Newss Technology

Microsoft Defender ATP gets new Threat & Vulnerability Management functionality

Microsoft has announced the general availability of Threat & Vulnerability Management solution. The tech giant says the solution was made available on June 30 and provides real-time vulnerability management to the organizations.

The new solution is a built-in capability in Microsoft Defender ATP (Advanced Threat Protection). The Microsoft Defender ATP uses a risk-based approach to discover, prioritize, and mitigate endpoint vulnerabilities and misconfigurations.

While designing the solution, Microsoft worked with a dozen of enterprise customers including Telit, a global leader in IoT enablement, to understand the limitations and complications of the existing processes.

During the process, Microsoft found that the current approaches being used to scan vulnerabilities are slow and periodical. This could lead to security blind spots between scans, flooding the organizations with vulnerabilities. Further, manual mitigation of vulnerabilities sometimes takes days, weeks, or months to complete. Hence, attackers have a window to attack the enterprises.

Threat & Vulnerability Management solution is aimed to address these issues.

“Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need,” wrote Rob Lefferts, Corporate Vice President at Microsoft Security, in a blog post.

The new offering will provide several benefits to customers, like enabling continuous discovery of vulnerabilities and misconfigurations, and business-context based prioritization and dynamic threat landscape. It will provide correlation of vulnerabilities with endpoint detection and response (EDR) alerts to expose breach insights.

Customers will also get machine-level vulnerability context during incident investigations, built-in remediation processes through integration with Microsoft Intune and Microsoft System Center Configuration Manager.

The new TVM solution is now generally available. Existing customers can find it in Microsoft Defender ATP portal. New customers can take a free trail here.

READ NEXT: Microsoft empowers Indian startups to scale globally with new initiative and venture fund expansion

Newss Technology

Usage of Linux on Azure surpasses Windows Server

The usage of Linux on Azure has exponentially surpassed the Windows, confirmed Microsoft Linux Kernel developer, Sasha Levin, to ZDNet.

The battle between Windows and Linux has been going on for over a decade. While Windows became a clear dominant OS on desktops, the Linux has won the battle on server.

In 2016, Azure CTO Mark Russinovich had revealed that 25% of the Azure instances were Linux, which increased to 40% the next year. Then in 2018, Microsoft told ZDNet that around 50% of Azure VMs were Linux.

This shows that Linux hasn’t won the battle overnight. More and more enterprises are choosing Linux over Windows when it comes to server.

“Every month, Linux goes up,” Scott Guthrie, Executive VP of the cloud and enterprise group, Microsoft told ZDNet in September last year.

Microsoft users have been actively choosing Linux and open-source software for over 10 years, since Microsoft open-sourced ASP.NET. “We recognized open source is something that every developer can benefit from. It’s not nice, it’s essential. It’s not just code, it’s community,” said Guthrie. “We’re now the largest open-source project supporter in the world.”

Now, there are almost a dozen of Linux distros available on Azure, that too without considering the Microsoft’s own Azure Sphere.

READ NEXT: Microsoft to stop support for Windows 7 from January 2020

Cloud Newss

Microsoft empowers Indian startups to scale globally with new initiative and venture fund expansion

Microsoft is expanding its venture fund M12 to India to create new value for startups and venture capitals (VCs) and help them keep up with the pace and direction of innovation.

M12 is a venture fund of Microsoft that invests in innovators who align their focus on cutting-edge technologies enabling digital transformation. The team of M12 comprises experienced VCs and Microsoft veterans who can support and scale companies by leveraging the expansive resources of Microsoft.

“Microsoft has been playing a vital role in shaping and nurturing the startup community in India and across the world. With our intelligent tech expertise, deep focus on trust and unique global go to market partnering, we empower unicorns and startups to scale sustainably at a global level. We remain excited about India’s entrepreneurial startup potential and will continue to accelerate it as a growth engine for the economy,” Anant Maheshwari, President, Microsoft India.

Startups play a crucial role in India to bring innovation and disruption in several areas, create new jobs, and provide technical solutions. It eventually improves the lives of people. Microsoft is well-positioned to assist the startups in India to help them evolve from market ready to enterprise ready.

The tech giant believes that expansion of M12 will help Indian startups to adopt the next phase of growth. It is already supporting startups to become enterprise-ready with Microsoft for Startups initiative.

Microsoft for Startups provides opportunities for startups to reach all over the world through Microsoft’s cloud marketplace, enterprise sales team, and partner ecosystem. The initiative also allows startups to co-sell with Microsoft sales teams and access the top tech VCs in the global arena and mentorship from industry veterans.

Microsoft claims that its Microsoft for Startups initiative has already closed over 120 co-sell deals in just 18 months.


Microsoft to stop support for Windows 7 from January 2020

Microsoft on Wednesday confirmed that it will officially end support for its Windows 7 operating system on January 14, 2020. From this day, Windows 7 will not be supported on laptops and desktops and will no longer get security and technical updates. Though the 10-year-old software will continue to function, but Microsoft customer service will not be available to provide Windows 7 technical support.

“Support for Windows 7 will close on January 14, 2020. This means that after this, the operating system will not get security and technical updates. So, the risk of using the computer devices running on it will increase,” Farhana Haque, Group Director of Microsoft India said at a press conference.

The tech giant suggests the users to shift to a Windows 10 based desktop, laptop or tablet as this is the latest operating system that’s productive and secure, and comes with updated features.

The shift to the modern desktop is already underway in organizations around the world. The cost for troubleshooting or fixing over four-year-old computers is more than the cost invested to purchase three or more fast and modern devices, with zero hassles, as per a report.

The transition from older version to the newest OS will benefit the organizations with better security and productivity gains offered by the modern desktops.

Microsoft also added that it is already working with the computer manufacturing companies such as Dell and HP to make the devices available at affordable costs. It is also seeing options to roll out buyback or exchange offers for its users.

ALSO READ: Windows 10 gets smart Phonetic Indic keyboards in 10 Indian languages

Image Source: Microsoft


Microsoft launches Azure Bastion to provide secure, remote access to Azure VMs

Microsoft has announced a new managed PaaS service that will provide enterprises secure and seamless RDP and SSH access to virtual machines directly through the Azure Portal.

Called Azure Bastion, the new service has been designed as an additional safeguard for the organizations that don’t want to connect to Azure VMs through public internet connections, as it can sometimes lead to the security and connectivity issues.

“Azure Bastion is a new managed PaaS service that provides seamless RDP and SSH connectivity to your virtual machines over the Secure Sockets Layer (SSL). This is completed without any exposure of the public IPs on your virtual machines,” Yousef Khalidi, Microsoft wrote in a blog post.

“Azure Bastion provisions directly in your Azure Virtual Network, providing bastion host or jump server as-a-service and integrated connectivity to all virtual machines in your virtual networking using RDP/SSH directly from and through your browser and the Azure portal experience. This can be executed with just two clicks and without the need to worry about managing network security policies.”

With the Azure Bastion, users can start an RDP (Remote Desktop Protocol) or SSH (Secure Shell) remote connection directly from the Azure portal using a web browser over SSL. This service will allow the users to access Azure VMs using a private IP address (see diagram below).

In future release, Microsoft plans to integrate Azure Active Directory with the Azure Bastion. The tech giant will also add seamless single sign-on capabilities, use of Azure Active Directory identities, as well as multifactor authentication to extend two-factor authentication to RDP/SSH connections.

There will also be support for RDP/SSH clients to enable them to connect securely with Azure Virtual Machines via Azure Bastion service.

Azure Bastion is currently available in preview.

READ NEXT: Microsoft releases new version of its machine learning framework ML.NET


Microsoft’s GitHub buys Pull Panda for effective collaboration among development teams

Microsoft owned GitHub has acquired Pull Panda to help software development teams create efficient and effective code-review workflows on GitHub.

“Better code reviews mean better code for software teams of all sizes, whether you work in open source or on a Fortune 500 team. However, fast-moving teams can run into delays as pull requests pile up and fall through the cracks. Teams need a better way to manage reviews, reduce turnaround times, and ship code faster.,” wrote Microsoft-owned GitHub in a blog post.

Started a year and a half ago, Pull Panda is a US-based start-up that aims to provide services to organizations to make daily workflows easier for the development teams by better managing their coding projects.

This acquisition will support automatic reminders to trigger email notifications, real-time data insight for empowered decision making, make data-driven process improvements to create a transparent culture and automatically deliver code across the development teams.

“Joining GitHub will allow our products to be fully integrated and offered to millions more developers around the world. I will be joining the GitHub team to integrate Pull Panda and continue to grow its features as part of the core product,” said Abi Noda, Founder and CEO, Pull Panda in a blog post.

Pull Panda’s features – Pull Reminders, Pull Analytics and Pull Assigner – will now be available on GitHub Marketplace application. Eventually, GitHub plans to integrate these features into its own software.

Users who want to install free Pull Panda can visit GitHub Marketplace.

READ NEXT: Users of GitHub Free can now access unlimited private repos


Microsoft releases new version of its machine learning framework ML.NET

Microsoft has announced a new version of its machine learning framework “ML.NET (v1.0)” and Model Builder for Visual Studio.

ML.NET is an open-source and cross-platform machine learning framework developed to provide model-based machine learning capabilities to .NET developers across the globe.

“Using ML.NET, developers can leverage their existing tools and skillsets to develop and infuse custom AI into their applications by creating custom machine learning models for common scenarios like Sentiment Analysis, Recommendation, Image Classification and more,” Microsoft writes in a blog post.

The ML.NET v1.1 brings a number of new features and enhancements, including a new algorithm based on Super-Resolution Deep Convolutional Network.

For ML.NET, Microsoft has improved the process of loading images in a model. Now, developers can load in-memory images and process them directly.

There is a new Anomaly Detection algorithm named ‘SrCnnAnomalyDetection’ which is based on a Super-Resolution Deep Convolutional Network. The main benefit of this algorithm is that it doesn’t require prior training.

A new component is added to Time Series NuGet package, that will be useful in predicting uncertain events that are impacted by different situations.

For Model Builder, Microsoft has added support for new scenarios as requested by customers. The updates include a new Issue Classification Template to categorize support issues, information accuracy in the Evaluate step, improvement in Code Generation step and feature that addresses multiple customer feedback.

The new issue classification template will allow users to classify tabular data into multiple classes. For instance, users can use the template to predict the issues on GitHub, route the customer support tickets, and classify emails into different categories.

Customers can get started with ML.NET here.

ALSO READ: Microsoft to integrate Truffle blockchain development platform with Azure


Microsoft to integrate Truffle blockchain development platform with Azure

Microsoft is joining forces with blockchain startup Truffle to integrate Truffle’s developer tools with Azure. The aim is to provide quality developer experience and DevOps to enterprise blockchains.

Truffle delivers a development platform, testing framework and asset pipeline for the Ethereum blockchain. It comes with built-in smart contract compilation, linking, deployment and binary management, which can be easily accessed by the customers.

The platform has been downloaded over 3 million times and is a preferred choice of developers seeking tools to accelerate the smart contracts and front-end app development process.

Recently, Microsoft had added an extension to its Visual Studio Code that leverages the Azure services and Truffle Suite. This extension helps developers to create and compile smart contracts. They can also test the contracts locally using the Ganache testing environment, as well as inside the Azure DevOps pipelines.

“Early on it was very clear Ethereum developers needed professional, modern development tools. With enterprise’s growing adoption of blockchain technology, Truffle recognizes the importance of this opportunity to bring our blockchain-native experience to enterprise developers across the world through our partnership with Microsoft,” said Tim Coulter, Truffle CEO and Founder.

The integration of Truffle with Azure will enable developers to build advanced, secured blockchain-based applications, streamline workflow with GitHub integration and deploy on real-time basis.

“Our developers expect a world-class experience from Microsoft backed by the best of Azure and Open Source. The Truffle integration demonstrates our continued investment in working with the open source community. Integrating Truffle Suite with Visual Studio Code and Azure DevOps will deliver a world-class developer experience for customers targeting Azure Blockchain Service and public Ethereum,” said Marc Mercuri, Principal Program Manager, Azure Blockchain Engineering.

Developed on Azure, and being true to the mission of Truffle, the team of Truffle will remain free for open source users.

Truffle tool has also been integrated with Quorum, the open-source Ethereum blockchain used by JPMorgan, developed by Axoni, is being used by the Depository Trust & Clearing Corporation (DTCC) now.

ALSO READ: Microsoft announces new blockchain development kit, extending capabilities for developers


Microsoft warns Windows users to “Update Now” to protect against new dangerous worm

Last month, Microsoft had released fixes for a critical Remote Code Execution vulnerability (CVE-2019-0708), called BlueKeep. This vulnerability was found in Remote Desktop Services, affecting some older versions of Windows. The tech giant has now warned that an exploit exists for this vulnerability.

According to an internet-scale port scanner, nearly one million devices on the public internet are vulnerable to BlueKeep.

“Future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017,” wrote Microsoft in a blog post.

Which versions of Windows are affected by BlueKeep vulnerability?

The following Windows systems are vulnerable to CVE-2019-0708 BlueKeep:

  • Windows 2003
  • Windows XP
  • Windows 7
  • Windows Server 2008 R2
  • Windows Server 2008

Users of Windows 8 and Windows 10 are not affected by this vulnerability.

How can BlueKeep vulnerability affect users?

If a vulnerable computer connected to the internet is compromised, it can provide a gateway to the corporate networks. This can allow attackers to spread advanced malware and infect all the computers across the enterprise.

It is a pre-authentication vulnerability and doesn’t need user interaction. Once the vulnerability is exploited, the attackers can execute arbitrary code on the target system. Then, the attacker can install programs, view/change or delete data, as well as create new accounts with full user rights.

“This scenario could be even worse for those who have not kept their internal systems updated with the latest fixes, as any future malware may also attempt further exploitation of vulnerabilities that have already been fixed,” added Microsoft.

Also read: Over 3 million malware detected on Android phones in 2018: Report

How to protect Windows against BlueKeep vulnerability?

Windows 2003 and Windows XP are out-of-support systems. Users of these systems can address the new vulnerability by upgrading to the latest Windows version.

Whereas, the users of in-support systems (Windows 7, Windows Server 2008, Windows Server 2008 R2) can download the security patch from the Microsoft Security Update Guide.

The customers who are using an in-support version of Windows and have enabled automatic updates by default are protected automatically.

Cloud News Datacenter Green Tech Newss Partnership

Microsoft is developing zero-carbon data centers in Sweden

Microsoft recently announced that it will soon build two advanced data centers in Sweden. The company commits to design the greenest ever data centers in the most sustainable and advanced way. These will be powered by 100% renewable energy sources with an aim to avoid the waste from operations.

“We intend for our datacentres in Sweden to be among the most sustainably designed and operated in the world with the ultimate ambition of achieving zero-carbon operations,” said Noelle Walsh, CVP, Cloud Operations & Innovation, Microsoft Corp. “The data center design we’re developing will further Microsoft’s ongoing commitment to transition to a sustainable, low-carbon future.”

The new data centers will be placed in Gävle and Sandviken, the cities just north of the capital Stockholm. Microsoft has partnered with sustainable energy firm Vattenfall AB for required power supply. Vattenfall has been a regular electricity provider of Microsoft. It generates the power by its ‘Wieringermeer Polder’ wind farm in the Netherlands. Together, they are planning ways to reduce the carbon footprint of advanced data centers to zero.

“We will support Microsoft on the sourcing and supply of renewable energy for the future datacentres and help provide innovative solutions to reduce the carbon footprint of the datacentres. Vattenfall Distribution as the regional network owner will construct and build the distribution infrastructure required to connect the large-scale facilities,” said Andreas Regnell, Senior Vice President, Strategic Development, Vattenfall.

Microsoft is not only working on clean data centers but also finding ways to increase access to clean energy. For this, it has associated with Agder Energi, a producer of renewable energy and Powel AS, software solutions provider for utilities industry in Norway.

Microsoft already has data centers in Finland, Ireland, France, Austria, Germany, the U.K., and the Netherlands. Microsoft said it had picked Sweden for data centers “in anticipation of future needs for cloud and internet services as demand in Europe continues to grow.”

ALSO READ: Microsoft and industry leaders launch new open project for service mesh interoperability

Page 1 of 14
1 2 3 14