Microsoft Advanced Threat Analytics v1.6.4103.64991

Microsoft Advanced Threat Analytics (ATA) is an on-premises product to help IT security professionals protect their enterprise from advanced targeted attacks by automatically analyzing, learning, and identifying normal and abnormal entity (user, devices, and resources) behavior. ATA also helps to identify known malicious attacks, security issues, and risks using world-class security researchers’ work regionally and globally. Leveraging user and entity behavioral analytics (UEBA), this innovative technology is designed to help enterprises focus on what is important and to identify security breaches before they cause damage.

Detect threats fast with behavioral analytics
Using its proprietary algorithm, Microsoft Advanced Threat Analytics works around the clock to help you pinpoint suspicious activities in your systems by profiling and knowing what to look for. ATA also identifies known advanced attacks and security issues

Adapt as fast as your enemies
ATA continuously learns from the behavior of organizational entities (users, devices and resources) and adjusts itself to reflect the changes in your rapidly-evolving enterprise. As attacker tactics get more sophisticated, ATA helps you adapt to the changing nature of cybersecurity attacks with continuously-learning behavioral analytics.

Focus on what’s important using the simple attack timeline
The constant reporting of traditional security tools and sifting through them to locate the important and relevant alerts can get overwhelming. The attack timeline is a clear, efficient, and convenient feed that surfaces the right things on a timeline, giving you the power of perspective on the who, what, when, and how. ATA also provides recommendations for investigation and remediation for each suspicious activity.

Reduce false positive fatigue
Traditional IT security tools are often not equipped to handle the rising amounts of data, turning up unnecessary red flags and distracting you from the real threats. With ATA, these alerts happen once suspicious activities are contextually aggregated to its own behavior, as well as to the other entities in its interaction path. The detection engine also automatically guides you through the process, asking you simple questions to adjust the detection process according to your input.
 

 

 Operating System

 

Minimum requirements:
- OS: Windows Server 2012 R2
- CPU: 8 cores
- RAM: 48 GB
- HDD: 1000 GB per month to monitor 2 lightly loaded domain controllers
 

 

Download