Credit: Rawpixel / Jeff Hu / Getty Images Microsoft announced Monday that it’s getting into the managed security services business. The company’s Microsoft Security Experts program includes three new managed services.Microsoft Defender Experts for Hunting is for its customers who have robust security operations centers but would like Microsoft to hunt for threats in data from endpoints, Office 365, cloud applications, and identity sources. Microsoft’s experts will hand off any actionable alerts they discover to security operations center (SOC) personnel, along with remediation recommendations. Microsoft experts are also available on-demand to answer security questions about anything from incidents to action by nation-state actors to updates on the latest attack vectors. The projected launch window for the service is in the summer of 2022.Microsoft Defender Experts for XDR is for customers who need to extend the capacity of their SOC. It extends beyond endpoints to provide detection and response across Microsoft 365 Defender. It will investigate alerts and use automation and human expertise to respond to incidents alongside a local security team. Preview of the service is expected to roll out in the fall of 2022. Microsoft Security Services for the Enterprise combines proactive threat hunting and managed XDR. It leverages Microsoft’s complete security information and event management (SIEM) and XDR stack to protect all cloud environments and all platforms. The service uses Microsoft security experts to manage onboarding, daily interactions, practice modernization, and incident response for an organization. The service is sold through a custom statement of work and is available today. Incident response, modernization services rolled into Experts programMicrosoft will be rolling two existing offerings into the Experts program. Microsoft Security Services for Incident Response provides experts who can be consulted before, during, and after a data breach. The Microsoft pros can help an organization remove a bad actor from its environment, remediate its defenses after a breach, and build resilience against future attacks.Microsoft Security Services for Modernization is aimed at customers engaged in a security transformation of their organization. It provides consulting services to help customers at any stage of their security journey, including embracing a Zero Trust approach to security. “[T]echnology alone is not enough to defend against cybercrime,” Microsoft Corporate Vice President for Security, Compliance, Identity, and Management Vasu Jakkal wrote in a company blog. “Technology is critical, but it’s the combination of leading technologies, comprehensive threat intelligence, and highly skilled people that makes for a truly effective security posture.”Harder for organizations to build security teamsThe challenge in this critical moment when cybersecurity has reached an inflection point, Jakkal noted, is that organizations are facing a cybersecurity talent shortage, with nearly one in three—or 2.5 million—security jobs vacant in the United States. That’s pushing the time of detection for a breach to an alarming 287 days. Even when talent is available, access to highly skilled expertise remains a challenge. “It’s getting harder every day for organizations to build and maintain a full security team, let alone one with the ever-expanding skillset required to meet the range of today’s security demands,” he wrote. Related content interview Strong CIO-CISO relations fuel success at Ally CIO Sathish Muthukrishnan and CISO Donna Hart have forged a partnership steeped in Ally’s culture of radical candor that keeps the financial services firm secure and innovative. By Dan Roberts May 09, 2024 9 mins CIO CSO and CISO IT Leadership news Zscaler shuts down exposed system after rumors of a cyberattack Initially dismissing rumors, Zscaler now says it did have a system exposed but nothing important has been accessed. By Shweta Sharma May 09, 2024 3 mins Data Breach Cyberattacks news Palo Alto launches AI-powered solutions to fight AI-generated cyberthreats The suite is powered by Palo Alto’s proprietary solution, Precision AI, which integrates machine learning, deep learning, and generative AI technologies. By Prasanth Aby Thomas May 09, 2024 3 mins Generative AI Security Software news F5 patches BIG-IP Next Central Manager flaws that could lead to device takeover Two high-risk vulnerabilities could allow attackers to gain full administrative control on devices via leaked password hashes. By Lucian Constantin May 08, 2024 5 mins Threat and Vulnerability Management Cloud Security Vulnerabilities PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe