Microsoft Advanced Threat Analytics, currently in beta, will ship next month, the company announced today. Deployed on-premises, the product is based on Microsoft's acquisition of Active Directory security specialist Aorato and its technology.
Linking with Active Directory, and combining machine learning, user behavioral analytics and a catalog of known threats, Advanced Threat Analytics alerts administrators to attacks and data breaches in real time. And the software evolves alongside the threat landscape.
Advanced Threat Analytics allows organizations "to adapt to the changing nature of cyber-security threats with a technology that is continuously learning," Brad Anderson, corporate vice president of Microsoft Cloud and Enterprise, said in a July 22 announcement. The technology reduces false positives, raising "red flags only when needed," he added.
Catching malware before it strikes undoubtedly helps organizations keep a lid on their sensitive data, but it's not the only threat worth keeping an eye on. Misappropriated user credentials are often the cause of headline-grabbing breaches. "In fact, compromised identity is the #1 cause of the breaches we hear about from organizations all over the world," stated Anderson. The problem is compounded by employees bringing their mobile devices to work and complex security monitoring and reporting solutions, he argued.
In a nod to the consumerization of IT, Advanced Threat Analytics' user interface is a departure from traditional security logging software. Administrators can examine "the most important security factors using a simplified attack timeline," noted Anderson.
Facebook's effect on the enterprise software is also felt. The software "helps to identify known malicious attacks, security issues and risks, and presents all of this information in an easy-to-consume, and simple-to-drill-down, social media-like feed," he said.
When it ships in August, Microsoft Advanced Threat Analytics will be available as a stand-alone product or as part of Enterprise Mobility Suite. Volume license customers under the company's Enterprise Client Access License plan will also get access to the software.
In other security news, Microsoft also announced today that Azure Rights Management now protects Office documents on the iPhone and iPad.
"While using Office documents on iPad and iPhone, you can now view rights-protected documents natively within the Office application," wrote Office 365 technical product manager Shobhit Sahay in a July 22 blog post. The updated apps will appear in the Apple App Store by July 23.
"Word, Excel and PowerPoint all display the protected content with full file fidelity, retaining the same viewing rights permissions originally assigned to the document." The ability to create, edit and publish rights-protected Office documents is in the works, he added.
Sometime in the fourth quarter, Azure Rights Management support will come to the Outlook app on both iOS and Android, Office for Android, as well as the Office Mobile app for Windows 10 Enterprise, Sahay said. When it launches later this year for Windows, Office 2016 "will come pre-instrumented with Azure Rights Management controls," he said.