Microsoft Bets on AI, Linux to Block Advanced Security Threats

Microsoft is using AI to help businesses protect their users and is leaning on Linux to help safeguard the internet of things.


The RSA Conference is currently underway in San Francisco, and the IT industry's attention has turned to the latest technologies and techniques that can help thwart cyber-attackers.

Microsoft, whose products are often the target of attacks, is among a growing number of companies using artificial intelligence (AI) to help customer organizations safely navigate today's tough cyber-security landscape. One example is the new Secure Score tool for Microsoft 365, a business software bundle that includes Office 365, Windows 10 and Enterprise Mobility + Security (EMS).

Released on April 16, Secure Score assesses an organization's security posture and generates a security benchmark score, helping administrators zero in on the technical controls that will help protect users and their data. Using machine learning, the tool allows users to compare how they rank to similar organizations.

Also generally available is Attack Simulator. Part of the Office 365 Threat Intelligence service, the tool allows IT security professionals to run mock phishing and ransomware campaigns to determine if their employees are likely to fall victim to these types of attacks. Additionally, organizations can run brute force password attacks and password spray attacks, a tactic that enables hackers to target multiple systems with commonly used passwords, evading account lockouts that are triggered by repeated unsuccessful login attempts on a single system.

Helping third parties tap into its massive trove of cyber-security data and analysis for their own AI-enabled solutions, Microsoft announced a new API for connecting to the company's Intelligent Security Graph.

Each month, the Intelligent Security Graph is fed data on 18 billion webpages, 5 billion threats caught by Windows Defender ATP and 400 billion emails that Microsoft scans for malware and spam. Currently, a group of partner organizations that includes Anomali, Palo Alto Networks and PwC is testing and collaborating on the API.

Microsoft Lassos Linux, Chipmakers for IoT Security

Apart from luring enterprises and their Linux workloads onto its Azure cloud-computing ecosystem, Microsoft has found another reason to lavish more "love" on Linux.

Addressing the looming threat of large-scale and potentially disastrous internet of things (IoT) attacks, Microsoft took the wraps off an IoT security offering called Azure Sphere. Currently in closed beta, the solution combines cloud, embedded chips and Linux-based software components to protect IoT edge devices.

Those chips will run Azure Sphere OS software, powered, in part, by Linux, according to Galen Hunt, partner managing director of Microsoft Azure Sphere.

"Unlike the RTOSes [real-time operating systems] common to MCUs [microcontroller units] today, our defense-in-depth IoT OS offers multiple layers of security," explained Hunt in an April 16 blog. "It combines security innovations pioneered in Windows, a security monitor, and a custom Linux kernel to create a highly-secured software environment and a trustworthy platform for new IoT experiences."

Microsoft is working with chipmakers on Azure Sphere-certified MCUs, which will contain silicon inspired by Xbox, Microsoft's hacker-resistant video game console. MediaTek's MT3620 will be the first Azure Sphere chip when it begins shipping in volume later this year.

Rounding out the package is Azure Sphere Security. It provides threat detection, certificate-based authentication and device update services, enabling secure device-to-device and device-to-cloud communications.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...