Microsoft Corp.is boosting the security of its Active Directory service with machine learning technology acquired with its purchase of cloud security startup Aorato.
“With Aorato we will accelerate our ability to give customers powerful identity and access solutions that span on-premises and the cloud, which is central to our overall hybrid cloud strategy,” Takeshi Numoto, vice-president of cloud and enterprise marketing at Microsoft (NASDA:MSFT) , wrote in a blog today where the company announced its purchase of the Israeli-based company. “Aorato’s sophisticated technology uses machine learning to detect suspicious activity on a company’s network.”
He said the technology is capable of understanding what human behaviour is and identifies anomalies “so a company can quickly see suspicious behaviour and take appropriate measures.”
Machine learning can be considered a subfield of computer science and statistics and has strong ties with artificial intelligence. It deals with the construction and study of algorithms that can “learn” from data instead of simply following programmed instructions. The algorithms are used to build models that aid in making predictions and decisions.
Earlier this year, Aorato reported it found an encryption vulnerability in Active Directory. Aorato said the flaw could allow an attacker to change user passwords.
Aorato has traditionally focused on enterprise security by developing products that provide customers visibility into their Active Directory and identity infrastructure “with an emphasis on user behaviour and intelligence and analytics,” according to the company.
“With this acquisition, we will cease selling our Active directory Services Application Firewall (DAF) product,” a message on the Aorato Web site said. “As part of Microsoft, we will share more on the future direction and packaging of these capabilities at a later time.”
Key to Aorato’s approach, Numoto said, is the Organizational Security Graph. He described this as a “living, continuously-updated view of all of the people and machines” accessing an organization’s Windows Server Active Directory.
Active Directory is used by many enterprise organizations to store user identities and administer access to critical business applications and systems. “Therefore most of our enterprise customers should be able to easily take advantage of Aorato’s technology,” said Numoto.
