Microsoft Security Experts: Humans and automation to fight off cyber threats

Microsoft is rolling out its "Security Experts" managed service with an eye on stomping down threats and malware.

Although the company itself isn't immune to the odd 100 bugs, with the ever-changing threat landscape of the current world, everything helps. The Redmond giant is combining human-led services and technology in the hopes of keeping one step ahead of attackers.

"We understand today's security challenges," said Microsoft "because we live this fight ourselves every single day."

Microsoft is planning to roll out three such managed services in 2022, one of which became available today.

In preview now (if you ask nicely), and due to be generally available over the summer, is Microsoft Defender Experts for Hunting.

Aimed at customers with robust security operations centers, the service requires that Microsoft Defender data be handed off to the Windows vendor's experts, who will pore over signals from the likes of Office 365 in search of online attacker tracks.

Microsoft's security folk will then hand over the results of their investigations, along with suggestions for remediation. A service dubbed Experts on Demand also allows for consultations including those regarding a specific incident or attack vector.

Heading to preview in late 2022 is Microsoft Defender Experts for Extended Detection and Response (XDR), a managed service for customers seeking to extend the capacity of their existing security operations center. In this case, a combination of automation and human expertise is put to work alongside a customer's existing team.

"You stay in control," said Microsoft, "and reduce costs, excess noise, and manual processes."

• Microsoft's standalone Defender for Business hits GA
• Microsoft adds GCP to Defender for Cloud
• Microsoft: What's that? A patch for make-me-admin vuln? Sorry – can't hear you. Have a new jumper instead
• Microsoft Defender for Endpoint laid low. Not by malware, but by another buggy Windows patch

Third is Microsoft Security Services for Enterprise, where pretty much everything is handed off and combines both threat hunting and managed XDR. This service is available today, although it is sold through a custom statement of work.

The latter point is key. The Register asked Microsoft how much all this was going to cost and how many of these experts would be humans rather than layers of bots. We'll update when the company responds.

Security as a Service (SECaaS) is big business. Microsoft pointed to Gartner research showing that half of organizations would be using Managed Detection and Response (MDR) services by 2025. The company said it plans to invest millions in creating a managed XDR partner designation, a co-sell benefit for managed XDR partners, and to build new APIs to give partners access to Microsoft threat intelligence. ®