Things from Me
Happy Friday, folks! Welcome to THE PROMPT for Microsoft Security – Issue #53!
This edition is packed with insights and updates to keep you ahead in the ever-evolving security landscape. From AI-powered threat hunting with Microsoft Sentinel and GitHub Copilot to building security observability into your GenAI applications, we’re diving deep into strategies that transform complexity into clarity.
You’ll also find highlights on the GA release of the SAP agentless connector for Sentinel, unified custom detections in Defender XDR, and why data security is non-negotiable in the GenAI era. Plus, get ready for Ignite 2025, where Microsoft Entra will showcase the future of identity and secure access.
Whether you’re a SOC analyst, cloud architect, or AI developer, this issue delivers actionable guidance and thought leadership to help you safeguard what matters most.
…
Can’t get enough security? Want more security goodness?
Don’t forget to subscribe to the witty, funny Saturday edition of the security week wrap-up: Rod’s Saturday Funnies (The Super Saturday Security Show) - Cereal and cartoons. Remote optional. Rod’s Saturday Funnies is where we take the week’s most hair-raising cybersecurity news and give it a cartoonish spin that’ll make you chuckle instead of cry! Grab your popcorn, because the cyber-villains have been up to some wild antics this week, and we’re here to dish the dirt with a side of giggles.
Subscribe here: https://rodtrent.substack.com/s/rods-saturday-funnies
And, if you’re looking for something that’s daily, check out: Daily Security Check-in Quick Hits - Stay ahead of the curve with Security Check-in Quick Hits, your daily dose of the most pressing cybersecurity issues impacting organizations and individuals worldwide. Each edition delivers concise, actionable insights into the latest threats—ransomware surges, zero-day exploits, AI-driven attacks, data breaches, and supply chain vulnerabilities—drawn from real-time trends and expert analysis. Designed for busy professionals, this newsletter cuts through the noise to provide clear, practical strategies for bolstering defenses and building resilience in an ever-evolving digital landscape. Subscribe to stay informed, stay secure, and stay one step ahead of cyber adversaries.
Subscribe here: https://rodtrent.substack.com/s/daily-security-check-in-quick-hits
…
See you next time. Talk soon.
-Rod
Things to Attend
Next week! THE Security Insights Show Episode 279: Security Copilot Updates - November 6, 2025 - 5pm EST - In this electrifying episode, we sit down with James Key, Principal Product Manager for Microsoft Security Copilot, to unpack the groundbreaking advancements shaping the future of AI-driven security. With over nine years of expertise in cloud architecture, technical training, and product innovation, James is at the forefront of empowering security teams worldwide through intelligent, partner-led solutions.
Things that are Related
Building human-centric security skills for AI - Through targeted skilling and a culture of shared responsibility, Frontier Firms are ensuring their people are prepared to meet the security demands of an AI-driven world. This growing need for cross-functional security skilling is a central theme in our new e-book Skilling for Secure AI: How Frontier Firms Lead the Way, and we’ve pulled together three takeaways across all roles that preview how leading organizations are approaching this era.
Things from Partners
Planning for a quantum future: How to secure data today with Commvault in Microsoft Marketplace - Quantum computing, once a distant concept, is rapidly becoming tangible. These machines promise breakthroughs in chemistry, logistics, and science — but they also threaten to break the very cryptographic foundations that protect our digital world. Asymmetric cryptographic algorithms like Rivest–Shamir–Adleman (RSA) and elliptic curve cryptography (ECC), which underpin secure communications and digital signatures, are now vulnerable to quantum attacks.
Microsoft Sentinel Things
Using Microsoft Sentinel MCP Server with GitHub Copilot for AI-Powered Threat Hunting - Discover how to supercharge threat hunting using Microsoft Sentinel’s MCP Server integrated with GitHub Copilot in Visual Studio Code. This guide shows you how to run natural language queries against Sentinel’s security data lake, enabling faster investigations and smarter security workflows. Learn setup steps, see a real-world demo prompt, and explore how AI-assisted tools simplify security operations.
Microsoft Sentinel for SAP Agentless connector GA - Today is the day: Our new agentless connector for Microsoft Sentinel Solution for SAP applications is Generally Available now! Fully onboarded to SAP’s official Business Accelerator Hub and ready for prime time wherever your SAP systems are waiting – on-premises, hyperscalers, RISE, or GROW – to be protected.
Defender for Cloud Things
Part 2: Building Security Observability Into Your Code - Defensive Programming for Azure OpenAI - Are you developing GenAI applications on Azure AI Foundry and worried about security visibility blind spots? In today’s rapidly evolving AI landscape, traditional security monitoring often fails to protect against prompt injection attacks, ephemeral interactions, and compliance gaps unique to generative AI workloads. Abhi Singh and Umesh Nagdev dive deep into security observability strategies for each layer of your AI code—transforming your application from vulnerable to security-aware. Discover actionable patterns for structured security logging, user context tracking, and robust error handling, all illustrated with real-world code examples from chatbot deployments on Azure Kubernetes Service (AKS). Whether you’re an AI developer, security engineer, or cloud architect, you’ll learn how to implement security-first architecture, leverage privacy-preserving prompt hashing, and integrate with Microsoft Sentinel and Defender for Cloud AI Threat Protection. Start building GenAI solutions that provide the visibility and control your SOC needs—right from the first line of code.
The 5 generative AI security threats you need to know e-book - Generative AI is reshaping the way security teams operate—accelerating threat detection, automating workflows, and enabling scale. But as defenders embrace AI to strengthen their posture, cyberattackers are doing the same to evolve faster than traditional defenses can adapt. Microsoft’s 2025 Digital Threats Report revealed that cyberattackers like Russia, China, Iran, and North Korea have more than doubled their use of AI to mount cyberattacks and spread disinformation. AI is now used to translate phishing emails into fluent English, generate deepfake videos of executives, and automate malware that adapts in real time to evade detection.
Defender XDR Things
Custom detections are now the unified experience for creating detections in Microsoft Defender - As we continue to deliver on our vision to simplify security workflows for the SOC, we are making custom detections the unified solution for building and managing rules over Defender XDR and Sentinel data. While analytics rules remain available, we recommend using custom detections for access to new features and enhancements.
Simplifying compliance remediation with Microsoft Intune and Defender on iOS/iPadOS - We’re thrilled to announce a major step forward in simplifying the compliance remediation experience for users and IT admins alike. As part of a collaboration between Microsoft Intune and Microsoft Defender, we’re introducing a new compliance remediation workflow, which uses a Resolve button to make it easier than ever for users to bring their mobile device back into compliance.
GenAI vs Cyber Threats: Why GenAI Powered Unified SecOps Wins - Cybersecurity is evolving faster than ever. Attackers are leveraging automation and AI to scale their operations, so how can defenders keep up? The answer lies in Microsoft Unified Security Operations powered by Generative AI (GenAI). This opens the Cybersecurity Paradox: Attackers only need one successful attempt, but defenders must always be vigilant, otherwise the impact can be huge. Traditional Security Operation Centers (SOCs) are hampered by siloed tools and fragmented data, which slows response and creates vulnerabilities. On average, attackers gain unauthorized access to organizational data in 72 minutes, while traditional defense tools often take on average 258 days to identify and remediate. This is over eight months to detect and resolve breaches, a significant and unsustainable gap. Notably, Microsoft Unified Security Operations, including GenAI-powered capabilities, is also available and supported in Microsoft Government Community Cloud (GCC) and GCC High/DoD environments, ensuring that organizations with the highest compliance and security requirements can benefit from these advanced protections.
Microsoft Purview Things
Safeguarding the Future: Why Data Security is Non-Negotiable in the GenAI Era - In 2025, Generative AI (GenAI) isn’t just a buzzword—it’s the engine powering everything from personalized customer experiences to automated code generation. According to industry insights, GenAI adoption has surged, with organizations processing unprecedented volumes of data to train models and generate outputs. But this innovation comes with a stark reality: the very tools accelerating business growth are also amplifying data security risks. A single breach could expose sensitive customer information, intellectual property, or proprietary algorithms, leading to financial losses, regulatory fines, and eroded trust. As we navigate this AI-driven landscape, robust data security isn’t optional—it’s the foundation of sustainable innovation.
Secure external attachments with Purview encryption - Sharing sensitive documents externally is a common business need, but when encryption and sensitivity labels are involved, things can get complicated.
Microsoft Purview: Enforcing Data Security for Generative AI Workloads - Generative AI adoption introduces new security and compliance challenges for IT teams. AI models require access to large datasets, often containing sensitive or regulated information. Without robust governance, organizations risk data exfiltration, policy violations, and regulatory exposure. Microsoft Purview provides the data security and compliance foundation for responsible AI integration.
Microsoft Purview: The Security Protector for Generative AI Data Usage - Generative AI is transforming how organizations innovate, automate, and deliver insights. But with this power comes a critical responsibility: ensuring data security and compliance. As AI models consume vast amounts of data, the risk of exposing sensitive information grows exponentially. This is where Microsoft Purview steps in as the ultimate security protector.
Microsoft Entra Things
Microsoft Entra at Ignite 2025: November 17-21 - At Ignite 2025, Microsoft Entra is redefining what’s possible for identity and access in a world driven by AI. Our sessions will explore how identity and network access is evolving beyond traditional boundaries, becoming smarter, and more adaptive to digital transformation. You’ll gain a glimpse into the future of secure access, where innovation meets simplicity and trust becomes the foundation for everything. If you’re ready to see how identity and network access can unlock new opportunities for your organization, this is where the journey begins.