Story image

Microsoft unleashes broad range of security features & partnerships at RSA Conference

17 Apr 18

Microsoft has released a swathe of security announcements across its portfolio at the RSA Conference in San Francisco today; spanning microcontroller units, Microsoft 365 Commercial cloud, advanced threat protection tools; automated threat detection and remediation; and stronger partnerships.

“As last year’s devastating cyber attacks demonstrated, security threats are evolving and becoming even more serious,” comments Microsoft’ president Brad Smith.

“The tech sector’s innovations need to accelerate to outpace security threats. Today’s steps bring important security advances not just to the cloud, but to the billions of new devices that are working on the edge of the world’s computer networks.”

Here’s a glimpse of what Microsoft has to offer:

Microsoft Azure Sphere – improving IoT by ‘securing and powering the intelligent edge’

Microsoft previewed Azure Sphere, which will be the industry’s first platform for creating highly-secured and connected devices that rely on microcontroller units (MCUs). Approximately 9 billion new devices are powered by MCUs every year, and they are the most populous area of computing.

“We need to consider that when a device becomes compromised, it’s not just a problem for the owner, it can also become a problem for society,” comments Microsoft Azure Sphere partner managing director, Galen Hunt, in a blog.

“A device can disrupt and do damage on a larger scale. This is what happened with the 2016 Mirai botnet attack where roughly 100,000 compromised IoT devices were repurposed by hackers into a botnet that effectively knocked the U.S. East Coast off the Internet for a day.”

Azure Sphere will bring a new class of MCUs with more than five times the power of legacy MCUs, a custom-built OS for IoT security, and a turnkey cloud security service that guards every Azure Sphere device.

“Today, Azure Sphere is in private preview. We’re working closely with select device manufacturers to build future products powered by Azure Sphere. We expect the first wave of Azure Sphere devices to be on shelves by the end of 2018. Dev kits will be universally available in mid-2018.”

Microsoft 365 Intelligent Security Solutions

Microsoft 365’s commercial cloud offering has received several new intelligent security features designed to help IT and security professionals manage security across enterprises.

The first feature includes Microsoft Secure Score and Attack Simulator. Secure Score enables organisations to determine which controls help to protect users, data, and devices by quickly assessing readiness and providing an overall benchmark score. Organisations can compare their scores to those with similar profiles through built-in machine learning.

Attack Simulator is part of Office 365 Threat Intelligence and is able to let security teams run simulated cyber attacks to test employee responses and tune configurations. Attack options include ransomware and phishing campaigns.

 The latest Windows 10 update (currently in preview) will bring Windows Defender Advanced Threat Protection (ATP) to other parts of Microsoft 365. This includes protection and remediation for Office 365, Windows, and Azure. The new ATP will draw on automated investigation and remediation capabilities, artificial intelligence, and machine learning.

Conditional Access will provide real-time risk assessments so organisations can ensure proper controls for access to sensitive data, without impacting users’ productivity. Microsoft 365 is now adding the device risk level set by Windows Defender ATP to Conditional Access in preview to help ensure that compromised devices can’t access sensitive business data.

Microsoft commits to stronger partner relationships

Microsoft has previewed a new security API for connecting products with Microsoft Intelligent Security Graph, in addition to intelligence from technology partner and customer solutions.

By connecting individual tools to the Intelligent Security Graph, security teams get new perspectives and more meaningful patterns of data to speed up threat investigation and remediation.

The new API is in early testing with a select group of cybersecurity industry leaders that are collaborating with Microsoft to shape its development. The group, which includes Anomali, Palo Alto Networks and PwC, joined Microsoft today to share their own early exploration of the API and how it may improve each company’s ability to protect their mutual customers.

The company has founded Microsoft Intelligent Security Association for security technology partners. Founding members include Palo Alto Networks and Anomali, as well as other existing partners. The association will allow partners to contribute to and benefit from the Intelligent Security Graph and Microsoft security products.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.