The Azure Security Podcast

Episodet

• Episode 128: Post Quantum Cryptography 02.06.2026 55min

  In this episode Mark talks with guest Jack Richins and co-host Michael Howard about post-quantum cryptography and the upcoming 'Q-Day'.Jack and Michael explain what steps Microsoft is taking and what steps customers can take to reduce exposure to this looming threat.This episode was prompted because Michael has moved from the Microsoft Red Team to the Post Quantum team in Azure Security.There is no security news in this episode. It's also the longest episode to date!https://aka.ms/azsecpod
• Episode 126: Microsoft Baseline Security Mode 21.03.2026 36min

  In this episode, Michael and Sarah talk to Sophie Ke and Dave Minasyan about Microsoft Baseline Security Mode, a new feature to help ease security settings. We also cover the latest Azure security news including Microsoft 365 E7, Microsoft 365 Copilot, Azure Blob Storage SFTP, Azure Database for PostgreSQL, and new Confidential VM types. https://aka.ms/azsecpod
• Episode 125: Origins of MITRE ATT&CK 27.02.2026 34min

  In this episode Michael and Mark talk with guest Blake Strom about the origins of the MITRE ATT&CK framework, how it was developed, and how it has evolved over time. We also discuss how the framework is used in the industry and its impact on cybersecurity.We also discuss Azure Security news about Azure Monitor, Azure Application Gateway, AKS, Azure Front Door, AMD v6 Confidential VMs, and xxxhttps://aka.ms/azsecpod
• Episode 124: Microsoft Security Response Center for AI 30.01.2026 29min

  In this episode Michael talks to Raji Vanninathan about the Microsoft Security Response Center for AI. We also cover security news about AKS Deployment Safeguards policies. https://aka.ms/azsecpod
• Episode 123: Agentic Identity 21.01.2026 36min

  In this episode, Michael, Sarah and Mark talk to Nick Wryter about agentic AI identity, with a big focus on least privilege issues. We also cover news about:Microsoft AI TourAzure Database for PostgresSQLAzure MCP Server for Azure Confidential LedgerApplication Gateway, FIPS 140-2 and TLSOutbound internet access from VMsAzure NetApp Files and Ransomware protectionAzure Cosmos DB Mirroringhttps://aka.ms/azsecpod
• Episode 121: New Open Group Security Standards Documentation 21.11.2025 47min

  In this episode Michael and Sarah talk with co-host Mark Simos about new security standards documentation from the Open Group. It's a long episode but worth it!We also discuss Azure Security news about Private Endpoints, Azure Front Door, Azure WAF CAPTCHA, Azure Sphere, Private Link Service Direct Connect, Azure Integrated HSM, Azure Firewall pre-scaling and observed capacity metric, and Microsoft Ignite.https://aka.ms/azsecpod
• Episode 120: The Zero Trust Workshop (and so much more!) 29.10.2025 58min

  In this episode Michael talks with guest Merill Fernando about the Zero Trust Workshop, but we also spend time talking about all things identity! Merill's final thought is pure gold, too!The only bit of news is about Azure SQL DB and how TDE key management during restore,
• Episode 119: Pedantic Security Wording and Taxonomies 09.10.2025 39min

  In this episode Michael, Sarah and Mark talk with guest Ryen Macababbad, Principal Security Program Manager at Microsoft about her current work on standardizing security terminology and taxonomy across Microsoft. Also, how getting terminology right is important to security, especially for those with neurodiverse conditions, such as autism.We also discuss Azure Security news about the Microsoft AI tour Sarah is doing, Cosmos DB, and Michael goes on a rant about TLS certificate checking. https://aka.ms/azsecpod
• Episode 118 - Quantum Cryptography and Quantum Computing with Mark Russinovich 19.09.2025 33min

  In this episode Michael and Mark talk with guest Mark Russinovich, Technical Fellow, Deputy CISO and Chief Technology Officer of Microsoft Azure about quantum cryptography and quantum computing and its implications for security and the future. NOTE: There's a portion where Mark and Michael talk about a quote made by Richard Feynman about understanding technical topics, but this is actually attributed to Albert Einstein. However, there is no definitive record of Einstein writing or saying this exact phrase in his published works or speeches.We decided to not cover any Azure Security news in this episode.
• Episode 117: Cloud Gaming Security 29.08.2025 43min

  In this episode Michael and Sarah talk to Russ Rogers from the Xbox team about gaming security in general and Xbox specifically. This is the first time we have covered the topic! There is also so much news, we really list all the announcements here! It's about 9 mins of security news! https://aka.ms/azsecpod
• Episode 116: Microsoft Sentinel Data Lake 31.07.2025 40min

  In this episode Michael, Sarah and Mark talk to Mark Kendrick about Microsoft Sentinel Data Lake. We also cover news about The Open Group - Roles and Glossary standards, Security Adoption Module 5 - Data Security, Microsoft Azure Cloud HSM, WAF and Containers, PostgreSQL and PowerBI, Azure Managed Lustre, and more. Also, Sarah mentions some Developer Security YouTube videos coming out from MS Build!https://aka.ms/azsecpod
• Episode 115: Security in Model Context Protocol (MCP) 10.07.2025 51min

  In this episode, Michael, Sarah and Mark talk to Den Delimarksy about the current posture of Model Context Protocol. Den serves on the committee that oversees MCP. We also cover the latest security news about Azure Firewall, OpenTelemetry, Azure Front Door, Azure Database for PostgreSQL and Azure Kubernetes Service.https://aka.ms/azsecpod
• Episode 114: SQL Server 2025 Security Improvements 09.06.2025 25min

  In this episode, Michael talks to Pieter Vanhove and Pratim Dasgupta about the new security changes in SQL Server 2025. The news includes updates on MCP, Private Link and Microsoft Build 2025 security sessions presented by Michael and Sarah.https://aka.ms/azsecpod
• Episode 113: Microsoft Red Team 16.05.2025 35min

  In this episode, Michael, Sarah, and Mark talk to Craig Nelson, VP of the Microsoft Red Team about how the Red Team works to help secure Microsoft and its customers.In life, there are things you know you know, things you know you don't know, and finally, things you don't know you don't know. This episode is full of the latter.We also cover security news about LLMs and MCP, TLS 1.1 and 1.0 deprecation, Private End Point Improvements, Containers and more.https://aka.ms/azsecpod
• Episode 112: Security Copilot Agents 13.05.2025 29min

  In this episode Michael talks with guest Ran Munsch, Principal Product Manager at Microsoft about Security Copilot and Security Copilot Agents. We also discuss Azure Security news about System.Data.SqlClient, April 2025 Secue Future Initiative progress report, Azure Database for PosrgreSQL, Azure DevTest Labs, VNets, Front Door WAF CAPTCHA, API management and more.https://aka.ms/azsecpod
• Episode 111: Securing Agentic AI 17.04.2025 23min

  In this episode Michael and Sarah talk with guest Amanda Minnich about securing agentic AI systems, the security challenges they face, and how to secure them.We also discuss Azure Security news about Azure File Sync, Docker support in Azure and a new series of Secure Future Initiative videos with appearances from Michael, Sarah, and various guests.
• Episode 110: Securing GenAI Applications with Entra (3 of 4): Monitoring and More 01.04.2025 40min

  In this episode Michael and Gladys talk to Sharon Chahal who is a Principal Program Manager in the Identity team at Microsoft about monitoring and auditing when building GenAI applications. We also cover other related topics.Michael and Gladys cover the latest security news about API Security Posture Management, Azure Key Vault in China, Azure Data Studio retirement, new least privilege permissions in Graph and more.https://aka.ms/azsecpod
• Episode 109: Securing GenAI Applications with Entra (2 of 4) - Overpermissioning 19.02.2025 37min

  In this episode, Michael, Gladys and Mark talk to guest Bailey Bercik about the problem of overpermissioning and how to use Microsoft Entra Permissions Management to identify and manage over-permissioned identities in multi-cloud environments to reduce security risks, especially for AI apps.We also cover the latest security news about AI red teaming, Azure SQL DB logging, Azure Confidential Ledger, Star Blizzard spear-phishing campaign and CISA Zero Trust Maturity Model.https://aka.ms/azsecpod
• Episode 108: Securing GenAI Applications with Entra 20.01.2025 22min

  In this episode Michael, Gladys, Mark and Sarah talk to guest Diana Vicezar from the Microsoft Entra team about security Generative AI applications. Note, this is a short, simple intro episode to introduce three follow-on episodes. We also cover security news about TLS 1.3 and Azure Event Grid, big updates to Microsoft Defender for Cloud, Azure Database for MySQL, SQL Managed Instance and Confidential Ledger.
• Episode 107: Secure by default and Copilot Overshare Blueprints 06.01.2025 37min

  Happy New Year!In this episode Michael, Sarah and Mark talk to Maxime Bombardier and Emily Blundo about the Secure by default and Copilot overshare blueprints. We also cover news about Always Encrypted Assessment in SQL Server Management Studio, MVP Summit, mapping Entra to the Open Group standard for Adaptive Access, and various CISO Workshop topics!https://aka.ms/azsecpod