft 365) | Status: LaunchedUsers will find Copilot-powered Notebook summaries and insights as a landing page within their Copilot Notebook.

Microsoft Copilot (Microsoft 365): Now smarter with visuals: Declarative Agents leverage embedded images for richer, more accurate answersID: 531758 | Product: Microsoft Copilot (Microsoft 365) | Status: LaunchedDeclarative Agents have been enhanced to interpret and ground responses using images embedded in files such as Word documents (.docx), PowerPoint pres...

Outlook: Prepare for your meeting with Copilot chat in Outlook mobileID: 516568 | Product: Outlook | Status: LaunchedOutlook mobile users can now prepare for their meetings using Copilot chat in a single tap. This feature requires a Microsoft 365 Copilot license.

Microsoft Copilot (Microsoft 365): Files found via Chat search can be now analyzed by code interpreterID: 519570 | Product: Microsoft Copilot (Microsoft 365) | Status: LaunchedCode interpreter runs on files you upload in your agent or that the user explicitly attaches in the interaction. Files that Copilot Chat finds via ent...

Updated Message Center Items:

(Updated) Microsoft 365 Copilot: Session persistence enhancement for Copilot chatID: MC1174856 | Service: Microsoft Copilot (Microsoft 365), Microsoft 365 Copilot Chat | Tags: Updated message, New feature, User impact, Admin impactMicrosoft 365 Copilot chat will preserve conversations by creating session entries in the navigation pane upon prompt submission, allowing users to re...

(Updated) Microsoft Viva Engage | Email sender domain migration from @yammer.com to @engage.mail.microsoftID: MC1251200 | Service: Microsoft Viva | Tags: Updated message, Feature update, User impact, Admin impactMicrosoft Viva Engage email sender domains have migrated from @yammer.com to @engage.mail.microsoft (and @eu.engage.mail.microsoft for Europe) as of M...

(Updated) Microsoft 365 Copilot: Manage and deploy user-level connectors in Microsoft 365 admin centerID: MC1188234 | Service: Microsoft Copilot (Microsoft 365) | Tags: Updated message, New feature, User impact, Admin impactMicrosoft 365 Copilot introduces federated connectors enabling real-time access to external apps like Notion and Canva within Copilot. Admins control ...

(Updated) Microsoft Defender for Office 365 quarantine content read permission updateID: MC1234569 | Service: Microsoft Defender XDR | Tags: Updated message, Feature update, Admin impactMicrosoft Defender for Office 365 will introduce a new permission for granular access to quarantined email content via Defender XDR Unified RBAC. Roll...

Microsoft Teams | VDI for Azure Virtual Desktops/Windows 365 and Citrix: macOS support with new SlimCore optimizationID: MC1151241 | Service: Microsoft Teams | Tags: Updated message, New feature, User impactMicrosoft Teams now supports SlimCore media engine optimization for macOS users on Azure Virtual Desktop, Windows 365, and Citrix, replacing WebRTC. T...

Let’s talk Sentinel, AI Security or lack thereof and we think Agent365 is pretty cool when mixed with Microsoft Purview.

Words of Wisdom:

“Anything you say before the word “but” does not count!

“Ask anyone that you admire: Their lucky breaks happened on a detour from their main goal. So embrace detours. Life is NOT a straight line for anyone.”

Security News:

General

* Secure agentic AI end-to-end | Microsoft Security Blog

* RSA 2026: What’s new in Microsoft Defender? | Microsoft Community Hub

* Monthly news – March 2026 | Microsoft Defender XDR Blog

* Microsoft Entra innovations announced at RSAC 2026 | Microsoft Community Hub

AI Security

* Secure agentic AI end-to-end | Microsoft Security Blog

* RSA 2026: What’s new in Microsoft Defender? (Security Copilot & AI expansions) | Microsoft Community Hub

Azure Security & Defender for Cloud News

* Monthly news – March 2026 | Microsoft Defender XDR Blog

* What’s new in Defender for Cloud features (March/April 2026 updates) | Microsoft Learn

* RSA 2026: What’s new in Microsoft Defender? | Microsoft Community Hub

Threat Intelligence

* RSA 2026: What’s new in Microsoft Defender? | Microsoft Community Hub

Microsoft Entra

* Microsoft Entra innovations announced at RSAC 2026 | Microsoft Community Hub

Defender XDR & Sentinel

* RSA 2026: What’s new in Microsoft Defender? | Microsoft Community Hub

* What’s New in Microsoft Sentinel: March 2026 | Microsoft Community Hub

* What’s new in Microsoft Sentinel: RSAC 2026 | Microsoft Community Hub

* RSAC 2026: New Microsoft Sentinel Connectors Announcement | Microsoft Community Hub

* Monthly news – March 2026 | Microsoft Defender XDR Blog

Copilot for Security

* RSA 2026: What’s new in Microsoft Defender? (Security Copilot expansions) | Microsoft Community Hub

Purview – Compliance & Governance

* RSA 2026: What’s new in Microsoft Defender? (Purview AI & data innovations) | Microsoft Community Hub

✨ Featured Items This Week

* Notice: Security Copilot will be included as part of your Microsoft 365 E5 plan soonID: MC1261596 | Service: Microsoft Entra, Microsoft Intune | Tags: New feature, User impact, Admin impactSecurity Copilot will be included with Microsoft 365 E5 via a phased rollout from April 20 to June 30, 2026, providing 400 Security Compute Units

* Microsoft Entra ID: Improved readability for Authentication Methods Policy Update audit logsID: MC1260708 | Service: Microsoft Entra | Tags: Feature update, Admin impactMicrosoft Entra ID audit logs for Authentication Methods Policy Updates will now show only changed properties with old and new values

* Microsoft Purview: Credential scanning in Data Security Posture AgentID: MC1259828 | Service: Microsoft Purview | Tags: New feature, User impact, Admin impactMicrosoft Purview’s Data Security Posture Agent will add a credential scanning feature by mid-2026, using LLM-powered detection to find exposed cred’s

New Roadmap Items:

* Microsoft Teams: Enhanced cross-platform join via SIP for Teams Rooms on AndroidID: 558539 | Product: Microsoft Teams | Status: In developmentEnable Teams Rooms on Android to join third-party meetings via SIP, delivering seamless cross-platform interoperability. This capability ensures users...

Microsoft Viva: Copilot Analytics: “All”- licensed user page Copilot dashboardID: 559475 | Product: Microsoft Viva, Microsoft Copilot (Microsoft 365) | Status: In developmentThe Copilot Dashboard adoption landing page will be updated to show a unified view of Copilot adoption across the organization. Instead of the default...

Microsoft Teams: Add Breakout Room Participants in Bulk Using CSVID: 559387 | Product: Microsoft Teams | Status: In developmentSupport for bulk breakout room participant assignment using a CSV file, helping organizers save time when setting up breakout rooms.

Updated Roadmap Items:

* Microsoft Teams: Simplified Teams app bar to create a cleaner and more focused experience.ID: 557169 | Product: Microsoft Teams | Status: Rolling outWe’ve simplified the app bar to help you focus on what matters. Apps are easier to scan in a cleaner View more apps list, the overflow menu is less cl...

Microsoft Teams: Microsoft Teams: Secure Reliable Transport (SRT) Support for Teams town hallsID: 554931 | Product: Microsoft Teams | Status: In developmentMicrosoft Teams will soon support Secure Reliable Transport (SRT) streaming in Teams town halls. SRT is a network protocol designed to deliver high-qu...

Microsoft Copilot (Microsoft 365): [Copilot Extensibility] IT Admins will be able to enable Anthropic models by specific users and groups in the tenantID: 557371 | Product: Microsoft 365, Microsoft Copilot (Microsoft 365) | Status: In developmentThis feature introduces admin controls for managing Anthropic as a model provider for specific users and groups in the tenant.

Microsoft Viva: Satisfaction Rate Metric for Microsoft 365 Copilot in Copilot DashboardID: 496655 | Product: Microsoft Viva, Microsoft Copilot (Microsoft 365) | Status: LaunchedTrack user sentiment of Microsoft 365 Copilot. Understand how users perceive Copilot value by analyzing the breakdown of thumbs up and thumbs down rat...

Microsoft Teams: share file in chat with external usersID: 492625 | Product: Microsoft Teams | Status: LaunchedCollaborating with users outside your organization has become more streamlined. You can now share files and Loop components with external users in 1:1...

New Message Center Items:

* Microsoft Teams: AI-powered live interpretation on Teams Phone devicesID: MC1263278 | Service: Microsoft Teams | Tags: New feature, User impact, Admin impactAI-powered live interpretation will be available on certified Microsoft Teams Phone devices for users with a Microsoft 365 Copilot license starting mi...

Microsoft 365 Copilot: Admins will be able to enable third‑party model providers for specific users and groupsID: MC1263276 | Service: Microsoft 365 suite, Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactAdmins will soon be able to assign third-party AI model providers like Anthropic and xAI to specific users or groups in Microsoft 365 Copilot via a ne...

Planner tab support for Shared and Private Channels in Microsoft TeamsID: MC1262590 | Service: Planner, Microsoft Teams | Tags: New feature, User impact, Admin impactMicrosoft Planner tabs will be supported in Microsoft Teams Shared and Private channels starting mid-May 2026. Users can add new or existing plans dir...

New M365 group creation and editing in My GroupsID: MC1262589 | Service: Microsoft Entra | Tags: Feature update, User impact, Admin impactMicrosoft 365 group creation and editing in My Groups will be enhanced by late March 2026, allowing owners to configure usage guidelines, email aliase...

Microsoft Teams: Retirement of CAPTCHA for meeting joinID: MC1262588 | Service: Microsoft Teams | Tags: User impact, RetirementMicrosoft Teams will retire CAPTCHA for meeting joins by August 2026, replacing it with a default-on bot detection feature that requires organizer app...

Updated Message Center Items:

(Updated) Copilot entry point changes in Word and handoff to Agent in chatID: MC1240704 | Service: Microsoft 365 apps | Tags: Updated message, Feature update, User impact, Admin impactCopilot entry points in Word are updated to unify access and introduce Word Agent in the chat pane as the primary interface. Rollout begins early Apri...

(Updated) Microsoft 365 Copilot: Email triage with pin, flag, archive, and mark readID: MC1193695 | Service: Microsoft Copilot (Microsoft 365) | Tags: Updated message, New feature, User impact, Admin impactMicrosoft 365 Copilot now supports natural language commands for email triage—pinning, flagging, marking complete, archiving, and marking read/unread—...

(Updated) Microsoft 365 Copilot: Create and view Outlook rulesID: MC1223821 | Service: Microsoft Copilot (Microsoft 365) | Tags: Updated message, New feature, User impact, Admin impactMicrosoft 365 Copilot now lets Outlook users create and view Inbox rules via natural language in chat, streamlining email management. Available from A...

(Updated) Microsoft Teams: Code block line numbers and improved keyboard accessibilityID: MC1240703 | Service: Microsoft Teams | Tags: Updated message, Feature update, User impact, Admin impactMicrosoft Teams will enhance the code block experience by adding default line numbers, improved keyboard navigation, consistent language selection, an...

(Updated) Targeted file and folder restores in Microsoft 365 BackupID: MC1245216 | Service: Microsoft 365 suite, SharePoint Online | Tags: Updated message, New feature, Admin impactMicrosoft 365 Backup now supports granular restore, allowing admins to browse, search, and restore individual files or folders from SharePoint and One...

Edward does MCP. Franks says 3 is a magic number. Rod returns with tales from the other side of the pond? We will talk about the new E7 license from Microsoft and other top of mind security trends and news.

Words of Wisdom:

“To rapidly reveal the true character of a person you just met, move them onto an abysmally slow internet connection. Observe”

Cool AI Tools and Security Links:

* XDR Convertor

* Tool to read the Legal Terms and conditions for you: AITermsScore – AI Legal Terms Analyzer

* All the admin portal and API endpoints: 🖥 Home | [cmd.ms]

Microsoft M365 Changes

* Microsoft Teams: Identify external bots joining your Teams meetingsID: MC1251206 | Service: Microsoft Teams | Tags: New feature, User impact, Admin impactMicrosoft Teams will detect and label external meeting assistant bots joining meetings, giving organizers control to approve, deny, or remove them. A ...

Copilot extensibility: Microsoft 365 Copilot Declarative Agents model upgrade to GPT‑5.2ID: MC1251203 | Service: Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactMicrosoft 365 Copilot Declarative Agents will upgrade to the GPT-5.2 model by late March 2026, enhancing quality, accuracy, and multi-step workflows. ...

Microsoft Teams: Live transcription in Teams Rooms on AndroidID: MC1249432 | Service: Microsoft Teams | Tags: New feature, User impact, Admin impactMicrosoft Teams Rooms on Android will gain live transcription with speaker attribution, timestamps, and optional translation, requiring a Teams Rooms ...

Plan for Change: Windows Autopatch is enabling hotpatch updates by defaultID: MC1248388 | Service: Microsoft Intune, Windows Autopatch | Tags: Admin impactStarting May 2026, Windows Autopatch will enable hotpatch security updates by default for eligible Intune devices, speeding up security without restar...

RSAT capabilities arrive on Arm-based Windows 11 PCsID: MC1248343 | Service: Windows | Tags: Admin impact

Microsoft Purview: Credential Scanning in Data Security Posture AgentID: 558436 | Product: Microsoft Purview | Status: In developmentWe’re expanding the Data Security Posture Agent with a new credential scanning capability. Discover exposed credentials and data security risks across...

Microsoft Entra passkeys on Windows now support phishing-resistant sign-inID: MC1247893 | Service: Microsoft Entra | Tags: New feature, User impact, Admin impactMicrosoft Entra passkeys on Windows enable phishing-resistant, passwordless sign-in using Windows Hello on Entra-protected resources, including unmana...

Anthropic Claude Sonnet is now available in Microsoft 365 CopilotID: MC1247880 | Service: Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactAnthropic Claude Sonnet is now available in Microsoft 365 Copilot for licensed users, except in EU/EFTA, UK, government, and sovereign clouds. It can ...

Windows Autopatch is enabling hotpatch updates by defaultID: MC1247859 | Service: Windows | Tags: Admin impact

(Updated) Microsoft 365 Copilot: Draft and send Outlook email directly in Copilot ChatID: MC1247637 | Service: Microsoft Copilot (Microsoft 365) | Tags: Updated message, New feature, User impact, Admin impactMicrosoft 365 Copilot Chat will enable drafting, editing, and sending Outlook emails directly within the chat starting late March 2026. This feature, ...

Microsoft Agent 365 Generally Available May 1, 2026ID: MC1247634 | Service: Microsoft 365 suite | Tags: New feature, Admin impactMicrosoft Agent 365 will be generally available on May 1, 2026, following the Frontier early-access program. Frontier participants retain access and c...

New Roadmap Items

Microsoft Purview: Endpoint Data Loss Prevention - Add support of hyperlinks in warn & block toast messages for Edge browserID: 558688 | Product: Microsoft Purview | Status: In developmentWith this feature, data officers can now complete their coverage story by now embedding hyperlinks within toast messages for the Edge browser. When th...

Microsoft Teams: Honor Windows Do not disturb settingID: 557974 | Product: Microsoft Teams | Status: In developmentMicrosoft Teams integrates with the Do not disturb setting in Windows to help reduce interruptions. Teams notifications are paused when Do not disturb...

Microsoft Purview: Data Loss Prevention – Enrich Defender alerts Graph API with DLP event dataID: 558681 | Product: Microsoft Purview | Status: In developmentEnhance current API infrastructure to provide easy and simple way for customers to export data to integrate with SIEM tools, create automated workflow...

Microsoft Teams: Video recap in TeamsID: 558540 | Product: Microsoft Teams, Microsoft Copilot (Microsoft 365) | Status: In developmentIntelligent meeting recap will now include video-based recaps. Video recap creates narrated video highlights from recorded meetings, featuring key tak...

SharePoint: Plan and Create Pages with AIID: 558441 | Product: SharePoint | Status: In developmentThis feature allows you to edit new and existing pages with an AI chat pane. Now, with just prompts, you can add webparts, grounding documents, and re...

Updated Roadmap Items

Microsoft Teams: Chat for organizers and presenters in structured meetings and webinarsID: 392328 | Product: Microsoft Teams | Status: In developmentOrganizers, co-organizers, and presenters can chat privately in a separate chat from attendees. This chat is available to access before, during, and a...

Planner: Planner Agent in basic plansID: 511820 | Product: Planner, Microsoft Copilot (Microsoft 365) | Status: In developmentPlanner Agent will now be available for M365 Copilot licensed users in all Planner plans, including basic plans.

Microsoft Teams: Chat for organizers and presenters in structured meetings and webinars on Teams Rooms on WindowsID: 557165 | Product: Microsoft Teams | Status: In developmentWhen a Teams Rooms on Windows acts as an organizer, co-organizer or presenter in a structured meeting or webinar, you have access to the private chat ...

Microsoft Teams: Book future meetings directly from Teams panelsID: 557168 | Product: Microsoft Teams | Status: In developmentYou can now make an upcoming meeting reservation from a Teams panel by browsing the calendar on the device and choosing any open time slot through mid...

Microsoft Copilot (Microsoft 365): Deep citations in CopilotID: 523223 | Product: Microsoft Copilot (Microsoft 365) | Status: In developmentDeep citations let users quickly verify Copilot’s results by linking directly to the relevant part of the reference, boosting trust.

New Message Center Items

Microsoft Secure Score: New recommendations for Microsoft Defender for EndpointID: MC1251207 | Service: Microsoft Defender XDR | Tags: Feature update, User impact, Admin impactNew Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will roll out in public preview from late February to mid-March 2026. T...

Microsoft Teams: Identify external bots joining your Teams meetingsID: MC1251206 | Service: Microsoft Teams | Tags: New feature, User impact, Admin impactMicrosoft Teams will detect and label external meeting assistant bots joining meetings, giving organizers control to approve, deny, or remove them. A ...

Copilot extensibility: Microsoft 365 Copilot Declarative Agents model upgrade to GPT‑5.2ID: MC1251203 | Service: Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactMicrosoft 365 Copilot Declarative Agents will upgrade to the GPT-5.2 model by late March 2026, enhancing quality, accuracy, and multi-step workflows. ...

Microsoft Viva Engage | Email sender domain migration from @yammer.com to @engage.mail.microsoftID: MC1251200 | Service: Microsoft Viva | Tags: Feature update, User impact, Admin impactMicrosoft Viva Engage is migrating email sender domains from @yammer.com to @engage.mail.microsoft (and @eu.yammer.com to @eu.engage.mail.microsoft) b...

Planned Maintenance: Windows 365 ServiceID: MC1251199 | Service: Windows 365 | Tags: User impact, Admin impactPlanned maintenance for Windows 365 will occur March 23-27, 2026, during non-peak hours by region, with no service downtime. Users may experience brie...

Updated Message Center Items

(Update)Microsoft Entra ID: General Availability of passkey profiles and migration for existing Passkeys (FIDO2) tenantsID: MC1221452 | Service: Microsoft Entra | Tags: Updated message, New feature, User impact, Admin impactStarting March 2026, Microsoft Entra ID will GA passkey profiles and synced passkeys for tenants with Passkeys (FIDO2) enabled. Existing configuration...

(Updated) Outlook: retiring “Contact Masking” (hide suggested recipients) - March 31, 2026ID: MC1234566 | Service: Microsoft 365 suite | Tags: Updated message, User impact, Admin impact, RetirementOutlook is retiring the “Contact Masking” feature on March 31, 2026, which allowed users to hide suggested recipients. Hidden contacts may reappear af...

(Updated) Content Security Policies (CSP) are coming to SharePoint Online and might impact your custom SPFx solutionsID: MC1193419 | Service: SharePoint Online | Tags: Updated message, New feature, User impact, Admin impactStarting March 1, 2026, SharePoint Online will enforce Content Security Policy (CSP), blocking scripts from untrusted sources in custom SPFx solutions...

Microsoft Teams on the web: New Private Preview for Sign in with Apple and Google for consumers may affect enterpriseID: MC1102784 | Service: Microsoft Teams | Tags: Updated message, Feature update, User impact, Admin impactMicrosoft Teams on the web plans a new sign-in preview with “Continue with Apple” and “Continue with Google” for consumer accounts via login.microsoft...

(Updated) Microsoft Teams: Private chat for organizers and presenters in structured meetings, webinars, and town hallsID: MC1188222 | Service: Microsoft Teams | Tags: Updated message, New feature, User impact, Admin impactMicrosoft Teams will introduce a private chat for organizers, co-organizers, and presenters in structured meetings, webinars, and town halls, unifying...

Microsoft Security News and Events:

* Microsoft Security Copilot - FastTrack – Microsoft 365 | Microsoft Learn-

* Active Directory Hardening Series

* Protect the Browser

Watch the live show:

Edward gets someone else to do his homework. Rod returns...or does he? Franks can’t decide if he wants to live in Florida or Virginia. We will also do a run down about all the security and AI.

Words of Wisdom:

Speak confidently as if you are right, but listen carefully as if you are wrong.

Cool Tools and Links:

* XDR Convertor

TOP AI and Security Links to take a look-see:

* All the admin portal and API endpoints: 🖥 Home | [cmd.ms]

* Microsoft Community Hub - Monthly news - February 2026 | Microsoft Community Hub

Weekly Microsoft 365 Announced Changes:

* Microsoft Teams: Multiple phone number assignment to a single userID: 557716 | Product: Microsoft Teams | Status: In developmentAdministrators will be able to assign multiple phone numbers (up to 10) to a single user. Users will be able to make and receive phone calls using any...

Microsoft Teams: Flexible layout for meetings with resizable dividerID: MC1239934 | Service: Microsoft Teams | Tags: New feature, User impact, Admin impactMicrosoft Teams will introduce a resizable divider in meetings (April 2026) allowing users to adjust and swap the space between shared content and vid...

Collaborate with Copilot in Outlook while drafting emailID: MC1239932 | Service: Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactMicrosoft 365 Copilot will be integrated into Outlook’s compose window starting March 2026, enabling real-time collaboration for email drafting. Avail...

Defender for Office 365 URL click alerts now include Microsoft TeamsID: MC1239187 | Service: Microsoft Defender XDR | Tags: New feature, User impact, Admin impactMicrosoft Defender for Office 365 URL click alerts will now include Microsoft Teams, enabling detection of malicious link clicks in Teams messages. Th...

Microsoft 365 Copilot: Turn Copilot Pages into SharePoint News postsID: MC1239186 | Service: Microsoft 365 apps, Microsoft Copilot (Microsoft 365) | Tags: New feature, User impactMicrosoft 365 Copilot will enable users to transfer content from Copilot Pages directly into SharePoint News posts for seamless editing and publishing...

Microsoft Purview | Data Lifecycle Management - Separate Retention policies for Copilots and AI AppsID: MC1238434 | Service: Microsoft Purview | Tags: New feature, User impact, Admin impactAdmins can now set separate retention policies for Copilot and AI app interactions in Microsoft Purview, allowing faster deletion if needed. This feat...

Updates to filtered message viewing in Outlook for iOS and AndroidID: MC1238433 | Service: Microsoft 365 apps | Tags: Feature update, User impact, Admin impactOutlook for iOS and Android will add an option to search all filtered messages when more exist beyond locally synced items, improving clarity without ...

Windows first sign-in restore experience now availableID: MC1238409 | Service: Windows | Tags: Admin impact

New Roadmap Items

Microsoft Purview: Data Loss Prevention- Security Store now available within Purview DLP to browse, purchase, and enable partner integrationsID: 557977 | Product: Microsoft Purview | Status: In developmentSecurity Store is now integrated into the Microsoft Purview DLP experience, giving admins an in-product way to discover, purchase, and enable a curate...

Microsoft Purview: Data Loss Prevention- New policy configuration options available for inline network and Edge for Business policiesID: 557976 | Product: Microsoft Purview | Status: In developmentAdmins can now scope Purview collection policies for unmanaged cloud apps based on the presence of sensitivity labels, enabling more precise discovery...

Microsoft Copilot (Microsoft 365): Share agents to TeamsID: 557947 | Product: Microsoft Copilot (Microsoft 365) | Status: In developmentWith this feature, users will be able to share their agent with a Microsoft Teams team. Users can search for and find teams in the agent sharing dialo...

Microsoft Teams: Multiple phone number assignment to a single userID: 557716 | Product: Microsoft Teams | Status: In developmentAdministrators will be able to assign multiple phone numbers (up to 10) to a single user. Users will be able to make and receive phone calls using any...

Microsoft Copilot (Microsoft 365): Create Videos in the Clipchamp Start PageID: 553215 | Product: Microsoft Clipchamp, Microsoft Copilot (Microsoft 365) | Status: In developmentUsers can use Copilot to create videos directly from the Clipchamp Start page. Turn a simple prompt or existing document into a polished video in minutes

Updated Roadmap Items

Microsoft Teams: New SlimCore-based optimization for Microsoft Teams in VDI - support for Windows endpoints on Omnissa environmentsID: 518286 | Product: Microsoft Teams | Status: Rolling outThis feature allows Windows endpoints to optimize Microsoft Teams in VDI environments with the new SlimCore-based media engine, providing an expanded ...

Outlook: New search folder typesID: 549286 | Product: Outlook | Status: LaunchedSearch Folders are being moved to the Settings experience in the new Outlook for Web and Windows, improving discoverability and alignment with modern ...

Microsoft Teams: External Domains Anomalies ReportID: 536572 | Product: Microsoft Teams | Status: In developmentThis new report helps admins proactively spot unusual or risky interactions with external organizations. By analyzing communication trends and detecti...

Outlook: New search folder typesID: 549287 | Product: Outlook | Status: LaunchedSearch folders are being moved to the Settings experience in the new Outlook for Windows and web, improving discoverability and alignment with modern ...

Microsoft Defender for Office 365: Admins can hunt on calls in Microsoft TeamsID: 531761 | Product: Microsoft Defender for Office 365 | Status: In developmentSecurity admins with Defender for Office 365 Plan 2 can hunt on calls and meetings made inside Microsoft Teams for their organization

New Message Center Items

Retiring the Impala connectorID: MC1240748 | Service: Microsoft Power Automate in Microsoft 365 | Tags: User impact, Admin impact, RetirementThe Impala connector will be retired and removed from Copilot Studio, Logic Apps, Power Apps, and Power Automate between April 1-14, 2026. Existing co...

SharePoint page template gallery improvements and new templatesID: MC1240743 | Service: SharePoint Online | Tags: New feature, User impactSharePoint is enhancing its page template gallery with 31 new templates, improved browsing, filtering, search, and unified Pages and News creation. En...

Microsoft Viva – Microsoft 365 Copilot adoption (Power BI) report update with power user insightsID: MC1240742 | Service: Microsoft Viva, Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactThe Microsoft 365 Copilot adoption (Power BI) report in Viva Insights will be updated by mid-March 2026 with a streamlined layout and new power user i...

Microsoft Viva – Copilot Analytics: “All” licensed user page added to the Copilot DashboardID: MC1240741 | Service: Microsoft Viva, Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactThe Copilot Dashboard will add an “All” view combining licensed Microsoft 365 Copilot and unlicensed Copilot Chat usage, enabled by default with no ad...

Copilot entry point changes in Word and handoff to Agent in chatID: MC1240704 | Service: Microsoft 365 apps | Tags: Feature update, User impact, Admin impactCopilot entry points in Word are being unified and moved to a consistent corner, with contextual access via selection floatie (Windows/Web) or right-c...

Updated Message Center Items

Microsoft Teams | VDI for Azure Virtual Desktops/Windows 365 and Citrix: macOS support with new SlimCore optimizationID: MC1151241 | Service: Microsoft Teams | Tags: Updated message, New feature, User impactMicrosoft Teams now supports macOS with a new SlimCore media engine for Azure Virtual Desktop, Windows 365, and Citrix, improving performance, meeting...

(Updated) Microsoft 365 Copilot: Add web links as references in Copilot NotebooksID: MC1193414 | Service: Microsoft Copilot (Microsoft 365) | Tags: Updated message, New feature, User impact, Admin impactMicrosoft 365 Copilot Notebooks will allow users with a Copilot license to add public web links as references, expanding beyond file types like Word a...

(Updated) Microsoft Teams: Hiding inactive channelsID: MC804771 | Service: Microsoft Teams | Tags: Updated message, New feature, User impactMicrosoft Teams paused the rollout of automated hiding of inactive channels, now offering opt-in suggestions for users to review and hide inactive cha...

(Updated) Microsoft Teams: Private channels increased limits and transition to group complianceID: MC1134737 | Service: Microsoft Teams | Tags: Updated message, New feature, User impact, Admin impactMicrosoft Teams is updating private channels by increasing limits to 1000 channels per team and 5000 members per channel, enabling meeting scheduling,...

(Updated) Microsoft Teams: Choose to hide inactive channelsID: MC1141958 | Service: Microsoft Teams | Tags: Updated message, Feature update, User impact, Admin impactMicrosoft Teams paused the rollout of automated hiding of inactive channels, now offering opt-in suggestions instead. Users can review and hide inactivity

Microsoft Security News and Events:

* Active Directory Hardening Series

* Protect the Browser

Watch the live show:

In this episode we discuss why Edward continues to go down AI generated rabbit holes instead completing the homework assignment given to him by Frank

We talk about changes in how Sentinel data lake ingest XDR logs, AI rabbit holes and lots of other random security items.

Words of Wisdom:

The biggest lie we tell ourselves is, “I don’t need to write this down because I will remember it”.

Cool Tools and Links:

* https://cmd.ms/ - the Microsoft Cloud command line!

TOP AI and Security Links to take a look-see:

* Open AI ready made prompts: https://academy.openai.com/public/tags/prompt-packs-6849a0f98c613939acef841c

* All the admin portal and API endpoints: 🖥 Home | [cmd.ms]

*

* Microsoft Community Hub - Monthly news - February 2026 | Microsoft Community Hub

Weekly Microsoft 365 Announced Changes:

* Microsoft Purview: Data Lifecycle Management- Azure PST ImportID: 557559 | Product: Microsoft Purview | Status: In developmentAzure PST Import is a migration method that enables PST files stored in Azure Blob Storage to be imported directly into Exchange Online mailboxes. It ...

Microsoft 365 Copilot: xAI Grok 4.1 Fast now available in Copilot Studio for US customers (admin opt-in required)ID: MC1235017 | Service: Microsoft Copilot (Microsoft 365) | Tags: New feature, User impact, Admin impactStarting February 19, 2026, xAI Grok 4.1 Fast, a text-only large language model, will be available in Microsoft Copilot Studio for U.S. customers by a...

Simplified Teams app bar to create a cleaner and more focused experienceID: MC1234559 | Service: Microsoft Teams | Tags: New feature, User impactMicrosoft Teams is simplifying the app bar to reduce clutter and improve focus, rolling out from mid-March to early April 2026. The app bar will show ...

Microsoft Teams: Enable customers to book appointments from a live chat widget on your websiteID: 557172 | Product: Microsoft Teams | Status: In developmentThe Microsoft Teams live chat widget lets customers engage in one to one conversations with your business directly from your website, and now also ena...

Coming soon to organizations: Customize the Start menu with updated policies

* Microsoft Copilot (Microsoft 365): Explain slide selection during PowerPoint LiveID: 557256 | Product: PowerPoint, Microsoft Copilot (Microsoft 365) | Status: In developmentThis feature enhances the PowerPoint Live meeting experience by using Copilot to let attendees select slide text and get explanations for the content.

Microsoft Viva: Copilot Analytics: Copilot adoption PBI version update including Power user insights.ID: 557674 | Product: Microsoft Viva, Microsoft Copilot (Microsoft 365) | Status: In developmentThe updated Copilot adoption Power BI report will come with a streamlined UX and new Power user insights.

Outlook: Share Word, Excel, and PowerPoint local files via the new Outlook for WindowsID: 557675 | Product: Outlook | Status: In developmentWhen working in an open Word, Excel, or PowerPoint file, users will now be able to send a copy of the locally stored file by email through the new Out...

OneDrive: Set a custom name for the OneDrive sync folderID: 557562 | Product: OneDrive | Status: In developmentIT admins can now customize the local OneDrive sync root folder name on users’ Windows computers. By default, the folder is named “OneDrive - {organiz...

SharePoint: New SharePoint ExperienceID: 547732 | Product: SharePoint | Status: In developmentWe are introducing a reimagined SharePoint experience designed to be simple and intuitive, centered on the core jobs of discovering knowledge, publish...

Outlook: Prepare for meetings with Copilot in classic Outlook for WindowsID: 542186 | Product: Outlook | Status: In developmentWith so many of us in back-to-back meetings, it can be a real struggle to stay on top of pre-reads, action items, and even what each meeting is about....

Microsoft Teams: Attend Microsoft webinars from Teams Rooms on AndroidID: 547824 | Product: Microsoft Teams | Status: In developmentYou can join a Microsoft webinar from a Teams Room on Android and interact seamlessly during the event. Available for Teams Rooms Pro.

Microsoft Teams: Streamlined Microsoft 365 Certified App Management in Teams Admin CenterID: 485712 | Product: Microsoft Teams | Status: In developmentThis feature allows Microsoft 365 administrators to enable Microsoft 365 certified SaaS applications within their tenant through org-wide settings for...

Microsoft Teams: Branded Meeting ReactionsID: 541830 | Product: Microsoft Teams | Status: In developmentWith new branded reactions, organizations can now extend their visual identity directly into meetings. IT admins simply upload custom reaction icons r...

Microsoft 365 app: Microsoft Loop - Admin usage reports for LoopID: 421611 | Product: Microsoft 365 app | Status: In developmentView and monitor Loop usage in the tenant through existing M365 admin usage dashboards.

Microsoft 365 Copilot: Ground Chat in SharePoint Lists using Context IQID: MC1235746 | Service: Microsoft Copilot (Microsoft 365) | Tags: New feature, User impactMicrosoft 365 Copilot will allow users to search for and insert SharePoint Lists into chat prompts via Context IQ, enhancing response accuracy. This f...

Plan for Windows Server 2016 and Windows 10 2016 LTSB end of supportID: MC1235720 | Service: Windows | Tags: Admin impact

Microsoft Teams: Upcoming changes to Microsoft Places licensing and feature accessID: MC1235124 | Service: Microsoft Teams, Microsoft 365 for the web | Tags: Feature update, User impact, Admin impactStarting April 1, 2026, Microsoft Places licensing will shift from user-based to space-based, making core features widely available without Teams Prem...

OneNote for iOS: Introducing automatic local backupsID: MC1235123 | Service: Microsoft 365 apps | Tags: New feature, User impact, Admin impactOneNote for iOS will automatically create local backups of notebooks stored in the iOS Files app, enabling self-service recovery via PC or Mac. This f...

(Updated) Microsoft Teams: Reduced automatic updates in Meet Now channel meeting threadsID: MC1235118 | Service: Microsoft Teams | Tags: Updated message, Feature update, User impactMicrosoft Teams will reduce automatic updates in Meet Now channel meeting conversations, showing only a single “Meeting started” message in the channe...

Microsoft Security News and Events:

* Defender for AI https://techcommunity.microsoft.com/blog/microsoftdefendercloudblog/defender-for-ai-services-threat-protection-and-ai-red-team-workshop/4464771

* https://aka.ms/AgentID/ITPro - Entra Agent ID for IT Pros

* https://aka.ms/AgentID/ITPro/CreationChannels - Creation Channels for Entra Agent IDs

* https://aka.ms/AgentID/Developers - Entra Agent ID Platform for Developers

* https://aka.ms/AgentID/Developers/Concepts - Key Concepts for Entra Agent ID Developers

* https://aka.ms/AgentID/GraphAPI - Microsoft Graph API for Entra Agent ID, including the new permissions for Entra Agent ID

* https://aka.ms/AgentID/Foundry - Agent ID Integration with Foundry

* https://aka.ms/AgentID/CopilotStudio - Agent ID Integration with Copilot Studio

* https://aka.ms/AgentID/CAAgent - Agent ID Integration of Conditional Access Optimization Agent

* https://aka.ms/AgentID/ARAgent - Agent ID Integration with Access Review Agent

* https://aka.ms/AgentID/MCSAgents - Copilot Studio Agents (old Agent IDs – SPs)

* https://aka.ms/AgentID/D365Agents - Dynamics 365 Agents overview – the main source of Agent IDs in our customers’ tenant

* https://aka.ms/AgentID/BRK243 - Ignite on-demand BRK243 (Microsoft Entra: What’s New in Secure Access on the AI Frontier)

* https://aka.ms/AgentID/BRK265- Ignite on-demand BRK265 (Secure access for AI agents with Microsoft Entra)

Enjoyed this recent blog post from Microsoft Threat Intel team detailing a threat actors TTPs to compromise cloud-based data storage. What I found interesting is their on-prems to cloud lateral movements. Across multiple domains and across multiple Entra ID tenants within a single customer. A lot of you deal with this due to your business conducting multiple M&As over many years. Just goes to show the basics matter, hygiene matters, full visibility which mean full coverage matters. (off soap box)

Also, had a fun time watching a YouTube video of AzureHound being used to help easily identify relationships and permissions in an Azure environment. For example, to locate a user who had elevated privileges on a non-human identity (Service Principle) which had assigned global admin 🙄😐😑. This was one of the tools the threat actors used for recon.

Hope everyone has a great weekend and enjoys the read! Click Here for Blog

Watch the live replay:

In this episode we have the good folks from the security company - LockBase Cyber. Leonard Volling and Charlie Smith will come on and talk about their new Microsoft Sentinel pricing tool.

Also Ed talks about how this work travel kept him from doing his homework and messed up the last show, Frank is still trying to decide if he would rather teach security or AI and Rod has finished his No Pop-Tarts January. Oh, we also talked about AI security, Sentinel data lake, AI chips from Google and how we will pivot the show in 2026 to have a deep focus on all things that help secure AI, blah, blah, blah.

Words of Wisdom:

The biggest lie we tell ourselves is, “I don’t need to write this down because I will remember it”.

Cool Tools and Links:

* https://cmd.ms/ - the Microsoft Cloud command line!

TOP AI and Security Links to take a look-see:

* Link to New Microsoft Security and AI Architect Certification - Survey | Qualtrics Survey Software

* LockBase Cyber: - Sentinel Log Planner by LockBase - Plan Your Microsoft Sentinel Data Strategy

* Open AI ready made prompts: https://academy.openai.com/public/tags/prompt-packs-6849a0f98c613939acef841c

* All the admin portal and API endpoints: 🖥 Home | [cmd.ms]

* Sentinel and XDR portal: UPDATE: New timeline for transitioning Sentinel experience to Defender portal | Microsoft Community Hub

* Microsoft Community Hub - Monthly news - February 2026 | Microsoft Community Hub

Weekly Microsoft 365 Announced Changes:

* (Updated) Upcoming Conditional Access change: Improved enforcement for policies with resource exclusionsID: MC1223829 | Service: Microsoft Entra | Tags: Updated message, Feature update, User impact, Admin impactStarting March 27, 2026, Conditional Access policies targeting All resources will be enforced even if they have resource exclusions, affecting sign-in...

* Microsoft 365 Copilot: User-day export for Copilot dashboard metrics in public previewID: MC1222978 | Service: Microsoft Copilot (Microsoft 365) | Tags: Feature update, User impact, Admin impactMicrosoft 365 Copilot dashboard adds a public preview of a new user-day export option, allowing company-level users to download de-identified daily us...

* Microsoft Defender for Android: End of support for Android 10 devicesID: MC1222977 | Service: Microsoft Defender XDR | Tags: User impact, Admin impact, RetirementMicrosoft Defender for Android will end support for Android 10 devices on March 31, 2026. After this date, these devices will no longer receive update...

Microsoft General:

* Latest progress update on Microsoft’s Secure Future Initiative | Microsoft Security Blog

* ​​Whisper Leak: A novel side-channel attack on remote language models | Microsoft Security Blog

* New IDC research highlights a major cloud security shift | Microsoft Security Blog

AI Security:

* Public Preview: Entra ID support for RDP connections in portal

* DNS flow trace logs in Azure Firewall are now generally available

* General Availability of JavaScript Challenge in Azure Front Door WAF

* Using Packet Capture for troubleshooting Azure Firewall flows

* Public Preview: Custom WAF Block Status & Body for Azure Application Gateway

Azure Security & Defender for Cloud News:

* Microsoft Defender for Cloud Innovations at Ignite 2025

* Announcing Microsoft cloud security benchmark v2 (public preview)

* Fast-Start Checklist for Microsoft Defender CSPM: From Enablement to Best Practices

* Unlocking Business Value: Microsoft’s Dual Approach to AI for Security and Security for AI

* Check This Out! (CTO!) Guide (October 2025)

* Update Coverage Workbook in Microsoft Defender for Cloud to Include Defender for AI Plan status

Purview - Compliance & Governance:

* Consolidate & Conquer: Driving Business Transformation with Integrated Security (Part 1 of 2) | Microsoft Community Hub

Microsoft Entra:

* Microsoft named a Leader in the Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year | Microsoft Security Blog

ICYMI: Watch replays of Microsoft Entra sessions at Microsoft Ignite 2025 | Microsoft Community Hub

Copilot for Security:

* Agents built into your workflow: Get Security Copilot with Microsoft 365 E5 | Microsoft Security Blog

Sentinel:

* The Microsoft Copilot Data Connector for Microsoft Sentinel is Now in Public Preview | Microsoft Community Hub

* Turn Complexity into Clarity: Introducing the New UEBA Behaviors Layer in Microsoft Sentinel | Microsoft Community Hub

* Strategies for Threat Awareness and Response - Not product focused. Threat Actor focused and actional-able guidance.

* Sentinel & Defender XDR Ninja Training - Product focused. What’s new, deep dives, best practices ...etc.

Defender XDR:

* Monthly news - November 2025

* Strengthening calendar security through enhanced remediation

* Microsoft Ignite 2025: Transforming Phishing Response with Agentic Innovation

* Microsoft Defender for Office 365: Fine-Tuning

* You may be right after all! Disputing Submission Responses in Microsoft Defender for Office 365

* Ensure your ICES solution works seamlessly alongside Microsoft Defender

* Using the Microsoft Defender for Endpoint Files API to Validate Malware Hashes | Microsoft Community Hub

* MDE for Non‑Persistent VDI — Implementation Guide & Best Practices.

Watch the live replay

In this episode, Ed talks about this travel adventures, Frank confesses that he is addicted to life on a cruise ship and Rod was out because of Pop Tart overdose. Oh, we also talked about AI security, Sentinel datalake, AI chips from Google and how we will pivot the show in 2026 to have a deep focus on all things that help secure AI, blah, blah, blah.

Words of Wisdom:

The best way to get a correct answer on the internet is to post an obviously wrong answer and wait for someone to correct you.

Show Links:

Learning:

Secure your data for AI with Microsoft Purview

Tuesday, January 27, 2026, 1:00 – 2:00 PM ET (GMT-05:00)

Register now

Strengthen Your Security Posture with Advanced Identity Solutions

Wednesday, January 28, 2026, 2:00 – 3:00 PM ET (GMT-05:00)

Register now

Dive into a simulation of Microsoft 365 Defender and Microsoft Sentinel

Wednesday, February 04, 2026, 11:00 AM – 6:00 PM (GMT-05:00)

Register now

General:

* Microsoft Ignite: ​​Ambient and autonomous security for the agentic era​​ | Microsoft Security Blog

* SesameOp: Novel backdoor uses OpenAI Assistants API for command and control | Microsoft Security Blog

* How to build forward-thinking cybersecurity teams for tomorrow | Microsoft Security Blog

AI Security:

* ​​Learn what generative AI can do for your security operations center | Microsoft Security Blog

* Microsoft Entra: What’s New in Secure Access on the AI Frontier

* Riding the AI Wave: How Microsoft Entra is Evolving for the Agentic Era

* Defender for AI services: Threat Protection and AI red team workshop

Azure Security & Defender for Cloud News:

* Microsoft Defender for Cloud Innovations at Ignite 2025

* Announcing Microsoft cloud security benchmark v2 (public preview)

* Fast-Start Checklist for Microsoft Defender CSPM: From Enablement to Best Practices

* Unlocking Business Value: Microsoft’s Dual Approach to AI for Security and Security for AI

* Unlocking Business Value: Microsoft’s Dual Approach to AI for Security and Security for AI

Fast-Start Checklist for Microsoft Defender CSPM: From Enablement to Best Practices

Announcing Microsoft cloud security benchmark v2 (public preview)

Microsoft Defender for Cloud Innovations at Ignite 2025

Defender for AI services: Threat protection and AI red team workshop

Purview - Compliance & Governance:

* Consolidate & Conquer: Driving Business Transformation with Integrated Security (Part 1 of 2) | Microsoft Community Hub

Device Management & Protection (Intune):

* What’s new in Microsoft Intune at Ignite

Microsoft Entra:

* Enhance protection of Microsoft Entra ID authentication by blocking external script injection

* Building defense in depth: Simplifying identity security with new partner integrations

* Driving cloud-first identity: User SOA is now Public Preview and Group SOA is Generally Available

* Platform SSO for macOS

Threat Intelligence:

* What’s New at Ignite: Powerful Enhancements in Unified Threat Intelligence

Copilot for Security:

* Agents built into your workflow: Get Security Copilot with Microsoft 365 E5 | Microsoft Security Blog

Defender XDR & Sentinel:

* Ignite 2025: What’s new in Microsoft Defender?

* New Compliance Solutions in Microsoft Sentinel: HIPAA & GDPR Reports | Microsoft Community Hub

* Ignite 2025: New Microsoft Sentinel Connectors Announcement

* Detect more, spend less: the future of threat intelligence correlation

* Operationalizing the Sentinel data lake: A Practitioner’s Guide

* Automating IOC hunts in Microsoft Sentinel data lake

* What’s New in Microsoft Sentinel: November 2025

* Security Copilot for SOC: bringing agentic AI to every defender

* Enhancing visibility into your identity fabric with Microsoft Defender

* Detect more, spend less: the future of threat intelligence correlation

Watch the live replay

Join our hosts December 18th, 2025, as they dive into the electrifying world of Microsoft Security’s latest breakthroughs. This episode unpacks real-world triumphs in thwarting sophisticated AI-driven phishing swarms, and debates the hottest zero-day exploits shaking the headlines. Packed with insider tips this is your must-listen guide to staying light-years ahead in the cyber arms race.

This episode, we welcome back Alistair Pugin to talk Agent security.

Show Notes/Links

* Alistair Pugin on LinkedIn: https://www.linkedin.com/in/alistairpugin/

* Learn about Data Security Posture Management for AI: https://learn.microsoft.com/en-us/purview/dspm-for-aiList of AI sites supported by

* Microsoft Purview Data Security Posture Management (DSPM) and DSPM for AI: https://learn.microsoft.com/en-us/purview/ai-microsoft-purview-supported-sites

* Permissions for Data Security Posture Management for AI: https://learn.microsoft.com/en-us/purview/ai-microsoft-purview-permissions

* MITRE ATLAS: https://atlas.mitre.org/

After a pre-Ignite cliffhanger, we welcome back the illustrious James Key. This episode, James is back to fill us in on the Ignite announcements around Security Copilot that he couldn’t talk about last time.

Show Notes/Links

* Learn about Security Copilot inclusion in Microsoft 365 E5 subscription https://learn.microsoft.com/en-us/copilot/security/security-copilot-inclusion

* Microsoft 365 adds advanced Microsoft Intune solutions at scale https://techcommunity.microsoft.com/blog/microsoftintuneblog/microsoft-365-adds-advanced-microsoft-intune-solutions-at-scale/4474272

* What is Microsoft Entra Agent ID? https://learn.microsoft.com/en-us/entra/agent-id/identity-professional/microsoft-entra-agent-identities-for-ai-agents

* The Microsoft Security Store: https://SecurityStore.Microsoft.com

As the Thanksgiving turkey roasts and the family gathers, cybercriminals are lurking in the digital shadows, ready to crash your holiday feast. In Episode 280 of THE Security Insights Show, hosts serve up a timely platter of cybersecurity wisdom to keep your “gravy secrets”—those juicy credentials, financial data, and personal info—safe from opportunistic hackers.Dive into the rising tide of “Turkey-Day Trojans”: sneaky malware disguised as festive deals, phishing emails from “Aunt Edna” demanding urgent wire transfers, and smart home devices turned into spy cams by unsecured Wi-Fi. We’ll unpack real-world holiday hacks, from ransomware gobbling up your shopping carts to social engineering tricks exploiting family chit-chat. Plus, get actionable Microsoft Security tips—like leveraging Defender for endpoint protection, Entra ID for secure guest access during virtual toasts, and Copilot-powered threat hunting to spot the bad stuffing before it sours the meal.Whether you’re a CISO stress-testing your perimeter or just a home user dodging Black Friday bait, this episode arms you with the tools to feast worry-free. Tune in now on YouTube, Apple Podcasts, Spotify, or your favorite platform—because nothing ruins a holiday like a data breach on dessert. Don’t forget to subscribe for more bites of security insight!

This episode of “THE Security Insights Show” covers a range of topics, starting with personal updates and discussions about cybersecurity certifications. The hosts delve into the role of Artificial Intelligence (AI) in cybersecurity, specifically debating the necessity of learning KQL (Kusto Query Language) from scratch given the advent of natural language to KQL models (16:01). They discuss the importance of understanding underlying data and language nuances even with AI assistance (18:56).

The conversation then pivots to key announcements from Microsoft Ignite, including:

* Work IQ: An intelligent layer that enhances productivity by connecting organizational and personal data, enabling AI-driven insights and recommendations within Microsoft 365 applications (31:31).

* Proactive Attack Disruption and Predictive Shielding: Microsoft’s new capabilities to anticipate attacker moves during ongoing attacks, dynamically hardening targets in real-time (35:59).

* Expanded Automatic Attack Disruption: This feature extends to work across third-party services like AWS, Okta, and Proofpoint, allowing Microsoft Defender to take decisive actions on external systems even if the threat originates from a non-Microsoft system (39:06).

* Rebranding of Defender XDR to Borg XDR: Indicating a consolidation of more Defender for Cloud functionality and assimilation of Sentinel into the unified Defender portal (42:00).

* Native Sysmon in Windows 11: A significant announcement for security professionals (42:35).