Technology
Microsoft bolsters cloud security with more AI threat detection
Follow @https://twitter.com/PCMag
PCMag.com is a leading authority on technology, delivering Labs-based, independent reviews of the latest products and services. Our expert industry analysis and practical solutions help you make better buying decisions and get more from technology.
The Satya Nadella era at Microsoft has been defined by one overarching theme: everything ties back to the cloud.
Every Microsoft business app and service plugs back to its Azure cloud platform in one way or another. Ahead of the RSA security conference, the company is once again debuting new Azure security tools to add to its enterprise threat protection arsenal.
Ann Johnson, Microsoft’s Corporate Vice President of Cybersecurity Solutions, announced two new services—Azure Sentinel and the Microsoft Threat Experts program—from the floor of the company’s Cyber Defense Operations Center. Johnson said Azure Sentintel is “the first cloud-native SIEM [security information and event management tool] within a major cloud platform.”
Azure Sentinel, available in preview today, applies AI to cybersecurity by automating up to 80 percent of common security operations (SecOps) tasks, according to Microsoft. The service also integrates with security providers inclcuding Check Point, Cisco, F5, Fortinet, Palo Alto, Symantec, and ServiceNow, while supporting open standards and allowing enterprises to import their own machine learning models trained for specific environments.
This includes collecting security data integrated with Office 365, detecting and responding to threats, and performing root cause investigations into suspicious activities. Johnson also talked a lot about “cloud scale,” or the ability to devote Azure’s scalable infrastructure to AI resources in order to speed up detection and protection “from hours to seconds,” said Johnson.
Johnson also announced a new program called Microsoft Threat Experts in public preview within the Windows Defender Advanced Threat Protection (ATP) application for Windows 10 Enterprise. The idea here is to give enterprise IT and SecOps professionals an “Ask a Threat Expert” button to quickly ping Microsoft’s security team for threat monitoring and analysis, incident response, or to understand the full context or an attack or data breach.
All of this is part of Microsoft’s broader strategy for defending enterprises from an evolving threat landscape and cyber warfare techniques. Frank X. Shaw, Microsoft’s Corporate Vice President of Communications, talked about last year’s Cybersecurity Tech Accord, and the tech giant’s work to defend organizations and governments against cyber criminals and nation-state attacks.
Shaw said Microsoft’s Cyber Defense Operations Center has worked with global law enforcement to disrupt malware infrastructure, break up 18 criminal botnets, and combat nation-state hackers including stymying election hacking attemptsand shutting down fake websites intended to spread misinformation ahead of the 2018 US midterm elections.
“Today’s cyber war is about intelligence,” said Shaw. “The role of technology is to empower defenders to stay a step ahead of well-funded and well-organized adversaries.”
This article originally published at PCMag
here
-
Entertainment7 days ago
Earth’s mini moon could be a chunk of the big moon, scientists say
-
Entertainment7 days ago
The space station is leaking. Why it hasn’t imperiled the mission.
-
Entertainment6 days ago
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
-
Entertainment5 days ago
Black Friday 2024: The greatest early deals in Australia – live now
-
Entertainment4 days ago
How to watch ‘Smile 2’ at home: When is it streaming?
-
Entertainment3 days ago
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
-
Entertainment2 days ago
A24 is selling chocolate now. But what would their films actually taste like?
-
Entertainment3 days ago
New teen video-viewing guidelines: What you should know