Cloudy with a Chance of Insights – A Microsoft Cloud Podcast for Architects and Engineers

Episode 31 of Cloudy with a Chance of Insights, the fortnightly Microsoft Cloud podcast with Richard Hogan, Cyrus Irandoust, and David Rowley. This week: a cluster of end-of-support deadlines that deserve more attention than they're getting, IBM and Microsoft private preview work on Sentinel Lake and custom security graphs that Richard can finally talk about, why Power Platform's own governance team admitted the model is broken, and an honest first-week account of Claude Code from someone who burnt through the daily token limit in 90 minutes.

Extended support for Windows Server 2016 ends January 12, 2027, and the Microsoft article announcing Extended Security Updates references Azure Arc as the delivery mechanism — which David flagged as either an intentional positioning move or a drafting oversight worth questioning. Also in the frame: SQL Server 2016 ESU ending July 2026, Server 2012 extended security updates ending October 2026, and SQL Server 2014 following in July 2027. These workloads are stable, quiet, and being systematically deprioritised in favour of AI projects. That combination rarely ends well.

Since October last year, IBM has been working with Microsoft on the private preview for Sentinel Lake and custom graph builds — ingesting asset data from Tenable, Qualys, and ServiceNow to surface connections that standard KQL queries would never surface. Richard covers the architecture, the friction points (VS Code as the only real interface, GQL instead of KQL, scheduled jobs, cost implications for data freshness), and what the Graph Explorer in Defender is going to change when it arrives. Custom graphs moved to public preview on April 1st.

A blog post from Ryan Jones on the Power Apps team published April 1st effectively acknowledged that traditional governance models break down when something can be built and deployed in a day. Pair that with figures suggesting nearly 30% of enterprise employees are already using unsanctioned AI agents, and Agent 365 heading toward GA in May, and the gap becomes difficult to ignore.

Cyrus covers proactive user containment reaching general availability as part of Defender XDR's predictive shielding feature — containment at the endpoint layer, not a simple Entra disable — and the shift from MDM to declarative device management for Apple devices in Intune, a change driven by Apple but with real implications for anyone managing iOS, iPadOS, or macOS at scale.

Richard's unfiltered first-week take on Claude Code: token consumption, peak and off-peak limits, VS Code integration differences, and why coming from a GitHub Copilot world will catch you off guard faster than you expect.

As AI tools make it increasingly easy to build something “good enough”, this episode asks an uncomfortable question: where does real differentiation actually sit now?

We use recent Microsoft Cloud updates as a starting point, including certification changes, early moves to treat AI agents as identities within Zero Trust, and a series of security and governance shifts across Purview, Defender, Entra, and Intune. Those threads lead into a deeper discussion about identity as the real perimeter, post breach tooling built on Microsoft Graph, and why AI assisted development is starting to flatten outcomes rather than improve them.

The conversation then turns toward vibe coding and the future of applications. If building tools is this easy, what does an app even mean anymore, and how do organisations avoid repeating old governance mistakes, just at AI speed?

In this episode of *Cloudy with a Chance of Insights*, Richard, Cyrus, and David return from a brief hiatus to deliver all the latest around the Microsoft Cloud ecosystem. The team dives into the evolving world of Microsoft 365, including speculation about the highly anticipated E7 license. They break down what this next-level license could mean for organizations, discuss the potential pricing, and debate whether the new bundled approach makes sense for enterprises navigating an increasingly fragmented Microsoft licensing landscape.

Cyrus and Richard also unpack the newest updates across Intune and Purview, giving listeners an inside look at recent announcements and how these tools are adapting to modern security and compliance demands. The conversation expands to cover the latest in AI, with a spotlight on Microsoft’s strategy of leveraging external frontier models like Claude, Gemini, and Grok, plus hands-on impressions of GitHub Copilot’s recent improvements.

In this episode of Cloud OverChance Insights, Richard Hogan, David Rowley, and Cyrus Irandoust discuss the latest developments in Microsoft Cloud, focusing on the acquisition of Osmos, the implications of AI in data engineering, and the evolving landscape of work and skills in the tech industry.

They explore the importance of design responsibility, the integration of AI across Microsoft products, and the critical role of data security through Microsoft Purview. The conversation emphasizes the need for patience and understanding when working with AI technologies, as well as the necessity for compliance in AI governance.

In this episode, the team dives into the latest cloud industry keynotes, comparing Microsoft’s agent-focused messaging with AWS’s infrastructure-first approach. David unpacks the real progress in AI, from research pipelines to agentic frameworks, while Richard shares his ongoing adventures (and occasional frustrations) with GitHub Copilot—think less chaos, more candid lessons learned.

Cyrus rounds things out with a practical look at Intune Suite’s new features, what’s now included in E3 and E5, and why these updates matter for security and device management. Expect grounded commentary, a dash of British sarcasm, and plenty of real-world takeaways for anyone working in the Microsoft ecosystem.

This week on Cloudy with a Chance of Insights, Richard, David, and Cyrus dive into the biggest announcements from Microsoft Ignite—without the marketing fluff. From Security Copilot landing in every E5 license, to the merging of Defender portals, and the rise of agentic solutions, we break down what’s actually new, what’s just rebranding, and what’s still in preview.

This week’s “Cloudy with a Chance of Insights” dives into the latest from the Microsoft Cloud ecosystem, with Richard, David, and Cyrus tackling everything from AI datacenter architecture to Zero Trust compliance, new certifications, and some eyebrow-raising security stories. Expect candid commentary, a dash of British sarcasm, and practical insights for IT leaders and practitioners.

Welcome to another episode of "Cloudy with a Chance of Insights," where the only thing more unpredictable than the British weather is the state of the Microsoft Cloud.

This week, Richard, David, and Cyrus gather to dissect a week that saw Azure Front Door trip over its own welcome mat, the existential crisis of the humble architecture diagram, and a healthy dose of security theatre—complete with all the drama and none of the popcorn.

Welcome back to Cloudy with a Chance of Insights, the bi-weekly podcast where three Microsoft Cloud architects (Richard, David, and Cyrus) attempt to make sense of the ever-expanding universe of Azure, M365, D365, and all things cloud—usually with minimal preparation and maximum digression.

This week, Richard kicks things off with a personal update, before launching into a philosophical ramble about why he’s doing a podcast at all—spoiler: it’s not for the likes, but if you fancy pressing that button, it does help others find us though :-)

David then dives into Microsoft’s TypeChat (think: making AI output less of a fever dream and more of a structured answer), DeepSpeed (the unsung hero keeping Copilot’s LLMs from collapsing under their own weight), and Mark It Down (finally, a tool to turn your document chaos into Markdown sanity).

Cyrus brings his usual blend of technical depth and existential musings, covering, the big shift: Microsoft Entra as the new source of authority for identity, Passwordless guidance, Intune’s new security baselines, Purview Insider Risk’s new network-based detection for cloud apps and GenAI

Along the way, we reminisce about Commodore 64s, DOS pranks, and the joys of wiring up PC speakers (or not), the state of search engines, the rise of GenAI, and why none of us are likely to become TikTok influencers anytime soon.

This week on Cloudy with a Chance of Insights, Richard, David, and Cyrus unpack a wide range of Microsoft Cloud updates and real-world challenges. Dive into the new Microsoft Agent Framework, Arc Gateway’s general availability, and the latest AI research breakthroughs. We explore Sentinel Graph, Meister’s Azure Web App release, and fresh developments in certifications and applied skills.

Security takes centre stage with a deep dive into the “one token to rule them all” vulnerability, plus practical tips for managing cross-tenant integrations. The team also discusses spec-driven development, GitHub Copilot, and the quirks of generative AI coding.

Whether you’re an architect, developer, security pro, or just cloud-curious, this episode covers the latest news, practical insights, and a few honest opinions from the front lines of Microsoft’s ecosystem.

Topics this week, include:

• Microsoft Agent Framework and Arc Gateway
• AI model training and 3D ML rendering
• Sentinel Graph, Meister, and UEBA updates
• VMware licensing changes in Azure
• Inclusive packaging design
• Spec-driven development and Copilot
• Certifications, accreditations, and applied skills
• Security incident: “one token to rule them all”

Cloudy with a Chance of Insights returns with Richard and Cyrus (minus David this week) for a fast-paced, insightful discussion on the latest in Microsoft Cloud, security, and AI.

Richard kicks things off with a deep dive into Microsoft’s $30 billion investment in UK cloud infrastructure, exploring what it means for data sovereignty, jobs, and the future of AI in the region. Cyrus then shares how a Microsoft Sysinternals tool for Mac helped uncover a critical MacOS vulnerability, before breaking down the latest Microsoft Entra app management policies and why security pros sometimes cheer for feature removals.

The episode also covers the latest Patch Tuesday highlights, with practical advice for managing vulnerabilities and configuration at scale. Wrapping up, Richard and Cyrus reflect on how AI is reshaping IT careers, the risks of over-automation, and why critical thinking is more important than ever in cybersecurity.

Don’t forget to like, subscribe, and hit the notification bell to stay up to date with all things Microsoft Cloud

Join Richard, David, and Cyrus for a lively, practical discussion on the latest from the Microsoft Cloud universe. This episode covers Zero Trust in action, Intune and security updates, Logic Apps on Rancher K3s, Azure Service Groups, Excel’s Fabric One Lake integration, the US government’s “OneGov” mega-deal with Microsoft, new Defender for Cloud features in GovCloud, and developer-focused updates in VS Code and Azure DevOps.

Highlights:

• Zero Trust: Microsoft’s updated assessment tools and workshops, now with six pillars for holistic security.
• Intune & Security: Targeted app control, autopilot patching, real-time Apple device management, and multi-admin approval.
• Logic Apps & Service Groups: Deploy Logic Apps on lightweight Kubernetes, and visualize resources with Azure Service Groups.
• Excel + Fabric: Pull governed enterprise data into Excel with Fabric One Lake integration.
• US Government x Microsoft: The OneGov agreement—sovereign cloud, compliance, and major discounts.
• Defender for Cloud: New features for GovCloud, boosting security for public sector workloads.
• Developer Experience: VS Code Schema Designer and Azure DevOps Test Run Hub for streamlined workflows.
• Trends & Tangents: IT/HR convergence, server naming schemes, and more real-world insights.

Subscribe & follow for more insights:
#MicrosoftCloud #Azure #ZeroTrust #CloudSecurity #Podcast #CloudyWithAChanceOfInsights

In this episode, the team explores Microsoft’s evolving cloud strategy through the lens of security, AI, and architectural shifts.

Key Topics:

• Azure Network Security Perimeter: A modular approach to securing individual resources rather than entire networks.
• Linux OS Guard: Microsoft’s push to make Linux a first-class citizen in Azure, with secure boot and VTPM-backed trust.
• Satya Nadella’s Mission Reframing: A cultural and strategic pivot toward AI and security as Microsoft’s core priorities.
• Microsoft Graph Terraform Provider: Cyrus explains the significance of zero-day support and full lifecycle management across Microsoft 365 and Entra.
• Terraform VS Code Extension: A refreshed tooling experience for infrastructure-as-code practitioners.
• Secure Futures Initiative (SFI): Richard outlines new consumer-facing patterns and practices for security-by-default architecture.
• Copilot UI Frustrations & Stop Button: A practical discussion on usability and token management.
• Critical Thinking in AI: The team reflects on the importance of user discernment in an AI-driven world.

In this episode of Cloudy with a Chance of Insights, Richard, David, and Cyrus explore the cutting edge of Microsoft Cloud innovation.The conversation begins with a deep dive into Microsoft Research’s new framework for classifying human-AI interactions—an essential step toward building smarter, more responsive applications.

David then introduces the public preview of Windows Backup for Organizations, a cloud-backed solution that ties user profiles and settings to identity, offering a new layer of resilience for enterprise environments.

Richard shares insights on Sentinel Data Lake, a powerful new tool for aggregating and analyzing security data across your environment. With support for KQL and Jupyter notebooks, and a tiered storage model, it’s designed for scale and flexibility.

Cyrus delivers a compelling breakdown of a recent SharePoint exploit uncovered at Pwn2Own Berlin, highlighting the importance of zero trust architecture and proactive security measures. His recommendations—pre-authentication, WAFs, and Sentinel-based hunting—are essential for any organization still running on-prem environments.

The episode wraps with a look at how AI development tools are empowering non-developers to build sophisticated solutions. David shares his experience using Claude Sonnet 4 in Visual Studio Code to automate integration analysis and reporting—proving that with the right tools, anyone can build something impactful.

Key Themes:

• AI interaction telemetry and proactive interfaces
• Windows Backup and user-centric design
• Sentinel Data Lake and scalable security analytics
• SharePoint vulnerabilities and zero trust architecture
• AI tools for non-developers and solution reuse

Blog:

In this episode of 'Cloudy with a Chance of Insights', Richard Hogan discusses his transition to a new role within IBM, the upcoming changes in Microsoft's XDR and Sentinel solutions, and new features in Microsoft Purview.

He shares his experiences with Copilot and productivity tools, explores the implications of natural language processing in SQL Server, and discusses the introduction of Exchange Server subscription edition.

The episode concludes with reflections on changing career paths in the tech industry due to the rise of AI.

KEYWORDS

#MicrosoftCloud, #Copilot, #SQLServer, #ExchangeServer, #Purview, #XDR, #Sentinel, #AI, #ProductivityTools, CareerPaths 

Blog

In this week’s episode of Cloudy with a Chance of Insights, David, Cyrus and Richard discuss the latest developments in Microsoft Cloud.

They explore personal learning journeys, particularly in AIcertifications, and delve into cybersecurity topics, including passwordless authentication and the introduction of Microsoft Entra. The discussion also covers the significance of passkeys, the integration of security in development processes, and the potential of Natural Language Web in AI applications. In this conversation, the speakers delve into various technological advancements, particularly focusing on Cosmos DB's global secondary indexes, the role of AI in research and development, and the future of AI factories.

They also debate the implications of identity management for agents, the challenges of licensing and cost models in AI, and reflect on the evolution of computing history. The conversation concludes with insights into the current opportunities in research and security vulnerabilities.

Blog

https://themicrosoftcloudblog.com

YouTube

https://www.youtube.com/@CloudyWithaChanceofInsights

Socials

X.Twitter: https://x.com/richardihogan

Bluesky: https://bsky.app/profile/richardihogan.bsky.social

LinkedIn: https://www.linkedin.com/in/richardhogan/

Audio Versions

Spotify: https://spoti.fi/3D5jBLs

Apple: https://apple.co/49kBxxL

CHAPTERS

00:00 Introduction and Technical Setup

03:00 Overview of the LinkedIn Live Session

06:02 Personal Learning Journey and AI Certifications

12:03 Passwordless Authentication and Microsoft Entra

14:58 The Future of Passkeys and Security

21:05 Natural Language Web and AI Integration

27:05 Understanding Global Secondary Indexes in Cosmos DB

29:29 Microsoft Discovery: AI in Research and Development

32:46 The Future of AI Factories and Generative Computing

37:00 The Role of Agents and Identity Management

42:32 Reflections on Computing History and Memory Management

LINKS

John Savil: NLWeb

In this episode of 'Cloudy with a Chance of Insights', thehosts discuss various topics including the recent tech layoffs affectingMicrosoft and other companies, the importance of community support during thesetimes, and valuable resources for Azure solution design.

They also explore new features in Windows Server 2025 andthe implications of Sovereign Cloud in Europe. In this conversation, RichardHogan and Cyrus Irandoust discuss the recent updates in backup solutions forMicrosoft 365, particularly focusing on SharePoint, Exchange, and OneDrive.They explore the implications of these updates for data recovery andsovereignty, emphasising the importance of local data control and thechallenges posed by regulations like the US Cloud Act. The discussiontransitions into the concept of sovereign cloud, detailing its significance inensuring data residency and compliance with local laws.

The conversation concludes with reflections on the future ofdata sovereignty and the evolving landscape of cloud solutions.

#MicrosoftCloud, #techlayoffs, #Azure, #WindowsServer,#SovereignCloud, #architecturedesign, #technologynews, #M365,#backupsolutions,  #datasovereignty,#Microsoft, #SharePoint, #Exchange, #OneDrive, #cloudsolutions,#datarecoverysoftware

Blog

In this week’s episode of 'Cloudy with a Chance ofInsights', the hosts discuss various recent developments in the Microsoft Cloud, including the new Copilot Studio features. The conversation also touches on security vulnerabilities and the implications of the CVE program. The hosts share insights on navigating technology changes and the importance of data privacy.

They explore the significance of Student Security OperationsCentres (SOCS) in bridging the skills gap in cybersecurity education. The discussion also delves into the rise of agentic AI in cybersecurity, highlighting its potential to enhance security measures and the implications of AI in the context of popular culture, particularly referencing the Matrix.

CHAPTERS

00:00 Introduction to Cloudy with a Chance of Insights

07:20 Navigating Microsoft Support Challenges

13:04 Exploring Copilot Studio's New Features

17:29 CVE Program and Government Funding Drama

22:23 The Importance of Student Security Operations Centres

26:57 Bridging the Skills Gap in Cybersecurity Education

30:53 The Rise of Agentic AI in Cybersecurity

38:53 Reflections on AI and the Matrix

LINKS

Microsoft Customer Digital Experiences

In this episode of 'Cloudy with a Chance of Insights', thehosts discuss various topics related to Microsoft Cloud technologies, including the innovative Microsoft Hands-Free Sound Jam, which allows users to control music through brainwave technology. They also delve into recent cybersecurity incidents, such as the potential Royal Mail dat breach, and the implications of new legislation on cybersecurity resilience.

The conversation shifts to the relationship between cyberresiliency and traditional disaster recovery, highlighting the need for a more integrated approach.

The discussion moves to insider risk management, emphasising the importance of understanding internal threats and the tools available for monitoring and managing these risks. In this conversation, the speakers discuss recent Microsoft security announcements, focusing on data loss prevention, classification challenges, and the impact of AI tools on cybersecurity.

Finally, they explore innovations in AI, including a project toisolate copyrighted material in large language models, and the importance of critical thinking when using AI-generated content.

CHAPTERS

00:00 Introduction to Cloudy with a Chance of Insights

01:23 Exploring Microsoft Hands-Free Sound Jam

06:20 Cybersecurity Updates: Royal Mail Breach and NewLegislation

10:19 Cyber Resiliency vs. Traditional Disaster Recovery

18:35 Diving into Insider Risk Management

29:22 Introduction to Microsoft Security Announcements

32:41 Data Loss Prevention and Classification Challenges

36:55 Innovations in AI and Cyber Resilience

39:31 The Role of AI in Content Generation and Analysis

43:06 Sentiment Analysis and Employee Well-being

LINKS

Microsoft Hands-Free Sound Jam

This week the hosts discuss various topics related toMicrosoft Cloud, including the significance of JML processes for account security, the challenges of managing permissions and access control, the launch of serverless GPUs, strategies for infrastructure landing zones, and the increasing cybersecurity threats faced by small and medium businesses (SMBs).

The conversation emphasises the necessity for organisationsto be proactive in their security measures and to remain informed about the latest technological developments.

This discussion explores the critical issues surroundingcybersecurity for small businesses, underscoring the vulnerabilities they encounter and the significance of tailored security solutions. Cyrus addresses the alarming statistics regarding consumer attacks, the role of Microsoft in delivering security solutions for SMBs, and the broaderimplications of cybercrime on small enterprises.

The discussion also touches upon user experience incybersecurity measures and innovative methods to raise awareness about security threats.

SHOW NOTES 

Announcing GA for Azure Container Apps Serverless GPU

In this episode of 'Cloudy with a Chance of Insights', thehosts discuss various topics related to Microsoft Cloud, AI tools, cybersecurity, and recent technological developments.

They share insights from the Microsoft AI Tour, the benefitsof accessibly from Generative AI, and experiences from an IBM Cyber Range exercise.

The conversation also delves into the implications ofgovernment requests for encrypted data and recent tech developments, including tools for reporting phishing emails and releasing classic game source codes.

LINKS

The Microsoft AI Tour - London

In this episode of Cloudy with the Chance of Insights, the bi-weekly Microsoft Cloud Podcast.  The hosts discuss various topics related to Microsoft Cloud technology, including the new God Mode feature in Entra, enhancements in Intune for MAC security, and recent data breaches affecting organisations like the British Museum and HPE.

The conversation emphasises the importance of security hygiene, user access management, and the need for organisations to adapt to modern endpoint management solutions. In this conversation, the speakers delve into various aspects of technology governance, data automation, and the implications of generative AI on critical thinking.

They discuss the importance of security in technology, the challenges of managing insider risks, and the need for practical data transformation tools. The conversation also highlights the role of confidence in AI outputs and the emerging concept of shadow IT, emphasising the necessity for organisations to adapt to these changes.

Securing DeepSeek and other AI systems with Microsoft Security

In this episode of 'Cloudy with a Chance of Insights', the hosts discuss the latest developments in the Microsoft Cloud space, including OpenAI's Project Stargate and its implications for AI investments.
They explore the evolving landscape of cybersecurity, particularly the relevance of VPNs and the emergence of SASE. The conversation also touches on the concept of Residuality Theory in software architecture, emphasizing flexibility over perfection.
The episode concludes with insights on Microsoft's innovative collaboration with Coldplay and reflections on the global tech market dynamics.

LINKS

In this episode of 'Cloudy with a Chance of Insights', the hosts discuss recent developments in Microsoft Cloud, focusing on security updates related to Exchange Online, the implications of red teaming in AI security, and the growing threat of DDoS attacks. They also touch on the challenges in the cybersecurity field, including the shortage of professionals and the costs associated with defending against attacks.

The conversation highlights the importance of proactive measures and collaboration in enhancing cloud security. In this conversation, the speakers delve into the latest advancements in AI and storage technologies.

They wrap up by discussing the importance of understanding cloud-native concepts, emphasizing the need for scalable, resilient, and portable applications. The conversation also highlights the emergence of micro VMs and the role of Rust in enhancing security and efficiency in cloud environments.

LINKS

UPDATE: Apologies, I uploaded the incorrect audio file, this has now been resolved

In this episode of 'Cloudy with a Chance of Insights', the hosts reflect on the past year in Microsoft Cloud, discussing key highlights and looking forward to future trends.

They emphasize the growing importance of security, shifts in security practices, and the shared responsibility model. The conversation also delves into challenges in cloud migration, the future of quantum computing, and the intersection of AI and quantum technologies.

KEYWORDS:

#MicrosoftCloud, #security, #quantumcomputing, #AI, #cloudmigration, #cybersecurity

LINKS:

In this episode of 'Cloudy with a Chance of Insights', the hosts discuss various topics related to Microsoft Cloud, including the Meister tool for security configuration, the concept of Zero Trust, oversharing controls in M365, and the importance of data security.

They also highlight Microsoft's achievement of 100% coverage of the MITRE attack framework and new features in Microsoft Sentinel for security posture assessment. The conversation emphasises the need for proactive security measures and user adoption in organisations.

CHAPTERS
00:00 Introduction to Microsoft Cloud Insights
02:30 Exploring Meister: A PowerShell-Based Tool for Security Configuration
10:10 Understanding Zero Trust and Identity Management
12:50 Oversharing Controls in M365: Risks and Solutions
20:50 The Importance of Data Security and User Trust
26:43 Microsoft's 100% Coverage of the MITRE Attack Framework
39:10 New Features in Microsoft Sentinel for Security Posture

TAGS: #microsoftcloud, #Azure, #M365, #Microsoft365, #ZeroTrust, #zerotrustsecurity, #Maester, #Sentonel

On this week's episode, Cyrus provides an overview of Azure Local a new service which builds on the existing Azure Stack HCI service, whilst David introduces Richard to Radius, which is a cloud-native application platform that enables developers and IT operators to collaborate on delivering and managing cloud-native applications.

Richard then highlights some changes to the Azure Bastion Service and the deprecation of the Azure AD API service. We then cover some general IT news or interesting items we discovered over the last week, including a potential new Christmas No 1

Show Notes