Episode 31 of Cloudy with a Chance of Insights, the fortnightly Microsoft Cloud podcast with Richard Hogan, Cyrus Irandoust, and David Rowley. This week: a cluster of end-of-support deadlines that deserve more attention than they're getting, IBM and Microsoft private preview work on Sentinel Lake and custom security graphs that Richard can finally talk about, why Power Platform's own governance team admitted the model is broken, and an honest first-week account of Claude Code from someone who burnt through the daily token limit in 90 minutes.

Extended support for Windows Server 2016 ends January 12, 2027, and the Microsoft article announcing Extended Security Updates references Azure Arc as the delivery mechanism — which David flagged as either an intentional positioning move or a drafting oversight worth questioning. Also in the frame: SQL Server 2016 ESU ending July 2026, Server 2012 extended security updates ending October 2026, and SQL Server 2014 following in July 2027. These workloads are stable, quiet, and being systematically deprioritised in favour of AI projects. That combination rarely ends well.

Since October last year, IBM has been working with Microsoft on the private preview for Sentinel Lake and custom graph builds — ingesting asset data from Tenable, Qualys, and ServiceNow to surface connections that standard KQL queries would never surface. Richard covers the architecture, the friction points (VS Code as the only real interface, GQL instead of KQL, scheduled jobs, cost implications for data freshness), and what the Graph Explorer in Defender is going to change when it arrives. Custom graphs moved to public preview on April 1st.

A blog post from Ryan Jones on the Power Apps team published April 1st effectively acknowledged that traditional governance models break down when something can be built and deployed in a day. Pair that with figures suggesting nearly 30% of enterprise employees are already using unsanctioned AI agents, and Agent 365 heading toward GA in May, and the gap becomes difficult to ignore.

Cyrus covers proactive user containment reaching general availability as part of Defender XDR's predictive shielding feature — containment at the endpoint layer, not a simple Entra disable — and the shift from MDM to declarative device management for Apple devices in Intune, a change driven by Apple but with real implications for anyone managing iOS, iPadOS, or macOS at scale.

Richard's unfiltered first-week take on Claude Code: token consumption, peak and off-peak limits, VS Code integration differences, and why coming from a GitHub Copilot world will catch you off guard faster than you expect.

• Windows Server 2016 end of support announcement
• Microsoft Sentinel custom graphs public preview
• Power Platform adaptive governance framework
• What's new in Microsoft Defender XDR

Subscribe for a new episode every two weeks. Recorded this week with Cyrus and David technically on annual leave, which probably explains the vibe.

As AI tools make it increasingly easy to build something “good enough”, this episode asks an uncomfortable question: where does real differentiation actually sit now?

We use recent Microsoft Cloud updates as a starting point, including certification changes, early moves to treat AI agents as identities within Zero Trust, and a series of security and governance shifts across Purview, Defender, Entra, and Intune. Those threads lead into a deeper discussion about identity as the real perimeter, post breach tooling built on Microsoft Graph, and why AI assisted development is starting to flatten outcomes rather than improve them.

The conversation then turns toward vibe coding and the future of applications. If building tools is this easy, what does an app even mean anymore, and how do organisations avoid repeating old governance mistakes, just at AI speed?

Blog
The Microsoft Cloud Blog

YouTube
Cloudy with a Chance of Insights - YouTube

Soicials
Twitter / X
BlueSky
LinkedIn
Threads
Facebook

Music
Null Invocation: Monochrome Pulse
Monochrome Pulse on Soundcloud

For all the links to the articles etc, please visit the companion blog site.
The Microsoft Cloud Blog

In this episode of *Cloudy with a Chance of Insights*, Richard, Cyrus, and David return from a brief hiatus to deliver all the latest around the Microsoft Cloud ecosystem. The team dives into the evolving world of Microsoft 365, including speculation about the highly anticipated E7 license. They break down what this next-level license could mean for organizations, discuss the potential pricing, and debate whether the new bundled approach makes sense for enterprises navigating an increasingly fragmented Microsoft licensing landscape.

Cyrus and Richard also unpack the newest updates across Intune and Purview, giving listeners an inside look at recent announcements and how these tools are adapting to modern security and compliance demands. The conversation expands to cover the latest in AI, with a spotlight on Microsoft’s strategy of leveraging external frontier models like Claude, Gemini, and Grok, plus hands-on impressions of GitHub Copilot’s recent improvements.

Blog
The Microsoft Cloud Blog

YouTube
Cloudy with a Chance of Insights - YouTube

Soicials
Twitter / X
BlueSky
LinkedIn
Threads
Facebook

Music
Null Invocation: Monochrome Pulse
Monochrome Pulse on Soundcloud

For all the links to the articles etc, please visit the companion blog site.
The Microsoft Cloud Blog