Next episode graphic

More episodes coming soon

Stay tuned for more details about our upcoming season!

Watch on demand graphic

Watch on demand

Watch past episodes on demand, and catch up for the next Ninja training. 

Watch now
Download backgrounds graphic

Download Ninja Cat backgrounds

Add Ninja Cat to your Microsoft Teams meeting using our collection of backgrounds. 

Download collection

Episodes on demand

Filter episodes

Attack Disruption: Live demo

December 19, 2024 Season 10Episode 8

This episode features Threat Hunter and Microsoft MVP Mattias Borg as he explains the anatomy of an attack. Through a live demo of an attack in action, gain exclusive insights into what attackers do behind the scenes, the tools they use and how Microsoft Defender steps up to counter these threats, offering a robust defense to help keep your organization secure.

Guest:

Mattias Borg

Mattias Borg

Microsoft MVP

Azure Network Security: A Closer Look at Azure DDoS Protection

December 18, 2024 Season 10Episode 7

In this episode, special guest host Andrew Mathu welcomes Senior Product Manager Saleem Bseeu to explore Azure DDoS Protection and its powerful capabilities for protecting applications and services from Distributed Denial of Service (DDoS) attacks. With today’s digital landscape posing constant threats, this discussion highlights the critical role DDoS protection plays in maintaining the security and availability of network infrastructure.

Guest:

Andrew Mathu

Andrew Mathu

Microsoft

Saleem Bseeu

Saleem Bseeu

Microsoft

Microsoft Sentinel Data tiering best practices

December 10, 2024 Season 10Episode 6

In this episode product experts Yael Bergman and Maria de Sousa-Valadas introduce the powerful new Auxiliary Logs tier, now in Public Preview and explain how to use Summary rules to aggregate data from any log tier in Microsoft Sentinel and Log Analytics. Tune in to learn the full potential of these features, as well as practical tips and use cases to help you reduce ingestion costs and gain more insights from your verbose logs.

Guest:

Yael Bergman

Yael Bergman

Microsoft

LIVE AMA: Improving security posture management with Copilot for Security innovations

December 5, 2024 Season 10Episode AMA

We are with Senior Product Manager Patrick David in this Live AMA for another opportunity to ask questions about the Microsoft Purview innovations unveiled at Ignite.

Guest:

Patrick David

Patrick David

Microsoft

Defender for Endpoint RDP Telemetry

December 5, 2024 Season 10Episode 5

In this episode Cyber Security Researcher Danielle Kuznets Nohi and Senior Product Manager Saar Cohen join us to discuss the importance of Remote Desktop Protocol in Human Operated Attacks considering the current threat landscape. Through a demo, witness critical visibility enhancements made to this important layer of telemetry and learn the powerful capabilities of this tool to identify vulnerable assets and provide deeper threat insights.

Guest:

Saar Cohen

Saar Cohen

Microsoft

LIVE AMA: Defender XDR’s Data Security Context with Insider Risk Management

December 4, 2024 Season 10Episode AMA

Join Microsoft experts Maayan Magenheim and Sravan Kumar Mera for a Live AMA as they answer all your questions related to the new Insider Risk Management (IRM) integration with Defender XDR.

Guest:

Maayan Magenheim

Maayan Magenheim

Microsoft

Sravan Kumar Mera

Sravan Kumar Mera

Microsoft

Improving security posture management with Copilot for Security innovations

December 4, 2024 Season 10Episode 4

Senior Product Manager Patrick David returns to share the latest innovations of Copilot for Security in Microsoft Purview recently announced at Ignite. Join us to explore how these key features can be used to help tackle business challenges, streamline operations, and accelerate investigations.

Guest:

Patrick David

Patrick David

Microsoft

Unlocking Advanced Cloud Detection & Response capabilities for containers

December 3, 2024 Season 10Episode 3

Learn how the Microsoft Cloud Detection & Response solution empowers SOCs with faster, deeper investigations through near real-time detections, new cloud-native responses, and rich log collection. In this episode Product Managers Maayan Magenheim and Daniel Davrayev demo a real container related incident to show how these new capabilities enhance the entire incident response process, bridging knowledge gaps and proactively securing containerized workloads across multi-cloud environments.

Guest:

Daniel Davrayev

Daniel Davrayev

Microsoft

Maayan Magenheim

Maayan Magenheim

Microsoft

Defender XDR’s Data Security Context with Insider Risk Management

November 27, 2024 Season 10Episode 2

Join us as product experts Maayan Magenheim and Sravan Kumar Mera showcase the Public Preview of Microsoft Purview Insider Risk Management (IRM) integration into Defender XDR. Learn how Insider Risk and SOC analysts can now distinguish internal and external threats and gain critical insights, including exfiltration context and user activity tracking. Through a valuable demo, we explore the benefits for incident investigation, threat hunting, the correlation of IRM alerts with other DLP and identity protection alerts and more.

Guest:

Maayan Magenheim

Maayan Magenheim

Microsoft

Sravan Kumar Mera

Sravan Kumar Mera

Microsoft

Microsoft Defender for Identity for Entra Connect

November 26, 2024 Season 10Episode 1

In this episode, product experts Lior Shapira and Ayala Ziv explain how Microsoft Defender for Identity sensor for Entra Connect servers enables comprehensive monitoring of synchronization activities between Entra Connect and Active Directory, providing critical insights into potential security threats. Tune in to explore the latest detections and posture recommendations for Entra Connect by learning the importance of protecting hybrid identities and exploring real-world scenarios.

Guest:

Ayala Ziv

Ayala Ziv

Microsoft

Lior Shapira

Lior Shapira

Microsoft

Bulk Sender Insights in Microsoft Defender for Office 365

October 17, 2024 Season 9Episode 11

In this episode, Senior Product Manager Puneeth Kuthati explains the importance of bulk sender insights within Defender for Office 365. Discover how these insights help differentiate trustworthy bulk senders from potential threats, tackle the challenges of fine-tuning bulk email filters, and strike the right balance to ensure important emails reach your inbox without overwhelming it. By analyzing sender behavior and trends, organizations can strengthen email security, reduce unwanted bulk traffic, and minimize false positives.

Guest:

Puneeth Kuthati

Puneeth Kuthati

Microsoft

Defender for Office 365: In-depth defense with dual-use scenario

October 10, 2024 Season 9Episode 10

We are joined by Senior Product Manager Manfred Fischer and Cloud Solution Architect Dominik Hoefling to explore the built-in protection mechanisms in Defender for Office 365. Tune into this episode as we dive deep into a dual-use scenario demonstration to learn how customers using third-party email filtering services can still leverage the powerful features and controls of Microsoft Defender for Office 365.

Guest:

Dominik Hoefling

Dominik Hoefling

Microsoft

Manfred Fischer

Manfred Fischer

Microsoft

Promptbooks in Copilot for Security

October 8, 2024 Season 9Episode 9

Join us as product experts Mamta Kumar, Amit Ghodke, Patrick David, and Dana Iris Gutkind unveil the latest Promptbooks in Copilot for Security. Get an exclusive demo as we explore the cross-products prompts from Microsoft Entra, Intune, Purview, and Defender.

Guest:

Amit Ghodke

Amit Ghodke

Microsoft

Dana Iris Gutkind

Dana Iris Gutkind

Microsoft

Mamta Kumar

Mamta Kumar

Microsoft

Patrick David

Patrick David

Microsoft

Proactive Protection with Microsoft Security Exposure Management: Part 2

October 3, 2024 Season 9Episode 8

In this episode, we explore Microsoft Security Exposure Management, learning how it quantifies risks, generates reports for key stakeholders, unifies the security stack, and optimizes attack surface management. Join us to discover the tools and processes that power proactive risk management, helping organizations stay ahead of evolving threats.

Guest:

Tomer Teller

Tomer Teller

Microsoft

Proactive Protection with Microsoft Security Exposure Management: Part 1

October 1, 2024 Season 9Episode 7

In this episode, we explore Microsoft Security Exposure Management, learning how it quantifies risks, generates reports for key stakeholders, unifies the security stack, and optimizes attack surface management. Join us to discover the tools and processes that power proactive risk management, helping organizations stay ahead of evolving threats.

Guest:

Tomer Teller

Tomer Teller

Microsoft

Defending operational technology (OT) environments with Microsoft Defender XDR

September 26, 2024 Season 9Episode 6

Senior Product Managers Adi Weisberg and Ariel Saghiv share their expertise in this episode, offering valuable guidelines and insights for OT security teams on how to effectively leverage Microsoft Defender XDR capabilities to secure IT and OT environments across your entire digital estate.

Guest:

Adi Weisberg

Adi Weisberg

Microsoft

Ariel Saghiv

Ariel Saghiv

Microsoft

Automating Copilot for Security using Logic Apps

September 17, 2024 Season 9Episode 5

Learn how Copilot for Security and Logic Apps now work together to streamline automation, enhance insights, and improve analysis – giving SOC teams more time to focus on what really matters: hunting down threats. In this episode, see a demo that highlights a practical use case, proving why automation is a must for modern security teams. Don’t miss experts Yaniv Shasha and Craig Freyman reveal the potential of these tools to transform your security operations.

Guest:

Craig Freyman

Craig Freyman

Microsoft

Yaniv Shasha

Yaniv Shasha

Microsoft

Demystifying correlations in the Unified Security Operations Platform

September 12, 2024 Season 9Episode 4

In this episode, we dive into the power of correlation – a tool that can give you an edge over attackers through proactive and efficient defense. We’ll explore why incident correlation is essential for enhancing your security operations and how it can help you stay ahead of potential threats. Through Tiander’s demo, you will learn key concepts and strategies needed to successfully align your SOC processes with correlation techniques. Join us for your gateway to correlation clarity.

Guest:

Tiander Turpijn

Tiander Turpijn

Microsoft

Simplifying your Microsoft Sentinel migration experience

September 10, 2024 Season 9Episode 3

In this episode, we learn common challenges of SIEM Migration and explore initiatives being taken by Microsoft Sentinel to simplify this process for customers with the SIEM Migration capabilities. With expert guidance from Senior Product Manager Prateek Taneja, we explore the latest support enhancements, including new language translation capabilities and other features designed to ensure a seamless and efficient transition to Microsoft Sentinel.

Guest:

Prateek Taneja

Prateek Taneja

Microsoft

Network Security Protection with Azure Firewall, Azure WAF, and Azure DDoS

September 5, 2024 Season 9Episode 2

Join us for an insightful overview of Azure Network Security, where we introduce the robust protection capabilities of Azure Firewall, Azure Web Application Firewall (WAF), and Azure DDoS Protection. Product Manager Andrew Mathu highlights the key features and benefits of these security products, showcasing how they collectively fortify your network against various threats.

Guest:

Andrew Mathu

Andrew Mathu

Microsoft

Enhancements in Microsoft Defender for multi-tenant and device security management

August 20, 2024 Season 9Episode 1

Join our conversation with Senior Product Managers Maayan Mazig and Ofer Schreiber as they share the new multi-tenant capabilities for managing Defender for Endpoint security settings, extended support for the Unified Security Operations platform, and improved content management within Defender XDR. Don’t miss the demo where we explore the new aggregated view of security policies in the Unified Security Operations Platform, enhancing visibility and control for users.

Guest:

Maayan Mazig

Maayan Mazig

Microsoft

Ofer Schreiber

Ofer Schreiber

Microsoft

Unified Security Operations Platform GA launch and exclusive demo

July 8, 2024 Season 8Episode 12

Tune into this episode to gain a comprehensive understanding of the Unified Security Operations platform, now available in GA. Principal Product Manager Tiander guides us through the customer onboarding journey, covering essential pre-setup requirements. Get an exclusive demo of the platform as we explore the integrated features and discuss the significant benefit this platform offers to customers.

Guest:

Tiander Turpijn

Tiander Turpijn

Microsoft

Distinguishing security tooling for Microsoft Copilots

June 24, 2024 Season 8Episode 11

In the rapidly evolving landscape of generative AI, Microsoft stands at the forefront with numerous innovative Copilot solutions. Join our discussion with Senior Product Managers Gloria Lee, Maria Young, and Bailey Bercik as they demystify the differences between Copilot for Security and Copilot for Microsoft 365 and discuss use cases for each and the topic of Responsible AI.

Guest:

Bailey Bercik

Bailey Bercik

Microsoft

Gloria Lee

Gloria Lee

Microsoft

Maria Young

Maria Young

Microsoft

Secure Oauth applications with App governance – Microsoft App to App protection

June 17, 2024 Season 8Episode 10

Join this episode to examine the increase of attacks targeting OAuth applications and learn how App governance can serve as a robust defense mechanism to secure these vulnerable entry points. Senior Product Manager Greg Wiselka guides us through the process of activating App governance, including understanding the necessary licensing requirements, configuring permissions, and managing enterprise applications. You’ll learn practical steps to implement App governance efficiently, as we discuss the built-in threat protection policies available, along with strategies for customizing these policies to fit your specific security needs, ensuring your organization’s applications remain secure and compliant.

Guest:

Greg Wiselka

Greg Wiselka

Microsoft

Edge for Business advances

June 12, 2024 Season 8Episode 9

Join us as product expert Keith Fleming unveils the latest capabilities of the Microsoft Edge Enterprise Browser through Defender for Cloud Apps. Discover how the end user experience has been seamlessly enhanced, devoid of latency or compatibility issues – from session monitoring to control features such as upload, download, and copy-paste actions – enjoy these advancements without the need for a proxy. With the solution now more secure than ever, both admins and end users can effortlessly navigate through functionalities. Tune in to witness a demo of these advancements and heightened security in managing your online activities.

Guest:

Keith Fleming

Keith Fleming

Microsoft

Harnessing adaptive authentication with Microsoft ITDR (Rescheduled from May 27)

June 10, 2024 Season 8Episode 8

In this episode, Chris Ayres and Daniel Lynch take us through the latest advancements in on-premises MFA capabilities, spotlighting how Microsoft’s ITDR product can apply policies to users that are identified as subject to compromise. Additionally, experience first-hand the integration of Microsoft Defender XDR and Microsoft Entra and how user risk signals can be used to enforce conditional access across both cloud and on-premises applications. With enhanced protection and response features, join us to understand why this topic is a cornerstone of future initiatives.

Guest:

Chris Ayres

Chris Ayres

Microsoft

Daniel Lynch

Daniel Lynch

Microsoft

Introducing the Copilot for Security Prompting Workshop (Rescheduled from May 15)

June 5, 2024 Season 8Episode 7

Join us as we hear from Senior Cloud Advocate Rod Trent, unveiling and guiding us through his invaluable new Copilot for Security prompting workshop. Tune in for a demo that explores the content, teaches you how to leverage this tool, and ultimately, master the craft of creating effective prompts for security.

Guest:

Rod Trent

Rod Trent

Microsoft

Microsoft Defender for Servers integration with Defender Vulnerability Management

June 3, 2024 Season 8Episode 6

Senior Product Manager Tom Janetscheck conducts a valuable demo of Microsoft Defender for Servers, highlighting its seamless integration into Microsoft Defender Vulnerability Management. This episode unravels the complexities surrounding external dependencies and the array of integration options available for Defender Vulnerability Management in Defender for Cloud. Join us as we demystify these essential components of server protection, empowering organizations to enhance the resilience of their digital infrastructure.

Guest:

Tom Janetscheck

Tom Janetscheck

Microsoft

Answering Your Questions: Attack Disruption Explained

May 29, 2024 Season 8Episode 5

Attack Disruption is an automated response feature within Microsoft Defender XDR, designed to contain an ongoing attack quickly and effectively by leveraging high-confidence signals from both Microsoft Defender and non-Microsoft products. Since its release, Attack Disruption has garnered significant interest as well as sparked numerous questions regarding the feature. In this episode, Senior Product Manager Christos Ventouris addressees the most frequently asked questions about Attack Disruption and shares clarifications on its functionality.

Guest:

Christos Ventouris

Christos Ventouris

Microsoft

Javier Soriano

Javier Soriano

Microsoft

New Defender XDR Copilot for Security Capabilities (Rescheduled from May 20)

May 28, 2024 Season 8Episode 4

Since launching the Early Access version of Copilot for Security scenarios for the SOC in October, Microsoft product teams have been diligently expanding and enhancing its capabilities. Tune into this episode to learn the latest advancements, now available in the April release of Copilot for Security GA. We dive into the notable enhancements and new features, such as Guided Response for all incident types, comprehensive device and file summaries, end-user communications, and much more.

Guest:

Corina Feuerstein

Corina Feuerstein

Microsoft

Javier Soriano

Javier Soriano

Microsoft

Exploring Quality Prompting Techniques in Copilot for Security

May 13, 2024 Season 8Episode 3

Join us for this episode to familiarize yourself with quality prompting techniques in Copilot for Security. Learn from our expert, Principal Product Manager Shobhit Garg, as we uncover how precise and strategic prompts can empower Security Professionals to identify gaps, detect vulnerabilities, and plan remediation with the help of Copilot for Security. Don’t miss out on the insightful demo to proactively safeguard your environment against threats and reduce your attack surface area.

Guest:

Shobhit Garg

Shobhit Garg

Microsoft

CISO experience with Copilot for Security

May 8, 2024 Season 8Episode 2

Benjamin Powell, Senior Product Marketing Manager, discusses how Copilot for Security aids Chief Information Security Officers (CISOs) in their vital duties. Join us to learn how this tool assists with tasks such as risk assessment, planning, compliance, investigations, and fostering trust. Through the utilization of Copilot, CISOs can enhance their preparedness with reliable information, ensuring effectiveness from the boardroom to operational settings.

Guest:

Benjamin Powell

Benjamin Powell

Microsoft

Getting started with Copilot for Security

May 6, 2024 Season 8Episode 1

Our focus in this episode is to guide new Copilot for Security license users through this new tool to maximize the knowledge and confidence to be actively engaged right away. Together with Senior Product Manager, Sean Wasonga, we navigate initial steps and dive into essential tasks such as setting permissions and ensuring seamless plugin connections. Join us as we demystify the process and pave the way for a proactive approach to security management.

Guest:

Sean Wasonga

Sean Wasonga

Microsoft

Unified RBAC

April 10, 2024 Season 7Episode 12

Senior Product Manager Gadi Palatchi presents the newly unveiled RBAC model: Microsoft Defender XDR Unified RBAC. Tune in to learn all about the centralized portal which enables administrators to efficiently manage access to Defender data and experiences within the XDR portal, including analysts’ access permissions.  Join the conversation as Microsoft endeavors to transition all customers to this new model by year’s end and your feedback on the user experience is invaluable.

Guest:

Gadi Palatchi

Gadi Palatchi

Microsoft

Control your copilot for security with custom plug-ins

April 8, 2024 Season 7Episode 11

In this episode, Principal Product Manager Yaniv Shasha unveils how to tailor and manage your copilot for security through custom plug-ins. Through this conversation, learn the concept of RAG (retrieval augment generative) and its role in copilot for security, discover the architecture and criteria for plug-ins, and understand their use of the automation model. Additionally, we explore distinctions between 1st party and 3rd party plug-ins, alongside an insightful demonstration of a custom plug-in, featuring the GEO IP functionality both before and after its integration.

Guest:

Yaniv Shasha

Yaniv Shasha

Microsoft

Navigating the threat landscape with Microsoft Defender for Office 365 leadership

April 1, 2024 Season 7Episode 10

Girish Chander, General Manager of Microsoft Security is with us to dive into critical aspects of Microsoft Defender for Office 365. He covers key topics such as current trends, operational scale, recent updates, and customer protection strategies. Don’t miss this opportunity to gain insights into the threat landscape, Microsoft’s email security capabilities, and learn practical advice for customer security to help bolster your organization’s defenses. 

Guest:

Girish Chander

Girish Chander

Microsoft

Microsoft Defender for Cloud integration into Defender XDR

March 27, 2024 Season 7Episode 9

Join us as we explore the latest announcement regarding the General Availability of Microsoft Defender for Cloud workloads integrated into Defender XDR – enhancing the ability to craft a more complete attack story. Our product experts, Maayan Magenheim and Eran Shitrit guide us through the significant value and additional insights this integration offers to SOC analysts. Together we dive into a detailed demo of the features and functionalities available within the Defender XDR portal and address key questions surrounding the integration, its implications for security operations, and its impact on SOC teams. 

Guest:

Eran Shitrit

Eran Shitrit

Microsoft

Maayan Magenheim

Maayan Magenheim

Microsoft

Day in the life of a SOC analyst

March 25, 2024 Season 7Episode 8

We are thrilled to welcome back Michael Melone, principal security researcher and DEX-XDR threat hunter! Join us as he navigates a day in the life of a SOC analyst, discussing overhunting and the detection funnel (based on concepts from Michael’s book, Designing Secure Systems) while highlighting key areas for analyst focus amid various hunting challenges. Tune in for crucial insights into optimizing detection effectiveness. 

Guest:

Michael Melone

Michael Melone

Microsoft

Stay ahead of threats with proactive security – Part 2

March 20, 2024 Season 7Episode 7

Our conversation with Shay Amar continues for a deeper dive into specific scenarios concerning exposure management (Xspm). Join us as we witness another insightful demo within the Microsoft Defender XDR portal, highlighting remediation procedures, exposed entities, strategic grouping tactics, connections for a comprehensive understanding of your environment’s capabilities and more.

Guest:

Shay Amar

Shay Amar

Microsoft

Stay ahead of threats with proactive security – Part 1

March 18, 2024 Season 7Episode 6

Stopping cyberattacks at machine speed is crucial, but prevention can be even more powerful. Join this conversation with our expert, Shay Amar, to hear about how the unified security operations platform is expanding with additional proactive security capabilities. Learn how to get visibility across facets of attack surfaces as well as improve and manage your exposure to cyberthreats by consolidating data silos and unifying posture solutions. 

Guest:

Shay Amar

Shay Amar

Microsoft

Optimizing your SOC’s threat coverage and data value

March 11, 2024 Season 7Episode 5

Senior Product Manager Michal Schechter is with us to introduce SOC optimization, an exciting new feature designed to offer security operations center (SOC) teams’ valuable recommendations for enhancing their environment. The focus is on data value and threat coverage, with the possibility to expand into other categories in the future. Join us as we unveil compelling topics, including ensuring accurate data ingestion into your security information and event management system, optimizing data ingestion and costs, and ensuring comprehensive coverage against pertinent threats. 

Guest:

Javier Soriano

Javier Soriano

Microsoft

Michal Shechter

Michal Shechter

Microsoft

Microsoft Defender Vulnerability Management: New capabilities for risk mitigation and threat protection

March 6, 2024 Season 7Episode 4

Tune into this episode to hear from expert Ayelet Artzi as she shares the latest advances in Microsoft Defender Vulnerability Management along with best practices to reduce risk and exposure in your hybrid and multicloud environments. Explore current features and gain valuable perspectives on the future vision for Defender Vulnerability Management and security posture management as a whole.

Guest:

Ayelet Artzi

Ayelet Artzi

Microsoft

Powershell

March 4, 2024 Season 7Episode 3

Miriam Wiesner, security researcher at Microsoft and author of the book PowerShell Automation and Scripting for Cybersecurity: Hacking and Defense for Red and Blue Teamers, joins us to share some of her valuable scripts. You will be among the first to see exclusive content from her book and useful blue team scripts, which you can use with Live Response, for example. 

Guest:

New PowerShell module

February 28, 2024 Season 7Episode 2

Senior Product Manager Martin Schvartzman is with us to introduce the new PowerShell module for Microsoft Defender for Identity. In this episode, we discuss how this tool will make it easier than ever to deploy and configure Defender for Identity at scale and to better protect your organization against identity-based cyber threats.

Guest:

Martin Schvartzman

Martin Schvartzman

Microsoft

Protect multi-tenant organizations by using Microsoft Defender XDR

February 26, 2024 Season 7Episode 1

Join our conversation with Product Manager Ofer Schreiber as we dive into the enhanced multitenant capabilities of Microsoft Defender XDR. Together, we learn how Defender XDR for multitenant organizations (MTOs) enables you to safeguard multiple organizations effortlessly from a single pane of glass, driving efficiency and delivering advanced protection for MTOs and managed security service providers.

Guest:

Ofer Schreiber

Ofer Schreiber

Microsoft

Announcing new capabilities to protect on-premises resources with MFA via Microsoft Entra Private Access

December 20, 2023 Season 6Episode 11

Our season 6 finale dives into Microsoft Entra Private Access, an identity centric Zero Trust Network Access that secures access to all private applications. Join our discussion with Principal Product Managers Ashish Jain and Navi Beesetti to learn how customers can now extend modern conditional access controls coupled with multifactor authentication, plus single sign-on to all private applications across on-premises, hybrid, and multi-cloud environments from any device. Additionally, discover how Microsoft Entra Private Access offers additional capabilities such as SSH support and remote access, creating a full VPN replacement.

Guest:

Ashish Jain

Ashish Jain

Microsoft

Navi Beesetti

Navi Beesetti

Microsoft

Demystifying Defender for IoT

December 18, 2023 Season 6Episode 10

Senior Product Manager Vishakha Ghosh joins this episode to guide us through Microsoft Defender for IoT. You learn the best practices for securing operational technology (OT) and industrial control systems (ICSs), and you gain insights into how organizations using this innovative solution can build a consolidated security operations center that can effectively handle both OT and IT alerts. Don’t miss out as we break down the silos between these two critical areas of cybersecurity.

Guest:

Vishakha Ghosh

Vishakha Ghosh

Company

Deception

December 13, 2023 Season 6Episode 9

We’re diving into another groundbreaking innovation announced at Microsoft Ignite. Microsoft Defender for Endpoint has seamlessly integrated deception as a built-in capability, revolutionizing its Endpoint Detection and Response (EDR) solutions. Returning guest Senior Product Manager Dean Pickering is with us to explain how deception creates an artificial attack surface and deploys AI-generated decoys and lures to captivate and identify adversaries in the early stages of an attack. Join us to learn about high-confidence detections, automatic threat disruption, and upcoming augmented attack disruption capabilities, all without the need for extra deployment or management efforts.

Guest:

Dean Pickering

Dean Pickering

Microsoft

Gaining control of SAP applications security and automatic attack disruption

December 11, 2023 Season 6Episode 8

For this episode, Javier Soriano is back to host and is joined by Principal Group Product Manager Yoav Daniely to explain the significance of SAP systems and applications and the platform’s ability to handle massive volumes of business-critical data hosted in the cloud or on premises. Learn about the dangers of an SAP system breach; dive into the Microsoft offering to protect SAP applications; get the latest product news; and get the latest on new features and demos, including the new capability of Microsoft Defender + Sentinel to disrupt SAP attacks automatically.

Guest:

Javier Soriano

Javier Soriano

Microsoft

Security Copilot for SOC analysts – boosting efficiency and expertise with Security Copilot in Microsoft Defender XDR

December 6, 2023 Season 6Episode 7

Returning guest Principal Program Manager Corina Feuerstein highlights the seamless fusion of Microsoft Security Copilot with the Defender XDR platform. Join us for a demo that shines light on the industry-transforming Microsoft Azure OpenAI within Security Copilot, which helps you accelerate investigations to outmaneuver adversaries at scale.

Guest:

Corina Feuerstein

Corina Feuerstein

Microsoft

Security Copilot overview

December 4, 2023 Season 6Episode 6

Join us as Product Manager Gabriel Damaschin introduces the capabilities of the highly anticipated Microsoft Security Copilot, driven by cutting-edge generative AI technology. In this episode, we discuss how the extensive capabilities and various applications of this tool enable you to operate at lightning-fast speeds and how Security Copilot extends its valuable support beyond the security operations center.

Guest:

Unifying SIEM & XDR: a new era in SecOps

November 29, 2023 Season 6Episode 5

In this episode—live from Microsoft Ignite—Principal Product Managers Javier Soriano and Tiander Turpijn lead the conversation on the newest unified security operations platform – Microsoft Sentinel & Defender XDR. Learn how this innovation offers you enhanced analyst efficiency by combining security information and event management (SIEM) and extended detection and response (XDR), reducing interruptions through consolidation of duplicate features, and enabling proactive attack detection and disruption across Microsoft and non-Microsoft products.

Guest:

Javier Soriano

Javier Soriano

Microsoft

Tiander Turpijn

Tiander Turpijn

Microsoft

QR Code Phishing Protection

November 27, 2023 Season 6Episode 4

Join our highly anticipated discussion of the latest advancements in QR code phishing protection. Returning guest and Principal Product Lead Brandon Koeller demonstrates the depth and breadth of security challenges associated with QR codes and the steps required for device protection. Don’t miss this valuable episode on how the Microsoft Defender XDR team is building robust protective measures against evolving attack methods so you can stay vigilant in the face of potential malware attacks. 

Guest:

Brandon Koeller

Brandon Koeller

Microsoft

Ignite Special

November 20, 2023 Season 6Episode 3

In this special episode, we’re joined by Senior Director of XDR + SIEM Scott Woodgate as he provides a comprehensive recap of the key announcements and highlights from this year’s Microsoft Ignite. From cutting-edge technology developments to game-changing product releases, we break down the most significant takeaways, ensuring that you’re up to speed with the latest innovations in the Microsoft ecosystem. Join us as we explore how these announcements will shape the future of technology and empower businesses worldwide.

Guest:

Scott Woodgate

Scott Woodgate

Microsoft

Advanced Hunting & Data visualization in Microsoft 365 Defender

November 8, 2023 Season 6Episode 2

This episode is about using advanced hunting in Microsoft 365 Defender to transform raw data into insightful visualizations. You will learn the concept of advanced hunting and how to use this powerful feature to track attack surface reduction rules and web protection activities. Kijo Girardi, FastTrack Japan security expert, shares valuable insights into using advanced hunting in practical scenarios to assist security professionals in their daily security operations.

Guest:

Kijo Girardi

Kijo Girardi

Microsoft

Enhanced phishing protection

November 6, 2023 Season 6Episode 1

We’re delighted to begin season 6 focused on the latest advancements in phishing protection. Product Manager Sinclaire Hamilton explains how Microsoft Defender SmartScreen protects the credentials used in your organization and how industry-first technology built into the operating system protects password entries in real time.  Learn to configure this enhanced technology, submit feedback on the feature, and see—for the first time—when users in your organization enter unsafe passwords. 

Guest:

Sinclaire Hamilton

Sinclaire Hamilton

Microsoft

The next evolution of automatic attack disruption

October 12, 2023 Season 5Episode 6

Our season finale is going in-depth on an innovative, industry-first capability that marks a significant step forward for defenders gaining ground against human-operated attacks. Principal Product Manager Noam Hadash and Principal Security Research Lead Yair Tsarfaty will demo a sophisticated attack being automatically disrupted early in the kill chain and show you how your organization can benefit from this protection that’s only possible with Microsoft 365 Defender.

Guest:

Noam Hadash

Noam Hadash

Microsoft

Yair Tsarfaty

Yair Tsarfaty

Microsoft

Improve your security posture with Microsoft Defender Experts for XDR

September 25, 2023 Season 5Episode 5

This episode is about the Microsoft Defender Experts for XDR managed extended detection and response (MXDR) service. Learn how it brings expertise to your team to triage, investigate, and respond to incidents quickly and improve your security posture. Service Delivery Managers Sebastian Molendijk and Meiko Lopez share how they help customers drive security operations center efficiency and help teams stay ahead of emerging threats with an end-to-end, turnkey experience.

Guest:

Meiko Lopez

Meiko Lopez

Microsoft

Live response

September 20, 2023 Season 5Episode 4

We’re on with Product Manager Lior Liberman and Senior Software Engineer Ameer Tabony to discuss the highly anticipated Live response feature. We will define what it is; learn which platforms support it today; and talk scripts, service limitations, and more. Join us as we share a powerful demo showcasing the script library and learn how analysts can use this tool to their advantage.

Guest:

Ameer Tabony

Ameer Tabony

Microsoft

Lior Liberman

Lior Liberman

Microsoft

Integrating Microsoft 365 Defender with Azure Logic Apps

September 18, 2023 Season 5Episode 3

A returning guest from season 4, Christos Ventouris, explains the powerful integration of Microsoft 365 Defender with Azure Logic Apps. Learn how these two platforms can automate and optimize your incident response, enhance cybersecurity infrastructure, and improve organizational resilience.

Guest:

Christos Ventouris

Christos Ventouris

Microsoft

Microsoft Defender for Endpoint configuration management deep dive

September 13, 2023 Season 5Episode 2

We’re back with Dan Levy for an in-depth explanation of the Microsoft Defender for Endpoint feature updates introduced in our last episode. Join us to understand what happens on a device that is managed using multiple tools and channels, get recommendations for managing permissions between the Microsoft 365 Defender and Microsoft Intune portal, streamline grouping and targeting efforts, and learn how to mitigate unsupported scenarios.

Guest:

Dan Levy

Dan Levy

Microsoft

What’s new in the Microsoft Defender for Endpoint configuration management space?

September 11, 2023 Season 5Episode 1

Join our season 5 opener to catch up on major Microsoft Defender for Endpoint feature updates in public preview. Senior Product Manager Dan Levy presents what’s new in this space, such as endpoint security policies being available in the Microsoft 365 Defender portal; explains how these updates improve the day-to-day activities of security admins.

Guest:

Dan Levy

Dan Levy

Microsoft

New Microsoft Teams protection

June 27, 2023 Season 4Episode 8

Celebrate season 4 with us as we venture into our last episode with Daniel Mozes and Malvika Balaraj. We catch up on the latest Microsoft Teams protection features, understanding how they work and how to use them firsthand through a superb demo. You also get to explore the product roadmap to discover where things are headed when it comes to additional protection in Microsoft Teams.

Guest:

Daniel Mozes

Daniel Mozes

Microsoft

Malvika Balaraj

Malvika Balaraj

Microsoft

Near-real-time detections in Microsoft 365 Defender

June 22, 2023 Season 4Episode 7

Learn about Microsoft 365 Defender’s exciting public preview feature – near real-time (NRT) custom detection rules. Senior Product Manager, Christos Ventouris, dives into the value of these detections and how they can be leveraged to allow you to keep up with attackers and mitigate threats as fast as possible.

Guest:

Christos Ventouris

Christos Ventouris

Microsoft

Simplified SaaS Security deployment with Microsoft Defender for Cloud Apps

June 20, 2023 Season 4Episode 6

Senior Product Manager Keith Fleming brings you up to speed on the evolution and growth of Microsoft Defender for Cloud Apps. Learn about the significance of shifting from the traditional CASB to a SaaS security perspective and get to know the few simple steps it takes to enable Defender for Cloud Apps in your environment.

Guest:

Keith Fleming

Keith Fleming

Microsoft

Incident response: investigating a ransomware incident Part 2

June 15, 2023 Season 4Episode 5

Just like that, our mini-series wraps up! Corina is back to provide an epic finale to our ransomware investigation. A continuation of the previous episode, here she shows how to remediate and prevent future ransomware attacks against your organization.

Guest:

Corina Feuerstein

Corina Feuerstein

Microsoft

Incident response: investigating a ransomware incident Part 1

June 13, 2023 Season 4Episode 4

Join our first incident response investigation focused on a ransomware attack. Tune into our discussion with Principal Product Manager Corina Feuerstein as she unveils the various components of an attack and the containment measures to take when you have been affected.

Guest:

Corina Feuerstein

Corina Feuerstein

Microsoft

Incident response: business email compromise

June 8, 2023 Season 4Episode 3

Principal Security Researcher Pawel Partyka continues our incident response studies as he shares the necessary skills to manage business email compromise incidents like an expert using Microsoft 365 Defender.

Guest:

Pawel Partyka

Pawel Partyka

Microsoft

Incident response: malware investigations

June 6, 2023 Season 4Episode 2

Deepen your incident response knowledge with this episode, focused on malware investigations. DEX-XDR threat hunter and Principal Security Researcher Michael Melone introduces you to the incident response playbook for managing malware incidents effectively.

Guest:

Michael Melone

Michael Melone

Microsoft

Incident response: investigation capabilities in Microsoft 365 Defender

June 1, 2023 Season 4Episode 1

Season 4 begins with our first mini-series, focused on incident response. In this episode, Oren Saban shares how to efficiently pivot through an incident in Microsoft 365 Defender. His demo will equip you with tools to investigate incidents efficiently, focus on affected entities, and defend against threats in your environment.

Guest:

Oren Saban

Oren Saban

Microsoft

Identity threat detection and response

March 30, 2023 Season 3Episode 10

We’re wrapping up season 3 by adding another acronym to your repertoire! Or Tsemah breaks down what identity threat detection and response (ITDR) is and how this tool protects one of our most valuable and difficult-to-protect assets, our identities. Come with us as we dig into the importance of threat detection and response in the Microsoft 365 Defender portal, investigate some cyberattacks, and learn how to identify identities that pose threats to your environment. 

Guest:

Or Tsemah

Or Tsemah

Microsoft

Attack disruption

March 29, 2023 Season 3Episode 9

Cyber Security Principal Product Manager Hadar Feldman is with us for a comprehensive walkthrough of the many capabilities in Microsoft 365 Defender that help disrupt attacks. Join us to learn more on how Microsoft 365 Defender automatically detects, disrupts, and defends against attacks. 

Guest:

Hadar Feldman

Hadar Feldman

Microsoft

Get to know the Microsoft Defender Vulnerability Management Premium Capabilities

March 27, 2023 Season 3Episode 8

Here we examine the Microsoft Defender Vulnerability Management key components alongside security professional, Brandon Lawson. We’re defining several critical assessments, applications, and analyses so you can more confidently understand how to protect and defend your environment.

Guest:

Brandon Lawson

Brandon Lawson

Microsoft

Microsoft Defender for Identity and Defender for Endpoint: Better together

March 23, 2023 Season 3Episode 7

Led by security professional Daniel Naim, this episode explains the advantages of using Microsoft Defender for Identity and Defender for Endpoint together. Through a demo in the Microsoft 365 Defender portal, Daniel highlights how this unified product experience helps customers protect their organization’s identities and improve their overall security posture. 

Guest:

Daniel Naim

Daniel Naim

Microsoft

SaaS security posture management (SSPM) 

March 21, 2023 Season 3Episode 6

Join us as we learn about Microsoft Defender for Cloud Apps SSPM. David Mallett simplifies the initial deployment of this security feature, guides us through the integration of SaaS security and cloud access security brokers, and even explains how to avoid misconfigurations. Tune in to this episode as we learn why security posture is crucial for any organization. 

Guest:

David Mallet

David Mallet

Microsoft

Mobile Threat Defense

March 20, 2023 Season 3Episode 5

Product expert, Yuji Aoki, shares key threat defense capabilities within Microsoft Defender for Endpoint for iOS and Android. From a complete onboarding walkthrough to a live demo to showcase the user experience, don’t miss these insights on how to best protect your mobile devices.

Guest:

Yuji Aoki

Yuji Aoki

Microsoft

Defender Experts for Hunting Overview

March 16, 2023 Season 3Episode 4

Learn about Microsoft Defender Experts for Hunting—a service that proactively looks for threats 24/7/365, prioritizing significant threats and improving your SOC’s overall responsiveness. Join the conversation, where product experts Steve Lee and Elisa Lippincott discuss the Defender Experts for Hunting service and other essential threat-hunting capabilities. 

Guest:

Elisa Lippincott

Elisa Lippincott

Microsoft

Steve Lee

Steve Lee

Microsoft

Microsoft Sentinel integration

March 14, 2023 Season 3Episode 3

Together with Sentinel in the Field host Javier Soriano, we provide an overview of Microsoft Sentinel and discuss the integration points within Microsoft 365 Defender, showcasing bidirectional synchronization of incidents, demonstrating how to stream advanced hunting tables to Microsoft Sentinel, and examining remediation playbooks for Microsoft 365 Defender. 

Guest:

Javier Soriano

Javier Soriano

Microsoft

Mastering Email Authentication and Slashing Overrides Part 2

March 9, 2023 Season 3Episode 2

Dive deeper into Microsoft Defender for Office 365 to better understand the complexities behind false-positives and false-negatives in email. Part 2 of this series outlines practices you can put in place now to prevent malicious, spam, or phishing emails in your environment.  

Guest:

Paul Newell

Paul Newell

Microsoft

Mastering Email Authentication and Slashing Overrides Part 1

March 7, 2023 Season 3Episode 1

Paul Newell shares the importance of using Microsoft Defender for Office 365 to implement email authentication practices. Find out how poor practices can cause false-positives, how overrides can cause false-negatives, and how standards can affect your organization’s incoming email. 

Guest:

Paul Newell

Paul Newell

Microsoft

Microsoft 365 Defender MVP special

December 21, 2022Season 2Episode 9

In this special episode, Heike and colleagues talk with two of our MVPs to discuss their experience as MVPs. They’ll even share tips and tricks so that you can become an MVP, too! This episode is the perfect way to round out the year.

Guests:

Katie Ryckman profile picture

Katie Ryckman

Microsoft

Ben Harris profile picture

Ben Harris

Microsoft

Urja Gandhi profile picture

Urja Gandhi

Microsoft

Enterprise IoT overview

December 14, 2022Season 2Episode 8

Discover how Microsoft Defender for IoT can help enterprises monitor assets and risks across their entire IoT environment. Join us as our expert, Nimrod Aldaag, talks about the lates product capabilities.

Guest:

Nimrod Aldaa profile picture

Nimrod Aldaag

Microsoft

Microsoft Defender for Cloud Apps deep dive

December 2, 2022Season 2Episode 7

Caroline Lee is back to give you a deeper dive into Microsoft Defender for Cloud Apps, including capabilities such as information protection, user scoring, Advanced Hunting, and app governance. Don’t miss this one!

Guest:

Caroline Lee profile picture

Caroline Lee

Microsoft

Microsoft Defender for Cloud Apps Overview

November 30, 2022Season 2Episode 6

Caroline Lee joins us to give you a guided tour of Microsoft Defender for Cloud Apps. Learn how discovery works, dive into connectors, learn to define policies, and more.

Guest:

Caroline Lee profile picture

Caroline Lee

Microsoft

Microsoft 365 Defender overview

November 16, 2022Season 2Episode 5

Microsoft 365 Defender is an integrated, cross-domain threat detection and response solution that provides coordinated, automatic defense to block threats before they become attacks. Join us to get to know the components and capabilities of Microsoft 365 Defender.

Guest:

Kim Kischel profile picture

Kim Kischel

Microsoft

Microsoft Defender for Endpoint on Linux

November 9, 2022Season 2Episode 4

Resident Microsoft Security expert John Nix discusses the end-to-end process for installing, configuring, and managing Microsoft Defender for Endpoint on the Linux devices in your enterprise that use.

Guest:

John Nix profile picture

John Nix

Microsoft

Spearfishing and phishing defense

November 2, 2022Season 2Episode 3

Discover the best ways to defend your enterprise email against general and targeted phishing attacks in Microsoft Defender for Office 365.

Guest:

Ben Harris profile picture

Ben Harris

Microsoft

Microsoft Defender for Endpoint on macOS

October 26, 2022Season 2Episode 2

Security expert and threat hunter Michael Malone describes the installation, configuration, and management of Microsoft Defender for Endpoint on macOS devices.

Guest:

Michael Melone profile picture

Michael Melone

Microsoft

Attack simulation training

October 19, 2022Season 2Episode 1

Attack simulation training is an intelligent phish risk reduction tool that empowers employees to prevent attacks, measures their awareness of phishing risks, and provides actionable insights and recommendations that can change their behavior. Learn how to use attack simulation training right in Microsoft Defender for Office 365.

Guest:

Brandon Koeller profile picture

Brandon Koeller

Microsoft

Reporting in Microsoft Defender for Endpoint

Season 1Episode 9

Discover the out-of-the-box reporting capabilities you get with Microsoft Defender for Endpoint, and learn how they can help you spot trends in your environment. You’ll also learn how to use Power BI and Microsoft Defender for Endpoint rich APIs to extend these capabilities.

Guest:

Jake Mowrer

Jake Mowrer

Microsoft

Microsoft Threat Experts

Season 1Episode 8

Microsoft Threat Experts provide your security operations center with expert-level monitoring, analysis, and support to identify and respond to critical threats in your unique environment. In this episode, we discuss how this service works and how to get started with Experts on Demand.

Guest:

Steve Newby

Steve Newby

Company

Automated investigation and response

Season 1Episode 7

Automated investigation and response uses inspection algorithms to examine alerts, determine whether the threat requires action, and perform necessary remediation actions. Learn how automation handles and resolves alerts, enabling security operations experts to focus on more sophisticated threats and other high-value initiatives.

Guest:

Jesse Esquivel

Jesse Esquivel

Microsoft

The investigation experience

Season 1Episode 6

The incidents queue provides high-level information about each incident and is the starting point for your threat investigations. In this episode, we bring you a deeper look into working with incidents and alerts, the rich machine time line, and various other tools that enhance your investigation experience.

Guest:

Michael Melone

Michael Melone

Microsoft

Next-generation protection

Season 1Episode 5

Microsoft Defender Antivirus is a major component of Microsoft Defender for Endpoint. This next-generation protection brings together machine learning, big data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect endpoints in your organization. Learn how Microsoft’s next-generation antivirus help secure your devices.

Guest:

Paul Huijbregts

Paul Huijbregts

Microsoft

Attack surface reduction

Season 1Episode 4

Learn about the features in Microsoft Defender for Endpoint that help you eliminate risks by reducing your attack surface—without reducing user productivity. In this session, we show you how attack surface reduction can minimize your organization’s susceptibility to cyber threats and attacks.

Guest:

Jeff Cook

Jeff Cook

Microsoft

Threat and vulnerability management

May 23, 2022Season 1Episode 3

Threat and vulnerability management discovers vulnerabilities and misconfigurations on your endpoints and provides actionable insights that help you quickly remediate threats and vulnerabilities in your environment. Learn how you can use the threat and vulnerability management in Microsoft Defender for Endpoint to improve your organization’s security posture.

Guest:

Mark Thomas

Mark Thomas

Microsoft

Get started with Microsoft Defender for Endpoint

May 18, 2022Season 1Episode 2

In this episode, we dive into the most common features and scenarios to help get you started fast with your tenant. You get an overview of your control center: the unified Microsoft 365 Defender portal, role-based access control, granting permissions, and the built-in evaluation lab.

Guest:

Dean Pickering

Dean Pickering

Microsoft

Resources:

Start your trial

Get to know Microsoft Defender for Endpoint

May 16, 2022Season 1Episode 1

Microsoft Defender for Endpoint is a comprehensive solution for preventing, detecting, and automating the investigation of and response to threats against endpoints. Join us for this first episode to get to know Microsoft Defender for Endpoint components and capabilities.

Guest:

John Nix

John Nix

Microsoft

Resources:

Episode 1 (PPTX)