dcn-na logo
Story image

Microsoft bolsters threat prevention capabilities for enterprises

28 Feb 2020

Microsoft has recently announced new capabilities in automation and artificial intelligence (AI) designed to provide cloud-based protection to organisations’ cybersecurity defences.

These capabilities centre around Microsoft Threat Protection, Azure Sentinel, and Insider Risk Management.

According to Microsoft’s Cybersecurity Solutions Group corporate vice president Ann Johnson, organisations can ‘turn the tide’ in cybersecurity by using the cloud and the right mix of human and AI intelligence.

“Cybersecurity always comes down to people – good and bad. Our optimism is grounded in our belief in the potential for good people and technology to work in harmony to accomplish amazing things. After years of investment and engineering work, the data now shows that Microsoft is delivering on the potential of AI to enable defenders to protect data and manage risk across the full breadth of their digital estates,” says Johnson.

Microsoft adds that its AI-enabled security solutions are trained on 8 trillion daily threat signals, as well as 3500 human security experts. These solutions are now able to automate 97% of tasks that took up human defenders’ time two years ago.

Microsoft Threat Protection uses automation and AI to monitor for threats across applications, emails, and endpoints. It also uses identity protection as one of its core components, which means it is designed for Zero Trust.

“Microsoft Threat Protection breaks down security silos so security professionals can automatically detect, investigate and stop coordinated multi-point attacks. It weeds out the unimportant and amplifies signals that might have been missed, freeing defenders to work on the incidents that need their attention,” explains Johnson.

The solution builds on the core Microsoft Defender Advanced Threat Protection for endpoint security. Microsoft Defender Advanced Threat Protection is also generally available across Windows, Linux, and macOS. Microsoft plans to develop the solution for iOS and Android in future.

The Azure Sentinel platform now has two separate additional capabilities. The first is a new Sentinel connector for IoT, which allows organisations to onboard data from Azure IoT Hub-managed deployments into Azure Sentinel.

“Customers can now monitor alerts across all IoT Hub deployments along with other related alerts in Azure Sentinel, inspect and triage IoT incidents, and run investigations to track an attacker’s lateral movement within their enterprise,” explains Microsoft principal group program manager Sarah Fender and partner director program manager Eliav Levi.

The second Azure Sentinel Capability allows organisations to import AWS CloudTrail Logs into Azure Sentinel at no additional cost for a limited time (February-April 2020).

Insider Risk Management, part of Microsoft 365, allows organisations to solve a problem without the need for agents or ingestions. It is now generally available and is rolling out to customers’ tenants.

Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More
Story image
STULZ develops next generation data center cooling system
“Climate management is one of the key challenges faced by operators of large, colocation and hyperscale data centres. A failure to understand the consequences of heat generation and deal with it properly can be disastrous."More
Story image
Bamboo Systems launches servers for next gen data centres and computing
“Without the constraints of legacy designs, we are able to deliver servers that are built for today's microservices-based software, but which consume a fraction of the energy of traditional systems."More
Story image
HPE announces new Ezmeral & GreenLake edge-to-cloud services
One of HPE’s key messages at HPE Discover this week is the aim to fuel data-driven transformation through automation, insights, and app modernisation – and the company has created a new brand and software portfolio to support that aim.More
Story image
Rackspace and AWS extend relationship to reach more customers
Under the Strategic Collaboration Agreement (SCA) with AWS, Rackspace Technology is set on helping customers realise greater value from AWS cloud services.More
Story image
Google Cloud and HCL strengthen partnership, bolster e-commerce CX
Google Cloud will now be the preferred cloud platform for HCL Commerce, providing a global edge and expanded infrastructure to power businesses’ e-commerce strategies. More