Microsoft Lays Bare Cybersecurity Ambitions

At its Ignite 2019 conference this week, Microsoft moved to secure its Azure platform by extending its portfolio of cybersecurity offerings as well as enlisting the help of third-party security vendors.

Company CEO Satya Nadella told conference attendees that Microsoft is committed to building out an end-to-end cybersecurity architecture as it continues to extend the reach of its Azure platform beyond its own data centers. By way of example, he cited the endpoint detection and response (EDR) capabilities Microsoft provides in the form of Microsoft Defender Advanced Threat Protection (ATP), which leverages Azure to create a management plane for enforcing cybersecurity policies. That service is now being extended to include support for the macOS platform now in preview and support for Linux servers planned.

Microsoft this week also announced a public preview of Azure Firewall Manager and support for additional firewall deployment topologies, along with tools that make it easier to discover misconfigurations in the Azure cloud.

In addition, Microsoft updated Azure Sentinel to collect data from additional sources, including connectors to offerings from Zscaler, Barracuda Networks and Citrix. Microsoft is also making available threat-hunting queries and machine learning-based detections to help cybersecurity analysts prioritize significant events.

Nadella stressed that Microsoft would not be able to fulfill its end-to-end vision for cybersecurity without help from third-party vendors, especially those that embrace the Microsoft Security Graph framework for analyzing cybersecurity events.

Cybersecurity vendors that announced new offerings at Ignite this week included McAfee, which updated MVISION Cloud for Microsoft Azure to address compliance issues within the context of a DevSecOps process, and Unisys, which unfurled a Stealth(identity) software-as-a-service based on Azure to manage biometric identities.

Finally, Secureworks announced that its Red Cloak Threat Detection & Response service will leverage Microsoft Defender Advanced Threat Protection to improve detection of advanced attacks across endpoints, networks, the cloud and business applications.

Chris Bell, director, product management for Secureworks, said rather than asking organizations to deploy another agent, Secureworks is leveraging Microsoft’s presence to manage threats on a global basis. All that data is then shared with data science teams to combat threats proactively. That challenge, he said, is getting all those organizations still running legacy Windows platforms to upgrade to more modern platforms that are more secure such as Windows 10.

Nadella this week noted that more than $1 trillion in cybersecurity costs were incurred globally in 2018. Small-to-medium businesses and consumers bore the brunt of those costs, so Nadella said it’s the collective responsibility of the IT industry to protect the most vulnerable. That issue will become even more acute with more than 50 billion devices connected to the internet by 2023, said Nadella. There will also be some 500 million new applications deployed in that same time frame, with more than 175ZB of data in need of protection by 2025.

Naturally, Nadella sees Azure as “the world’s computer” playing a major role in providing that security. Less clear at this point, however, is how many organizations will share that vision at a time when IT environments are becoming more distributed than ever.

Featured eBook
Open Source Security: Weighing the Pros and Cons

Open Source Security: Weighing the Pros and Cons

Over the past few years, open source has grown in popularity, especially among developers using open source code in their application development efforts. Open source software offers incredible benefits to enterprises IT and development efforts. Free, available software libraries mean cost savings, easy customization, speed, agility and flexibility for development and IT teams. There are … Read More