BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Player FM - Internet Radio Done Right
Checked 14h ago
Ajouté il y a deux ans
Contenu fourni par Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Similaire à Blue Security
What is the internet doing to us? The Times tech columnist Kevin Roose discovers what happens when our lives move online. Unlock full access to New York Times podcasts and explore everything from politics to pop culture. Subscribe today at nytimes.com/podcasts or on Apple Podcasts and Spotify.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
R
Redefining AI - Artificial Intelligence with Squirro
1
Redefining AI - Artificial Intelligence with Squirro
Squirro
12k
115
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
T
The Talk Show With John Gruber
1
The Talk Show With John Gruber
Daring Fireball / John Gruber
2k339
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
))
Daily Deals
Podcasts qui valent la peine d'être écoutés
SPONSORISÉ
S
State Secrets: Inside The Making Of The Electric State
1 Family Secrets: Chris Pratt & Millie Bobby Brown Share Stories From Set 22:08
22:08 
Lire Plus Tard 
Lire Plus Tard 
Des listes 
J'aime 
Aimé22:08
Lire Plus Tard
Lire Plus Tard
Des listes
J'aime
AiméHost Francesca Amiker sits down with directors Joe and Anthony Russo, producer Angela Russo-Otstot, stars Millie Bobby Brown and Chris Pratt, and more to uncover how family was the key to building the emotional core of The Electric State . From the Russos’ own experiences growing up in a large Italian family to the film’s central relationship between Michelle and her robot brother Kid Cosmo, family relationships both on and off of the set were the key to bringing The Electric State to life. Listen to more from Netflix Podcasts . State Secrets: Inside the Making of The Electric State is produced by Netflix and Treefort Media.…
Blue Security
Tout marquer comme (non) lu
Manage series 3498024
Contenu fourni par Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
…
continue reading
240 episodes
Partager
Tout marquer comme (non) lu
Manage series 3498024
Contenu fourni par Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Andy Jaw & Adam Brewer, Andy Jaw, and Adam Brewer ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
…
continue reading
240 episodes
كل الحلقات
×
B
Blue Security
1 Side-by-Side with Third-Party Products 40:32
40:32 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé40:32
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the integration of Microsoft Security Solutions with third-party security tools. They explore how organizations can leverage Microsoft Defender for Endpoint, Defender for Office, Entra, Intune, and Cloud Access Security Broker solutions to enhance their security posture. The conversation emphasizes the importance of utilizing existing tools to gain additional insights and telemetry, ensuring a more robust security framework without conflicts or performance degradation. ---------------------------------------------------- YouTube Video Link: https://youtu.be/kE2cVwjPzYs ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-compatibilityhttps://learn.microsoft.com/en-us/intune/intune-service/protect/device-compliance-partners#supported-device-compliance-partnershttps://learn.microsoft.com/en-us/defender-cloud-apps/zscaler-integrationhttps://learn.microsoft.com/en-us/defender-cloud-apps/additional-integrations ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Automatic Attack Disruption with OAuth Protection 32:26
32:26 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé32:26
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft's Automatic Attack Disruption feature, particularly focusing on its integration with OAuth protection. They discuss the risks associated with OAuth applications, the importance of signal correlation in detecting and mitigating attacks, and the capabilities of Microsoft's Defender XDR platform. The conversation highlights the need for organizations to configure their security settings effectively and the future direction of security practices towards a 'secure by default' approach. ---------------------------------------------------- YouTube Video Link: https://youtu.be/zLj5b8JFH2s ---------------------------------------------------- Documentation: https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/defending-against-oauth-based-attacks-with-automatic-attack-disruption/4384381 https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-user-consent?pivots=portal https://learn.microsoft.com/en-us/graph/permissions-reference https://learn.microsoft.com/en-us/defender-xdr/configure-attack-disruption ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode, Andy and Adam discuss a significant breach of sensitive military information that was leaked through a Signal chat involving high-level government officials. They explore the implications of this breach, the role of technology in government security, and the human errors that led to the violation of established policies. The conversation delves into the cultural influences on compliance, the challenges posed by shadow IT, and the evolution of security practices in the face of modern technology. They also evaluate the security risks associated with using Signal for sensitive communications. In this conversation, Andy Jaw and Adam Brewer delve into the complexities of data security, focusing on the vulnerabilities associated with devices and applications like Signal. They discuss the importance of human factors in data security, emphasizing that even the most secure applications can be compromised through human error. The conversation transitions into organizational strategies for protecting sensitive information, highlighting the need for a positive workplace culture that encourages compliance with security protocols. The discussion concludes with reflections on the importance of adaptability in organizational security practices and the role of insider risk management. ---------------------------------------------------- YouTube Video Link: https://youtu.be/hLotPRhNH8s ---------------------------------------------------- Documentation: https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/ https://www.theatlantic.com/politics/archive/2025/03/signal-group-chat-attack-plans-hegseth-goldberg/682176/ https://www.npr.org/2025/03/25/nx-s1-5339801/pentagon-email-signal-vulnerability ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Entra Conditional Access - Deep Dive 45:56
45:56 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé45:56
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft Entra's conditional access. They explore the fundamental concepts of conditional access, its policies, and the integration of identity management with device management. The discussion highlights the importance of risk assessment, granular control, and the various conditions that can be applied to access controls. The hosts emphasize the significance of compliance policies and the interplay between different security measures to ensure robust protection against potential threats. In this conversation, Adam Brewer and Andy Jaw delve into the complexities of compliance and security in hybrid environments, focusing on access control mechanisms, session controls, and the innovative concept of authentication context. They explore the importance of ensuring devices are compliant and the various strategies organizations can implement to enhance security measures, including the use of approved client apps and continuous access evaluation. The discussion emphasizes the need for a layered security approach to protect sensitive information effectively. ---------------------------------------------------- YouTube Video Link: https://youtu.be/qvfEt49j2qQ ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/entra/identity/conditional-access/overview https://learn.microsoft.com/en-us/sharepoint/authentication-context-example https://techcommunity.microsoft.com/blog/microsoft-entra-blog/conditional-access-authentication-context-now-in-public-preview/1942484 https://techcommunity.microsoft.com/blog/coreinfrastructureandsecurityblog/enhancing-security-with-entra-pim-and-conditional-access-policy-using-authentica/4368002 ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 3rd Party Vendor or Contractor Access 47:41
47:41 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé47:41
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of granting secure access to third-party vendors and contractors. They discuss the best practices for managing elevated permissions, the implications of B2B collaboration, and the importance of lifecycle management for contractor accounts. The conversation also covers licensing considerations for external identities and compares access methods like Azure Bastion and Azure Virtual Desktop (AVD). In this conversation, Adam Brewer and Andy Jaw delve into the complexities of RDP security, Azure environments, and the management of contractor accounts. They discuss the inherent risks associated with RDP, the importance of mitigating these risks through proper governance and lifecycle management, and the advantages of using Azure Virtual Desktop (AVD) versus Windows 365 for contractors. The discussion emphasizes the need for a zero trust approach and the benefits of network segmentation, while also addressing licensing considerations and user management strategies. ---------------------------------------------------- YouTube Video Link: https://youtu.be/PQSLdNK_Yv4 ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/windows-365/overview https://learn.microsoft.com/en-us/azure/virtual-desktop/overview https://learn.microsoft.com/en-us/entra/external-id/b2b-fundamentals ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Next-Gen Logging for the Next-Gen SIEM with Special Guest Karl Niblock 57:00
57:00 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé57:00
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with cybersecurity architect Karl Niblock to discuss the evolution of logging practices in security information and event management (SIEM) systems. The conversation explores the shift from a 'log everything' mentality to a more strategic approach that emphasizes quality over quantity in data ingestion. Karl highlights the challenges posed by exponential data growth and the importance of customer empathy in designing effective security operations. The discussion also delves into the cost of detection, the value of high-quality logs, and the need for organizations to rethink their logging strategies to enhance threat detection and response capabilities. In this conversation, Karl discusses the intricacies of data logging in cybersecurity, emphasizing the importance of understanding the layers of data fidelity and how to effectively manage and utilize logs within Azure Sentinel. He introduces a pyramid model to categorize different types of logs based on their security value and discusses the significance of data-driven decision-making in optimizing security operations. The conversation also touches on the need for evolving data architecture to keep pace with modern threats and the practical implications of data management in security operations. ---------------------------------------------------- YouTube Video Link: https://youtu.be/V3KEpNIJl-o ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/data-explorer/data-explorer-overview https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-workspace-overview https://techcommunity.microsoft.com/blog/microsoftsentinelblog/using-azure-data-explorer-for-long-term-retention-of-microsoft-sentinel-logs/1883947 https://learn.microsoft.com/en-us/azure/sentinel/basic-logs-use-cases https://www.linkedin.com/in/karlniblock/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Defender Experts with Special Guest Raae Wolfram 1:05:21
1:05:21 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé1:05:21
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with Ray Wolfram, Senior Product Manager for Defender Experts at Microsoft. Ray shares her extensive background in healthcare IT and cybersecurity, detailing her journey to Microsoft and the impact of COVID-19 on the cybersecurity landscape. The conversation delves into the two offerings of Defender Experts: Defender Experts for Hunting and Defender Experts for XDR, highlighting their unique features and the role of Microsoft in providing unparalleled threat intelligence. The episode emphasizes the importance of human expertise in cybersecurity and the proactive approach of Defender Experts in threat hunting and incident response. In this conversation, the speakers discuss the evolving landscape of cybersecurity, focusing on the role of threat hunters, the capabilities of Microsoft Defender Experts for XDR, and the importance of partnerships in providing comprehensive security solutions. They explore how Microsoft meets customers where they are, the onboarding process for new customers, and the integration of third-party solutions into the Defender ecosystem. The discussion also highlights the proactive nature of Defender Experts and the future roadmap for Defender for Cloud, emphasizing the need for collaboration in the cybersecurity space.---------------------------------------------------- YouTube Video Link: https://youtu.be/zY9zOEFkZOc ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/defender-xdr/defender-experts-for-hunting https://learn.microsoft.com/en-us/defender-xdr/dex-xdr-overview https://www.microsoft.com/en-us/security/blog/2023/03/27/microsoft-incident-response-retainer-is-generally-available/ https://www.linkedin.com/in/raaewolfram/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 UK vs Apple on Encryption, MITRE Eval results, How to Rethink Phishing Simulations 1:06:16
1:06:16 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé1:06:16
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the ongoing battle between governments and tech companies over encryption, focusing on Apple's recent response to the UK government's demands for access to iCloud data. They explore the implications of Apple's decision to disable advanced data protection for UK users and the broader context of encryption in cybersecurity. The conversation then shifts to the latest MITRE evaluation of endpoint protection platforms, highlighting Microsoft's performance and the challenges of the evaluation methodology. In this conversation, Andy Jaw and Adam Brewer delve into the complexities of cybersecurity, focusing on the limitations of current testing methods, the importance of realistic evaluations, and the need for a shared responsibility culture within organizations. They critique the MITRE evaluation process, discuss the shortcomings of phishing simulations, and emphasize the necessity of integrating security into the organizational culture to foster collaboration rather than hostility between security teams and users.---------------------------------------------------- YouTube Video Link: https://youtu.be/TL_cu-vnu58 ---------------------------------------------------- Documentation: https://www.theverge.com/policy/612136/uk-icloud-investigatory-powers-act-war-on-encryption https://arstechnica.com/tech-policy/2025/02/apple-pulls-data-protection-tool-instead-of-caving-to-uk-demand-for-a-backdoor/ https://www.microsoft.com/en-us/security/blog/2024/12/11/microsoft-defender-xdr-demonstrates-100-detection-coverage-across-all-cyberattack-stages-in-the-2024-mitre-attck-evaluations-enterprise/ https://www.wsj.com/tech/cybersecurity/phishing-tests-the-bane-of-work-life-are-getting-meaner-76f30173 ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 FBI warns about unencrypted messaging, Deepseek discussion 45:49
45:49 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé45:49
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode, Andy and Adam discuss the evolution of messaging security, focusing on end-to-end encryption and the implications of RCS messaging. They explore the recent market reactions to AI developments, particularly the impact of the DeepSeek app on Nvidia's stock value and delve into the nuances of AI model efficiency and its potential effects on the tech industry. In this conversation, Adam Brewer and Andy Jaw explore the evolving landscape of AI technology, particularly in the context of US-China relations, the ethical implications of AI scraping, and the pressing concerns surrounding data privacy. They discuss the importance of building a record of work efforts, the innovative spirit that arises from constraints, and the public's perception of data security. The dialogue emphasizes the need for awareness and proactive conversations about data handling and privacy policies in an increasingly digital world.---------------------------------------------------- YouTube Video Link: https://youtu.be/yicYSkuECcQ ---------------------------------------------------- Documentation: https://www.tomsguide.com/phones/iphones/fbi-warns-apple-and-android-users-to-avoid-rcs-messaging-heres-why https://www.bbc.com/news/articles/c0qw7z2v1pgo https://techcrunch.com/2025/01/29/microsoft-probing-whether-deepseek-improperly-used-openais-api/ https://www.fastcompany.com/91267968/how-the-biden-chip-bans-created-a-monster-called-deepseek https://lifehacker.com/tech/how-to-try-deepseek-ai-and-why-you-might-not-want-to ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 CISA guidance on securing CI/CD pipelines 31:56
31:56 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé31:56
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of securing CI/CD environments, highlighting the risks associated with these systems and the best practices for mitigating vulnerabilities. They delve into specific threats, including insecure code and supply chain compromises, and emphasize the need for a collaborative approach between security professionals and developers to ensure secure software development practices. ---------------------------------------------------- YouTube Video Link: https://youtu.be/zQwFAN6PHrE ---------------------------------------------------- Documentation: https://www.cisa.gov/news-events/alerts/2023/06/28/cisa-and-nsa-release-joint-guidance-defending-continuous-integrationcontinuous-delivery-cicd https://owasp.org/www-project-top-10-ci-cd-security-risks/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Microsoft Fasttrack with Special Guest Thomas Finney 47:47
47:47 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé47:47
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft FastTrack with guest Thomas Finney. They explore the benefits and eligibility of FastTrack, which is designed to help organizations adopt and deploy Microsoft 365 services. The conversation covers various aspects of FastTrack, including various Microsoft services, focusing on Defender, Entra, Intune, Microsoft Viva, Windows deployment, App Assure, and the Microsoft 365 Copilot. They explore how FastTrack can assist organizations in leveraging these services effectively, including the role of FastTrack Ready partners in delivering benefits and support. The discussion emphasizes the importance of maximizing investments in Microsoft technologies and ensuring seamless transitions and integrations within organizations. ---------------------------------------------------- YouTube Video Link: https://youtu.be/TwaOZrDhm2M ---------------------------------------------------- Documentation: https://www.linkedin.com/in/thomascfinney/ tc.finney@microsoft.com FastTrack Service Description - https://aka.ms/ftcsd FastTrack Eligibility - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/eligibility Microsoft Defender - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-defender Microsoft Entra, including Zero Trust - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-entra-id Microsoft Intune - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-intune Microsoft Purview - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-purview Microsoft Sentinel - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-sentinel Microsoft Viva - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/microsoft-viva Office 365 - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/office-365 Windows, Windows 365, Universal Print, Microsoft 365 Apps, Microsoft Edge - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/windows-and-other-services App Assure - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/windows-and-other-services#app-assure FastTrack Process and Expectations - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/process-and-expectations Request FastTrack assistance for Microsoft 365 - https://learn.microsoft.com/en-us/microsoft-365/fasttrack/process-and-expectations#engaging-fasttrack https://learn.microsoft.com/en-us/microsoft-365/enterprise/request-fasttrack-assistance-microsoft-365?view=o365-worldwide FastTrack Ready approved partners https://cloudpartners.transform.microsoft.com/fasttrack-ready-approved-partners ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Microsoft Industry Solutions Delivery with Special Guest Brodie Cassell 1:04:01
1:04:01 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé1:04:01
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, host Andy Jaw and co-host Adam Brewer welcome Brodie Cassell, a principal security consultant at Microsoft. Brodie shares his journey from various IT roles to his current position at Microsoft, discussing the importance of adapting to new technologies and the challenges of data security in the age of AI. The conversation delves into the significance of a holistic approach to security, the role of Microsoft Industry Solutions Delivery, and the need for organizations to evolve their security practices to keep pace with technological advancements. In this conversation, Brodie Cassell and Adam Brewer discuss their experiences in the cybersecurity field, particularly focusing on the dynamics of consulting work, the evolution of security practices at Microsoft, and the differences between public and private sector security. They emphasize the importance of passion in their work, the value of community in cybersecurity, and the need for continuous learning and adaptation in a rapidly changing environment. ---------------------------------------------------- YouTube Video Link: ---------------------------------------------------- Documentation: https://www.linkedin.com/in/brodiecassell/ brodie.cassell@microsoft.com ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 CISA zero trust, macOS malware, IRS PIN, Cyber Trust Mark 48:40
48:40 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé48:40
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the Zero Trust Maturity Model and its implications for organizations looking to enhance their cybersecurity posture. They delve into CISA's guidance and Microsoft's mapping of this model, emphasizing the importance of prescriptive guidance in navigating the complexities of cybersecurity. The conversation also touches on the distinction between education and sales in the cybersecurity space, highlighting the value of continuous learning and the purpose behind their podcast. In this episode, Andy Jaw and Adam Brewer discuss the emergence of Banshee malware targeting MacOS users, emphasizing the importance of vigilance in application downloads and the effectiveness of Mac's security features. They also highlight the IRS's Identity Protection PIN program, which aims to prevent tax fraud, and the newly launched Cybersecurity Safety Label for IoT devices, designed to help consumers identify secure products. The conversation underscores the need for robust security measures and user awareness in an increasingly digital world. ---------------------------------------------------- YouTube Video Link: ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/security/zero-trust/cisa-zero-trust-maturity-model-intro https://www.msn.com/en-us/news/technology/new-macos-malware-uses-apples-own-code-to-quietly-steal-credentials-and-personal-data-how-to-stay-safe/ar-BB1rglVj https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/ https://www.bleepingcomputer.com/news/security/us-govt-launches-cybersecurity-safety-label-for-smart-devices/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest cybersecurity trends, focusing on CISA's Scuba Project and its implications for federal agencies. They explore the transition to cloud-based passwordless authentication, the Binding Operational Directive 25-01, and provide prescriptive guidance for security configurations. The conversation emphasizes the importance of modernizing cybersecurity practices and the positive impact of CISA's initiatives on national security. ---------------------------------------------------- YouTube Video Link: https://youtu.be/vR3ebqm0MVs ---------------------------------------------------- Documentation: https://www.cisa.gov/resources-tools/services/bod-25-01-implementing-secure-practices-cloud-services-required-configurations https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Sophos, Digital License Plates, TP-Link, Github Copilot 29:51
29:51 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé29:51
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant cybersecurity updates, including the indictment of a Chinese hacker involved in attacks on Sophos firewalls. They explore the growing competition from Chinese electric vehicle manufacturers and the vulnerabilities of digital license plates. The conversation also covers the investigation into TP-Link routers due to national security concerns and the launch of a free tier for GitHub Copilot, enhancing accessibility for developers. ---------------------------------------------------- YouTube Video Link: https://youtu.be/_xXm3Gdr6rg ---------------------------------------------------- Documentation: https://www.justice.gov/opa/pr/china-based-hacker-charged-conspiring-develop-and-deploy-malware-exploited-tens-thousands https://www.wired.com/story/digital-license-plate-jailbreak-hack/ https://9to5mac.com/2024/12/18/most-popular-home-internet-routers-in-us-may-be-banned-as-national-security-risk/ https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Cloud Security - Defender for ARM, DNS, and AI Workloads 28:45
28:45 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé28:45
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest developments in Azure cloud security, focusing on the Defender solutions for Resource Manager, DNS, and AI workloads. They emphasize the importance of protecting these foundational elements of Azure, particularly the Resource Manager, which serves as the control plane for all resources. The conversation also touches on the emerging threats in AI applications and the need for a holistic security strategy as organizations modernize their cloud infrastructure. The episode concludes with a reflection on the importance of security in cloud modernization and a look ahead to future topics. ---------------------------------------------------- YouTube Video Link: https://youtu.be/T2P3QbdjmlQ ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-resource-manager-introduction https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-dns-introduction https://learn.microsoft.com/en-us/azure/defender-for-cloud/ai-threat-protection ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Cloud Security - Defender for App Service and Defender for Databases 18:13
18:13 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé18:13
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of cloud security, focusing on Microsoft's Defender services. They explore Defender for App Service, highlighting its ease of activation and the security recommendations it provides. The conversation then shifts to Defender for Databases, detailing its capabilities in protecting SQL databases from various threats, including SQL injection attacks. The hosts emphasize the necessity of a layered security approach, known as defense in depth, to ensure comprehensive protection for cloud workloads. ---------------------------------------------------- YouTube Video Link: https://youtu.be/LJCohdB5ER8 ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-app-service-introduction https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-databases-plan ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Cloud Security - Defender for Key Vault and Defender for API 21:45
21:45 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé21:45
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into Azure Key Vault and its security features, particularly focusing on Defender for Key Vault and Defender for API. They discuss the importance of securely managing sensitive information, the ease of deploying these security solutions, and the critical need for visibility and threat detection in cloud environments. The conversation highlights the differences between the two defenders, emphasizing the growing threat landscape for APIs and the necessity of robust security measures. ---------------------------------------------------- YouTube Video Link: https://youtu.be/JxfdKZTWF3c ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-key-vault-introduction https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-apis-introduction ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Options for Microsoft training 28:29
28:29 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé28:29
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode, Andy and Adam discuss various resources available for training on Microsoft technologies. They emphasize the importance of the Learn Microsoft portal, highlight the benefits of Ninja training for deep dives into specific topics, and recommend various YouTube channels for bite-sized learning. The conversation also covers the significance of tech community blogs, hands-on learning through applied skills, and creating personal lab environments for experimentation. Additionally, they touch on other learning resources available beyond Microsoft, including LinkedIn Learning and the value of networking with peers. ---------------------------------------------------- YouTube Video Link: https://youtu.be/5A54j9wmHt4 ---------------------------------------------------- Documentation: https://rodtrent.substack.com/p/all-the-microsoft-ninja-training https://www.youtube.com/@MSFTMechanics https://www.youtube.com/@MicrosoftSecurity https://www.youtube.com/@MicrosoftSecurityCommunity https://techcommunity.microsoft.com/t5/security-compliance-and-identity/bg-p/MicrosoftSecurityandCompliance https://learn.microsoft.com/en-us/credentials/browse/?credential_types=applied%20skills https://ajawzero.medium.com/my-unraid-build-thoughts-and-lessons-learned-881781c2cf97 ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode, hosts Andy and Adam recap the key announcements from Microsoft Ignite, focusing on new features in Microsoft Edge, enhancements in Microsoft Teams for global collaboration, and significant updates in security management tools like Security Co-Pilot and Microsoft Purview. They discuss the importance of data security, the role of AI in improving security posture, and the latest improvements in Intune for device management. The conversation covers significant advancements in Microsoft's technology offerings, focusing on improvements in Intune for device management, updates to the Entra Suite and Security Service Edge, AI integration in security management, innovations in Defender for Cloud, and enhancements aimed at strengthening security posture for SMBs. Additionally, the discussion highlights new features in Windows 365 and concludes with insights into Microsoft's progress in quantum computing. ---------------------------------------------------- YouTube Video Link: ---------------------------------------------------- Documentation: https://news.microsoft.com/ignite-2024-book-of-news/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 CMMC with Special Guest Justin Orcutt 25:53
25:53 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé25:53
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer welcome Justin Orcutt from Microsoft to discuss the Cybersecurity Maturity Model Certification (CMMC). The conversation covers the history and requirements of CMMC, the steps companies need to take to prepare for audits, and the importance of continuous monitoring. Justin shares insights on the anxiety surrounding CMMC compliance, the tools available for tracking progress, and the broader implications of CMMC for various industries beyond defense contracting. He emphasizes the need for organizations to understand their data security requirements and engage with communities for support. ---------------------------------------------------- YouTube Video Link: https://youtu.be/dCMeiEXhRTI ---------------------------------------------------- Documentation: https://www.defense.gov/News/Releases/Release/Article/3932947/cybersecurity-maturity-model-certification-program-final-rule-published/ Justin Orcutt: https://www.linkedin.com/in/justinorcutt/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 T-Mobile Breach, Sophos hacks back, Bluesky surges 41:05
41:05 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé41:05
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the recent T-Mobile breach attributed to Chinese state-sponsored hackers, emphasizing the importance of parsing corporate statements. They delve into the implications of cybersecurity threats, referencing a Sophos report detailing a five-year cat-and-mouse game with Chinese attackers. The conversation shifts to the rise of the new social media platform, Bluesky, exploring its potential to attract users from Twitter and its unique features. ---------------------------------------------------- YouTube Video Link: ---------------------------------------------------- Documentation: https://www.cisa.gov/news-events/news/joint-statement-fbi-and-cisa-peoples-republic-china-prc-targeting-commercial-telecommunications https://www.sophos.com/en-us/content/pacific-rim https://www.bbc.com/news/articles/c8dm0ljg4y6o ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode, Andy and Adam discuss the challenges and strategies for securing seasonal and contingent workers using a Zero Trust approach. They emphasize the importance of managed devices, the complexities of hybrid domain joins, and explore alternative solutions such as cloud-based services. The conversation also touches on the significance of security policies and the need for exceptions in certain scenarios, ultimately advocating for a balanced approach to cybersecurity that enables business productivity. ---------------------------------------------------- YouTube Video Link: https://youtu.be/RsR0XsFWDjQ ---------------------------------------------------- Documentation: https://kanenarraway.com/posts/bpo-security-zero-trust/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the critical steps involved in offboarding employees, particularly focusing on Microsoft 365 environments. They cover essential practices such as blocking user sign-ins, managing mailbox contents, device management, and ensuring data protection. The conversation emphasizes the importance of modernizing device management strategies and highlights best practices for handling sensitive information during the offboarding process. The hosts also touch on the role of super users in document management and the implications of Teams chat storage. ---------------------------------------------------- YouTube Video Link: https://youtu.be/NaFv6MjJgEI ---------------------------------------------------- Documentation: https://practical365.com/checklist-for-terminating-employees-with-microsoft-365-accounts/ https://learn.microsoft.com/en-us/microsoft-365/admin/add-users/remove-former-employee?view=o365-worldwide ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Detecting AD Compromise, Safe MDE Deployment, macOS SSO 30:50
30:50 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé30:50
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical cybersecurity insights, focusing on Active Directory security techniques, the implications of recent incidents involving Microsoft Defender for Endpoint, and the introduction of passwordless solutions for Apple devices. They emphasize the importance of foundational knowledge in cybersecurity, the need for robust security practices, and the evolution of identity management solutions in enterprise environments. ---------------------------------------------------- YouTube Video Link: https://youtu.be/ySylj7V0AY8 ---------------------------------------------------- Documentation: https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-hardening/detecting-and-mitigating-active-directory-compromises https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-s-safe-deployment-practices/ba-p/4220342 https://learn.microsoft.com/en-us/entra/identity-platform/apple-sso-plugin ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 2024 Microsoft's Digital Defense Report 42:16
42:16 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé42:16
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode, Andy and Adam discuss Microsoft's 2024 Digital Defense Report, which highlights the evolving cyber threat landscape, the rise of ransomware, identity attacks, and DDoS attacks. They emphasize the importance of centering organizations around security, the shift towards passwordless authentication, and the impact of AI on cybersecurity. The conversation provides actionable insights for organizations to enhance their security posture and adapt to the changing threat environment. ---------------------------------------------------- YouTube Video Link: https://youtu.be/o7X4dH55dto ---------------------------------------------------- Documentation: https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024 ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Secure Future Initiative Update 26:35
26:35 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé26:35
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode, Andy Jaw and Adam Brewer discuss Microsoft's Secure Future Initiative (SFI), which emphasizes security by design, default, and operations. They explore the initiative's six key security pillars, the impact of recent cyber incidents, and the ongoing progress in enhancing security measures across Microsoft. The conversation highlights the importance of employee accountability, governance, and the implementation of new security protocols, including fish resistant credentials and improved monitoring systems. The hosts reflect on the challenges and changes brought about by SFI and its implications for the future of cybersecurity at Microsoft. ---------------------------------------------------- YouTube Video Link: https://youtu.be/zHX2FCO8FdY ---------------------------------------------------- Documentation: https://www.microsoft.com/en-us/security/blog/2024/09/23/securing-our-future-september-2024-progress-update-on-microsofts-secure-future-initiative-sfi/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode of the BlueScarity Podcast, hosts Andy Jaw and Adam Brewer discuss the evolution of password guidelines, focusing on the recent updates from NIST and Microsoft. They explore the implications of these changes, emphasizing the importance of understanding human behavior in password security and the need for organizations to adopt passwordless solutions. The conversation highlights practical steps for reducing reliance on passwords while enhancing security through user education and modern authentication methods. ---------------------------------------------------- YouTube Video Link: https://youtu.be/MJ_h6TzMyEU ---------------------------------------------------- Documentation: https://www.microsoft.com/en-us/research/wp-content/uploads/2016/06/Microsoft_Password_Guidance-1.pdf https://learn.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide https://pages.nist.gov/800-63-4/sp800-63.html ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the critical topic of token theft in identity management. They discuss the importance of multi-factor authentication (MFA) as a primary defense against identity attacks, the nature of tokens, and how attackers exploit vulnerabilities to steal these tokens. The conversation highlights the introduction of token binding as a new protective measure, practical steps organizations can take to reduce the risk of token theft, and the significance of detecting and investigating potential attacks. The hosts emphasize the need for managed and compliant devices, user training, and the implementation of conditional access policies to enhance security. ---------------------------------------------------- YouTube Video Link: https://youtu.be/xPHqA7JzPkY ---------------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/microsoft-entra-blog/how-to-break-the-token-theft-cyber-attack-chain/ba-p/4062700 ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 BSP Turns 4, WSUS Deprecated, macOS Firewall Woes 40:57
40:57 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé40:57
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer celebrate four years of podcasting, reflecting on their journey and the importance of providing actionable insights to their audience. They discuss the significance of education in technology, particularly in relation to Microsoft products and the recent deprecation of WSUS. The conversation also covers the implications of Apple's latest OS release and the challenges faced by enterprise users. Finally, they emphasize the need for resilience in technology and the importance of having backup plans in place. ---------------------------------------------------- YouTube Video Link: https://youtu.be/cIcE-hXtCNs ---------------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-server-update-services-wsus-deprecation/ba-p/4250436 ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Cloud Security - Containers 101 & Defender for Containers 26:59
26:59 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé26:59
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the world of containers, exploring their functionality, differences from virtual machines, and the importance of securing them. They discuss key tools like Docker and Kubernetes, and introduce Microsoft's Defender for Containers as a solution for managing security in containerized environments. The conversation emphasizes the simplicity and efficiency of containers, while also addressing the shared responsibility of security in modern application development. ---------------------------------------------------- YouTube Video Link: https://youtu.be/zjhIC4IoxgE ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-introduction ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 IBM's Cost of a Data Breach 2024 48:18
48:18 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé48:18
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode, Andy and Adam discuss the key findings from IBM's report on the costs of a data breach in 2024. They cover topics such as the increase in the cost of data breaches, the use of security AI and automation, the cyber skills shortage, the challenges of shadow data, and the importance of insider risk management. They also highlight the need for password protection, fish-resistant MFA, and data consolidation, as well as the benefits of using generative AI tools. The episode concludes with a reminder to not be afraid of AI and to embrace its potential to enhance productivity and efficiency. ---------------------------------------------------- YouTube Video Link: https://youtu.be/mbwJGjg7g0s ---------------------------------------------------- Documentation: https://www.ibm.com/downloads/cas/1KZ3XE9D ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss Entra Suite, a new package from Microsoft that includes various Entra products and solutions. They provide an overview of each component, including Entra Private Access, Entra Internet Access, Entra ID Governance, Entra ID Protection, and Entra Verified ID. They highlight the benefits and use cases of each component and discuss the pricing options. They also emphasize the importance of using open standards and collaboration in the identity space. ---------------------------------------------------- YouTube Video Link: https://youtu.be/9zlC8NmBEp8 ---------------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-suite-now-generally-available/ba-p/2520427 https://learn.microsoft.com/en-us/entra/global-secure-access/concept-private-access https://learn.microsoft.com/en-us/entra/global-secure-access/concept-internet-access https://learn.microsoft.com/en-us/entra/id-governance/identity-governance-overview https://learn.microsoft.com/en-us/entra/id-governance/licensing-fundamentals https://learn.microsoft.com/en-us/entra/id-protection/overview-identity-protection https://learn.microsoft.com/en-us/entra/verified-id/decentralized-identifier-overview ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Where do you get technical training? 40:18
40:18 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé40:18
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode, Andy and Adam discuss various resources and methods for getting training and learning about Microsoft and other technology solutions. They cover topics such as official documentation, certification tracks, Ninja training, Microsoft Mechanics, the Tech Community, customer connection programs, building a personal lab, and the importance of having a supportive network. Takeaways - learn.microsoft.com is the official documentation and training resource for Microsoft products and solutions. - Microsoft offers certification tracks for various roles and technologies, and free training is available for these certifications. - Ninja training provides deep dives and technical content on security, compliance, and other Microsoft products. - Microsoft Mechanics is a YouTube channel and podcast that offers bite-sized videos on various Microsoft technologies. - Building a personal lab using virtualization software or cloud services is a great way to gain hands-on experience. - Having a supportive network of coworkers and friends who are curious and willing to share experiences can greatly enhance learning and professional growth. ---------------------------------------------------- YouTube Video Link: https://youtu.be/5cgUfci9M9c ---------------------------------------------------- Documentation: https://rodtrent.substack.com/p/all-the-microsoft-ninja-training https://www.youtube.com/@MSFTMechanics https://www.youtube.com/@MicrosoftSecurity https://techcommunity.microsoft.com/t5/security-compliance-and-identity/bg-p/MicrosoftSecurityandCompliance https://aka.ms/joinccp ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Trump and NPD Hacked, Microsoft Admin MFA 33:19
33:19 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé33:19
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, Andy and Adam discuss several cybersecurity news stories. They cover the hack of the Trump campaign's emails by Iranian hackers, the breach of the National Public Data records, and Microsoft's new requirement for admins to enable multi-factor authentication (MFA). They also touch on the importance of data privacy and the need for companies to be responsible stewards of consumer data. Takeaways -Iranian hackers targeted the Trump campaign's emails in an attempt to influence the US presidential election. -The breach of the National Public Data records compromised personal information for billions of individuals, highlighting the need for stronger data privacy regulations. -Microsoft is enforcing the use of multi-factor authentication (MFA) for admins to enhance security and reduce the risk of account takeovers. -Companies should prioritize data security and be responsible stewards of consumer data, minimizing data collection and protecting it from unauthorized access. ---------------------------------------------------- YouTube Video Link: https://youtu.be/xFPPyec6GJQ ---------------------------------------------------- Documentation: https://blogs.microsoft.com/on-the-issues/2024/08/08/iran-targeting-2024-us-election/ https://npd.pentester.com/search https://www.bleepingcomputer.com/news/microsoft/microsoft-enable-mfa-or-lose-access-to-admin-portals-in-october/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Cloud Security - Defender for Storage Deep Dive 28:25
28:25 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé28:25
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft's Defender for Storage, a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. They highlight the three major impacts on data workloads: malicious file uploads, sensitive data exfiltration, and data corruption. The solution offers activity monitoring, malware scanning, and sensitive data threat detection. They also mention the pricing model, the integration with Microsoft Purview, and the ease of deployment using Azure Policy and Logic Apps. Takeaways -Defender for Storage is a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. -The solution protects against malicious file uploads, sensitive data exfiltration, and data corruption. -It offers activity monitoring, malware scanning, and sensitive data threat detection. -Integration with Microsoft Purview allows for seamless inheritance of sensitivity settings. -Deployment can be done through the Azure portal, Azure Policy, or infrastructure as code using the REST API. -Logic Apps can be used to automate responses and streamline security operations. -A pre-purchase plan is available for Defender for Cloud workloads, offering programmatic discounts and predictable billing. ---------------------------------------------------- YouTube Video Link: https://youtu.be/_DNCcy4V5Uo ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod LinkedIn: https://www.linkedin.com/company/bluesecpod YouTube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 New Autopilot Features, Intune Enrollment Attestation, MAM for W365/AVD 24:40
24:40 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé24:40
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, Andy and Adam discuss new features and updates in Intune, including autopilot for existing devices, Intune enrollment attestation, and mobile application management (MAM). They explain how autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence. They also highlight the importance of monitoring device enrollments and implementing security measures such as requiring a pin for app access and blocking third-party keyboards. Takeaways - Autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence. - Monitoring device enrollments and implementing security measures such as requiring a pin for app access and blocking third-party keyboards are important for protecting corporate data. -Intune enrollment attestation stores the MDM ID in the TPM of the device, preventing attacks that export the MDM device to attack other devices. -Mobile application management (MAM) is a lightweight way to protect corporate data on unmanaged devices, and it can be used in conjunction with MDM on managed devices. -MAM capabilities are now available for Windows 365 and AVD clients on Windows, iOS, PadOS, and Android clients, allowing for more secure access to corporate data. ---------------------------------------------------- YouTube Video Link: https://youtu.be/R8GYUQjr7ds ---------------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-upcoming-changes-for-deploying-windows-autopilot-for/ba-p/4181554 https://learn.microsoft.com/en-us/autopilot/existing-devices https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-attestation#resources https://techcommunity.microsoft.com/t5/windows-it-pro-blog/mam-preview-for-windows-365-and-azure-virtual-desktop/ba-p/4171051 https://learn.microsoft.com/en-us/mem/intune/protect/mobile-threat-defense ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Cloud Security - Defender CSPM Deep-Dive 33:09
33:09 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé33:09
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméSummary In this episode of the Blue Security Podcast, Andy and Adam discuss Defender CSPM (Cloud Security Posture Management). They explain that CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations. They highlight the key capabilities of CSPM, including automation, monitoring and managing IaaS, SaaS, and PaaS platforms, and ensuring regulatory compliance. They also introduce Defender CSPM, a paid subscription service that offers additional features such as agentless scanning, container vulnerability assessments, and DevOps security. They mention the inclusion of Entra Permissions Management and external attack surface management in Defender CSPM. They emphasize the value of Defender CSPM for regulatory compliance and the ease of reporting on security posture against specific standards. Takeaways -CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations. -Defender CSPM is a paid subscription service that offers additional features such as agentless scanning, container vulnerability assessments, and DevOps security. -Defender CSPM includes Entra Permissions Management and external attack surface management. -Defender CSPM is valuable for regulatory compliance and provides ease of reporting on security posture against specific standards. ---------------------------------------------------- YouTube Video Link: https://youtu.be/lqvWnxyQqVs ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-cloud-security-posture-management https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-cloud-introduction#protect-cloud-workloads https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-devops-environment-posture-management-overview ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode of the Blue Security Podcast, Andy and Adam discuss the aftermath of the CrowdStrike failed software update. They express empathy for those impacted by the incident and discuss the importance of collaboration in the cybersecurity industry. They also explore the need for transparency from security vendors and the potential impact on cybersecurity teams and funding. The conversation touches on the level of access that security solutions have and the need for a balanced approach. They emphasize the importance of having an incident response plan and implementing deployment rings for security updates. ---------------------------------------------------- YouTube Video Link: https://youtu.be/_ajB1t89VrQ ---------------------------------------------------- Documentation: https://www.crowdstrike.com/blog/falcon-update-for-windows-hosts-technical-details/ https://www.linkedin.com/posts/racheltobac_lets-get-actionable-criminals-will-attempt-activity-7220134391350538240-8ZNN/ https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/ https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959 ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
Summary In this episode, Andy and Adam discuss a blog post titled 'Cybersecurity is Full' that challenges the hype around cybersecurity careers. They explore the saturation of the field, the value of certifications and conferences, the optional nature of cybersecurity in organizations, and the stress and challenges of the industry. They emphasize the importance of having a strong foundation in technology before pursuing a career in cybersecurity and the need for organizations to prioritize cybersecurity as an enabler for their business. They also highlight the ongoing need for cybersecurity professionals and the rewarding nature of the field. Takeaways -Cybersecurity careers have been hyped up in recent years, leading to a saturation of the field, especially at the entry level. -Certification programs and conferences in cybersecurity can be expensive and may not always provide quality content or training. -The optional nature of cybersecurity in organizations means that it can be cut when budgets are tight, but there is a minimum level of investment required. -A strong foundation in technology and a basic understanding of concepts like TCP/IP and DNS are essential before pursuing a career in cybersecurity. -Cybersecurity professionals need to be persuasive and able to sell the value of cybersecurity to their organizations. -The cybersecurity industry is still growing, and professionals have the opportunity to make a difference and protect against malicious threat actors. ---------------------------------------------------- YouTube Video Link: https://youtu.be/B0roPpJKKpU ---------------------------------------------------- Documentation: https://cyberisfull.com/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Cloud Security - Defender for Servers Deep-Dive 34:52
34:52 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé34:52
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméIn this episode of the Blue Security Podcast, Andy and Adam discuss Defender for Servers, a cloud security solution offered by Microsoft. They explain that Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers. They discuss the different plans available, including Plan 1 and Plan 2, which offer varying levels of endpoint protection and vulnerability management. They also highlight the inclusion of Cloud Security Posture Management (CSPM) in both plans. The hosts emphasize the vendor-agnostic nature of Defender for Servers, which can be used in AWS, GCP, and on-premises environments. Takeaways -Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers. -There are two plans available for Defender for Servers: Plan 1 and Plan 2. Plan 1 offers endpoint protection, while Plan 2 includes additional features such as XDR, EDR, and regulatory compliance capabilities. -Both Plan 1 and Plan 2 include Cloud Security Posture Management (CSPM), which provides security recommendations and secure score assessments. -Defender for Servers is vendor-agnostic and can be used in AWS, GCP, and on-premises environments. It is available for both Windows and Linux VMs. -Defender for Servers is priced on a consumption-based model, allowing customers to pay only for what they use. ---------------------------------------------------- YouTube Video Link: https://youtu.be/-jG2BFPS45o ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers-select-plan https://learn.microsoft.com/en-us/defender-vulnerability-management/defender-vulnerability-management-capabilities#vulnerability-managment-capabilities-for-servers https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-cloud-security-posture-management ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Recommended EOP and MDO settings 39:18
39:18 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé39:18
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméIn this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by default feature in EOP and the use of admin submissions to report false positives and false negatives. They caution against using methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies, as these can bypass important security measures. They emphasize the need for organizations to regularly review and clean up their EOP policies to ensure effective email security. Takeaways -Exchange Online Protection (EOP) is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. -The secure by default feature in EOP ensures that high-confidence phishing and malware emails are blocked, regardless of any overrides or exceptions. -Admin submissions should be used to report false positives and false negatives, allowing Microsoft to review and improve filtering rules. -Methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies can bypass important security measures and should be avoided. -Regularly reviewing and cleaning up EOP policies is essential to maintain effective email security. ---------------------------------------------------- YouTube Video Link: https://youtu.be/guRhC1yVJYI ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide https://learn.microsoft.com/en-us/defender-office-365/secure-by-default https://learn.microsoft.com/en-us/defender-office-365/advanced-delivery-policy-configure#use-the-microsoft-defender-portal-to-configure-third-party-phishing-simulations-in-the-advanced-delivery-policy ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Arlington BEC, Kaspersky Ban, Crown Equipment Cyberattack 37:34
37:34 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé37:34
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméIn this episode, Andy and Adam discuss three cybersecurity news stories. They talk about a small town in Massachusetts that lost over $445,000 in an email scam, the Biden administration's ban on Kaspersky antivirus software, and a cyber attack on Crown Equipment, a forklift manufacturer. The main takeaways from the conversation are the importance of cybersecurity training, the need for secure remote access methods, and the impact of employee satisfaction on cybersecurity. Takeaways -Cybersecurity training is crucial to prevent email scams and social engineering attacks. -Secure remote access methods should be deployed and unauthorized remote access software should be blocked. -Employee satisfaction and trust in the company can reduce the risk of insider threats. -Small organizations and state and local governments are vulnerable to cyber attacks and should prioritize cybersecurity measures. ---------------------------------------------------- YouTube Video Link: https://youtu.be/YdTo2kej4VQ ---------------------------------------------------- Documentation: https://www.cybercaptcha.com/news/small-massachusetts-town-scammed-out-of-445000-in-shocking-email-hack/ https://www.bleepingcomputer.com/news/security/biden-bans-kaspersky-antivirus-software-in-us-over-security-concerns/ https://oicts.bis.gov/kaspersky/ https://www.bleepingcomputer.com/news/security/crown-equipment-confirms-a-cyberattack-disrupted-manufacturing/ ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Snowflake, Findlay Auto Ransomware, Olympics 32:03
32:03 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé32:03
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméIn this episode of the Blue Security Podcast, Andy and Adam discuss three main topics: the unauthorized user access at Snowflake, the cybersecurity issue at Finley Automotive Group, and the cyber threats surrounding the upcoming Olympics in Paris. They highlight the importance of implementing strong security controls like multi-factor authentication and regular credential rotation. They also emphasize the need for organizations to assess their data storage practices and only retain necessary customer information. The hosts discuss the challenges faced by auto dealerships in securing their outdated systems and the potential risks associated with cyber threats during major events like the Olympics. Takeaways -Implement strong security controls like multi-factor authentication and regular credential rotation to protect against unauthorized access. -Assess data storage practices and only retain necessary customer information to minimize the risk of exposure in the event of a cyber attack. -Auto dealerships face challenges in securing their outdated systems and should prioritize updating their technology infrastructure. -Major events like the Olympics are attractive targets for cyber threats, and organizations should be vigilant in detecting and mitigating potential risks. -Collaboration between security organizations and threat intelligence providers is crucial in monitoring and addressing cyber threats. ---------------------------------------------------- YouTube Video Link: https://youtu.be/IuVBExmLsvg ---------------------------------------------------- Documentation: https://thehackernews.com/2024/06/snowflake-breach-exposes-165-customers.html?utm_source=tldrinfosec&m=1 https://www.reviewjournal.com/business/source-findlay-operations-nearly-idled-losses-mount-from-cyberattack-suit-filed-3069083/ https://blogs.microsoft.com/on-the-issues/2024/06/02/russia-cyber-bots-disinformation-2024-paris-olympics/ https://www.recordedfuture.com/hurdling-over-hazards-multifaceted-threats-to-the-2024-paris-olympics ---------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
B
Blue Security
1 Microsoft Recall update, Windows Hello Enhanced Sign-in Security 42:07
42:07 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé42:07
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméIn this episode, Andy and Adam discuss the updates and clarifications made by Microsoft regarding the security concerns surrounding the Recall feature on Copilot Plus PCs. They highlight the changes, such as the option to proactively enable Recall during the out-of-box experience, the requirement of Windows Hello enrollment and proof of presence for accessing Recall, and the additional layers of protection, including just-in-time decryption and encrypted search index database. They also delve into the concept of Windows Hello Enhanced Sign-In Security and its benefits. The conversation emphasizes the importance of user choice and the balance between privacy and productivity. Takeaways -Microsoft has addressed the security concerns surrounding the Recall feature on Copilot Plus PCs by providing updates and clarifications. -The Recall feature will be turned off by default during the out-of-box experience, giving users the choice to enable it proactively. -Windows Hello enrollment and proof of presence are required to access Recall, ensuring authentication and physical presence. -Additional layers of protection, such as just-in-time decryption and encrypted search index database, have been implemented to enhance security. -Windows Hello Enhanced Sign-In Security provides an additional level of security to biometric data by leveraging specialized hardware and software components. -The balance between privacy and productivity is important, and Microsoft allows users to choose whether to enable Recall and provides options for filtering and managing snapshots. ---------------------------------------------------- YouTube Video Link: https://youtu.be/PJhMStnm-SE ----------------------------------------------------------- Documentation: https://blogs.windows.com/windowsexperience/2024/06/07/update-on-the-recall-preview-feature-for-copilot-pcs/ https://learn.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-enhanced-sign-in-security ----------------------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ----------------------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com…
Bienvenue sur Lecteur FM!
Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.
Daily Deals
Similaire à Blue Security
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
What is the internet doing to us? The Times tech columnist Kevin Roose discovers what happens when our lives move online. Unlock full access to New York Times podcasts and explore everything from politics to pop culture. Subscribe today at nytimes.com/podcasts or on Apple Podcasts and Spotify.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
R
Redefining AI - Artificial Intelligence with Squirro
1
Redefining AI - Artificial Intelligence with Squirro
Squirro
12k115
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
T
The Talk Show With John Gruber
1
The Talk Show With John Gruber
Daring Fireball / John Gruber
2k339
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
))
