Microsoft Mechanics Podcast
Unify identity and network access controls. Enforce least privilege access across every app and resource. Wire lifecycle workflows directly to your HR system to strip stale permissions on role changes, gate sensitive data behind biometric step-up verification, and replace your VPN with per-app, identity-scoped access that revokes tokens the moment risk spikes. Secure AI usage at every layer. Block confidential data from reaching public AI tools and stop adversarial prompt injections before your agents process them. John Damon, Microsoft Entra Suite Senior Product Manager, shares how to lock...
info_outlineMicrosoft Mechanics Podcast
Qualify a lead, close a case, or walk into a renewal meeting fully briefed, all from the sales and service agents built into Dynamics 365. Ask a question and pull a grounded answer straight from your CRM and your calendar. Hand a prompt to Copilot Cowork and walk away with updated records, a finished presentation, and a drafted email, ready before your next meeting. Auto-fill a case description as you work, and walk into every quality review already scored against your team's framework. Eric Boocock, Dynamics 365 Principal Program Manager, shares how these agents move with you from first...
info_outlineMicrosoft Mechanics Podcast
Control what you're billed on. Tokens are the currency of AI, and how you design your app determines how many you spend. Compress conversation history instead of resending it raw, cap output tokens with matching prompt instructions, and cache static context so each reuse costs a fraction of the first request. Route each prompt to the right model by complexity, or set Model Router in Microsoft Foundry to handle that automatically — balanced, quality, or cost mode. Then optimize the whole stack. Run Agent Optimizer to test your prompt, model, and tool configurations together and surface better...
info_outlineMicrosoft Mechanics Podcast
The speed that AI can now discover and exploit vulnerabilities means that our defenses also need to adjust. For the devices that you manage where you can afford to tighten deployment timelines, we'll explain updated recommendations and show you how to speed up patching. It starts with assessing your risk exposure for unpatched devices using the new Autopatch report in Microsoft Intune, then tightening deferral policies on the devices where it makes sense, using Hotpatch to activate protection on install — without requiring reboots. Windows Autopatch automates your update deployments using...
info_outlineMicrosoft Mechanics Podcast
Apply Zero Trust controls to every AI agent in your environment across identity, tool usage, and data access. Extend Conditional Access in Microsoft Entra to evaluate every agent authorization request in real time against the same risk signals as human users. Assign each agent its own managed identity with Entra Agent ID and scope permissions with Access Packages. Govern your MCP catalog as a software supply chain — unapproved tools don't run, and approved servers lock behind Azure API Management. Log every agent tool call, API access, and data lookup into Microsoft Sentinel for continuous...
info_outlineMicrosoft Mechanics Podcast
Secure containerized apps end-to-end using Microsoft Defender for Cloud. Correlate cross-cloud attacks into a single incident, catch runtime threats that image scanning misses, and block vulnerable images before they reach production. Investigate container hijacking, isolate compromised pods with Security Copilot-guided remediation, and close the loop from SOC to dev by pushing CVE fixes to GitHub and syncing resolution back to Defender. Matt McSpirit, Microsoft Azure expert, shares how to detect, investigate, and remediate container threats in one connected workflow. ► QUICK LINKS: -...
info_outlineMicrosoft Mechanics Podcast
Cut through alert noise and move from detection to root cause using the Azure Copilot Observability Agent. It autonomously investigates incidents, correlates signals across logs, metrics, alerts, application health, and ML anomalies, then surfaces root cause with charts and recommended next steps. Extend coverage to your AI agents in Microsoft Foundry, track Gen AI errors and token consumption with trace-level detail, and write plain-language instructions to tune autonomous behavior to match your team's workflow. Matt McSpirit, Microsoft Azure expert, shares how to take full control of...
info_outlineMicrosoft Mechanics Podcast
Build enterprise-ready AI agents that scale without sacrificing security or control using Microsoft Azure. Establish a shared Governance Hub to centralize model access, MCP catalogs, and policy enforcement, then give every agent a traceable identity, runtime protection, and data governance through Agent 365. Layer in Microsoft Fabric's Ontologies so your agents reason over real business context, not just raw data. Choose your runtime — no-code, hosted container, or custom — and deploy a production-grade environment in minutes using the AI Landing Zone accelerator. Matt McSpirit, Microsoft...
info_outlineMicrosoft Mechanics Podcast
Enforce your existing Microsoft security policies directly in the browser, where your users actually work, using Microsoft Edge for Business. Extend Conditional Access, Purview DLP, and Defender controls into every session, across managed and unmanaged devices. Block sensitive data from reaching unsanctioned AI services, lock contractors into your data boundary on devices you don't manage, and control clipboard and screenshot actions by location. Manage extensions by permission type from the Microsoft 365 admin center and shut down scareware before users respond. Jeremy Chapman, Microsoft 365...
info_outlineMicrosoft Mechanics Podcast
Build production-ready enterprise apps in hours, not months. Describe the app you want using Rayfin's open-source SDK with GitHub Copilot, and generate your full backend in code — schemas, relationships, and access policies included. Deploy to Microsoft Fabric with a single CLI command and immediately inherit enterprise data security, identity controls, and audit compliance already in place across your data estate. Connect your app's live operational data to years of historical records in Fabric from the moment you deploy, no pipelines, no data movement. Query across both datasets using a...
info_outlineMove your AI agents from prototype to production using Microsoft Foundry Agent Service. Deploy directly from your local environment, run with secure identity and scoped permissions, and monitor every interaction so you can debug, improve, and scale without losing control. Publish agents into the tools your team already uses and ensure every action is traceable, governed, and isolated.
Ground your agents in real work and business data to generate outputs that are actually useful. Pull from emails, meetings, and operational systems to create personalized insights, documents, and presentations. Build faster with familiar tools and frameworks, then manage performance, cost, and quality across all your agents as they scale.
Jeff Hollan, Partner Director, AI Agent Services, shares how to operationalize AI agents across your organization—from deployment to real-world impact.
► QUICK LINKS:
00:00 - Build single and multi-agentic workloads
00:44 - Build agents at scale with Foundry
01:33 - Demo: Sales meeting preparation agent
03:32 - How it works
04:48 - Access controls
05:44 - Publish the agent
06:23 - Direct integration with Microsoft 365
07:26 - Work IQ, Foundry IQ, & Fabric IQ
10:24 - Agent creation
11:21 - See what's happening in the code
12:54 - Manage performance
► Link References
Go to the Microsoft Foundry to build your first project at https://ai.azure.com
Check out https://github.com/microsoft-foundry
► Unfamiliar with Microsoft Mechanics?
As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.
• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries
• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog
• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast
► Keep getting this insider knowledge, join us on social:
• Follow us on Twitter: https://twitter.com/MSFTMechanics
• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/
• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/
• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics