Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options.

• Jay Leask on LinkedIn
• Workplace Ninja’s US
• Follow Workplace Ninjas US on LinkedIn
• Workplace Ninja’s US
• Microsoft Zero Trust Guidance Center
• Microsoft Zero Trust Assessment Tool
• Conditional Access
• Ben’s YouTube video on Authentication Context and Conditional Access

Welcome to Episode 416 of the Microsoft Cloud IT Pro Podcast. In this week’s episode, Ben finally has a chance to sit down with Henrik Wojcik. Henrik has been a long-time listener as well as a fellow Microsoft MVP in Security and we finally had the chance to sit down and record an episode together, something we’ve talked about doing for years.

As they sit down and enjoy a sunny afternoon in at Microsoft Ignite in San Francisco they discuss security in the financial sector, EU regulations (N2 and DORA), integrating Data Lake with Sentinel, optimizing log analytics, and the latest on Security Copilot and E5 licensing. They also spend some time chatting about some of their conference highlights, assisting as proctors in the hands-on labs, and the unique experience of Ignite in San Francisco.

Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options.

• Microsoft Ignite (with sessions on demand)
• Microsoft Ignite Book of News
• Catch up on Microsoft Security sessions and announcements from Ignite 2025
• Microsoft Sentinel benefit for Microsoft 365 E5, A5, F5, and G5 customers
• Learn about Security Copilot inclusion in Microsoft 365 E5 subscription
• Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI
• What is Microsoft Sentinel data lake?
• KQL and the Microsoft Sentinel data lake

Henrik F. Wojcik

Henrik has worked in the IT industry since 2003. He’s always had a passion for learning new technologies and expanding his knowledge through various means such as online courses, webinars, and reading up on the latest developments in the industry.

Throughout his career, he’s gained experience in various areas of IT, making him a true jack of all trades. However, his latest interests lie in the security space, modern workplace and management in Azure, with a particular focus on cyber security. He has experience working with products such as Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, Conditional Access, Microsoft Sentinel, and Microsof t Entra ID.

His primary focus is on security on Azure workloads and identity (Entra ID). He prioritizes security awareness and believe that learning never stops, which is why He’s always eager to expand my knowledge and skillset.

In the past, He’s also worked with various tools and technologies such as Cisco, Citrix, Dynamics AX, Exchange, ITIL, Azure, SCCM & SCOM, Scrum & Kanban, VMware, Windows Servers, and Windows Desktops.

1. Security Copilot Expansion to E5 Customers
   • 12 new Security Copilot agents coming to Defender, Entra, Intune, and Purview
   • 30+ partner agents being added to the ecosystem
   • Major announcement: Security Copilot will now be available to all Microsoft 365 E5 customers
   • Rollout begins with Frontier program (Microsoft’s insider ring for Copilot)
   • Expanding in coming months to all E5 customers
   • Security Copilot spans four pillars:
     • Security Operations (Defender + Sentinel)
     • Data Security (Purview)
     • Identity & Access (Entra)
     • Endpoint Management (Intune)
2. Microsoft Agent 365 – The Control Plane for Agents
   • Addresses the critical problem of agent sprawl and governance
   • Think of it as “Entra ID for AI agents”
   • Core capabilities:
     • Registry: Complete inventory of all agents (registered, unregistered, and shadow agents
     • Access Control: Conditional access policies and risk-based policies for agents
     • Monitoring: Real-time visibility into agent behavior, performance, and organizational impact
     • Security Integration: Defender protection, Purview data governance
   • Key governance features:
     • Approve pending agent requests
     • Identify ownerless agents
     • Apply DLP policies to agents
     • Conditional access for agents
     • Secure score for agents
     • Available now through Frontier program in Microsoft 365 admin center
3. Overarching Themes
   • Agent security is the new frontier: All major product announcements (Purview, Entra, Defender) are focused on agent governance
   • 100 trillion daily signals inform Microsoft’s threat intelligence
   • Ignite’s evolution: Less about big product launches, more about storytelling and connecting features released throughout the year
   • IT Pro focus: Understanding, managing, and securing AI agents is becoming a core competency
4. Key Observations
   • Ignite 2025 is heavily focused on AI and security – limited announcements for traditional products like SharePoint, Teams, or Loop
   • The shift reflects Microsoft’s rapid release cadence in the cloud era
   • Agent sprawl is real and Microsoft is proactively addressing governance needs
   • IT professionals need to embrace this change: “The only way out is through”

Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options.