Dina Bass (Bloomberg) –Microsoft Corp. unveiled two new cloud security services to help customers find and stop threats and manage their cyberdefenses by tapping experts from the software giant.
Azure Sentinel, available for customer preview Thursday, is what’s called a Security Information and Event management tool. Microsoft said it’s the first of its type based in the cloud. The product uses artificial intelligence to comb through data to find threats and lets customers rent computing power from the company rather than buy more of their own servers to crunch information.
Companies are facing more threats online and cloud providers such as Microsoft and Amazon.com Inc. say their offerings are more secure than traditional products. To make this point, Microsoft disclosed that it recently helped several financial-services companies fend off attacks by a state-sponsored group that was “transferring large sums of cash into foreign bank accounts.” The attackers then released malware that crippled systems for days, requiring Microsoft experts to help clean it up.
Azure Sentinel can quickly download a customer’s Office cloud data and combine that with security information to find threats. For example, Office email spam data can provide clues on suspicious accounts or computers that have turned into zombie spam-sending machines. The product works with security software from companies like Check Point Software Technologies Ltd., Cisco Systems Inc., Symantec Corp. and Palo Alto Networks Inc., said Ann Johnson, a Microsoft vice president for cybersecurity. Microsoft announced the new products ahead of the RSA security conference next week in San Francisco.
Microsoft also previewed a service called Microsoft Threat Experts in which the company hunts through a customer’s anonymous security data to find the biggest threats and provides help on demand through an “Ask a Threat Expert” button. The services will be part of Microsoft’s Windows Defender ATP security product.