Microsoft has unveiled new capabilities for its Azure Security Center and new cloud app security in response to CEO Satya Nadella's call for tighter enterprise security.
In November, Nadella cited the need for a new approach to enterprise security in a mobile-first, cloud-first world, where employees increasingly access corporate data via their own personal devices and Internet of Things sensors become more pervasive. He called for improving security at all endpoints from sensors to datacenters and beyond.
The company's Thursday announcement begins to answer that call. Microsoft outlined new security management and reporting options with its Azure Security Center, designed to deliver advanced threat detection abilities and a centralized security management system.
"New products we are rolling out today will improve our security signal, help us protect you and help you protect yourself," said Bret Arsenault, Microsoft's chief information security officer, in a blog post on Thursday.
With the Azure Security Center, which has been under public preview since December, Microsoft introduced its Advanced Threat Detection.
"After years of examining crash dumps that our customers opted to send to Microsoft from more than a billion PCs worldwide, Microsoft has developed the capability to analyze this data to effectively detect compromised systems because crashes are often the result of failed exploitation attempts and brittle malware," Arsenault wrote.
The advanced threat detection feature is targeted for customers using hosted virtual machines in Azure. The Azure Security Center Advanced Threat Detection automatically collects information from crash events, analyzes it, and notifies users when a virtual machine of theirs may be compromised.
Microsoft also rolled out a new security Power BI Dashboard for Azure users, which is designed to allow users to visualize, analyze, and filter security alerts and recommendations from any location via a desktop or mobile device.
The Azure Security Center will also now handle the task of allowing users not only to set security policies at the Azure subscription level, but also configure a security policy for a resource group so that the policy can be based on specific workload needs, Arsenault explained.
Microsoft also trotted out the Azure Active Directory Identify Protection, which will be available for public preview next week. The Azure Active Directory is designed to detect suspicious activities and privileged identities for end-users, based not only on brute force attacks, infected devices, leaked credentials, and unfamiliar sign-in locations that are encountered by an enterprise, but also on the security signals that have come to Microsoft via 14 billion logins.
Azure Active Directory will then calculate the severity of the user's security risk and then automatically configure risk-based policies.
Other security features Microsoft introduced extended beyond Azure.
The software giant unveiled its Microsoft Cloud App Security, which will be generally available in April. This cloud app aims to provide comparable visibility and control that enterprises would normally have if their SaaS application was loaded onto their network, one physically located on the company's premises.
Microsoft also noted it is bringing new security capabilities to its Office 365 cloud app. The new features will include security alerts sent to administrators when suspicious activity has been detected on the Office 365 service, a view into the cloud services that their users are connecting to and the ability to approve or deny permission for a user to connect the Office 365 service to a third-party service.
"Keeping our network safe, while protecting our data and our customers' data, is paramount," Arsenault said.