Microsoft to boost Active Directory protection with Aorato acquisition

The Israeli startup's security product uses machine learning to protect Active Directory servers

Microsoft plans to beef up Active Directory's security with machine learning technology from a startup it has acquired.

The security technology from Aorato will give Microsoft customers "a new level of protection against threats through better visibility into their identity infrastructure," Takeshi Numoto, corporate vice president of Cloud and Enterprise Marketing at Microsoft, wrote in a blog post.

"With Aorato we will accelerate our ability to give customers powerful identity and access solutions that span on-premises and the cloud," he added.

The Aorato technology provides "intelligent" protection inside company networks by learning what normal behavior is and taking action when it detects anomalies, according to Microsoft.

It bases its knowledge on a continuously updated "security graph" that maps all the people and devices tapping Windows Server Active Directory, the Microsoft server used by businesses as a repository for user access credentials to applications and systems. The Aorato technology will complement similar functionality Microsoft has already deployed in its cloud Azure Active Directory service.

The acquisition doesn't come as a major surprise. In July, The Wall Street Journal, citing anonymous sources, reported the companies were in talks for Microsoft to buy Aorato for about $200 million. The Journal reiterated that price tag when it again reported on the deal on Thursday.

Microsoft declined to comment on the terms of the deal.

Aorato appeared on Microsoft's radar screen after one of its executives detailed in a blog post what he considered was an Active Directory security vulnerability. At the time, Microsoft downplayed Aorato's concerns.

Aorato, based in Israel, launched its Directory Services Application Firewall (DAF) this year. Now that it has been acquired by Microsoft, Aorato will stop selling that product. "We will share more on the future direction and packaging of these capabilities at a later time," reads a message on the company's home page.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.

Join the CSO newsletter!

Error: Please check your email address.

Tags Microsoftsecuritysoftware

More about IDGMicrosoftNewsWall Street

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Juan Carlos Perez

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts