In this episode of The Collective Podcast, our host Jordy Decock sits down with MVPs Thijs Lecomte and Robbe van den Daele as they unpack the journey from traditional SIEM and XDR deployments to Microsoft's Unified Security Operations platform.

The deprecation of the Sentinel UI by August 2026 makes this migration inevitable. Our experts share their first-hand experiences as frontrunners in this migration, and move past the fluff to discuss the actual impact on SOC analysts, from the benefits of a single-portal experience to the frustrations of missing API features.

Learn from their hard-earned insights migrating dozens of SOC customers to the new unified platform, including:

• The Evolution from Dual Platforms to Unified SecOps: Understanding why Microsoft is consolidating Sentinel and Defender XDR, and what it means for your security operations
• Real-World Migration Challenges: From API changes and incident correlation issues to validation rule nightmares and production impacts
• Sentinel Data Lake Deep Dive – Exploring the cost benefits of data compression, new KQL capabilities, and why long-term data retention just got more affordable
• Practical Recommendations – When to migrate, what pitfalls to avoid, and why being an early adopter isn't always the right choice
• The Solutions: The clever workarounds our team developed to keep automated detections running smoothly during the transition.

Thijs and Robbe candidly discuss the bumps in the road, the workarounds they've had to implement, and the features that still need work – all while acknowledging the genuine value and strategic direction of Microsoft's security platform.

Whether you're a SOC analyst, security architect, or IT decision-maker evaluating Microsoft's security stack, this episode provides the real-world perspective you need to navigate these changes successfully.

What does NIS2 really mean for your day-to-day security operations?

In this episode of The Collective Podcast, host Jordy Decock sits down with Michael Van Horenbeeck, Microsoft Security MVP and CEO of The Collective, to unpack how organizations can move from NIS2 compliance checklists to measurable resilience.

They explore why 24-hour incident reporting demands a modern Security Operations Center (SOC), and how continuous monitoring and supplier oversight have become non-negotiable.

In this episode of The Collective Podcast, host Jordy Decock sits down with security consultants Thor Nicolaï and Jasper Baes to explore the hidden challenges of maintaining strong security baselines in Microsoft environments. They dive into why small gaps appear, how drift monitoring and exception management can make or break your security posture, and how The Collective’s Managed Security Baseline Service helps organizations turn compliance into real resilience. Whether you’re an IT manager, CISO, or simply curious about how to keep pace with today’s evolving threats, this episode offers practical insights and actionable advice.

Hybrid work, SaaS adoption, and multi-cloud environments have changed the rules. Traditional VPNs and perimeter firewalls are not enough to keep users and data safe. Microsoft’s Global Secure Access (GSA) introduces a new identity first model that ties access directly to who the user is, the device they are on, and the conditions of the request.

In this episode of The Collective Podcast, our experts Robbe Van den Daele and Thor Nicolaï explain:

• What GSA is and how it fits into Microsoft’s security stack

• The three traffic profiles: Private Access, Internet Access, and Microsoft 365 Access

• Real world use cases, from replacing VPNs to micro segmentation

• How GSA integrates with Entra ID, Microsoft 365, and even third party SSE tools

• Licensing insights and where to start if you already own part of the stack

🎧 Listen now and learn how identity first security can simplify your infrastructure, reduce risk, and give your SOC the visibility it needs.

Inside the War Room – What a Modern SOC Really Looks Like

Think your SOC is ready? Think again.

In this episode, our host Jordy Decock sits down with Sander Bougrine (SOC Operations Lead) and Jani Vleurinck (Detection Engineering Lead) from The Collective, for an unfiltered look inside the engine room of modern cybersecurity: the Security Operations Center.

🔍 Get behind the scenes of real-world MDR challenges ⚙️ Learn how top-tier teams handle detection, escalation, and response 🚨 Hear how they’re adapting to the latest threats—and what you might be missing

Whether you're running a SOC, building one, or just trying to keep up with the chaos—this one’s for you.

👉 Tune in now and let us know: what’s the biggest challenge your SOC is facing today?

In this session, we'll unpack the why's and how's of password management and give you practical insights to implement immediately. Get ready to explore the tools, insights, and strategies to protect your business, starting today.

Our guest speakers are Louis Mastelinck and Adriaan Schepers. Louis is the team lead security consultancy at The Collective and the host of the podcast "Oeps". Adriaan is a sr. modern workplace consultant at The Collective.

Enjoy!