The Microsoft 365 Defender
suite is a recognized market leading Extended Detection and Response (XDR) solution for Microsoft 365 services that offers built-in, automated, and coordinated protection services that detect and block attacks across Microsoft 365 security products, and provide a unified portal for security operations (SOC) teams to manage, investigate, respond to, and remediate, security events and attacks in a holistic manner. The Microsoft 365 Defender product suite includes:
Microsoft 365 Defender (M365D) A coordinated, cloud-based, XDR-level detection and response platform that offers a unified security operations portal across all Microsoft 365 Defender portfolio products.
Microsoft Defender for Endpoint (MDE) A holistic, cloud-based endpoint security solution that supports all OS platforms and device form factors, offering behavior-based next generation endpoint protection, risk-based vulnerability management and assessment, security posture configuration, Endpoint Detection and Response (EDR), automatic remediation.
Microsoft Defender for Identity (MDI) A cloud-based User and Entity Behavioral Analytics (UEBA) solution across on-premises Active Directory, Azure Active Directory, and hybrid enterprises that identifies, detects, investigates and remediates advanced threats, compromised identities, and malicious insider actions.
Microsoft Defender for CloudApps (MDA) A Software as a Service (SaaS) monitoring, management, and protection solution that supports various deployment modes, including log collection, API connectors, and reverse proxy. It provides security teams with rich visibility (discovery), threat detection and control (data protection and compliance) for over 25K applications used by the enterprise users and applies sophisticated analytics to identify and combat cyberthreats across Microsoft and third-party cloud services.
Microsoft Defender Vulnerability Management (MDVM) A proactive, risk-based Vulnerability Management solution that helps you efficiently and holistically discover, assess, and remediate vulnerabilities and misconfigurations. Microsoft Defender Vulnerability Management offers continuous asset visibility, consolidated inventories, intelligent assessment tools, risk-based prioritization, and built-in remediation workflows.
Microsoft Sentinel is a scalable, cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for attack detection, threat visibility, proactive hunting, and threat response. Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
Microsoft Defender for Cloud (MDC) is multi-cloud security protection and threat detection product that provides insights into cloud security posture, and recommendations for improving, and detecting security threats powered by advanced AI and security research. Defender for Cloud protects infrastructure and application resources wherever they are. We defend customers running on Azure, on-premises, and on other public cloud providers, such as AWS and GCP.
Microsoft Defender for IoT is a global Microsoft group delivering OT and IoT security. The group is comprised of top-notch engineers, product people, researchers and business developers. The group's solutions are deployed worldwide in every possible vertical, ranging from energy and manufacturing to smart spaces and standard enterprise environments, in which a plethora of IoT devices is used.
MSTIC-IL hunts, tracks and protects against threat signals as part of MSTIC (the Microsoft Threat Intelligence Center). MSTIC-IL also builds a platform Microsoft threat analysts use to collaborate on threat hunting and customer protection.
BlueHat IL is home to the largest Infosec community in Israel. With a thriving local ecosystem that is globally renowned for its excellence, innovation and creativity, it isn’t surprising that Israeli companies have a huge impact on cybersecurity worldwide. Our community includes industry leaders, entrepreneurs, academia, government officials, independent researchers and hobbyists.
Every year, thousands of security professionals take part in our initiatives:
BlueHat Meetup - an open stage for casual gatherings and sharing knowledge.
BlueHat IL is our cyber-fantasy land, right here in Tel Aviv. We set the stage for the world’s top researchers to talk about their latest finds, and give local hackers the chance to break our challenges or build fun gadgets in our workshops. Check out the action we had last year
BlueHat Nights is a Cyber summer bash for security professionals, which features talks by notorious hackers, followed by our famous all-night party.
Each year, our BlueHat Nights follows a theme. We’ve already (literally) tapped into the IoT world and car security. Any guesses on what’ll be next?!
An ongoing, bi-monthly casual engagement, where our own Israeli researchers (both from Microsoft and external) come and talk about their research, all while holding a beer.
Have something to talk about? DM us at our meetup page!
Digital Transformation Platforms
Kusto is a big data analytics platform for interactive ad-hoc queries over petabytes of data with minimal latency. As a grassroots incubation project that started in the ILDC, Kusto took on some of the greatest challenges in computer science including creating a new query language, efficient database storage technologies, query optimization, ecosystem development, and data science enablement. With its leading technical capabilities and customer focus, the technology the Kusto team created rapidly attracted the attention of many product groups across the company and grew exponentially in usage and volume.
Today, Kusto is the de facto standard at Microsoft for big data interactive analytics. It powers a broad list of analytical solutions as a service used by Microsoft and its customers, such as Azure Monitor, Azure Cost Management, Microsoft Defender, Sentinel, Teams Education, and much more. It's an integral part of the Azure Data Services cloud-scale analytics portfolio, offering Azure Data Explorer as a complete cloud-native database stack. Kusto is also available as the Data Explorer component of Azure Synapse Analytics (a comprehensive and strategic analytics offering) providing customers with insights from their log and telemetry data.
Dynamics 365 Sales
Helping sales organizations stay focused on the customer journey and accumulate insights and context that often get lost in application and tool swiching, the Dynamics 365 Sales team offers salespeople an easy way to engage with customers: By using Microsoft Teams, right from within D365 Sales. At the end of a conversation, a rich call summary is generated for sellers to re-visit, on demand. They can derive real-time business insights by viewing the call side-by-side with customer and deal business data. The new Dynamics 365 Sales mobile app offers a simple and intuitive UX, utilizing mobile tools such as the microphone and camera, together with Microsoft services (Cognitive Services voice recognition, business card scanning, Power Apps push notifications).
The ILDC Power Platform Dataflows team is part of the Data Integration group in the Azure Data/Intelligence Platform organization. Dataflows are authored using Power Query experience, a unified Data Connectivity and Preparation experience already featured in many Microsoft products, including Excel and Power BI. Customers can trigger dataflows to run either on demand or automatically on a schedule; data is always kept up to date.
Recommendations - The Dynamics 365 Commerce AI team has a long history of supporting and empowering businesses across Microsoft, including Xbox, Office, Windows, and Azure. Positioned as industry leaders when it comes to intelligent discovery and recommendations, heir latest endeavor is to bring these state-of-the-art Microsoft Intelligent Recommendations services to all individuals and organizations across the cloud.
Chief Product Office The Business Applications Platform Chief Product Office and his team lead product strategy, vision, innovation and storytelling across all Microsoft Business Applications and Platform products. The team defines product strategy, drives thought leadership, identifies critical market trends and competitive insights and delivers strategic customer envisioning and storytelling. The team delivers the BAP product narrative which enables Microsoft to attract and retain customers on their digital transformation journey, while driving potential roadmap investment opportunities across BAP. The team also works on incubating new product innovation across leveraging deep knowledge of our business and products to accelerate our growth.
The charter of the Business Application Solutions team is to drive growth for Dynamics 365, the Power Platform and Customer Insights by productizing industry and horizontal solutions, as well as building a healthy ISV ecosystem.
The BAS ILDC team focuses on building Microsoft’s Financial Services Cloud and building AI solutions across all Dynamics’ solutions. Within Financial Services, Banking is by far the largest sub-vertical, hence its focus on Retail Banking. From there, the BAS team will expand industry investments into other sub-verticals of FSI, including Commercial Banking, Wealth Management and Insurance.
Health ILDC builds innovative technologies for the Health & Life Sciences industry by leveraging Artificial Intelligence, advanced technologies, research and applied data science, as well as ecosystem partnerships. We build products that allow healthcare organizations to improve their services and patient outcomes and empower patients with access to health data and knowledge. Health ILDC builds cloud services on Azure to deliver technologies involving conversational intelligence, natural language processing, machine learning, and diverse algorithmic approaches, delivering products to millions of users around the world, aiming to make a difference in people’s lives.
The Automated Driving Platform (AKA ADP) is a cloud-based data platform for the agile development of automated driving functions. Built in collaboration with CARIAD of the Volkswagen Group, it will simplify developers’ workflow, through one scalable and data-based engineering environment. Building automated driving functions requires large-scale computational capabilities and petabytes of data, representing different road and weather conditions, various obstacles and unpredictable driver behavior for training, simulation and validation.
Collaborative Intelligence (known as Project Oakes), began life as an incubation within ILDC, and in early 2020 it was transferred to the Azure Data Group. Project Oakes provides a clean-room framework for eyes-off collaboration, modeling, and analysis of data between multiple parties. Collaborators can share raw data and apply a query, algorithm, or ML model to the combined data and receive the result without any party seeing the other parties’ actual data.
Commercial Software Engineering (CSE) is an engineering and data science team that works directly and collaboratively with customers looking to leverage the latest technologies to address challenges and transform their industries using cloud-based solutions. We accompany our customers and co-create innovative custom solutions for their challenges. During this process, we improve our own platforms by partnering with our internal product groups. We take pride in our contributions to open source and make our platforms easy to adopt. Our work involves developing high-impact software assets that contribute to the Microsoft platform and are broadly applicable.
Every day on the way home from work, I think about the number of wild, new things I learned.
Maya Bechler-Speicher, Software Engineer Intern
Experiences & Devices
Microsoft Search, Assistant and Intelligence Israel team is part of the international MSAI Org, which is driving Microsoft's Assistant, Search, and Intelligence for M365 users. The team is using a wide set of large AI-based solutions embedded in the Office 365 environment. Its goal is to improve efficiency, shorten processes and enable natural access to complex system.
Combining the use of AI deep-learning models and methodologies with web-scale high-capacity systems, the team impacts hundreds of millions of users in numerous organizations.
The Israel team is part of a global team that is tasked to leverage massive user-generated data-sets accessible to AI machinery in the cloud, using Microsoft Graph to build an assistance platform that brings AI to life within the core M365 productivity experiences that millions of users already engage with every day.
Excel Israel team, consisting of ~120 team members, is part of the Office organization. The team owns and drives multiple strategic investments in the Excel team. Ownership includes:
(1) Excel for the web – we are on the journey of building the leading spreadsheet cloud service in the world , serving hundreds of million users at an enormous scale for best experience in browser;
(2) Get and transform data in Excel – Data is at the center of calculation, analysis and decision making. Get Data provide the ability to connect Excel files to a large set of data sources and data services. Enabling the user to shape the data and making sure the workbook is always up to date.
(3) Enhancing Excel via AI – we are on the path to transform the way users create formulas, clean their data and validating correctness of their spreadsheets by leveraging AI technologies.
The recently-joined Peer5 solves network congestion problems that occur during large live corporate events. This technology is now bundled with the Microsoft Teams offering.
Peer5 forms a P2P mesh network over local networks which reduces the load by 95% and eliminates network issues. Companies like SAP, T-Mobile and BMW use our tech for their biggest streaming events.
Education Analytics team makes use of educational data from first- and third-party sources to build insights which help teachers better understand their students' needs, help students develop 21st century skills and help education systems ensure that all students are engaged in their studies. In its work, the team uses data science and machine learning to provide education insights that helps learners thrive. To do so, it partners with school districts around the world.
Surface Israel team is a multidisciplinary team that creates the Human Computer Interaction of today and tomorrow’s personal computing. The team uses the cutting edge technologies for making the interaction between a human being and computer simple and (almost) magical.
By using AI and ML algorithms which are built into efficient custom silicon pieces and embedded SW, the Surface computer is able to “understand” the person. The Surface cutting edge technology which brings the best of Microsoft to the user, improves the way ideas are moving and evolving whether it is in class room or in creator studio or in a meeting room.
It’s pretty amazing that at the Microsoft Israel R&D Center we write a few lines of code and within a matter of weeks, it’s deployed to millions of users.
Sruly Taber, Senior Program Manager
[We like to keep our fans in suspense]
Cloud & AI Platform
Microsoft’s Commercial Marketplace Experiences (CMX) We build a new and powerful platform that will be the core to driving Microsoft and it's partners business over the next couple of years. We enabled customers to access top partner solutions, optimize procurement, and streamline deployment through the commercial marketplace. Thousands of certified apps tailored to meet our costumers' needs, accelerate their innovation and deploy seamlessly while simplifying billing and procurement.
Azure Edge + Platform IL combines leading services and core operating system capabilities, including Azure Video Indexer – a solution for insights extraction from Media archives and social media, served through a state of the art web portal with embeddable widgets.
Core OS Crypto, Identity, and Authentication Building the crypto and data protection APIs in Windows and Linux, this team solves some of the most complicated and delicate security problems in operating systems.
Offensive Security Research for Core OS, Edge, Devices and Gaming teams apply advanced security research techniques to find vulnerabilities in Operating Systems – either Linux, Windows, or embedded, running in the cloud as well as in edge devices and appliances.
Modern Device Management team enables managing Windows-based devices easily and safely, through enrollment, policy compliance and continued updates.
Microsoft Defender Application Guard is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete
Azure Monitor Log Analytics is a hyper-scale multi-tenant SaaS service, serving thousands of customers. It enables customers to efficiently collect, aggregate and store petabytes of log data, while providing powerful insights through Kusto Query Language.
Azure Monitor Alerts offers observability into your applications and infrastructure running on Azure or outside of it, with a portfolio of massive scale platforms and solutions to monitor the health and performance of your systems and applications across the stack. The alerting team is responsible for all the alerting scenarios in Azure Monitor. It also drives AIOps into all layers of the portfolio by harnessing data science, ML paradigms and statistical inference deep into the technology and customer facing experiences.
Azure Firewall is a cloud-native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure. It's a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability. It provides both east-west and north-south traffic inspection.
Azure DDoS Protection team is building the next-gen network security for Azure platform and customers; a true hyper-scale solution, being able to handle mass attack volumes, detect and mitigate different attack vectors globally and across all layers.
Azure Networking Security Research (ANSR) is facing and proactively looking for 1st party security issues, with the mission statement of making Azure the most secure cloud platform in the world. The group is focusing on researching internal Azure services and platforms, collaborating with engineering and security teams across Azure.
Azure Core Compute & Host ILDC develops and productizes cutting-edge acceleration hardware & software for offloading networking and storage processing from the host. Our acceleration products, that impact every service running on Azure, combine highly efficient hardware and software elements running on Azure’s millions of servers. These products enable super-efficient deployment of virtual servers, networks, and storage, all running on physical servers. These accelerators use virtualization technologies to offload workloads from the host CPU resulting in improved throughput, latency, storage IOPS as well as reduced CPU utilization. The acceleration products also enable Microsoft to quickly and efficiently develop and deploy proprietary capabilities and offer unique features to its customers.
Azure CXP Azure CXP is committed to driving Azure growth through our relentless pursuit of satisfied Azure customers, by leading world-class customer reliability engagements, engineering modern customer-first experiences for scale, and by our driving deep customer insights and empathy into engineering. The team in Israel is a virtual extension of Azure CXP, with FastTrack PMs focused on helping customers and partners build Azure solutions, enabling the successful deployment of Azure services and PMs from the Azure Product Improvement team focused on sharing evidence-based customer insights, to help turn Azure customers and partners into raving fans.
Advanced Technology Labs is part of the AI Platform / Cognitive Services organization. Its mission is to design the future of AI by the way people interact with machines and demonstrate how AI can empower people’s interaction.
GitHub – Developer experiences group is part of the Development Experience department at GitHub. Its mission is to accelerate the delivery at GitHub by offering delightful, fast, compliant and secure solutions for developing, building, testing and deploying code. The team is responsible for building and maintaining GitHub's runtime platform. This platform enables developers to easily build, deploy and manage the hundreds of applications that make up the world's largest code hosting platform.
ILDC Docs team creates customer-facing documentation and skilling content for each of the Microsoft products, supporting usage scenarios with detailed guidance to help ensure customer success. The Doc teams span Security, Identity, Azure Monitor, KQL and PowerBI. Team members partner with PM and design teams on UI text, terminology, naming and integrated help links.
I get up every morning and catch a ride on the shuttle to Microsoft with Dia. It's fun to meet my friends and spend time with the most amazing people in the world.
Max (Dia’s Weimaraner)
The Microsoft Research team at ILDC advances basic science, supports development teams, at ILDC and elsewhere at Microsoft, in implementing new science into their products, and collaborates with Israeli academia and local companies. The team focuses on Machine Learning and Algorithmic Game Theory, with applications in Cloud Computing, Security, and Healthcare. The team’s core members are established researchers, as well as interns and distinguished visiting faculty members.
[We like to keep our fans in suspense]
I love that I don’t just implement solutions - I have to find them.
Yoni Chechik, Researcher