Microsoft CEO Satya Nadella talked a lot about machine learning during his keynote at Microsoft Build 2016, but neither he nor the executives on stage covered how machine learning can drive security applications. But don’t let its absence onstage fool you, as several of Microsoft’s latest security moves rely on the company’s machine learning investments.
Take the Intelligent Security Graph, which Nadella announced last fall. Based on the Microsoft Azure Machine Learning technology, it collects “trillions of signals from billions of sources” to provide IT teams with real-time insights they can use to detect and respond to threats. At Build, Terry Myerson, executive vice president of the Windows and Devices Group in Microsoft, said Windows Defender Advanced Threat Protection relies on the intelligent security graph, behavioral sensors, cloud-based security analytics, and threat intelligence to protect Windows devices.
“We need to infuse intelligence about us and our context into all of our computers and experiences,” Nadella said.
The security graph also plays a role in the Azure Security Center, a subscription-based offering announced in February that lets customers create and manage security politics. The dashboard lets administrators monitor virtual machines and receive real-time alerts as threats are found. The analytics tools analyze crash events to determine what happened to the Azure instance -- a malicious event or an application error? -- and other types of events data to determine if there is a breach. With machine learning, the tools can tell the difference between legitimate user behavior, remote access traffic, or an attack.
At Build, Microsoft showcased the workloads Azure can handle and the development tools available. As more developers move their applications to Azure, it stands to reason the Azure Security Center will become a key part of monitoring and management.
Much of Nadella’s focus at Build was on “conversations as a platform,” or advanced natural language processing, and bots that can process what humans say to take appropriate actions. This goes far beyond carrying out instructions, but also proactively reacting to a statement and following up with related tasks. The demonstrations focused on actions like making hotel reservations and sending documents to colleagues, but these bots and virtual assistants have a natural place in security for technical support and help-desk queries, as well as taking care of specific tasks.
"We want to build intelligence that augments human abilities and experiences. Ultimately it is not going to be about man versus machine. It is going to be about man with machines," Nadella said at Build. And what's better than having machines help users protect their data and communications?
Nadella acknowledged social implications to security and privacy, promising Microsoft will take a “principled approach” as it adds intelligence to applications. Technology needs to be “more inclusive and respectful,” as well as balance security and privacy considerations, such as adopting encryption.
Consider the Skype bot. The Build demo showed the bot picking up key terms related to travel during a Skype call and suggesting hotel reservations. The same bot will have to recognize sensitive information and make sure to protect it.
“You also have to build trust right into our technology. That means you have to have technology that has built-in protections for privacy, transparency, security, as well as compliance," Nadella said.
“We want to build technology, so we get the best of humanity, not the worst.”