Microsoft will soon make what appears to be a useful and differentiating service generally available for its Azure SQL cloud database. Here are the key details from Redmond's announcement:
Azure SQL Database Threat Detection provides an additional layer of security intelligence built into the Azure SQL Database service. It helps customers using Azure SQL Database to secure their databases within minutes without needing to be an expert in database security. It works around the clock to learn, profile and detect anomalous database activities indicating unusual and potentially harmful attempts to access or exploit databases.
SQL Database Threat Detection runs multiple sets of algorithms which detect potential vulnerabilities and SQL injection attacks, as well as anomalous database access patterns (such as access from an unusual location or by an unfamiliar principal). Security officers or other designated administrators get email notification once a threat is detected on the database. Each notification provides details of the suspicious activity and recommends how to further investigate and mitigate the threat.
Microsoft is offering a 60-day free trial. Regular pricing will be $15 per server per month. The announcement repeatedly emphasizes the turnkey nature of the service and the fact that admins need not be security experts to use it (which is sort of the point with this type of feature, but we digress).
The service should be fairly robust once it goes GA, given how long it's been gestating and being tested with customers. Microsoft made a public preview of it available in November 2015. However, it should be duly noted that the service provides threat detection and not threat prevention or mitigation—not that Microsoft is attempting to say otherwise.
Security is one area, beyond price and performance, where cloud vendors can differentiate in an increasingly competitive market. As an established player, Microsoft also has the advantage of large amounts of telemetry data that informs the algorithms powering the threat detection service. Microsoft gets 300 billion authentication requests per month, runs security scans on more than 200 billion emails per month, and receives 1.3 billion calls to Azure Active Directory each day, as an executive told the Register.
24/7 Access to Constellation Insights
Subscribe today for unrestricted access to expert analyst views on breaking news.