Security Advisor
Microsoft Rumored To Be Developing Malware Detonation Platform as a Service
The first hint of the new project comes from a job listing posted by the company.
In a jobs listing posted to the Microsoft Careers Web site, the company gave hints that it's developing a VM-based platform focused on malware protection.
Code-named "Project Sonar," the future offering looks to extend some of the company's current machine-based security features to a wider reach among Microsoft products. "The Sonar team builds and operates a VM based malware detonation platform as a service. Our system spins up 10's of thousands of VMs a day to detect malware and protect customers. We're deployed in places like the Windows App Store and Exchange Online. We are taking the service to the next level to handle more customers and data at scale," read the job listing.
In the case of Exchange Online, Microsoft analyses e-mails before arriving to their destination with multiple filters to weed out messages that might be hiding malware.
According to the listing, the new project will pull information from millions of malware samples in VMs that should add up to terabytes of raw data, according to the company. However, as pointed out by Redmond columnist Mary Jo Foley in a ZDnet article, the company is tight lipped on who will actually be handling the raw data.
"From the job posts about Sonar, it's not clear to me if Microsoft will allow customers to run Sonar and then amass and analyze the data collected, or if Microsoft will run Sonar and allow users to analyze the data gathered," wrote Foley.
And that sounds like one of the hurdles that the new position will be looking to solve. Per the listing:
"We're looking for a very self-driven, full-stack web developer to figure out how to store and search that data in performant manner, build a web-based Analyst Studio to make that data discoverable and actionable by analysts, build data pipelines to get our most interesting data to other Microsoft security systems in near real time, and also build publicly consumable Web APIs and portals for these services."
Foley also pointed out that Project Sonar could be associated with the Microsoft Cosmos Service, which offers customers big data analysis and storage services. Whatever the real-time malware protection service ends up being, Microsoft is keeping quiet, declining to comment on the project.