Use AI to provide better spam protection and detection with exchange online

Let’s break down how AI enhances spam and phishing protection within Microsoft Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MDO), along with configuration examples.

How AI Powers Spam/Phishing Protection in Exchange Online

Instead of just relying on static rules (like blocking specific keywords or known bad IPs), AI (specifically Machine Learning models) introduces several powerful capabilities:

Advanced Pattern Recognition: AI models analyze vast amounts of global email data (billions of messages daily) from Microsoft’s network. They identify subtle and evolving patterns associated with spam, phishing, malware, and impersonation attempts that rule-based systems would miss. This includes:
- Linguistic Analysis: Understanding the nuances of language, tone, urgency cues, grammatical errors common in phishing, and topic shifts often used to bypass simple filters.
- Structural Analysis: Examining message headers, sending infrastructure reputation, URL structures, attachment types, and email formatting anomalies.
- Behavioural Analysis: Learning normal communication patterns for your organization and flagging deviations (e.g., a sudden email from the “CEO” asking for gift cards, which is out of character).
Adaptive Learning: Spammers constantly change tactics. AI models continuously learn and adapt to these new threats in near real-time, significantly reducing the window of vulnerability compared to waiting for manual rule updates. When new spam campaigns emerge, the models retrain based on newly classified samples.
Contextual Understanding: AI helps differentiate between legitimate and malicious use of similar content. For example, an “invoice” email from a known supplier vs. a generic “invoice” from an unknown sender with a suspicious link. AI considers sender reputation, recipient history, link destinations, etc.
Impersonation Detection (MDO): This is heavily AI-driven.
- User Impersonation: Mailbox Intelligence learns the frequent contacts and communication style of protected users (e.g., executives). It flags emails claiming to be from that user but originating externally or exhibiting unusual patterns.
- Domain Impersonation: AI detects attempts to use domains that look very similar to your own (e.g., yourc0mpany.com instead of yourcompany.com) or legitimate external domains (e.g., spoofing a well-known supplier).
Enhanced Heuristics & Reputation: AI refines the calculation of Spam Confidence Levels (SCL) and Bulk Complaint Levels (BCL) by incorporating more complex signals than just IP/domain blocklists. It considers the “neighborhood” of sending IPs, historical sending behavior, and feedback loops (user submissions, junk reports).
Zero-Hour Auto Purge (ZAP): Even if a malicious email initially bypasses filters and lands in an inbox, AI continues analyzing signals. If the message is later identified as spam or phishing (often through updated AI models or user reports), ZAP can automatically pull it from user mailboxes.

Specific Configuration Examples (Using the Microsoft 365 Defender Portal)

Most AI capabilities are inherently part of the features. You don’t toggle “AI On/Off,” but you configure the policies that leverage AI.

Prerequisites:

Access to the Microsoft 365 Defender portal (https://security.microsoft.com).
Appropriate permissions (e.g., Security Administrator, Global Administrator).
Note: Some advanced features (like Impersonation, Safe Links, Safe Attachments) require Microsoft Defender for Office 365 Plan 1 or Plan 2 licenses, beyond the basic EOP included with Exchange Online.

Example 1: Tuning Anti-Spam Inbound Policy (Leverages AI for SCL)

AI determines the SCL score based on numerous factors. You configure the actions based on those AI-determined scores.

Navigate to Email & collaboration > Policies & rules > Threat policies > Anti-spam.
Select the Anti-spam inbound policy (Default) or click Create policy > Inbound for a custom policy.
In the policy settings, locate the Bulk email threshold & spam properties section and click Edit actions.
Spam Confidence Level (SCL) Actions:
- Spam: Action: Move message to Junk Email folder (Recommended Default). SCL levels typically 5, 6.
- High confidence spam: Action: Quarantine message (Recommended). SCL levels typically 7, 8, 9. You could choose Redirect message to email address, Delete message, or Move message to Junk Email folder. Quarantine is generally safest.
- AI Impact: The determination of which message gets an SCL of 5 vs. 7 vs. 9 is heavily AI-driven based on content, sender, structure, etc.
Bulk Complaint Level (BCL) Threshold: Set a threshold (e.g., 6 or 7). Messages exceeding this BCL (often unwanted marketing mail) will take the specified action (e.g., Move message to Junk Email folder). AI helps differentiate bulk from true spam.
Zero-hour auto purge (ZAP): Ensure “Enable for spam messages” and “Enable for phishing messages” are turned On. This allows AI to retroactively remove messages.
Save the changes.

Example 2: Configuring Anti-Phishing Policy (Leverages AI for Impersonation & Spoofing)

Requires MDO licenses for advanced features.

Navigate to Email & collaboration > Policies & rules > Threat policies > Anti-phishing.
Click Create to make a new policy (recommended) or edit the Default policy.
Phishing threshold & protection:
- Enable spoof intelligence: Ensure this is On. AI helps identify and classify spoofing attempts (legitimate vs. malicious). You can review/override its findings later under “Spoof intelligence insight”.
- Impersonation Protection (Key AI Area):
  - Click Edit next to Users to protect. Click Manage sender(s) and add email addresses of key personnel (CEO, CFO, HR Managers, up to 350). AI (Mailbox Intelligence) learns their communication patterns.
  - Click Edit next to Domains to protect. Add your own company domains and consider adding custom domains that are visually similar or frequently targeted. AI flags emails spoofing these domains or using lookalike domains.
  - Enable Mailbox Intelligence: Ensure this is On. This activates the AI learning for the protected users’ contact graphs and communication patterns.
  - Enable intelligence for impersonation protection: Ensure this is On. Uses AI to improve detection based on learned senders/patterns.
- Actions: Configure actions for detected impersonation (User/Domain) and spoofing. Recommended actions often include Quarantine the message or Redirect message to administrator address and displaying safety tips.
Advanced phishing thresholds: Set the level (e.g., 2: Aggressive, 3: More aggressive, 4: Most aggressive). Higher levels use more sensitive AI/ML models but might increase false positives. Start with 1: Standard or 2: Aggressive and monitor.
Assign the policy to specific users, groups, or the entire domain.
Save the policy.

Example 3: Enabling Safe Links & Safe Attachments (Leverages AI for Analysis)

Requires MDO licenses. These features use sandboxing (detonation) and URL reputation checks, heavily augmented by AI analysis.

Safe Attachments:
- Navigate to Email & collaboration > Policies & rules > Threat policies > Safe Attachments.
- Click Create or edit an existing policy.
- Choose an action like Block (blocks email with detected malware) or Dynamic Delivery (delivers email body immediately, attaches placeholder until attachment scan completes – often preferred for user experience).
- Enable Redirect messages with detected attachments and specify an admin mailbox for review if desired.
- Apply the policy to users/groups/domains.
- AI Impact: AI models perform static analysis before detonation and analyze the behavior of the file during detonation in the sandbox to identify novel/zero-day malware.
Safe Links:
- Navigate to Email & collaboration > Policies & rules > Threat policies > Safe Links.
- Click Create or edit an existing policy.
- Ensure On: Safe Links checks a list of known, malicious links when users click links in email is selected under URL & click protection settings.
- Enable Apply Safe Links to email messages.
- Enable Apply real-time URL scanning for suspicious links and links that point to files. (This uses AI and other heuristics).
- Configure Wait for URL scanning to complete before delivering the message (more secure, slight delay) or leave it off (less secure, no delay).
- Choose actions for malicious URLs within Microsoft Teams and Office 365 Apps if applicable.
- Configure Do not rewrite the following URLs for any trusted internal/external sites that break due to rewriting (use sparingly).
- Apply the policy to users/groups/domains.
- AI Impact: AI powers the reputation lookups and real-time scanning analysis of URLs, identifying phishing sites, malware hosts, and command-and-control servers even if they aren’t on a static blocklist yet.

Key Takeaways:

AI is Integrated: You configure features like Anti-Spam, Anti-Phishing, Safe Links/Attachments, and AI works behind the scenes within those features.
MDO is Crucial: The most advanced AI-driven protections (impersonation, advanced phishing detection, Safe Links/Attachments) require Microsoft Defender for Office 365 licenses.
Configuration is Tuning: You adjust thresholds (SCL, BCL), enable specific protections (Impersonation), and define actions (Quarantine, Junk, Delete).
Monitor & Adapt: Regularly review quarantine, user submissions (use the Report Message Add-in!), and threat reports in the Defender portal to fine-tune policies and understand how AI is performing in your environment. Feedback helps the AI models learn.

By leveraging these AI-powered features and configuring them appropriately, you can significantly improve your organization’s defense against increasingly sophisticated spam and phishing attacks in Exchange Online.

Governing AI usage with Microsoft 365 Business Premium

Here’s the best way to leverage M365 Business Premium for AI governance, covering both Microsoft’s AI (like Copilot) and third-party services:

Core Principle: Governance relies on controlling Access, protecting Data, managing Endpoints, and Monitoring activity, layered with clear Policies and user Training.

1. Establish Clear AI Usage Policies & Training (Foundation)

What: Define acceptable use policies for AI. Specify:
- Which AI tools are approved (if any beyond Microsoft’s).
- What types of company data (if any) are permissible to input into any AI tool (especially public/third-party ones). Prohibit inputting sensitive, confidential, or PII data into non-approved or public AI.
- Guidelines for verifying AI output accuracy and avoiding plagiarism.
- Ethical considerations and bias awareness.
- Consequences for policy violations.
How (M365 Support):
- Use SharePoint to host and distribute the official AI policy documents.
- Use Microsoft Teams channels for discussion, Q&A, and announcements regarding AI policies.
- Utilize tools like Microsoft Forms or integrate with Learning Management Systems (LMS) for tracking policy acknowledgment and training completion.

2. Control Access to AI Services

Microsoft AI (Copilot for Microsoft 365):
- What: Control who gets access to Copilot features within M365 apps.
- How:
  - Licensing: Copilot for M365 is an add-on license. Assign licenses only to approved users or groups via the Microsoft 365 Admin Center or Microsoft Entra ID (formerly Azure AD) group-based licensing. This is your primary control gate.
Third-Party AI Services (e.g., ChatGPT, Midjourney, niche AI tools):
- What: Limit or block access to unapproved external AI websites and applications.
- How (M365 BP Tools):
  - Microsoft Defender for Business: Use its Web Content Filtering capabilities. Create policies to block categories (like “Artificial Intelligence” if available) or specific URLs of unapproved AI services accessed via web browsers on managed devices.
  - Microsoft Intune:
    - For company-managed devices (MDM): You can configure browser policies or potentially deploy endpoint protection configurations that restrict access to certain sites.
    - If third-party AI tools have installable applications, use Intune to block their installation on managed devices.
  - Microsoft Entra Conditional Access (Requires Entra ID P1 – included in M365 BP):
    - If a third-party AI service integrates with Entra ID for Single Sign-On (SSO), you can create Conditional Access policies to block or limit access based on user, group, device compliance, location, etc.
    - Limitation: This primarily works for AI services using Entra ID for authentication. It won’t block access to public web AI services that don’t require organizational login.

3. Protect Data Used With or Generated By AI

What: Prevent sensitive company data from being leaked into AI models (especially public ones) and ensure data handled by approved AI (like Copilot) remains secure.
How (M365 BP Tools):
- Microsoft Purview Information Protection (Sensitivity Labels):
  - Classify Data: Implement sensitivity labels (e.g., Public, General, Confidential, Highly Confidential). Train users to apply labels correctly to documents and emails.
  - Apply Protection: Configure labels to apply encryption and access restrictions. Encrypted content generally cannot be processed by external AI tools if pasted. Copilot for M365 respects these labels and permissions.
- Microsoft Purview Data Loss Prevention (DLP):
  - Define Policies: Create DLP policies to detect sensitive information types (credit card numbers, PII, custom sensitive data based on keywords or patterns) within M365 services (Exchange, SharePoint, OneDrive, Teams) and on endpoints.
  - Endpoint DLP (Crucial for Third-Party AI): Configure Endpoint DLP policies to monitor and block actions like copying sensitive content to USB drives, network shares, cloud services, or pasting into web browsers accessing specific non-allowed domains (like public AI websites). You can set policies to block, warn, or just audit.
  - Copilot Context: Copilot for M365 operates within your M365 tenant boundary and respects existing DLP policies and permissions. Data isn’t used to train public models.
- Microsoft Intune App Protection Policies (MAM – for Mobile/BYOD):
  - Control Data Flow: If users access M365 data on personal devices (BYOD), use Intune MAM policies to prevent copy/pasting data from managed apps (like Outlook, OneDrive) into unmanaged apps (like a personal browser accessing a public AI tool).

4. Manage Endpoints

What: Ensure devices accessing company data and potentially AI tools are secure and compliant.
How (M365 BP Tools):
- Microsoft Intune (MDM/MAM): Enroll devices (Windows, macOS, iOS, Android) for management. Enforce security baselines, require endpoint protection (Defender), encryption, and patching. Non-compliant devices can be blocked from accessing corporate resources via Conditional Access.
- Microsoft Defender for Business: Provides endpoint security (Antivirus, Attack Surface Reduction, Endpoint Detection & Response). Helps protect against malware or compromised endpoints that could exfiltrate data used with AI.

5. Monitor and Audit AI-Related Activity

What: Track usage patterns, potential policy violations, and data access related to AI.
How (M365 BP Tools):
- Microsoft Purview Audit Log: Search for activities related to file access, sensitivity label application/changes, and DLP policy matches (including Endpoint DLP events showing attempts to paste sensitive data into blocked sites). While it won’t show what was typed into an external AI, it shows attempts to move sensitive data towards it.
- Microsoft Defender for Business Reports: Review web filtering reports to see attempts to access blocked AI sites.
- Entra ID Sign-in Logs: Monitor logins to any Entra ID-integrated AI applications.
- Copilot Usage Reports (via M365 Admin Center): Track adoption and usage patterns for Microsoft Copilot across different apps.

Summary: The “Best Way” using M365 Business Premium

Foundation: Start with clear Policies and Training. This is non-negotiable.
Control Access: Use Licensing for Copilot. Use Defender Web Filtering and potentially Intune/Conditional Access to restrict access to unapproved third-party AI.
Protect Data: Implement Sensitivity Labels to classify and protect data at rest. Use Endpoint DLP aggressively to block sensitive data from being pasted into browsers/unapproved apps. Use Intune MAM for BYOD data leakage prevention.
Secure Endpoints: Ensure devices are managed and secured via Intune and Defender for Business.
Monitor: Regularly review Purview Audit Logs, DLP Reports, and Defender Reports for policy violations and risky behavior.

Limitations to Consider:

No foolproof blocking: Highly determined users might find ways around web filtering (e.g., personal devices not managed, VPNs not routed through corporate controls).
Limited insight into third-party AI: M365 tools can block access and prevent data input but cannot see what users do inside an allowed third-party AI tool or analyze its output directly.
Requires Configuration: These tools are powerful but require proper setup, configuration, and ongoing management.

By implementing these layers using the tools within Microsoft 365 Business Premium, you can establish robust governance over AI usage, balancing productivity benefits with security and compliance needs.

Likelihood of SMB MSP Survival

The consensus is that AI presents both a significant challenge and a substantial opportunity for SMB MSPs. Survival is not guaranteed for those who stand still, but highly likely for those who adapt and evolve.

The Threat: AI and automation will inevitably take over many routine, repetitive tasks currently performed by MSPs. This includes basic monitoring, patch management, Level 1 support ticket resolution, automated reporting, and even some aspects of threat detection. MSPs whose business models rely heavily only on these basic, commoditized services are at the highest risk of becoming obsolete or facing intense price pressure.
The Opportunity: AI also creates immense opportunities.
- Increased Efficiency: MSPs can leverage AI internally to automate their own processes, freeing up technicians for higher-value tasks, reducing costs, and improving service delivery speed and accuracy.
- Enhanced Service Offerings: AI enables more sophisticated services like predictive analytics for hardware failure, advanced cybersecurity threat hunting (using AI to detect anomalies humans might miss), optimized cloud management, and data-driven business insights for clients.
- New Service Lines: There’s a growing need for businesses, especially SMBs, to understand, implement, and manage AI tools safely and effectively. MSPs are perfectly positioned to become AI consultants and implementation partners for their clients, guiding AI adoption strategies.
- Cybersecurity Imperative: As cyber threats become more sophisticated (partially driven by AI used by attackers), the need for advanced, AI-enhanced cybersecurity services provided by MSPs will increase.

Conclusion on Likelihood: The traditional MSP model focused solely on basic IT support is under threat. However, the role of the MSP is evolving, not disappearing. Those MSPs that embrace AI, automate internally, and shift their focus to higher-value, strategic services have a strong likelihood of survival and even significant growth. Industry reports show optimism among MSPs, viewing AI as a driver for future business opportunities, particularly in AI consulting and cybersecurity.

Best Business Strategies for SMB MSPs to Survive and Thrive

Embrace AI and Automation Internally:
- Adopt AIOps: Use AI for IT Operations to automate routine tasks (ticketing, monitoring, patching, root cause analysis).
- Streamline Processes: Implement AI tools for billing, reporting, customer relationship management (CRM), and even sales proposal generation to boost efficiency and reduce errors.
- Free Up Human Resources: Allow AI to handle repetitive tasks so skilled technicians can focus on complex problem-solving, strategic planning, and client relationships.
Move Up the Value Chain – Become a Strategic Partner:
- Shift from IT Support to Business Advisor: Focus on understanding clients’ business goals and how technology (including AI) can help achieve them.
- Offer Strategic IT Consulting: Provide guidance on digital transformation, cloud strategy, data governance, and AI adoption roadmaps.
- Become the AI Guide: Help SMB clients navigate the complexities of choosing, implementing, securing, and managing AI tools within their own businesses.
Deepen Cybersecurity Expertise:
- Leverage AI for Security: Implement and manage advanced AI-powered security tools (Managed Detection and Response – MDR, Security Information and Event Management – SIEM, anomaly detection).
- Offer Comprehensive Security Services: Expand beyond basic antivirus to include vulnerability assessments, penetration testing, security awareness training, incident response planning, and compliance management (including cyber hygiene assessments for AI readiness).
- Address AI-Specific Risks: Help clients understand and mitigate the security and ethical risks associated with AI implementation (data privacy, bias, new attack vectors).
Specialize:
- Vertical Focus: Develop deep expertise in specific industries (e.g., healthcare, finance, manufacturing) and tailor services to their unique needs and compliance requirements.
- Technology Focus: Become experts in specific high-demand areas like specific cloud platforms, advanced data analytics, or particular AI applications.
Enhance Customer Experience and Relationships:
- Personalization: Use AI insights (e.g., analyzing support tickets, client feedback) to anticipate needs and personalize service delivery, but maintain the crucial human touch.
- Focus on Trust: While AI handles tasks, the human element of trust, strategic advice, and relationship management becomes a key differentiator.
- Client Education: Proactively educate clients on evolving technology landscapes, security threats, and the benefits/risks of AI.
Invest in Training and Talent:
- Upskill Current Staff: Train technicians on new AI tools, cybersecurity practices, data analysis, and consultative skills.
- Strategic Hiring: Consider hiring personnel with data science or AI-specific expertise if needed.
Develop Robust Data Management and Governance Practices:
- For Clients: Offer services to help clients manage their data effectively, which is crucial for successful AI implementation.
- Internally: Ensure high-quality data hygiene within the MSP’s own systems to maximize the effectiveness of internal AI tools and analytics.

By adopting these strategies, SMB MSPs can transition from potentially threatened basic IT providers to indispensable strategic technology partners, well-equipped to navigate and capitalize on the changes brought by AI.

PowerShell script to report EntraID signin update

One the things that I have tasked myself with is to go back through my scripts and using AI (aka Github Copilot) to improve my code.

The latest script to get this treatment is:

https://github.com/directorcia/Office365/blob/master/graph-signins-get.ps1

which now has greater flexibility and speed. I also used Copilot to produce documentation for the script which is here:

https://github.com/directorcia/Office365/wiki/Get-tenant-signins

In my Visual Studio Code editor what I did was simply to open up the script.

I then set Copilot to operate in ‘agent’ mode, as shown above. I also selected an AI model to use. I have the default choices of:

I can also configure others like Gemini if I want. This time I selected Claude 3.7 and then basically told Copilot to ‘improve’ my code. After that I asked it to provide options for using paging to get more results as well as ensuring the output was in local time.

After one update to the time format it produced an error when it ran but I simply told Copilot to fix that error and it did so. The code once again executed.

Thus, the updated script and documentation is now available via the links above and I am amazed at how easy it was to make all these changes to get the result that I wanted without having to type any additional code myself into the script! I suppose he downside is that the code is more complex and I don’t intrinsically understand it as well as if I had written every line, but I have Copilot to help explain any part of the code to me if needed and the time savings getting to a result speak for themselves.

The functionality that AI provided for me via Github Copilot is enormous and should make short work of any PowerShell automation I do in the future. If you are using PowerShell (or any code) then you really need to be looking at the benefits AI will provide you.

Enhancing Your Copilot Studio Agent with Topics and Actions

Video URL = https://www.youtube.com/watch?v=O-nHz5Z3Avk

In this video, we explore how to extend the capabilities of your Copilot Studio agent by integrating external knowledge sources using topics and actions. Here’s a step-by-step guide based on the video content:

1. Creating the Agent:

Start by creating an agent as usual, providing a description and general instructions. Ensure the orchestration option is selected and enabled. 0:12
The initial knowledge source selected is a single site, which allows the agent to answer questions in a basic manner. 0:23

2. Improving Information Retrieval:

To enhance the agent’s responses, especially for current news, create an action using Brave search. 0:54
Set up a free Brave account and obtain the API key for Brave search. 1:08
Configure the action to use Brave search for web news queries. 1:18

3. Creating and Configuring Topics:

Add a new topic that triggers when users ask about news. 2:01
Describe the trigger conditions and steps for the topic. 2:13
Create a search query variable to feed into the Brave search action. 2:31
Ensure the variable captures the prompt and keywords from the user’s query. 3:09

4. Testing and Publishing:

Test the setup by asking the agent for the latest news on a specific topic, such as “Alpine” or “Ferrari”. 3:58
Verify that the topic triggers correctly and retrieves detailed news results via Brave search. 4:19
Publish the updated agent to make the enhancements live. 4:35

By following these steps, you can significantly improve the relevance and detail of the information your Copilot Studio agent provides, leveraging external knowledge sources effectively.

Thank you for watching the video!

Techwerks 27

bw-car-vehicle

CIAOPS Techwerks face to face returns to Melbourne CBD on Thursday the 22nd of May 2025. The venue for the event will be:

Melbourne City College
Level 9, 120 Spencer St
MELBOURNE VIC 3000

The course is limited to 20 people and you can sign up and reserve your place now! You reserve a place by completing this form:

http://bit.ly/ciaopsroi

or by sending me an email (director@ciaops.com) expressing your interest.

The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. This event will largely focus on AI including Copilot, Agents and Agent creation, etc with a special focus on what is relevant for small business.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend is:

Gold Enterprise Patron = $50 ex GST

Gold Patron = $90 ex GST

Silver Patron = $180 ex GST

Bronze Patron = $360 ex GST

Non Patron = $720 ex GST

I hope to see you there.

Need to Know podcast–Episode 343

Celebrate the 50 year anniversary of Microsoft. Like them or not you have to admire what they have been able to achieve and opportunities they have provided my business with their products and services. Unsurprisingly, AI was also part of that celebration with a raft of updates worth noting. Purview is big! If you haven’t yet dived in then maybe it’s time you did. Lots of things to learn in this episode.

Brought to you by www.ciaopspatron.com

you can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-343-ai-will-eat-the-world/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

or Spotify:

https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

Resources

@directorcia

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

MS turn 50

50 Years of Microsoft | Our future is you

Satya Nadella recreates Microsoft’s first product

Microsoft 50th anniversary + Copilot event

Cheers to 50 years

The origin story of Microsoft

Source code – Bill Gates

Your AI Companion

Introducing Copilot Search in Bing

Create pages with Copilot in SharePoint

Security

Strengthen data security posture in the era of AI with Microsoft Purview

Microsoft Purview – Data Security Posture Management (DSPM) for AI

Multi-workspace for Multi-tenant is now in Public Preview in Microsoft’s Unified SecOps Platform

Threat actors leverage tax season to deploy tax-themed phishing campaigns

Why Windows Autopatch is the smart update solution

New innovations in Microsoft Purview for protected, AI-ready data

New innovations in Microsoft Entra to strengthen AI security and identity protection

Building layered protection: New Microsoft Purview data security controls for the browser & network

Windows 365

Maximize productivity and ROI with Windows 365: New innovations now generally available

Vibe coding

Introducing GitHub Copilot agent mode (preview)

CIAOPS Need to Know Microsoft 365 Webinar – April

laptop-eyes-technology-computer_thumb

Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at AI Agents in Microsoft 365.

Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.

You can register for the regular monthly webinar here:

April Webinar Registrations

(If you are having issues with the above link copy and paste – https://bit.ly/n2k2504)

The details are:

CIAOPS Need to Know Webinar – April 2025
Wednesday 23rd of April 2025
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.