1
00:00:00,000 --> 00:00:08,400
Welcome to the Talking Security podcast.

2
00:00:08,400 --> 00:00:13,320
We will talk about items related to Microsoft Security.

3
00:00:20,680 --> 00:00:26,800
Hi, welcome again to a new episode of the Talking Security podcast.

4
00:00:26,800 --> 00:00:30,960
This is the first episode in a brand new series.

5
00:00:30,960 --> 00:00:33,760
My previous series on Defender for Endpoints ended.

6
00:00:33,760 --> 00:00:40,000
To wrap that series up, I'll try to do another recording with Microsoft MVP Jeffrey Appel.

7
00:00:40,000 --> 00:00:43,600
He's from the Netherlands. He has written a lot on that topic.

8
00:00:43,600 --> 00:00:49,120
But if you have questions, don't hesitate or other remarks.

9
00:00:49,120 --> 00:00:51,440
Don't hesitate to contact me.

10
00:00:52,480 --> 00:00:56,400
Let's see if we can cover that in that recording, but that will follow.

11
00:00:56,400 --> 00:01:04,400
Afterwards, but now a new series taking a deep dive into Microsoft Defender for Cloud.

12
00:01:06,000 --> 00:01:11,840
Defender for Cloud is not a standalone solution, as probably most of the people know,

13
00:01:11,840 --> 00:01:19,120
but it's much more different guests, people from Microsoft, but also people from the field.

14
00:01:19,120 --> 00:01:21,040
We will take you into that area.

15
00:01:21,040 --> 00:01:28,960
Solutions such as Defender for Service, Defender for Containers, Defender for DevOps, etc.

16
00:01:28,960 --> 00:01:30,400
will be covered in this series.

17
00:01:31,120 --> 00:01:39,360
First, I want to introduce some new co-hosts that is on this series, Pujan.

18
00:01:39,360 --> 00:01:42,160
Pujan, maybe you can have a little introduction of yourself.

19
00:01:43,280 --> 00:01:44,320
Yeah, thank you, friends.

20
00:01:44,880 --> 00:01:46,480
Yes, my name is Pujan Kobazzi.

21
00:01:46,480 --> 00:01:52,720
I'm the co-host on this series of Defender for Cloud. Well, on this series,

22
00:01:53,440 --> 00:02:00,400
we would love to introduce the whole idea behind Cloud and Cloud Security MoogsLagroom Cloud.

23
00:02:01,600 --> 00:02:06,960
Our background on automation, DevOps, Security and Cloud.

24
00:02:06,960 --> 00:02:10,800
So it's a mix of different backgrounds.

25
00:02:10,800 --> 00:02:15,360
I'm also the co-founder and director at 8F Security.

26
00:02:16,560 --> 00:02:17,280
Nice, thank you.

27
00:02:18,480 --> 00:02:23,920
Together, we have a very special guest for the introduction of Defender for Cloud.

28
00:02:23,920 --> 00:02:27,680
I'm happy to have you in the show, Rod.

29
00:02:27,680 --> 00:02:30,640
Maybe you can have a little introduction of yourself.

30
00:02:32,240 --> 00:02:33,360
Let's see.

31
00:02:35,280 --> 00:02:36,640
I'm Rod Trent.

32
00:02:36,640 --> 00:02:41,680
I am a Cloud security advocate at Microsoft.

33
00:02:41,680 --> 00:02:42,880
So kind of a weird title.

34
00:02:42,880 --> 00:02:49,440
It's literally just a program manager, but in advocacy, if I could say that, effectively.

35
00:02:51,120 --> 00:02:54,800
One of the things that I do at Microsoft, obviously, is what we're doing here.

36
00:02:54,800 --> 00:02:57,520
And that's talking about Cloud security.

37
00:02:57,520 --> 00:03:02,560
I don't know how to deal with this just a little bit.

38
00:03:02,560 --> 00:03:05,280
Since I'm the first guest, I guess I kind of have to set the bar.

39
00:03:05,280 --> 00:03:08,320
I'll set it really, really low for everybody else.

40
00:03:08,320 --> 00:03:10,400
So thank you for having me.

41
00:03:10,400 --> 00:03:11,920
We'll see how I can accomplish it.

42
00:03:11,920 --> 00:03:15,840
Yeah, and I talked to some guys here in the Netherlands.

43
00:03:15,840 --> 00:03:18,880
And you're a long time Microsofty.

44
00:03:20,960 --> 00:03:22,960
Well, I'll tell you the truth.

45
00:03:24,320 --> 00:03:24,800
I'm not.

46
00:03:25,680 --> 00:03:29,360
I have been actually, what is today, the 11th?

47
00:03:29,360 --> 00:03:30,800
Okay, so four days.

48
00:03:30,800 --> 00:03:35,440
Four days from now, I will celebrate my fourth birthday at Microsoft.

49
00:03:35,440 --> 00:03:37,200
So I've been at Microsoft for four years.

50
00:03:37,920 --> 00:03:42,960
Prior to Microsoft, I worked alongside Microsoft in a number of ways.

51
00:03:43,680 --> 00:03:49,280
Some folks might, if you're old enough, you might remember a event called the Microsoft

52
00:03:49,280 --> 00:03:55,200
Management Summit, which was obviously about System Center and Microsoft Management,

53
00:03:55,200 --> 00:04:00,960
endpoints and things like that, which eventually got merged into Microsoft Ignite,

54
00:04:00,960 --> 00:04:04,000
along with TechEd and some other events.

55
00:04:04,000 --> 00:04:11,200
But like I said, I've worked alongside Microsoft for most of my career with Microsoft

56
00:04:11,200 --> 00:04:13,120
as a Microsoft employee for the past four years.

57
00:04:13,120 --> 00:04:18,800
But I kicked myself every single day thinking about all the opportunities I had to join

58
00:04:18,800 --> 00:04:19,360
Microsoft.

59
00:04:19,360 --> 00:04:23,760
All I had to do was move to Seattle at some point, and I turned it down all those years.

60
00:04:23,760 --> 00:04:27,280
I guess, kind of really had to wait for just the right time, but still,

61
00:04:28,000 --> 00:04:29,760
I wish I had done it a long time ago.

62
00:04:30,960 --> 00:04:35,440
Yeah, well, it's great to have you, but also in the community, you were active,

63
00:04:35,440 --> 00:04:36,400
and you're still active.

64
00:04:37,600 --> 00:04:44,080
So also, participating in this recording, but also, we talked a little bit about your own

65
00:04:44,880 --> 00:04:49,040
recording that you do, your own webcast, Microsoft Security Insights.

66
00:04:49,040 --> 00:04:56,400
Yeah, so every Wednesday evening, Eastern time, 5 p.m., sometimes 4 p.m., sometimes 5,

67
00:04:56,400 --> 00:04:57,680
depends on our guests.

68
00:04:59,040 --> 00:05:04,000
The Microsoft Security Insights show goes for about an hour, hour and a half sometimes,

69
00:05:04,000 --> 00:05:06,080
just depending on how deep we get into discussions.

70
00:05:06,080 --> 00:05:11,040
We have guests every week talking about the Microsoft Security Stack,

71
00:05:11,600 --> 00:05:16,480
all the way from Defender stuff to the new Threat Intelligence stuff to Sentinel,

72
00:05:16,480 --> 00:05:19,840
obviously, Microsoft Defender for Cloud.

73
00:05:20,880 --> 00:05:25,840
But we've been running this series for almost three years.

74
00:05:25,840 --> 00:05:28,960
So we're up to 150 some episodes.

75
00:05:28,960 --> 00:05:32,480
Last month, we had, oh my goodness, it was amazing.

76
00:05:32,480 --> 00:05:35,520
We had a Women in Cybersecurity Month last month.

77
00:05:35,520 --> 00:05:38,240
I don't know if anybody recognized that or not.

78
00:05:38,240 --> 00:05:44,080
We had some big names on there, Ann Johnson, Vasuja Kahl, Maria Thompson,

79
00:05:44,080 --> 00:05:48,720
some folks, other folks from government, Microsoft government and things like that,

80
00:05:48,720 --> 00:05:51,840
just to talk about Women in Cybersecurity Diversity Insights.

81
00:05:51,840 --> 00:05:53,040
That was a super month.

82
00:05:53,040 --> 00:05:58,000
This month, we are in the lead up to RSA, the RSA conference,

83
00:05:58,000 --> 00:06:00,000
which happens in San Francisco at the end of the month.

84
00:06:00,560 --> 00:06:06,160
We are having what's called MISA Month, the Microsoft Intelligent Security Association,

85
00:06:06,160 --> 00:06:08,960
which is the partner association for Microsoft Security.

86
00:06:08,960 --> 00:06:12,960
We are having episodes this month, all month this month.

87
00:06:12,960 --> 00:06:14,960
Yeah, MISA, it's MISA Month.

88
00:06:14,960 --> 00:06:16,960
We have a lot of co-workers to talk to.

89
00:06:16,960 --> 00:06:22,960
So you have to search for the security insights webcast and let's have a look on that.

90
00:06:22,960 --> 00:06:30,240
But chat, GPT and OpenAI, very interesting topic, security co-pilot.

91
00:06:30,240 --> 00:06:36,960
Maybe we can have a discussion on that later.

92
00:06:36,960 --> 00:06:42,960
I can give you one short sentence on everything.

93
00:06:42,960 --> 00:06:44,960
Okay, two sentences.

94
00:06:44,960 --> 00:06:48,960
Number one, best practice, don't use the public chat GPT.

95
00:06:48,960 --> 00:06:54,960
Microsoft has their own implementation, cognitive services, Azure OpenAI,

96
00:06:54,960 --> 00:06:58,960
which has access to chat GPT at 3.5 Turbo and also 4.0,

97
00:06:58,960 --> 00:07:04,960
which enables customers and enterprises to actually use the guardrails of Azure.

98
00:07:04,960 --> 00:07:08,960
If you're using the public version, it's kind of like the Wild West.

99
00:07:08,960 --> 00:07:12,960
You don't know where's that API stream going, et cetera, et cetera.

100
00:07:12,960 --> 00:07:18,960
But if you use the Microsoft version, again, you're going to have that Microsoft security implemented it

101
00:07:18,960 --> 00:07:20,960
and part of it and you can take advantage of that.

102
00:07:20,960 --> 00:07:22,960
That's super awesome.

103
00:07:22,960 --> 00:07:24,960
You mentioned security co-pilot.

104
00:07:24,960 --> 00:07:28,960
I'm going to be very quick and terse on that one.

105
00:07:28,960 --> 00:07:30,960
It's going to be great.

106
00:07:30,960 --> 00:07:32,960
Yeah, that's all I'll say on that.

107
00:07:32,960 --> 00:07:36,960
And everybody's waiting to just get their fingers on it, right?

108
00:07:36,960 --> 00:07:42,960
I had a question today in just minutes before this our time together today.

109
00:07:42,960 --> 00:07:46,960
Someone asked me, said, hey, can I get access to co-pilot?

110
00:07:46,960 --> 00:07:47,960
Yeah.

111
00:07:47,960 --> 00:07:48,960
That was it.

112
00:07:48,960 --> 00:07:50,960
And I said, what do you mean?

113
00:07:50,960 --> 00:07:55,960
Being co-pilot, office co-pilot, security co-pilot, what else do we have now?

114
00:07:55,960 --> 00:07:56,960
Oh, the office co-pilot.

115
00:07:56,960 --> 00:07:57,960
I already said office co-pilot.

116
00:07:57,960 --> 00:07:58,960
There's one other one.

117
00:07:58,960 --> 00:08:00,960
GitHub co-pilot.

118
00:08:00,960 --> 00:08:15,960
And because it, unfortunately, I think in this instance, we've not been very clear and communicative about our Azure AI services and how co-pilot fits into that.

119
00:08:15,960 --> 00:08:17,960
It's going to be super awesome.

120
00:08:17,960 --> 00:08:20,960
It's just not ready yet, right?

121
00:08:20,960 --> 00:08:21,960
It's still going.

122
00:08:21,960 --> 00:08:22,960
It's still in preview.

123
00:08:22,960 --> 00:08:24,960
It's not ready for public consumption.

124
00:08:24,960 --> 00:08:29,960
I mean, I'm sure it is ready for public consumption, but we're not going to do it until it's time.

125
00:08:29,960 --> 00:08:35,960
So let's dive in some cloud background, Pujan.

126
00:08:35,960 --> 00:08:41,960
Let's see if we can get some questions for all of our defender for cloud.

127
00:08:41,960 --> 00:08:46,960
Yeah, we already kicked off with a lot of cloud stuff.

128
00:08:46,960 --> 00:08:48,960
We immediately went to the AI part.

129
00:08:48,960 --> 00:08:50,960
Everybody does these things.

130
00:08:50,960 --> 00:08:51,960
Everybody.

131
00:08:51,960 --> 00:08:54,960
That's the first question out of everyone's mouth.

132
00:08:54,960 --> 00:09:16,960
But I think in general, it's good to put out, and I'm also curious about how you see that, Rod, is what is cloud and how is that changing the whole IT infrastructure before we dive in to see how we can protect it or detect what's happening there?

133
00:09:16,960 --> 00:09:18,960
Yeah.

134
00:09:18,960 --> 00:09:31,960
Well, I think it kind of, I think it'll help, at least for those listening, maybe those that aren't kind of cloud savvy at the moment to kind of understand what the history of this cloud thing is.

135
00:09:31,960 --> 00:09:35,960
I had to actually go back and look at myself at when this was.

136
00:09:35,960 --> 00:09:41,960
I mentioned the Microsoft Management Summit earlier that I've been, I was part of for years.

137
00:09:41,960 --> 00:09:50,960
It was, I had to go look this up. It was 2009 when Microsoft came out at the Microsoft Management Summit of all places and said, at Microsoft, we're all in.

138
00:09:50,960 --> 00:09:59,960
And we're all in this cloud thing. Everybody just kind of looked at them and scratched their heads and like, we don't know what this cloud thing is. Could you please explain it to us?

139
00:09:59,960 --> 00:10:14,960
And I think even in that respect over, and that was 2009, right? So we're 10 years plus. The cloud is kind of a significant investment. It's a significant value for our customers, but there's still customers that don't quite understand.

140
00:10:14,960 --> 00:10:27,960
And the reason why I say that, I was having a discussion earlier today, listening to someone say that some customers are actually have gone to the cloud and some are actually moving back from the cloud, right?

141
00:10:27,960 --> 00:10:31,960
And moving back on premises.

142
00:10:31,960 --> 00:10:39,960
I think in some respects, customers get a misapprehension about what the cloud is.

143
00:10:39,960 --> 00:10:55,960
The cloud is a way to migrate and utilize sources in the cloud where you, you know, it's better security, better availability, kind of centralized for all the users to be able to access and things like that.

144
00:10:55,960 --> 00:11:07,960
And what a lot of customers have done is they've taken their on premise, on premises mentality, and they've literally just taken it and stuck it in the cloud and expected to work exactly the same as it did on premises.

145
00:11:07,960 --> 00:11:19,960
And by doing so, they've missed some things, right? It's not a great experience because they've missed some things in that migration, some gaps, some knowledge, there's knowledge gaps, there's skill gaps and all kinds of things.

146
00:11:19,960 --> 00:11:24,960
So again, it's not been a great experience. So they're trying to pull back just a little bit.

147
00:11:24,960 --> 00:11:36,960
So the cloud actually gives us actually a better way of doing things. One of the best examples I can use just to have, you know, people listening kind of think about it.

148
00:11:36,960 --> 00:11:40,960
GPO, group policy, right?

149
00:11:40,960 --> 00:11:55,960
If you've used group policy, which initially was super amazing, gives you the ability to create policies around, you know, guidance for your organization, how it should operate, how you can manage devices, users, etc, etc, etc.

150
00:11:55,960 --> 00:12:06,960
But over time, over those 20 plus years that you've used GPO on premises, you have GPOs that negate other GPOs because you forgot that they were there, right?

151
00:12:06,960 --> 00:12:11,960
So you've been, we've become technology hoarders at some point.

152
00:12:11,960 --> 00:12:15,960
Oh, that GPO, I loved it. It worked great. I'm not getting rid of that one.

153
00:12:15,960 --> 00:12:24,960
So over time, but moving to the cloud, instead of just taking all those GPOs and all those same policies and sticking them in the cloud, which kind of really creates a mess,

154
00:12:24,960 --> 00:12:43,960
what a lot of organizations should do is look at this migration, migrating workloads to the cloud as the ability and their chance to start fresh, start new, kind of start over, get rid of that hoarding kind of idea and concept that they're holding on to and do it better in the cloud,

155
00:12:43,960 --> 00:12:51,960
because obviously with the cloud and how the cloud works, we can do things better. We can monitor things better. We can secure things better.

156
00:12:51,960 --> 00:12:56,960
So it's kind of a mentality change that customers kind of have to go through.

157
00:12:56,960 --> 00:13:06,960
Yeah, I think it's amazing, Rob, because what you mentioned before was like regarding the GVT, be careful what you do with your data. You don't know what happens with it.

158
00:13:06,960 --> 00:13:18,960
And I have always personally the feeling that once we are on the data center side and we talk on zero trust, everybody goes to the networking and it is, okay, we have it done.

159
00:13:18,960 --> 00:13:36,960
But once it goes to the cloud, things change. And in my opinion, even how we use ChetGBT is part of that. It's also cloud solution in that sense, and we should treat it as a cloud.

160
00:13:36,960 --> 00:13:37,960
Yeah.

161
00:13:37,960 --> 00:13:55,960
Yeah, and security really kind of changes the way that things have kind of worked on premises. Somebody needs access to something. They complain enough, they're going to get access to it, probably too much access to it, right?

162
00:13:55,960 --> 00:14:11,960
And so again, we find organizations are taking that same mentality and stick it in the cloud. The cloud can be a little bit, you think that security on premises can be tough and allowing people into that environment.

163
00:14:11,960 --> 00:14:21,960
In the cloud, this is a public entity. You have to put better security measures in place. Otherwise, the public's going to have access to your stuff, right?

164
00:14:21,960 --> 00:14:28,960
And people with too much access, how do you know? How do you know you're giving them too much access? You just have to be extremely careful with it.

165
00:14:28,960 --> 00:14:45,960
Interesting. Exactly. Everything has a public IP in this storage account or a VM by default. It's all, of course, in that sense. And then, of course, we have also the fact that multi-cloud, the different cloud vendors also plays a role.

166
00:14:45,960 --> 00:14:55,960
Do you also see that with the customers that they are struggling with one maybe and that they are already in the second and the third cloud?

167
00:14:55,960 --> 00:15:06,960
A lot of those customers, yeah. And it really kind of boils down to how long the customer has been, has had cloud implemented in the organization.

168
00:15:06,960 --> 00:15:14,960
The early days, right, even before cloud was a term, Amazon was around. Amazon Web Services, right? It wasn't even cloud. It's Amazon Web Services.

169
00:15:14,960 --> 00:15:23,960
So a lot of organizations and a lot of companies, software vendors, created their solutions to work in one specific cloud or another.

170
00:15:23,960 --> 00:15:41,960
So a lot of the organizations that I know and that I've worked with, whether it's edu.gov or commercial or whatever, they'll use multi-clouds because that application that is a requirement for their operation works in only one or the other, right?

171
00:15:41,960 --> 00:15:51,960
I find a lot of customers have found, at least though, that from an identity perspective, Azure Active Directory is the identity that they want.

172
00:15:51,960 --> 00:16:00,960
And that's where they kind of invest their time because, you know, Azure Active Directory accounts are Office 365 accounts and most every organization uses Office 365.

173
00:16:00,960 --> 00:16:12,960
But they'll still use that identity to access things in AWS and GCP. And I think even IBM still has a cloud. I don't know what it's called, but I think everybody has a cloud these days.

174
00:16:12,960 --> 00:16:16,960
I believe you have Alibaba even these days has a cloud.

175
00:16:16,960 --> 00:16:22,960
Yeah, yeah, IBM Oracle still has a cloud.

176
00:16:22,960 --> 00:16:30,960
Yeah, but cloud is just another one's computer and that's connected to the internet that you can use.

177
00:16:30,960 --> 00:16:43,960
Well, basically, kind of it is. But cloud is kind of its own, its own model. It's how those services and things, how they function, it's a little bit different.

178
00:16:43,960 --> 00:17:03,960
If I tried to run cloud services, if I tried to run a KQL query, Kustel query on my system, the way that I run it in Azure, it's going to barf at me because KQL requires, you know, the clustering services and things to be able to return data and very, very quickly,

179
00:17:03,960 --> 00:17:06,960
because we're monitoring for security purposes.

180
00:17:06,960 --> 00:17:14,960
So it needs the cloud. So cloud actually provides that additional value other than just somebody else's computer.

181
00:17:14,960 --> 00:17:26,960
But what about, you're mentioning on-prem, where we're coming from, people are moving into the cloud with the mindset of the on-prem skill.

182
00:17:26,960 --> 00:17:39,960
What about extending your on-prem environment within clouds? Probably with another mindset, hopefully. But if we do that, what challenges do we face?

183
00:17:39,960 --> 00:17:51,960
Well, you face similar challenges, right? Still from a security perspective, you're adding one additional thing that you have to monitor, right, other than on-prem and cloud.

184
00:17:51,960 --> 00:18:02,960
And I would hesitate to probably say, but I think there are a lot of organizations. I don't, I'm positive there are organizations that are 100% cloud.

185
00:18:02,960 --> 00:18:14,960
But I'm also positive that that's not everybody, right? It's not a huge percentage of all cloud. There are people that still do things on-premises, and that's just the way it's going to be, right?

186
00:18:14,960 --> 00:18:25,960
So again, they really kind of have to take the approach where you migrate things where it's necessary and only migrate things where it's necessary.

187
00:18:25,960 --> 00:18:34,960
You have a virtual machine that you've been running on-premises. You don't want to have the expenditure for a new server with more storage and all this stuff.

188
00:18:34,960 --> 00:18:40,960
Hey, let's just spin up a VM and let's do it this way. That makes sense, right? So you kind of have this hybrid model where you're using the cloud.

189
00:18:40,960 --> 00:18:47,960
Eventually, my guess is they'll have this last VM running on-prem. They're like, let's just move it to the cloud, right?

190
00:18:47,960 --> 00:19:02,960
But still, do it where it makes sense. There's some time, some, you know, it's unnecessary to do. I know a lot of people sometimes, even Microsoft folks, will go into an account and say, got to move to the cloud.

191
00:19:02,960 --> 00:19:11,960
You got to do, you know, but there's a lot more difficulty to it than just putting your thumb down and saying, yep, we're doing it today. There's a lot more to it.

192
00:19:11,960 --> 00:19:29,960
Yeah, basically, if you're using a SaaS service or a service that can be used from the cloud, it's probably better to use it from a cloud service provider instead of having a VM running it locally instead of running it on Azure or Google or Amazon or whatever.

193
00:19:29,960 --> 00:19:44,960
Yeah, yeah. Yeah, and I would hesitate to, I mean, you think about the cloud as production workloads. If you want to spend something up, you know, in a test environment or something like this, there's a lot of companies use a cloud for that.

194
00:19:44,960 --> 00:19:54,960
But, you know, if I'm thinking about it, I want to put something in place that's not going to impact too much. I have an old server sitting there. I'm going to spend up a VM and test something probably.

195
00:19:54,960 --> 00:20:00,960
It's not taking me extra time because I have to make sure that server works and all that good kind of stuff. But, you know,

196
00:20:00,960 --> 00:20:23,960
Yeah, mostly from a security perspective, if I want to use a Kali Linux machine, a machine, for example, in Azure, it could be problematic sometimes if you are doing stuff that is not the purpose from an Azure because there is everything in place

197
00:20:23,960 --> 00:20:38,960
to defend on that platform to have people on that with that sort of stuff that they can attack, yeah, customers or whatever.

198
00:20:38,960 --> 00:20:50,960
Yeah, yeah. Well, there's also, you know, if you use cloud services, Azure and things, there's a way to kind of separate that stuff and segregate, right, your test environment versus your production environment stuff.

199
00:20:50,960 --> 00:21:07,960
Okay. And I think to add to that, I think it starts the challenges regarding definitely security starts if you are having that Azure and South solutions and then you have on the data center, you have your own environment.

200
00:21:07,960 --> 00:21:24,960
But the moment that you need to go over the private endpoints and private networking, then often what I see personally then the security challenges start because then you are opening a South solution or a past solution immediately to networking.

201
00:21:24,960 --> 00:21:44,960
Yeah, where, yeah, and then the challenges keep coming like definitely from an Azure site because you trust that stores account to be accessible but once there's a VM with a public IP also a role in that it suddenly your network is into the bounded without you knowing anything about it.

202
00:21:44,960 --> 00:21:54,960
Yeah. Well, and I think this really, and that's, I think that was a really good segue to talk about what our actual topic is today, which is defender for cloud.

203
00:21:54,960 --> 00:21:56,960
Yeah.

204
00:21:56,960 --> 00:22:17,960
No, that's, that's perfect because when customers whether they're just kind of sticking their toe in the water and testing cloud or they're migrating workload after workload. The thing that I always suggest as best practice is turn on defender for cloud for every workload that you stick into the cloud because this like I mentioned earlier this

205
00:22:17,960 --> 00:22:28,960
migrating workers to cloud is this chance for that company that organization to kind of figure out the cloud, figure out how to do security, a modern security properly.

206
00:22:28,960 --> 00:22:42,960
And one of the only ways to do that is to enable defender for cloud as you migrate each workload, enable defender for cloud on that workload and what that's going to accomplish is it's going to give you those guard rails it's going to give you those guidelines.

207
00:22:42,960 --> 00:22:54,960
If you roll something out of a virtual machine with ports that shouldn't be open, the fender for cloud is going to tell you about it, right, it's going to give send an alert, it's going to say hey look, you could, you could have done this better.

208
00:22:54,960 --> 00:23:03,960
So not only is it going to tell you and enable you to kind of close down those ports and deploy that thing securely because it's going to yell at you, but it's also a teaching tool.

209
00:23:03,960 --> 00:23:12,960
So as these organizations are migrating workloads to the cloud instead of using that old mentality defender for cloud is going to say you know what, you could do that better.

210
00:23:12,960 --> 00:23:29,960
And if you do it better this time you're going to remember to do it better next time so anytime that you roll out a new workload, it's going to be rolled out under those recommendations, because defender for cloud, obviously applies Microsoft recommendations right, but it also supplies

211
00:23:29,960 --> 00:23:37,960
industry recommendations and compliance and things like this depending on what industry that the organization is in health care.

212
00:23:37,960 --> 00:23:46,960
What's some other things but yeah we have compliance that compliance templates that can be applied.

213
00:23:46,960 --> 00:23:56,960
So how is it like out of the box available defender for cloud is how what does people need to do to to get it on board.

214
00:23:56,960 --> 00:24:04,960
Yep, with an Azure account and because obviously you're migrating things to Azure and not any any other cloud.

215
00:24:04,960 --> 00:24:08,960
Yeah, what does where you say something. No.

216
00:24:08,960 --> 00:24:25,960
So you just go into the search and look for defender for cloud right and open up the vendor for cloud and then go into that initial screen and if you've never opened it before it's going to walk you through enabling the defender plans that you want to enable

217
00:24:25,960 --> 00:24:34,960
depending on what it is that you are deploying what workload and what you will have within the cloud what you will operate within the cloud so we have.

218
00:24:34,960 --> 00:24:42,960
I don't know I don't know the number of workloads that we have currently but all the way from servers to containers.

219
00:24:42,960 --> 00:24:47,960
Storage accounts databases whether it says or pass.

220
00:24:47,960 --> 00:24:50,960
So there's there's all kinds of different workloads that you can enable.

221
00:24:50,960 --> 00:25:03,960
There are a lot of defenders within defender for cloud actually there are a lot of customers I think sometimes you know why do you have so many or why do you keep adding more.

222
00:25:03,960 --> 00:25:10,960
In a perfect world customers would use every single Azure service that we have.

223
00:25:10,960 --> 00:25:19,960
They don't sometimes they're you know huge with database SQL server and things like that sometimes they just you know just VM servers and things like that.

224
00:25:19,960 --> 00:25:30,960
So I think it's a little bit obvious we have a lot of different workloads but in their separate and each workload costs you know something additional or there's a small price to it but.

225
00:25:30,960 --> 00:25:37,960
This enables customers to select the one that they you know the workload that they have enabled within Azure so.

226
00:25:37,960 --> 00:25:52,960
But for Azure it's really easy to put it on defender for cloud is not only for Azure it's can also manage Amazon Google.

227
00:25:52,960 --> 00:26:00,960
It's what is the difference between defending Azure resources and the others.

228
00:26:00,960 --> 00:26:13,960
No real difference in fact that's one of the things I think we've tried really hard at Microsoft to accomplish is to provide this kind of multi cloud hybrid type of model for all of our security solutions right.

229
00:26:13,960 --> 00:26:25,960
Defender for cloud I think we'll talk about sent a little bit later but in all of our defender stuff defender for every defender for everything will have a defender for everything eventually I was.

230
00:26:25,960 --> 00:26:30,960
I asked for the next product.

231
00:26:30,960 --> 00:26:40,960
I asked the other day what we should what features would and functions would be in a product called defender for time travel who knows I don't know the vendor for time machine.

232
00:26:40,960 --> 00:26:48,960
Because we will eventually call everything defender I guess I actually heard.

233
00:26:48,960 --> 00:26:56,960
It's comical we rebrand every I don't know three or four months whether we need to or not I don't know why you're sent to know.

234
00:26:56,960 --> 00:26:59,960
Yeah, we all know you're sending the right.

235
00:26:59,960 --> 00:27:03,960
So it's Microsoft Sentinel right at this moment yeah.

236
00:27:03,960 --> 00:27:07,960
At this moment yeah.

237
00:27:07,960 --> 00:27:09,960
That's far as I go with that.

238
00:27:09,960 --> 00:27:20,960
But I mean going on defender for cloud is interesting because it is indeed the cloud is in the name and it is for Azure and it's for multi cloud.

239
00:27:20,960 --> 00:27:27,960
But it's also for on-prem right you mentioned sequel for example but also servers.

240
00:27:27,960 --> 00:27:30,960
It's for servers right.

241
00:27:30,960 --> 00:27:46,960
So any server that you have on premises obviously the Azure Arc agent also has to be installed for those that aren't familiar the Azure Arc agent is the agent that ties or at least gives the conduit ability to be able to tie on prem with cloud.

242
00:27:46,960 --> 00:27:57,960
Everybody remembers the old Windows server manager this you know the old MMC snapping console thing where you can manage all servers across your environment.

243
00:27:57,960 --> 00:28:07,960
Azure Arc enables customers do the same thing one single console to manage all servers no matter where they are at AWS.

244
00:28:07,960 --> 00:28:22,960
GCP Azure on premises and what have you that's what that that that agent is for so with the Azure Arc agent installed with to provide that management plane then yes you can install defender for cloud on the servers.

245
00:28:22,960 --> 00:28:33,960
For on premises obviously for workstations and things like that we have defender for endpoint and in tune and things like that but yeah defender for cloud is for the servers.

246
00:28:33,960 --> 00:28:42,960
And that's that's that's a nice topic for the next recording where we have one of the specialist within the defender for server team.

247
00:28:42,960 --> 00:28:51,960
We will catch up with him to see if we can have a more deep dive on that.

248
00:28:51,960 --> 00:28:55,960
What is you're already mentioning Sentinel.

249
00:28:55,960 --> 00:29:00,960
We have defender for cloud multiple defenders within defender.

250
00:29:00,960 --> 00:29:07,960
What why should I use Sentinel in addition to defender for cloud.

251
00:29:07,960 --> 00:29:13,960
So I look at these different products as providing different capabilities.

252
00:29:13,960 --> 00:29:23,960
Again, it's the same model we have here with defender for cloud all those different workloads you apply the proper workload to the proper, the proper service.

253
00:29:23,960 --> 00:29:32,960
Defender for cloud in one of the best descriptions I can give for what it is is it it's a recommendation engine.

254
00:29:32,960 --> 00:29:39,960
It's going to surface and produce alerts based on some of those security misconfigurations we talked about.

255
00:29:39,960 --> 00:29:48,960
So it's not necessarily kind of this centralized what people are familiar with the security information event management system or a seam or some how we pronounce it.

256
00:29:48,960 --> 00:29:59,960
It's going to produce alerts to enable customers to educate them on how to deploy securely right so it's going to provide those recommendations on how to do that.

257
00:29:59,960 --> 00:30:10,960
Defender for endpoint obviously is going to you know help defend for those those customer devices and defender for identity is going to work with user accounts and things like that.

258
00:30:10,960 --> 00:30:19,960
So everything kind of has its mode and what it works with Sentinel on the other hand.

259
00:30:19,960 --> 00:30:21,960
What is this Tuesday it is Tuesday.

260
00:30:21,960 --> 00:30:23,960
So tonight.

261
00:30:23,960 --> 00:30:29,960
One of my favorite TV shows of all time will be on it's called the curse of Oak Island.

262
00:30:29,960 --> 00:30:30,960
Right.

263
00:30:30,960 --> 00:30:38,960
There's these two brothers, they grew up reading this story this this legend about this.

264
00:30:38,960 --> 00:30:44,960
Templar treasure that's buried on an island in Nova Scotia called Oak Island.

265
00:30:44,960 --> 00:30:45,960
Right.

266
00:30:45,960 --> 00:30:49,960
People have been searching for this treasure for 300 years.

267
00:30:49,960 --> 00:30:55,960
In the 10th season, I think they're getting ready to end the season next week is probably the last one for this season.

268
00:30:55,960 --> 00:30:58,960
So they will will absolutely be in 11th season.

269
00:30:58,960 --> 00:31:00,960
They found things they just not found at all.

270
00:31:00,960 --> 00:31:08,960
But what they do is they bring in these huge pieces of equipment right that that dig up the earth.

271
00:31:08,960 --> 00:31:09,960
I'm looking for this thing.

272
00:31:09,960 --> 00:31:13,960
I'm just going to get these huge back of everything and dig up the earth.

273
00:31:13,960 --> 00:31:20,960
What they do with that dirt all that those big mounds of dirt is they take that dirt and they shove it through what's called a sluice box.

274
00:31:20,960 --> 00:31:37,960
If you're familiar with what a sluice box is it literally takes the earth runs water through it and through these little filters it throws out the big stuff and you know retains all the stuff that they're actually looking for the the treasure or gems what whatever happens to be.

275
00:31:37,960 --> 00:31:39,960
That's what Sentinel does for us.

276
00:31:39,960 --> 00:31:40,960
Right.

277
00:31:40,960 --> 00:31:45,960
It's great. These awesome tools like defender for cloud that has all works with all these different workloads.

278
00:31:45,960 --> 00:31:48,960
We have defender for endpoint defender for identity for everything.

279
00:31:48,960 --> 00:31:51,960
They do a very specific job.

280
00:31:51,960 --> 00:32:04,960
Then we filter it into Microsoft Sentinel Sentinel looks through that filters through it and finds the things that potentially the other things couldn't find because there's some new threat that's been identified within the past 24 hours.

281
00:32:04,960 --> 00:32:12,960
So there's going to be detections and indication it works like a standard modern scene security information management system.

282
00:32:12,960 --> 00:32:20,960
The other thing that it does defender for cloud has one to I pull it up 12345678 workloads right now.

283
00:32:20,960 --> 00:32:21,960
All right.

284
00:32:21,960 --> 00:32:29,960
And that's the things that it works with and in and then AWS GCP and stuff like that and of course all the other defender stuff.

285
00:32:29,960 --> 00:32:43,960
But defender for endpoint doesn't work with Cisco devices or Palo Alto devices right you still need to be able to filter your entire environment into something into this loose box and connect it with everything else all these other defender products.

286
00:32:43,960 --> 00:32:58,960
So when something is exposed as potentially dangerous or harmful within your environment whatever it happens to be it's going to be able to tie the entire storyline together from user open an email they probably shouldn't.

287
00:32:58,960 --> 00:33:17,960
It was all capitals nobody does that they clicked on a link that they probably shouldn't we've told them not to click on stupid links they went out to a website that you know they probably wouldn't have visited something in the background downloaded and installed on their system and set dormit for three months because that's the way threat actors do these days

288
00:33:17,960 --> 00:33:25,960
set dormit for three months and then it just got all the users information of where they log in and you know took over that user account.

289
00:33:25,960 --> 00:33:34,960
It's going to tell that entire story because we have it connected to the entire environment through our sluice box.

290
00:33:34,960 --> 00:33:36,960
Amazing.

291
00:33:36,960 --> 00:33:43,960
Amazing comparison as I think one of the best ways that I have heard it being explained right. Thanks for that.

292
00:33:43,960 --> 00:33:44,960
Oh you're welcome.

293
00:33:44,960 --> 00:33:45,960
Yeah.

294
00:33:45,960 --> 00:33:47,960
So,

295
00:33:47,960 --> 00:33:51,960
going to think a step back is is.

296
00:33:51,960 --> 00:34:00,960
Once if we are talking about defender for cloud. So, you utilize it as an enrichment for Sentinel.

297
00:34:00,960 --> 00:34:05,960
What's in your opinion the most.

298
00:34:05,960 --> 00:34:12,960
Most interesting solution from defender for cloud.

299
00:34:12,960 --> 00:34:20,960
The most interesting or are you asking what what produces the most interesting things.

300
00:34:20,960 --> 00:34:22,960
Both are good questions.

301
00:34:22,960 --> 00:34:25,960
Let's go for both of them.

302
00:34:25,960 --> 00:34:30,960
What produces the most interesting stuff.

303
00:34:30,960 --> 00:34:45,960
I have to tell you, you know, I, that's a difficult one to answer but I, what I think is most valuable and again it really depends on the customer and the workloads that they're utilizing for some customers you know containers is they they're all in for

304
00:34:45,960 --> 00:34:52,960
containers so that's going to be extremely useful for them. To me, I like to see what's going on with the servers. Right.

305
00:34:52,960 --> 00:35:10,960
I want to know where the ports are open. I want to know when something is a little bit anomalous because those servers have been stood up and they operate very critical business services right so that's something but that's not the, you know, discount any of the other

306
00:35:10,960 --> 00:35:18,960
services that we have but I do see a lot of stuff come through the defender for cloud for the servers quite a bit more.

307
00:35:18,960 --> 00:35:38,960
But we talking about defenders and so a defender for cloud also help defend if there is something going on, but it also gives us valuable information about configuration that we need to do to heart hardening to do some hardening

308
00:35:38,960 --> 00:35:40,960
on the on the total and for him.

309
00:35:40,960 --> 00:36:01,960
Right so through things like security score and things like this. It's a great way. Again a teaching tool right it's a great way to kind of gamify security right you can whatever is connected through defender for cloud is going to be represented there in the reporting

310
00:36:01,960 --> 00:36:16,960
and the cloud score and things like that. Security score to allow customers to identify those potential misconfigurations or something. Obviously the larger and more the organization is in the more workloads that are deployed to the cloud.

311
00:36:16,960 --> 00:36:33,960
As we all know, everybody likes to be admin in whatever area that that is and unfortunately, not everyone is of the same mind when it comes to security or deployment or what have you they'll do it differently because they have different police for every reason.

312
00:36:33,960 --> 00:36:48,960
So it's good to kind of expose that stuff and look at that score and look at that environment holistically to determine where where there are gaps or where things have been deployed which you had no idea it was going to be deployed because they're not part of your team right they

313
00:36:48,960 --> 00:36:53,960
still have appropriate access but it's not part of your team but they didn't kind of follow the security guidelines.

314
00:36:53,960 --> 00:37:08,960
So security scores one of those things it's going to show you your your security posture management today or last week and over time right so this is really great for organizations, particularly those security teams that are tasked with ensuring that the organization is secure because everybody

315
00:37:08,960 --> 00:37:20,960
knows on a security team, their manager is going to come to him probably at least once a month. How are we doing. Give me something I got to go back to leadership and tell them how we're doing from a security perspective so this gives them the ability to be able to kind of track it.

316
00:37:20,960 --> 00:37:24,960
Over time and hand them a report and say here's how we're doing.

317
00:37:24,960 --> 00:37:33,960
Obviously if they're doing poorly maybe you don't want to hand them report but it gives you the ability to be able to accomplish that because in the past on premises.

318
00:37:33,960 --> 00:37:47,960
You had to deploy a lot of different tools doing a lot of different things to pull those types of reports together Defender for cloud kind of brings all of that together and one and one tool.

319
00:37:47,960 --> 00:37:57,960
I'm talking about course that I think cloud security posture management that the basics that is free to use if you are using cloud services.

320
00:37:57,960 --> 00:38:08,960
So I think definitely if you're using Azure turn it on and you get insights about the current state of your environment and what you need to do isn't it.

321
00:38:08,960 --> 00:38:28,960
Yep that one is free so like I said when you start migrating as we're close to the cloud enable this and able to free portion of it obviously yeah there are depending on whatever service it is there are additional pricing I'm hesitant always to discuss pricing because I'm not a sales person.

322
00:38:28,960 --> 00:38:35,960
I just as soon as I start I'll screw it up and somebody like Rod, you need to stop talking about costs.

323
00:38:35,960 --> 00:38:43,960
Yeah that's for me it's mostly the same because but on the other hand that's what I get the feedback that I get from from some other people.

324
00:38:43,960 --> 00:39:06,960
Defender for cloud and turn it on you get insights and that's in the free version and if you want to use and want to defend and you have to pay for for all the other services as well but yeah definitely there is a lot of you guys from Microsoft you have done a lot of efforts to make that the things work so it definitely needs some some prices on that.

325
00:39:06,960 --> 00:39:16,960
If you look at the future regarding Defender for cloud is a lot of new services are coming in.

326
00:39:16,960 --> 00:39:28,960
Within Azure with an old cloud solutions is is there something definitely missing at the moment where you say we need something for that.

327
00:39:28,960 --> 00:39:36,960
There has been a huge outcry for the next workload next service that will be coming out.

328
00:39:36,960 --> 00:39:39,960
I think we're going to announce it around the RSA timeframe.

329
00:39:39,960 --> 00:39:57,960
I know you all know what it is I know most people listening I'm just going to I don't want to steal their thunder when they make the I don't want to steal their announcement so there is something a significant workload that's been in process and been in development for quite a while and I think a lot of customers will be hugely happy to see this.

330
00:39:57,960 --> 00:40:00,960
Announcement released during RSA.

331
00:40:00,960 --> 00:40:02,960
A lot of a lot of work is done.

332
00:40:02,960 --> 00:40:11,960
Not only for a specific workload but also on the other workloads announcements are done still.

333
00:40:11,960 --> 00:40:28,960
What we're looking still at the future but not specific Defender for cloud but security in general for cloud. Yeah, is there something or what is your vision about the next year.

334
00:40:28,960 --> 00:40:44,960
In general, so every time I pull up my outlook every day at Microsoft for the past. I don't know three months. Okay, everything I see in my inbox is about what.

335
00:40:44,960 --> 00:40:46,960
Yes.

336
00:40:46,960 --> 00:40:48,960
What is it.

337
00:40:48,960 --> 00:40:50,960
AI.

338
00:40:50,960 --> 00:40:55,960
Artificial intelligence.

339
00:40:55,960 --> 00:41:01,960
Microsoft we have made and we announced it our our our brand new.

340
00:41:01,960 --> 00:41:09,960
Event was a two weeks ago now Microsoft secure our brand new first party event that's going to be annual Microsoft secure super awesome.

341
00:41:09,960 --> 00:41:15,960
We announced it Microsoft secure this upcoming security co pilot deal everything that we have so as.

342
00:41:15,960 --> 00:41:28,960
Every security product we have has the word defender on it. It won't be long that every product we have at Microsoft ends in co pilot right so we have office co pilot get up co pilot security co pilot.

343
00:41:28,960 --> 00:41:41,960
I think you're going to see a lot within the next year because that's where our investments are not just time and money but also development right everything that is going on with Microsoft right now.

344
00:41:41,960 --> 00:41:55,960
Is all focused on trying to figure out how we can best deliver the value of artificial intelligence to our customers through our products in a kind of a seamless way right.

345
00:41:55,960 --> 00:42:02,960
A lot of people look at today like you know chat GPT I'm going to go out and ask it questions I'm going to get answers to things like this.

346
00:42:02,960 --> 00:42:15,960
Over the next year all these different co pilots that will show up in our products and our services. I'm kind of harken back to the old days when Apple first started and the whole idea.

347
00:42:15,960 --> 00:42:30,960
Was that technology should just kind of blend in to your life into the background you should you should be able to use this technology whenever you want but it just should be part of your life and not something you have to go get and you have to go using you have to kind of figure out.

348
00:42:30,960 --> 00:42:37,960
And I think that's what's going to happen with AI there's going to be a lot of things supplied particularly from a security perspective.

349
00:42:37,960 --> 00:42:50,960
A year from now you won't even think about anymore you'll just be going okay I need to do this this whatever it is whatever this thing is is going to supply that information for you or potentially even do it for you in.

350
00:42:50,960 --> 00:43:02,960
Without even having to ask or think about it so yeah I think security is headed down that route as well it's going to help streamline things it's going to help customers be more secure.

351
00:43:02,960 --> 00:43:09,960
Also help educate customers quite a bit more we talked about the front of the crowd I look at these tools is highly.

352
00:43:09,960 --> 00:43:28,960
They're tools to be able to educate and build skill sets and knowledge and I think AI is going to kind of be able to accomplish the same thing I think you're going to see utilizing AI for things like co pilot for GitHub and and our visual studio and visual code and things like this.

353
00:43:28,960 --> 00:43:40,960
Customers almost over the past two or three years have gotten whiplash.

354
00:43:40,960 --> 00:43:59,960
And so we're going to be using this pipeline and developing products and features and stuff like this it's really helped accelerate development cycles I believe over the next six months six months to a year.

355
00:43:59,960 --> 00:44:11,960
And so utilizing the power of artificial intelligence is actually let's say double or triple.

356
00:44:11,960 --> 00:44:29,960
And I'm not saying it's going to happen I have no no knowledge of this but I can just imagine customer because one of my primary roles in my job right now is to engage with the security community engage with our customers and take that feedback from them the things they like the things they don't like the things they would like to see better.

357
00:44:29,960 --> 00:44:42,960
And so we're going to take it directly back to the product teams and we discuss how that we're going to accomplish and deliver that in the future customer says, man it wouldn't be nice that this thing did this because this is kind of annoyance.

358
00:44:42,960 --> 00:44:50,960
And then it just fixes itself for that customer and then potentially for the rest for everybody else just imagine a world like that.

359
00:44:50,960 --> 00:44:51,960
So, I don't know.

360
00:44:51,960 --> 00:44:55,960
Maybe that's too much but there's no.

361
00:44:55,960 --> 00:45:03,960
And if we can use this technology from the blue team, the blue side.

362
00:45:03,960 --> 00:45:07,960
Yeah, we can also we can also use that from a red team side.

363
00:45:07,960 --> 00:45:21,960
And people hackers from all over the world can use also AI and so make it more difficult to us to defend our customers and our end users.

364
00:45:21,960 --> 00:45:27,960
What about that that challenge what do you think about that.

365
00:45:27,960 --> 00:45:41,960
Well, you know, it's really I think we're at a kind of a junction point here where almost anything is possible.

366
00:45:41,960 --> 00:45:51,960
But I kind of, you know, you have kind of to pause for just a second as well when you think about this this is all great stuff, right and the capability that it can bring.

367
00:45:51,960 --> 00:45:55,960
But you have to be extremely wary and careful.

368
00:45:55,960 --> 00:46:04,960
I have to say that the things that I'm working on right now so I'm the lead on our security AI on my team.

369
00:46:04,960 --> 00:46:12,960
And I'm asking those questions nobody else has been asking those questions.

370
00:46:12,960 --> 00:46:15,960
Is AI secure. Can we deliver responsible AI.

371
00:46:15,960 --> 00:46:26,960
How do we so here's the other thing right is a secure. Okay, so maybe we can find the answer that but how do we ensure that it's secure how do we monitor that it's secure.

372
00:46:26,960 --> 00:46:28,960
Does AI get mad.

373
00:46:28,960 --> 00:46:33,960
When we monitor it will it try to hide itself will try to hide what it's doing.

374
00:46:33,960 --> 00:46:37,960
There's all kinds of questions that you kind of have to ask I'm not.

375
00:46:37,960 --> 00:46:45,960
And I don't do that in a way to make people fearful because it's not fearful it's something that we can utilize to our value.

376
00:46:45,960 --> 00:46:57,960
And to with, you know, exception in our daily lives, however, we still have to ask those questions and as long as we have the answers to those questions I think we can move on.

377
00:46:57,960 --> 00:46:59,960
Definitely, definitely.

378
00:46:59,960 --> 00:47:05,960
I think we can have a full podcast only on the AI story besides.

379
00:47:05,960 --> 00:47:11,960
So I have a couple sessions at MMS MOA in about three weeks.

380
00:47:11,960 --> 00:47:14,960
So I think I think they're still taking registration for that.

381
00:47:14,960 --> 00:47:19,960
So, probably we can we can make an arrangement.

382
00:47:19,960 --> 00:47:39,960
And if we are closing this series with the defender for cloud let's let's close that one with artificial intelligence and and cloud security and probably a road can be one of them to join us again and probably we can have one or two others from the fields to fill that gap in.

383
00:47:39,960 --> 00:47:42,960
So, yeah, definitely.

384
00:47:42,960 --> 00:47:47,960
We do you have one last question.

385
00:47:47,960 --> 00:47:49,960
How are we done.

386
00:47:49,960 --> 00:48:03,960
I think we have covered everything we went from cloud to on prem to cloud back to recap it a little bit we we touch a little bit all the defenders within the defender for cloud.

387
00:48:03,960 --> 00:48:11,960
Also, of course, the perfect example on Sentinel how it integrates and how what the added value.

388
00:48:11,960 --> 00:48:18,960
Good to hear so I think yeah, from my side, I want to thank Rod for his time.

389
00:48:18,960 --> 00:48:29,960
I don't know if you have any questions from now what what maybe you have one last message for our viewers or listeners regarding cloud security.

390
00:48:29,960 --> 00:48:37,960
Well, and yeah, I appreciate that because I think it's really, really important to highlight.

391
00:48:37,960 --> 00:48:45,960
Obviously, we want customers to be successful in their operations right.

392
00:48:45,960 --> 00:48:47,960
We want customers.

393
00:48:47,960 --> 00:48:51,960
We want to enable customers be successful in securing their environment.

394
00:48:51,960 --> 00:48:58,960
As they are migrating workloads to the cloud we mentioned it earlier but do the necessary things right.

395
00:48:58,960 --> 00:49:09,960
Don't wake up tomorrow and decide I'm moving everything because of some discussion you heard or, you know, the Azure's grade or something like this or maybe some sales person is like, oh, please do it.

396
00:49:09,960 --> 00:49:11,960
I got to meet my quota.

397
00:49:11,960 --> 00:49:14,960
Do it because it's necessary, but do it securely.

398
00:49:14,960 --> 00:49:17,960
We talked about defender for cloud today, right.

399
00:49:17,960 --> 00:49:21,960
That to me as much as I love Microsoft Sentinel.

400
00:49:21,960 --> 00:49:40,960
Defender for cloud is the one thing that I would recommend to customers as they migrate anything to the cloud that they utilize that they enable and utilize for those workloads and resources because again that is going to set those guardrails and those guidelines for you to deploy securely so you don't have to worry about it.

401
00:49:40,960 --> 00:49:45,960
And don't have to worry about, you know, who has access and what's going on with it and things like that.

402
00:49:45,960 --> 00:49:57,960
Again, and it's just going to make you a better organization and more skilled and more knowledgeable about security for the cloud.

403
00:49:57,960 --> 00:49:59,960
Nice.

404
00:49:59,960 --> 00:50:03,960
Thank you for having you on the show.

405
00:50:03,960 --> 00:50:06,960
It was a pleasure to have you.

406
00:50:06,960 --> 00:50:19,960
Well, I appreciate it. I, you know, you can probably tell I always enjoy talking about security in the cloud and whatever. If you wanted to talk about pop tarts, I could talk about that too. You know that.

407
00:50:19,960 --> 00:50:26,960
Yeah, that's right. Maybe maybe we can put a link to the pop tarts in the show notes as well. So nice.

408
00:50:26,960 --> 00:50:45,960
And of course, you as a listener or as a viewer, thank you for listening and for viewing to this episode. See and watch the our stream to see our blog post to see the next recording, probably about Defender for Service.

409
00:50:45,960 --> 00:51:14,960
If you want to know more about that, tune in next time and let's have a wait and see what comes. Thank you.