Advance Threat Analytics Deployment

Advance Threat Analytics Deployment Advance Threat Analytics Deployment

Microsoft Advanced Threat Analytics is an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber attacks and insider threats.

ATA leverages a proprietary network parsing engine to capture and parse network traffic of multiple protocols (such as Kerberos, DNS, RPC, NTLM, and others) for authentication, authorization, and information gathering. This information is collected by ATA via either:

Port mirroring from Domain Controllers and DNS servers to the ATA Gateway and/or
Deploying an ATA Lightweight Gateway (LGW) directly on Domain Controllers
ATA takes information from multiple data-sources, such as logs and events in your network, to learn the behavior of users and other entities in the organization and build a behavioral profile about them. ATA can receive events and logs from:

SIEM Integration
Windows Event Forwarding (WEF)
Directly from the Windows Event Collector (for the Lightweight Gateway)

9 Comments

  1. I enjoy what you guys tend to be up too. This kind of clever work and coverage!
    Keep up the wonderful works guys I’ve added you guys to
    my own blogroll.

  2. Hello there I am so happy I found your webpage, I really found
    you by mistake, while I was searching on Google for
    something else, Nonetheless I am here now and would
    just like to say thank you for a remarkable post and a all round thrilling blog (I also love the theme/design), I don’t have time to
    read it all at the moment but I have book-marked it and also added in your RSS feeds, so when I have time I will be back to read a
    great deal more, Please do keep up the great
    b.

  3. Good web site you’ve got here.. It’s hard to find excellent
    writing like yours these days. I really appreciate people like you!

    Take care!!

  4. You’ve made some good points there. I looked on the web to
    find out more about the issue and found most individuals will go
    along with your views on this web site.

Leave a Reply

Your email address will not be published. Required fields are marked *