If you have never heard of Hexadite you are not alone, the online security company was formed in 2014, headquartered in Boston but based in Tel-Aviv. As it was just purchased by Microsoft for around $100 million so they can integrate Hexadite's Automated Incident Response Solution into their Windows Defender Advanced Threat Protection. AIRS is not antivirus software, instead it is a tool that integrates with existing software and monitors for any alerts. Once an alert is detected the tool automatically investigates that alert and searches for solutions, in theory saving your security teams sanity by vastly reducing the number of alerts they must deal with directly. It will be interesting to see if this has an effect on the perception of companies and users as to the effectiveness of Windows Defender.
"Hexadite's technology and talent will augment our existing capabilities and enable our ability to add new tools and services to Microsoft's robust enterprise security offerings."
Here is some more Tech News from around the web:
- Museum of Failure will help us learn from our 404s @ The Inquirer
- Raspberry Pi Malware Mines BitCoin @ Hack a Day
- AMD Threadripper and Vega: Luke and Leo discuss @ Kitguru
- MediaTek considers placing chip orders with Globalfoundries @ DigiTimes
- Pop-up Android adware uses social engineering to resist deletion @ The Register
That’s great for forensics
That’s great for forensics and attribution, but it would be nice to see M$ do something more useful for endpoints like adding their own EMET type exploit mitigations to their Swiss Cheese software.