Microsoft Advanced Threat Analytics Preview

Focus on what’s important fast

200+ days. That’s the average amount of time that attackers reside within your network until they are detected, gathering classified data and information, waiting to strike at just the right moment. Microsoft Advanced Threat Analytics (ATA) helps you identify breaches and threats using behavioral analysis and provides a clear, actionable report on a simple attack timeline.

Read the datasheetWatch the overview video
 

THE THREAT

Today, the topic of cybersecurity has moved from IT and the datacenter to the highest levels of the boardroom. Attacks and threats have grown substantially more sophisticated in frequency and severity. What’s at stake? Everything from customer privacy to brand identity, executive’s reputations and beyond. Without a strong defense system in place, the identities and bank accounts of individuals can be hacked, businesses stand to lose customers, and companies can lose control of trade secrets, intellectual property, their competitive edge, and even their standing in the stock market.

  • Average time attackers stay in a network before detection is over 200 days
  • Estimated cost of cybercrime to the global economy is $500 billion
  • Over 75% of all network intrusions are traced back to compromised credentials
  • Average cost of a data breach to a company is $3.5 million

BENEFITS

Detect threats fast with behavioral analytics

Detect threats fast with behavioral analytics

Using its proprietary algorithm, Microsoft Advanced Threat Analytics works around the clock to help you pinpoint suspicious activities in your systems by profiling and knowing what to look for. ATA also identifies known advanced attacks and security issues

Adapt as fast as your enemies

Adapt as fast as your enemies

ATA continuously learns from the behavior of organizational entities (users, devices and resources) and adjusts itself to reflect the changes in your rapidly-evolving enterprise. As attacker tactics get more sophisticated, ATA helps you adapt to the changing nature of cybersecurity attacks with continuously-learning behavioral analytics.

Focus on what’s important using the simple attack timeline

Focus on what’s important using the simple attack timeline

The constant reporting of traditional security tools and sifting through them to locate the important and relevant alerts can get overwhelming. The attack timeline is a clear, efficient, and convenient feed that surfaces the right things on a timeline, giving you the power of perspective on the who, what, when, and how. ATA also provides recommendations for investigation and remediation for each suspicious activity.

Reduce false positive fatigue

Reduce false positive fatigue

Traditional IT security tools are often not equipped to handle the rising amounts of data, turning up unnecessary red flags and distracting you from the real threats. With ATA, these alerts happen once suspicious activities are contextually aggregated to its own behavior, as well as to the other entities in its interaction path. The detection engine also automatically guides you through the process, asking you simple questions to adjust the detection process according to your input.

HOW IT WORKS

Analyze

Step one: Analyze

Using deep packet inspection technology, Microsoft Advanced Threat Analytics analyzes all Active Directory traffic. It can also collect relevant events from SIEM and other sources.

Learn

Step two: Learn

ATA automatically starts learning and profiling behaviors of users, devices, and resources, and then leverages its self-learning technology to build an Organizational Security Graph, a map of entity interactions representing the context and activities of the users, devices and resources.

Detect

Step three: Detect

ATA looks for any anomalies in the entities behavior and raises red flags. It also leverages security research to detect known attacks and security issues.

Alert

Step four: Alert

After detecting suspicious activities, known security issues and malicious attacks in near real-time, ATA provides clear, functional, actionable information on a simple attack timeline.

Read how Advanced Threat Analytics works

Get started with Enterprise Mobility

SiteMonitoringString
Scroll Top