Remediating Cloud Risks with Microsoft Copilot for Security | BRK224

Microsoft Developer · Beginner ·💻 AI-Assisted Coding ·2y ago
Skills: AI Security90%

Key Takeaways

Remediates cloud risks with Microsoft Copilot for Security, integrating with Defender for Cloud

Full Transcript

[Music] all right hello everybody thank you all for coming my name is Charles oxer product manager for Defender for cloud I'm joined today with fellow product manager Larry Goldstein and today we are so excited to be showcasing to you all the next wave of innovation coming to Defender for cloud transforming the way you all remediate your Cloud risks through the power of Microsoft co-pilot for security for our agenda today we're going to start with some of the top Cloud security challenges we see across the industry and that exist within all of your organizations next we'll give a highlevel overview of Defender for Cloud's Cloud native application protection platform solution and how it addresses these challenges then we'll get into what you are all here to see the new integ with Microsoft co-pilot for security transforming the way you conduct your risk exploration and risk remediation after a demonstration of all of these new skills we've added to co-pilot we'll end with a Q&A as I'm sure you all are going to be just as excited about these new capabilities as we are so when we talk about the top challenges we see in the cloud security across the industry uh it starts with a rather basic one uh but we still see is quite prominent and it's simply a lack of visibility into the security and compliance State across all of your cloud workloads and devops environments as the size of your organization scales so does the number of these cloud workloads and devops environments that exist in production making it incredibly difficult to configure all of the security tooling and security Monitoring Solutions you need to ensure that you have 100% visibility into the security posture state uh even if you are able to get all of the tooling and monitoring you need configured uh you're often met with a rapid increase of security signal making it impossible to effectively triage and prioritize those risks that matter the most next honestly attackers are just getting better we see rapid improvements in the number and the sophistication of tax performs making it critical for all of your organizations to follow a set of security best practices lastly almost all organizations today are adopting a multicloud approach to Cloud infrastructure and while that comes with many great advantages uh it makes it very difficult uh to effectively manage security posture when there are so many nuances across Cloud environments now the worst part is when we look across the industry with risk management uh things are trending downwards we see the average security team only remediates 133% of all vulnerabilities not because we're not all incredibly passionate and working hard at addressing this but it's because a lot of the time security teams are off operating with a lack of resources their budget constrainted they simply don't have the Manpower uh to effectively uh remediate all of the issues that exist across all of their environments this results in the average times remediation to be 30 days for a vulnerability this leaves attackers with plenty of time to identify all of the attack vectors possible in your systems and exploit them the worst part is 99% of these attacks could be mitigated with just basic security hygiene now what's the answer to all of these problems Microsoft Defender for Cloud's Cloud native application protection platform which embeds a set of security and and compliance capabilities across every stage of your Cloud native application life cycle from build to deploy to runtime you'll receive integrated insights for application security testing your external attack surface and internet exposure uh your Cloud entitlements and permissions across all of your identities uh where your sensitive data exists and where there are vulnerabilities that can be exploited as well as Network segmentation to ensure that an initial breach can't proliferate into something much worse in addition we provide all the Integrations necessary for a sec Ops practitioner to effectively manage and remediate this risk from Integrations with Sentinel to a native xdr integration to workflow Automation and ticketing collaboration systems like service now we want to equip your SE Ops practitioners with all the tools they need to effectively remediate the risk in your environments now one of the core pillars of the Microsoft Defender for cloud scap solution is Microsoft Fender cspm which provides contextualized insights for all of the risks that exist in your multicloud environments uh we use a number of risk factors to allow you to prioritize what matters most based on how attackers could exploit each of these risks in your systems in addition we provide a set of security standards and Cloud policies to ensure everyone in your organization is following security best practices we take a data aware approach to Cloud security posture management ensuring that you all can Harden the resources that contain your most sensitive data uh that attackers are looking for but as we know attackers move very fast and only are moving faster meaning you must be able to prevent this risk from reaching your production environment because at that point you're already left vulnerable this is why we have a whole Suite of devop security capabilities allowing you to fix uh all of these security issues and vulner abilities before they can even reach production at the source code level lastly we provide your security practitioners all of the collaborative tools they need to kick off for mediation workflows and ensure a timely uh mitigation to the risk that could potentially be exposed in your systems now at the core of Defender cspm is our Cloud security graph this provides a graph-based view of all the relationships between your Cloud resources your devops repositories uh and additional insights that attackers could use uh to potentially uh make lateral movements across your systems and exploit resources uh after an initial breach in a completely different workload uh we bring in insights from cloud workload protection Sentinel xvr devops your Cloud infrastructure entitlements to give you a comprehensive graph-based view powered by both agentless and agent-based protection uh this will allow you to visualize the exact paths an attacker could make what lateral movements they could do to access different parts of your system and allow you to effectively remediate all the risk in your environment now well all of this is great and it will allow you to effectively prioritize and remediate what risk matters the most it simply isn't enough with the speed and scale attackers are starting to use through the power of generative AI I'm going to hand things off to Lara now who's going to show how we're reimagining the way we look at all of our Solutions across Defender for Cloud's Cloud native application protection platform thanks Charles great overview so what do we know about generative AI so far we know that it can help us really give more power to the Defenders we know it can help scale humans more effectively and utilize them more strategically we also know that it allows for a paradigm shift we always know that human Ingenuity and expertise will always be an Irreplaceable component of Defense but we need technology that can augment these capabilities with the skill sets processing speeds and Rapid learning of AI technology that can work for us alongside us and detect hidden patterns and behavior and inform response at machine speed with the latest and most advanced security practices AI allows us to get realtime visibility and context so we can investigate threats better and Defenders can become more effective in responding to those threats and working on what really matters most instead of having to learn all of these separate tools and learn all of the different quering language that are part of these tools you can use natural language prompts and you can collaborate more effectively with your other teammates and Microsoft is very uniquely positioned to really transform security using artificial intelligence not only are we at the Forefront of this artificial intelligence boom but we also have an endtoend security offering that covers endpoints email software um uh software as a service applications and of course Cloud applications and we also have a whole Suite of identity and compliance tools as well by integrating AI into all of these tools we can really deliver Ena and value for our customers with coordinated experiences across our entire Suite we can use this generative AI to really simplify all of our different tool sets and help organizations turn the table on attackers we do this through Microsoft co-pilot 4 security which is the first generative AI security product to really um help defend organizations at the speed and scale of artificial intelligence since our an announcement of Microsoft co-pilot for security which was over a year ago the interest we've had has been unprecedented it continues to combine the most advanced GPT 4 models with Microsoft developed orchestration that allows us to intelligently understand what the customer is asking and what we can do to help the customer and all of this is powered by our very unique expertise that we have from having End security and compliance offerings we also have our Global threat intelligence which analyzes trillions of signals each day to truly understand where new and emerging threats are coming from all of this in our comprehensive security products puts us in a very great place to lead this AI security Revolution and today we are super excited to announce that we are bringing the power of co-pilot for security into Microsoft Defender for cloud this will be available in public preview on June Jun 10th and we will be able to bring even more efficiencies into Defender for cloud and continue to help our customers accelerate their response times we know that misconfigurations are the highest cause of data breaches and we have a lot of tools that can Surface this data already but we also know that not every risk is created equal we've done a lot of work to help with risk prioritization over the past couple of years but we still know our customers are tired of the recommendations there's a lot of noise and we need to be able to help them filter through the noise and focus on what's most impactful what's one thing that they can do now that will secure them exponentially how can they just make one change that will replicate across tons of different instances and really get into the best place to have the lowest attack surface possible and even when we continue to add to Defender for cloud to help customers really prioritize what's most important we will continue to bring generative AI into these capabilities as well today with the co-pilot integration we have a few different skills that we're releasing one of them is around performing risk exploration and we're going to talk about these in more detail but risk exploration is helping our security admins identify where they have misconfigurations where they have vulnerabilities and weaknesses and which of those weaknesses actually pose the biggest threat to the organization and they can do all of this just through natural language queries using chat within the defender for cloud portal but after you find out these recommendations that are the most critical you still need to take action yes you know what's most important but it's just going to sit there unless you actually do something about it so we're helping our customers actually speed up the time to remediate these issues by giving them ready too remediation scripts in any scripting language of their choice and even for code vulnerabilities our security admin customers can now generate poll requests using co-pilot that integrates into developer source code Management Systems to fix the issues automatically with co-pilot in Defender for cloud security admins can truly simplify the complexity by filtering through noise catching what others may miss um and understand critical risks and then accelerate the remediation of those so let's talk about our first skill which is assisted risk exploration this really helps um understand our customers they are able to use co-pilot chat with co-pilot understand what is required of them to improve their Cloud security posture we can Surface these different sorts of misconfigurations faster than ever by combining contextual insights that we get from the cloud security graph that powers Defender for cloud and the intelligence of the generative AI tool that is co-pilot for security with this information we're able to help customers share risk summaries um and really drill down into what the main actions they can take are to improve their entire security posture the next skill we have is around assisted risk remediation this is really one of our game changing features because it gives security admins stepbystep guidance on what actions they need to take to remediate issues including even generating scripts for them in their scripting language of choice whether want to run it within Amazon CLI Azure CLI Powershell it doesn't matter co-pilot will be able to generate that script to help you remediate any of the recommendations that we detect in Defender for cloud before we even provide their mediation script we're still going to help the security admin understand why this is a risk what are the different factors that can tribute to it being a high severity risk or critical severity risk whatever it's marked at and the benefits of actually resolving the issue this not only saves Time by giving you all the information that you need but it can also help train new and Junior team members um if the security admin isn't in the place to actually remediate the risk on their own by running one of these scripts that fixes the issue that's totally okay because co-pilot can also generate an email that will be sent to the resource owner that has already been identified and let that resource owner know why they need to address the issue and what they need to do to actually address that issue and then last but definitely not least we're in excited to introduce a new groundbreaking capability within co-pilot that we're calling automated risk remediation so instead of it being more assisted where you're running the script manually we are automatically generating a poll request to fix any sort of misconfiguration that was detected within an infrastructure as code template this is a really big step in our mission to empower our security admins and streamline devop security processes we all know that infrastructure as code has revolutionized the way that we build and deploy resources but we all know that this also comes with new security challenges one misconfiguration in an infrastructure as code temp template can be propagated to hundreds or thousands of runtime resources which compromises the security and integrity of all of our applications and data that's why we're giving security admins the ability to truly shift security left and remediate those issues at the source and make sure that they never get propagated to runtime we don't want the issue to get to production in the first place because that's when issues can actually happen all right um now probably a little bit more exciting we do have a demo on these capabilities when we're going through this demo I just want to set some context we are going to be looking at this through the lens of how a Security administrator would interact with Microsoft Defender for cloud these are our key personas that we tend to work with and our goal with co-pilot was really to enhance their experience managing their CL security posture um help them identify and remediate different sorts of recommendations that we find within their multicloud and devops environments some of the challenges that we know that security administrators face based on some of our interviews with them and conversations is really one uh two different areas so there's Focus they don't know where to focus their time because they have so many different recommendations that they have to sort through especially when they're not only using Azure but they're also in AWS gcp and on cloud um they are just drowning in recommendations so we're trying to help them actually Focus where they need to spend their time and then the second one is expertise especially when we look at the devop side we know that our Security administrator customers they're not going to be experts in fixing infrastructure as code templates maybe they are and that's great but that's not the typical Persona that we po to work with but we still want to empower them to be able to make those changes and know that they can truly secure their infrastructure across the board without having to be a developer all right let's take a look now so we're starting here within Microsoft Defender for cloud this is the overview page we can see that we have resources coming from Azure Ada WS Google Cloud we can see that we've assessed over 13,2 or 13,200 resources exactly we have different sorts of attack paths and security alerts and we have over 11,000 recommendations that we need to address so let's look at these recommendations now looking at the recommendations there is a long list with over 229 pages that we need to sort through um as a security professional I probably wouldn't know where to start so that's why we have co-pilot now we can click on analyze with co-pilot and we'll get some suggestions so we can ask co-pilot to show us different risks for publicly exposed resources or Resources with sensitive data we're going to select publicly exposed here co-pilot will think about it for a minute before it returns us some results that helps us really narrow down this list and drill down to those recommendations that are going to be most impactful to resolved so here we can see that there are 156 storage accounts 64 virtual machines 52 blob containers 18 kubernetes clusters we have this list and what we can do with this now is apply a filter this brings down the list of recommendations we have and we begin to actually be able to tailor our um ability to sort through it so for this we're going to click on one of the these recommendations called management ports on virtual machine should be closed on this recommendation we have a variety of different risk factors it's exposed to the internet there are vulnerabilities it's critical we can see the graph with the different attack paths about how a virtual machine with vulnerabilities can then access a SQL virtual machine we need to remediate it soel Leta ask co-pilot co-pilot is going to first summarize the recommendation just kind of train us on why it's so important to address what sort of information we would need to give to someone if we need that help to remediate it um it's giving us an overview telling us about the risk factors telling us who the remediation owner is but I just want to remediate it so I select help me remediate now when it's done thinking it will return a remediation script for me and this remediation script is azure Powershell um and I can scroll up and when I'm up there I just click run that opens up Azure Cloud shell and I can remediate but I'm not typically doing this as a security admin so let's actually delegate it instead of running it when we click on delegate this remediate uh delegate remediation to the resource owner co-pilot will then generate an email for us that's ready to go and be sent to the owner that we see identified in this recommendation we see the whole email laid out it's looking at the resource owner we can open it up click Send and go it's explaining what the risk is why it's risky and why they need to fix it but this is when the risk is already in runtime it's already in production we want to avoid that moving forward we don't want this to get here in the first place so let's see what we can do on the code side here we have a recommendation to remediate infrastructure as code findings when this loads we are able to see we have some different sort of infrastructure as code misconfigurations within Azure devops repositories so let's actually reduce the risk with co-pilot we're asking it to actually help us remediate this recommendation it's giving us um a response back saying that remediating it will help your security posture so why don't you select one of the vulnerabilities and click on that we'll remediate it we're selecting contain container should not run with allow privilege escalation co-pilot will then analyze the configuration file from the code and will generate a fix for us to fix that uh misconfiguration of the container deployment file allowing for privilege escalation when it responds it's giving us some details about the poll request that it's going to submit because of course I want to be sure that it's in a good stage before I actually create a poll request and have my developer view it so what I was confident about it I clicked submit now co-pilot is going out and creating that poll request within Azure devops when it's done it's giving us the link to the poll request and just warning us that this is generated by AI so you do want the developer to review it before they actually merge the code within Azure devops we can see co-pilot has created this poll request on behalf of the security admin that was in the portal it's giving the developer a clear description as to what the misconfiguration was why that is a risk about the container being able to escalate its Privileges and we can see exactly what was changed here co-pilot was able to add in security context and set allow privilege escalation to be false and with this as a security professional I can be assured that any future deployments of this container are going to be secured as long as the developer approves this poll request I don't have to worry anymore and I can really feel safe and secure knowing that my environment is safe and my infrastructure is safe so that is a quick demo of all of the new capabilities we have with co-pilot that we are so excited about um and to end across the entire application development life cycle so I know it's been a quick presentation so far but we did want to leave plenty of time for a Q&A before we get there we just kind of want to highlight some of the key areas that we discussed so with the co-pilot First Security experience with in Defender for cloud there were a variety of main uh a variety of different capabilities that we wanted to remind you of so one is letting it give you a quick understanding of your Cloud security posture you can use co-pilot 4 security to explore any sort of open uh recommendations that you have and query for what you want to see maybe you want to see all resources that have sensitive data and they are also marked as a critical resource so you want to prioritize ize those first it doesn't matter what you want to do you just ask co-pilot in natural language and it'll return the results for you next we have guided remediation so for any issues that were found in runtime resources co-pilot can then generate remediation scripts for you that you can just quickly run and apply or you can have it send an email to the resource owner telling them to remediate it and then last we have the automated remediation capabilities where we leverage co-pilot for security to generate poll requests to fix issues in infrastructure as code accurately and um really being able to reduce the time to remediation I don't have to bug developers to remediate the issue I'm just doing it on my own the developer accepts it and it's all done the code is now merged and we're good to go it's not this endless Journey anymore I don't have to convince my developers why you need to remediate it co-pilot is able to do all of that for us and honestly this is really important because most issues in runtime do stem from infrastructure as code templates that provision those resources in the first place so we're empowering our security admins to actually fix the issues at the source without being experts in developing infrastructure in the first place all they need to do is use Defender for cloud before we go into Q&A we just want to make sure you know that you are more than welcome to talk to us join Tech Community um and come to the ballroom on level five to continue any sort of conversations with us and tell us how you plan to use co-pilot for security and Defender for cloud and after that we have some additional sessions coming up so one you can scan this QR code to see more sessions as well as details about this one so you can know how to reach Charles and I um and we also have a session tomorrow a demo Dem 767 at 9:15 a.m. and we'll do a little bit of a more de like go deeper into Defender for cloud and show more of the capabilities there so we do hope you come to that great questions all right I think someone is coming with a mic don't worry got it coming I'm coming stand away from it um if there's a great number of vulnerabilities that exist that all have a common fix for example um and it spends maybe a 100 different repos is there a way to blanketly say submit PRS for all of these at once or is it limited to just identifying them one at a time in order to create those PRS in the initial release we are doing one at a time because first we want to make sure that developers actually feel confident with those fixes we don't want to just have like one PR with a 100 different files being changed and then they have to go through each and every one we want to take this slow but when we build that trust when developers are actively approving the PRS we know that it's not interrupting their workflows that's when we can begin to expand it's more about us wanting to help our customers trust AI versus like technical limitations so don't worry about it like we we are going in that direction but it's going to be a journey thanks yeah um hi what was a bit unclear for me was um how do you connect to the the G repository and how are other G repositories also uh supported beyond azard devops great question let's see if I can share my screen here and actually show it live find out um let me stop presenting the slideshow that may help there we go okay we can go to portal. azure.com and within Defender for cloud we have the ability to let you connect to multicloud or multi-pipeline environments so so we do have support for azzure devops GitHub and gitlab to actually um on board to Defender for cloud and begin to see security findings for any of those source code Management Systems so here we have environment settings add environment you select Azure devops and then you just create this connector you'll configure your access to give it us permissions to actually be able to scan your repos ingest those results from the scanning but this is really all you need to do to do that and set that up and begin to leverage these different sorts of Integrations and features does that help does that answer it we can always uh attach some more resources to the session about configuring it yeah getting my steps today uh you kind of touched on it but I was wondering if you have any plans to go into posture management for third party SAS applications mapping back to identities checking to make sure users don't have more than one way to access an application things like that really good question so we don't have plans to do that in Defender for cloud because there is another Microsoft security product that does that it's actually called Microsoft Defender for cloud apps which isn't confusing at all but that is our software as a security posture management offering it also does threat detections for uh thirdparty software applications so definitely recommend checking that out it's a really neat product and it has a whole Suite of different capabilities and identity sorts of monitoring come on any other questions yeah so uh we've used uh Microsoft Defender for cloud quite a bit and uh kind of as you presented a lot of the issues crop up with uh new new deployments um have you guys thought about looking at uh a lot of the defaults that exist in the deployments to kind of shore them up before they even reach um Microsoft Defender for cloud like do an analysis across a lot of the issues and trying and Sh that up at the actual deployment level do you mean an infrastructure as code or do you mean just like when you are deploying an Azure resource manager template like during that deployment process like if I go to a your resource manager here so I think one of the ones that you had was like uh insecure ports or something right so that's something that you could actually put in the configuration to start with um right instead of waiting until after everything's done deployed and then go run Microsoft Defender for cloud and realize that everything's right yeah that's why we have our devop security offering to scan your infrastructure within code in the first place to prevent those issues from ever reaching runtime like the whole idea of Shifting security left fixing at the source um before you get there in the first place but not everything's going to be perfect like you might have a developer that deploys anyways or something like that so we are always going to have this idea where we catch the issues in runtime but with devop security and our connections to GitHub Azure devops and gitlab we do want to help you actually find and address those issues before they reach I think it's more of like a an ant for a scap right not an or so what you saw today it's like once it's you're already vulnerable once it's already reached production how do you remediate from there uh part of a scap is right we have to embed these security capabilities these guard rails at every stage at build time at deploy time um and you know we're still evolving in that space especially at build and deploy time um but that is something that's top of mind for us is how you know at every single stage of the life cycle you have all of like the policy guard rails you need to ensure uh you know that critical vulnerabilities don't make it to production obviously sometimes things slip through the cracks it's hard to catch everything um so this you know it's kind of an and where then if it does make it in you still have this automated remediation workflow so I just to quickly add to that so would copilot be able to help identify policies that could be added to prevent that vulnerability in the first place uh ignoring the infrastructures code piee no I don't think we're using co-pilot for that initially because co-pilot is more like helping you remediate what already is identified um we're not going to use co-pilot to discover those risks in the first place because we do have built-in policies for that already that um they're based on like best practices from different compliance standards like CIS um what else nist uh so we have those recommendations built in already I don't think we're going to be doing too much with like integrating co-pilot capabilities there to detect issues or even help you like yeah in the first place but it will help with remediation and we'll see what other sort of use cases that our customers are asking for in the future as well it's a it's like an evolution though right where uh as we evaluate if we do see that large large language models are effective at identifying and suggesting policies to use in certain situations uh we're kind of capturing the value wherever we can right now like I said uh kind of towards the beginning like every way we kind of doing things in Defender for cloud we're reimagining how we can do it uh to make it more you know more effective with generative AI if that is something we uh can kind of see value in um we're going after but to lar point it's not something that's kind of in our immediate plans thanks I know we had a question up here you showed some of the use cases or you mentioned here are more towards the infrastructure or Hardware level right I mean ports and whatnot are there any use cases that you have covered around appsc which talks about the code challenges that we have some of the code vulnerabilities that we have yeah that's the integration we have with infrastructure as code to start with so like the infrastructure as code templates within your source code repositories um that's our first step in actually fixing code and making sure that you are secure across the board but like with Defender and cloud in general we are presenting code vulnerabilities that you have or open- Source vulnerabilities from your code so that exists within Defender for cloud but for the beginning of the integration with co-pilot we're focusing on like remediating issues from infrastructure as code versus more General code vulnerabilities so it's just more like it it SEC versus absc for our first scenario I would say we're kind of we're testing our first scenario with iic seeing how it does obviously it's a very nent technology we have to make sure it's you know not breaking uh production environments because people are merging poll requests that end up uh not being great generated by a co-pilot uh but it's going to evolve right and it's expand into other scanning types Beyond static or just infrastructure is code scanning in terms of static analysis thank you thank you how is this technology priced how do we pay for it what will it cost us great question so um co-pilot for security does have a pay as you go billing model you purchase something called security compute units and with those you can leverage co-pilot for security and any sort of Microsoft security experience that you're using um for just Defender for cloud in general to like really make the most of co-pilot Force Security you would want to use a plan called Defender Cloud security posture management which is build per per um any sort of like we we have a list of billable resources and we do a pay as youo charge on a monthly basis you're you're paying for the different resources you have that we are securing and that also gives you all the devop security capabilities too so it'll be a mix of Defender for cloud and co-pilot for security anyone else is anyone excited anything that anyone wants to try out first with co-pilot for security and Defender for cloud can raise your hand and tell us not all at once yeah don't all jump at once it the poll requests all right oh yeah question a lot of the uh Azure products kind of have an easy trial kind of a thing yeah this one's a little bit scary yeah so you go and look at the product and the market place and then and then it gives you this big warning and then you're wondering if like tomorrow you're going to have some giant cost just show up in your tenant so uh I been wanting to try it out but I'm too scared to hit the big button are you talking about co-pilot for security or okay fair enough um it is pay as you go so I might be going all night I I don't know I mean you know the Telemetry data is coming in all this is happening um so what constitutes a billable hour maybe that's more of a question for co-pilot for security so so is it when somebody's actively using it like uh and um getting information from it or is it when it's collecting all its data in the back end that's a great question and then is it easy to turn off I mean really I'm very interested in trying this out but it's kind of a it's scary yeah it's easy to shut a VM down and stop paying for it so the SEC yeah I know know like it it's the idea of like the security compute unit where it is like how much processing is actually required by the prompts I don't know what the co-pilot team has done in terms of like giving you wage to estimate the cost at the beginning like before you start using it but if you come up to me at the end of the session I'll get your email and I can connect you with someone from co-pilot for security that can hopefully try to help and we can publish some information with this uh presentation too there's also lots of folks from the co-pilot for security team up on the fifth floor yeah experts and we can get it resolved ask them all your pricing questions all right anything else before we wrap up folks there's one question onia system vulnerabilities by system remediating system vulnerabilities by remediate by applying system patch is that's also something that's not in the first scope here like remediating different vulnerabilities we do have different sorts of tools within Microsoft where you can do that through InTune or something along those lines but there are so many use cases that we can explore with co-pilot for security so this is really just the beginning of what we're doing and we hope that you guys all stay in tuned to see what else we release great well thank you all for attending we much appreciate you all coming taking time out of your build uh we hope you all go off uh once this is in private preview try it out and have a great rest of your build everyone thank you thanks e e

Original Description

Discover how Microsoft Copilot for Security, revolutionizes risk remediation in cloud environments. In this session, we'll explore Copilot's integration with Defender for Cloud, showcasing its capability to detect, analyze, and resolve security threats efficiently. We'll cover how Copilot enhances cloud security posture, streamlines compliance, and supports proactive risk management through intelligent insights and automated remediations. 𝗦𝗽𝗲𝗮𝗸𝗲𝗿𝘀: * Karen Dahmen * Lara Goldstein * Charles Oxyer 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻: This video is one of many sessions delivered for the Microsoft Build 2024 event. View the full session schedule and learn more about Microsoft Build at https://build.microsoft.com BRK224 | English (US) | Security #MSBuild
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from Microsoft Developer · Microsoft Developer · 0 of 60

← Previous Next →
1 Prepare for the DP-300 exam & the Azure Database Administrator Associate cert | Data Exposed
Prepare for the DP-300 exam & the Azure Database Administrator Associate cert | Data Exposed
Microsoft Developer
2 What I Wish I Knew ... about landing a job in tech
What I Wish I Knew ... about landing a job in tech
Microsoft Developer
3 Igniting Developer Innovation with Vector Search
Igniting Developer Innovation with Vector Search
Microsoft Developer
4 Combining the power of vector search with Azure OpenAI then revolutionize image search with vectors!
Combining the power of vector search with Azure OpenAI then revolutionize image search with vectors!
Microsoft Developer
5 What I Wish I Knew ... about finding your place in tech
What I Wish I Knew ... about finding your place in tech
Microsoft Developer
6 Fluent UI React Insights: Accessible by default
Fluent UI React Insights: Accessible by default
Microsoft Developer
7 Signing Container Images with Notary Project
Signing Container Images with Notary Project
Microsoft Developer
8 What I Wish I Knew ... about finding your place in tech
What I Wish I Knew ... about finding your place in tech
Microsoft Developer
9 What programming languages does GitHub Copilot support?
What programming languages does GitHub Copilot support?
Microsoft Developer
10 What I Wish I Knew ... about how much your job can change
What I Wish I Knew ... about how much your job can change
Microsoft Developer
11 What I Wish I Knew ... about how much your job can change
What I Wish I Knew ... about how much your job can change
Microsoft Developer
12 How do I become more confident about AI?
How do I become more confident about AI?
Microsoft Developer
13 How do I become more confident about AI?
How do I become more confident about AI?
Microsoft Developer
14 Performance Demos of SQL’s Intelligent Query Processing Feedback capabilities | Data Exposed
Performance Demos of SQL’s Intelligent Query Processing Feedback capabilities | Data Exposed
Microsoft Developer
15 What I Wish I Knew ... about coming to Microsoft
What I Wish I Knew ... about coming to Microsoft
Microsoft Developer
16 What I Wish I Knew ... about coming to Microsoft
What I Wish I Knew ... about coming to Microsoft
Microsoft Developer
17 Revolutionizing Image Search with Vectors
Revolutionizing Image Search with Vectors
Microsoft Developer
18 Igniting developer innovation with Vector search and Azure OpenAI
Igniting developer innovation with Vector search and Azure OpenAI
Microsoft Developer
19 Getting Started with Azure AI Studio's Prompt Flow - Part 2
Getting Started with Azure AI Studio's Prompt Flow - Part 2
Microsoft Developer
20 What I Wish I Knew ... about finding my career path
What I Wish I Knew ... about finding my career path
Microsoft Developer
21 What I Wish I Knew ... about finding my career path
What I Wish I Knew ... about finding my career path
Microsoft Developer
22 Windows Terminal's journey to Open Source
Windows Terminal's journey to Open Source
Microsoft Developer
23 Can I trust the code that GitHub Copilot generates?
Can I trust the code that GitHub Copilot generates?
Microsoft Developer
24 What I Wish I Knew ... about interviewing
What I Wish I Knew ... about interviewing
Microsoft Developer
25 What I Wish I Knew ... about interviewing
What I Wish I Knew ... about interviewing
Microsoft Developer
26 What is the Microsoft TechSpark Program?
What is the Microsoft TechSpark Program?
Microsoft Developer
27 SQL Server 2022: Accelerate query performance while reducing query compile time - w/ no code changes
SQL Server 2022: Accelerate query performance while reducing query compile time - w/ no code changes
Microsoft Developer
28 What I Wish I Knew ... about discovering computer science
What I Wish I Knew ... about discovering computer science
Microsoft Developer
29 What I Wish I Knew ... about discovering computer science
What I Wish I Knew ... about discovering computer science
Microsoft Developer
30 Call center transcription and analysis using Azure AI
Call center transcription and analysis using Azure AI
Microsoft Developer
31 How to use Text Analytics for health in Azure AI Language
How to use Text Analytics for health in Azure AI Language
Microsoft Developer
32 Azure OpenAI-powered summarization in Azure AI Language
Azure OpenAI-powered summarization in Azure AI Language
Microsoft Developer
33 Accelerate data labeling using Azure OpenAI and Azure AI Language
Accelerate data labeling using Azure OpenAI and Azure AI Language
Microsoft Developer
34 Building a Private ChatGPT with Azure OpenAI
Building a Private ChatGPT with Azure OpenAI
Microsoft Developer
35 What I Wish I Knew ... about how to interview
What I Wish I Knew ... about how to interview
Microsoft Developer
36 What I Wish I Knew ... about how to interview
What I Wish I Knew ... about how to interview
Microsoft Developer
37 Getting Started with Azure AI Studio's Prompt Flow - Part 3
Getting Started with Azure AI Studio's Prompt Flow - Part 3
Microsoft Developer
38 Intelligent Apps with Azure Kubernetes Service (AKS)
Intelligent Apps with Azure Kubernetes Service (AKS)
Microsoft Developer
39 Getting Started with Azure Blob Storage | Data Exposed: MVP Edition
Getting Started with Azure Blob Storage | Data Exposed: MVP Edition
Microsoft Developer
40 Chat + Your Data + Plugins
Chat + Your Data + Plugins
Microsoft Developer
41 What I Wish I Knew ... about different career paths
What I Wish I Knew ... about different career paths
Microsoft Developer
42 What I Wish I Knew ... about different career paths
What I Wish I Knew ... about different career paths
Microsoft Developer
43 Advanced Dev Tunnels Features | OD122
Advanced Dev Tunnels Features | OD122
Microsoft Developer
44 Learn Live - Manage performance and availability in Azure Cosmos DB for PostgreSQL
Learn Live - Manage performance and availability in Azure Cosmos DB for PostgreSQL
Microsoft Developer
45 Plan your SQL Migration to Azure with confidence | Data Exposed
Plan your SQL Migration to Azure with confidence | Data Exposed
Microsoft Developer
46 What I Wish I Knew ... about social skills in a tech career
What I Wish I Knew ... about social skills in a tech career
Microsoft Developer
47 What I Wish I Knew ... about social skills in a tech career
What I Wish I Knew ... about social skills in a tech career
Microsoft Developer
48 All About Vectors, Search, and Function Calling in Azure OpenAI - Labor Day Special
All About Vectors, Search, and Function Calling in Azure OpenAI - Labor Day Special
Microsoft Developer
49 Introduction to project ORAS
Introduction to project ORAS
Microsoft Developer
50 What I Wish I Knew ... about finding the right major
What I Wish I Knew ... about finding the right major
Microsoft Developer
51 What I Wish I Knew ... about finding the right major
What I Wish I Knew ... about finding the right major
Microsoft Developer
52 What I Wish I Knew ... about how to approach programming
What I Wish I Knew ... about how to approach programming
Microsoft Developer
53 What I Wish I Knew ... about how to approach programming
What I Wish I Knew ... about how to approach programming
Microsoft Developer
54 Learn Live - Scale from a single node to multiple nodes with Azure Cosmos DB for PostgreSQL
Learn Live - Scale from a single node to multiple nodes with Azure Cosmos DB for PostgreSQL
Microsoft Developer
55 What I Wish I Knew ... about diversity in tech #1
What I Wish I Knew ... about diversity in tech #1
Microsoft Developer
56 What I Wish I Knew ... about diversity in tech #1
What I Wish I Knew ... about diversity in tech #1
Microsoft Developer
57 Get started with SQL Server AGs across Windows, Linux and Container Replicas | Data Exposed
Get started with SQL Server AGs across Windows, Linux and Container Replicas | Data Exposed
Microsoft Developer
58 Writing LLM Apps with Azure AI and PromptFlow
Writing LLM Apps with Azure AI and PromptFlow
Microsoft Developer
59 What I Wish I Knew ... about how cool working in tech could be
What I Wish I Knew ... about how cool working in tech could be
Microsoft Developer
60 Open Source foundation models in Azure Machine Learning & optimization techniques behind the scenes
Open Source foundation models in Azure Machine Learning & optimization techniques behind the scenes
Microsoft Developer

Related Reads

📰
Fable 5 Costs 5x More Per Task Than Grok 4.5. Here’s Whether That Actually Matters.
Fable 5 costs 5x more per task than Grok 4.5, but its capabilities may justify the extra cost
Medium · AI
📰
If AI Writes Your Code, Why Learn Python?
Explore the implications of AI-generated code on programming skills and the continued relevance of learning Python
Medium · AI
📰
Stop Hallucinating Terraform: Building a Private Internal Developer Portal with RAG and Gemma 2
Learn to build a secure Internal Developer Portal using Terraform RAG pipeline and Gemma 2 to stop hallucinating AI code
Medium · AI
📰
The Poor Guy* Guide to Fable-level Vibe Coding for $80/month
Learn how to achieve Fable-level vibe coding for a fraction of the cost, using affordable alternatives to expensive subscriptions like Claude.
Medium · Programming
Up next
SEO with Claude Code — The Complete Course
Conor Martin
Watch →