dcn-eu logo
Story image

Microsoft bolsters threat prevention capabilities for enterprises

28 Feb 2020

Microsoft has recently announced new capabilities in automation and artificial intelligence (AI) designed to provide cloud-based protection to organisations’ cybersecurity defences.

These capabilities centre around Microsoft Threat Protection, Azure Sentinel, and Insider Risk Management.

According to Microsoft’s Cybersecurity Solutions Group corporate vice president Ann Johnson, organisations can ‘turn the tide’ in cybersecurity by using the cloud and the right mix of human and AI intelligence.

“Cybersecurity always comes down to people – good and bad. Our optimism is grounded in our belief in the potential for good people and technology to work in harmony to accomplish amazing things. After years of investment and engineering work, the data now shows that Microsoft is delivering on the potential of AI to enable defenders to protect data and manage risk across the full breadth of their digital estates,” says Johnson.

Microsoft adds that its AI-enabled security solutions are trained on 8 trillion daily threat signals, as well as 3500 human security experts. These solutions are now able to automate 97% of tasks that took up human defenders’ time two years ago.

Microsoft Threat Protection uses automation and AI to monitor for threats across applications, emails, and endpoints. It also uses identity protection as one of its core components, which means it is designed for Zero Trust.

“Microsoft Threat Protection breaks down security silos so security professionals can automatically detect, investigate and stop coordinated multi-point attacks. It weeds out the unimportant and amplifies signals that might have been missed, freeing defenders to work on the incidents that need their attention,” explains Johnson.

The solution builds on the core Microsoft Defender Advanced Threat Protection for endpoint security. Microsoft Defender Advanced Threat Protection is also generally available across Windows, Linux, and macOS. Microsoft plans to develop the solution for iOS and Android in future.

The Azure Sentinel platform now has two separate additional capabilities. The first is a new Sentinel connector for IoT, which allows organisations to onboard data from Azure IoT Hub-managed deployments into Azure Sentinel.

“Customers can now monitor alerts across all IoT Hub deployments along with other related alerts in Azure Sentinel, inspect and triage IoT incidents, and run investigations to track an attacker’s lateral movement within their enterprise,” explains Microsoft principal group program manager Sarah Fender and partner director program manager Eliav Levi.

The second Azure Sentinel Capability allows organisations to import AWS CloudTrail Logs into Azure Sentinel at no additional cost for a limited time (February-April 2020).

Insider Risk Management, part of Microsoft 365, allows organisations to solve a problem without the need for agents or ingestions. It is now generally available and is rolling out to customers’ tenants.

Story image
Huawei plans to train 150,000 datacom engineers over three years
Huawei recognises the need for new network and architecture requirements as digital transformation and networks develop. As such, the company developed a new set of ‘talent cultivation standards’.More
Story image
Dell Technologies drives innovation with latest solutions for HPC and AI
“Data is the fuel driving innovations that can transform human lives. A crucial step in the process is to derive meaningful insights from data."More
Story image
Global Switch extends leadership team with two new appointments
Global Switch has added more expertise and experience to the company’s senior management team with two new appointments, and states that this will support the company’s growth strategy and global expansion.More
Story image
NetApp unveils serverless, storage solution for containers
Spot by NetApp comprises new capabilities that NetApp CEO George Kurian hopes to help businesses thrive in the new normal.More
Story image
Global cloud market grows 33% in Q3 2020 to $36.5 billion
A new surge of COVID-19 cases in the United States and Europe will continue this trend as social distancing measures are put back in place, meaning cloud will remain vital for sustaining business operations, remote working and learning, as well as customer engagement.More
Story image
Zenlayer enhances edge capabilities across EdgeConneX data center network
The network will offer Zenlayer services such as on-demand bare metal cloud, direct connections to major public clouds and data centers, as well as managed hosting capabilities.More