In past few years, Artificial Intelligence and Machine Learning had made a name for itself in the field of cyber security, helping IT and security professionals more efficiently and quickly identify risks and anticipate problems before they occur.
The good news is that if you are a Windows 10 user, Microsoft will now offer you a machine learning based threat intelligence feature via its inbuilt Windows security service, which will improve the security capabilities available on Windows 10 devices.
But, the bad news is that it is not free.
The company is offering this "differentiated intelligence" feature on its newly added service to Windows 10, dubbed Windows Defender Advanced Threat Protection (WDATP), which helps enterprises detect, investigate, and respond to advanced attacks on their networks.
This becomes possible after Microsoft recently signed a deal with FireEye that integrates the security vendor's iSIGHT Threat Intelligence into Windows Defender Advanced Threat Protection.
As part of the partnership, Microsoft will give FireEye access to all the telemetry data from every device running Windows 10, Australian website ARN reports.
"FireEye has invested in nation-state grade threat intelligence, and we are strategically partnering with industry leaders to operationalize this high-quality intel," Ken Gonzalez, FireEye's Vice President of Corporate Development, said in the official press release.
"By working with Microsoft, we're able to offer differentiated threat intelligence within WDATP and together help make organizations more secure."Update: Microsoft denies the claims, saying that the deal does not include any sharing of Microsoft telemetry with FireEye. Here's the official statement provided by a Microsoft Spokesperson to The Hacker News:
"The nature of the deal between Microsoft and FireEye is to license threat intelligence content from FireEye iSIGHT Intelligence. This additional layer of intelligence includes indicators and reports of past attacks collected and edited by FireEye and enhances detection capabilities of Windows Defender Advanced Threat Protection (WDATP). The deal does not include the sharing of Microsoft telemetry."It's no secret that Windows 10 collects all sorts of usage information on users and sends them back to Microsoft, which then uses this telemetry data to help identify security issues, fix problems and improve the quality of its operating system.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
This telemetry data includes information on the device running Windows 10, a list of installed apps, crash dumps, and other statistics from devices powered by its latest operating system.
However, this Microsoft's data mining capability also raised some privacy concerns among Windows users.
This newly-signed deal with FireEye is the first time that Microsoft has publicly agreed to share telemetry data of Windows 10 users with a third-party, which is definitely worrying for many users.
At this moment, the official press release says nothing about Microsoft providing FireEye with access to data collected from Windows 10 users.
Microsoft has yet to comment on this matter.