Microsoft's latest security service uses human intelligence, not artificial


Microsoft has announced two new cloud services to help administrators detect and manage threats to their systems. The first, Azure Sentinel, is very much in line with other cloud services: it's dependent on machine learning to sift through vast amounts of data to find a signal among all the noise. The second, Microsoft Threat Experts, is a little different: it's powered by humans, not machines. Azure Sentinel is a machine learning-based Security Information and Event Management that takes the (often overwhelming) stream of security events--a bad password, a failed attempt to elevate privileges, an unusual executable that's blocked by anti-malware, and so on--and distinguishes between important events that actually deserve investigation and mundane events that can likely be ignored. Sentinel can use a range of data sources.