🎧📱🗝 George

The era of Copilot execution is here. Introducing Copilot Cowork – a new way to delegate work across Microsoft 365 with checkpoints + approval built in. Check it out: aka.ms/m365cowork

@davidfowl I went back and bought a license a couple years ago. I never used it but I do for many many years unlicensed so figured I would now.

I downloaded an incomplete copy of contra on my modded ps2. mIRC lives rent free in my brain.

@reprise_99 It was heaps easier when you could send your kids to school on them. Life was never the same when that was made illegal.

Little known fact: every Australian household is required by law to take care of two kangaroos each, which accounts for the 40-50 million total kangaroos across the entire country They can be a pain, but it is a core part of our civic duty

Dear developers at work, GitHub Copilot CLI is generally available with /plan, /plugin, /resume, /review, /yolo, /models, multi-model in single request autopilot, custom agents, experimental features, and much more. Love, GitHub🌹 github.blog/changelog/2026…

GitHub Copilot CLI is now GA 🎉 This is agentic development, right in the terminal—planning, building, testing, and reviewing without context switching. A big step forward in how developers work. 🚀 aka.ms/AAzxlnr

@asha_shar @Xbox Good luck we have high expectations! Us FTE love our Gamepass Ultimate each year please don't take it away like Phil tried to 😂

Today I begin my role as CEO of @Xbox. Here are my three commitments: 1/ GREAT games 2/ Return of @Xbox 3/ Future of play blogs.microsoft.com/blog/2026/02/2…

@MicrosoftLearn 🎤 Welcome to Cyber Jeopardy 2026… Clue: “The most underrated IT skill is translating technical risk into business language.” Contestant: “What is… the thing we’ve been telling engineers since 2005?” Correct. Again.

The most underrated IT skill in 2026: Translating technical risk into business language. Agree or disagree?

Pull Requests on @GitHub can now be limited to repo collaborators or disabled entirely. This should help cut down on unwanted noise and give maintainers more control over their experience

The AI Dev Days Hackathon is live until March 15! This is your opportunity to build AI apps and agents, and create alongside a global community. You’ll also have access to learning resources, interactive labs, and the chance to win $80,000+ in prizes. Join the virtual event → msft.it/6013QrPH5

Copilot Studio agent security: Top 10 risks you can detect and prevent microsoft.com/en-us/security…

@reprise_99 Sounds like a great conference talk or workshop! Let me know if you don't want to do it and I will :D

Having responded to probably hundreds of incidents at this point, from ransomware to APT's, in my experience, the lack of knowledge on how to adequately secure Entra applications and service principals continues to be the biggest knowledge gap most defending teams have. You should be able to securely configure apps, detect compromise of apps and understand how to investigate compromise of apps. It seems overwhelming at first, but it isn't. Get started like this Secure them: •Use managed identities where possible - negates the need for credential handling •Limit privilege - reduce both the permissions granted and add additional API specific restrictions (i.e don't grant read/write all to all SharePoint sites, just the ones an application needs to access). This includes pushing back on vendors or internal teams that request privilege not required •High privileged applications should have no direct owners - lower privileged users can be granted direct ownership of an app, don't do this, govern the ability to manage applications via Entra ID roles •Configure credential restrictions such as requiring shorter lived secrets or enforcing use of certificates •Remove unused apps and service principals, this can prevent existing high privileged apps being leveraged and reduces your supply chain compromise footprint for multitenant apps •Monitor risk events for service principals like you would users Detect compromise of them: •Alert on application creation or application credential creation - may be noisy in large environments, but a good starting point •Alert on credentials being added to service principals - credentials generally live on the application object, service principal credential creation should be rare •Alert on permission consent - this can detect not only malicious activity but permission creep •Alert on anomalous resource access - does your app usually access only Azure Storage, and suddenly it accesses Microsoft Graph? - this may indicate a compromised credential •Alert on anomalous ASN or location access - does your app usually access only from a specific ASN or country, and suddenly that changes? - this may indicate a compromised credential Many of these are covered by Defender for Cloud Apps and other tools out of the box, but it is worth ensuring you are covered down and what they actually mean. Investigate compromise of them: Know how to query the following logs and understand the events surfaced •Entra ID sign in data - filter on service principal sign in events via the Entra portal or Kusto in the Defender XDR portal •Entra ID audit logs - filter on events related to the service principal via the Entra portal or Kusto in the Defender XDR portal. Service principals can be used to further establish persistence, such as creation of users or additional service principals, rinse and repeat for any malicious additions to your environment •Microsoft Graph - was the compromised app used to access data via Microsoft Graph? You can query via the Defender XDR portal using Kusto to find these events •Defender for Cloud Apps - did the compromised app access other M365 services? You can query via the Defender XDR portal using Kusto to find these events •Unified Audit Log - you can retrieve the events related to the compromised app via the audit functionality inside the Defender XDR portal

@NathanMcNulty I think you could, 100%

What are the chances I'll never be able to reconnect to this Azure VM ever again after clicking this button?

@NathanMcNulty I feel like I missed something. I know all about app control, what did I miss?

🤷‍♂️

I hereby apologise to CISSPs, or NIST, or I don't even know... 🤷‍♂️

Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security. Email is the most exploited gateway for cyberattacks, amplified by AI. Learn how Microsoft Defender addresses these issues: msft.it/6015te7W9

@vxunderground Fairly standard. Be kind to yourself and keep swimming upstream!

Parents, I need your opinion Ever since my son was born my house has been a disaster. It's not filled with trash, there isn't bugs, or anything like that. But, we have INSANE clutter and disorganization. We have mountains of boxes from Amazon we have to recycle, we go through TONS of trash bags now from dirty diapers and stuff. We are always behind on laundry. On top of all of this, we made the mistake of buying him tons of stuff my baby boy has already outgrown. We have mountains of clothing that already don't fit him. My wife and I have also been moving stuff around a lot. We have a bassinet in my office, his "bedroom" (nursery), which means other furniture is literally just pushed anywhere we can fit it. It's dizzying how much is changing and so fast. Did any of you have this problem? Was your house also a mess? My son is 8 months old and everything is happening so quickly I don't even know what's going on anymore. My sleep has been ATROCIOUS since he's been born which makes doing anything else difficult as well. We're first time parents, we planned for the baby, read the books, took the classes, prepared financially, did everything how you're "supposed" to do it and it's still been a whirling wind of chaos

@reprise_99 It's like they don't even care about you Matt. Time to litigate!

New router came with an Ethernet cable with different coloured ends, somewhat upsetting for some reason, may throw the whole router in the trash

@UK_Daniel_Card CAB?

Interview question: Explain what a change advisory board does, its business benefits and provide examples of poor implantations of this concept. #IT #Cyber

@IAMERICAbooted Are you part of the Customer Connection Program?

I hate some of the limitations of Purview DLP. For example, you cannot create DLP policies based on Anyone Links or Guest sharing. You can only do shared with someone outside the org. That is too broad because there's four different ways link sharing works. Anyone have any suggestions?