Microsoft Advanced Threat Analytics Security for Business

Microsoft is preparing to release the security system for Advanced Threat Analytics (or ATA) next month. It's a new way to prevent and protect against hacker attacks on corporate networks.Microsoft Advanced Threat Analytics

Since the latest preview version, Advanced Threat Analytics chief (ATA) Idan Plotnik reported that the application has 13 new features for enhanced threat detection.

"Once installed, ATA immediately starts analyzing all relevant issues such as network traffic, gathering information about AD entities, and collecting relevant events from events in the Information Security Management System," says Plotnik.

"Based on this analysis, the ATA creates a security chart and starts by identifying security issues, advanced attacks or detecting abnormal behaviors.

When an attack is detected, ATA creates a timeline of the attack that makes it very easy for security analysts to understand the attack and identify where to focus their efforts them."

Η νέα εφαρμογή θα είναι διαθέσιμη σαν αυτόνομο προϊόν ή θα υπάρχει και μέσα στο Enterprise Client Access License and Enterprise Suite της Microsoft. Τα πρόσθετα χαρακτηριστικά στην τελική έκδοση του Advanced Threat Analytics θα συμπεριλαμβάνουν:

  • Support for Event Forwarding to get events directly from servers/workstations to the ATA gateway;
  • Pass-The-Hash detection enhancements against corporate resources by combining DPI and logs analysis;
  • Enhancements for the support of non-domain joined devices (and non-Windows) for detection and visibility;
  • Performance improvements to support more traffic and events with ATA Gateway;
  • Performance improvements to support more ATA Gateways per ;
  • automatically resolution process to match between computer names and IPs to help save investigation time;
  • Improving inputs from the user to automatically adjust the detection process;
  • Automatic detection for NAT devices;
  • Automatic failover in case the Domain Controller is not reachable;
  • System and notifications providing the overall health state of the deployment as well as specific issues related to configuration, connectivity;
  • Visibility to sites and locations where entities operate;
  • Multi-domain support,
  • And support for Single Label Domains.

If you are interested in the new Advanced Threat Analytics product you can read more at Microsoft blog. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).