Talking Security: Insights from Microsoft Security Experts

Frans Oudendorp
  • 5,0 (1)
  • TECHNOLOGIES

Talking Security is your go-to podcast for everything related to Microsoft Security and DevSecOps. Hosted by Frans Oudendorp and Pouyan Khabazi, we dive deep into topics like Microsoft Defender, Entra, Intune, Zero Trust, identity protection, security automation, and secure development practices. In each episode, we engage with Microsoft MVPs, product team members, and security experts to explore real-world challenges, practical solutions, and the latest innovations across the Microsoft Security ecosystem. We also focus on integrating security into DevOps workflows, ensuring you stay ahead in the ever-evolving world of cybersecurity. 🎙 Hosted by Frans Oudendorp & Pouyan Khabazi 🔐 Focused on Microsoft Security, Identity & DevSecOps 🧠 Made for IT professionals, architects, developers, and decision-makers Subscribe and stay ahead in the ever-evolving world of Microsoft Security and secure cloud-native development.

  1. From MVP to Microsoft: Building Cyber Resilience in the Public Sector with Ronny de Jong

    -3 J

    From MVP to Microsoft: Building Cyber Resilience in the Public Sector with Ronny de Jong

    In this episode of Talking Security – MVP Security Insights, we sit down with Ronny de Jong to explore his remarkable journey from cybersecurity MVP to his current role at Microsoft. Ronny shares insights on: 💎 His career path and what inspired him to join Microsoft 💎 The unique cybersecurity challenges facing governments and public institutions 💎 How Microsoft’s security portfolio supports national resilience 💎 Balancing innovation, compliance, and operational realities in the public sector 💎 Future trends in threat intelligence and security operations 💎 Practical advice for aspiring cybersecurity professionals 💎 The meaning of true cyber resilience and moving from reactive to proactive security Whether you’re passionate about public sector security, curious about Microsoft’s approach, or looking for career inspiration, this episode is packed with valuable takeaways. Chapters: 01:28 Introduction and welcome to Talking Security podcast with guest Ronnie Young 04:37 Ronnie's career journey starting with Microsoft certifications in early 2000s 07:10 Journey into modern management, Intune blogging, and early community involvement 09:22 The story of becoming a Microsoft MVP and staying humble in the community 13:04 Decision to transition from MVP to Microsoft employee and joining the security team 20:37 Cybersecurity challenges in public sector vs private enterprises 23:25 Microsoft security portfolio approach focusing on fundamentals first 32:13 Future trends in cybersecurity and the role of AI in security operations 35:35 Advice for cybersecurity beginners on frameworks, basics, and keeping it simple 46:23 Personal motivation and what keeps him energized in cybersecurity work

    55 min
  2. Let’s Talk: Microsoft Secure Recap – Agentic AI, Sentinel Evolution & Security Copilot Agents

    8 OCT.

    Let’s Talk: Microsoft Secure Recap – Agentic AI, Sentinel Evolution & Security Copilot Agents

    In this episode of Let’s Talk, part of the Talking Security podcast, Frans Oudendorp and Pouyan Khabazi break down the biggest announcements from Microsoft Secure 2025. We explore how Microsoft Sentinel is evolving into an agentic AI platform, the introduction of Sentinel Graph and Model Context Protocol (MCP), and how Security Copilot agents are changing the game for SecOps automation. You’ll also hear about: Graph-based context and why it matters for threat detectionDeveloper extensibility for custom connectors and AI agentsSentinel Data Lake for affordable long-term storageReal-world use cases for agentic AI in security operationsPlus, we share community highlights, upcoming events like YellowHat 2025 and KustoCon, and a fun geeky quiz to wrap things up. 👉 Question for you: If you could build your own Security Copilot agent, what would it do? Let us know! 🎙️ Stay safe, stay secure, and keep talking security!

    42 min
  3. Identity Security, Entra ID & Innovation: Insights from Eric Woodruff | MVP Security Insights

    2 JUIL.

    Identity Security, Entra ID & Innovation: Insights from Eric Woodruff | MVP Security Insights

    In this episode of Talking Security – MVP Security Insights, Frans Oudendorp and Pouyan Khabazi sit down with Eric Woodruff—Chief Identity Architect at Semperis and long-time identity expert—to explore his journey from managing Active Directory in the public sector to shaping cutting-edge identity strategies in the cloud era. Eric shares what it means to truly be “in” cybersecurity, the evolving role of Entra ID, and the significance of identity research like the UnOAuthorized project. We also dive into global challenges in identity management, the balance between strong security and business agility, and how community collaboration through IDPro is driving vendor-agnostic progress. Whether you're new to identity or a seasoned expert, this conversation is packed with real-world insights, practical advice, and forward-looking trends shaping the future of identity and access management. ⏱️ Topics include: - Career journey and cybersecurity pivot - Challenges guiding identity strategy at Semperis - Identity research, Entra ID, and privilege paths - Cloud-first learning paths and emerging trends - Balancing airtight security with operational flexibility - Community contributions, hobbies, and staying grounded ⏱️ Timestamps 00:00 – Teaser 00:55 – Intro 01:24 – Introduction of the podcast 07:03 – Eric’s identity journey: From AD in the courts to cybersecurity at Semperis 09:28 – Challenges as Chief Identity Architect: Building identity strategy for SaaS 14:41 – Global identity security challenges: Public vs. private sector insights 19:43 – Research spotlight: The UnOAuthorized project and privilege path exposures 25:00 – App Registrations: Risks, visibility, and best practices 28:00 – Advice for newcomers to Identity Security 30:14 – Can you learn identity with only cloud knowledge? 32:23 – Future of Identity and Access Management: Entra ID, trends, and predictions 37:35 – Balancing airtight identity security with business agility 42:05 – The role of community: IDPro and vendor-neutral collaboration 44:32 – QuickFireFun questions 46:40 – Closing thoughts and takeaways 47:43 – Outro 📌 Subscribe for more expert interviews on identity, security, and modern workplace innovation.

    48 min
  4. 25 Years in Cybersecurity: Insights & Lessons from Stefan Schörling | MVP Security Insights

    11 JUIN

    25 Years in Cybersecurity: Insights & Lessons from Stefan Schörling | MVP Security Insights

    In this episode of our MVP Security Insights series, we sit down with Stefan Schörling—a cybersecurity veteran with over 25 years of experience, SANS-certified professional, and Microsoft MVP. 🔍 What you’ll learn in this episode: - His journey from sysadmin to CTO of a cybersecurity-focused MSSP - Hands-on insights into Microsoft Defender XDR and Unified Security Operations (USX) - Balancing fast incident response with deep, automated defense - Real-world security innovations that made a difference - Current trends in threat intelligence and managed security - The value of community collaboration in modern cybersecurity 🎯 Stefan also shares valuable advice for professionals looking to thrive in the Microsoft Security ecosystem. ⏱️ Timestamps: 0:00 Teaser 0:45 Intro 1:15 Introduction of this episode 3:10 Introduction of Stefan 5:23 Monitoring as a foundation 6:42 primary areas of expertise, and the passion for threat intelligence, incident response, and Defender XDR 10:22 Key projects as a CTO 17:55 Global and industry-specific challenges 24:10 Security innovations that drive impact 30:11 Trends shaping the future of security operations 35:32 Advice for starting security professionals 38:36 AI Question.... One tip Stefan would give his younger self 41:26 Why community matters in cybersecurity 46:18 The role of the MVP program 49:13 Personal goals and what drives him 51:12 Quickfire Fun Questions 52:30 Closing of this episode 54:14 Outro 🔔 Subscribe for more interviews with MVPs, security leaders, and Microsoft experts sharing insights from the frontlines. #Cybersecurity #MicrosoftDefender #MVPInsights #XDR #IncidentResponse #ThreatIntelligence #MicrosoftSecurity #StefanSchörling

    55 min
  5. Navigating Zero Trust, AI, and Identity with Michael van Horenbeeck | MVP Security Insights

    21 MAI

    Navigating Zero Trust, AI, and Identity with Michael van Horenbeeck | MVP Security Insights

    In this episode of MVP Security Insights (Season 2, Episode 2), we sit down with Michael van Horenbeeck, Microsoft MVP for 14 consecutive years and renowned expert in identity, cloud security, and compliance. We dive deep into: * His journey into Microsoft Security and MVP life * Top security challenges in regulated industries * The impact of NIS2, ISO 27001, and the speed of change * Trends shaping the future—AI, CoPilot agents, Zero Trust * A fun twist: If Zero Trust were a Krav Maga move… what would it be? * The value of community and staying grounded in a fast-moving world 🔐 Whether you're a seasoned security pro or just stepping into the world of identity and cloud security, this episode is packed with insights you won't want to miss. 👉 Chapters: 00:37 Intro 01:06 Introduction of this episode 03:26 Michael's introduction 06:00 Background & Microsoft MVP journey 08:02 Why focus on identity, cloud security, and compliance? 11:04 Security in regulated sectors 14:15 Regulations & governance challenges 17:53 Speed of change 21:02 Global cybersecurity threats 26:40 Future trends & AI 29:08 CoPilot and phishing defense 34:10 Zero Trust as Krav Maga 37:11 Community & collaboration 40:21 Personal goals & what's next 44:59 Closing this episode 46:04 Outro 🔗 Follow Michael on [https://www.linkedin.com/in/mvanhorenbeeck/] 🎙️ Hosted by Frans Oudendorp and Pouyan Khabazi 📢 Learn more: https://talkingsecurity.nl #MicrosoftMVP #CyberSecurity #ZeroTrust #AI #IdentitySecurity #TalkingSecurity #MVPInsights

    47 min
  6. From Vision to Sentinel: How Microsoft Built the World's Most Beloved Cloud-Native SIEM

    6 MAI

    From Vision to Sentinel: How Microsoft Built the World's Most Beloved Cloud-Native SIEM

    In this special Talking Security episode, recorded live from Microsoft HQ during the MVP Summit, hosts Frans Oudendorp and Pouyan Khabazi sit down with Ofer Shezaf, the mastermind behind Microsoft Sentinel—the first truly cloud-native SIEM. With over 30 years in cybersecurity, Ofer takes us on a journey through the evolution of InfoSec, shares the origin story of Sentinel, and unpacks what it takes to grow a billion-dollar product. From the early days of SIEM to the role of AI in modern detection and response, this episode is packed with insights, strategy, and a few fun stories along the way. Whether you're a seasoned SOC analyst, a cloud architect, or just curious about how Sentinel became a cornerstone of modern cyber defense—this one’s for you. 👉 Topics covered: - Why existing SIEMs weren’t enough—and how Sentinel changed the game - Lessons from building and scaling a $1B+ cybersecurity product - Real vs. perceived risk in product strategy - The role of community and open-source in shaping the future of cyber defense - Ofer’s advice for the next generation of cybersecurity leaders Grab your Favorito drink, and let’s talk security! 🔐

    36 min
  7. Mastering Security in the Cloud Era: Insights from a Microsoft Security MVP

    23 AVR.

    Mastering Security in the Cloud Era: Insights from a Microsoft Security MVP

    In the first episode of Season 2 of our MVP Security Insights series on the Talking Security podcast, we explore the ever-evolving landscape of cloud security and delve into practical strategies with our distinguished guest, Microsoft Security MVP Truls Dahlsveen. Truls brings deep expertise in security monitoring, SIEM, and Endpoint Detection and Response (EDR), providing valuable insights gained from real-world experiences. Throughout the episode, we address significant cybersecurity trends, discuss innovative solutions, and highlight the essential role of community engagement in bolstering security practices. Episode Outline: 0:26 - Intro 0:55 - Introduction of this episode 2:10 - Background and Expertise: Truls shares his journey to becoming an MVP and highlights his expertise in cloud security monitoring, SIEM, and EDR solutions. 5:35 - What are your primary areas of expertise within the realm of Microsoft technology and cybersecurity? 7:25 - Tools that are be used in the day job. 9:32 - Blogpost - https://www.infernux.no/5YearsOfSentinel - JOIN CCP - aka.ms/joinccp 12:36 - Current Projects and Focus: Discussing ongoing initiatives and how Microsoft technologies enhance security. 17:18 - How are you leveraging Microsoft technologies to enhance security in your current work? 23:15 - Global and Local Challenges: Examining major cybersecurity challenges globally and locally, including regulatory impacts. 30:30 - Future Trends and Advice: Insights into emerging cybersecurity trends and practical advice for professionals. 36:11 - Community and Collaboration: Importance of community collaboration featuring experiences from HackTheBox and TryHackMe. 42:30 - Question of AI: Creative reflections on cybersecurity roles and ultimate 'power-ups'. 45:18- Personal Insights and Goals: Truls shares his motivations and future objectives. 48:40 - What are your personal or professional goals for the coming period? 50:48 - Closing this episode 52:00 - Outro Join us to gain actionable advice and inspiration from one of the community's leading cybersecurity experts.

    53 min
  8. From CASB to SaaS Security: Tackling OAuth Threats with Microsoft Defender for Cloud Apps

    10 AVR.

    From CASB to SaaS Security: Tackling OAuth Threats with Microsoft Defender for Cloud Apps

    In this episode of the Talking Security Podcast, we sit down with Itai Cohen from the Microsoft Defender for Cloud Apps team to explore the evolution of SaaS Security — from the traditional CASB (Cloud Access Security Broker) model to a broader, more proactive security strategy. We cover: Why CASB isn’t enough anymore and what the future of SaaS Security looks likeThe growing threat of OAuth abuse — and why it’s such a hot target for attackersNew innovations from Microsoft like Attack Path Analysis and Advanced Hunting for OAuth threatsHow Exposure Management is helping organizations proactively reduce SaaS risk🎧 Whether you're a security architect, IT decision-maker, or Microsoft 365 enthusiast, this episode will help you rethink how you protect your SaaS environments. 👇 Don’t forget to like, subscribe, and share with your network. 📬 Got feedback or topics you'd like us to cover? Let us know in the comments or reach out via TalkingSecurity.nl! Outline of the recording 0:00 - Intro 0:22 - Introduction of this episode 2:05 - Introduction of Itai Cohen - Microsoft 2:29 - What was the original goal of Microsoft Defender for Cloud Apps as a CASB solution? 4:10 - Why is Microsoft adding more capabilities on top of the traditional CASB model towards a broader SaaS Security approach? 6:08 - How do you see today’s SaaS threat landscape compared to when CASB solutions first appeared? 10:11 - Why is OAuth has become such an attractive attack vector? 13:53 - What are typical OAuth attack paths, and how do attackers exploit them? 14:50 - Microsoft blog - https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/protect-saas-apps-from-oauth-threats-with-attack-path-advanced-hunting-and-more/4395997-, you announced new capabilities to detect OAuth threats. Can you give us an overview of what’s new? 16:16 - How does Attack Path Analysis help customers better understand and mitigate OAuth risks? 19:10 - Advanced Hunting is now available for OAuth threats — how can security teams leverage this capability? 22:36 - What are some common mistakes you see organizations make when it comes to OAuth permissions and consent management? 26:40 - Exposure Management - How does Microsoft Defender for Cloud Apps contribute to a broader exposure management approach, and how can customers use it 31:47 - How do you see the role of SaaS Security evolving within the wider Exposure Management strategy that Microsoft is building? 33:09 - How does SaaS Security fit into Microsoft’s broader security strategy, alongside Defender XDR and Entra ID? 35:33 - SaaS Security is overlooked? Why? 40:42 - If you weren’t working in security, what would you be doing instead? 42:20 - Closing the episode 43:23 - Outro #SaaSSecurity #MicrosoftDefender #OAuth #CASB #CloudSecurity #TalkingSecurityPodcast

    44 min
Tout afficher (54)

À propos

Talking Security is your go-to podcast for everything related to Microsoft Security and DevSecOps. Hosted by Frans Oudendorp and Pouyan Khabazi, we dive deep into topics like Microsoft Defender, Entra, Intune, Zero Trust, identity protection, security automation, and secure development practices. In each episode, we engage with Microsoft MVPs, product team members, and security experts to explore real-world challenges, practical solutions, and the latest innovations across the Microsoft Security ecosystem. We also focus on integrating security into DevOps workflows, ensuring you stay ahead in the ever-evolving world of cybersecurity. 🎙 Hosted by Frans Oudendorp & Pouyan Khabazi 🔐 Focused on Microsoft Security, Identity & DevSecOps 🧠 Made for IT professionals, architects, developers, and decision-makers Subscribe and stay ahead in the ever-evolving world of Microsoft Security and secure cloud-native development.

Informations