News

Microsoft Gives Azure AD Security Boost with Aorato Buy

Microsoft on Thursday acquired Israel-based identity and access management firm Aorato Ltd. for an undisclosed amount.

The Wall Street Journal had noted in July that Microsoft was engaged in talks to buy Aorato, estimating the deal to be worth around $200 million at the time. Aorato, described as a startup company, was founded by a technology arm of the Israel Defense Forces, the WSJ reported.

Aorato will join Microsoft's Identity and Security Services Division, according to a Microsoft Active Directory team blog post. Aorato will stop selling its Directory Services Application Firewall product, Aorato's Web site explained. No details were provided on what that might mean for Aorato's current customers.

Microsoft described Aorato's technology as using machine learning to detect anomalous activity on a network. It uses an "Organizational Security Graph" to draw up a profile of the people and devices accessing Active Directory, as used for managing access to Windows Server.

Aorato's technology will "complement similar capabilities that we have developed for Azure Active Directory," Microsoft noted, in its announcement. It's not clear which capabilities are meant, although Microsoft previewed a role-based access control feature in Azure back in September, enabling IT to better manage the sort of actions that personnel can take.

A Microsoft spokesperson clarified via e-mail that Azure Active Directory has similar capabilities to Aorato's solution in that it can detect patterns of "anomalous activity in the cloud and report this to our customers to take action." The actions might include "blocking access or forcing a second factor for authentication or password reset."

Aorato's solution can detect so-called "pass-the-hash" attacks, which is a method that attackers use to escalate network access privileges.

"Aorato's technology can detect a variety of pass-the-hash attacks and recommends options for mitigating and blocking the attack," the spokesperson clarified.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.