Microsoft to Sell Windows Security Service to Business Customers
Cloud-based service will compete with FireEye, Symantec
Service called Windows Defender Advanced Threat Protection
Microsoft Corp. is rolling out a new service for its Windows 10 operating system to help large businesses detect hackers, security threats and unusual behavior on their networks, rivaling companies like FireEye Inc. and Symantec Corp.
Called Windows Defender Advanced Threat Protection, the product is already being tested by a few customers and Microsoft internally, and parts of the software code will start rolling out in new versions of Windows 10. Pricing and a final release date haven’t been determined, said Yusuf Mehdi, vice president for Windows and devices.
Microsoft is investing to boost security in Windows as private business and the government seek better ways to protect sensitive information after several high-profile hacks in recent years. Microsoft has already added security features like preventing data leaks outside the company and fingerprint and facial recognition access to Windows, tackling areas that some rivals and security companies address. On Feb. 17, the U.S. Defense Department said it will upgrade all Windows machines to the latest software because of its superior security features, Mehdi said in an interview Monday.
The new product relies on in-house security experts and on analysis and algorithms built from large volumes of Microsoft security data. The company has access to anonymous information from more than 1 billion devices and 2.5 trillion indexed web pages that let Microsoft determine suspicious behavior and sites.
The service will give information technology directors tools to understand what is going on with the network, as well as to investigate and respond. There’s a feature that lets IT managers "time travel and see the state of a machine over the past six months" so they can detect when a machine was hacked and how it has changed, Mehdi said.
Another tool lets IT directors take a suspicious file and upload it to an isolated machine on the Microsoft cloud to examine it safely. Microsoft plans in the future to add tools to help companies take steps to handle the security issue on the spot -- right now the service just helps them identify problems and makes recommendations for fixes.
Microsoft will to expand the number of companies testing the product, Mehdi said. To use it, customers must have paid for the enterprise version of Windows 10.