News

'Project VAST' Joins Microsoft's Security Arsenal

Microsoft this week took the wraps off "Project VAST," a tool designed to surface security problems visually.

Project VAST (or "Visual Auditing Security Tool") combines Microsoft's Azure Log Analytics with its Power BI data visualization service. However, it has its own user interface that aims to provide organizations with an "interactive data visualization" of security events so they don't have to spend time sifting through log events,

Jon Shectman, a Microsoft Premier field engineer specializing in security issues, described Project VAST in a post on Wednesday. Shectman created Project VAST with fellow security Premier Field Engineer Brian Delaney. The announcement is the first post in a planned series. There's limited information available about Project VAST right now, but a Channel 9 "Taste of Premier about VAST" video will get posted "in the next two weeks," Shectman promised.

The Project VAST tool will be capable of integrating with data from the Microsoft Advanced Threat Analytics service, which acts as a forensic tool for investigating security breaches in organizations. It would seem that Project VAST is yet another security information and event management (SIEM) kind of solution that blends together various Microsoft tooling. However, Shectman described Project VAST as also being able to coexist with non-Microsoft SIEM products. In the future, Project VAST could get integrated with these SIEM products, he suggested.

Project VAST captures domain controller event log data and uses the Microsoft Monitoring Agent to put the data into Azure Log Analytics. The data are further sorted using the Kusto query language before surfacing in visual form via Power BI.

There's not much information out there about the Kusto query language. It apparently is used in Azure App Insights by Microsoft's Visual Studio team but was brought over for use in Azure Log Analytics, too, according to a description by SquaredUp, a software company that builds data visualization products for IT operations.

The user interface of Project VAST shows areas of security interest in the form of tabs. Shectman described the tabs as surfacing "actionable KPI-based metrics" that can be used to assess an organization's security effectiveness and take action.

"You might think of each tab, therefore, as representing a step on your organization’s ongoing security journey: User and Computer Hygiene, LAPS Deployment and Auditing, Insecure LDAP, Deprecated Protocols, Account Theft and Misuse, Privileged Group Hygiene, Authentication Posture, and more," said Shectman regarding the types of tabs shown in the Project VAST interface.

The requirements to use Project VAST aren't clear from the announcement, but it can be used by "organizations of many different sizes," according to Shectman. Microsoft is offering "a limited number of demo slots" to test it, which are available by contacting the Technical Account Manager used by an organization.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.

  • Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

    Businesses risk losing up to $87 million a year if they fail to catch up with AI innovation, according to the Couchbase FY 2026 CIO AI Survey released this month.

  • Microsoft Cuts Windows 11 Recovery Time with New Update

    Microsoft has introduced two key enhancements to Windows 11 aimed at minimizing downtime and streamlining error resolution.

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.