loader from loading.io
Microsoft Entra Suite hands-on tour of identity and network access protections show art Microsoft Entra Suite hands-on tour of identity and network access protections

Microsoft Mechanics Podcast

Unify identity and network access controls. Enforce least privilege access across every app and resource. Wire lifecycle workflows directly to your HR system to strip stale permissions on role changes, gate sensitive data behind biometric step-up verification, and replace your VPN with per-app, identity-scoped access that revokes tokens the moment risk spikes. Secure AI usage at every layer. Block confidential data from reaching public AI tools and stop adversarial prompt injections before your agents process them. John Damon, Microsoft Entra Suite Senior Product Manager, shares how to lock...

info_outline
New agentic platform in Dynamics 365 for Sales and Service show art New agentic platform in Dynamics 365 for Sales and Service

Microsoft Mechanics Podcast

Qualify a lead, close a case, or walk into a renewal meeting fully briefed, all from the sales and service agents built into Dynamics 365. Ask a question and pull a grounded answer straight from your CRM and your calendar. Hand a prompt to Copilot Cowork and walk away with updated records, a finished presentation, and a drafted email, ready before your next meeting. Auto-fill a case description as you work, and walk into every quality review already scored against your team's framework. Eric Boocock, Dynamics 365 Principal Program Manager, shares how these agents move with you from first...

info_outline
Tokenomics | The new AI currency & your options explained show art Tokenomics | The new AI currency & your options explained

Microsoft Mechanics Podcast

Control what you're billed on. Tokens are the currency of AI, and how you design your app determines how many you spend. Compress conversation history instead of resending it raw, cap output tokens with matching prompt instructions, and cache static context so each reuse costs a fraction of the first request. Route each prompt to the right model by complexity, or set Model Router in Microsoft Foundry to handle that automatically — balanced, quality, or cost mode. Then optimize the whole stack. Run Agent Optimizer to test your prompt, model, and tool configurations together and surface better...

info_outline
Deploy Windows updates to counter AI-discovered threats show art Deploy Windows updates to counter AI-discovered threats

Microsoft Mechanics Podcast

The speed that AI can now discover and exploit vulnerabilities means that our defenses also need to adjust. For the devices that you manage where you can afford to tighten deployment timelines, we'll explain updated recommendations and show you how to speed up patching. It starts with assessing your risk exposure for unpatched devices using the new Autopatch report in Microsoft Intune, then tightening deferral policies on the devices where it makes sense, using Hotpatch to activate protection on install — without requiring reboots. Windows Autopatch automates your update deployments using...

info_outline
Zero Trust security for AI agents show art Zero Trust security for AI agents

Microsoft Mechanics Podcast

Apply Zero Trust controls to every AI agent in your environment across identity, tool usage, and data access. Extend Conditional Access in Microsoft Entra to evaluate every agent authorization request in real time against the same risk signals as human users. Assign each agent its own managed identity with Entra Agent ID and scope permissions with Access Packages. Govern your MCP catalog as a software supply chain — unapproved tools don't run, and approved servers lock behind Azure API Management. Log every agent tool call, API access, and data lookup into Microsoft Sentinel for continuous...

info_outline
Secure containers from code to runtime | Microsoft Defender show art Secure containers from code to runtime | Microsoft Defender

Microsoft Mechanics Podcast

Secure containerized apps end-to-end using Microsoft Defender for Cloud. Correlate cross-cloud attacks into a single incident, catch runtime threats that image scanning misses, and block vulnerable images before they reach production. Investigate container hijacking, isolate compromised pods with Security Copilot-guided remediation, and close the loop from SOC to dev by pushing CVE fixes to GitHub and syncing resolution back to Defender. Matt McSpirit, Microsoft Azure expert, shares how to detect, investigate, and remediate container threats in one connected workflow. ► QUICK LINKS: -...

info_outline
Find and fix app issues - Azure Copilot Observability Agent show art Find and fix app issues - Azure Copilot Observability Agent

Microsoft Mechanics Podcast

Cut through alert noise and move from detection to root cause using the Azure Copilot Observability Agent. It autonomously investigates incidents, correlates signals across logs, metrics, alerts, application health, and ML anomalies, then surfaces root cause with charts and recommended next steps. Extend coverage to your AI agents in Microsoft Foundry, track Gen AI errors and token consumption with trace-level detail, and write plain-language instructions to tune autonomous behavior to match your team's workflow. Matt McSpirit, Microsoft Azure expert, shares how to take full control of...

info_outline
Build Agent Architecture using AI Landing Zones show art Build Agent Architecture using AI Landing Zones

Microsoft Mechanics Podcast

Build enterprise-ready AI agents that scale without sacrificing security or control using Microsoft Azure. Establish a shared Governance Hub to centralize model access, MCP catalogs, and policy enforcement, then give every agent a traceable identity, runtime protection, and data governance through Agent 365. Layer in Microsoft Fabric's Ontologies so your agents reason over real business context, not just raw data. Choose your runtime — no-code, hosted container, or custom — and deploy a production-grade environment in minutes using the AI Landing Zone accelerator. Matt McSpirit, Microsoft...

info_outline
New Security Controls in Edge for Business show art New Security Controls in Edge for Business

Microsoft Mechanics Podcast

Enforce your existing Microsoft security policies directly in the browser, where your users actually work, using Microsoft Edge for Business. Extend Conditional Access, Purview DLP, and Defender controls into every session, across managed and unmanaged devices. Block sensitive data from reaching unsanctioned AI services, lock contractors into your data boundary on devices you don't manage, and control clipboard and screenshot actions by location. Manage extensions by permission type from the Microsoft 365 admin center and shut down scareware before users respond. Jeremy Chapman, Microsoft 365...

info_outline
Rayfin | Go from prompt to production backend show art Rayfin | Go from prompt to production backend

Microsoft Mechanics Podcast

Build production-ready enterprise apps in hours, not months. Describe the app you want using Rayfin's open-source SDK with GitHub Copilot, and generate your full backend in code — schemas, relationships, and access policies included. Deploy to Microsoft Fabric with a single CLI command and immediately inherit enterprise data security, identity controls, and audit compliance already in place across your data estate. Connect your app's live operational data to years of historical records in Fabric from the moment you deploy, no pipelines, no data movement. Query across both datasets using a...

info_outline
 
More Episodes

Enforce your existing Microsoft security policies directly in the browser, where your users actually work, using Microsoft Edge for Business. Extend Conditional Access, Purview DLP, and Defender controls into every session, across managed and unmanaged devices.

Block sensitive data from reaching unsanctioned AI services, lock contractors into your data boundary on devices you don't manage, and control clipboard and screenshot actions by location. Manage extensions by permission type from the Microsoft 365 admin center and shut down scareware before users respond.

Jeremy Chapman, Microsoft 365 Director, shares how to deploy these controls using the security stack you already have. 

► QUICK LINKS: 

00:00 - Security built into the browser

01:30 - Shadow AI Data Blocking

03:03 - Contractor Work Profiles

04:22 - Configuration

05:16 - Advanced DLP & Clipboard Controls

06:29 - How to set it up

07:07 - Extension Management

09:20 - Protect from threats

10:13 - Wrap up

► Link References

To get started, check out https://aka.ms/EdgeforBusiness

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics