What we do

Microsoft Defender for Cloud is a unified infrastructure security management system that strengthens the security posture (CSPM) of cloud infrastructure and hybrid data centers, and provides built-in advanced threat protection, with Azure Defender, across hybrid workloads wherever they are, in Azure and beyond.

Microsoft Sentinel is a cloud-native SIEM and SOAR platform that uses built-in AI to help analyze large volumes of data across an enterprise—fast. Microsoft Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud.

Microsoft Defender for IoT is a global Microsoft group delivering OT and IoT security. The group is comprised of top-notch engineers, product people, researchers and business developers. The group's solutions are deployed worldwide in every possible vertical, ranging from energy and manufacturing to smart spaces and standard enterprise environments, in which a plethora of IoT devices is used.

MSTIC-IL hunts, tracks and protects against nation-state threats (and other advanced threats) as part of MSTIC (the Microsoft Threat Intelligence Center). MSTIC-IL also builds SPECTRE - the platform Microsoft threat analysts use to collaborate on threat hunting and customer protection for advanced adversary encounters.

Microsoft 365 Defender​ is a recognized market leading XDR solution for Microsoft 365, that automatically detects attacks and blocks them. It offers built in, automated and coordinated protection services across the M365 security portfolio products and a unified portal for security teams to manage it. The M365 Defender products portfolio includes: Microsoft 365 Defender (M365D) serving as the one unified portal for all portfolio products and as the platform, orchestrator and portal on which all M365 Defender portfolio services run.

Microsoft Defender for Endpoint (MDE)​ A holistic, cloud-delivered endpoint security solution that works across all OS platforms and device form factors, offering behavior-based next gen Antimalware, risk-based vulnerability management and assessment, security posture configuration, Endpoint detection and response (EDR), Automatic remediation and Managed hunting services (Microsoft Threat Experts).

Microsoft Defender for Identity (MDI)​ A cloud-based security solution that leverages on-premises Active Directory and hybrid on-premises and cloud connector (ADFS) signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions.

Cloud Access Security Broker (CASB)​ A solution that supports various deployment modes, including log collection, API connectors, and reverse proxy. It provides security teams with rich visibility (discovery), threat detection and control (data protection and compliance) for over 25K applications used by the enterprise users and sophisticated analytics to identify and combat cyberthreats across Microsoft and third-party cloud services.

Microsoft Defender for Office 365​ Protecting all of Office 365 against advanced threats like business email compromise and credential phishing. Automatically investigating and remediating attacks. Improves SecOps efficiency through unparalleled scale and effectiveness using automated workflows.

Azure Information Protection enables organizations to discover, classify and protect documents and emails, by applying labels to content, with multi-cloud support to scan, classify, govern and protect their data estate.

BlueHat IL is home to the largest Infosec community in Israel. With a thriving local ecosystem that is globally renowned for its excellence, innovation and creativity, it isn’t surprising that Israeli companies have a huge impact on cybersecurity worldwide. Our community includes industry leaders, entrepreneurs, academia, government officials, independent researchers and hobbyists.

Every year, thousands of security professionals take part in our initiatives:

BlueHat IL conference - the biggest Israeli security research conference.
F BlueHat Meetup - an open stage for casual gatherings and sharing knowledge.

Follow us on

Azure Data Explorer (AKA Kusto) takes on deep challenges in computer science such as programming languages, database storage, and query optimization, ecosystem development, and data science enablement. Producing cutting-edge products that change the world, they are looking for like-minded developers.
Kusto is a big data analytics platform for interactive ad-hoc queries over petabytes of big data with minimal latency. Kusto began as a grassroots incubation project at ILDC. With elite technical capabilities and customer focus, it caught broadly with many product groups across the company, grew exponentially in usage and volume and is today the de-facto standard at Microsoft for big data interactive analytics. Azure Data Explorer, a cloud-native database stack, is available for Azure customers as part of Azure Data cloud scale analytics portfolio.

Dynamics 365 Sales Conversation Intelligence
Helping sales organizations stay focused on the customer journey and accumulate insights and context that often get lost in application and tool swiching, the Dynamics 365 Sales team offers salespeople an easy way to engage with customers: By using Microsoft Teams, right from within D365 Sales. At the end of a conversation, a rich call summary is generated for sellers to re-visit, on demand. They can derive real-time business insights by viewing the call side-by-side with customer and deal business data. The new Dynamics 365 Sales mobile app offers a simple and intuitive UX, utilizing mobile tools such as the microphone and camera, together with Microsoft services (Cognitive Services voice recognition, business card scanning, Power Apps push notifications).

Power BI Enterprise Information Management gives enterprises the ability to manage their business data through a variety of Power BI tools, including data lineage and impact analysis, data discovery, catalog integrations and information protection. The team enables organizations to label, monitor, manage and protect their sensitive data assets. Integrating Microsoft Information Protection sensitivity labels into Power BI and partnering with Microsoft Cloud App security, enables end-to-end data protection with real-time monitoring and control over user actions on sensitive data.

The ILDC Power Platform Dataflows team is part of the Data Integration group in the Azure Data/Intelligence Platform organization. Dataflows are authored using Power Query experience, a unified Data Connectivity and Preparation experience already featured in many Microsoft products, including Excel and Power BI. Customers can trigger dataflows to run either on demand or automatically on a schedule; data is always kept up to date.

Recommendations - The Dynamics 365 Commerce AI team has a long history of supporting and empowering businesses across Microsoft, including Xbox, Office, Windows, and Azure. Positioned as industry leaders when it comes to intelligent discovery and recommendations, heir latest endeavor is to bring these state-of-the-art Microsoft Intelligent Recommendations services to all individuals and organizations across the cloud.

Chief Product Office The Chief Product Office team aims to accelerate growth for DTP by driving product strategy and vision, storytelling, and customer envisioning, to generate successful outcomes for our customers and partners

The charter of the Business Application Solutions team is to drive growth for Dynamics 365, the Power Platform and Customer Insights by productizing industry and horizontal solutions, as well as building a healthy ISV ecosystem. The BAS ILDC team focuses on building Microsoft’s Financial Services Cloud and building AI solutions across all Dynamics’ solutions. Within Financial Services, Banking is by far the largest sub-vertical, hence its focus on Retail Banking. From there, the BAS team will expand industry investments into other sub-verticals of FSI, including Commercial Banking, Wealth Management and Insurance.

Health ILDC builds technologies and solutions designed for the healthcare industry, by leveraging Artificial Intelligence, advanced technologies, research and applied data science, as well as ecosystem partnerships.

The Automated Driving Platform (AKA ADP) is a cloud-based data platform for the agile development of automated driving functions. Built in collaboration with CARIAD of the Volkswagen Group, it will simplify developers’ workflow, through one scalable and data-based engineering environment. Building automated driving functions requires large-scale computational capabilities and petabytes of data, representing different road and weather conditions, various obstacles and unpredictable driver behavior for training, simulation and validation.

Azure Data Group’s Collaborative Intelligence initiative, Project Oakes, began life as an incubation within ILDC and in early 2020 it has been transferred to the Azure Data Group. Project Oakes provides a clean-room framework for double blind sharing, modeling and analysis of data between multiple parties: collaborators can share raw data and apply a query, algorithm or ML model to the combined data and receive the result without any party seeing the other parties’ actual data.

Commercial Software Engineering (CSE) is an engineering and data science team that works directly and collaboratively with customers looking to leverage the latest technologies to address challenges and transform their industries using cloud-based solutions. We accompany our customers and co-create innovative custom solutions for their challenges. During this process, we improve our own platforms by partnering with our internal product groups. We take pride in our contributions to open source and make our platforms easy to adopt. Our work involves developing high-impact software assets that contribute to the Microsoft platform and are broadly applicable.

The Excel Israel team, over 120 employees strong and still growing, is part of the Office organization (AKA OXO). Ownership includes Excel Online, the Get Data experience (powered by Power Query), formula intelligence, data cleansing and the Excel Intelligence platform (AKA Augmentation Loop). The team’s deliveries impact about 100 million monthly active users globally.

The recently-joined Peer5 solves network congestion problems that occur during large live corporate events. This technology is now bundled with the Microsoft Teams offering. Peer5 is part of the IC3 (Intelligent Conversation and Communications Cloud) group, a collection of multiple services that provide the backend for billions of real-time communication transactions.

Education Analytics team makes use of educational data from first- and third-party sources to build insights which help teachers better understand their students' needs, help students develop 21st century skills and help education systems ensure that all students are engaged in their studies. In its work, the team uses data science and machine learning to provide education insights that helps learners thrive. To do so, it partners with school districts around the world.

Surface Israel Surface Israel team is a multidiscipline team that creates the Human Computer Interaction of today and tomorrow’s personal computing. The team uses the cutting edge technologies for making the interaction between a human being and computer simple and (almost) magical. By using AI and ML algorithms which are built into efficient custom silicon pieces and embedded SW, the Surface computer is able to “understand” the person. The Surface cutting edge technology which brings the best of Microsoft to the user, improves the way ideas are moving and evolving whether it is in class room or in creator studio or in a meeting room.

Commercial Marketplace Experiences Microsoft’s commercial marketplace - including Azure Portal Marketplace, AppSource, and AzureMarketplace.com - is more than just a digital storefront, it's the launchpad for GTM with Microsoft: Publishing to the marketplace is the single path to co-selling with Microsoft - whether directly through the storefront, through the Marketplace channels that include 90,000 resellers or with its global sales force of over 15,000 sellers.

AEP IL - The Media AI team focuses on building the Azure Video Analyzer for Media – a solution for insights extraction from Media archives and social media, served through a state of the art web portal with embeddable widgets.

Crypto, Identity and Authentication Building the crypto and data protection APIs in Windows and Linux, this team solves some of the most complicated and delicate security problems in operating systems.

The Azure Platform Offensive Security Research team applies advanced security research techniques to find vulnerabilities in Cloud Operating Systems – either Linux, Windows or embedded.

The Modern Device Management team enables managing Windows-based devices easily and safely, through enrollment, policy compliance and continued updates.

Azure Observability Log Analytics is a hyper-scale multi-tenant SaaS service, serving thousands of customers. It enables customers to efficiently collect, aggregate and store petabytes of log data, while providing powerful insights through Kusto Query Language.

Azure Alerts - Azure Monitor offers observability into your applications and infrastructure running on Azure or outside of it, with a portfolio of massive scale platforms and solutions to monitor the health and performance of your systems and applications across the stack. The alerting team in the Israel R&D center is responsible for all the alerting scenarios in Azure Monitor (E2E). It also drives AIOps into all layers of the portfolio by harnessing data science, ML paradigms and statistical inference deep into the technology and customer facing experiences.

The Israeli site for Azure Networking is focused on delivering world-class network security offerings for protecting organizations’ data in the cloud, leveraging Microsoft's relative advantage of holding one of the largest, most powerful networks in the world.

Azure Core Compute & Host ILDC develops and productizes key acceleration components of Azure. Our team focuses on acceleration products running on Azure’s millions of servers, whether on physical or virtual machines, networks or storage.

MSAI Israel team is part of the international MSAI Org, which is driving Microsoft's Assistant, Search, and Intelligence for M365 users. The team is using a wide set of large AI-based solutions embedded in the Office 365 environment. Its goal is to improve efficiency, shorten processes and enable natural access to complex system. Combining the use of AI deep-learning models and methodologies with web-scale high-capacity systems, the team impacts hundreds of millions of users in numerous organizations. The Israel team is part of a global team that is tasked to leverage massive user-generated data-sets accessible to AI machinery in the cloud, using Microsoft Graph to build an assistance platform that brings AI to life within the core M365 productivity experiences that millions of users already engage with every day.

Azure CXP Azure CXP is committed to driving Azure growth through our relentless pursuit of satisfied Azure customers, by leading world-class customer reliability engagements, engineering modern customer-first experiences for scale, and by our driving deep customer insights and empathy into engineering. The team in Israel is a virtual extension of Azure CXP, with FastTrack PMs focused on helping customers and partners build Azure solutions, enabling the successful deployment of Azure services and PMs from the Azure Product Improvement team focused on sharing evidence-based customer insights, to help turn Azure customers and partners into raving fans.

Advanced Technology Labs is part of the AI Platform / Cognitive Services organization. Its mission is to design the future of AI by the way people interact with machines and demonstrate how AI can empower people’s interaction.

GitHub – Developer experiences group is part of the Development Experience department at GitHub. Its mission is to accelerate the delivery at GitHub by offering delightful, fast, compliant and secure solutions for developing, building, testing and deploying code. The team is responsible for building and maintaining GitHub's runtime platform. This platform enables developers to easily build, deploy and manage the hundreds of applications that make up the world's largest code hosting platform.

ILDC Docs team creates customer-facing documentation and skilling content for each of the Microsoft products, supporting usage scenarios with detailed guidance to help ensure customer success. The Doc teams span Security, Identity, Azure Monitor, KQL and PowerBI. Team members partner with PM and design teams on UI text, terminology, naming and integrated help links.

The Microsoft Research team at ILDC advances basic science, supports development teams, at ILDC and elsewhere at Microsoft, in implementing new science into their products, and collaborates with Israeli academia and local companies. The team focuses on Machine Learning and Algorithmic Game Theory, with applications in Cloud Computing, Security, and Healthcare. The team’s core members are established researchers, as well as interns and distinguished visiting faculty members.