WEBVTT 00:00:03.699 --> 00:00:06.240 Welcome to the Azure Security Podcast, where 00:00:06.240 --> 00:00:08.759 we discuss topics relating to security, privacy, 00:00:09.060 --> 00:00:11.480 reliability, and compliance on the Microsoft 00:00:11.480 --> 00:00:16.160 Cloud Platform. Hey everybody, welcome to episode 00:00:16.160 --> 00:00:19.339 126. This week is myself, Michael, with Sarah. 00:00:19.660 --> 00:00:22.219 And our guests this week are Sophie Kerr and 00:00:22.219 --> 00:00:26.460 Dave Manassian to talk about Microsoft Baseline 00:00:26.460 --> 00:00:29.160 Security Mode. But before we get to our guests, 00:00:29.280 --> 00:00:31.199 let's take a little lap around the news. Sarah, 00:00:31.300 --> 00:00:34.219 why don't you kick things off? Okay, so a couple 00:00:34.219 --> 00:00:36.359 of things, a couple of exciting things. Well, 00:00:36.359 --> 00:00:38.479 at the time of recording this, this was announced 00:00:38.479 --> 00:00:42.500 last week, which is the new Frontier Suite. Now, 00:00:42.539 --> 00:00:45.179 I know we don't talk about licensing that much 00:00:45.179 --> 00:00:48.619 here on the podcast, but this is a biggie. So 00:00:48.619 --> 00:00:52.939 we now have E7, and that means it's got an absolute 00:00:52.939 --> 00:00:58.060 ton of different... things that you can buy together. 00:00:58.259 --> 00:01:02.899 So you've got Agent 365 and Copilot and it's 00:01:02.899 --> 00:01:04.939 called the Frontier Suite. So you can kind of 00:01:04.939 --> 00:01:07.859 guess. We'll put a link in the show notes so 00:01:07.859 --> 00:01:12.140 you can read up about it. But most people buy 00:01:12.140 --> 00:01:14.500 some kind of Microsoft licensing and this is 00:01:14.500 --> 00:01:16.920 one of the new big ones. So that's definitely 00:01:16.920 --> 00:01:18.819 worth having a look at. And most importantly, 00:01:18.980 --> 00:01:22.799 we also announced the GA of Agent 365, which 00:01:22.799 --> 00:01:26.019 is coming in May. which is very exciting because 00:01:26.019 --> 00:01:29.879 I love Agent 365. If you have been unfortunate 00:01:29.879 --> 00:01:33.379 or fortunate enough to see me demo that at one 00:01:33.379 --> 00:01:37.620 of the AI tour stops, it is very cool. And I 00:01:37.620 --> 00:01:40.260 think it's going to have a lot of security uses. 00:01:40.939 --> 00:01:43.439 Although it's not officially a security tool, 00:01:43.540 --> 00:01:47.319 I cannot see it not becoming one. So if you're 00:01:47.319 --> 00:01:49.000 waiting for when that's going to be announced, 00:01:49.299 --> 00:01:55.069 the GA will be May 2026. And then last but not 00:01:55.069 --> 00:01:57.090 least, again, at the time we're recording this, 00:01:57.189 --> 00:01:59.950 it will depend, of course, Michael, however long 00:01:59.950 --> 00:02:02.730 it takes you to edit this. But at the time of 00:02:02.730 --> 00:02:06.310 recording this, next week is RSA in San Francisco. 00:02:07.319 --> 00:02:10.319 Now, I'm going this year. I haven't been to RSA 00:02:10.319 --> 00:02:14.939 since 2019. It's been a while. But again, I will 00:02:14.939 --> 00:02:17.740 link to it in the show notes. Probably at this 00:02:17.740 --> 00:02:19.620 point, you'll know whether you're going to RSA 00:02:19.620 --> 00:02:22.939 or not. But RSA is obviously one of the very 00:02:22.939 --> 00:02:25.460 big security conferences of the year. Microsoft 00:02:25.460 --> 00:02:29.539 has a huge presence. We have a pre -day, we have 00:02:29.539 --> 00:02:33.060 a post -day, and we have a karaoke party on the 00:02:33.060 --> 00:02:34.979 Monday night. And of course, we have a booth, 00:02:35.080 --> 00:02:37.840 et cetera, et cetera. Microsoft people who have 00:02:37.840 --> 00:02:40.840 sessions. As I said, I will link to it all in 00:02:40.840 --> 00:02:44.900 the show notes. So if you are going to RSA, definitely 00:02:44.900 --> 00:02:47.099 go check out all the Microsoft events. There 00:02:47.099 --> 00:02:49.759 are many. There are a lot of cool Microsoft security 00:02:49.759 --> 00:02:52.939 people there. And I'm going to be there, though. 00:02:52.979 --> 00:02:55.199 So, well, if you happen to be there, come say 00:02:55.199 --> 00:03:00.050 hi. And that's it for my news this time. I have 00:03:00.050 --> 00:03:02.169 a few items. First of all, I actually presented 00:03:02.169 --> 00:03:05.330 just over a week ago now at the NDC Security 00:03:05.330 --> 00:03:08.530 Conference in Oslo in Norway. I gave the keynote 00:03:08.530 --> 00:03:11.490 there about 25 -ish years of the Microsoft security 00:03:11.490 --> 00:03:14.500 development lifecycle. So kudos to Sarah. If 00:03:14.500 --> 00:03:16.419 it wasn't for Sarah, I would not be doing NDC 00:03:16.419 --> 00:03:19.020 because she made sure she hooked me up with all 00:03:19.020 --> 00:03:21.379 the right people. Although it has taken a couple 00:03:21.379 --> 00:03:24.780 of years for us to get together just with calendars 00:03:24.780 --> 00:03:26.539 aligning. So yeah, it was really a lot of fun. 00:03:26.659 --> 00:03:28.199 Got to meet a lot of really, really cool people. 00:03:28.860 --> 00:03:31.680 And Oslo is definitely a bit cooler than Texas. 00:03:31.900 --> 00:03:34.969 Next thing in public preview. There is EntraID 00:03:34.969 --> 00:03:38.330 -based access for Azure blob storage over SFTP, 00:03:38.530 --> 00:03:42.110 secure FTP. This is really cool because now you've 00:03:42.110 --> 00:03:44.669 got, if you need to use SFTP, you've now got 00:03:44.669 --> 00:03:46.669 all your single sign -on and multi -factor authentication, 00:03:47.210 --> 00:03:51.469 conditional access, native RBAC and ABAC, and 00:03:51.469 --> 00:03:53.909 access controller support, which is really good 00:03:53.909 --> 00:03:55.530 to see. So again, you're moving away from sort 00:03:55.530 --> 00:03:59.090 of a username and password. Next one, also in 00:03:59.090 --> 00:04:01.569 public preview, is a customer -managed encryption 00:04:01.569 --> 00:04:05.379 key support for... premium SSD version 2 disks 00:04:05.379 --> 00:04:08.900 for Azure Database for PostgreSQL, my old stomping 00:04:08.900 --> 00:04:11.719 ground in Azure Data. Again, anything that has 00:04:11.719 --> 00:04:15.319 support for customer managed keys is always high 00:04:15.319 --> 00:04:18.399 on my list because that way it gives the users 00:04:18.399 --> 00:04:21.800 of the product absolute control of the keys. 00:04:22.829 --> 00:04:26.209 Next up, we now have, in general availability, 00:04:26.649 --> 00:04:29.509 a whole bunch of confidential virtual machines 00:04:29.509 --> 00:04:32.189 based on the fifth generation Intel Xeon processors 00:04:32.189 --> 00:04:36.089 using Intel Trust Domain Extensions, or TDX. 00:04:36.250 --> 00:04:39.889 These are available now in various regions. It's 00:04:39.889 --> 00:04:43.129 great to see, again, the continuation of more 00:04:43.129 --> 00:04:46.209 support for more VM types that support confidential 00:04:46.209 --> 00:04:50.189 computing. And with the news out the way, let's 00:04:50.189 --> 00:04:52.509 get to our guests. As I mentioned, we have Sophie 00:04:52.509 --> 00:04:55.230 and Dave here to talk about the Microsoft Baseline 00:04:55.230 --> 00:04:58.949 Security Mode. So Sophie and Dave, welcome to 00:04:58.949 --> 00:05:00.790 the podcast. We'd like to each take a moment 00:05:00.790 --> 00:05:03.910 and introduce ourselves to our listeners. Thank 00:05:03.910 --> 00:05:06.230 you, Michael, and thank you, Sarah. So hello, 00:05:06.290 --> 00:05:08.689 everyone. My name is Sofika, and I'm a Senior 00:05:08.689 --> 00:05:11.709 Product Marketing Manager here at Microsoft. 00:05:11.790 --> 00:05:16.050 And I cover Agent 365, Security and Governance, 00:05:16.110 --> 00:05:20.269 Microsoft 365, Security Copilot, Microsoft 365 00:05:20.269 --> 00:05:23.310 Copilot, Security and Governance, as well as 00:05:23.310 --> 00:05:27.089 Microsoft Baseline Security Mode. And hey, folks, 00:05:27.250 --> 00:05:30.769 I'm Dave, and Michael and Sarah, thank you for 00:05:30.769 --> 00:05:34.279 the invite. It's awesome to be here. I'm a principal 00:05:34.279 --> 00:05:38.899 product manager on the product team across. So 00:05:38.899 --> 00:05:41.120 I drive a lot of the admin experiences across 00:05:41.120 --> 00:05:44.220 the board, specifically around content governance. 00:05:44.420 --> 00:05:48.240 And as customers get ready for co -pilot and 00:05:48.240 --> 00:05:53.399 AI adoption, the content management and governance 00:05:53.399 --> 00:05:57.759 capabilities are becoming vital. So I drive a 00:05:57.759 --> 00:06:00.439 lot of that. And also on the security front, 00:06:00.639 --> 00:06:06.160 I drive many of the, again, prep and early thread 00:06:06.160 --> 00:06:09.939 detection type of capabilities for our admins. 00:06:10.019 --> 00:06:13.139 So yeah, that's me. Okay, you two. Well, thank 00:06:13.139 --> 00:06:15.959 you for joining us. So I'm going to start with 00:06:15.959 --> 00:06:18.480 the most obvious question, just so we level set 00:06:18.480 --> 00:06:21.620 before we go on. But what is Baseline? What is 00:06:21.620 --> 00:06:24.720 the Microsoft Baseline security mode? Yeah, that's 00:06:24.720 --> 00:06:27.720 a great question. So Microsoft Baseline Security 00:06:27.720 --> 00:06:31.519 Mode lives in the Microsoft 3C5 Admin Center. 00:06:31.860 --> 00:06:35.920 What it does, it gives admins, IT admins, a single 00:06:35.920 --> 00:06:40.139 place in the Admin Center to turn on a set of 00:06:40.139 --> 00:06:43.519 security protection and baseline security protections 00:06:43.519 --> 00:06:47.660 that we as Microsoft recommends based on real 00:06:47.660 --> 00:06:50.959 world threat intelligence. Dave, anything you 00:06:50.959 --> 00:06:54.579 want to add to that? No, I think one of the big 00:06:54.579 --> 00:06:58.839 reasons why we decided to invest into baseline 00:06:58.839 --> 00:07:02.939 security mode now is because we are seeing an 00:07:02.939 --> 00:07:06.699 increase in amount of potential threats that 00:07:06.699 --> 00:07:09.240 are kind of getting exploited, especially with 00:07:09.240 --> 00:07:13.579 new kind of up and coming AI capabilities that 00:07:13.579 --> 00:07:16.980 not only good guys have, but also bad guys also 00:07:16.980 --> 00:07:23.339 get access to. Many of the things that specifically 00:07:23.339 --> 00:07:27.379 settings and tenant kind of configurations that 00:07:27.379 --> 00:07:32.079 were kind of had potential gaps within them or 00:07:32.079 --> 00:07:37.120 especially, you know, kind of things that kind 00:07:37.120 --> 00:07:40.060 of lingered around when. when they should have 00:07:40.060 --> 00:07:41.560 been really deprecated. These type of things 00:07:41.560 --> 00:07:44.980 are becoming more and more areas that bad actors 00:07:44.980 --> 00:07:49.560 can exploit. And we decided to invest into this 00:07:49.560 --> 00:07:52.540 now to really help customers and help really 00:07:52.540 --> 00:07:55.220 kind of address the customer outcry around Microsoft, 00:07:55.519 --> 00:07:59.120 you know, kind of recommended baseline or minimum 00:07:59.120 --> 00:08:03.779 bar kind of configuration setup that we didn't 00:08:03.779 --> 00:08:07.449 really... have before that span across Microsoft 00:08:07.449 --> 00:08:10.410 365 and Microsoft in general. So we're investing 00:08:10.410 --> 00:08:14.009 into that now to really kind of help our customers 00:08:14.009 --> 00:08:17.449 hear from Microsoft what Microsoft thinks that 00:08:17.449 --> 00:08:19.829 minbar should be. Dave and Sophie, you've already 00:08:19.829 --> 00:08:22.810 kind of touched on this, but why did we need 00:08:22.810 --> 00:08:26.370 this? Well, I think I know the answer to this 00:08:26.370 --> 00:08:29.149 because I have seen there have been public talks 00:08:29.149 --> 00:08:33.129 about, you know, some... default stuff that probably 00:08:33.129 --> 00:08:36.370 needs changing. I've seen those over the years, 00:08:36.450 --> 00:08:39.330 like various B -sides. But in your own words, 00:08:39.450 --> 00:08:42.750 why do we need baseline security mode? We're 00:08:42.750 --> 00:08:46.490 in the era of AI, AI apps, AI agents, and AI 00:08:46.490 --> 00:08:49.289 can really accelerate the ability for malicious 00:08:49.289 --> 00:08:52.809 actors to exploit configuration gaps. And specifically, 00:08:52.970 --> 00:08:55.590 we're talking about legacy configurations that 00:08:55.590 --> 00:08:57.970 can be the most vulnerable in your enterprise 00:08:57.970 --> 00:09:02.509 environment. So we're talking about the amplification 00:09:02.509 --> 00:09:07.149 of these legacy risk, how, you know, environments 00:09:07.149 --> 00:09:10.330 now getting really, really complex. And so if 00:09:10.330 --> 00:09:14.009 you're implementing a change, you may risk unintended 00:09:14.009 --> 00:09:17.850 disruptions. And then also, if you use multiple 00:09:17.850 --> 00:09:22.490 solutions, that could, you know, create a fragmented 00:09:22.490 --> 00:09:26.490 security experience as well. And that is really 00:09:26.490 --> 00:09:29.570 the problems that we're looking to solve. Dave, 00:09:29.649 --> 00:09:31.690 do you want to add on to that on, you know, why 00:09:31.690 --> 00:09:34.830 baseline security mode? No, I think you got it 00:09:34.830 --> 00:09:38.730 all right. I think a lot of our customers depend 00:09:38.730 --> 00:09:41.549 on, you know, kind of third party applications 00:09:41.549 --> 00:09:45.769 or, you know, we had several customers that are 00:09:45.769 --> 00:09:50.470 actually receiving legacy type of files that 00:09:50.470 --> 00:09:54.679 Microsoft has discontinued for a while. And we 00:09:54.679 --> 00:09:58.019 still support that, but we don't recommend the 00:09:58.019 --> 00:10:00.179 usage of those. So we do have some customers 00:10:00.179 --> 00:10:02.000 that are still kind of because of their customers 00:10:02.000 --> 00:10:06.779 are using it. They kind of have to use it. But 00:10:06.779 --> 00:10:10.600 those types of files, sometimes legacy files, 00:10:10.740 --> 00:10:14.600 sometimes have different security risks. There 00:10:14.600 --> 00:10:16.360 are different apps that are now coming in and 00:10:16.360 --> 00:10:19.389 using. potentially could exploit these files, 00:10:19.490 --> 00:10:23.789 et cetera. So we really are trying to do a few 00:10:23.789 --> 00:10:25.230 things, and I think Sophie is going to cover 00:10:25.230 --> 00:10:29.629 it in a minute. We're really trying to help the 00:10:29.629 --> 00:10:35.690 customers, one, clearly understand what are those 00:10:35.690 --> 00:10:37.929 recommendations that we have and what are the 00:10:37.929 --> 00:10:42.570 potential areas of... vulnerabilities that exist. 00:10:43.029 --> 00:10:45.590 And then the other thing is, is that we're trying 00:10:45.590 --> 00:10:48.889 to help you identify these vulnerabilities. And 00:10:48.889 --> 00:10:51.250 then the third, resolve them in a much easier 00:10:51.250 --> 00:10:54.330 way, which we'll cover in just a minute. So why 00:10:54.330 --> 00:10:57.090 now? It's because now we're seeing to Sophie's 00:10:57.090 --> 00:10:59.970 point, you know, AI is coming into the picture 00:10:59.970 --> 00:11:02.490 and it's really, you know, kind of expediting 00:11:02.490 --> 00:11:06.169 then and potentially opening up these, you know, 00:11:06.169 --> 00:11:10.480 existing potential problematic areas and potentially 00:11:10.480 --> 00:11:16.019 increasing the risk for infiltration of bad actors 00:11:16.019 --> 00:11:20.399 into the environment and tenant. Can you give 00:11:20.399 --> 00:11:23.419 me like a really concrete example? So you mentioned 00:11:23.419 --> 00:11:25.799 files and you mentioned the word legacy in there 00:11:25.799 --> 00:11:27.919 as well. Is that like legacy settings? Is that 00:11:27.919 --> 00:11:30.639 legacy configuration? You want to give a super 00:11:30.639 --> 00:11:32.340 concrete example of something that's actually 00:11:32.340 --> 00:11:35.460 in the product? I can give one example here. 00:11:35.929 --> 00:11:38.470 For example, one of the settings that is available 00:11:38.470 --> 00:11:42.629 in Microsoft Baseline Security Mode today is 00:11:42.629 --> 00:11:47.669 that you can essentially block Microsoft Publisher 00:11:47.669 --> 00:11:52.110 and block basic authentication. So that's one 00:11:52.110 --> 00:11:54.190 example on the authentication side. And on the 00:11:54.190 --> 00:11:58.750 file side, you can essentially disable people 00:11:58.750 --> 00:12:02.929 from opening old legacy formats, and then they 00:12:02.929 --> 00:12:07.830 can... block active X control. So those are some 00:12:07.830 --> 00:12:10.210 of the examples. Anything else, Dave, you want 00:12:10.210 --> 00:12:13.389 to talk about that really resonate with our customers? 00:12:13.710 --> 00:12:16.230 Yeah, I think you covered it. Those are like 00:12:16.230 --> 00:12:18.809 the really big ones that we see constantly happening. 00:12:18.950 --> 00:12:23.250 The other one is we're allowing the admins to 00:12:23.250 --> 00:12:25.929 actually control the app access, third -party 00:12:25.929 --> 00:12:28.169 app access into the environment, especially when 00:12:28.169 --> 00:12:34.179 it comes to third -party apps that have AI. A 00:12:34.179 --> 00:12:37.440 lot of times what happens is up until now, the 00:12:37.440 --> 00:12:41.899 users would just go test out a third -party app 00:12:41.899 --> 00:12:46.039 like any of the AI providers. And as part of 00:12:46.039 --> 00:12:49.519 that, if they have a connection to SharePoint 00:12:49.519 --> 00:12:53.000 or connection to Microsoft 365, they would actually 00:12:53.000 --> 00:12:55.879 activate that connector without realizing that 00:12:55.879 --> 00:12:59.899 once that activation is made, data can start 00:12:59.899 --> 00:13:02.700 flowing freely from the... security boundary 00:13:02.700 --> 00:13:05.960 of Microsoft 365 out of that security boundary 00:13:05.960 --> 00:13:09.059 into that new AI capability or AI tools that 00:13:09.059 --> 00:13:11.659 they're testing out. And as a result, create 00:13:11.659 --> 00:13:14.679 potential leaks of information. There's also 00:13:14.679 --> 00:13:17.759 some of the security things that we have, like 00:13:17.759 --> 00:13:22.350 labels, et cetera, that we have within. the confines 00:13:22.350 --> 00:13:25.730 of the Microsoft 365 secure boundary that sometimes 00:13:25.730 --> 00:13:30.190 does not get translated when the content flows 00:13:30.190 --> 00:13:33.429 outside of Microsoft 365. So as a result, you 00:13:33.429 --> 00:13:37.250 end up with leaked information into some third 00:13:37.250 --> 00:13:40.409 party tools. So now we have capabilities within 00:13:40.409 --> 00:13:44.139 baseline security mode. for the admin to actually 00:13:44.139 --> 00:13:48.039 control the ability for their users to be able 00:13:48.039 --> 00:13:50.519 to do this kind of things. So that's basically 00:13:50.519 --> 00:13:53.279 that's another one. But I think the reason we 00:13:53.279 --> 00:13:55.919 have every single setting is because like Sophie 00:13:55.919 --> 00:13:59.360 mentioned earlier, we have had security kind 00:13:59.360 --> 00:14:03.320 of MSRCs. kind of created within Microsoft 365. 00:14:03.759 --> 00:14:06.639 And we actually had to go learn the hard way 00:14:06.639 --> 00:14:09.179 to go deal with these security vulnerabilities 00:14:09.179 --> 00:14:11.759 and close those gaps in Microsoft specifically. 00:14:12.299 --> 00:14:15.399 So now we want to bring all that knowledge and 00:14:15.399 --> 00:14:18.279 expertise out through this experience to all 00:14:18.279 --> 00:14:21.840 customers across the board. So which products 00:14:21.840 --> 00:14:24.360 is Microsoft Baseline Security Mode available 00:14:24.360 --> 00:14:29.450 for? Yeah, great question. So right now in phase 00:14:29.450 --> 00:14:32.309 one of Microsoft Baseline Security Mode, it is 00:14:32.309 --> 00:14:35.669 now generally available for Microsoft 365 and 00:14:35.669 --> 00:14:39.070 Microsoft Entra. Dave, do you want to speak a 00:14:39.070 --> 00:14:42.610 little bit about potential roadmap for Baseline 00:14:42.610 --> 00:14:45.669 Security Mode? Okay, so yeah, so definitely I 00:14:45.669 --> 00:14:48.049 can definitely cover that. So as of right now, 00:14:48.149 --> 00:14:52.549 we are supporting, you know, several apps. Also 00:14:52.549 --> 00:14:55.649 Entra is one and then Microsoft 365, we're supporting 00:14:55.649 --> 00:14:59.779 Teams. Exchange, SharePoint, certain apps in 00:14:59.779 --> 00:15:04.600 SharePoint or capabilities in SharePoint. And 00:15:04.600 --> 00:15:08.940 I think that's pretty much it. What's upcoming 00:15:08.940 --> 00:15:13.259 is we're adding quite a bit more to this. So 00:15:13.259 --> 00:15:16.039 there's going to be new settings that are going 00:15:16.039 --> 00:15:19.019 to be coming in from PowerApps. There's going 00:15:19.019 --> 00:15:22.320 to be more enhanced settings coming in from Exchange, 00:15:22.919 --> 00:15:28.120 Teams, SharePoint, OneDrive. We're also bringing 00:15:28.120 --> 00:15:31.980 in some Purview capabilities as well, settings 00:15:31.980 --> 00:15:36.360 into BSM as well. And we are actually adding 00:15:36.360 --> 00:15:40.460 a whole new surface area. So up until now, we've 00:15:40.460 --> 00:15:47.620 been kind of covering apps as one -off type of... 00:15:48.750 --> 00:15:53.429 settings within BSM. Now in V2, which is upcoming, 00:15:53.809 --> 00:15:56.570 we're going to start seeing apps as a whole other 00:15:56.570 --> 00:15:58.909 pillar. So there's going to be many different 00:15:58.909 --> 00:16:01.909 things that are going to fall into that area 00:16:01.909 --> 00:16:05.169 as well. So in other words, we're going from 00:16:05.169 --> 00:16:08.769 around, I think it was around 18 settings or 00:16:08.769 --> 00:16:15.289 so in V1 of BSM to around 30 or so, over 30 settings. 00:16:15.490 --> 00:16:18.490 So we're still kind of, things are in fluctuation 00:16:18.490 --> 00:16:20.750 mode right now. So we're still adding removing 00:16:20.750 --> 00:16:25.730 settings for V2. So what are the key highlights 00:16:25.730 --> 00:16:30.269 and features of the baseline security mode? Yeah, 00:16:30.330 --> 00:16:33.789 so we think of it like this, like Dave has said, 00:16:33.850 --> 00:16:37.480 and I've mentioned before. So BSM... allows you 00:16:37.480 --> 00:16:40.559 to act on these tailored recommendations from 00:16:40.559 --> 00:16:43.299 Microsoft so that you can secure your tenant 00:16:43.299 --> 00:16:46.700 with these pre -configured default protections 00:16:46.700 --> 00:16:49.360 against those known vulnerabilities in legacy 00:16:49.360 --> 00:16:54.019 configuration. Then what's really interesting 00:16:54.019 --> 00:16:58.129 is that you can adopt changes safely. So you 00:16:58.129 --> 00:17:01.370 can actually test these configurations that you're 00:17:01.370 --> 00:17:04.329 about to implement in simulation mode before 00:17:04.329 --> 00:17:08.309 rollout. So that helps to make adoption more 00:17:08.309 --> 00:17:11.410 straightforward and help you to minimize the 00:17:11.410 --> 00:17:13.710 risk. So I think those are the two things that 00:17:13.710 --> 00:17:16.869 I would definitely highlight for baseline security 00:17:16.869 --> 00:17:19.990 mode. Dave, anything that you want to add to 00:17:19.990 --> 00:17:23.250 that? Yeah, I think you did a pretty great job 00:17:23.250 --> 00:17:26.589 covering it. I think the main thing that I want 00:17:26.589 --> 00:17:31.609 to reemphasize is the ability for the admins 00:17:31.609 --> 00:17:34.829 to really assess impact before the setting is 00:17:34.829 --> 00:17:37.549 implemented. And on top of that, the ability 00:17:37.549 --> 00:17:43.369 to actually stop the bleeding while certain kind 00:17:43.369 --> 00:17:45.730 of change management processes take place. So 00:17:45.730 --> 00:17:49.359 an example of this. would be, let's say, you 00:17:49.359 --> 00:17:52.240 ran one of the settings or opened up one of the 00:17:52.240 --> 00:17:56.619 settings, ran the impact analysis, and impact 00:17:56.619 --> 00:17:58.819 analysis identified there's going to be certain 00:17:58.819 --> 00:18:01.539 type of users or apps, depending on the setting, 00:18:01.680 --> 00:18:05.000 that would be impacted if you took the recommendation. 00:18:05.640 --> 00:18:08.220 In many of the settings, we are supporting exclusion 00:18:08.220 --> 00:18:12.490 policies where you can add these... impacted 00:18:12.490 --> 00:18:18.470 apps, users, et cetera, or sites to that exclusion 00:18:18.470 --> 00:18:21.809 list, which means you're taking the recommendation, 00:18:22.150 --> 00:18:24.190 you're stopping the bleeding for the entire tenant 00:18:24.190 --> 00:18:29.430 while excluding the impact, and that buys you 00:18:29.430 --> 00:18:32.950 time to actually go and work with the app owners 00:18:32.950 --> 00:18:37.490 or file owners or users, right, and kind of off 00:18:37.490 --> 00:18:40.930 -board them slowly and go through your... go 00:18:40.930 --> 00:18:43.190 through your processes, change management processes 00:18:43.190 --> 00:18:49.069 with the impacted folks to off -board them from 00:18:49.069 --> 00:18:54.349 these kind of legacy experiences. So it not only 00:18:54.349 --> 00:18:57.470 gives you a really easy way to kind of take the 00:18:57.470 --> 00:18:59.529 action, but it also gives you the impact analysis, 00:18:59.569 --> 00:19:02.049 exclusion policies to help you really roll things 00:19:02.049 --> 00:19:06.049 out across the board in a very kind of easy way. 00:19:06.349 --> 00:19:08.509 I know we don't talk about this too much on the 00:19:08.509 --> 00:19:12.160 podcast, but it's obviously worth covering um 00:19:12.160 --> 00:19:14.799 everyone probably if people are listening they 00:19:14.799 --> 00:19:17.279 think wow this sounds amazing but how much does 00:19:17.279 --> 00:19:20.960 it cost um uh you know is there an additional 00:19:20.960 --> 00:19:24.380 cost for this or how how are we doing that yeah 00:19:24.380 --> 00:19:28.519 so the great news is you can benefit from this 00:19:28.519 --> 00:19:32.500 integration because Baseline security mode is 00:19:32.500 --> 00:19:35.460 made by Microsoft for Microsoft with Microsoft 00:19:35.460 --> 00:19:38.380 recommended configuration, and it is included 00:19:38.380 --> 00:19:41.980 with your existing Microsoft 365 license. Yeah, 00:19:42.079 --> 00:19:46.640 to add to that, we actually were, we did talk 00:19:46.640 --> 00:19:49.619 about potentially putting it behind a license 00:19:49.619 --> 00:19:52.480 of certain kind, but one of the things we realized 00:19:52.480 --> 00:19:56.019 very quickly is that like the goal of this is 00:19:56.019 --> 00:19:58.480 to really bring this experience and really help 00:19:58.480 --> 00:20:03.630 all of our customers to close any kind of security 00:20:03.630 --> 00:20:06.210 issues or vulnerabilities across the board. And 00:20:06.210 --> 00:20:08.730 that didn't really feel like it would be fair 00:20:08.730 --> 00:20:12.509 to put it behind a license. So we literally opened 00:20:12.509 --> 00:20:16.349 it up to anyone and everyone across Microsoft 00:20:16.349 --> 00:20:19.750 365. We love that. I love anything that's included. 00:20:20.009 --> 00:20:22.849 That's always a good thing. As I said, I'm not 00:20:22.849 --> 00:20:25.589 a big license person, but it is something to 00:20:25.589 --> 00:20:28.970 think about. I know we already talked about some 00:20:28.970 --> 00:20:31.730 concrete examples. Michael already asked you 00:20:31.730 --> 00:20:37.410 that question. But so how does it work? So how 00:20:37.410 --> 00:20:42.809 do you turn it on? And we know that often when 00:20:42.809 --> 00:20:45.869 we change different settings and stuff, we can 00:20:45.869 --> 00:20:49.490 break things, right? So how do you go about that 00:20:49.490 --> 00:20:51.789 if someone wanted to turn on the baseline security 00:20:51.789 --> 00:20:57.619 mode and not mess things up? Yeah. I can actually 00:20:57.619 --> 00:21:01.099 cover that really quick. So it's fairly straightforward. 00:21:01.380 --> 00:21:04.000 We made it as simple as possible. So you log 00:21:04.000 --> 00:21:07.240 into your Microsoft 365 Admin Center. We build 00:21:07.240 --> 00:21:10.960 it there so that, because that's usually the 00:21:10.960 --> 00:21:13.220 place where all the admins kind of start the 00:21:13.220 --> 00:21:17.559 experience of managing settings, etc. Now, once 00:21:17.559 --> 00:21:20.440 you're there, you're going to click on Settings 00:21:20.440 --> 00:21:23.579 in the left navigation, then go on to Org Settings. 00:21:24.940 --> 00:21:27.779 And then once you're there, you're going to click 00:21:27.779 --> 00:21:30.740 on security and privacy. And baseline security 00:21:30.740 --> 00:21:34.140 mode is going to be right at the top. So when 00:21:34.140 --> 00:21:36.859 you click on it, what you're going to see is 00:21:36.859 --> 00:21:40.900 essentially us, like the wheel will spin. That 00:21:40.900 --> 00:21:43.700 would be us actually looking at your settings 00:21:43.700 --> 00:21:48.440 in your tenant and evaluating to see which settings 00:21:48.440 --> 00:21:52.170 actually meet our... meet our recommendation 00:21:52.170 --> 00:21:55.390 versus not. So once that evaluation is complete, 00:21:55.730 --> 00:21:58.849 usually it takes about, you know, five seconds, 00:21:59.089 --> 00:22:01.029 like two to five seconds, something like that, 00:22:01.130 --> 00:22:05.430 pretty quick. Once that happens, in that same 00:22:05.430 --> 00:22:09.769 panel, we'll show you the settings that we recommend 00:22:09.769 --> 00:22:14.009 you to where we feel there's not much impact, 00:22:14.349 --> 00:22:16.990 where you can actually just immediately implement 00:22:16.990 --> 00:22:20.440 automatically. Or... there are going to be some 00:22:20.440 --> 00:22:23.259 settings where we do see impact in general across 00:22:23.259 --> 00:22:26.180 our customer base, and we do recommend you to 00:22:26.180 --> 00:22:29.160 first run the impact analysis before implementing 00:22:29.160 --> 00:22:34.440 that. We're calling this the one -click experience, 00:22:34.640 --> 00:22:36.759 meaning you don't really have to do much. You 00:22:36.759 --> 00:22:40.740 can just start the BSM evaluation and then you 00:22:40.740 --> 00:22:43.799 click save. Once you click save, all the recommendations 00:22:43.799 --> 00:22:46.200 will be automatically applied. However, you can 00:22:46.200 --> 00:22:50.200 go more manual route and really pick and choose 00:22:50.200 --> 00:22:53.220 the specific things that you want to initiate, 00:22:53.539 --> 00:22:56.559 turn on, turn off, and decide on your own which 00:22:56.559 --> 00:22:58.779 settings you want to run the impact analysis 00:22:58.779 --> 00:23:01.880 for, etc. And to do that, on the bottom of that 00:23:01.880 --> 00:23:05.119 left panel, you're going to see a button called 00:23:05.119 --> 00:23:08.559 Open Baseline Security Mode. When you click on 00:23:08.559 --> 00:23:11.480 that, we will show you a full dashboard of all 00:23:11.480 --> 00:23:16.599 the baseline security mode settings. There's 00:23:16.599 --> 00:23:20.099 going to be a column there called status. That 00:23:20.099 --> 00:23:23.940 status column will show you which of the settings 00:23:23.940 --> 00:23:27.680 that you have in your tenant meets the Microsoft 00:23:27.680 --> 00:23:31.259 recommendation or meets Microsoft min bar, right? 00:23:32.119 --> 00:23:35.940 And then you're going to see an indicator called, 00:23:36.019 --> 00:23:40.049 you know, you know, called at risk. So at risk 00:23:40.049 --> 00:23:43.529 means that specific setting is not really meeting 00:23:43.529 --> 00:23:47.390 the Microsoft minimum security bar, security 00:23:47.390 --> 00:23:51.630 mode, you know, kind of min bar. So the next 00:23:51.630 --> 00:23:53.869 thing what you want to do is everything, obviously, 00:23:53.950 --> 00:23:56.210 if it meets the standard, then you're all good. 00:23:56.809 --> 00:23:59.569 Anything that is at risk, you want to actually 00:23:59.569 --> 00:24:02.470 click on. And when you click on it, the left 00:24:02.470 --> 00:24:05.500 panel will show up with. all the information 00:24:05.500 --> 00:24:08.980 that you really need to know with all the learn 00:24:08.980 --> 00:24:10.980 more links that if you really want to deep dive 00:24:10.980 --> 00:24:14.440 into it, you can do that. But in most cases, 00:24:14.660 --> 00:24:17.579 when you click on the setting, you will see an 00:24:17.579 --> 00:24:20.500 area called or a button called generate report 00:24:20.500 --> 00:24:23.619 that when you click on it, nothing actually gets 00:24:23.619 --> 00:24:28.539 implemented. We just kind of run the impact analysis 00:24:28.539 --> 00:24:31.640 without triggering anything. So what we recommend 00:24:31.640 --> 00:24:35.130 you to do is you know, come to BSM security mode 00:24:35.130 --> 00:24:39.470 page, look at everything that says at risk, go 00:24:39.470 --> 00:24:42.849 into the panel, just get familiar with what it 00:24:42.849 --> 00:24:45.309 says really quick, and then generate the report. 00:24:45.849 --> 00:24:48.509 Again, generating report doesn't change anything. 00:24:48.670 --> 00:24:50.869 It doesn't implement anything. It just literally 00:24:50.869 --> 00:24:54.809 runs the report to tell you what the impact would 00:24:54.809 --> 00:24:59.549 be if you were to enable the same. Okay, so that... 00:24:59.720 --> 00:25:02.940 could take anywhere from a few minutes to a few 00:25:02.940 --> 00:25:05.119 hours. And for some of the reports, depending 00:25:05.119 --> 00:25:08.640 on how much data you have, it could take a few 00:25:08.640 --> 00:25:11.660 days sometimes, right? So you want to kind of 00:25:11.660 --> 00:25:13.799 initiate these reports as quickly as possible 00:25:13.799 --> 00:25:15.660 to make sure that you have the data at your fingertips 00:25:15.660 --> 00:25:20.180 when you actually are in a process of making 00:25:20.180 --> 00:25:24.519 a decision. So once you do that, if anything 00:25:24.519 --> 00:25:28.619 that basically... has no impact meaning there's 00:25:28.619 --> 00:25:31.019 you know the impact analysis didn't find anything 00:25:31.019 --> 00:25:33.619 generally it's you know kind of at that point 00:25:33.619 --> 00:25:36.859 if nothing is impacted we recommend you to go 00:25:36.859 --> 00:25:40.900 ahead and um you know kind of take the um or 00:25:40.900 --> 00:25:43.579 you know make take the recommendation uh that 00:25:43.579 --> 00:25:46.640 is given there uh and then click save policy 00:25:46.640 --> 00:25:49.859 so once you save it uh obviously the we will 00:25:49.859 --> 00:25:53.259 trigger all the apis to go in and uh close down 00:25:53.259 --> 00:25:57.269 that gap in your in your ecosystem in your tenant. 00:25:57.750 --> 00:26:02.509 Anything that says there is some potential impact, 00:26:02.809 --> 00:26:07.029 in most cases, we have a scope area right under 00:26:07.029 --> 00:26:10.289 the setting recommendation where you can literally 00:26:10.289 --> 00:26:16.109 just exclude the impacted users or apps or whatever 00:26:16.109 --> 00:26:20.799 the impact that is determined. is there again 00:26:20.799 --> 00:26:24.059 and then once you exclude the impact you want 00:26:24.059 --> 00:26:26.680 to take the recommendation and click that checkbox 00:26:26.680 --> 00:26:30.259 so that you stop the bleeding so that new folks 00:26:30.259 --> 00:26:33.579 are not using and creating more problems right 00:26:33.579 --> 00:26:38.839 and then what we see customers do with the excluded 00:26:40.640 --> 00:26:43.559 folks, right, excluded users or whatever from 00:26:43.559 --> 00:26:48.000 the policy is they usually just contact the user 00:26:48.000 --> 00:26:51.599 and try to work with them to kind of get them 00:26:51.599 --> 00:26:55.480 off -boarded from using. these files. Now, the 00:26:55.480 --> 00:26:58.059 funny thing is that we do have some customers 00:26:58.059 --> 00:27:00.759 that actually, regardless of impact, they just 00:27:00.759 --> 00:27:03.119 go in and implement all the recommendations. 00:27:03.700 --> 00:27:07.819 And then they get, obviously, some users that 00:27:07.819 --> 00:27:12.019 are impacted, and then they would let the admin 00:27:12.019 --> 00:27:14.559 know that they're impacted, and then admin will 00:27:14.559 --> 00:27:17.579 go and work with them. So sometimes that's a 00:27:17.579 --> 00:27:19.980 lot faster way to implement it. There's a little 00:27:19.980 --> 00:27:23.430 bit of user pain, but... you are closing security 00:27:23.430 --> 00:27:25.849 gaps, known security gaps and vulnerabilities. 00:27:26.089 --> 00:27:28.829 So we definitely recommend you to go do that, 00:27:28.829 --> 00:27:33.589 you know, faster than like sooner, as soon as 00:27:33.589 --> 00:27:36.269 possible, let's put it that way. So that's kind 00:27:36.269 --> 00:27:41.089 of just a really quick overview of based on security 00:27:41.089 --> 00:27:42.869 mode, but it's really not rocket science. We 00:27:42.869 --> 00:27:45.970 build it to make it very, very easy. Okay, so... 00:27:46.619 --> 00:27:49.900 This was announced in November at Ignite, but 00:27:49.900 --> 00:27:52.880 what's the uptake been with customers so far? 00:27:53.119 --> 00:27:55.660 Have a lot of people started turning on baseline 00:27:55.660 --> 00:27:58.480 security mode? I know that you've got some stats 00:27:58.480 --> 00:28:02.160 for us. Yeah, absolutely. Yeah, this has been 00:28:02.160 --> 00:28:06.359 one of the probably fastest adoption I've seen 00:28:06.359 --> 00:28:10.940 across several products that we've been. driving 00:28:10.940 --> 00:28:14.819 so far. Just to give you an idea, in the last, 00:28:14.880 --> 00:28:18.920 let's see, in the last 30 days or so, we've had 00:28:18.920 --> 00:28:26.779 around 320 ,000 customers, unique tenants that 00:28:26.779 --> 00:28:31.400 have started the workflow already. And we have 00:28:31.400 --> 00:28:39.680 around 50 ,000 that have already finished. So 00:28:39.680 --> 00:28:43.019 far. So it usually takes, depending on the size 00:28:43.019 --> 00:28:47.220 of the organization, it takes, you know, anywhere 00:28:47.220 --> 00:28:51.559 from and kind of how. eager is the customer to 00:28:51.559 --> 00:28:53.900 really close the gaps very quickly. So we have 00:28:53.900 --> 00:28:58.420 some organizations that just go ahead and just 00:28:58.420 --> 00:29:00.140 do it right away. So as soon as they find out 00:29:00.140 --> 00:29:02.079 about it within a few days, they're pretty much 00:29:02.079 --> 00:29:05.559 done. And we have some organizations that are 00:29:05.559 --> 00:29:08.400 a little bit more process oriented and they have 00:29:08.400 --> 00:29:09.880 their processes that they have to go through. 00:29:10.430 --> 00:29:13.150 And that sometimes could take a couple of weeks, 00:29:13.210 --> 00:29:15.910 two, three weeks sometimes to get through it. 00:29:16.170 --> 00:29:19.789 In majority of the cases that we see, it's a 00:29:19.789 --> 00:29:23.569 pretty quick process. So far, it's a pretty fast 00:29:23.569 --> 00:29:26.549 adoption, considering that we're dealing with, 00:29:26.670 --> 00:29:32.319 one, security, kind of pretty, you know... impactful 00:29:32.319 --> 00:29:36.640 security -related features. And then also this 00:29:36.640 --> 00:29:39.619 is our admin capability. So admin capabilities 00:29:39.619 --> 00:29:43.660 usually take longer to onboard and kind of get 00:29:43.660 --> 00:29:46.660 going. But in this case, it's pretty fast. I'm 00:29:46.660 --> 00:29:49.319 very proud of what we've been able to achieve 00:29:49.319 --> 00:29:54.019 so far. With that, I want to, we always finish 00:29:54.019 --> 00:29:56.579 off with asking our guests, what is a day in 00:29:56.579 --> 00:30:01.420 the life of... Dave and Sophie look like? Because 00:30:01.420 --> 00:30:03.799 Microsoft people have so many different things 00:30:03.799 --> 00:30:06.380 they do. So I'm going to hit you, Dave, first. 00:30:06.460 --> 00:30:08.920 Dave, what does a day in the life of Dave look 00:30:08.920 --> 00:30:12.059 like, a typical day, if you have one? Especially 00:30:12.059 --> 00:30:16.279 right now, it's pretty busy. So my meetings usually 00:30:16.279 --> 00:30:19.940 start at around 6am. Usually I have meetings 00:30:19.940 --> 00:30:24.529 across the different regions of the world. So 00:30:24.529 --> 00:30:27.589 different depending on the project. Then I have 00:30:27.589 --> 00:30:29.730 a bit of time to really catch up with emails 00:30:29.730 --> 00:30:32.470 over coffee, probably about half an hour to 40 00:30:32.470 --> 00:30:36.809 minutes. Then I jump in into spec reviews. I 00:30:36.809 --> 00:30:39.690 drive a lot of different admin areas, including 00:30:39.690 --> 00:30:43.670 SharePoint advanced management. So we have 15 00:30:43.670 --> 00:30:46.609 to 20 feature crews that have specs and ideas, 00:30:46.809 --> 00:30:50.430 et cetera, that have to review and kind of solidify 00:30:50.430 --> 00:30:55.400 and approve, et cetera. Then there's design meetings 00:30:55.400 --> 00:30:57.759 that we have to go through for feature development, 00:30:58.000 --> 00:31:01.539 etc. And then lots of leadership updates and 00:31:01.539 --> 00:31:06.660 LT buy -in meetings where we kind of take a lot 00:31:06.660 --> 00:31:11.619 of these ideas, etc. And make sure that our executives 00:31:11.619 --> 00:31:14.680 are aligned and kind of make sure that their 00:31:14.680 --> 00:31:16.559 questions and their concerns are all addressed. 00:31:18.019 --> 00:31:23.380 And my favorite time is... On Mondays, actually, 00:31:23.539 --> 00:31:28.200 at around 8 p .m., we have all the different 00:31:28.200 --> 00:31:30.240 feature crews that we have, which is around, 00:31:30.420 --> 00:31:33.180 I think at this point, around 90 people or so, 00:31:33.319 --> 00:31:37.740 come together and we share demos of different 00:31:37.740 --> 00:31:41.059 things that we either coded or build, especially 00:31:41.059 --> 00:31:43.220 with a lot of AI capabilities that are coming 00:31:43.220 --> 00:31:46.400 on board. All of us are really becoming builders, 00:31:46.599 --> 00:31:50.150 so regardless of discipline. So we're all building 00:31:50.150 --> 00:31:54.849 and sharing things that we have created or researched, 00:31:55.009 --> 00:31:59.349 etc. So it's always an exciting time to see how 00:31:59.349 --> 00:32:02.450 much we can accomplish when all the tools are 00:32:02.450 --> 00:32:04.890 in the ecosystem and they're working properly 00:32:04.890 --> 00:32:09.170 and you really have access to all these tools. 00:32:09.529 --> 00:32:13.829 So that's my typical Monday, I would say. Tuesday 00:32:13.829 --> 00:32:16.470 is very different. Awesome. Sophie, how about 00:32:16.470 --> 00:32:20.849 you? Yeah, I agree. No day, one day is the same. 00:32:21.450 --> 00:32:24.789 But, you know, as a product marketing manager, 00:32:25.029 --> 00:32:27.930 it's all about translating complex product and 00:32:27.930 --> 00:32:31.049 security, you know, security features into these 00:32:31.049 --> 00:32:35.630 stories. So a typical day for me is usually bouncing 00:32:35.630 --> 00:32:39.329 between product deep dive. So for me to understand. 00:32:40.119 --> 00:32:43.259 products such as baseline security mode, and 00:32:43.259 --> 00:32:46.140 then having customer conversations such as executive 00:32:46.140 --> 00:32:50.220 briefings or calls with customer and obviously 00:32:50.220 --> 00:32:54.480 messaging work. So I try to on a daily basis, 00:32:54.599 --> 00:32:56.700 right? So what I do is really connecting the 00:32:56.700 --> 00:33:00.220 dots so that complex technology or simple ones 00:33:00.220 --> 00:33:04.119 like BSM will show up in a very simple and credible 00:33:04.119 --> 00:33:07.769 manner for those that need it. The last thing, 00:33:07.809 --> 00:33:09.930 I know I warned you when we talked before we 00:33:09.930 --> 00:33:12.430 recorded this, the last thing that we ask our 00:33:12.430 --> 00:33:15.230 guests is, if you had a final thought to leave 00:33:15.230 --> 00:33:19.029 our listeners with, what would it be? I'll go 00:33:19.029 --> 00:33:22.049 first. So, you know, thinking about BSM, but 00:33:22.049 --> 00:33:26.109 I really think security shouldn't. depend on 00:33:26.109 --> 00:33:29.009 perfect decisions. So it really should start 00:33:29.009 --> 00:33:33.990 with a safe default. So that's what I will leave 00:33:33.990 --> 00:33:36.390 everyone with and then just get started with 00:33:36.390 --> 00:33:39.670 baseline security mode today. Yeah, from my end, 00:33:39.869 --> 00:33:42.430 this is something I'm reminded every day because 00:33:42.430 --> 00:33:45.509 we're building a lot of AI, new capabilities, 00:33:45.849 --> 00:33:51.599 agents, et cetera, within my orgs. And AI is 00:33:51.599 --> 00:33:54.259 coming really, really fast. And it's something 00:33:54.259 --> 00:33:56.680 that is really, and I know everyone has heard 00:33:56.680 --> 00:33:59.740 about how it's developing really fast and our 00:33:59.740 --> 00:34:02.980 environment is changing, but it really is changing 00:34:02.980 --> 00:34:06.839 fundamentally how we look at security, how we 00:34:06.839 --> 00:34:11.260 look at administration, functionality, the job 00:34:11.260 --> 00:34:14.960 functions in general. And with these kind of 00:34:14.960 --> 00:34:18.360 changes, it's really, really important to have 00:34:18.360 --> 00:34:21.880 the tools in place and really implement the tools 00:34:21.880 --> 00:34:26.340 that are provided, right? Especially from organizations 00:34:26.340 --> 00:34:29.059 like Microsoft, right? And especially if they're 00:34:29.059 --> 00:34:32.079 free, to implement them as quickly as possible 00:34:32.079 --> 00:34:37.000 to really make sure that you meet the changing 00:34:37.000 --> 00:34:39.739 environment and changing kind of threat ecosystem 00:34:39.739 --> 00:34:43.880 vulnerabilities, et cetera. head on as quickly 00:34:43.880 --> 00:34:47.719 as possible. So time is of the essence, especially 00:34:47.719 --> 00:34:50.639 when it comes to these kind of known vulnerabilities 00:34:50.639 --> 00:34:53.619 that BSM, that we're trying to bring to you guys 00:34:53.619 --> 00:34:57.480 in a very, very simple way to really get them 00:34:57.480 --> 00:34:59.880 applied as quickly as possible and close these 00:34:59.880 --> 00:35:03.960 known areas to really reduce the surface area 00:35:03.960 --> 00:35:06.820 of potential attack. Well, thanks, Sophie. And 00:35:06.820 --> 00:35:11.400 thanks, Dave. With that, that's always our final 00:35:11.400 --> 00:35:14.739 question and final thoughts. So we'll wrap it 00:35:14.739 --> 00:35:17.880 up there. To everyone who's listening, thank 00:35:17.880 --> 00:35:20.260 you very much for listening. We hope you found 00:35:20.260 --> 00:35:24.920 this episode useful. And Michael usually wraps 00:35:24.920 --> 00:35:28.010 this up, so I get to do it for once. We hope 00:35:28.010 --> 00:35:30.389 you enjoyed this. Check out the show notes for 00:35:30.389 --> 00:35:33.929 more details and stay safe and we'll see you 00:35:33.929 --> 00:35:35.630 on the next one. Thanks for listening to the 00:35:35.630 --> 00:35:38.530 Azure Security Podcast. You can find show notes 00:35:38.530 --> 00:35:42.510 and other resources at our website, azsecuritypodcast 00:35:42.510 --> 00:35:46.289 .net. If you have any questions, please find 00:35:46.289 --> 00:35:49.690 us on Twitter at AzureSecPod. Background music 00:35:49.690 --> 00:35:53.090 is from ccmixter .com and licensed under the 00:35:53.090 --> 00:35:54.170 Creative Commons license.