Happy Friday, everyone and welcome back!
Issue #35 of our weekly check-in puts me on the cusp of my very first work travel since early 2020. I pulled out my travel bag yesterday and found some old business cards that bore my professional title from two roles ago. I was originally a Premier Field Engineer (PFE) - and that role doesn’t even exist anymore within Microsoft.
I’m headed out to South Beach - Miami, Florida - next week. I’m speaking at a conference known for the Endpoint Manager and Intune crowd. I’ll be on-hand introducing everyone to Azure Sentinel (of course). You can get a glance at my session topics here:
https://cda.ms/30T.
I began my career working with older versions of Endpoint Manager (SMS and SCCM) and the transition to cybersecurity and Azure Sentinel wasn’t that difficult. Hopefully, I can convince those there of the same. The world needs more, good security people.
I tell you what, though – its been almost 2 years since I’ve spoken in-person. I used to do that regularly. I speak virtually almost everyday now. I delivered over 70 Azure Sentinel workshops in 2020, but those were all virtual events. I hope I can still enthrall a crowd. I’m sure it will be fine, but you wishing me luck would be appreciated.
…
For those antsy to participate in something - or just those folks that love to click links and answer questions, we have a couple surveys this week where we’d love to get your feedback on a couple things.
The first one, is for the
Threat Intelligence Workbook for Azure Sentinel that was released this past week. You can find details on this in the
New or Updated Stuff section below. But, once you’ve had a chance to review this new release, jump out to the following link to give us feedback on it:
https://cda.ms/30V
The second survey is for getting help with our roadmap for
Automation and Playbooks in Azure Sentinel. As we develop our plan for the 2022 first semester, we would like to hear user voices around automation and playbooks to help us better prioritize our backlog. Use the following link to participate:
https://cda.ms/30W
…
This newsletter and the
Azure Security Center version have continued to see great success in curating and presenting both Microsoft and community content. So much so, that my group here at Microsoft is in deep discussions to finalize the delivery of a weekly video version - essentially a weekly Microsoft security news show. We’ll have different weekly segments including things like product news, interviews with MVPs and product managers, field reporters, and even roadmap updates.
We need your help, though. As creative as we believe we can be sometimes, we’d love to get your help in naming the security news show.
We have a couple surveys posted up where you can participate. You can vote for one of those we’ve provided or submit something of your own.
Thank in advance for your help!
…
OK…last thing.
2 and a half years ago when I joined Microsoft I had no clue that I would ever do any of the cool things I’ve done so far. Microsoft is an amazing place to work. There’s opportunity around every single corner.
This week, I’m proud to say I was part of my first product launch. In July, myself and a couple colleagues -
Nathan Gau and
Cameron Fuller - began developing a unique solution that would tie an on-premises SCOM environment to Azure Sentinel. The idea was that SCOM could handle collection and filtering of security events on-premises and then once those were ready, only the alerts would be sent to Azure Sentinel, minimizing the amount of data ingested from on-premises to the cloud.
Once Microsoft Ignite is over, we’re planning to go the official route and put this into Private Preview and build it as an Azure Sentinel Solution which should make it easier to access and implement. I’ll be talking more about it along the way, too - so stay tuned.
…
I wish you all a happy and safe week. We’ll talk again next Friday.
-Rod
Tweet
Share