In this episode, we tackle the critical challenges of securing DevOps environments in today’s fast-paced, cloud-centric landscape. With cyber threats evolving at an unprecedented rate, safeguarding your DevOps pipelines is more essential than ever. Join us as we explore Microsoft Defender for Cloud, a comprehensive solution designed to address security gaps across the entire DevOps lifecycle. We'll discuss best practices, key features, and practical insights on implementing effective DevOps security strategies. Whether you're an IT pro, DevOps engineer, or security enthusiast, this episode will arm you with the knowledge to protect your cloud-native workflows with confidence.

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest.

Some of the Microsoft product features and updates we covered:

• Key Microsoft Entra, Intune and Defender features and updates
• Lots of Azure changes and new features

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week Alan and Sam discuss OAuth applications and their potential risks. Alan goes into how App Governance can give you the visibility of OAuth app and their usage. Here are a few things we covered:

• What are OAuth Apps?
• What are they typically used for?
• why is it important to monitor them
• How can App Governance help monitor and protect from OAuth App attacks?

What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.

Read transcript

This week Alan and Sam discuss Azure Web Jobs which is a feature of Azure App Service that allows developers to run background tasks, scripts, and long-running processes alongside their web applications, enabling automated workflows and task scheduling in the cloud. Here are a few things we covered:

• An overview of Azure web jobs and use cases
• Types of Web Jobs
• Deployment and Integration
• Monitoring and Scaling

What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.

Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest.

Some of the Microsoft product features and update we covered:

• Key Microsoft Entra, Intune and Defender features and updates
• Lots of Azure changes and new features

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

In this episode, Sam and Alan dive deep into the world of token theft and token replay attacks. They explore what these threats are and discuss effective countermeasures to reduce the risk of token theft and prevent replay attacks. Here’s a breakdown of what they covered:

• Understanding Authentication Tokens: What are they and why are they crucial for secure authentication?
• Token Theft and Replay Attacks: An overview of how these attacks work and their potential impact on organisations.
• Reducing Token Theft Risks: Practical strategies to minimize the chances of tokens being stolen.
• Preventing Token Replay: Measures you can implement to block access when stolen tokens are reused.

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week Alan and Sam discuss Azure VM Image Builder which is a service that simplifies the creation, customisation, and management of virtual machine images in Azure, automating tasks like software installation, configuration, and patching for consistent deployments. Here is what we covered:

• What are Virtual Machine images? And how they are used in Azure.
• What are the challenges with image creation?
• What is Azure VM builder and how does it help?
• How much does the service cost?

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest.

Some of the Microsoft product features and update we covered:

• Key Microsoft Entra, Intune and Defender features and updates
• Lots of Azure changes and new features

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

Alan and Sam dive into Microsoft's Security Exposure Management platform. Alan takes us through the various components and the benefits on using this platform. Here are a few things we covered:

• What is Microsoft Security Exposure Management?
• What components make up the platform?
• Who benefits from the platform?
• What integrations does the platform have?

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week Alan and Sam discuss Azure Container Storage which is a volume management service built natively for containers, which enables cost-effective performance scaling and simplified management of volumes for stateful container applications.

• What are containers and their storage requirements?
• Why Azure Container Storage is useful
• How do you create storage? What are the configuration options?
• How much does the service cost?

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

Alan and Sam talk about External Attack Surface Management (EASM) and how Microsoft's Defender EASM helps discover and monitor your digital assets. Here are a few things we covered:

• What is External Attack Surface Management?
• What is Defender EASM and how can it help identify your risks?
• How do you setup Defender EASM?
• how much does it cost?

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript