Microsoft Subnet An independent Microsoft community View more

Microsoft announces Advanced Threat Analytics and Windows Update for Business

Windows Update for Business and Advanced Threat Analytics preview are among the new products and services Microsoft announced at Ignite 2015.

Ignite sketch
Credit: Craighton Berman

"Microsoft is more committed than ever to the millions of IT pros around the world," Microsoft VP of enterprise client and mobility Brad Anderson said at the company's first-ever Ignite conference, where it announced numerous new products and services. Like at the Build conference last week, Microsoft talked up security and mobility but aimed it more squarely at enterprise IT, as that is Ignite's target audience.

After taking a swipe at Google for failing to update consumer devices, Terry Myerson, executive VP of Microsoft operating systems, talked security and announced Windows Update for Business, part of Microsoft's "intelligent cloud" for Windows 10.

"Here at Microsoft, we take our responsibility to keep Windows secure seriously," said Myerson. "This level of commitment and support is far different than Android, for example, where Google refuses to take responsibility for updating their customers' devices, leaving end-users and business increasingly exposed every day they use the device."

Terry Myerson talking about Windows Update for Business Microsoft

Windows Update for Business will allow IT pros to specify "maintenance windows" by selecting "critical timeframes when updates should and should not occur" as well as "distribution rings" to "specify which devices go first in an update wave, and which ones will come later (to ensure any quality kinks are worked out)." When dealing with branch offices or remote sites which have pathetic bandwidth, IT pros can utilize peer-to-peer delivery of security updates. The new update procedure for businesses can also be integrated into "existing tools like System Center and the Enterprise Mobility Suite."

Consumers will get Windows 10 security and software updates as they are released, as opposed to a big Patch Tuesday process.

Regarding "today's security landscape," Myerson praised Microsoft Passport in Windows 10 and Windows Hello. He said, "Identity protection, with Windows 10's Microsoft Passport feature, leveraging hardware-based Hyper-V isolation to protect credentials and securely authenticate with websites and networks on your behalf—without sending up a password. With Microsoft Passport, there is no password to be phished from the user or stored on a server for hackers to potentially compromise. Microsoft Passport puts enterprises on the path to putting 'pass the hash' attacks behind them for good. And of course, there's Windows Hello which makes biometric authentication simpler than ever." (Pass-the-hash attacks were supposed to be killed off with Windows 8.1, too.)

Microsoft Advanced Threat Analytics

Things really got interesting when Microsoft talked about Microsoft Advanced Threat Analytics (ATA), which is currently available in preview. The technology is part of Microsoft's "intelligent cloud," thanks to its acquisition of Israeli startup Aorato last November. ATA helps "IT security professionals identify security breaches and threats, using behavioral analysis and machine learning to provide clear, actionable information." The fact sheet (pdf download) states, "ATA system continuously goes through four steps to ensure protection: analyze, learn, detect and alert."

About this "incredible" tool, Microsoft's Anderson added that ATA provides an "inside look at the potentially harmful activity within your network by identifying suspicious user and device activity with built-in intelligence, and this intelligence filters its feedback such that you see clear, relevant attack information on a simple timeline. ATA does this by creating a graph of the relationships and interactions of users, devices and resources."

ATA suspicious behavior alert Microsoft Advanced Threat Analytics datasheet

Additionally, ATA "detects known malicious attacks (like Pass-the-Hash, Pass-the-Ticket, Reconnaissance, etc.) and it catches known security issues like broken trust and weak protocols."

Besides identifying "advanced security threats fast," Anderson suggested you need ATA in your life because "you can adapt to the changing nature of cyber-security threats with a technology that is continuously learning. You can narrow down the most important factors using the simple attack timeline. ATA's innovative technology reduces false positive fatigue and raises red flags only when needed."

You can take ATA for a spin here, watch the video below, or learn more here.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.