1
00:00:00,000 --> 00:00:08,800
Welcome to the Talking Security podcast.

2
00:00:08,800 --> 00:00:20,840
We will talk about items related to Microsoft's security.

3
00:00:20,840 --> 00:00:26,120
Hi everyone, welcome back at a new recording of the Talking Security podcast.

4
00:00:26,120 --> 00:00:31,880
The summer break is over and we are continuing this Defender for Cloud series.

5
00:00:31,880 --> 00:00:37,080
As you know, Microsoft's comprehensive solution for protecting cloud workloads and hybrid

6
00:00:37,080 --> 00:00:38,080
environments.

7
00:00:38,080 --> 00:00:44,000
Last time we talked to Tom Janetscheck about Defender for Servers within Defender for Cloud

8
00:00:44,000 --> 00:00:45,480
and Pouyan.

9
00:00:45,480 --> 00:00:50,240
together, we are hosting this podcast series.

10
00:00:50,240 --> 00:00:53,880
We are both Microsoft MVP in the Security category show.

11
00:00:53,880 --> 00:00:57,560
It's one of the reasons we try to realize that.

12
00:00:57,560 --> 00:01:04,200
And last time before Summer Break, you were in the United States at the MVP Summit

13
00:01:04,200 --> 00:01:06,440
Met and you talked to someone.

14
00:01:06,440 --> 00:01:08,440
Yes, Frans.

15
00:01:08,440 --> 00:01:10,200
It's great to be back.

16
00:01:10,200 --> 00:01:13,200
It's finally the summer holidays are over.

17
00:01:13,200 --> 00:01:18,880
Yeah, before the summer I was at the summit at the MVP summit and I met with David

18
00:01:18,880 --> 00:01:24,480
and we spoke a lot about the whole security about DevOps.

19
00:01:24,480 --> 00:01:29,680
And I have been since looking forward to this session, one of my favorites.

20
00:01:29,680 --> 00:01:35,400
So I would also ask our special guest, David Trigano, please come introduce yourself to our listeners.

21
00:01:35,400 --> 00:01:36,400
Yes, we are.

22
00:01:36,400 --> 00:01:37,400
Thank you, friends.

23
00:01:37,400 --> 00:01:38,400
Thank you for our invitation.

24
00:01:38,400 --> 00:01:39,400
Hi everyone.

25
00:01:39,400 --> 00:01:40,400
My name is David Trigano.

26
00:01:40,400 --> 00:01:44,720
I'm a Senior Product Manager within the Microsoft Department of Cloud for the group.

27
00:01:44,720 --> 00:01:50,000
I've been on Microsoft since 2010, started my career as a sub-engineer in Microsoft

28
00:01:50,000 --> 00:01:51,000
Friends.

29
00:01:51,000 --> 00:01:56,520
Both in Microsoft Israel to all can be Microsoft Defenders of Cloud for the group.

30
00:01:56,520 --> 00:02:01,080
And a year and a half ago I relocated to the US kind of making a collection of Microsoft

31
00:02:01,080 --> 00:02:04,680
offices around the globe.

32
00:02:04,680 --> 00:02:10,320
What is for you to real difference between Israel and the United States where you now

33
00:02:10,320 --> 00:02:11,320
based?

34
00:02:11,320 --> 00:02:13,320
Yes, so thank you.

35
00:02:13,320 --> 00:02:14,320
This is a great question.

36
00:02:14,320 --> 00:02:21,200
What I realize is that in Israel we obviously are all offices as way smaller.

37
00:02:21,200 --> 00:02:26,080
So when we talk about empowering people and when we talk about opportunities and how we can

38
00:02:26,080 --> 00:02:31,400
collaborate with other products, I think that here in the US this is the opportunities

39
00:02:31,400 --> 00:02:32,680
that are in things.

40
00:02:32,680 --> 00:02:37,600
We have plenty of teams, we have plenty of organizations here that are working, are

41
00:02:37,600 --> 00:02:42,160
talking the same goal which is helping our customers or empowering our customers, what

42
00:02:42,160 --> 00:02:43,160
should we do?

43
00:02:43,160 --> 00:02:47,920
And I think that even if this sounds like, okay, this is a mindset that we set that

44
00:02:47,920 --> 00:02:54,480
set that kind of infuses across the whole Microsoft organization, this is something that

45
00:02:54,480 --> 00:02:59,880
we feel and we can see them databases when we're working within the random campus.

46
00:02:59,880 --> 00:03:00,880
Awesome.

47
00:03:00,880 --> 00:03:12,080
Well, David, thanks for taking the time for joining us today at our episode.

48
00:03:12,080 --> 00:03:17,240
It's mentioned one of my favorites, one definitely in the time that we are in now with

49
00:03:17,240 --> 00:03:22,080
everything happening with cloud and a lot of development.

50
00:03:22,080 --> 00:03:29,880
I think it's really important to have a good visibility and a good framework in place when

51
00:03:29,880 --> 00:03:36,600
it comes to the whole DevOps process.

52
00:03:36,600 --> 00:03:46,840
And to kick it off, I'm really curious, kick, kick, kick as a overview of how DevOps security

53
00:03:46,840 --> 00:03:51,600
and its role within the whole broader Defender for cloud ecosystems is.

54
00:03:51,600 --> 00:03:53,600
Yes, today.

55
00:03:53,600 --> 00:03:54,600
Absolutely.

56
00:03:54,600 --> 00:03:59,320
So, I think our first of all, it's important to understand our Microsoft Defender for cloud

57
00:03:59,320 --> 00:04:05,040
has been here for a long time and we saw Microsoft Defender for cloud evolving from being

58
00:04:05,040 --> 00:04:12,600
a CSPM and CWP platform focused on a joule first where we'll call the Azure Security Center

59
00:04:12,600 --> 00:04:17,320
to a multi-cloud multi-pycline comprehensive Synapse solution called Microsoft Defender for

60
00:04:17,320 --> 00:04:18,320
cloud.

61
00:04:18,320 --> 00:04:23,840
And when we talk about Synapse which is the terminology to say that we are protecting or providing

62
00:04:23,840 --> 00:04:30,120
a platform that provides a protection to cloud native applications is important to also

63
00:04:30,120 --> 00:04:38,480
consider the development security and the DevOps security aspect of a course, the sort of

64
00:04:38,480 --> 00:04:40,200
development lifecycle.

65
00:04:40,200 --> 00:04:45,120
So, in using an integrating DevOps security within Microsoft Defender for cloud, for

66
00:04:45,120 --> 00:04:51,800
us it's something that is natural when it comes to moving from CSPMCWP to becoming a

67
00:04:51,800 --> 00:05:00,520
Synapse actor within Microsoft.

68
00:05:00,520 --> 00:05:05,400
So, obviously protecting DevOps environment goes from searching for secrets that may be exposed

69
00:05:05,400 --> 00:05:11,400
in a code to finding vulnerabilities before the code is being deployed into production, analyzing

70
00:05:11,400 --> 00:05:17,520
IAC templates, so infrastructure as code template that our provisioning resources and being

71
00:05:17,520 --> 00:05:22,680
able to infuse all of those insights into Microsoft Defender for cloud in our cloud security

72
00:05:22,680 --> 00:05:27,920
explorers, in our recommendations and all the different places where Microsoft Defender for

73
00:05:27,920 --> 00:05:31,240
cloud provides security visibility for all customers.

74
00:05:31,240 --> 00:05:38,480
Awesome, yeah, I think when we're in our first episode we talked a lot with a road about

75
00:05:38,480 --> 00:05:43,640
the whole Defender for cloud and how big it is and how massive and how we even started

76
00:05:43,640 --> 00:05:48,120
counting how many futures it contains at this moment.

77
00:05:48,120 --> 00:05:55,120
So in your opinion it's really playing a big role to have a completely overview when it

78
00:05:55,120 --> 00:05:57,320
comes towards the development.

79
00:05:57,320 --> 00:06:03,640
So what if you look then on that topic what are the primary challenges for the organization

80
00:06:03,640 --> 00:06:06,520
to face?

81
00:06:06,520 --> 00:06:11,960
What are the basic when it comes to the DevOps security especially if you talk about

82
00:06:11,960 --> 00:06:16,280
maybe even multi cloud, multi pipeline environments?

83
00:06:16,280 --> 00:06:19,880
How does that work and fit?

84
00:06:19,880 --> 00:06:21,680
So I would say that this is a real challenge.

85
00:06:21,680 --> 00:06:27,000
First of all this is a great question because this is obviously the one million dollar question

86
00:06:27,000 --> 00:06:32,960
that we all aim to solve is how we can bring two different worlds which is the infrastructure

87
00:06:32,960 --> 00:06:37,400
wall, the tech wall, the DevOps tech wall, the DevSecOps wall to collaborate.

88
00:06:37,400 --> 00:06:41,160
Because when you think about it those different worlds are not talking the same language

89
00:06:41,160 --> 00:06:46,400
they're not using the same platform, they're not having the same agenda and our goal as

90
00:06:46,400 --> 00:06:51,240
a security provider is to facilitate to reduce the friction between those worlds.

91
00:06:51,240 --> 00:06:56,640
How we help a developer who wants to build application fast who wants to deliver those application

92
00:06:56,640 --> 00:07:02,400
fast into production to communicate with a subscription owner with an application owners who

93
00:07:02,400 --> 00:07:07,200
also wants to have something fast but both of them want to make sure that this is

94
00:07:07,200 --> 00:07:12,360
secure because nobody wants to have a message to a YM saying hey there is a critical CBE

95
00:07:12,360 --> 00:07:17,320
you have to wake up because the application is down because the security team decided to turn

96
00:07:17,320 --> 00:07:25,640
off the application because whatever what security issue happens within the organization.

97
00:07:25,640 --> 00:07:29,440
So I think that again while we're trying to achieve within Microsoft this kind of

98
00:07:29,440 --> 00:07:34,160
a cloud is really the ability to reduce the friction between personas that are not talking

99
00:07:34,160 --> 00:07:39,600
the same language between personas that are not specifically designed to work together

100
00:07:39,600 --> 00:07:44,080
on the first side we have the security team that are here to make sure that the entire

101
00:07:44,080 --> 00:07:49,360
organization is securely built in architecture and design and on the other side we have

102
00:07:49,360 --> 00:07:54,080
the application owner or the developer who are actually looking to have application and

103
00:07:54,080 --> 00:08:00,960
to deliver faster and faster application and plown native applications for all the businesses.

104
00:08:00,960 --> 00:08:05,880
So these are the main challenges how we make sure that we have all the organization to

105
00:08:05,880 --> 00:08:13,520
collaborate together without having any friction without being able to understand the

106
00:08:13,520 --> 00:08:17,600
technology that happens behind the scene and the complexity behind the scene that we

107
00:08:17,600 --> 00:08:22,240
have in place and we put in place for helping those different organizations and personas

108
00:08:22,240 --> 00:08:27,160
to collaborate throughout building cloud native applications securely.

109
00:08:27,160 --> 00:08:33,680
Yeah, I think that that's the key of the whole deaf circles in the day to

110
00:08:33,680 --> 00:08:42,560
learn and to achieve that I think that the feasibility is the key to have like a fully unified

111
00:08:42,560 --> 00:08:50,680
feasibility into the security posture but that is often happens at the moment in the production

112
00:08:50,680 --> 00:08:54,040
phase that the security finds the full of melody.

113
00:08:54,040 --> 00:08:59,480
So how do you see the role of the vendor for cloud when it comes to pre-production application

114
00:08:59,480 --> 00:09:11,040
for example and what kind of scans and security execute in that kind of platforms?

115
00:09:11,040 --> 00:09:14,120
Yeah, good question.

116
00:09:14,120 --> 00:09:18,680
So Microsoft Defender for cloud again as I mentioned at the beginning of this podcast we

117
00:09:18,680 --> 00:09:23,800
aim to become a cleanup cloud native application protection platform and for achieving this

118
00:09:23,800 --> 00:09:28,800
role we actually want to shift left our visibility and security control with development

119
00:09:28,800 --> 00:09:31,240
or installation and to do development role.

120
00:09:31,240 --> 00:09:37,080
So we talk about scanning we can talk about our ability to scan IIT templates with

121
00:09:37,080 --> 00:09:41,320
deafness configurations in advance we also have the ability to annotate fully

122
00:09:41,320 --> 00:09:46,560
requests near real time to inform the developers immediately when we found a list

123
00:09:46,560 --> 00:09:53,560
of configuration before those IIT templates will eventually provision and help the resources

124
00:09:53,560 --> 00:09:58,760
and native resources in their cloud environments which is a critical aspect to make sure that

125
00:09:58,760 --> 00:10:04,440
we not only are building security applications but also building applications that are

126
00:10:04,440 --> 00:10:11,560
designed in a way that allow us to make sure that those applications or those resources

127
00:10:11,560 --> 00:10:17,920
are defined and deployed according to the security best practice and security rules and policies

128
00:10:17,920 --> 00:10:22,040
that will be defined by security teams within Microsoft Defender software.

129
00:10:22,040 --> 00:10:27,520
So this is the first task I mentioned also something about secrets and finding CVEs before

130
00:10:27,520 --> 00:10:33,800
those risk or miscontribulation or vulnerability is a heating production environment and this

131
00:10:33,800 --> 00:10:38,840
is also where we are collaborating with GitHub events security for GitHub events security

132
00:10:38,840 --> 00:10:44,960
for Azure DevOps by aggregating all the different insights that are coming from those platforms

133
00:10:44,960 --> 00:10:49,840
and centralizing them and unifying the visibility of all those different insights that

134
00:10:49,840 --> 00:10:55,000
sit at the file level or the repository level into Microsoft Defender for cloud and connecting

135
00:10:55,000 --> 00:10:59,800
those insights into the rest of the platform into the cloud environment how we are providing

136
00:10:59,800 --> 00:11:02,440
contact to cloud visibility for our customers.

137
00:11:02,440 --> 00:11:11,040
So it's a secret CVEs in terms of scanning and I think that's planning to identify vulnerabilities

138
00:11:11,040 --> 00:11:16,840
and miscontribulations before those security issues reached to your production or to customers

139
00:11:16,840 --> 00:11:19,840
production and sensitive critical environments.

140
00:11:19,840 --> 00:11:28,840
Awesome, you have that sounds really amazing definitely what in mind that security is empowered

141
00:11:28,840 --> 00:11:40,840
to make decisions and to take controls before that happens to control the damage that's coming.

142
00:11:40,840 --> 00:11:43,400
And are there any key features?

143
00:11:43,400 --> 00:11:48,840
I mean the visibility is one of the big ones that I think you mentioned that making the

144
00:11:48,840 --> 00:11:55,920
whole DevOps process visible for security so that they can assess and share their feedback

145
00:11:55,920 --> 00:11:57,560
on it.

146
00:11:57,560 --> 00:12:05,440
What are other key features or capabilities for example that you can mention how security

147
00:12:05,440 --> 00:12:12,240
can integrate or promote their security towards the developers and let them know are there

148
00:12:12,240 --> 00:12:15,960
any integrations in their for example that you can mention?

149
00:12:15,960 --> 00:12:17,440
Absolutely, absolutely.

150
00:12:17,440 --> 00:12:22,440
So I mentioned already the PR annotations that is part of Microsoft Defender for cloud

151
00:12:22,440 --> 00:12:27,120
that we have simple click security admin and security teams can actually enable it to

152
00:12:27,120 --> 00:12:32,800
automatically approach their different insights coming from their for example Azure DevOps

153
00:12:32,800 --> 00:12:33,800
environments.

154
00:12:33,800 --> 00:12:38,800
So the moment GitHub events security or Microsoft Defender for cloud identifies a security

155
00:12:38,800 --> 00:12:42,800
risk for security miscontribulation or vulnerability might sort of define a for cloud will

156
00:12:42,800 --> 00:12:48,000
automatically annotate the pull request that was initiated by the developer to inform him

157
00:12:48,000 --> 00:12:53,400
about the miscontribulation or vulnerability that's what a term during the pull rate.

158
00:12:53,400 --> 00:12:57,560
There is also another aspect of Microsoft Defender for cloud which is something that currently

159
00:12:57,560 --> 00:13:02,400
exists and as I mentioned we extend to the cloud and to the code environment is about

160
00:13:02,400 --> 00:13:06,200
security graph explorer and a well-attack path analysis.

161
00:13:06,200 --> 00:13:11,840
So another of customers are talking to us about this what we call in this industry.

162
00:13:11,840 --> 00:13:17,320
This alert fatigue or this recommendation fatigue is security fatigue because they have plenty

163
00:13:17,320 --> 00:13:18,320
of different insights.

164
00:13:18,320 --> 00:13:23,920
I have hundreds of recommendations thousands of failures thousands of signals coming from different platforms,

165
00:13:23,920 --> 00:13:28,280
different environments, different resources and they don't know how to buy it.

166
00:13:28,280 --> 00:13:33,320
I don't know how to quickly identify the most critical resources that they have where

167
00:13:33,320 --> 00:13:40,200
they want developers over the action owners to focus on by connecting the DevOps insights

168
00:13:40,200 --> 00:13:45,560
and DevOps entities into the Microsoft Cloud security graph that we built within Microsoft

169
00:13:45,560 --> 00:13:49,920
Defender for cloud will give the ability to the security admin to quickly identify the

170
00:13:49,920 --> 00:13:55,600
most critical resources and the most critical repository they have based on CVIDs based on

171
00:13:55,600 --> 00:13:56,600
misconfiguration.

172
00:13:56,600 --> 00:14:01,120
For example, as a security admin I can go to Microsoft Defender for cloud and ask the

173
00:14:01,120 --> 00:14:05,800
security graph to show me all the repositories that are exposed to the internet and have

174
00:14:05,800 --> 00:14:11,000
a specific CVID detected within that repository.

175
00:14:11,000 --> 00:14:18,680
So for example, when we talk about load for J, which was a storm that hit the entire industry

176
00:14:18,680 --> 00:14:24,640
a couple of years ago, couple of months ago, we can quickly identify all the repositories

177
00:14:24,640 --> 00:14:30,440
where load for J was imagined to model the load for JV2 that comes out of the nowhere.

178
00:14:30,440 --> 00:14:35,320
Then Microsoft Defender for cloud can help security admin and developers to quickly identify

179
00:14:35,320 --> 00:14:41,880
all the repositories that were a load for JV2 for example, were found within this node,

180
00:14:41,880 --> 00:14:43,360
within this entity.

181
00:14:43,360 --> 00:14:48,040
And so by doing this, we are helping the security admin to collaborate with the developer

182
00:14:48,040 --> 00:14:53,160
quickly identified the most critical misconfiguration and CVID that are affecting their

183
00:14:53,160 --> 00:14:56,640
businesses and fix it very, very quickly.

184
00:14:56,640 --> 00:15:00,320
And obviously, by combining all those defaults with existing capabilities within Microsoft

185
00:15:00,320 --> 00:15:07,360
Defender for cloud, such as the automated flow with logic up and workbooks, we also

186
00:15:07,360 --> 00:15:13,280
give the ability to security admins to automate all of these processes, making sure that

187
00:15:13,280 --> 00:15:17,320
the moment they have anything that is related to security and they want to automate it at

188
00:15:17,320 --> 00:15:22,400
scale, we already are using existing tools that are present in Microsoft Defender for cloud

189
00:15:22,400 --> 00:15:27,040
to not only help them to prioritize but also make sure that they can prioritize at scale

190
00:15:27,040 --> 00:15:28,040
with the developers.

191
00:15:28,040 --> 00:15:33,520
Wow, amazing, I mean, oh, that's friends.

192
00:15:33,520 --> 00:15:35,520
And I'll go ahead.

193
00:15:35,520 --> 00:15:36,520
Go ahead.

194
00:15:36,520 --> 00:15:42,000
Yeah, I mean, I think we are a lot of familiar with the PR registration, but I think

195
00:15:42,000 --> 00:15:48,480
we'll watch mentioned regarding log for G, I mean, having the possibility as it looks

196
00:15:48,480 --> 00:15:51,880
like partially on the fan of our endpoint with the vulnerability as such and how you can

197
00:15:51,880 --> 00:15:59,640
easily find all kind of vulnerabilities within your organization, look at the same visibility

198
00:15:59,640 --> 00:16:06,880
and controls, but now on your application and your code and finally.

199
00:16:06,880 --> 00:16:09,880
So these are really great future.

200
00:16:09,880 --> 00:16:17,960
I mean, I really, I see a lot of our customers using the PR rotation where they easily integrate

201
00:16:17,960 --> 00:16:24,280
and give feedback to the developers before any code being merged into the production.

202
00:16:24,280 --> 00:16:29,480
And yeah, unfortunately, we can't share it here now, but if you look it up, that data and

203
00:16:29,480 --> 00:16:35,560
how everything is worked out and explained in an understandable language and pointing out

204
00:16:35,560 --> 00:16:43,440
really which line the vulnerability or the secret, as you mentioned indeed, was found.

205
00:16:43,440 --> 00:16:49,080
So it makes it also really easy for the developers to be pointed like, okay, there in your

206
00:16:49,080 --> 00:16:52,080
code is the issue that you need to take a look at.

207
00:16:52,080 --> 00:16:57,880
I think that integration is really amazing because so to have this integration, you would

208
00:16:57,880 --> 00:17:03,600
imagine you need to do a lot to get this done, can you?

209
00:17:03,600 --> 00:17:05,520
Talk us through how this integration works.

210
00:17:05,520 --> 00:17:08,120
Where do we need to start?

211
00:17:08,120 --> 00:17:16,400
We want to integrate with, for example, one of our most popular DevOps users like GitHub or Azure DevOps.

212
00:17:16,400 --> 00:17:17,920
Where do you start?

213
00:17:17,920 --> 00:17:19,400
That's a good question.

214
00:17:19,400 --> 00:17:24,600
So I think that what we are actually trying to do at Microsoft EngineRNR, Microsoft Security,

215
00:17:24,600 --> 00:17:30,360
is to simplify the onboarding and simplify the experience as we, as I said earlier, we don't

216
00:17:30,360 --> 00:17:34,880
to expose the complexity of our technologies for our customers because we do not believe

217
00:17:34,880 --> 00:17:40,840
that customers have to understand how it was behind the thing of course they have, we

218
00:17:40,840 --> 00:17:42,600
can document everything.

219
00:17:42,600 --> 00:17:46,880
But when you talk about it from a user perspective, from a user experience perspective, we

220
00:17:46,880 --> 00:17:51,040
want the user to be able to quickly see, to have this what we call the five minutes

221
00:17:51,040 --> 00:17:52,040
while we're effect.

222
00:17:52,040 --> 00:17:57,360
So how we can give you the ability to quickly see the value, the security value that

223
00:17:57,360 --> 00:18:00,880
we give you out of Microsoft Defender for cloud.

224
00:18:00,880 --> 00:18:06,360
So very simply, very simple sorry, you are a security admin goes into Microsoft Defender

225
00:18:06,360 --> 00:18:12,400
for cloud on both his Azure DevOps environment into Microsoft Defender for cloud the same way,

226
00:18:12,400 --> 00:18:18,160
security admins will on both their AWS or GCP environments into Microsoft Defender for cloud

227
00:18:18,160 --> 00:18:23,680
and I have the same capabilities extended capabilities for GitHub and Azure DevOps.

228
00:18:23,680 --> 00:18:28,000
And the moment they onboard their Azure DevOps environment, we will actually start collecting

229
00:18:28,000 --> 00:18:33,120
insights that are coming from GitHub advance security GitHub advance security for Azure DevOps

230
00:18:33,120 --> 00:18:39,520
and developers that are actually using our extension which is MSDO for Microsoft security

231
00:18:39,520 --> 00:18:40,840
DevOps extension.

232
00:18:40,840 --> 00:18:47,400
They actually just have to inject our extension into the pipelines and we will automatically

233
00:18:47,400 --> 00:18:52,640
scan everything or actually collaborate with GitHub advance security to add also the

234
00:18:52,640 --> 00:18:57,920
IIT scanning capabilities and consume the results from GitHub advance security in order to push

235
00:18:57,920 --> 00:19:01,920
and to populate those results into Microsoft Defender for cloud.

236
00:19:01,920 --> 00:19:06,720
And as you and I mentioned, it's very simple, the security admins can go to the DevOps

237
00:19:06,720 --> 00:19:11,360
blade, the dedicated lady Microsoft Defender for cloud and they can configure PR annotation

238
00:19:11,360 --> 00:19:17,440
by just simply click on on and out of the box, we will do all the connections and all the

239
00:19:17,440 --> 00:19:22,240
logic behind the scene to inform the developers if something is found and to inform the

240
00:19:22,240 --> 00:19:28,160
security admins about all the different findings across the multiple SCNs that are using GitHub,

241
00:19:28,160 --> 00:19:32,960
multiple instances in GitHub, multiple organizations in Azure DevOps, we will aggregate all those

242
00:19:32,960 --> 00:19:36,000
findings to give the unified visibility to Microsoft Defender for cloud.

243
00:19:38,000 --> 00:19:46,080
Amazing, that sounds as a really fast onboarding and gives you a huge visibility within

244
00:19:46,080 --> 00:19:49,040
what's going on into the developer perspective.

245
00:19:49,040 --> 00:19:57,760
We trust a little bit on there about the process, you already told about how you can do prioritization

246
00:19:58,400 --> 00:20:00,240
based on the fellow abilities found.

247
00:20:02,000 --> 00:20:10,800
Can we also do when we do the PR annotations? Can we do some kind of

248
00:20:12,160 --> 00:20:16,880
also bring some of that precision back to the DevOps environment for example, or to the

249
00:20:16,880 --> 00:20:23,280
GitHub environment to make that feasible for them what has priority in that sense?

250
00:20:27,680 --> 00:20:32,160
So this is something we're actually walking on. Obviously, your governments have been asking

251
00:20:32,160 --> 00:20:39,440
how we can have this synchronization between the DevOps environment and the cloud or the

252
00:20:39,440 --> 00:20:46,720
security, the scene up and the DevSecOps world that were these different personas are

253
00:20:46,720 --> 00:20:52,640
already. So the way it was today, we actually have this visibility at the PR levels and obviously

254
00:20:52,640 --> 00:20:59,120
we walk continuously and closely with the GitHub advance security teams for GitHub and Azure DevOps.

255
00:20:59,120 --> 00:21:04,160
You see, one of the additional connections we can bring and the enrichment, we can bring

256
00:21:04,160 --> 00:21:09,680
for both sides to give extra visibility for developers and security admins.

257
00:21:13,520 --> 00:21:21,840
So when we talk about developers often we immediately go to a very complex and application.

258
00:21:22,560 --> 00:21:28,720
But what we see now a lot is if you look at a lot of customers, definitely in the net

259
00:21:28,720 --> 00:21:36,080
and there's a huge move towards Azure Cloud which brings a lot of infrastructure code solutions.

260
00:21:36,080 --> 00:21:45,520
It's sometimes it's R, sometimes it's PICE, or other languages. It's the vendor for cloud

261
00:21:45,520 --> 00:21:53,520
also helping us towards that and and and and and and KU also what kind of

262
00:21:53,520 --> 00:22:00,720
security, finance can we expect when it comes to infrastructure code for example,

263
00:22:00,720 --> 00:22:05,920
is there a difference towards when we are talking an application development for example?

264
00:22:05,920 --> 00:22:14,320
Yeah, this is a this is a real good question. So what we see right now and and what you say in

265
00:22:14,320 --> 00:22:19,520
the netizen I think you can actually use it as a good print and basically extend that almost every

266
00:22:19,520 --> 00:22:26,320
country in the world where we see also customers that are using more and more orchestration,

267
00:22:26,320 --> 00:22:32,960
mechanism such as infrastructure, a split template, we unified their resources and cloud native

268
00:22:32,960 --> 00:22:37,840
resources making sure that they have blueprints that they can use and templates they can use to

269
00:22:37,840 --> 00:22:43,440
provision the resources. What we are actually doing within Microsoft different for cloud is that we are

270
00:22:43,440 --> 00:22:49,760
providing tools, they are kind of template, I know that are actually scanning the ISD templates

271
00:22:49,760 --> 00:22:54,640
to find these configurations which are very similar to the misconceptions or with the security

272
00:22:54,640 --> 00:22:59,120
assessment we have right now in Microsoft different for them. So we're talking about TLS version,

273
00:22:59,120 --> 00:23:06,160
we're talking about using HTPS, we're talking about all the different security best practices

274
00:23:06,160 --> 00:23:12,080
that we have within Microsoft that we are extending. We are shifting left, I was security policies

275
00:23:12,080 --> 00:23:17,520
from our cloud environment into our code environment. Again we are actually we have I used to say

276
00:23:17,520 --> 00:23:22,800
that Microsoft if kind of a cloud is not only about it's not anymore only about state

277
00:23:22,800 --> 00:23:28,080
security but it's also about build security. How we can help the developers to build secure so it's

278
00:23:28,080 --> 00:23:33,680
easier for them and for the security team to stay secure and the most basic one and you mentioned

279
00:23:33,680 --> 00:23:39,680
that is the ability to make sure that your resources are securely defined so that's securely provision

280
00:23:39,680 --> 00:23:46,880
and they stay secure. So as I mentioned we talk about we have more than 200 checks that are

281
00:23:46,880 --> 00:23:52,240
documented and I highly encourage our customers to check in our documentation to what are the

282
00:23:52,240 --> 00:23:59,200
different controls we have in place for ISD templates and of course they can try it as I mentioned

283
00:23:59,200 --> 00:24:04,880
they just have to inject our extension into the pipelines and out of the box we will scan

284
00:24:04,880 --> 00:24:11,280
all the different ISD templates be called that provisioning basis is into their own. Wow amazing

285
00:24:12,000 --> 00:24:17,680
this is really the start to I think we have called it a lot but it's not happening but to

286
00:24:17,680 --> 00:24:22,320
say it's we are going to treat our infrastructure as an application now it's it's it's it's

287
00:24:22,320 --> 00:24:30,240
it's we are also going to assess the security before even our resources hit the production or

288
00:24:30,240 --> 00:24:37,280
into into the real world I think that is a huge huge added value definitely if you combine that

289
00:24:37,840 --> 00:24:44,400
well well well also the application that's going to run on top of it then we have the full chain

290
00:24:44,400 --> 00:24:52,240
from the the server or the past solution where it runs on towards the application I think this is

291
00:24:52,240 --> 00:25:00,240
this is a great great added value for customers definitely and are there any success stories for

292
00:25:00,240 --> 00:25:08,640
example that you can share with us on organizations that benefit from implementing the

293
00:25:08,640 --> 00:25:14,720
defender for cloud to give them this kind of control and visibility over their application but

294
00:25:14,720 --> 00:25:23,760
also about on their infrastructure site you put me on the spot right now this is a tricky question so

295
00:25:24,320 --> 00:25:30,160
obviously I won't be able to give any customers name but but I have a funny story where we

296
00:25:30,160 --> 00:25:36,480
were actually talking with the customers that were not using any DevOps security tool and they were like

297
00:25:36,480 --> 00:25:41,760
so worry I know how I can figure out my depositories I know there is no secret in my production I

298
00:25:41,760 --> 00:25:47,760
know my asset templates are being configured properly should be fine and one like okay look I was

299
00:25:47,760 --> 00:25:53,280
to return it's causing public preview it doesn't affect your performance run it let's talk in about

300
00:25:53,280 --> 00:25:58,800
a week let's see what's going on and let us know and literally to a three hours later we received an

301
00:25:58,800 --> 00:26:02,640
email and all I guess can have a quick chat I would love to show you something and end those 10 months

302
00:26:02,640 --> 00:26:08,320
going on and the customer actually opened Microsoft Defender for cloud and he was like I'm actually

303
00:26:08,320 --> 00:26:12,480
seeing the result of these configurations and seek out that I expose what's going on and I was like

304
00:26:12,480 --> 00:26:16,960
interesting do you think that you have repositories that are publicly exposed it's like there is no

305
00:26:16,960 --> 00:26:23,040
way we have a bunch of vendors and consultants that are actually assessing our environment constantly

306
00:26:23,040 --> 00:26:28,080
making sure that nothing is exposed to the code let's go to the security explorer and see if you

307
00:26:28,080 --> 00:26:33,040
have repository for it that are publicly exposed and then we found that they were like five or six

308
00:26:33,040 --> 00:26:37,280
repositories on and there is no way you have an issue in your in your backend let's go to our

309
00:26:37,280 --> 00:26:41,840
Azure DevOps check the name of the repository and let's see what the configuration is and the

310
00:26:41,840 --> 00:26:46,480
customers that are actually on the call were completely shocked I'm like it's going on that was

311
00:26:46,480 --> 00:26:50,000
not supposed to happen I was like okay let's see something different let's continue the

312
00:26:50,000 --> 00:26:55,120
crowd security explorer let's see if we have CVEs or let's see if we have secret exposed in those

313
00:26:55,120 --> 00:27:02,640
repositories and we found that that one repository had secret exposed has secret exposed in publicly

314
00:27:02,640 --> 00:27:07,280
exposed and the customer was completely shocked and they were like we would like to apologize

315
00:27:07,280 --> 00:27:11,360
we thought that we would not need our solution but now we're going to deploy it everywhere that

316
00:27:11,360 --> 00:27:17,760
was a small POC and within a week they moved from we don't we don't feel the need to use a

317
00:27:17,760 --> 00:27:24,080
DevOps security product too we want to deploy it everywhere and help us to have more and more capabilities

318
00:27:24,080 --> 00:27:30,800
so it shows that most of our customers don't know what they don't know they all think that security

319
00:27:30,800 --> 00:27:37,440
is something that is a kind of insurance or you just deploy it and you're ready to go and every time

320
00:27:37,440 --> 00:27:44,480
where we have I would say most of the time what we have customers that are willing to go into the

321
00:27:44,480 --> 00:27:50,640
findings spending time into understanding their environment get that visibility trying to search for

322
00:27:50,640 --> 00:27:57,440
publicly exposed repository to is now looking to find for critical repository secrets that

323
00:27:57,440 --> 00:28:03,200
were exposed critical TV is that was still in their code this is where they usually surprise and they're like

324
00:28:03,200 --> 00:28:08,880
oh thank you we can now go ahead and work with our development teams to identify or to

325
00:28:08,880 --> 00:28:15,360
remediate and create processes to make sure that these kind of issues do not happen in the future

326
00:28:15,360 --> 00:28:22,480
so this is the for me that was it's not a funny story unfortunately but I think that it shows

327
00:28:22,480 --> 00:28:29,440
how critical is DevSecOps today in a cloud native application or detection and

328
00:28:29,440 --> 00:28:35,920
development and how it is critical to implement DevSecOps processes across the software development

329
00:28:35,920 --> 00:28:44,160
lifecycle when we think about cloud native applications but how many companies you say

330
00:28:44,160 --> 00:28:52,720
already I think most of the companies are probably have a repository published publicly available

331
00:28:52,720 --> 00:29:00,320
that they don't know so if it's it possible to run it for a short trial time

332
00:29:01,760 --> 00:29:10,720
before getting into the full blown DevSecOps security within the fender for cloud

333
00:29:10,720 --> 00:29:17,600
absolutely so we have different layers into so different layers for this question so first of all

334
00:29:17,600 --> 00:29:21,920
my stuff the fender for cloud has a trial version where you can actually even enable the entire

335
00:29:21,920 --> 00:29:28,400
stack of Microsoft Defender for cloud and get it free for a couple of weeks so that's the that

336
00:29:28,400 --> 00:29:32,480
is the first ask the second one is the fact that the well DevOps security are following

337
00:29:32,480 --> 00:29:37,040
right now in Microsoft Defender for cloud is in public preview which means that customers can deploy it

338
00:29:37,040 --> 00:29:43,600
on their staging and non-production environment or even production environment that we actually

339
00:29:43,600 --> 00:29:51,440
Microsoft advice customers to use kelfooly for five public preview features and has no impact on

340
00:29:51,440 --> 00:29:59,680
on the performance we're using agentless capabilities and so yes what we actually advise

341
00:29:59,680 --> 00:30:05,200
our customers to do is to try to run a POC across different repositories so when customers

342
00:30:05,200 --> 00:30:09,840
onboard their environment into Microsoft Defender for cloud they have the ability to do an

343
00:30:09,840 --> 00:30:13,840
full onboarding or partial onboarding what they can select for example in Azure DevSecOps

344
00:30:13,840 --> 00:30:19,120
they can select specific projects and within those specific projects then can select specific

345
00:30:19,120 --> 00:30:24,480
repositories so if they have three production repositories or they're repository that are using

346
00:30:24,480 --> 00:30:30,000
for POC they can actually involve those repositories into Microsoft Defender for cloud and our

347
00:30:30,000 --> 00:30:34,400
offering will actually run only of those repositories and those entities that they're onboarding into

348
00:30:34,400 --> 00:30:40,080
them this and by doing this I will actually give them the ability to understand better the

349
00:30:40,080 --> 00:30:44,960
solution and then decide if they want to extend the visibility and the coverage of their

350
00:30:44,960 --> 00:30:50,640
DevOps security within Microsoft Defender for cloud so not nothing blocks to enable

351
00:30:50,640 --> 00:30:59,200
DevOps security in your environment and this for this particular story correct okay Puyon what's next

352
00:30:59,200 --> 00:31:05,840
yeah I mean I'm listening and I'm thinking amazing I mean you're the example you get David I think

353
00:31:06,480 --> 00:31:12,240
customers that contact you are surprised so they are more often the more senior and the fellow

354
00:31:12,240 --> 00:31:18,240
and bigger customers and I think listening also to the first question how easy it is

355
00:31:18,960 --> 00:31:24,560
and hearing you telling how easy it is to onboard that there are no blocking or technology

356
00:31:24,560 --> 00:31:32,080
thing or really hard changes needed how easy it would be for also smaller organizations to

357
00:31:32,080 --> 00:31:38,880
adopt this technology to get the visibility because I think they keep taking what you are saying

358
00:31:38,880 --> 00:31:46,320
this episode is visibility is a key if you know and you have seen what's going on within your

359
00:31:46,320 --> 00:31:53,040
environment then you are the captain on the ship and you can start stealing your ship towards the

360
00:31:53,040 --> 00:32:02,320
right direction so so I think that that's amazing to hear and other any recommendations when it

361
00:32:02,320 --> 00:32:10,960
comes from you or from Microsoft towards that's practices and for organizations that are getting

362
00:32:10,960 --> 00:32:17,520
started to improve their DevOps practices when it comes to DevSetOps where do they need to

363
00:32:17,520 --> 00:32:24,000
start I think one of the key as mentioned is visibility definitely can you share some recommendations

364
00:32:24,000 --> 00:32:30,080
and best practices where they can start in the journey towards the DevSetOps in your opinion

365
00:32:30,880 --> 00:32:36,560
yes absolutely I think that for me the most important one as you mentioned is obviously the visibility

366
00:32:36,560 --> 00:32:42,480
making sure that you know what you don't know right or what you you didn't know a couple

367
00:32:42,480 --> 00:32:48,000
days minutes ago so having that visibility across how many repositories to have within your

368
00:32:48,000 --> 00:32:53,200
organizations how many DevOps environments you have do you have virtual DevOps you have GitHub you

369
00:32:53,200 --> 00:32:58,640
have GitLab you have J folks you have Jenkins Beatbucket whatever try to do an inventory of

370
00:32:58,640 --> 00:33:03,760
all the different DevOps environments all the different DevOps tools that you have that the developers

371
00:33:03,760 --> 00:33:08,800
may be used as a shadow IT tool that you really need to get a visibility and understand what you have

372
00:33:08,800 --> 00:33:13,440
making inventory and then on board obviously all the different environments that are supported by

373
00:33:13,440 --> 00:33:17,120
Microsoft different of a cloud so GitHub and Azure DevOps and then when you'll bold them

374
00:33:18,000 --> 00:33:22,880
see exactly what are the different insights and outcomes from the different scanning and

375
00:33:22,880 --> 00:33:27,360
trying and from the different capabilities you're offering part of our DevOps security offering

376
00:33:28,560 --> 00:33:33,840
I will probably say that you may not want to have repository that are vulnerable or that have

377
00:33:33,840 --> 00:33:39,440
CV or ticket obviously exposed to the internet you don't have repositories that you control you

378
00:33:39,440 --> 00:33:44,640
control the access you want to make sure that your developers do not have a high-previle

379
00:33:44,640 --> 00:33:49,120
repository on entire organization so if it's an Azure DevOps you want to make sure that none of the

380
00:33:49,120 --> 00:33:56,880
developer has PCA access project collection admins when we're more is our poet on GitHub you don't want

381
00:33:56,880 --> 00:34:02,080
your developers to have OA organization admin because you want to make sure that you don't have

382
00:34:02,080 --> 00:34:10,880
super user or super admin that are actually doing some simple tasks so if there are identity is

383
00:34:10,880 --> 00:34:16,480
being bridged now nobody can actually use those identities to perform malicious activities

384
00:34:17,040 --> 00:34:22,880
at the organization that's the first one when we talk about also pipelines you want to make sure

385
00:34:22,880 --> 00:34:28,160
that your pipeline pipelines are well configured you want to make sure that you have people that

386
00:34:28,160 --> 00:34:33,440
can review the full request and review the pipelines before anything is coming from your code

387
00:34:33,440 --> 00:34:39,600
to your production environment so that can avoid a malicious user to inject malicious code directly

388
00:34:39,600 --> 00:34:44,400
into your organization without having any review or that can block this pipeline to make sure

389
00:34:44,400 --> 00:34:50,160
that he has to write question why we suddenly have someone at 2 a.m. from Brazil or from any other

390
00:34:50,160 --> 00:34:56,480
country that is not supposed to be the developer usually walks in Europe and then suddenly we see

391
00:34:56,480 --> 00:35:01,920
him at 2 a.m. in Brazil starting to push onto create pull-in voice so these are the kind of

392
00:35:01,920 --> 00:35:06,720
controls you want to have in place tools like Microsoft Sentinel can help you to do this you have

393
00:35:06,720 --> 00:35:11,200
connect those to get all the logs so these are the kind of best practices we also advise about

394
00:35:11,200 --> 00:35:16,160
customers to follow and obviously the last one is what are the permission that each of your pipe

395
00:35:16,160 --> 00:35:21,040
and actually has within your environment which is a little explicit for example with your SPN so

396
00:35:21,040 --> 00:35:27,360
in our job to want to make sure that your unit using classic Azure traffic SPN you want to make

397
00:35:27,360 --> 00:35:31,600
sure that you have the latest version you want to make sure that you're not giving too many

398
00:35:31,600 --> 00:35:36,720
permissions for pipeline if your pipeline has access for repository that is publicly available you

399
00:35:36,720 --> 00:35:43,120
don't want that repository to be able to for example push a specific code without having any

400
00:35:43,120 --> 00:35:48,240
reviewer using an SPN that has access both sensitively. These are the kind of complicated attacks that

401
00:35:48,240 --> 00:35:54,960
we see more and more within our customers and lastly I think that was important also you want to

402
00:35:54,960 --> 00:36:01,440
make sure that your developers also are aware of all those security tools because it's always

403
00:36:01,440 --> 00:36:05,680
a trade-off between how secure you want your your applications to be in health process and

404
00:36:05,680 --> 00:36:10,480
heavy processes you want to have in place versus how fast you want to deliver solutions to the

405
00:36:10,480 --> 00:36:15,600
market and I think that each organization must find the right balance between we want to have

406
00:36:15,600 --> 00:36:21,440
security we want to have fast application want to have a fast time to market so how we deal with it and

407
00:36:21,440 --> 00:36:28,320
I think the character here is really about your industry about the different compliance and governance

408
00:36:28,320 --> 00:36:33,520
may have in place but find the right way to make sure that you are well-configure and also

409
00:36:33,520 --> 00:36:38,800
adjining enough to give that freedom or to give the developers the ability to quickly develop and

410
00:36:38,800 --> 00:36:44,640
to also quickly push things into production to stay in a CACD environment and not move back to

411
00:36:44,640 --> 00:36:53,280
what are for what when all legacy mindset we're actually building application for month testing testing

412
00:36:53,280 --> 00:36:58,160
testing and the idea and take this whole block and moving it to products and after how was

413
00:36:58,160 --> 00:37:06,160
the days of time. So definitely helps within a development environment so if someone develops an

414
00:37:06,160 --> 00:37:14,400
application but on the other end what we see nowadays with pipelines and a releasing infrastructure

415
00:37:14,400 --> 00:37:22,640
as we're talking already about that that also helps within that kind of environment so it's not

416
00:37:22,640 --> 00:37:29,040
only development but also people that are realizing infrastructure as they that's also helping

417
00:37:30,320 --> 00:37:36,160
absolutely devs tech ops well what we talk about tech ops engineer today which is something that

418
00:37:36,160 --> 00:37:41,760
is new sre second engineer they also have a lot of gain by consuming those insights

419
00:37:41,760 --> 00:37:48,960
to help them understand how secure the pipelines are how secure the automation is how secure the

420
00:37:48,960 --> 00:37:55,520
CACD pipelines are so definitely something that is also taken into consideration is how we can

421
00:37:55,520 --> 00:38:00,080
infuse all of these different insights across the LDC we talk a lot about code to cloud and

422
00:38:00,080 --> 00:38:04,800
SELC because we really want to position Microsoft different of our cloud across the software

423
00:38:04,800 --> 00:38:09,520
development like cycle from the developer to the developer to the developer engineers to the

424
00:38:09,520 --> 00:38:15,040
IT admin going through the security and also to the application on the so they can all have the

425
00:38:15,040 --> 00:38:21,440
same visibility slice and dice based on what they have to know and what they have access.

426
00:38:21,440 --> 00:38:29,920
Yeah so thanks for sharing this this insights at this point I'm if we look at the future

427
00:38:29,920 --> 00:38:38,160
and I know we can't share many things about what's coming but if we look in general what can we

428
00:38:38,160 --> 00:38:44,560
say about the future about securing code securing clouds and that's all kind of stuff.

429
00:38:45,920 --> 00:38:52,240
Yeah so as you mentioned securing code securing cloud I think the first one is also to think

430
00:38:52,240 --> 00:38:57,520
about securing code in cloud together and this is the future that Microsoft depends on cloud aims to solve

431
00:38:57,520 --> 00:39:02,960
how we are really doing a real connection collaboration between those different tools how we are

432
00:39:02,960 --> 00:39:08,880
removing the friction that we have between developers and security admins and application owners.

433
00:39:08,880 --> 00:39:13,600
So I think that what we are actually aiming to do is to provide more and more capabilities

434
00:39:13,600 --> 00:39:18,640
code to cloud capabilities for all customers how we help them to better understand that they must

435
00:39:18,640 --> 00:39:22,560
collaborate if they want to build secure application if they want to stay secure.

436
00:39:22,560 --> 00:39:28,720
We talk a lot about how we can infuse AI into our entire Microsoft ecosystem and obviously this is

437
00:39:28,720 --> 00:39:34,960
something that we are looking into. We talk a lot about how we help the developer to be better

438
00:39:34,960 --> 00:39:39,840
informed we talk about piano patients how we can help the developer to better understand the

439
00:39:39,840 --> 00:39:46,240
why why I have to fix it why this is important to my organization how we can also as I mentioned

440
00:39:46,240 --> 00:39:50,720
reduce the friction and also increase the sharing knowledge between all of those different worlds.

441
00:39:50,720 --> 00:39:56,240
The developer knows exactly why he implemented this line of code the security admins knows exactly

442
00:39:56,240 --> 00:40:01,440
why he implemented this particular policy and the application owner knows exactly why he

443
00:40:01,440 --> 00:40:05,680
meets this application to be up and running and how we can share that knowledge across the

444
00:40:05,680 --> 00:40:11,280
different worlds is for me a critical piece that will help us to work reducing the friction between

445
00:40:11,280 --> 00:40:16,560
all those worlds. So if I had to summarize I would say better sharing real code to cloud collaboration

446
00:40:16,560 --> 00:40:22,720
and the developer's life second and how we can infuse AI into this entire ecosystem.

447
00:40:22,720 --> 00:40:29,920
I think the enhancements and the improvements that will be go fast probably in the next year.

448
00:40:30,640 --> 00:40:39,360
So probably we can make an appointment already to have you sometimes back in a few months or

449
00:40:39,360 --> 00:40:45,200
an hour a year to see if there is any update that we can share within this

450
00:40:45,200 --> 00:40:55,280
review recording within this podcast for our audience. Let's do that then. I'm Puyon. Do you

451
00:40:55,280 --> 00:41:04,400
have any other things to mention or to ask? Well I think David again thank you for joining us.

452
00:41:04,400 --> 00:41:10,480
I think it's one of the most important topics at the moment which you will be discussed today

453
00:41:10,480 --> 00:41:16,880
when it comes to the whole cloud and going towards the cloud and it touched on things like

454
00:41:16,880 --> 00:41:23,840
speed is important for going to cloud and also for the developers and having the flexibility

455
00:41:23,840 --> 00:41:31,440
and I really believe in that cloud is freedom and speed but as organization being controlled and I think

456
00:41:32,160 --> 00:41:39,520
how the benefit of cloud helps you to start your security at the beginning of the journey

457
00:41:39,520 --> 00:41:48,400
towards that it's amazing but also what we as you mentioned there is a lot to do when it comes to

458
00:41:48,400 --> 00:41:54,640
the embracing and implementing the deaf cycles it's not all technology and it's not all.

459
00:41:56,240 --> 00:42:01,120
So yeah I think organizations I hope they enjoy this session and I

460
00:42:01,120 --> 00:42:10,720
see that the added value that Microsoft and your team is definitely providing to create this

461
00:42:10,720 --> 00:42:17,760
facility which is so important in this time. So yeah I'm really amazed at this with one of my

462
00:42:17,760 --> 00:42:23,280
most favorite topics. Thank you for joining us. I don't know if you are closing

463
00:42:23,280 --> 00:42:29,280
deep feedback something for our listeners to close this episode. Yeah so early so

464
00:42:29,280 --> 00:42:33,200
pretty well thank you all for listening thank you gentlemen for inviting me it's always a pleasure.

465
00:42:33,200 --> 00:42:38,720
I hope we'll be able to see each other more and more in the future without about the MVP summit

466
00:42:38,720 --> 00:42:43,360
we have so many events of Microsoft where we invite our customers and partners to come and talk

467
00:42:43,360 --> 00:42:48,880
to us we have the MVP summit ignite fields where plenty of events where we are always happy to see

468
00:42:48,880 --> 00:42:53,600
all of you so if you're free to join us virtually all physically if you have the ability to join us

469
00:42:53,600 --> 00:42:59,760
I think that what is important maybe if you have something to keep in mind for for the audience

470
00:42:59,760 --> 00:43:06,880
is as I mentioned earlier my advice is to get a visibility into your own moments make sure

471
00:43:06,880 --> 00:43:12,080
that you know what you don't know or make sure that you don't have any shadow IT that could lead

472
00:43:12,080 --> 00:43:18,400
to potential bridges so get that inventory start using Microsoft to kind of for cloud as I mentioned

473
00:43:18,400 --> 00:43:23,520
we have a free trial we have the communications about almost everything that you want to know

474
00:43:23,520 --> 00:43:28,560
about Microsoft Defender for cloud there are so many podcasts and so many information that we are sharing

475
00:43:28,560 --> 00:43:37,040
across different media we have plenty of different channels where you can follow Microsoft

476
00:43:37,040 --> 00:43:42,160
security on Microsoft Defender for cloud and it was continue to hear what we and friends are doing

477
00:43:42,160 --> 00:43:46,800
around Microsoft ecosystem thank you for obviously for doing this this is important also for our

478
00:43:46,800 --> 00:43:51,840
community to better understand how they can use and leverage our product so glad that we have

479
00:43:51,840 --> 00:43:57,680
people like you that are investing time to share your knowledge and invite us it's an honor to

480
00:43:57,680 --> 00:44:03,760
be invited and share our knowledge with our community so obviously and again in general and thank

481
00:44:03,760 --> 00:44:09,120
you again for this invitation and help you for the audience can use and leverage some of the

482
00:44:09,120 --> 00:44:14,720
kind of a cloud to improve your crowd native application security posture. It's like why so we

483
00:44:14,720 --> 00:44:22,880
having fun doing this and helping the community getting the information closer to them so thanks

484
00:44:22,880 --> 00:44:31,920
for listening or viewing this recording if you want to if you have feedback for us please let us know

485
00:44:31,920 --> 00:44:38,000
you can find us on talking security dot-and-out or our LinkedIn page please please search for it

486
00:44:38,000 --> 00:44:44,000
and we will be notified and we will get that feedback and probably we can use that in the next

487
00:44:44,000 --> 00:44:51,120
recordings and if you find it valuable hit the notification button and subscribe on YouTube or on

488
00:44:51,120 --> 00:44:57,600
your favorite podcast platform and I say thank you for now put on an eye are looking really looking

489
00:44:57,600 --> 00:45:04,960
forward to the next recording about securing APIs with Defender for cloud so probably we will see

490
00:45:04,960 --> 00:45:18,240
each other then so thank you bye bye