{"id":244,"date":"2017-05-25T17:00:29","date_gmt":"2017-05-25T17:00:29","guid":{"rendered":"http:\/\/securitycurve.com\/?p=244"},"modified":"2017-05-25T17:00:29","modified_gmt":"2017-05-25T17:00:29","slug":"security-buying-spree-whats-microsoft-up-to","status":"publish","type":"post","link":"https:\/\/securitycurve.com\/?p=244","title":{"rendered":"Security Buying Spree: What’s Microsoft Up To?"},"content":{"rendered":"

\"\"<\/a>So Microsoft apparently is buying<\/a>\u00a0the Israeli security firm\u00a0Hexadite<\/a>. \u00a0Hexadite, interestingly enough, makes an automation tool to support incident response. \u00a0In fact, it’s specifically designed to support (or arguably replace) human analysts in performing incident management tasks. If you want to see how the product works, you can see a demo of it on the Hexadite site here<\/a>.<\/p>\n

So this is an interesting step for Microsoft. \u00a0Microsoft, as we all know, is no stranger to security acquisitions (over the years, they’ve bought folks like Zoomit, GIANT, FrontBridge, Alacris, Komoku, Sentillion, PhoneFactor, etc., etc.) So it’s not a huge surprise on its face that they would purchase a security company now. \u00a0What is a little more interesting though is\u00a0that Microsoft has said they’ll invest $1B in the space during 2017 (one assumes that includes acquisitions) – which means that there are likely more on the horizon. \u00a0Also the fact that we can expect this tool to see a lot more mainstream airtime now that they’re owned by Microsoft.<\/p>\n

I’m a little torn on whether this is a good bet for them or not. \u00a0For the short term, it is unquestionably a win. \u00a0This tool is all about finding and fixing issues in a distributed environment; notably those running Windows software. So it’s an immediate enterprise sales play for them, it addresses immediate challenges in their customer’s environment, and it’s longer-term a great feature-set to incorporate into the Windows ecosystem. \u00a0It’s also a huge marketing win, which I’m sure brings with it some “soothing relief” after the whole WannaCry situation.<\/p>\n

But it’s also a little, maybe… old school? \u00a0Yes, I just asked with a straight face if an AI vendor is “old school.” \u00a0By that though, I’m not referring to the technology it uses to do what it does: that’s super sophisticated and cutting edge I’m sure. \u00a0Instead, I mean the business problem it solves – and I’m not thinking right now, I’m thinking a few years from now. \u00a0In the past for example, when Microsoft bought someone like GIANT, that technology is (probably) still there in some form or another – incorporated in Windows Defender (or Security Essentials or whatever they call it nowadays). \u00a0So there’s some serious shelf-life associated with that purchase. \u00a0Will there be with this one?<\/p>\n

Maybe. \u00a0But AIRS (the Hexabite premiere product)\u00a0is all about automating remediation\u00a0for distributed,\u00a0on-premise, mostly Windows environments. \u00a0Yes, I know\u00a0as of last year, they added support for Mac and Linux<\/a>\u00a0– but each platform they support exponentiates the support overhead. \u00a0So it might be a while before they support Android, and IOS, and the other IOS, and embedded platforms, and cloud environments, and all the other crap that’s coming next. \u00a0Workstations will of course always be there, so that problem won’t go away – and this tool is a workhorse for that problem. \u00a0And maybe some flavors of IoT (e.g. BusyBox) can be added in short order because of the Linux support (could happen)… But will there be the shelf life that a GIANT or PhoneFactor has? \u00a0Not sure.<\/p>\n","protected":false},"excerpt":{"rendered":"

So Microsoft apparently is buying\u00a0the Israeli security firm\u00a0Hexadite. \u00a0Hexadite, interestingly enough, makes an automation tool to support incident response. \u00a0In fact, it’s specifically designed to support (or arguably replace) human analysts in performing incident management tasks. If you want to see how the product works, you can see a demo of it on the Hexadite […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[8,11,64,83],"class_list":["post-244","post","type-post","status-publish","format-standard","hentry","category-security","tag-airs","tag-automation","tag-hexadite","tag-microsoft"],"_links":{"self":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/244","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=244"}],"version-history":[{"count":0,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/244\/revisions"}],"wp:attachment":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=244"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=244"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=244"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}