After a pre-Ignite cliffhanger, we welcome back the illustrious James Key. This episode, James is back to fill us in on the Ignite announcements around Security Copilot that he couldn’t talk about last time.

Show Notes/Links

* Learn about Security Copilot inclusion in Microsoft 365 E5 subscription https://learn.microsoft.com/en-us/copilot/security/security-copilot-inclusion

* Microsoft 365 adds advanced Microsoft Intune solutions at scale https://techcommunity.microsoft.com/blog/microsoftintuneblog/microsoft-365-adds-advanced-microsoft-intune-solutions-at-scale/4474272

* What is Microsoft Entra Agent ID? https://learn.microsoft.com/en-us/entra/agent-id/identity-professional/microsoft-entra-agent-identities-for-ai-agents

* The Microsoft Security Store: https://SecurityStore.Microsoft.com

As the Thanksgiving turkey roasts and the family gathers, cybercriminals are lurking in the digital shadows, ready to crash your holiday feast. In Episode 280 of THE Security Insights Show, hosts serve up a timely platter of cybersecurity wisdom to keep your “gravy secrets”—those juicy credentials, financial data, and personal info—safe from opportunistic hackers.Dive into the rising tide of “Turkey-Day Trojans”: sneaky malware disguised as festive deals, phishing emails from “Aunt Edna” demanding urgent wire transfers, and smart home devices turned into spy cams by unsecured Wi-Fi. We’ll unpack real-world holiday hacks, from ransomware gobbling up your shopping carts to social engineering tricks exploiting family chit-chat. Plus, get actionable Microsoft Security tips—like leveraging Defender for endpoint protection, Entra ID for secure guest access during virtual toasts, and Copilot-powered threat hunting to spot the bad stuffing before it sours the meal.Whether you’re a CISO stress-testing your perimeter or just a home user dodging Black Friday bait, this episode arms you with the tools to feast worry-free. Tune in now on YouTube, Apple Podcasts, Spotify, or your favorite platform—because nothing ruins a holiday like a data breach on dessert. Don’t forget to subscribe for more bites of security insight!

This episode of “THE Security Insights Show” covers a range of topics, starting with personal updates and discussions about cybersecurity certifications. The hosts delve into the role of Artificial Intelligence (AI) in cybersecurity, specifically debating the necessity of learning KQL (Kusto Query Language) from scratch given the advent of natural language to KQL models (16:01). They discuss the importance of understanding underlying data and language nuances even with AI assistance (18:56).

The conversation then pivots to key announcements from Microsoft Ignite, including:

* Work IQ: An intelligent layer that enhances productivity by connecting organizational and personal data, enabling AI-driven insights and recommendations within Microsoft 365 applications (31:31).

* Proactive Attack Disruption and Predictive Shielding: Microsoft’s new capabilities to anticipate attacker moves during ongoing attacks, dynamically hardening targets in real-time (35:59).

* Expanded Automatic Attack Disruption: This feature extends to work across third-party services like AWS, Okta, and Proofpoint, allowing Microsoft Defender to take decisive actions on external systems even if the threat originates from a non-Microsoft system (39:06).

* Rebranding of Defender XDR to Borg XDR: Indicating a consolidation of more Defender for Cloud functionality and assimilation of Sentinel into the unified Defender portal (42:00).

* Native Sysmon in Windows 11: A significant announcement for security professionals (42:35).

In this electrifying episode, we sit down with James Key, Principal Product Manager for Microsoft Security Copilot, to unpack the groundbreaking advancements shaping the future of AI-driven security. With over nine years of expertise in cloud architecture, technical training, and product innovation, James is at the forefront of empowering security teams worldwide through intelligent, partner-led solutions.As cyber threats evolve at breakneck speed, Microsoft Security Copilot is supercharging defenses with its latest fall updates. James breaks down the integration with the new Sentinel data lake and graph, enabling seamless data querying and real-time threat hunting like never before. We’ll explore the debut of ready-made and custom agents that automate complex workflows, from incident response to vulnerability management, freeing up pros to focus on strategy.But it’s not just tech—James shares how the newly launched Microsoft Security Store is uniting partners in a bold ecosystem for innovation, fostering collaborative AI tools tailored to enterprise needs.

Links/Notes

* Microsoft Security Store: https://securitystore.microsoft.com/agents

* Agent YAML Builder: https://github.com/rod-trent/JunkDrawer/tree/main/AgentBuilder

* Microsoft Ignite Security Copilot sessions: https://ignite.microsoft.com/en-US/sessions?filter=&search=Security+Copilot&sortBy=relevance

* glueckkanja AG: https://www.linkedin.com/company/glueckkanja/

* adaQuest: https://www.linkedin.com/company/adaquest-inc/