Security
solutions
The Microsoft 365 Defendersuite is a recognized market leading Extended Detection and Response (XDR) solution for Microsoft 365 services that offers built-in, automated, and coordinated protection services that detect and block attacks across Microsoft 365 security products, and provide a unified portal for security operations (SOC) teams to manage, investigate, respond to, and remediate, security events and attacks in a holistic manner. The Microsoft 365 Defender product suite includes:
Microsoft 365 Defender (M365D) A coordinated, cloud-based, XDR-level detection and response platform that offers a unified security operations portal across all Microsoft 365 Defender portfolio products.
Microsoft Defender for Endpoint (MDE) A holistic, cloud-based endpoint security solution that supports all OS platforms and device form factors, offering behavior-based next generation endpoint protection, risk-based vulnerability management and assessment, security posture configuration, Endpoint Detection and Response (EDR), automatic remediation.
Microsoft Defender for Identity (MDI) A cloud-based User and Entity Behavioral Analytics (UEBA) solution across on-premises Active Directory, Azure Active Directory, and hybrid enterprises that identifies, detects, investigates and remediates advanced threats, compromised identities, and malicious insider actions.
Microsoft Defender for CloudApps (MDA) A Software as a Service (SaaS) monitoring, management, and protection solution that supports various deployment modes, including log collection, API connectors, and reverse proxy. It provides security teams with rich visibility (discovery), threat detection and control (data protection and compliance) for over 25K applications used by the enterprise users and applies sophisticated analytics to identify and combat cyberthreats across Microsoft and third-party cloud services.
Microsoft Defender Vulnerability Management (MDVM) A proactive, risk-based Vulnerability Management solution that helps you efficiently and holistically discover, assess, and remediate vulnerabilities and misconfigurations. Microsoft Defender Vulnerability Management offers continuous asset visibility, consolidated inventories, intelligent assessment tools, risk-based prioritization, and built-in remediation workflows.
Microsoft Sentinel is a scalable, cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for attack detection, threat visibility, proactive hunting, and threat response.
Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
Microsoft Defender for IoT is a global Microsoft group delivering OT and IoT security. The group is comprised of top-notch engineers, product people, researchers and business developers. The group's solutions are deployed worldwide in every possible vertical, ranging from energy and manufacturing to smart spaces and standard enterprise environments, in which a plethora of IoT devices is used.
Microsoft Defender for Cloud is a cloud native application protection platform (CNAPP) that helps to protect your multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime.
Microsoft Security Exposure Management integrates signals from across the entire security stack, including network, endpoint, cloud, and application security, and enriches it with context to give security teams a comprehensive view of their organization's security posture. Using this platform, security teams can more effectively detect and respond to threats, identify areas of vulnerability, and implement strategies to mitigate risk caused by the increasing attack surface. By bringing together data from a wide range of sources, the platform helps security teams make informed decisions and take proactive measures to protect their organization from cyber threats.
MSTIC-IL is the Israeli branch of MSTIC. MSTIC’s vision is to create a safer world through the creation and dissemination of accurate, timely, and actionable cyber threat actor intelligence. We are a cyber threat actor focused intelligence team that discovers, tracks and disrupts threats to protect Microsoft customers and partners.
Red Sea, a revolutionary Secure Access Workstation (SAW/PAW).
The initial solution aims to address both the usability and the cost of approach to SAW. It will be done by merging the IW workstation (Information Work) and SAW machine to a single machine, while providing the same security guarantees as a SAW only machine.
Red Sea machines detect when a user requires secure access (privileged) and seamlessly and securely redirects local I/O to a trusted, separate compute unit which enables the user to interact with sensitive services.
More resources
BlueHat
IL
BlueHat IL is home to the largest Infosec community in Israel. With a thriving local ecosystem that is globally renowned for its excellence, innovation and creativity, it isn’t surprising that Israeli companies have a huge impact on cybersecurity worldwide. Our community includes industry leaders, entrepreneurs, academia, government officials, independent researchers and hobbyists.
Every year, thousands of security professionals take part in our initiatives:
BlueHat Meetup - an open stage for casual gatherings and sharing knowledge.
Follow us on
Digital Transformation Platforms
More resources
Experiences & Devices
MSAI (Microsoft Search, Assistant and Intelligence) Israel team is part of the international MSAI org. The team is using a wide set of large AI-based solutions embedded in the Office 365 environment. The team is chartered with the domain of Meeting Intelligence.
Combining the use of AI deep-learning models and methodologies, LLMs, and web-scale high-capacity systems, the team impacts hundreds of millions of users in numerous organizations. The MSAI Israel team is driving world-renowned features like Teams Meeting Copilot, M365 Chat Copilot, and Teams Intelligent Recap.
Microsoft's eCDN, developed following the acquisition of the Israeli startup Peer5, represents a significant advancement in corporate video streaming. This enterprise Content Delivery Network, utilizing P2P mesh networks, is designed to tackle network congestion and deliver high-quality live streaming for enterprises. With the rise of virtual events and the demand for flawless video (HD/4K without glitches or buffering), traditional corporate networks often fail under peak demand. Microsoft eCDN addresses this challenge by optimizing traffic and reducing bandwidth needs, allowing for larger, high-quality events to be delivered to all employees reliably.
Excel Israel team, consisting of ~130 team members, is part of the Office organization. The team owns and drives multiple strategic investments in the Excel team. Ownership includes: (1) Formula AI – Almost every Excel user needs formulas to help process their data, but many users do not know how to leverage the power of Excel formulas. Our team combines two approaches, (a) with help of Copilot NL users can create formulas, (b) In a table users can add a column with formula by providing only a few output examples. We are detecting a pattern and creating the formula for them. (2) Bring and Prepare Data for Analysis – Everyone knows Excel is the #1 tool in the world for analysis and driving business insights. Analysis is performed on DATA. How to find the data in the organization? How to bring the data into Excel while creating connectivity to the source and have the ability to refresh the data? How to prepare and shape the data so it can be used for analysis? Our team helps organizations resolve all those problems and boost productivity by integrating into Copilot. (3) Excel for the web – The web platform provides the users with the ability to stay up to date with Excel’s latest innovations, without the hassle of SW upgrades, with price flexibility based on variant usage needs. Consumers can enjoy Free Office license including Excel. Serving hundreds of millions of users at an enormous scale for the best experience in the browser. (4) Excel copilot infrastructure. Excel Augmentation loop infra that is base for Excel copilot backend system and X10, a cross-platform infrastructure to build client slide logic for AI based capabilities and enrichments.
Education Analytics team makes use of educational data from first- and third-party sources to build insights which help teachers better understand their students' needs, help students develop 21st century skills and help education systems ensure that all students are engaged in their studies.
In its work, the team uses data science and machine learning to provide education insights that helps learners thrive. To do so, it partners with school districts around the world.
The Windows System Silicon Integration (WSSI) team is a multidisciplinary team that connects Windows with the silicon solution, focusing on security, media streaming, and AI solutions on edge devices. The team uses cutting-edge technologies to create efficient silicon IP and embedded software that enable Windows to interface with the SoC solution in a seamless manner. The WSSI team’s cutting-edge technology brings the best of Microsoft to the user, empowering every person and every organization to achieve more.
Advanced Technology Labs is part of the Teams Calling, Meeting, and Devices group. Its mission is to bring AI capabilities to help design the future of meetings and modernize how people interact with each other in various hybrid workspaces to achieve more.
More resources
Cloud & AI Platform
Microsoft’s Commercial Marketplace Experiences (CMX) revolutionize the way businesses are buying commercial software by replacing the traditional sales motion with a personalized marketplace experience that drives repeated usage for customers, superior demand and revenue for partners, and creates network effects that result in long-term sustainable growth for Microsoft.
Azure AI Video Indexer (VI) is a powerful adaptive cloud AI service that leverages advanced video and audio AIs to extract valuable insights from video content. Operating both in the cloud and at the edge, it enhances video libraries by making them more searchable, improving consumer engagement, increasing monetizable value, and ensuring accessibility. The service offers APIs, a web portal, and widgets for seamless integration with existing customer experiences.
Our vision is to empower every organization to unlock the full potential of their media content with intelligent AI managed solution.
Links:
- Subscribe to our YouTube channel
- Try Azure AI Video Indexer for free
- Learn more about Azure AI Video Indexer
Our Enterprise & Security team builds the cryptography infrastructures for Windows and Linux. This includes data protection solutions such as Personal Data Encryption (PDE) for Windows folders and files, static data protection (DPAPI), low-level cryptographic operations (BCrypt), key storage operations (NCrypt), and secure secret sharing (DPAPI-NG) using modern algorithms. We innovate by using next-gen ciphers such as Post Quantum Cryptography (PQC) ciphers.
The team also develops core Windows Security features such as Least Privileges and Code Integrity solutions. Our code powers the Azure cloud from chip to container on both Windows and Linux, monitoring and protecting keys while performing billions of TLS connections daily. Our Windows features run on billions of devices, including PCs and tablets. Therefore, the utmost reliability, efficiency, and security of our code are mandatory for this team. We combine world-class experts in Operating Systems, Cryptography, and Protocols to solve some of the most complicated and delicate security problems facing operating systems.
Microsoft Security Fundamentals Israel (EPSF IL) organization employs security experts from multiple disciplines and applies advanced security research techniques to find vulnerabilities, develop new mitigation techniques, and secure Microsoft products.
The organization contains multiple security research teams, covering HW security, OS internal, Kubernetes, cloud services and AI. You can read more about some of the things we do here.
Azure Monitor is a leading cloud monitoring and observability solution that enables customers worldwide to ensure their digital assets are working correctly, securely, and efficiently. Azure Monitor is a hyper-scale, multi-tenant SaaS service, serving hundreds of thousands of customers, from small shops to Fortune 500 companies and government organizations. In ILDC, we have three teams:
- Azure Monitor Log Analytics delivers a world-leading log management solution. With an innovative Big Data analytical engine at its core, Log Analytics enables customers to efficiently collect, aggregate, and store petabytes of log data, providing powerful insights through a robust query language. Log Analytics also serves as a foundation for other Microsoft offerings, such as Microsoft Sentinel, Azure Application Insights, and more.
- Azure Monitor Alerts enables customers to proactively detect and respond to issues affecting their services by analyzing myriad telemetry signals and discovering anomalies.
- Azure Monitor AIOps, leverages the power of AI, ML, and LLM to help customers ensure their digital workloads are healthy and performant.
The Azure Application Security team is building the next-gen application security offering for Azure customers; a new huge-scale product offering L3-L7 protection for all deployments of applications hosted on Azure, including data-driven advanced detections and mitigations embedded into the datapath.
Azure Networking Security Research (ANSR) is facing and proactively looking for 1st party security issues, with the mission statement of making Azure the most secure cloud platform in the world. The group is focusing on researching internal Azure services and platforms, collaborating with engineering and security teams across Azure.
Network Segmentation and Isolation team is building solutions for securing the networks of Azure customers, as well as Microsoft’s own internal networks, by providing visibility, insights and zero-trust policies based on network traffic.
Backend Network security teams are building fundamental tools and services for securely operating Microsoft’s backend network, one of the largest networks in the world.
Azure Core Compute & Host ILDC develops and productizes cutting-edge acceleration hardware & software for accelerating, offloading and securing network processing from the host.
Our acceleration products, that impact every service running on Azure, combine highly efficient hardware and software elements running on Azure’s millions of servers. These products enable super-efficient and secure deployment of virtual servers and networks, all running on physical servers.
These accelerators use virtualization technologies to offload workloads from the host CPU resulting in improved throughput, latency, storage IOPS as well as reduced CPU utilization. The acceleration products also enable Microsoft to quickly and efficiently develop and deploy proprietary capabilities and offer unique features to its customers.
The Azure CXP vision is to “transform Microsoft cloud customers into fans”, by leading world-class customer reliability engagements, engineering modern customer-first experiences for scale, and driving deep customer insights and empathy into engineering.
The team in Israel is a virtual extension of Azure CXP, with PMs and engineers from across several Azure CXP organizations, including:
- FastTrack for Azure is a highly specialized customer-facing engineering organization focused on improving customer experiences.
- Growth and Innovation, driving effective design and deployment solutions on Microsoft Cloud for Software Development Companies and start-ups
- PRIMO PM team that builds and operates critical systems required to manage and operate the Microsoft Cloud
GitHub – Developer experiences group is part of the Development Experience department at GitHub. Its mission is to accelerate the delivery at GitHub by offering delightful, fast, compliant and secure solutions for developing, building, testing and deploying code.
The team is responsible for building and maintaining GitHub's runtime platform. This platform enables developers to easily build, deploy and manage the hundreds of applications that make up the world's largest code hosting platform.
The ILDC Content Development team creates customer-facing documentation and training content for the Microsoft products developed at the ILDC, and more. We create and maintain the customer documentation and training content published on Learn.Microsoft.com.
Our focus is spans Security, Identity, Azure Monitor, Azure Data Explorer, and PowerBI.
Our team partners with the product, customer experience, support, and design teams to create world-class product documentation and training.
| Kusto is a big data analytics platform for interactive ad-hoc queries over petabytes of data with minimal latency. As a grassroots incubation project that started in at ILDC, Kusto took on some of the greatest challenges in computer science, including creating a new query language, efficient database storage technologies, query optimization, ecosystem development, and data science enablement. With its leading technical capabilities and customer focus, the technology the Kusto team created rapidly attracted the attention of many product groups across the company and grew exponentially in usage and volume. Today, Kusto is the de facto standard at Microsoft for big data interactive analytics. It powers a broad list of analytical solutions as a service used by Microsoft and its customers, such as Azure Monitor, Azure Cost Management, Microsoft Defender, LinkedIn, Sentinel, Teams Education, and many more. Kusto is an integral part of the Azure Data Services cloud-scale analytics portfolio, offering Azure Data Explorer as a complete cloud-native database stack. It is also available as the Data Explorer component of Azure Synapse Analytics (a comprehensive and strategic analytics offering), providing customers with insights from their log and telemetry data. Kusto Detective Agency is a fun activity you can try for free with Azure Data Explorer. Explorer endless options at the Samples Gallery. |
Power BI enables connecting to and visualizing any data using a unified, scalable platform for self-service and enterprise business intelligence(BI) that’s easy to use and helps you gain deeper data insights. The Power BI Mobile Apps enable you to monitor your business right from your phone. Access on-premises data stored in SQL Server, or data in the cloud. Keep on top of KPIs and reports—Power BI Mobile apps give you a 360-degree view of your data—on the go. With the Power BI add-in for PowerPoint, you can enhance your data storytelling in PowerPoint with live, interactive Power BI data. Not only will the data shown in your presentations be always up to date, but also, while you're presenting, you'll be able to filter and drill down on data in response to questions and feedback from your audience without having to switch contexts. Power BI app to Microsoft Teams allows you to install, pin, and interact with Power BI directly inside Microsoft Teams. The Power BI personal app brings the entire basic Power BI service experience to Microsoft Teams.
Power BI Embedded allows for a white label usage of Power BI to quickly and easily provide exceptional customer facing dashboards and analytics in your own applications. You can enhance Power BI and bring your data to life with fully customized data visualizations. Share the visuals you create with your organization, embed them in an app, or share them with the world on AppSource. Develop and test custom visuals with our open-source SDK, based on well-known open-source JavaScript libraries like D3 and jQuery.
The Power BI deployment pipelines tool enables BI creators to manage the lifecycle of organizational content. Deployment pipelines enable creators to develop and test Power BI content in the Power BI service, before the content is consumed by users. Power BI Enterprise Information Management gives enterprises the ability to find and manage their business data through a variety of Power BI tools, including data lineage and impact analysis, data discovery , catalog integrations and information protection. It enables organizations to label, monitor, manage and protect their sensitive data assets.
Microsoft Fabric is an all-in-one analytics solution for enterprises and ISVs that covers everything from data movement to data science, Real-Time Analytics, and business intelligence. It offers a comprehensive suite of services, including data lake, data engineering, and data integration, all in one place. With Fabric, you don't need to piece together different services from multiple vendors. Instead, you can enjoy a highly integrated, end-to-end, and easy-to-use product that is designed to simplify your analytics needs. The platform is built on a foundation of Software as a Service (SaaS), which takes simplicity and integration to a whole new level.
Microsoft Fabric offers reach set of capabilities for developers and creators to collaborate and manage their work. Git integration in Microsoft Fabric enables developers to integrate their development processes, tools, and best practices straight into the Fabric platform. Fabric's deployment pipelines tool provides content creators with a production environment where they can collaborate to manage the lifecycle of organizational content. Deployment pipelines enable creators to develop and test content in the service before it reaches the users.
Microsoft Fabric also offers a wide range of governance capabilities which enable enterprises to find and manage their business data. The OneLake data hub makes it easy to find, explore, and use the Fabric data items in your organization that you have access to. Data Mesh enables organizations to organize and manage that data in a logical way that facilitates more targeted and efficient use and governance. Information protection enables organizations to label, monitor, manage and protect their sensitive data assets.
Microsoft Fabric offers ISVs and Enterprises the ability to automate procedures and processes and to embed Power BI in applications and websites. When using automation, organizations can complete tasks more quickly and with fewer errors. Power BI Embedded allows for a white label usage of Power BI to quickly and easily provide exceptional customer facing dashboards and analytics in your own applications. You can enhance Power BI and bring your data to life with fully customized data visualizations. Share the visuals you create with your organization, embed them in an app, or share them with the world on AppSource. Develop and test custom visuals with our open-source SDK, based on well-known open-source JavaScript libraries like D3 and jQuery.
Microsoft Cloud for ISV and AI: Accelerating ISV adoption of Microsoft Cloud and GenAI solutions
Our mission is to speed up adoption of the Microsoft Cloud, including industry and ROTH (Rooms Of The House) ISVs.
We focus on generative AI scenarios, offering tools and components that narrow the gap between our platforms and industry specific solutions. Our investments span across the following domains: Copilot extensions, custom copilots, document analysis, data analysis, schema management and transformation and finally product lifecycle. Investment domains address repeatable challenges/gaps identified via an expansive partner engagement program that we scale globally with the field.
Focus areas:
- Copilot extensions: industry-specific plugins to enrich copilot templates, industry prompt libraries to enhance the Microsoft Copilot app, infusing industry knowledge into M365 Copilot hero scenarios, such as Meeting preparation tuned for financial services
- Custom copilots: tools and components to help ISVs build copilots into their apps faster and with better quality
- Document analysis: offer high quality analysis of known industry documents, such as financial reports, and offer tools to address unique patterns and needs such as complex charts and table understanding, consideration for temporal aspect and more.
- Data analysis: industry-specific AI/M: models, as well as tools that streamline Q&A of structured data via industry-semantic aware tools
- Schema management & transformation: highly normalized Industry Data Models and advanced tools for streamlining management and transformation of data leveraging industry semantics
Microsoft Copilot Studio
Copilot Studio helps employees and customers design intelligent, actionable, and connected AI assistants.
The newly established MCS team in ILDC and EMEA will be using its expertise in building Copilot features, enabling customizations and extensibility, and deep customer understanding, to help accelerate the innovation in Copilot Studio. The team is focused on Gen AI, as well as Analytics, AzureAI integration with Copilot Stduio, Templates & Industries, as well as other strategic focus areas.
Health ILDC builds cloud services to deliver products and services to millions of users around the world, aiming to make a difference in people’s lives.
Health ILDC is a multi-disciplinary R&D organization that focuses on building AI technologies for the Health & Life Sciences industry. Our work involves Generative AI, Copilots, Conversional AI, Natural Language Processing, and combines software engineering, product management, medical science, research and applied data science, as well as ecosystem partnerships. We build products that allow healthcare organizations all around the world to reduce the burden from the clinical staff, improve their services and outcomes, and empower patients with access to health data and knowledge.
CDI Dataflows- The ILDC Citizen Data Integration team is part of the Data Integration group in the Azure Data/Intelligence Platform organization. Our group specializes in Data movement, preparation, and process orchestration, and provides both direct-to-customer SaaS offerings and PaaS integrations within Microsoft products. Our products and integrations serve customers across a wide spectrum of expertise, from citizen personas, requiring self-service and no to low-code solutions, all the way to medium to high code scenarios for pro-developers and petabyte-scale data volumes.
Our team at ILDC oversees the development of Dataflows: A self-service, cloud-based data preparation solution leveraging Power Query, a unified Data Connectivity and Preparation experience used by millions of customers every month. With dataflows, customers can prep data from hundreds of sources, apply 300+ transformations, and load data to a myriad of products and databases, including many Microsoft products: Fabric, Power BI, Power Platform, and Dynamic 365 Insight Applications. Dataflows run in the cloud, so data is always kept up to date.
[We like to keep our fans in suspense]
Azure
Data
More resources
[We like to keep our fans in suspense]
about the
magic