Browse Security Videos (59)

Microsoft Developer shares a 5-minute trailer previewing Livestream 4 of POSETTE 2026, highlighting 11 PostgreSQL talks including partitioning, SQL/PGQ property graphs, performance work, analytics with pg_duckdb on Azure Database for PostgreSQL, replication and logical decoding, security practices, PostgreSQL 18 vacuum improvements, Citus scaling, and LISTEN/NOTIFY pitfalls.

John Savill walks through recent identity and authentication changes for Azure Files, focusing on Microsoft Entra ID–integrated authentication scenarios including managed identity access, cloud-only identity access, and macOS Platform SSO (PSSO) access.

Murat Tuncer walks through how PostgreSQL authentication evolved from early trust-based local setups to modern certificate and token-based approaches, explaining why each method exists, what trade-offs it made, and the common mistakes teams still run into when choosing auth for production deployments.

Adam Wolk explains how fuzzing can uncover edge-case bugs in PostgreSQL, focusing on the libpq client library and the networking protocol surface. He covers why fuzzing works, what makes a good target in Postgres, and practical steps for building harnesses and mutating protocol inputs.

Andrew Ruffin explains how to choose Azure infrastructure for PostgreSQL workloads, focusing on VM family selection, benchmarking results, and cost/performance trade-offs. The talk compares IaaS vs PaaS deployment choices and highlights hardware features and security options that can improve Postgres performance while controlling cloud spend.

Taiob Ali compares PostgreSQL and SQL Server security models, focusing on how each platform handles authentication vs. authorization, roles, and permissions, and what those differences mean for building secure, maintainable database access patterns.

Microsoft Developer shares a 4-minute trailer previewing Livestream 1 of POSETTE 2026, highlighting 11 PostgreSQL-focused talks that include Microsoft’s Postgres roadmap, performance tuning, AI tooling, Azure infrastructure choices, and a comparison of PostgreSQL vs. SQL Server security models.

John Savill rounds up a week of Azure platform changes and retirements, spanning compute/storage updates, database and identity improvements, monitoring changes, and several developer-facing AI items including GitHub Copilot Agent Mode in SSMS and Azure AI Foundry agent licensing and model availability.

John Savill gives a fast-paced rundown of key announcements from Microsoft Build 2026, highlighting notable platform updates across Azure, AI, and identity/security topics such as Entra and passkeys.

John Savill explains how Microsoft Entra ID’s passkey registration campaign works, why passkeys are useful, and how the campaign “nudges” users to register. He also covers the policy prerequisites and the key behaviors that determine when users see registration prompts.

John Savill's Technical Training gives a quick overview of a passkey registration campaign in Microsoft Entra ID, focusing on driving user enrollment for passwordless, phishing-resistant authentication.

Authorised Territory demonstrates how to build a .NET Model Context Protocol (MCP) server over HTTP that scans for unsafe tools on startup, using the Microsoft.AgentGovernance.Extensions.ModelContextProtocol NuGet package, and pairs it with a simple .NET console client that connects to the server.

John Savill runs through a Build-special weekly Azure update, covering a wide set of platform announcements across compute, containers, integration, monitoring, databases, Fabric/Databricks, and Azure AI Foundry—plus security-focused items like confidential computing and Purview agent integrations.

Jeff Hollan and Lee Stott explain how hosted agents in Microsoft Foundry help teams move from local agent prototypes to production-grade AI systems, with a focus on identity, isolation, evaluation, and lifecycle management so developers can deploy secure, scalable agents with clearer operational boundaries.

Amanda Silver and Marco Casalaina explain how to build context-aware AI agents by connecting them to enterprise knowledge, business data, and work signals using Foundry IQ, Fabric IQ, and Work IQ, with an emphasis on orchestration, governance, and operating within trusted boundaries.

Mark Russinovich and Ion Stoica discuss how AI platforms need to evolve for agentic, multimodal, globally distributed workloads, covering infrastructure fundamentals, training and real-time serving architectures, and why open source, security, and governance are becoming core platform requirements.

Mark Russinovich tours recent Azure infrastructure and architecture innovations, covering high-performance networking, serverless building blocks, and security capabilities aimed at running modern AI workloads across cloud, on-premises, and edge environments.

swyx (Shawn Wang) argues that as AI agents start shipping code, “agent supervision” becomes a core senior engineering skill: scoping agent work, setting constraints, designing checkpoints, and reviewing outputs for correctness and security.

Pablo Castro presents a Microsoft Build 2026 deep dive into Foundry IQ, Microsoft’s context engineering platform for building agents that can retrieve enterprise knowledge using agentic RAG. The session covers Foundry IQ’s architecture, connecting new knowledge sources, ingestion pipeline customization, retrieval APIs, and performance/evaluation improvements.

Neta Haiby explains how to take AI agents to production with security, governance, and observability using the Agent 365 SDK and Microsoft Purview SDK, including practical examples for runtime visibility, identity-aware access control, and policy-based lifecycle governance.

Sarah Young introduces MDASH from Microsoft Build 2026 and focuses on how developers can build security into their code from the start, framing secure-by-design practices and developer-centric security workflows.

Microsoft Developer introduces Project Lobster and the early Microsoft Scout desktop experience, focusing on always-on AI agents that can coordinate work, surface risks earlier, and keep tasks moving with less prompting. The video also outlines how Frontier customers can access the experimental release and what enrollment and policy prerequisites are required.

Tina Schuchman and Jeff Hollan walk through the end-to-end lifecycle for building production-grade AI agents using Foundry Agent Service and Microsoft Agent Framework, covering local prototyping through hosted deployment, with identity, secure networking, evaluations, and operational lifecycle management, plus how GitHub Copilot fits into the workflow.

Erika Heidi shares a practical checklist for hardening GitHub Actions workflows against software supply chain attacks, focusing on secrets exposure, token scope, protected branches/tags, dependency risk reduction, and concrete steps like pinning by digest and avoiding long-lived credentials.

Arpitha Dhanapathi explains how to build data security and compliance into AI app and agent development from day one, using Microsoft Purview as a unified policy and governance layer. The session covers common data leakage paths, practical guardrails, and how teams can move from prototype to production without reinventing controls.

James Brotsos shows how to keep developer velocity while improving security by integrating GitHub Advanced Security and Microsoft Defender for Cloud across the workflow—from local CLI scanning and pull requests in VS Code through to cloud risk visibility and attack-path analysis.

Jeremiah Follis explains how the Agent 365 SDK helps enterprises make custom and third-party AI agents visible, governable, and secure at scale, with a focus on identity, observability, compliance, and risk controls for real business workflows.

Jason Fisher explains how Windows is tightening its security foundations and what developers should expect as legacy authentication is reduced, code trust requirements get stricter, and post-quantum cryptography is introduced into the platform.

Kim Manis explains how Microsoft Fabric supports a secure and scalable data estate, covering governance with OneLake Catalog, compliance integration with Microsoft Purview, capacity controls, and developer workflows like Terraform and the Fabric CLI, plus how these foundations enable grounded AI agents with Foundry and OneLake.

Anish Tallapureddy and Mike Budzynski explain how Azure API Management’s AI Gateway can act as a governance layer for AI workloads, covering endpoint exposure, request routing, policy-based guardrails, cost controls, and production telemetry for models, tools, and agents across providers.

Poorvi Narang and Flora Taagen present an Azure-focused session on running Linux workloads using Azure Linux across VMs and AKS, highlighting the Azure Linux 4.0 preview, Azure Container Linux, and what “secure by default” looks like in practice from development through production.

Microsoft Developer demonstrates the Aikido extension for VS Code, showing how to run security scanning directly in the IDE to catch vulnerabilities, prevent secrets from being committed, and block malware before it reaches your machine, with workflows that tie into PRs and developer feedback loops.

Klorida Miraj and Nazmus Sakib explain how Windows can provide OS-level security and governance for AI agent and agent-augmented coding workflows, using examples like sandboxing in GitHub CLI. The session focuses on containment, detection/response, and identity models to move agents from experiments to production safely.

Mario Rodriguez and Evan Boyle demonstrate how AI agents—centered around GitHub Copilot—can work across planning, coding, CI/CD, and production operations to help teams ship AI-assisted code safely. The session focuses on practical workflows, guardrails, and review patterns that keep autonomous changes controlled while still moving fast.

Kirupa Chinnathambi, Stuart Schaefer, and Patrick Nikoletich explain how Windows is evolving to support AI agents that can take real actions (run commands, modify files, move data) while staying within clear safety boundaries, including identity, containment, and ongoing supervision.

Sarah Bird, Sandeep Atluri, and Mehrnoosh Sameki explain how to govern AI agents end to end in production, focusing on safety, reliability, and human oversight across Microsoft Agent Framework and open-source stacks. The session outlines evaluation-driven development, adversarial stress testing, and a cross-framework control approach for enterprise-scale agent deployments.

Roop Kiran Chevuri and Phil Gerity explain how Windows 365 Cloud PCs can be used as a secure, flexible development platform, including developer-ready images, cross-device workflows, and enterprise controls like Intune provisioning and Conditional Access. They also introduce Windows 365 for Agents and show how MCP-based tools can run against agent-owned Cloud PCs.

Andrea Griffiths and Nick Taylor introduce Pomerium on Open Source Friday, covering how the open source identity-aware proxy secures access to internal apps and services with authentication, authorization, and zero trust access patterns.

GitHub walks through new Visual Studio Code capabilities for remote session management, permissions, and secure AI adoption, including bring-your-own-key and bring-your-own-model options. The video also introduces an agents experience aimed at managing multiple sessions across workspaces, clients, and cloud-connected development environments.

Microsoft Developer introduces Wassette, a security-focused MCP server that uses WebAssembly Components to run untrusted agent tools in a sandboxed runtime, aiming to make extending AI agents safer and more reusable.