In this episode, we explore the critical world of API security through the lens of Microsoft Defender for APIs. Join us as we discuss how this tool can safeguard your APIs in increasingly cloud-centric environments.

Topics Covered:

• Introduction to Defender for APIs
  • What it is and why it matters in today's cloud landscape.
  • Who should care about API security?
• Key Features of Defender for APIs
  • Inventory management and visibility.
  • Security findings and vulnerability assessment.
  • Real-time threat detection based on OWASP API Top 10.
  • Integration with other Azure and security tools.
• Benefits for Businesses
  • Enhanced API security posture.
  • Compliance with regulatory standards.
  • Mitigating risks in API lifecycle management.

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest.

Some of the Microsoft product features and update we covered:

• Key Microsoft Entra, Intune and Defender features and updates
• Lots of Azure changes and new features

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

In this episode, we wrap up the season, where we explore our favourite episode of the season. We also talk about the what happened in 204, and how the podcast has grown in terms of listenership and engagement.

As we bid farewell to the season, we also reveal our future plans for the next season, which will start on January 2025.

This episode is a great way to end the season and to look forward to the next one. We thank our listeners for their support and feedback, and invite them to stay tuned for more updates and announcements. We wish everyone a happy and healthy holiday season, and promise to return with more amazing content in the new year.

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

Alan and Sam discuss the process organisations go through to manage patches. Alan dives into some of the tooling and covers:

• Why is patch management important and what are some of the issues you can run into
• what tooling can help with patch management for servers
• What is Azure update manager
• What is hotpatch for Windows servers

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week, Alan and Sam talk about the Microsoft Ignite event and the announcements that came out of it. Alan dives into the in-person experience in Chicago. They dive into a couple of the announcements that peaked their interest.

Some of the Microsoft product features and updates we covered:

• M365 Copilot
• Purview
• Defender XDR
• Azure

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

In this episode, we tackle the critical challenges of securing DevOps environments in today’s fast-paced, cloud-centric landscape. With cyber threats evolving at an unprecedented rate, safeguarding your DevOps pipelines is more essential than ever. Join us as we explore Microsoft Defender for Cloud, a comprehensive solution designed to address security gaps across the entire DevOps lifecycle. We'll discuss best practices, key features, and practical insights on implementing effective DevOps security strategies. Whether you're an IT pro, DevOps engineer, or security enthusiast, this episode will arm you with the knowledge to protect your cloud-native workflows with confidence.

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest.

Some of the Microsoft product features and updates we covered:

• Key Microsoft Entra, Intune and Defender features and updates
• Lots of Azure changes and new features

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

This week Alan and Sam discuss OAuth applications and their potential risks. Alan goes into how App Governance can give you the visibility of OAuth app and their usage. Here are a few things we covered:

• What are OAuth Apps?
• What are they typically used for?
• why is it important to monitor them
• How can App Governance help monitor and protect from OAuth App attacks?

What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.

Read transcript

This week Alan and Sam discuss Azure Web Jobs which is a feature of Azure App Service that allows developers to run background tasks, scripts, and long-running processes alongside their web applications, enabling automated workflows and task scheduling in the cloud. Here are a few things we covered:

• An overview of Azure web jobs and use cases
• Types of Web Jobs
• Deployment and Integration
• Monitoring and Scaling

What did you think of this episode? Give us some feedback via our contact form, or leave us a voice message in the bottom right corner of our site.

Read transcript

This week, Alan and Sam talk about new features and services that have gone into Public Preview or General Available status in the last month. We dive into a couple of these updates that peaked our interest.

Some of the Microsoft product features and update we covered:

• Key Microsoft Entra, Intune and Defender features and updates
• Lots of Azure changes and new features

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript

In this episode, Sam and Alan dive deep into the world of token theft and token replay attacks. They explore what these threats are and discuss effective countermeasures to reduce the risk of token theft and prevent replay attacks. Here’s a breakdown of what they covered:

• Understanding Authentication Tokens: What are they and why are they crucial for secure authentication?
• Token Theft and Replay Attacks: An overview of how these attacks work and their potential impact on organisations.
• Reducing Token Theft Risks: Practical strategies to minimize the chances of tokens being stolen.
• Preventing Token Replay: Measures you can implement to block access when stolen tokens are reused.

What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Read transcript