In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is joined by Craig Nelson, who leads the elite Microsoft Red Team. Together, they dive into the art and impact of red teaming at Microsoft: what it means to simulate real-world attacks, how threat intelligence informs operations, and why collaboration between red and blue teams is crucial for organizational resilience.  



Craig shares the surprising mission that blurred the lines between physical and cyber security, reflects on how AI is reshaping attacker tactics and defensive strategies, and offers advice for aspiring red teamers. From stories of early hacker days in the ’90s to navigating the complexities of securing cloud and AI systems, this conversation is packed with insights on how Microsoft stays ahead of evolving threats. 



In this episode you’ll learn:      



The role of human behavior in real-world security breaches 






How Microsoft’s Secure Future Initiative impacts security culture 






What the Microsoft Red Team does and what it doesn’t do 






Some questions we ask:     



How do you feel about getting caught during a red team operation? 






What do you wish people paid more attention to in red team findings? 






Is this new AI complexity good or bad for red teaming? 




 

Resources:  

View Craig Nelson on LinkedIn  

View Sherrod DeGrippo on LinkedIn  

 

Related Microsoft Podcasts:                   



Afternoon Cyber Tea with Ann Johnson 






The BlueHat Podcast 






Uncovering Hidden Risks     




 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

 

Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

 

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Ver todos los episodios