Security
solutions
The Microsoft 365 Defendersuite is a recognized market leading Extended Detection and Response (XDR) solution for Microsoft 365 services that offers built-in, automated, and coordinated protection services that detect and block attacks across Microsoft 365 security products, and provide a unified portal for security operations (SOC) teams to manage, investigate, respond to, and remediate, security events and attacks in a holistic manner. The Microsoft 365 Defender product suite includes:
Microsoft 365 Defender (M365D) A coordinated, cloud-based, XDR-level detection and response platform that offers a unified security operations portal across all Microsoft 365 Defender portfolio products.
Microsoft Defender for Endpoint (MDE) A holistic, cloud-based endpoint security solution that supports all OS platforms and device form factors, offering behavior-based next generation endpoint protection, risk-based vulnerability management and assessment, security posture configuration, Endpoint Detection and Response (EDR), automatic remediation.
Microsoft Defender for Identity (MDI) A cloud-based User and Entity Behavioral Analytics (UEBA) solution across on-premises Active Directory, Azure Active Directory, and hybrid enterprises that identifies, detects, investigates and remediates advanced threats, compromised identities, and malicious insider actions.
Microsoft Defender for CloudApps (MDA) A Software as a Service (SaaS) monitoring, management, and protection solution that supports various deployment modes, including log collection, API connectors, and reverse proxy. It provides security teams with rich visibility (discovery), threat detection and control (data protection and compliance) for over 25K applications used by the enterprise users and applies sophisticated analytics to identify and combat cyberthreats across Microsoft and third-party cloud services.
Microsoft Defender Vulnerability Management (MDVM) A proactive, risk-based Vulnerability Management solution that helps you efficiently and holistically discover, assess, and remediate vulnerabilities and misconfigurations. Microsoft Defender Vulnerability Management offers continuous asset visibility, consolidated inventories, intelligent assessment tools, risk-based prioritization, and built-in remediation workflows.
Microsoft Sentinel is a scalable, cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for attack detection, threat visibility, proactive hunting, and threat response.
Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
Microsoft Defender for IoT is a global Microsoft group delivering OT and IoT security. The group is comprised of top-notch engineers, product people, researchers and business developers. The group's solutions are deployed worldwide in every possible vertical, ranging from energy and manufacturing to smart spaces and standard enterprise environments, in which a plethora of IoT devices is used.
Microsoft Defender for Cloud (MDC) helps customers secure their public cloud workloads. It provides insights into the cloud security posture and recommendations for improving it, while also monitoring and detecting runtime security threats leveraging advanced AI and security research.
Defender for Cloud protects infrastructure and application resources, wherever they are, including Azure, on-premises, and other public cloud providers such as AWS and GCP.
Enterprise Security Posture Management integrates signals from across the entire security stack, including network, endpoint, cloud, and application security, and enriches it with context to give security teams a comprehensive view of their organization's security posture. Using this platform, security teams can more effectively detect and respond to threats, identify areas of vulnerability, and implement strategies to mitigate risk caused by the increasing attack surface. By bringing together data from a wide range of sources, the platform helps security teams make informed decisions and take proactive measures to protect their organization from cyber threats.
MSTIC-IL hunts, tracks and protects against threat signals as part of MSTIC (the Microsoft Threat Intelligence Center).MSTIC-IL also builds a platform Microsoft threat analysts use to collaborate on threat hunting and customer protection.
Red Sea, a revolutionary Secure Access Workstation (SAW/PAW).
The initial solution aims to address both the usability and the cost of approach to SAW. It will be done by merging the IW workstation (Information Work) and SAW machine to a single machine, while providing the same security guarantees as a SAW only machine.
Red Sea machines detect when a user requires secure access (privileged) and seamlessly and securely redirects local I/O to a trusted, separate compute unit which enables the user to interact with sensitive services.
Microsoft Entra Internet Access and Microsoft Entra Private Access comprises Microsoft's Security Service Edge (SSE) solution. Uniquely built as a solution that converges network, identity, and endpoint access controls so you can secure access to any app or resource, from anywhere while applying the core principles of Zero Trust to use least privilege, verify explicitly, and assume breach.
Microsoft Entra Internet Access secures access to Microsoft 365, SaaS, and public internet apps while protecting users, devices, and data against internet threats. Delivering best-in-class security and visibility, along with fast and seamless access to Microsoft 365 apps and secure access to public internet apps through the identity-centric, device-aware, cloud-delivered Secure Web Gateway (SWG).
Microsoft Entra Private Access provides your users - whether in an office or working remotely - secured access to your private, corporate resources, connecting across hybrid and multicloud environments, private networks, and data centers from any device and network without requiring a VPN. The service offers per-app adaptive access based on Conditional Access policies, for more granular security than a VPN.
More resources
BlueHat
IL
BlueHat IL is home to the largest Infosec community in Israel. With a thriving local ecosystem that is globally renowned for its excellence, innovation and creativity, it isn’t surprising that Israeli companies have a huge impact on cybersecurity worldwide. Our community includes industry leaders, entrepreneurs, academia, government officials, independent researchers and hobbyists.
Every year, thousands of security professionals take part in our initiatives:
BlueHat Meetup - an open stage for casual gatherings and sharing knowledge.
Follow us on
Digital Transformation Platforms
Customer Experience Copilot is how we integrate large language models (LLMs) into the seller, marketer and the sales/marketing organization workflows. The Copilot team in ILDC has a unique opportunity together with its sister-teams Viva Sales and D365, to leverage both CRM, Customer Insights data and Office data (emails, meetings, documents, etc.) as inputs into LLM scenarios, creating unique and differentiated outcomes not possible by competitors. These new capabilities will help sellers advance deals more quickly, improve communication with customers, and increase the volume of opportunities and accounts they can manage. We’re leveraging the team’s extensive knowledge of Dynamics 365 Sales Conversation Intelligence – which helps sales organizations stay focused on the customer journey and accumulate insights and context that often get lost in application and tool switching – and adding to it in order to enhance customer experience even further, starting with seller productivity through Viva Sales.
AI is driving a wave of innovation, transforming the potential of organizations in every industry. It is reinventing customer engagement, ensuring every connection adds value to customer relationships, enriching employee experiences to be more creative, and reshaping business processes with automated and 360-degree views of a company’s operations.
In ILDC, we lead Industry AI across key industry investments, and leverage the Israeli ecosystem around AI to drive innovation and foster a thriving partner ecosystem for the Industry Clouds.
Our objective is to build on Microsoft’s AI platforms and provide partners and customers with industry-specific AI capabilities as part of the Microsoft Cloud for Industry. We harness platforms such as Azure (Cognitive Services, Azure AI Studio and Fabric) Dynamics 365, Power Platform, and M365 (Copilot and Teams) to build industry-tailored solutions that responsibly address unique needs.
By connecting Microsoft’s differentiated technology in AI and data analytics to industry-specific business outcomes, we are able to accelerate industry partners in bringing innovative industry solutions to market.
For instance, in Retail, Microsoft smart store analytics app is helping retailers gain detailed insights into customer behavior and patterns, allowing them to be more informed and data-driven about store operations and merchandizing decisions. Together, AiFi and Microsoft, through AI technology deployed at the edge and cloud respectively, are helping retailers provide frictionless shopping experience and optimize it using actionable analytics.
In Financial Services, Microsoft is showcasing Meeting Prep for financial services, an example of the kind of work we are doing with partners, such as the London Stock Exchange (LSEG) to create value from their data using Large Language Models and Generative AI. This solution will automatically generate meeting preparation summaries combining insights from LSEG’s financial data with news, documents, emails, chats, and other relevant content from Microsoft Graph in Microsoft 365.
Additionally, you can learn about the Azure Data Manager for Agriculture and how Microsoft is expanding support for Bayer’s Climate FieldView to fulfill Bayer’s vision “Health for All, Hunger for None”.
To learn more about our work, please visit our recent blog here.
Health ILDC builds cloud services to deliver products and services to millions of users around the world, aiming to make a difference in people’s lives.
Health ILDC is a multi-disciplinary R&D organization that focuses on building AI technologies for the Health & Life Sciences industry. Our work involves Generative AI, Copilots, Conversional AI, Natural Language Processing, and combines software engineering, product management, medical science, research and applied data science, as well as ecosystem partnerships. We build products that allow healthcare organizations all around the world to reduce the burden from the clinical staff, improve their services and outcomes, and empower patients with access to health data and knowledge.
The Automated Driving Platform (AKA ADP) is a cloud-based data platform for the agile development of automated driving functions. Built in collaboration with CARIAD of the Volkswagen Group, it will simplify developers’ workflow, through one scalable and data-based engineering environment. Building automated driving functions requires large-scale computational capabilities and petabytes of data, representing different road and weather conditions, various obstacles and unpredictable driver behavior for training, simulation and validation.
Industry Solutions Engineering (ISE) is an engineering and data science team that works directly and collaboratively with customers looking to leverage the latest technologies to address challenges and transform their industries using cloud-based solutions. We accompany our customers and co-create innovative custom solutions for their challenges. During this process, we improve our own platforms by partnering with our internal product groups. We take pride in our contributions to open source and make our platforms easy to adopt. Our work involves developing high-impact software assets that contribute to the Microsoft platform and are broadly applicable.
More resources
Experiences & Devices
Microsoft Search, Assistant and Intelligence Israel team is part of the international MSAI Org, which is driving Microsoft's Assistant, Search, and Intelligence for M365 users. The team is using a wide set of large AI-based solutions embedded in the Office 365 environment. Its goal is to improve efficiency, shorten processes and enable natural access to complex system.
Combining the use of AI deep-learning models and methodologies with web-scale high-capacity systems, the team impacts hundreds of millions of users in numerous organizations.
The Israel team is part of a global team that is tasked to leverage massive user-generated data-sets accessible to AI machinery in the cloud, using Microsoft Graph to build an assistance platform that brings AI to life within the core M365 productivity experiences that millions of users already engage with every day.
Microsoft's eCDN, developed following the acquisition of the Israeli startup Peer5, represents a significant advancement in corporate video streaming. This enterprise Content Delivery Network, utilizing P2P mesh networks, is designed to tackle network congestion and deliver high-quality live streaming for enterprises. With the rise of virtual events and the demand for flawless video (HD/4K without glitches or buffering), traditional corporate networks often fail under peak demand. Microsoft eCDN addresses this challenge by optimizing traffic and reducing bandwidth needs, allowing for larger, high-quality events to be delivered to all employees reliably.
Excel Israel team, consisting of ~120 team members, is part of the Office organization. The team owns and drives multiple strategic investments in the Excel team. Ownership includes: (1) Excel for the web – we are on the journey of building the leading spreadsheet cloud service in the world , serving hundreds of million users at an enormous scale for best experience in browser; (2) Get and transform data in Excel – Data is at the center of calculation, analysis and decision making. Get Data provide the ability to connect Excel files to a large set of data sources and data services. Enabling the user to shape the data and making sure the workbook is always up to date. (3) Enhancing Excel via AI – we are on the path to transform the way users create formulas, clean their data and validating correctness of their spreadsheets by leveraging AI technologies.(4) Excel copilot – focusing on formula and data related skills
Education Analytics team makes use of educational data from first- and third-party sources to build insights which help teachers better understand their students' needs, help students develop 21st century skills and help education systems ensure that all students are engaged in their studies.
In its work, the team uses data science and machine learning to provide education insights that helps learners thrive. To do so, it partners with school districts around the world.
The Windows System Silicon Integration (WSSI) team is a multidisciplinary team that connects Windows with the silicon solution, focusing on security, media streaming, and AI solutions on edge devices. The team uses cutting-edge technologies to create efficient silicon IP and embedded software that enable Windows to interface with the SoC solution in a seamless manner. The WSSI team’s cutting-edge technology brings the best of Microsoft to the user, empowering every person and every organization to achieve more.
Advanced Technology Labs is part of the Teams Calling, Meeting, and Devices group. Its mission is to bring AI capabilities to help design the future of meetings and modernize how people interact with each other in various hybrid workspaces to achieve more.Advanced Technology Labs is part of the Teams Calling, Meeting, and Devices group. Its mission is to bring AI capabilities to help design the future of meetings and modernize how people interact with each other in various hybrid workspaces to achieve more.
More resources
Cloud & AI Platform
Azure Monitor Log Analytics is a widely used observability solution that lets customers all over the world make sure that their digital assets are working correctly, secure and performant. Organizations of all types depend on Azure Monitor Log Analytics, from small shops to Fortune 500 and government organizations. This hyper-scale multi-tenant SaaS service, processing Petabytes of data daily, enables customers to efficiently collect, aggregate, and store petabytes of log data while providing powerful insights through strong query language. Azure Monitor Log Analytics is also used as a foundation for other Microsoft offerings, such as Microsoft Sentinel, Azure Application Insights, and more.
Microsoft’s Commercial Marketplace Experiences (CMX) revolutionize the way businesses are buying commercial software by replacing the traditional sales motion with a personalized marketplace experience that drives repeated usage for customers, superior demand and revenue for partners, and creates network effects that result in long-term sustainable growth for Microsoft.
Azure Video Indexer is Microsoft’s Applied AI service for media AI. The service enables users to unlock insights from their videos using artificial intelligence technologies. These unlocked insights can be used to make video libraries more searchable, improve consumer engagement, increase the monetizable value of videos, and make video and audio content more accessible. The service provides APIs, portal experience, and widgets that can seamlessly integrate with existing video infrastructure.
Microsoft Security Fundamentals (EPSF) organization employs security experts from multiple disciplines and applies advanced security research techniques to find vulnerabilities, develop new mitigation techniques, and secure Microsoft products.
The organization contains Microsoft Offensive Research & Security Engineering (MORSE), focusing on Operating System security – whether Linux, Windows, or embedded, running in the cloud as well as in edge devices and appliances. The second team is EDGS – Enterprise, Devices, and Gaming Security which focuses on Azure Cloud Services, as well as finding security issues in multitenancy scenarios and on security telemetry.
Azure Firewall is a cloud-native and intelligent network firewall security service that provides the best-of-breed threat protection for your cloud workloads running in Azure. It's a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability, providing both east-west and north-south traffic inspection.
The Azure Application Security team is building the next-gen application security offering for Azure networking customers; a new huge-scale product offering L3-L7 protection for all deployments of applications hosted on Azure, including data-driven advanced detections and mitigations embedded into the datapath.
Azure Networking Security Research (ANSR) is facing and proactively looking for 1st party security issues, with the mission statement of making Azure the most secure cloud platform in the world. The group is focusing on researching internal Azure services and platforms, collaborating with engineering and security teams across Azure.
Azure Core Compute & Host ILDC develops and productizes cutting-edge acceleration hardware & software for offloading networking and storage processing from the host.
Our acceleration products, that impact every service running on Azure, combine highly efficient hardware and software elements running on Azure’s millions of servers. These products enable super-efficient deployment of virtual servers, networks, and storage, all running on physical servers.
These accelerators use virtualization technologies to offload workloads from the host CPU resulting in improved throughput, latency, storage IOPS as well as reduced CPU utilization. The acceleration products also enable Microsoft to quickly and efficiently develop and deploy proprietary capabilities and offer unique features to its customers.
The Azure CXP vision is to “transform Microsoft cloud customers into fans”, by leading world-class customer reliability engagements, engineering modern customer-first experiences for scale, and driving deep customer insights and empathy into engineering.
The team in Israel is a virtual extension of Azure CXP, with PMs from across several Azure CXP organizations, including:
- FastTrack, a team of PMs and engineers who work directly with customers and partners to help them build Azure solutions quickly and confidently, enabling the successful deployment of Azure services
- Growth and Innovation, leading deployment solutions for ISVs and startups
- The PRIMO PM team that builds and operates critical systems required to manage and operate the Microsoft Cloud
GitHub – Developer experiences group is part of the Development Experience department at GitHub. Its mission is to accelerate the delivery at GitHub by offering delightful, fast, compliant and secure solutions for developing, building, testing and deploying code.
The team is responsible for building and maintaining GitHub's runtime platform. This platform enables developers to easily build, deploy and manage the hundreds of applications that make up the world's largest code hosting platform.
The ILDC Content Development team creates customer-facing documentation and training content for the Microsoft products developed at the ILDC, and more. We create and maintain the customer documentation and training content published on Learn.Microsoft.com.
Our focus is spans Security, Identity, Azure Monitor, Azure Data Explorer, and PowerBI.
Our team partners with the product, customer experience, support, and design teams to create world-class product documentation and training.
[We like to keep our fans in suspense]
Azure
Data
| Kusto is a big data analytics platform for interactive ad-hoc queries over petabytes of data with minimal latency. As a grassroots incubation project that started in at ILDC, Kusto took on some of the greatest challenges in computer science, including creating a new query language, efficient database storage technologies, query optimization, ecosystem development, and data science enablement. With its leading technical capabilities and customer focus, the technology the Kusto team created rapidly attracted the attention of many product groups across the company and grew exponentially in usage and volume. Today, Kusto is the de facto standard at Microsoft for big data interactive analytics. It powers a broad list of analytical solutions as a service used by Microsoft and its customers, such as Azure Monitor, Azure Cost Management, Microsoft Defender, LinkedIn, Sentinel, Teams Education, and many more. Kusto is an integral part of the Azure Data Services cloud-scale analytics portfolio, offering Azure Data Explorer as a complete cloud-native database stack. It is also available as the Data Explorer component of Azure Synapse Analytics (a comprehensive and strategic analytics offering), providing customers with insights from their log and telemetry data. Kusto Detective Agency is a fun activity you can try for free with Azure Data Explorer. Explorer endless options at the Samples Gallery. |
Power BI enables connecting to and visualizing any data using a unified, scalable platform for self-service and enterprise business intelligence(BI) that’s easy to use and helps you gain deeper data insights. The Power BI Mobile Apps enable you to monitor your business right from your phone. Access on-premises data stored in SQL Server, or data in the cloud. Keep on top of KPIs and reports—Power BI Mobile apps give you a 360-degree view of your data—on the go. With the Power BI add-in for PowerPoint, you can enhance your data storytelling in PowerPoint with live, interactive Power BI data. Not only will the data shown in your presentations be always up to date, but also, while you're presenting, you'll be able to filter and drill down on data in response to questions and feedback from your audience without having to switch contexts. Power BI app to Microsoft Teams allows you to install, pin, and interact with Power BI directly inside Microsoft Teams. The Power BI personal app brings the entire basic Power BI service experience to Microsoft Teams.
Power BI Embedded allows for a white label usage of Power BI to quickly and easily provide exceptional customer facing dashboards and analytics in your own applications. You can enhance Power BI and bring your data to life with fully customized data visualizations. Share the visuals you create with your organization, embed them in an app, or share them with the world on AppSource. Develop and test custom visuals with our open-source SDK, based on well-known open-source JavaScript libraries like D3 and jQuery.
The Power BI deployment pipelines tool enables BI creators to manage the lifecycle of organizational content. Deployment pipelines enable creators to develop and test Power BI content in the Power BI service, before the content is consumed by users. Power BI Enterprise Information Management gives enterprises the ability to find and manage their business data through a variety of Power BI tools, including data lineage and impact analysis, data discovery , catalog integrations and information protection. It enables organizations to label, monitor, manage and protect their sensitive data assets.
Microsoft Fabric is an all-in-one analytics solution for enterprises and ISVs that covers everything from data movement to data science, Real-Time Analytics, and business intelligence. It offers a comprehensive suite of services, including data lake, data engineering, and data integration, all in one place. With Fabric, you don't need to piece together different services from multiple vendors. Instead, you can enjoy a highly integrated, end-to-end, and easy-to-use product that is designed to simplify your analytics needs. The platform is built on a foundation of Software as a Service (SaaS), which takes simplicity and integration to a whole new level.
Microsoft Fabric offers reach set of capabilities for developers and creators to collaborate and manage their work. Git integration in Microsoft Fabric enables developers to integrate their development processes, tools, and best practices straight into the Fabric platform. Fabric's deployment pipelines tool provides content creators with a production environment where they can collaborate to manage the lifecycle of organizational content. Deployment pipelines enable creators to develop and test content in the service before it reaches the users.
Microsoft Fabric also offers a wide range of governance capabilities which enable enterprises to find and manage their business data. The OneLake data hub makes it easy to find, explore, and use the Fabric data items in your organization that you have access to. Data Mesh enables organizations to organize and manage that data in a logical way that facilitates more targeted and efficient use and governance. Information protection enables organizations to label, monitor, manage and protect their sensitive data assets.
Microsoft Fabric offers ISVs and Enterprises the ability to automate procedures and processes and to embed Power BI in applications and websites. When using automation, organizations can complete tasks more quickly and with fewer errors. Power BI Embedded allows for a white label usage of Power BI to quickly and easily provide exceptional customer facing dashboards and analytics in your own applications. You can enhance Power BI and bring your data to life with fully customized data visualizations. Share the visuals you create with your organization, embed them in an app, or share them with the world on AppSource. Develop and test custom visuals with our open-source SDK, based on well-known open-source JavaScript libraries like D3 and jQuery.
CDI Dataflows- The ILDC Citizen Data Integration team is part of the Data Integration group in the Azure Data/Intelligence Platform organization. Our group specializes in Data movement, preparation, and process orchestration, and provides both direct-to-customer SaaS offerings and PaaS integrations within Microsoft products. Our products and integrations serve customers across a wide spectrum of expertise, from citizen personas, requiring self-service and no to low-code solutions, all the way to medium to high code scenarios for pro-developers and petabyte-scale data volumes.
Our team at ILDC oversees the development of Dataflows: A self-service, cloud-based data preparation solution leveraging Power Query, a unified Data Connectivity and Preparation experience used by millions of customers every month. With dataflows, customers can prep data from hundreds of sources, apply 300+ transformations, and load data to a myriad of products and databases, including many Microsoft products: Fabric, Power BI, Power Platform, and Dynamic 365 Insight Applications. Dataflows run in the cloud, so data is always kept up to date.
More resources
[We like to keep our fans in suspense]
about the
magic