Andy Jaw & Adam Brewer - Podcast Details

Shows

Blue SecurityMicrosoft's Secure by Design journey - One year of successSummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft's Secure Future Initiative (SFI), which aims to enhance security standards across its products and services. They delve into the implementation of mandatory multi-factor authentication, the transition to passwordless accounts, and the adoption of memory-safe programming languages. The conversation highlights the importance of user experience in security measures and the ongoing efforts to reduce vulnerabilities in software development. In this conversation, Andy Jaw and Adam Brewer discuss significant advancements in Windows security, including just-in-time admin access, the Pluton processor, and the...2025-05-0644 min

Blue SecurityThe Signal IncidentSummaryIn this episode, Andy and Adam discuss a significant breach of sensitive military information that was leaked through a Signal chat involving high-level government officials. They explore the implications of this breach, the role of technology in government security, and the human errors that led to the violation of established policies. The conversation delves into the cultural influences on compliance, the challenges posed by shadow IT, and the evolution of security practices in the face of modern technology. They also evaluate the security risks associated with using Signal for sensitive communications. In this conversation, Andy Jaw...2025-04-0148 min

Blue SecurityEntra Conditional Access - Deep DiveSummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft Entra's conditional access. They explore the fundamental concepts of conditional access, its policies, and the integration of identity management with device management. The discussion highlights the importance of risk assessment, granular control, and the various conditions that can be applied to access controls. The hosts emphasize the significance of compliance policies and the interplay between different security measures to ensure robust protection against potential threats. In this conversation, Adam Brewer and Andy Jaw delve into the...2025-03-2545 min

Blue Security3rd Party Vendor or Contractor AccessSummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of granting secure access to third-party vendors and contractors. They discuss the best practices for managing elevated permissions, the implications of B2B collaboration, and the importance of lifecycle management for contractor accounts. The conversation also covers licensing considerations for external identities and compares access methods like Azure Bastion and Azure Virtual Desktop (AVD). In this conversation, Adam Brewer and Andy Jaw delve into the complexities of RDP security, Azure environments, and the management of contractor accounts. They...2025-03-1847 min

Blue SecurityUK vs Apple on Encryption, MITRE Eval results, How to Rethink Phishing SimulationsSummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the ongoing battle between governments and tech companies over encryption, focusing on Apple's recent response to the UK government's demands for access to iCloud data. They explore the implications of Apple's decision to disable advanced data protection for UK users and the broader context of encryption in cybersecurity. The conversation then shifts to the latest MITRE evaluation of endpoint protection platforms, highlighting Microsoft's performance and the challenges of the evaluation methodology. In this conversation, Andy Jaw and Adam Brewer delve into...2025-02-251h 06

Blue SecurityFBI warns about unencrypted messaging, Deepseek discussionSummaryIn this episode, Andy and Adam discuss the evolution of messaging security, focusing on end-to-end encryption and the implications of RCS messaging. They explore the recent market reactions to AI developments, particularly the impact of the DeepSeek app on Nvidia's stock value and delve into the nuances of AI model efficiency and its potential effects on the tech industry. In this conversation, Adam Brewer and Andy Jaw explore the evolving landscape of AI technology, particularly in the context of US-China relations, the ethical implications of AI scraping, and the pressing concerns surrounding data privacy. They discuss...2025-02-1845 min

Blue SecurityMicrosoft Industry Solutions Delivery with Special Guest Brodie CassellSummary In this episode of the Blue Security Podcast, host Andy Jaw and co-host Adam Brewer welcome Brodie Cassell, a principal security consultant at Microsoft. Brodie shares his journey from various IT roles to his current position at Microsoft, discussing the importance of adapting to new technologies and the challenges of data security in the age of AI. The conversation delves into the significance of a holistic approach to security, the role of Microsoft Industry Solutions Delivery, and the need for organizations to evolve their security practices to keep pace with technological advancements. In this conversation, Brodie...2025-01-281h 04

Blue SecurityCISA zero trust, macOS malware, IRS PIN, Cyber Trust MarkSummary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the Zero Trust Maturity Model and its implications for organizations looking to enhance their cybersecurity posture. They delve into CISA's guidance and Microsoft's mapping of this model, emphasizing the importance of prescriptive guidance in navigating the complexities of cybersecurity. The conversation also touches on the distinction between education and sales in the cybersecurity space, highlighting the value of continuous learning and the purpose behind their podcast. In this episode, Andy Jaw and Adam Brewer discuss the emergence of Banshee malware targeting...2025-01-2148 min

Blue SecurityOptions for Microsoft trainingSummary In this episode, Andy and Adam discuss various resources available for training on Microsoft technologies. They emphasize the importance of the Learn Microsoft portal, highlight the benefits of Ninja training for deep dives into specific topics, and recommend various YouTube channels for bite-sized learning. The conversation also covers the significance of tech community blogs, hands-on learning through applied skills, and creating personal lab environments for experimentation. Additionally, they touch on other learning resources available beyond Microsoft, including LinkedIn Learning and the value of networking with peers. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠https://youtu.be/5A54j9wmHt4 ---------------------------------------------------- Documentation: 2024-12-1028 min

Blue Security2024 Ignite RecapSummary In this episode, hosts Andy and Adam recap the key announcements from Microsoft Ignite, focusing on new features in Microsoft Edge, enhancements in Microsoft Teams for global collaboration, and significant updates in security management tools like Security Co-Pilot and Microsoft Purview. They discuss the importance of data security, the role of AI in improving security posture, and the latest improvements in Intune for device management. The conversation covers significant advancements in Microsoft's technology offerings, focusing on improvements in Intune for device management, updates to the Entra Suite and Security Service Edge, AI integration in security management...2024-12-031h 01

Blue SecuritySecuring contingent workersSummary In this episode, Andy and Adam discuss the challenges and strategies for securing seasonal and contingent workers using a Zero Trust approach. They emphasize the importance of managed devices, the complexities of hybrid domain joins, and explore alternative solutions such as cloud-based services. The conversation also touches on the significance of security policies and the need for exceptions in certain scenarios, ultimately advocating for a balanced approach to cybersecurity that enables business productivity. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ https://youtu.be/RsR0XsFWDjQ ---------------------------------------------------- Documentation: https://kanenarraway.com/posts/bpo-security-zero-trust/ ----------------------------------------------------2024-11-1234 min

Blue Security2024 Microsoft's Digital Defense ReportSummary In this episode, Andy and Adam discuss Microsoft's 2024 Digital Defense Report, which highlights the evolving cyber threat landscape, the rise of ransomware, identity attacks, and DDoS attacks. They emphasize the importance of centering organizations around security, the shift towards passwordless authentication, and the impact of AI on cybersecurity. The conversation provides actionable insights for organizations to enhance their security posture and adapt to the changing threat environment. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠https://youtu.be/o7X4dH55dto⁠ ---------------------------------------------------- Documentation: ⁠⁠https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024⁠ ...2024-10-2242 min

Blue SecurityIBM's Cost of a Data Breach 2024Summary In this episode, Andy and Adam discuss the key findings from IBM's report on the costs of a data breach in 2024. They cover topics such as the increase in the cost of data breaches, the use of security AI and automation, the cyber skills shortage, the challenges of shadow data, and the importance of insider risk management. They also highlight the need for password protection, fish-resistant MFA, and data consolidation, as well as the benefits of using generative AI tools. The episode concludes with a reminder to not be afraid of AI and to embrace its...2024-09-1048 min

Blue SecurityEntra Suite OverviewSummary In this episode of the Blue Security Podcast, Andy and Adam discuss Entra Suite, a new package from Microsoft that includes various Entra products and solutions. They provide an overview of each component, including Entra Private Access, Entra Internet Access, Entra ID Governance, Entra ID Protection, and Entra Verified ID. They highlight the benefits and use cases of each component and discuss the pricing options. They also emphasize the importance of using open standards and collaboration in the identity space. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ https://youtu.be/9zlC8NmBEp8⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ---------------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-suite-now-generally-available/ba-p/2520427...2024-09-0339 min

Blue SecurityWhere do you get technical training?Summary In this episode, Andy and Adam discuss various resources and methods for getting training and learning about Microsoft and other technology solutions. They cover topics such as official documentation, certification tracks, Ninja training, Microsoft Mechanics, the Tech Community, customer connection programs, building a personal lab, and the importance of having a supportive network. Takeaways - learn.microsoft.com is the official documentation and training resource for Microsoft products and solutions. - Microsoft offers certification tracks for various roles and technologies, and free training is available for these certifications. ...2024-08-2740 min

Blue SecurityTrump and NPD Hacked, Microsoft Admin MFASummary In this episode of the Blue Security Podcast, Andy and Adam discuss several cybersecurity news stories. They cover the hack of the Trump campaign's emails by Iranian hackers, the breach of the National Public Data records, and Microsoft's new requirement for admins to enable multi-factor authentication (MFA). They also touch on the importance of data privacy and the need for companies to be responsible stewards of consumer data. Takeaways -Iranian hackers targeted the Trump campaign's emails in an attempt to influence the US presidential election. -The breach of the National...2024-08-2033 min

Blue SecurityCloud Security - Defender for Storage Deep DiveSummary In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft's Defender for Storage, a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. They highlight the three major impacts on data workloads: malicious file uploads, sensitive data exfiltration, and data corruption. The solution offers activity monitoring, malware scanning, and sensitive data threat detection. They also mention the pricing model, the integration with Microsoft Purview, and the ease of deployment using Azure Policy and Logic Apps. Takeaways -Defender for Storage is a cloud-native security solution...2024-08-1328 min

Blue SecurityNew Autopilot Features, Intune Enrollment Attestation, MAM for W365/AVDSummary In this episode of the Blue Security Podcast, Andy and Adam discuss new features and updates in Intune, including autopilot for existing devices, Intune enrollment attestation, and mobile application management (MAM). They explain how autopilot for existing devices allows organizations to enroll on-premise joined devices into autopilot using config man and a task sequence. They also highlight the importance of monitoring device enrollments and implementing security measures such as requiring a pin for app access and blocking third-party keyboards. Takeaways - Autopilot for existing devices allows organizations to enroll on-premise joined devices...2024-08-0624 min

Blue SecurityCloud Security - Defender CSPM Deep-DiveSummary In this episode of the Blue Security Podcast, Andy and Adam discuss Defender CSPM (Cloud Security Posture Management). They explain that CSPM is the process of monitoring cloud-based systems and infrastructure for risks and misconfigurations. They highlight the key capabilities of CSPM, including automation, monitoring and managing IaaS, SaaS, and PaaS platforms, and ensuring regulatory compliance. They also introduce Defender CSPM, a paid subscription service that offers additional features such as agentless scanning, container vulnerability assessments, and DevOps security. They mention the inclusion of Entra Permissions Management and external attack surface management in Defender CSPM. They...2024-07-3033 min

Blue SecurityCrowdStrike Major IncidentSummary In this episode of the Blue Security Podcast, Andy and Adam discuss the aftermath of the CrowdStrike failed software update. They express empathy for those impacted by the incident and discuss the importance of collaboration in the cybersecurity industry. They also explore the need for transparency from security vendors and the potential impact on cybersecurity teams and funding. The conversation touches on the level of access that security solutions have and the need for a balanced approach. They emphasize the importance of having an incident response plan and implementing deployment rings for security updates. ...2024-07-2250 min

Blue SecurityCybersecurity is full?Summary In this episode, Andy and Adam discuss a blog post titled 'Cybersecurity is Full' that challenges the hype around cybersecurity careers. They explore the saturation of the field, the value of certifications and conferences, the optional nature of cybersecurity in organizations, and the stress and challenges of the industry. They emphasize the importance of having a strong foundation in technology before pursuing a career in cybersecurity and the need for organizations to prioritize cybersecurity as an enabler for their business. They also highlight the ongoing need for cybersecurity professionals and the rewarding nature of the field.2024-07-1640 min

Blue SecurityCloud Security - Defender for Servers Deep-DiveIn this episode of the Blue Security Podcast, Andy and Adam discuss Defender for Servers, a cloud security solution offered by Microsoft. They explain that Defender for Servers is part of the larger Defender for Cloud umbrella and is designed to protect cloud infrastructure, specifically servers. They discuss the different plans available, including Plan 1 and Plan 2, which offer varying levels of endpoint protection and vulnerability management. They also highlight the inclusion of Cloud Security Posture Management (CSPM) in both plans. The hosts emphasize the vendor-agnostic nature of Defender for Servers, which can be used in AWS, GCP, and on-premises...2024-07-0934 min

Blue SecurityRecommended EOP and MDO settingsIn this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by default feature in EOP and the use of admin submissions to report false positives and false negatives. They caution against using methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies, as these can bypass important security measures. They emphasize the need for...2024-07-0239 min

Blue SecurityArlington BEC, Kaspersky Ban, Crown Equipment CyberattackIn this episode, Andy and Adam discuss three cybersecurity news stories. They talk about a small town in Massachusetts that lost over $445,000 in an email scam, the Biden administration's ban on Kaspersky antivirus software, and a cyber attack on Crown Equipment, a forklift manufacturer. The main takeaways from the conversation are the importance of cybersecurity training, the need for secure remote access methods, and the impact of employee satisfaction on cybersecurity. Takeaways -Cybersecurity training is crucial to prevent email scams and social engineering attacks. -Secure remote access methods should be deployed and unauthorized...2024-06-2537 min

Blue SecuritySnowflake, Findlay Auto Ransomware, OlympicsIn this episode of the Blue Security Podcast, Andy and Adam discuss three main topics: the unauthorized user access at Snowflake, the cybersecurity issue at Finley Automotive Group, and the cyber threats surrounding the upcoming Olympics in Paris. They highlight the importance of implementing strong security controls like multi-factor authentication and regular credential rotation. They also emphasize the need for organizations to assess their data storage practices and only retain necessary customer information. The hosts discuss the challenges faced by auto dealerships in securing their outdated systems and the potential risks associated with cyber threats during major events like...2024-06-1832 min

Blue SecurityMicrosoft Recall update, Windows Hello Enhanced Sign-in SecurityIn this episode, Andy and Adam discuss the updates and clarifications made by Microsoft regarding the security concerns surrounding the Recall feature on Copilot Plus PCs. They highlight the changes, such as the option to proactively enable Recall during the out-of-box experience, the requirement of Windows Hello enrollment and proof of presence for accessing Recall, and the additional layers of protection, including just-in-time decryption and encrypted search index database. They also delve into the concept of Windows Hello Enhanced Sign-In Security and its benefits. The conversation emphasizes the importance of user choice and the balance between privacy and productivity.2024-06-1142 min

Blue SecurityMicrosoft Build RecapIn this episode of the Blue Security Podcast, Andy and Adam discuss the security and privacy announcements from Microsoft Build. They cover topics such as AI content safety, Copilot capabilities, security enhancements in Microsoft Edge, and new Windows security features. They also touch on the deprecation of NTLM and the introduction of Copilot Plus PCs with Qualcomm's new dev kit for Windows. Overall, the episode highlights the advancements in security and innovation in the Windows ecosystem. Takeaways -Microsoft announced new security and privacy features at Microsoft Build -AI content safety enhancements were introduced...2024-05-2839 min

Blue SecurityEntra Private Access, Endpoint Privilege ManagementIn this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft Entra Private Access and Endpoint Privilege Management. Entra Private Access is a modern secure edge solution that allows remote users to access on-premise applications in a micro-segmented manner. It enables granular app segmentation, MFA, and privileged access to domain controllers for on-premise users. Endpoint Privilege Management, part of the Intune Suite, allows administrators to set policies for standard users to perform privileged actions without giving them complete local admin access. It also supports approved elevations, where users can request support approval for elevated permissions directly from...2024-05-2119 min

Blue SecurityMSRC Transparency and USB ThreatsIn this episode of the Blue Security Podcast, Andy and Adam discuss two important topics: Microsoft's pledge for greater transparency in identifying and determining root causes for security vulnerabilities, and the increasing sophistication of USB malware attacks in industrial organizations. They provide insights into Microsoft's Secure Future Initiative and the importance of security in the OT and IoT networks. They also offer practical tips for strengthening USB security and data exfiltration prevention. Takeaways -Microsoft is pledging greater transparency in identifying and determining root causes for security vulnerabilities in their products and services. -The Secure Future...2024-05-1429 min

Blue SecurityMobile ThreatsIn this episode, Andy and Adam discuss the growing threat of mobile device threats. They highlight the recent mass password reset and account lockout of Apple IDs and the potential for a mobile wormable event. They explore the conditions necessary for a mobile wormable attack, including the development of zero-click exploits, the abuse of contact lists for further spread, and the lack of clear mitigations from telecommunications and mobile device companies. They also discuss the limitations of lockdown mode and the importance of endpoint protection for mobile devices. Takeaways -Mobile devices have become ubiquitous in corporate environments...2024-04-3037 min

Blue SecurityVDI and Shared Responsibility ModelIn this episode, Andy and Adam discuss the importance of VDI (Virtual Desktop Infrastructure) in security and enterprise architecture. They highlight the security benefits of VDI, such as separating end user environments from the underlying physical hardware, centralized management of baseline images and patches, and the ability to keep sensitive data in the data center. They also explore the shared responsibility model in cloud computing, where the cloud provider is responsible for the security of the infrastructure, but the end users are responsible for protecting their data and assets stored in the cloud. Takeaways -VDI provides security...2024-04-2225 min

Blue SecurityEntra Follow-up, Helpdesk Security, CertificationsIn this episode, Andy and Adam clarify some points from the previous episode and discuss two main topics: mitigating social engineering attacks on IT help desks and the value of certifications in cybersecurity. They provide practical tips for securing IT help desks, such as requiring callbacks, video verifications, and supervisor verification. They also share their thoughts on certifications, highlighting the importance of experience and continuous learning over the number of certifications. They recommend certifications from AWS and Microsoft for beginners and discuss the relevance of TCP/IP knowledge in today's cybersecurity landscape. Takeaways -Mitigate social engineering attacks...2024-04-1633 min

Blue SecurityApplication Allow Listing, iMessage Post QuantumSummary In this episode, Andy and Adam discuss the concept of application allow listing and the controversy surrounding the removal of Wireshark from company computers. They also delve into the announcement by Apple that iMessage is moving to post-quantum level 3 encryption, making it one of the most secure messaging apps available. The hosts highlight the importance of communication and risk assessment in the field of information security. They also emphasize the need for organizations to have backup communication plans during incidents. The episode concludes with a discussion on the future of post-quantum encryption and its potential impact...2024-03-0532 min

Blue SecurityBitlocker Bypass and USAF Re-orgIn this episode, Andy and Adam discuss a video demonstrating how to bypass BitLocker encryption and the mitigations that can be implemented to protect against such attacks. They emphasize the importance of information protection and how it can enhance data security. Additionally, they highlight the reorganization of the US Air Force Cyber Command, which reflects the growing significance of cybersecurity in national defense. Takeaways - Implementing mitigations such as enabling a pre-boot pin and disabling power management features can help protect against BitLocker bypass attacks. -Information protection, including data classification, labeling, and encryption...2024-02-2031 min

Blue SecurityEntra Join is the wayIn this episode, Andy and Adam discuss the transition from hybrid join to cloud native Entra Join for device management. They explain the difference between device identity and device management and how they can be managed separately. They address concerns about GPOs and highlight the importance of reevaluating device management strategies. They also discuss accessing on-premises resources, overcoming Wi-Fi authentication challenges, and the shift away from gold images. The episode concludes with a discussion on Autopilot and the gradual transition to Entra Join. Takeaways -Device identity and device management can be managed separately, allowing organizations to transition to cloud...2024-01-1642 min

Blue SecurityEntra improvements, QR Code phishing, AppGuard deprecatedIn this episode, Andy and Adam discuss updates to the Microsoft Authenticator app, including its phish-resistant capabilities and FIPS compliance. They also highlight the rise of QR code phishing and provide tips on protecting users from this type of attack. Additionally, they discuss the deprecation of Application Guard and the Evaluation Lab in the Microsoft Security Stack. Takeaways -The Microsoft Authenticator app is becoming phish-resistant and will support device-bound passkeys, providing a more secure authentication method. -QR code phishing is on the rise, and users should exercise caution when scanning unfamiliar QR codes. -Educating users and conducting phishing training...2024-01-0933 min

People and Projects Podcast: Project Management PodcastPPP 400 | Celebrating Episode 400 with Adam GrantSummary In this episode, Andy Kaufman celebrates the 400th episode of the People in Projects Podcast with special guest Adam Grant. They discuss Adam's new book, Hidden Potential, and the importance of assessing and unlocking potential in individuals. The conversation covers various topics, including keeping projects on track, the truth about hiring based on experience, a lesson Adam learned about feedback that he's a terrible writer, and overcoming criticism. Adam reflects on the past and future, including what he misses (and doesn't miss) about being Adam Grant in 2010 (when Andy and Adam first talked). Takeaways Assessing a...2023-12-3022 min

Blue SecurityOkta Breach Follow-up and PasskeysOn this week's episode, Andy and Adam talk about the follow up investigation from Okta about their support system breach along with some lessons that listeners can take away. They also talk about passkeys going mainstream and what that means for the future of passwordless. ------------------------------------------- Youtube Video Link: ⁠https://youtu.be/5Cz07OKHAII ------------------------------------------- Documentation: https://arstechnica.com/information-technology/2023/11/no-okta-senior-management-not-an-errant-employee-caused-you-to-get-hacked/ https://support.google.com/chrome/a/answer/12129062?hl=en https://support.google.com/chrome/a/answer/9116814?hl=en https://www.washingtonpost.com/te...2023-11-1337 min

Blue SecuritySEC charges Solarwinds CISO & Backing up and Archiving M365 dataOn this week's episode, Andy and Adam talk about the SEC charging the Solarwinds CISO with fraud and the implications on the overall security leadership community. They also talk about some questions that came up about backing up and restoring M365 data and a new capability coming out in public preview very soon! ------------------------------------------- Youtube Video Link: https://youtu.be/1FIZOQMXZBg ------------------------------------------- Documentation: ⁠https://www.sec.gov/news/press-release/2023-227 Monitoring M365 group/Teams deletion https://office365itpros.com/2020/01/29/report-the-deletion-of-teams/ https://petri.com/of...2023-11-1235 min

Blue Security23andMe, Okta breach, MDE Automatic Attack DisruptionOn this week's episode, Andy and Adam talk about the 23andMe and Okta breach that happened recently along with some recommendations on how organizations can try and prevent similar attacks in the future. They also talk about a revolutionary new feature in Microsoft Defender for Endpoint called Automatic Attack Disruption. They talk about how it works and how organizations can take advantage of it even if MDE is not your incumbent or primary EDR/XDR. ------------------------------------------- Youtube Video Link: https://youtu.be/2gUn1ZszQ-w ------------------------------------------- Documentation: https://techcrunch.com/2023/10/10/23a...2023-10-3033 min

Make Each Click Count Hosted By Andy SplichalWhy Ecommerce Email is More Than Just Email? with Adam ButtPodcast Episode 171 of the Make Each Click Count Podcast features Adam Butt, the CEO of Noticed.In this episode, Andy and Adam dive into the world of e-commerce, multitouch attribution, and email marketing strategies. Adam reflects on turning 40 and feeling old while sharing the challenges and successes in business. They explore the importance of a multi-channel approach, understanding consumer behavior, and the power of customer retention. Plus, Andy and Adam discuss the evolving landscape of email engagement and the key factors that drive successful campaigns. Join them as they navigate through the world of e-commerce...2023-10-2729 min

Blue SecurityUnpopular Cybersecurity OpinionsOn this week's episode, Andy and Adam talk about a fun Twitter/X thread where cybersecurity professionals expressed some "unpopular opinions." ------------------------------------------- Youtube Video Link: ⁠https://youtu.be/qEV3zbskXX8 ------------------------------------------- Documentation: https://x.com/merill/status/1700615539452965327?s=20 https://x.com/wdormann/status/1702800210072670299?s=20 https://x.com/IBRice101/status/1704091544544842022?s=20 https://x.com/BrianHaugli/status/1702826263381942732?s=20 https://x.com/hakluke/status/1700336119630737459?s=20 https://x.com/wbm312/status/1700299133704339824?s=20 https://x.com/leandroqm/status/1701233575809466802?s=20 https://x.c...2023-10-0933 min

Blue SecurityJCI Ransomware, Ransomware Negotiations, CISA guidanceOn this week's episode, Andy and Adam talk about Johnson Controls' ransomware attack and some implications on national security. They also talk about some lessons learned from ransomware negotiations and CISA's new campaign, Secure Your World. ------------------------------------------- Youtube Video Link: https://youtu.be/bslx3jol8tg ------------------------------------------- Documentation: https://www.bleepingcomputer.com/news/security/building-automation-giant-johnson-controls-hit-by-ransomware-attack/ https://www.cnn.com/2023/09/28/politics/dhs-investigating-ransomware-attack/index.html https://www.pcmag.com/news/haggling-with-hackers-surprising-lessons-from-50-negotiations-with-ransomware https://www.cisa.gov/secure-our-world ---------------------- Contact Us: 2023-10-0226 min

Blue SecurityMITRE Engenuity ATT&CK Evaluations and Insider RiskOn this week's episode, Andy and Adam talk about the results of the MITRE Engenuity ATT&CK Evaluations and how to interpret them. They also talk about the rising costs of insider risk and some things you can do to combat insider risk. ------------------------------------------- Youtube Video Link: ⁠⁠⁠https://youtu.be/FF1ZD73X5nA ------------------------------------------- Documentation: https://attackevals.mitre-engenuity.org/enterprise/turla/ https://www.microsoft.com/en-us/security/blog/2023/09/20/microsoft-365-defender-demonstrates-100-percent-protection-coverage-in-the-2023-mitre-engenuity-attck-evaluations-enterprise/ https://twitter.com/FrankMcG/status/1702155374386692107?s=20 https://www.csoonline.com/article...2023-09-2624 min

Blue SecurityMGM Resorts Security IncidentOn this week's episode, Andy and Adam talk about the security incident impacting MGM Resorts. They discuss the attack vector of social engineering and ways that you can help protect your helpdesk and users from this type of attack. ------------------------------------------- Youtube Video Link: https://youtu.be/2UvrVA7u4VA⁠ ------------------------------------------- Documentation: https://www.vox.com/technology/2023/9/15/23875113/mgm-hack-casino-vishing-cybersecurity-ransomware https://www.darkreading.com/application-security/okta-flaw-involved-mgm-resorts-breach-attackers-claim https://sec.okta.com/articles/2023/08/cross-tenant-impersonation-prevention-and-detection https://twitter.com/RachelTobac/status/1701801025940971792?s=20 https://twitter.com/Jhaddix/status/1702154228037488928?s=20 ...2023-09-1835 min

Blue SecurityApple 0-day's, Storm-0558 follow up, MFST Conditional Access DashboardOn this week's episode, Andy and Adam talk about Apple's no-click zero day, the technical findings of the follow up investigation on Storm-0558, and the new Microsoft Conditional Access Dashboard and Templates. ------------------------------------------- Youtube Video Link: https://youtu.be/BmHqNkQQx8I ------------------------------------------- Documentation: https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/ https://support.apple.com/en-ca/HT212650 https://timmyit.com/2022/08/09/lockdown-mode-in-ios-16-what-happens-if-the-device-is-already-managed/ https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/ https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/conditional-access-overview-and-templates-are-now-generally/ba-p/3888722 https://learn.microsoft.com/en-us/azure/a...2023-09-1133 min

Blue SecurityRed Teaming with Special Guest 23POn this week's episode, Andy and Adam talk with Michael Belton and Dave Falkenstein from 23p, a Madison, Wisconsin based red-teaming company about pentesting, purple teaming, and start out in red-teaming. ------------------------------------------- Youtube Video Link: https://youtu.be/msWQ0mH-fUQ⁠⁠⁠⁠⁠⁠ ------------------------------------------- Documentation: https://www.23p.com/ http://www.23p.com/s/23p-BlueSecurityPodcast-InfamousDefaults.pdf Michael Belton Email: mike@23p.io Linkedin: https://www.linkedin.com/in/michael-belton/ Dave Falkenstein Email: dave@23p.io ------------------------------------------- Contact Us:2023-08-2137 min

Blue SecuritySecuring Entra External IdentitiesOn this week's episode, Andy and Adam talk about securing Entra external identities. They talk about B2B and B2C as well as a few other lesser known features of external identities like direct connect and multi-tenant synchronization. ------------------------------------------- Youtube Video Link: ⁠⁠⁠https://youtu.be/V1_RIGQKUYI ------------------------------------------- Documentation: ⁠https://learn.microsoft.com/en-us/azure/active-directory-b2c/supported-azure-ad-features https://learn.microsoft.com/en-us/azure/active-directory-b2c/security-architecture https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-external-id#Capabilities ---------------------- Contact Us: Web...2023-08-1426 min

Invisible Injuries - PodcastS04E03 - Adam Blum (True Blue History podcast) pt1Andy introduces our first “Firey” RFS (Rural Fire Service) first responder, Adam Blum of Blue Mountains Brigade.Andy and Adam touch on the diagnosis of ADHD and what the landscape looked like back then as a relatively unchartered disorder. Adam mentioned in his recent book his parents attracted a lot of criticism for medicating him and his brother. His parents, after much research committed to a program against fierce family opposition and kept specialists appointments for reviews. Adam expands on his mindset at that time including the stigma of a disability. How he managed to push against opinions...2023-03-1759 min