Story image

Microsoft unleashes broad range of security features & partnerships at RSA Conference

17 Apr 2018

Microsoft has released a swathe of security announcements across its portfolio at the RSA Conference in San Francisco today; spanning microcontroller units, Microsoft 365 Commercial cloud, advanced threat protection tools; automated threat detection and remediation; and stronger partnerships.

“As last year’s devastating cyber attacks demonstrated, security threats are evolving and becoming even more serious,” comments Microsoft’ president Brad Smith.

“The tech sector’s innovations need to accelerate to outpace security threats. Today’s steps bring important security advances not just to the cloud, but to the billions of new devices that are working on the edge of the world’s computer networks.”

Here’s a glimpse of what Microsoft has to offer:

Microsoft Azure Sphere – improving IoT by ‘securing and powering the intelligent edge’

Microsoft previewed Azure Sphere, which will be the industry’s first platform for creating highly-secured and connected devices that rely on microcontroller units (MCUs). Approximately 9 billion new devices are powered by MCUs every year, and they are the most populous area of computing.

“We need to consider that when a device becomes compromised, it’s not just a problem for the owner, it can also become a problem for society,” comments Microsoft Azure Sphere partner managing director, Galen Hunt, in a blog.

“A device can disrupt and do damage on a larger scale. This is what happened with the 2016 Mirai botnet attack where roughly 100,000 compromised IoT devices were repurposed by hackers into a botnet that effectively knocked the U.S. East Coast off the Internet for a day.”

Azure Sphere will bring a new class of MCUs with more than five times the power of legacy MCUs, a custom-built OS for IoT security, and a turnkey cloud security service that guards every Azure Sphere device.

“Today, Azure Sphere is in private preview. We’re working closely with select device manufacturers to build future products powered by Azure Sphere. We expect the first wave of Azure Sphere devices to be on shelves by the end of 2018. Dev kits will be universally available in mid-2018.”

Microsoft 365 Intelligent Security Solutions

Microsoft 365’s commercial cloud offering has received several new intelligent security features designed to help IT and security professionals manage security across enterprises.

The first feature includes Microsoft Secure Score and Attack Simulator. Secure Score enables organisations to determine which controls help to protect users, data, and devices by quickly assessing readiness and providing an overall benchmark score. Organisations can compare their scores to those with similar profiles through built-in machine learning.

Attack Simulator is part of Office 365 Threat Intelligence and is able to let security teams run simulated cyber attacks to test employee responses and tune configurations. Attack options include ransomware and phishing campaigns.

 The latest Windows 10 update (currently in preview) will bring Windows Defender Advanced Threat Protection (ATP) to other parts of Microsoft 365. This includes protection and remediation for Office 365, Windows, and Azure. The new ATP will draw on automated investigation and remediation capabilities, artificial intelligence, and machine learning.

Conditional Access will provide real-time risk assessments so organisations can ensure proper controls for access to sensitive data, without impacting users’ productivity. Microsoft 365 is now adding the device risk level set by Windows Defender ATP to Conditional Access in preview to help ensure that compromised devices can’t access sensitive business data.

Microsoft commits to stronger partner relationships

Microsoft has previewed a new security API for connecting products with Microsoft Intelligent Security Graph, in addition to intelligence from technology partner and customer solutions.

By connecting individual tools to the Intelligent Security Graph, security teams get new perspectives and more meaningful patterns of data to speed up threat investigation and remediation.

The new API is in early testing with a select group of cybersecurity industry leaders that are collaborating with Microsoft to shape its development. The group, which includes Anomali, Palo Alto Networks and PwC, joined Microsoft today to share their own early exploration of the API and how it may improve each company’s ability to protect their mutual customers.

The company has founded Microsoft Intelligent Security Association for security technology partners. Founding members include Palo Alto Networks and Anomali, as well as other existing partners. The association will allow partners to contribute to and benefit from the Intelligent Security Graph and Microsoft security products.

GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
Why AI will be procurement’s greatest ally
"AI can help identify emerging suppliers, technologies and products in specific categories."
Are AI assistants teaching girls to be servants?
Have you ever interacted with a virtual assistant that has a female-based voice or look, and wondered whether there are implicitly harmful gender biases built into its code?
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
Data#3 to exclusively provide MS licences to WA Government
The technology services provider has won two contracts with the Western Australia Government, becoming its sole Microsoft licence provider.
Why cash is no longer king in Australia
Australia is leading the way in APAC for granting credit on B2B transactions.