News

Report: Microsoft Acquiring Security Firm for $100 Million

Update, 6/8: Microsoft has confirmed that it is acquiring Hexadite for an undisclosed amount. Hexadite's remediation technology will be added to Microsoft's Windows Defender Advanced Threat Protection service and the Hexadite team will become part of Microsoft's Windows and Devices Group. The original article follows.

Microsoft is in the midst of acquiring 3-year-old software security firm Hexadite for $100 million, according to reports.

The acquisition deal and price were mentioned in this Calcalist (Israel) press account, as cited in a Reuters story Wednesday. However, there was no confirmation from Microsoft, with a spokesperson saying only that "the company has nothing to share at this time."

Hexadite has its headquarters in Boston but its research and development facilities are located in Israel. The company makes a solution that automates the investigation and remediation aspects of addressing network breaches.

Hexadite was founded by three former members of an "elite intelligence unit of the Israel Defense Forces," according to the company's Web site. Its main product is the Hexadite Automated Incident Response Solution (AIRS), which was first launched in March of 2015.

AIRS works with other software security solutions to automatically apply remediation actions. Hexadite's partners include security solutions providers such as Carbon Black, Check Point, CrowdStrike, Cybereason, Cylance, Exabeam, Hewlett Packard Enterprise, Palo Alto Networks and Securonix.

Hexadite is described as a "security automation and orchestration" (SAO) provider in a Forrester Research report. The SAO market is described as a new space that started about three years ago, according to the report. Other vendors profiled in Forrester's SAO report include CyberSponse, Demisto, Phantom Cyber and Swimlane. The idea behind SAO solutions is that they can speed up investigation and remediation time following network security breaches.

One challenge for Hexadite is to get security and response professionals to accept that human investigators can be replaced by an automated process such as the AIRS product, according to Forrester's report. AIRS, described as "security middleware," is designed to model the actions of investigators.

Microsoft has its own post-breach analysis solution called the "Windows Defender Advanced Threat Protection" service. It uses machine learning to investigate network security breaches. It's primarily a forensics tool, but Microsoft had indicated back in December that remediation capabilities would be arriving in the Windows Defender Advanced Threat Protection service with the release of the Windows 10 Creators Update. The Windows 10 Creators Update was released last month as a "current branch" test release for organizations.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Appoints Ex-GE Exec Its First COO Since 2016

    Microsoft has a new chief operating officer (COO), its first since Kevin Turner left the role -- and the company -- in 2016.

  • Image of a futuristic maze

    The 2024 Microsoft Product Roadmap

    Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

  • Microsoft, Oracle Announce Updates to Joint Database IaaS Service

    The Oracle Database@Azure infrastructure-as-a-service offering from Oracle and Microsoft is getting new capabilities, including integrations with key Microsoft data and security services.

  • 2025 Support Cliffs Approaching for Exchange 2016, Dynamics 365 PSA

    Microsoft recently sounded the warning bell for two of its products, Exchange Server 2016 and Dynamics 365 Project Service Automation (PSA), both of which are set to reach end-of-support milestones next year.