Technology
Microsoft bolsters cloud security with more AI threat detection
Follow @https://twitter.com/PCMag
PCMag.com is a leading authority on technology, delivering Labs-based, independent reviews of the latest products and services. Our expert industry analysis and practical solutions help you make better buying decisions and get more from technology.
The Satya Nadella era at Microsoft has been defined by one overarching theme: everything ties back to the cloud.
Every Microsoft business app and service plugs back to its Azure cloud platform in one way or another. Ahead of the RSA security conference, the company is once again debuting new Azure security tools to add to its enterprise threat protection arsenal.
Ann Johnson, Microsoft’s Corporate Vice President of Cybersecurity Solutions, announced two new services—Azure Sentinel and the Microsoft Threat Experts program—from the floor of the company’s Cyber Defense Operations Center. Johnson said Azure Sentintel is “the first cloud-native SIEM [security information and event management tool] within a major cloud platform.”
Azure Sentinel, available in preview today, applies AI to cybersecurity by automating up to 80 percent of common security operations (SecOps) tasks, according to Microsoft. The service also integrates with security providers inclcuding Check Point, Cisco, F5, Fortinet, Palo Alto, Symantec, and ServiceNow, while supporting open standards and allowing enterprises to import their own machine learning models trained for specific environments.
This includes collecting security data integrated with Office 365, detecting and responding to threats, and performing root cause investigations into suspicious activities. Johnson also talked a lot about “cloud scale,” or the ability to devote Azure’s scalable infrastructure to AI resources in order to speed up detection and protection “from hours to seconds,” said Johnson.
Johnson also announced a new program called Microsoft Threat Experts in public preview within the Windows Defender Advanced Threat Protection (ATP) application for Windows 10 Enterprise. The idea here is to give enterprise IT and SecOps professionals an “Ask a Threat Expert” button to quickly ping Microsoft’s security team for threat monitoring and analysis, incident response, or to understand the full context or an attack or data breach.
All of this is part of Microsoft’s broader strategy for defending enterprises from an evolving threat landscape and cyber warfare techniques. Frank X. Shaw, Microsoft’s Corporate Vice President of Communications, talked about last year’s Cybersecurity Tech Accord, and the tech giant’s work to defend organizations and governments against cyber criminals and nation-state attacks.
Shaw said Microsoft’s Cyber Defense Operations Center has worked with global law enforcement to disrupt malware infrastructure, break up 18 criminal botnets, and combat nation-state hackers including stymying election hacking attemptsand shutting down fake websites intended to spread misinformation ahead of the 2018 US midterm elections.
“Today’s cyber war is about intelligence,” said Shaw. “The role of technology is to empower defenders to stay a step ahead of well-funded and well-organized adversaries.”
This article originally published at PCMag
here
-
Entertainment7 days ago
How to watch the 2024-2025 NBA season without cable: The greatest streaming deals
-
Entertainment6 days ago
‘Here’ review: Robert Zemeckis, Tom Hanks, and Robin Wright reunite
-
Entertainment6 days ago
Election 2024: The truth about voting machine security
-
Entertainment5 days ago
Teen AI companion: How to keep your child safe
-
Entertainment4 days ago
‘Wallace and Gromit: Vengeance Most Fowl’ review: A delightful romp with an anti-AI streak
-
Entertainment4 days ago
‘Dragon Age: The Veilguard’ review: BioWare made a good game again
-
Entertainment3 days ago
‘Only Murders in the Building’ Season 4 ending explained: Who killed Sazz and why?
-
Entertainment3 days ago
Polling 101: Weighting, probability panels, recall votes, and reaching people by mail