Browse Security Videos (27)

Sandra Ahlgrimm explains how to customize GitHub Copilot’s modernization task lists so teams can modernize legacy Java apps safely: set constraints, split risky upgrades into smaller reviewable steps, validate the current state first, and ensure Copilot surfaces CVEs without making silent changes.

Ayan Gupta introduces a hands-on video series on modernizing legacy Java applications using GitHub Copilot, outlining a four-phase loop (Assess, Upgrade, Migrate, Test & Deploy) and how AI-assisted workflows can reduce manual effort across dependencies, security fixes, and deployment steps.

John Savill runs through the 1st May 2026 Azure update, covering new and preview features across AKS networking and troubleshooting, Azure Front Door WAF protections, Elastic SAN improvements, PostgreSQL read replica scaling, and major AI platform changes like Microsoft Agent Framework GA and Prompt flow retirement.

John Savill's Technical Training gives a practical overview of post-quantum cryptography (PQC), why quantum computing changes the risk profile for today’s encryption, and what to start doing now—especially around inventorying crypto usage and planning for “harvest now, decrypt later” threats.

GitHub shares Jeff Luszcz’s overview of what open source maintainers should know about licensing and SBOMs, and how these practices affect software supply chain security and user expectations heading into 2026.

dotnet hosts an ASP.NET Community Standup where Jean‑Marc Prieur and Kyle Marsh show how AI can simplify Microsoft Entra ID authentication in ASP.NET Core and .NET Aspire apps, including setting up app auth, calling protected APIs, and assigning identities to AI agents with Entra Agent ID.

GitHub explains why Anthropic is not releasing its Claude Mythos Preview model publicly: it can uncover decades-old vulnerabilities in major open-source projects, and withholding it is meant to reduce the risk of attackers exploiting newly discovered flaws.

GitHub’s video episode of The Download recaps developer news including a supply chain incident, an MCP security roadmap, and updates to GitHub Copilot—highlighting the Copilot SDK public preview and Copilot CLI support for BYOK and local models.

John Savill's Technical Training walks through how SFTP on Azure Storage can use Microsoft Entra ID for authentication, including a demo and practical notes on token lifetime and data-plane authorization (RBAC/ABAC).

John Savill's Technical Training shares a short overview pointing to a full video on integrating Microsoft Entra ID identities for authentication and authorization when accessing Azure Storage via SFTP.

GitHub shows how Dependabot can automatically detect vulnerable dependencies and open pull requests with fixed versions, so you can review, run tests, and merge the remediation with minimal manual work.

GitHub explains how secret scanning helps catch accidentally committed API keys and tokens by alerting you with the exact file and line number, so you can revoke exposed credentials before they’re exploited.

GitHub walks through the basics of GitHub security for beginners, introducing GitHub Advanced Security features like secret scanning, Dependabot, code scanning, and how Copilot Autofix can help remediate vulnerabilities.

John Savill (John Savill's Technical Training) runs through a weekly set of Azure platform updates covering AKS networking and upgrades, Azure SQL and PostgreSQL changes, Fabric mirroring features, Azure AI Foundry processing updates, and Entra ID governance and MFA additions.

John Savill's Technical Training gives a quick walkthrough of Microsoft Entra Backup and Restore, explaining how snapshots and recovery complement existing protections like soft delete and protected actions.

John Savill's Technical Training runs through a weekly roundup of Microsoft updates, covering Azure service retirements, AKS and VM SKU changes, Entra ID and backup updates, Azure SQL and VS Code tooling news, plus Azure AI Foundry and Databricks/Fabric improvements.

Nick Chapsas discusses a high-severity AutoMapper vulnerability that can crash a .NET server via uncontrolled recursion, and examines how serious the real-world impact is and what developers should pay attention to.

Microsoft Developer introduces computer use agents, outlining what they are, how they function, their types, and related security risks. This video provides foundational knowledge for those interested in AI agents and security.

GitHub's Xavier René-Corail shares his analysis of Octoverse 2025's security insights, focusing on AI's role in shifting security left, faster remediation with Dependabot, and why code review remains essential.

John Savill's Technical Training shares the top Azure updates for late February 2026, covering new AI features, security changes, cloud infrastructure news, developer tools, and integration highlights.

In this video, Microsoft Developer explains how to use Microsoft Entra ID Access Packages for automated, scalable access governance, emphasizing risk reduction and Zero Trust security.

Microsoft Developer presents a comprehensive demo on securing AI agents built with Azure AI Foundry, demonstrating practical zero trust strategies and Azure-native security controls.

Microsoft Developer discusses how organizations can secure AI adoption using Data Security Posture Management (DSPM) for AI, focusing on protection and compliance in enterprise environments.

Microsoft Developer demonstrates how Microsoft Security Copilot leverages AI to help security teams triage and remediate real-world incidents, improving the speed and effectiveness of SecOps workflows.

John Savill provides an in-depth overview of Agent 365 and Agent ID, demonstrating how Microsoft Entra, Purview, and Defender facilitate secure, productive agent-based environments in the Azure cloud.

GitHub presents an in-depth discussion with Kevin Crosby about the Secure Open Source Fund and its efforts to advance supply chain security, covering funding, AI-driven security tools, and how maintainers and partners can get involved.

In this comprehensive guide, John Savill explains how Microsoft Azure and Azure Local address sovereignty and compliance rules, highlighting technical and legal requirements for secure cloud adoption.