skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view

Summary

Microsoft has announced a new security service that will improve the way that cyber-attacks or, more accurately, cyber breaches are addressed. Windows Defender Advanced Threat Protection is a cloud-based service that is being made available to commercial users of the Windows10 operating system (OS) and deals with post-breach identification issues.

Microsoft is starting to address security breach detection issues

The security industry acknowledges that average breach detection timelines, which remain stubbornly high at just over 200 days plus additional remediation, are unacceptable.

The main problem is that a lot of these attacks are becoming increasingly sophisticated and therefore difficult to detect using traditional security tools. Next-generation threat protection is positioned as the way forward when dealing with zero-day and advanced persistent threats (APTs). However, the number of breaches continues to rise and better facilities are needed to deal with breach identification and remediation issues.

The new Microsoft security service will make use of machine learning techniques to identify security breaches. It will utilize the tremendous advantage the company has of gathering threat data from the millions of Windows devices that use its software. The Windows OS has consistently been seen as a key target for hackers and malware writers. As such it can also be positioned as a primary source of security intelligence about security breaches.

This is Microsoft’s first major foray into the threat intelligence arena. Its services are still at the early stages of deliver (user testing) and there is a significant development roadmap ahead. The current version of Windows Defender Advanced Threat Protection can identify suspicious behavior and can alert IT professionals. However, for now, that is as far as it goes. It is then down to the IT security experts to review the threat data on offer and decide on the appropriate remediation actions.

In the next phase, expect to see Microsoft build a more complete and well-rounded solution and add tools that can deal with quarantine and remediation requirements. This is a good start, but Microsoft is again playing catch-up with more serious security vendors that have moved more rapidly through the breach detection and threat prioritization stages.

Appendix

Further reading

If security intelligence is the answer, enterprise clients are being badly let down, IT0022-000391 (June 2015)

“IBM Security to focus on time to value with its X-Force Exchange threat intelligence sharing platform”, IT0022-000596 (January 2016)

Author

Andrew Kellett, Principal Analyst, Infrastructure Solutions

Andrew.kellett@ovum.com

Recommended Articles

  • Service Provider Markets, Consumer & Entertainment Services,...

    MWC 2018 Highlights

    By Ronan De Renesse 27 Feb 2018

    Over 20 of our senior Ovum analysts and consultants attended this year’s Mobile World Congress in Barcelona at the end of February. In between meetings, briefings and presentations, our analyst team were blogging and tweeting about key developments, trends and rumors. Have a look through our daily MWC 2018 Highlights to find out what happened.

    Topics 5G AI IoT Cloud Payments SDN/NFV Smart home

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.

;

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at pr@ovum.com

Contact marketing - 
marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now