Study highlights critical role of Surface firmware protection

by Contributed | Mar 30, 2021 | Technology

This article is contributed. See the original author and article here.

Today Microsoft announced the result of a leadership study on Security Signals in the IT industry.  The study delves into the biggest challenges reported by security decision makers. Specifically, the report shows that as organizations are pivoting to hybrid work environments, attacks on endpoint devices have grown increasingly more frequent and sophisticated.

One area that is called out in the study is the recent surge (5x) of attacks against device firmware. The firmware, which lives below the operating system, is emerging as a primary target because it’s where devices store sensitive information, like credentials and encryption keys. The study points out that 83 percent of enterprises have experienced at least one firmware attack in the past two years. And during that time, less than a third of security decision makers allocated any budget resources on firmware protection. Respondents reported that little effort is made to invest in firmware protection until a breach occurs.

UEFI firmware protection

Microsoft introduced its own open-source UEFI to enable a secure and maintainable interface to manage firmware. On the Surface side, we have been enabling the automation of firmware protection since the 2015 release of Surface Pro 4. That’s when we made the decision to to build our own Microsoft UEFI ¹ and move away from the third party UEFI that our OEM partners were using.  The result is a fully transparent open-source project called Project Mu.

If you’re not already familiar with UEFI, it stands for Unified Extensible Firmware Interface. It’s essentially a modern version of a BIOS that initializes and validates system hardware components, boots Windows 10 from an SSD, and provides an interface for the OS to interact with the keyboard, display, and other input/output devices.

Centralized device management down to the firmware level

As Microsoft further developed the UEFI for Surface, we also built tools for managing and updating UEFI, beginning with SEMM (Surface Enterprise Management Mode). You can use it as a stand-alone tool or integrated with Microsoft Endpoint Configuration Manager to manage the UEFI settings on your Surface. SEMM lets you remotely enable and disable key components of Surface devices that would otherwise require you to physically go to every machine and boot straight into the UEFI (Power button + Volume Up). From a security perspective this is important as the more components you disable, that are not normally used, the smaller the attack vector. 

Aligned to Microsoft’s broader commitments, we moved SEMM capabilities to the cloud with the launch of DFCI (Device Firmware Configuration Interface). DFCI enables cloud-based control over UEFI settings through the Intune component of Microsoft Endpoint Manager. The best part is that DFCI can be enabled via policy and deployed with Windows Autopilot before anyone even logs into the device. This advancement placed Surface into a distinct technical advantage over other devices on the market. With DFCI a Surface device can be fully managed from Windows 10 down to firmware all through the power of the cloud and Microsoft Endpoint Manager.

Surface drives innovation into firmware security

So, what makes our UEFI secure? To start, it can be updated via Windows Update. Our UEFI does not require an outside tool from a third party or download site. In fact, when the vulnerability of Spectre and Meltdown was announced, Surface already had a fix available that was automatically pushed to every Surface device accepting updates. Windows Update patched the microcode of our processors all through UEFI. Another security step we take is to lock down the UEFI, to protect against known exploits. Surface UEFI uses Boot Guard and Secure Boot, which translates to a measured and signed firmware check at each stage in the initial boot process.

To take it a step further, Boot Guard enables the SoC (System on a Chip) to use the Surface/OEM key to verify that the initial UEFI firmware stage was signed by the OEM. The OEM key is a Surface key that is fused into the SoC at the factory. In simpler terms Boot Guard ensures valid firmware is booted during the initial boot phase of the device.

All of this leads us back to the Security Signals study. Microsoft Surface has implemented safeguards to address firmware vulnerabilities. Surface devices are developed with our own UEFI that is open-source, and we’ve built tools – both on-prem and in the cloud — to centrally manage devices at the firmware level to help further reduce attack vectors. We also provide a means to ensure your UEFI stays up to date via Windows Update, and we’ve secured the UEFI via Boot Guard to ensure what you boot is authentic and what you expect.  At Surface, we are fully committed to continuing our iteration on the Security front by designing and building innovative practices to protect your devices and data.

To learn more about Surface Security please visit the Surface for Business security website: Security & Endpoint Protection – Microsoft Surface for Business

¹ Surface Go and Surface Go 2 use a third-party UEFI and do not support DFCI. DFCI is currently available for Surface Laptop Go, Surface Book 3, Surface Laptop 3, Surface Pro 7, Surface Pro 7+ and Surface Pro X. Find out more about managing Surface UEFI settings at https://docs.microsoft.com/en-us/surface/manage-surface-uefi-settings.

Workplace Analytics – April 2021: Feature updates

by Contributed | Mar 30, 2021 | Technology

This article is contributed. See the original author and article here.

‎The Workplace Analytics team is excited to announce our feature updates for April 2021. (You can see past blog articles here). This month’s update describes a coming attraction: Collaboration and Manager metrics with Teams IM and call data. 

Coming soon: Collaboration and manager metrics with Teams IM and call data

Overview

 We are pleased to announce a new feature release for April 19, 2021. The new release includes a few exciting updates:  

• Integration of Microsoft Teams chats and Teams calls into the Collaboration hours metric and refined Collaboration hours logic to better accommodate overlapping activities 


• New “is person’s manager” and “is person’s direct report” attributes available in Person query participant filters 

Additionally, we’ve implemented a handful of improvements to other metrics: 

• Outlier improvements to Email hours and Call hours metrics 


• Better alignment of After-hours collaboration hours and Working hours collaboration hours to total Collaboration hours, and of After-hours email hours and Working hours email hours to total Email hours 

These updates reflect customer feedback and help leaders better understand how collaboration in Microsoft Teams impacts wellbeing and productivity. 

How do these changes impact you?

For Workplace Analytics analysts

• Adjusted results – If you are accessing insights in Microsoft Viva Insights app in Teams or the Workplace Analytics web application, running custom queries, or using Workplace Analytics Power BI templates, some of the aggregated results might show different numbers than previously seen. 
  These changes will not impact any queries that have already been run and saved, and starting April 19, 2021, new queries and calculated insights will use the new logic over the entire historical period of collaboration data. If you are in the middle of an active project that uses these metrics, we recommend re-running your queries to update the results with the new versions of the impacted metrics. 

• “Unstacking” the Collaboration hours metric – You might be used to seeing or using visualizations that “stack” the components of collaboration time (like Meeting hours and Email hours) to get to the total collaboration time. But since emails and Teams chats and calls can occur during meetings and Teams calls, we’ve refined the logic so that these “overlapping activities” only count toward total collaboration time once.  
  As a result, expect to see Collaboration hours that is no longer just the sum of its parts – Email hours, Call hours, Teams chat hours, and Meeting hours. If you have reports and visuals that compare collaboration hours with its parts, you might want to adjust the report to show these components side by side instead. For example, the Workplace Analytics Ways of working assessment and Business continuity templates for Power BI both previously included examples of this “stacked” view, which will reflect revised visuals when you download the newest versions of the templates. 

• New manager measures – Want to know how many emails the average manager sends to their directs? Or whether managers on a team tend to use unscheduled calls instead of scheduled 1:1s? You are no longer limited to just the “built-in” manager meeting metrics in Workplace Analytics.  
  If you are interested in understanding how employees communicate with their direct managers, you can create new custom measures in a Person query to measure the meeting, email, call, and chat activity where any or all participants are the measured employee’s direct manager or direct report. 

• Impact on Plans – If you are currently running a Wellbeing plan to reduce after-hours collaboration, you might observe a shift in the baseline After-hours collaboration hours metric, which might cause the goal that was selected for the plan to no longer make sense. If this is the case, we recommend requesting a deferral of this feature so that ongoing plans can finish running undisturbed. 

For manager or leader insights

Shifting points of reference – If you are used to seeing a specific result for some metrics (for example, “I know that our average email hours are usually around 8 hours per week, and that’s something we’d like to reduce.”), the new changes will likely change the results. However, that baseline number might shift as a result of the improved methodology. If you are working directly with a Workplace Analytics practitioner from Microsoft, a partner, or your own organization, they can help you evaluate whether this raises any new considerations for ongoing projects.  

What if you want to get these features sooner than April 19, 2021?

To sign up for early access, please complete this online form.  

Can you defer this release?

Expect to see some shifts in the results for metrics impacted by these changes (full list below). If you are in the middle of an active project that uses these metrics, we recommend re-running your queries to update the results with the new version of collaboration hours.  

If this shift would be disruptive to your project, you can optionally request a one-time deferral of this feature release for up to three months. Please complete the online form by April 15, 2021, if you would like to request a one-time, three-month deferral. 

Additional details about the changes

Integrates Microsoft Teams chats and calls into Collaboration hours and related metrics

The legacy Collaboration hours metric simply added email hours and meeting hours. However, in reality, these activities can overlap. Collaboration hours now reflect the total impact of different types of collaboration activity, including emails, meetings, Teams chats, and Teams calls. With this release, Collaboration hours capture more time and activity, and adjusts the results so that any overlapping activities are counted only once. 

The following queries and metrics will reflect this new logic: 

Person query and Peer analysis query

• Collaboration hours 


• Working hours collaboration hours 


• After hours collaboration hours 


• Collaboration hours external 

Person-to-group query

• Collaboration hours 

Group-to-group query

• Collaboration hours 

The following join the other metrics that already include Teams activity: 

Person query and Peer analysis query

• Workweek span 


• Internal network size 


• External network size 


• Networking outside organization 


• Networking outside company 

Network: Person query  

• Influence 

Network: Person-to-person query

• Strong and diverse ties 

Adds new “Is person’s manager” and “Is person’s direct report” metric filter options

We’re adding new participant filter options to our email, meeting, chat, and call metrics for Person queries. These new options enable you to filter activity where all, none, or at least one participant includes the measured employee’s direct manager or their direct report. 

You can use the new filters to customize any base metric that measures meeting, email, instant message, or call activity (such as Email hours, Emails sent, Working hours email hours, After hours email hours, Meeting hours, and Meetings). 

 Selecting the “Is person’s direct report” filter to customize a metric 

The following are examples of some custom metrics you can create in a Person query with these new filters. 

Improves outlier handling for Email hours and Call hours  

When actual received email data is not available, Workplace Analytics uses logic to impute an approximation of the volume of received mail. We are adjusting this logic to reflect the results of more recent data science efforts to refine these assumptions. Further, we have received reports about measured employees with extremely high measured call hours. This was a result of “runaway calls” where the employee joined a call and forgot to hang up. We have capped call hours to a maximum of three hours to avoid attributing excessive time for these scenarios. 

The following queries and metrics will use the new logic: 

Person query and Peer analysis query

• Collaboration hours 


• Working hours collaboration hours 


• After hours collaboration hours 


• Collaboration hours external 


• Email hours 


• Working hours email hours 


• After hours email hours 


• Call hours 

Person-to-group query

• Collaboration hours 


• Email hours 

Group-to-group query

• Collaboration hours 


• Email hours 

Better aligns working hours and after-hours metrics with their respective overall metrics

Previously, After-hours email hours plus Working hours email hours and After-hours collaboration hours plus Working hours collaboration hours did not add up to total Email hours or Collaboration hours, because of limitations attributing certain types of measured activity to a specific time of day. We improved the algorithm to better attribute time for these metrics, resulting in better alignment between working hours and after-hours metrics. 

The following queries and metrics will reflect the new logic: 

Person query and Peer analysis query

• Working hours collaboration hours 


• After hours collaboration hours 


• Working hours email hours 


• After hours email hours 

Impacted metrics by query type

New Detections for Azure Firewall in Azure Sentinel

by Contributed | Mar 30, 2021 | Technology

This article is contributed. See the original author and article here.

Introduction

Recent attacks highlight the fact that in addition to implementing appropriate security protection controls to defend against malicious adversaries, continuous monitoring, and response for every organization.  To implement security monitoring and response from a networking perspective, you need visibility into traffic traversing through your network devices and detection logic to identify malicious patterns in the network traffic.  This is a critical piece for every infrastructure/network security process. 

Readers of this post will hopefully be familiar with both Azure Firewall which provides protection against network-based threats, and Azure Sentinel which provides SEIM and SOAR (security orchestration, automation, and response) capabilities.  In this blog, we will discuss the new detections for Azure Firewall in Azure Sentinel.  These new detections allow security teams to get Sentinel alerts if machines on the internal network attempt to query/connect to domain names or IP addresses on the internet that are associated with known IOCs, as defined in the detection rule query.  True positive detections should be considered as Indicator of Compromise (IOC).  Security incident response teams can then perform response and appropriate remediation actions based on these detection signals.

Scenario

In case of an attack, after breaching through the boundary defenses, a malicious adversary may utilize malware and/or malicious code for persistence, command-and-control, and data exfiltration.  When malware or malicious code is running on machines on the internal network, in most cases, it will attempt to make outbound connections for command-and-control updates, and to exfiltrate data to adversary servers through the internet.  When this happens, traffic will inevitably flow out through the network egress points where it will be processed and logged by the by devices or ideally a firewall controlling internet egress.  The data logged by devices/firewalls processing internet egress traffic can be analyzed to detect traffic patterns suggesting/representing command-and-control or exfiltration activities (also called IOCs or Indicator of Compromise). This is the basis of network-based detections discussed in this blog.

When customers use Azure Firewall for controlling their internet egress, Azure Firewall will log all outbound traffic and DNS query traffic if configured as a DNS Proxy, to the defined Log Analytics workspace.  If a customer is also using Azure Sentinel, they can ingest log data produced by Azure Firewall and run built-in or custom Analytic Rules templates on this data to identify malicious traffic patterns representing IOCs, that these rules are defined to detect.  These rules can be configured to run on a schedule and create an incident (or perform an automated action) in Azure Sentinel when there is a match.  These incidents can then be triaged by the SOC for response and remediation.

What’s New

Up until now, there were only a couple of Analytic Rule based detections for Azure Firewall available in Azure Sentinel.  We are excited to announce availability of eight new detections for well-known IOCs in Azure Sentinel based on traffic patterns flowing through the Azure Firewall.  The table below provides a list of new detections which have been added recently and are available to you at the time of publishing this blog.

The screenshot below shows the new Azure Firewall detections in the Azure Sentinel Analytic Rule blade

Azure Firewall Detection Rules in Azure Sentinel

How Network Based Detection Work

To understand how these detections work, we will examine the “Solorigate Network Beacon” detection which indicates a compromise associated with the SolarWinds exploit.  The query snippet below identifies communication to domains involved in this incident.

1. We start by declaring all the domains that we want to find in the client request from the internal network

let domains = dynamic(["incomeupdate.com","zupertech.com","databasegalore.com","panhardware.com","avsvmcloud.com","digitalcollege.org","freescanonline.com","deftsecurity.com","thedoccloud.com","virtualdataserver.com","lcomputers.com","webcodez.com","globalnetworkissues.com","kubecloud.com","seobundlekit.com","solartrackingsystem.net","virtualwebdata.com"]);

2. Then we perform a union to look for traffic destined for these domains in data from multiple sources which include Common Security Log (CEF), DNS Events, VM Connection, Device Network Events, Azure Firewall DNS Proxy, and Azure Firewall Application Rule logs

(union isfuzzy=true
(CommonSecurityLog
        | parse ..
),
(DnsEvents
        | parse ..
),
(VMConnection
        |parse ..
),
(DeviceNetworkEvents
        | parse ..
),
(AzureDiagnostics
    | where ResourceType == "AZUREFIREWALLS"
    | where Category == "AzureFirewallDnsProxy"
    | parse msg_s with "DNS Request: " ClientIP ":" ClientPort " - " QueryID " " Request_Type " " Request_Class " " Request_Name ". " Request_Protocol " " Request_Size " " EDNSO_DO " " EDNS0_Buffersize " " Responce_Code " " Responce_Flags " " Responce_Size " " Response_Duration
    | where Request_Name has_any (domains)  
    | extend DNSName = Request_Name
    | extend IPCustomEntity = ClientIP 
    ),
  (AzureDiagnostics 
    | where ResourceType == "AZUREFIREWALLS"
    | where Category == "AzureFirewallApplicationRule"
    | parse msg_s with Protocol 'request from ' SourceHost ':' SourcePort 'to ' DestinationHost ':' DestinationPort '. Action:' Action
    | where isnotempty(DestinationHost)
    | where DestinationHost has_any (domains)  
    | extend DNSName = DestinationHost 
    | extend IPCustomEntity = SourceHost
    ) 
    )

3. When this rule query is executed (based on schedule), it will analyze logs from all the data sources defined in the query which also includes the Azure Firewall DNS Proxy and Application Rule logs.  The result will identity hosts in the internal network which attempted to query/connect to one of the malicious domains which were declared in Step 1

Instructions to Configure Azure Firewall Detections in Sentinel

These detections are available as Analytic Rules in Azure Sentinel and can be quickly deployed by following the steps below.

1. Open the Azure Sentinel blade in the Azure Portal


2. Select the Sentinel workspace where you have the Azure Firewall logs


3. Select Analytics blade and then click on Rule templates


4. Under Data Sources, filter by Azure Firewall


5. Select the Rule template you want to enable and click Create rule and configure rule settings to create a rule

Steps to Configure Azure Firewall Rules in Azure Sentinel

Summary

Azure Firewall logs can help identify patterns of malicious activity and Indicators of Compromise (IOCs) in the internal network.  Built-in Analytic Rules in Azure Sentinel provide a powerful and reliable method for analyzing these logs to detect traffic representing IOCs in your network.  With added support for Azure Firewall to these detections, you can now easily detect malicious traffic patterns traversing through Azure Firewall in your network which allows you to rapidly respond and remediate the threats.  We encourage all customers to utilize these new detections to help improve your overall security posture.

As new attack scenarios surface and associated detections are created in future, we will evaluate them and add support for Azure Firewall or other Network Security products, where applicable.  You can also contribute new connectors, detections, workbooks, analytics and more for Azure Firewall in Azure Sentinel. Get started now by joining the Azure Network Security plus Azure Sentinel Threat Hunters communities on GitHub and following the guidance.

Additional Resources

• To learn more about Azure Firewall, visit:  https://docs.microsoft.com/en-us/azure/firewall


• To learn more about Azure Sentinel, visit:  http://aka.ms/ninjatraining

Azure Speech and Batch Ingestion

by Contributed | Mar 30, 2021 | Technology

This article is contributed. See the original author and article here.

Getting started with Azure Speech and Batch Ingestion Client

Batch Ingestion Client is as a zero-touch transcription solution for all your audio files in your Azure Storage. If you are looking for a quick and effortless way to transcribe your audio files or even explore transcription, without writing any code, then this solution is for you. Through an ARM template deployment, all the resources necessary to seamlessly process your audio files are set-up and set in motion.

Why do I need this?

Getting started with any API requires some amount of time investment in learning the API, understanding its scope, and getting value through trial and error. In order to speed up your transcription solution, for those of you that do not have the time to invest in getting to know our API or related best practices, we created an ingestion layer (a client for batch transcription) that will help you set-up a full blown, scalable and secure transcription pipeline without writing any code.

This is a smart client in the sense that it implements best practices and optimized against the capabilities of the Azure Speech infrastructure. It utilizes Azure resources such as Service Bus and Azure Functions to orchestrate transcription requests to Azure Speech Services from audio files landing in your dedicated storage containers.

Before we delve deeper into the set-up instructions, let us have a look at the architecture of the solution this ARM template builds.

The diagram is simple and hopefully self-explanatory. As soon as files land in a storage container, the Grid Event that indicates the complete upload of a file is filtered and pushed to a Service bus topic. Azure Functions (time triggered by default) pick up those events and act, namely creating Tx requests using the Azure Speech Services batch pipeline. When the Tx request is successfully carried out an event is placed in another queue in the same service bus resource. A different Azure Function triggered by the completion event starts monitoring transcription completion status and copies the actual transcripts in the containers from which the audio file was obtained. This is it. The rest of the features are applied on demand. Users can choose to apply analytics on the transcript, produce reports or redact, all of which are the result of additional resources being deployed through the ARM template. The solution will start transcribing audio files without the need to write any code. If -however- you want to customize further this is possible too. The code is available in this repo.

The list of best practices we implemented as part of the solution are:

1. Optimized the number of audio files included in each transcription with the view of achieving the shortest possible SAS TTL.


2. Round Robin around selected regions in order to distribute load across available regions (per customer request)


3. Retry logic optimization to handle smooth scaling up and transient HTTP 429 errors


4. Running Azure Functions economically, ensuring minimal execution cost

Setup Guide

The following guide will help you create a set of resources on Azure that will manage the transcription of audio files.

Prerequisites

An Azure Account as well as an Azure Speech key is needed to run the Batch Ingestion Client.

Here are the detailed steps to create a speech resource:

NOTE: You need to create a Speech Resource with a paid (S0) key. The free key account will not work. Optionally for analytics you can create a Text Analytics resource too.

1. Go to Azure portal


2. Click on +Create Resource


3. Type Speech and


4. Click Create on the Speech resource.


5. You will find the subscription key under Keys


6. You will also need the region, so make a note of that too.

To test your account, we suggest you use Microsoft Azure Storage Explorer.

The Project

Although you do not need to download or do any changes to the code you can still download it from GitHub:

git clone https://github.com/Azure-Samples/cognitive-services-speech-sdkcd cognitive-services-speech-sdk/samples/batch/transcription-enabled-storage

Make sure that you have downloaded the ARM Template from the repository.

Batch Ingestion Client Setup Instructions

1. Click on +Create Resource on Azure portal as shown in the following picture and type ‘ template deployment ’ on the search box.

      2. Click on Create Button on the screen that appears as shown below.

     3. You will be creating the relevant Azure resources from the ARM template provided. Click on click on the ‘Build your own template in the editor’ link and wait for the new screen to load.

You will be loading the template via the Load file option. Alternatively, you could simply copy/paste the template in the editor.

Saving the template will result in the screen below. You will need to fill in the form provided. It is important that all the information is correct. Let us look at the form and go through each field.

NOTE: Please use short descriptive names in the form for your resource group. Long resource group names may result in deployment error

• First pick the Azure Subscription Id within which you will create the resources.


• Either pick or create a resource group. [It would be better to have all the resources within the same resource group so we suggest you create a new resource group].


• Pick a region [May be the same region as your Azure Speech key].

The following settings all relate to the resources and their attributes

• Give your transcription enabled storage account a name [you will be using a new storage account rather than an existing one]. If you opt to use existing one then all existing audio files in that account will be transcribed too.

The following 2 steps are optional. Omitting them will result in using the base model to obtain transcripts. If you have created a Custom Speech model using Speech Studio, then:

• Enter optionally your primary Acoustic model ID


• Enter optionally your primary Language model ID

If you want us to perform Language identification on the audio prior to transcription you can also specify a secondary locale. Our service will check if the language on the audio content is the primary or secondary locale and select the right model for transcription.

Transcripts are obtained by polling the service. We acknowledge that there is a cost related to that. So, the following setting gives you the option to limit that cost by telling your Azure Function how often you want it to fire.

• Enter the polling frequency [There are many scenarios where this would be required to be done couple of times a day]


• Enter locale of the audio [you need to tell us what language model we need to use to transcribe your audio.]


• Enter your Azure Speech subscription key and Locale information

The rest of the settings related to the transcription request. You can read more about those in our docs.

• Select a profanity option


• Select a punctuation option


• Select to Add Diarization [all locales]


• Select to Add Word level Timestamps [all locales]

Do you need more than transcription? Do you need to apply Sentiment to your transcript? Downstream analytics are possible too, with Text Analytics Sentiment and Redaction being offered as part of this solution too.

If you want to perform Text Analytics please add those credentials.

• Add Text analytics key


• Add Text analytics region


• Add Sentiment


• Add data redaction

If you want to further analytics we could map the transcript json we produce to a DB schema.

• Enter SQL DB credential login


• Enter SQL DB credential password

You can feed that data to your custom PowerBI script or take the scripts included in this repository. Follow this guide for setting it up.

Press Create to trigger the resource creating process. It typically takes 1-2 mins. The set of resources are listed below.

If a Consumption Plan (Y1) was selected for the Azure Functions, make sure that the functions are synced with the other resources (see this for further details).

To do so, click on your StartTranscription function in the portal and wait until your function shows up:

Do the same for the FetchTranscription function

Running the Batch Ingestion Client

Upload audio files to the newly created audio-input container (results are added to json-result-output and test-results-output containers). Once they are done you can test your account.

Use Microsoft Azure Storage Explorer to test uploading files to your new account. The process of transcription is asynchronous. Transcription usually takes half the time of the audio track to be obtained. The structure of your newly created storage account will look like the picture below.

There are several containers to distinguish between the various outputs. We suggest (for the sake of keeping things tidy) to follow the pattern and use the audio-input container as the only container for uploading your audio.

Customizing the Batch Ingestion Client

By default, the ARM template uses the newest version of the Batch Ingestion Client which can be found in this repository. If you want to customize this further clone the repo

To publish a new version, you can use Visual Studio, right click on the respective project, click publish and follow the instructions.

What to build next

Now that you’ve successfully implemented a speech to text scenario, you can build on this scenario. Take a look at the insights Text Analytics provides from the transcript like caller and agent sentiment, key phrase extraction and entity recognition.  If you’re looking specifically to solve for Call centre transcription, review this docs page for further guidance

Meet the 2021 Imagine Cup World Finals judges

by Contributed | Mar 30, 2021 | Technology

This article is contributed. See the original author and article here.

This week, twelve student teams from across the globe will pitch their purpose-driven applications in Round 2 of the Imagine Cup World Finals. Four winning teams will be selected by a panel of expert judges to move forward to the 2020 World Championship.

This year’s panel includes industry experts with backgrounds in sustainability, e-commerce, accessibility, science, and more. Aligning with our Earth, Education, Healthcare, and Lifestyle competition categories, judges’ combined expertise will allow them to assess which teams have designed inclusive and original solutions with the potential for global impact.

During the World Finals, teams will pitch their solutions live to showcase their ideas and technology to each judge. The top four innovations will be selected to win USD10,000 and advance to the 2020 World Championship this May, plus two runner-up teams in each category will take home USD2,500.  

Meet our World Finals judges! 

Keira Havens Sustainability and Public Affairs Manager, Pivot Bio	Keira Havens has been deeply involved in synthetic biology as a scientist, an entrepreneur, a communicator, and a thought leader. Her work has engaged all facets of the synthetic biology economy in the pursuit of beautiful biotechnology – well designed, elegant solutions to intractable problems. In her current role as Sustainability and Public Affairs Manager she is working with the Pivot Bio team to tell the story of the future of fertilizer. She received her B.S. in Molecular Biochemistry and Biophysics from the Illinois Institute of Technology and her Masters from CSU.
Devendra Singh Chief Technology Officer, PowerSchool	As Chief Technology Officer for PowerSchool, Devendra is responsible for all Product Development and Cloud Operations within the company. He brings more than 20 years of experience in building enterprise-class software and cloud solutions for managing mission-critical business processes at Fortune 1,000 companies. Prior to joining PowerSchool, Devendra was Vice President of Product Development at Oracle, held senior positions in Product Development and Product Management at Agile Software, and participated in major business transformation initiatives as a Management Consultant with A.T. Kearney. Devendra earned his Bachelor of Engineering degree from Delhi College of Engineering and an MBA from University of Michigan Ross School of Business.
Jason Goldberg Chief Commerce Strategy Officer, Publicis	Jason Goldberg is the Chief Commerce Strategy Officer at Publicis Communications.  He is one of the most followed e-commerce subject matter experts on the web (@retailgeek).  He is the executive chairman of the board of directors of shop.org (and the National Retail Federation Digital Advisory Board). Jason has served as an expert witness in Federal Court on e-commerce, a guest lecturer on retail and e-commerce at the Kellogg School of Management for Northwestern University, hosts iTunes top e-commerce podcast called “The Jason & Scot Show”, and has been voted one of retail’s top global influencers by Vend five consecutive years.
Kai Frazier Founder, KaiXR	Kai Frazier is an educator turned EdTech entrepreneur passionate about using tech to provide inclusive and accessible opportunities for underestimated communities. She is the founder & CEO of Kai XR, the most inclusive and accessible, educational VR platform where kids can explore, dream, & create. Before creating Kai XR, she worked with several museums such as the United States Holocaust Memorial Museum as well as the Smithsonian National Museum of African American History & Culture, specializing in digital strategy and content creation. Kai served as an entrepreneur in residence at the Kapor Center for Social Impact as well as Techstars Social Impact accelerator.
Amanda Silver Corporate Vice President, Microsoft	Amanda Silver is the Corporate Vice President & Head of Product for Microsoft’s Developer Division, which includes Visual Studio, Visual Studio Code, .NET, TypeScript, and much of Microsoft’s developer platform. Her focus on customer-driven engineering, with a tight digital feedback loop, has helped ensure our products are loved by developers. She has been key to Microsoft’s transformation to contribute to open source with the introduction of TypeScript, Visual Studio Code, and the acquisition of both Xamarin and GitHub. She championed customer-focused innovations like Visual Studio Live Share and IntelliCode, which have transformed how developers and teams build and collaborate worldwide. Amanda is a leader in driving cultural transformation, working with teams across Microsoft to foster diversity and inclusion, customer-driven engineering practices, and product incubation. Unleashing the creativity of all developers is her passion.
Neil Sebire Chief Clinical Data Officer, HDR UK	Neil Sebire is Professor of Pathology at Great Ormond Street Children’s Hospital in London and a Professor at UCL. He is the Chief Research Information Officer and runs the clinical-informatics research program at GOSH, as well as being national Chief Clinical Data Officer for Health Data Research UK.  He has published numerous scientific journal articles and several textbooks and current research interests are focused on the development and evaluation of data driven technologies to improve child health.

Follow the competition journey on Instagram and Twitter to find out which four teams judges will select to move forward. Stay tuned as they get ready to compete in the Imagine Cup World Championship for the chance to take home USD75,000 and a mentoring session with Microsoft CEO, Satya Nadella! 

New transactable offers from iGlobe, Starburst Data, and Zegami in Azure Marketplace

by Contributed | Mar 30, 2021 | Technology

This article is contributed. See the original author and article here.

Microsoft partners like iGlobe, Starburst Data, and Zegami deliver transact-capable offers, which allow you to purchase directly from Azure Marketplace. Learn about these offers below: iPlanner Pro: Manage all your Microsoft Planner tasks directly from Microsoft Outlook with iGlobe’s iPlanner Pro add-in for Microsoft 365. iPlanner Pro extends the Microsoft 365 experience by providing contextual functionality that enables users to create, organize, share, and assign tasks and files in Planner while working in Outlook. Starburst Enterprise: Deployed via Azure Kubernetes Service on Microsoft Azure, Starburst Enterprise is a data consumption layer that unlocks siloed data by providing fast access to any data source via SQL. Provide all your data consumers a secure single point of access to all your data, no matter where it lives. Zegami: Zegami is an AI-powered image analysis platform for scientific and medical imaging designed to increase the accuracy of machine learning models. Rapidly categorize, label, and clean large image datasets and extract insights from disparate data sources, including images, videos, databases, and APIs.