Interviewing Simon Strain, a Microsoft CSAM (Customer Success Account Manager).
We discuss: support, AI, Berst of Breed vs. Best of Platform, MTC, Zero Trust, Microsoft Dart and much more. Thank you for tuning in.

2024's first episode is with award winning partner Difenda and we are talking Defender for Cloud. #Automation #CloudSecurity #CyberSecurityMaturityModel #Defender #Difenda

We asked 11 security professionals the same question over the course of 2023...."IF you were the new CISO at your "dream organization," what is the first move you make?" We gained insight and identified trends from the answers given, as well as gained insight from what was NOT said. Welcome to 2024 - Happy New Year!

· Microsoft Detection and Response Team, DART

· Nashville, Tennessee

· Posture Management

· Top 3 categories of data breach:

o Cloud misconfigurations is number 3

· Scattered Spider

· Adversary in the middle attacks

· Authentication

· Lemon Duck

· Identity compromise

· Moving at the Speed of DevOps

· Security Training

· DevSecOps

· Threat Modeling

· SQL Injection

· Secret Scanning

· Infrastructure As A Code

· Source Code Management – SCM

· Push Protection

· Key Vault

· Log4j

· Polymorphic

· SBOM – Software Bill of Materials

· NotPetya

· 5th Generation attacks

· WAF – Web Application Firewall

· SMBv1

· AI – Artificial Intelligence

· Black Mamba polymorphic malware

· Azure Policy

· NIST

· Framework

· S3Buckets

· Hub and Spoke

· Resource Groups

· Management Groups

· Permissions

· Subscription Management

All things Microsoft Security Copilot.

• EAP
• GA
• Upskill
• Consolidate

Microsoft Security Copilot is an AI-powered security analysis tool that enables analysts to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes.

A security focused conversation with Mark King, Americas Security Digital Sales Leader where most interview questions were generated by M365 Copilot. We cover Copilot, Sentinel, the magic quadrant, and I.T. staffs wearing multiple hats.

Introductions:

Chris Baird = Sr. Security Consultant

Lighthouse: Global organization

Amren Gill = Purview Security Stack (DLP, Insider Risk)

#ZeroTrust

#Endpoint

#Telemetry

#Privacy

#Compliance

#DataProtection

#Identity

#BestOfBreed

#PrivacyAssessment

#ZeroDay

#MaximizeInvestment

#Ransomware

#DataLeak

#DataAsset

#DataGovernence

#DataCatalog

#CustomerEducation

#DataClassification

#Enterprise

#Global

#PowerShell

#DataRetention

#Dashboard

#SharePoint

#DataDisposal

#LitigationHold

#E-DiscoveryHold

#LegalHold

#FederatedData

#Purview

#Classification

#MetaData

#AIPscan

#ContentExplorer

#PII

#PCI

#Regulation

#Template

#LayeredControl

#DataHandlingPolicy

#TrainableClassifiers

#AImodels

#MultiTennant

#M365

#InsiderRisk

#SolutionsPartner

#E-Discovery

#Attorney

#Agentless

#BehaviorAnalytics

#Threshold

#RiskScore

#ThreatActor

#Context

#RiskProfile

#AdaptiveProtection

#Trends

#RiskAppetite

#Connectors

#HRConnector

#PhysicalBadegeConnector

#EnvironmentScan

#CurrentStateAssessment

#MIP

#Pilot

#PoC

#Trial

#SecurityPosture

#RiskGap

• Ep. 7: Sentinel with Microsoft partner Lightstream.
• Introductions: Lightstream
• SEIM: Collection > Detection > Investigation > Response
• Investigation: trends, fine tuning SEIM, SOC teams, funding
• Automation: Playbooks, AI, Co-Pilot, does not replace Tier 1
• Attack surface
• Bookmarks
• Multi-Cloud
• Defender for Threat Intelligence
• Ingestion: log collection, Frameworks, garbage in-garbage out
• Detection: dwell time, risk based alerting patterns
• Light Stream Azure Health Check: Security focused, strengthen security posture, documentation, roadmap for success