I keep seeing the same pattern, and it is getting frustrating. Microsoft is calling custom chatbots “agents,” and now everyone is building them. The problem is most of these so-called agents are not agents at all. They are just slightly modified chat prompts wrapped in a UI. I said this before, but it is worth… Read More: Stop Calling Everything an Agent »
Azure Workbooks are surprisingly capable and frustrating. In many ways, they are far more powerful than they appear at first glance. The UI does not always make it obvious where things live or how features connect, so it takes some effort to learn which buttons to push and in what order. Like many things in… Read More: Azure Workbooks: Hidden Gems »
I was working with a customer recently who was trying to track down changes across several subscriptions. Nothing unusual there, except we quickly realized something was missing. A number of subscriptions were not sending Azure Activity Logs to Microsoft Sentinel at all. No errors, no alerts, just silent gaps. It stood out because this is… Read More: Azure Activity Logs: A Few Practical Tips »
I was introduced to the Copilot Earth project late last year, and that got me thinking about how a similar concept could be applied to security. The idea of visualizing activity at a global level, enriched and interactive, felt like something that should exist for a SOC. From there, one idea led to another. I… Read More: Adventures in Vibe Coding »
I put together a small project called Global Threat Atlas. It started out simple, and 500+ commits later it turned into something production-ready. It can be deployed today in Azure commercial subscriptions. This is built with an operations center in mind. It works well as a glanceable wallboard, but you can also interact with it… Read More: Global Threat Atlas – Public Release »
My oldest child is a game design major. The program is very anti-AI. That reaction is understandable when you are trying to learn the fundamentals of a craft. Nobody wants shortcuts replacing real skill while they are still trying to master the basics. One thing that surprised me is how many students in the program… Read More: Game Design in the Age of Vibe Coding »
I write a lot of prompts. Easily dozens a day at this point. Between experimenting with ideas, vied coding , vibe learning, asking questions, and drafting content, a good part of my day involves typing into some kind of LLM prompt. The odd part is that I have never been a great typist, despite thousands… Read More: Is LLM Prompting Causing Bad Typing Habits? »
I was reminded of something recently that I have been aware of for a long time. The first time it was explained clearly to me was many years ago during a presentation on profit strategies for video game arcades. The core idea is simple. People behave differently when they feel like they are spending money.… Read More: Pricing Misdirection Improves User Adoption »
I see a growing amount of chatter about “securing AI,” but that phrase is so broad that it almost loses meaning. Securing what exactly? Most of these conversations are really about large language models (LLMs). And even then, the security discussion is very different depending on whether you are talking about public LLMs, enterprise LLMs,… Read More: Securing Public, Enterprise, & Private LLMs »
I recently worked with a customer who had done the right thing from a security perspective. They followed the best practice of separating standard user accounts from privileged admin accounts. Day-to-day work was done with a normal account, and elevated tasks required a separate admin identity. What they chose not to do was record the… Read More: Reconnecting Admin and User Accounts in Entra »
I recently built an Azure Monitor workbook to help customers who are struggling to verify that all Azure virtual machines are fully onboarded to Microsoft Defender for Endpoint (MDE). Repo: AndrewBlumhardt/workbooks In theory, this should be straightforward. When Defender for Servers is enabled as part of Microsoft Defender for Cloud, Azure VMs are automatically onboarded… Read More: Verifying MDE Protection for Azure VMs »
Vibe coding is an informal term used to describe a style of development where a large language model writes most of the code interactively. Instead of starting with detailed designs or carefully planned implementations, you describe intent. You explain what you want to build, how it should behave, or what needs to change, and the… Read More: Why Vibe Coding Needs Checkpoints »
I recently ran into confusion around Azure Logic Apps that came from viewing them through a Power Automate lens. On the surface the two platforms look nearly identical. They share connectors, workflows, and even the same HTTP action. But applying Power Automate’s security assumptions to Logic Apps leads to incorrect conclusions about risk, governance, and… Read More: Securing Power Automate vs. Azure Logic Apps »
I recently responded to a customer who had questions about device compliance policies and how they interact with Conditional Access. While researching my response, I was reminded how often Microsoft Intune is overlooked as a security solution, even though it now sits at the center of Microsoft’s cloud security and zero trust strategy. That disconnect… Read More: The Overlooked Security Role of Microsoft Intune »
AI agents are often marketed as the natural evolution of large language models. The implication is that agents are smarter, more capable, and more useful than a standard chat interface. In reality, many so-called agents fail to add meaningful value and instead introduce friction, duplication, and confusion. To understand why this keeps happening, it helps… Read More: Building AI Agents That Actually Matter »
As we enter the winter months and holiday season, when many of us will struggle to maintain or lose weight due to colder weather, a natural inclination to hibernate, and all those tempting holiday meals, I wanted to share my weight loss journey. This is not my typical post on AI, security, or career, but… Read More: 60 pounds in 7 months on Mounjaro »
I have been making my way through a lot of long book series over the last few years, and once you fall into the right one, the books disappear faster than you expect. Joe Ledger is the one I am deep into right now, and that reminded me how many great multi-book runs I have… Read More: My Favorite Sci-Fi and Thriller Book Series »
Over the past several months I have written several articles about AI as part of my own learning journey. Each time I dig deeper, I find new ways to explain how these systems work in a way that makes sense to people who are curious but not technical. This article continues that effort by covering… Read More: A Simple Walkthrough of How AI Learns »
Artificial intelligence is often said to be grown, not built. The phrase, often attributed to thinkers in AI safety circles, captures the idea that modern AI systems are not engineered like traditional software. They are cultivated through data and experience, shaped by feedback, and refined through countless iterations until patterns begin to emerge. AI did… Read More: Grown, Not Built: How AI is Made »
If someone walked you through what they did to “create an AI,” you might be surprised, or even a little disappointed, by how simple it actually was to bring it to life. AI coding often sounds far more mysterious than it really is. When people hear “AI development,” they tend to imagine complex systems being… Read More: Demystifying AI Coding »