Protect your enterprise from advanced, persistent cyber threats

From detecting known malicious attacks to uncovering abnormal activity with machine learning and behavioral analytics, identify advanced persistent threats to your enterprise quickly and take action swiftly with Microsoft Advanced Threat Analytics.



    Detect threats fast with behavioral analytics

    Using its proprietary algorithm, Microsoft Advanced Threat Analytics works around the clock to help you pinpoint suspicious activities in your systems by profiling and knowing what to look for. Advanced Threat Analytics also identifies known advanced persistent threats and security issues.

    Adapt as quickly as malicious hackers

    Advanced Threat Analytics continuously learns from the behavior of users, devices, and resources and adjusts to reflect the changes in your rapidly evolving enterprise. As tactics get more sophisticated, Advanced Threat Analytics uses behavioral analytics to help you adapt and respond.

    Zero in on the right alerts

    The constant reporting of traditional security tools and sifting through them to locate the important and relevant alerts can get overwhelming. The attack timeline is a clear, efficient, and convenient feed that surfaces the right things on a timeline, giving you the power of perspective on the who, what, when, and how. Advanced Threat Analytics also provides recommendations for investigation and remediation for each suspicious activity.

    Reduce false positive fatigue

    Traditional IT security tools are often not equipped to handle the rising amounts of data, resulting in unnecessary alerts that distract you from the real threats. With Advanced Threat Analytics, suspicious activities are contextually aggregated with other behaviors in the interaction path to give you clear, accurate alerts.


Step one: Analyze

Using deep packet inspection technology, Microsoft Advanced Threat Analytics analyzes all Active Directory traffic, collecting relevant events from SIEM and other sources.

Step two: Learn

Advanced Threat Analytics automatically starts learning and profiling behaviors to produce an Organizational Security Graph—a map of entity interactions representing the context and activities of the users, devices and resources.

Step three: Detect

Advanced Threat Analytics looks for any anomalies in the entities behavior and raises red flags. It also takes advantage of security research to detect known attacks and security issues.

Step four: Alert

After detecting suspicious activities, known security issues and malicious attacks in near real-time, Advanced Threat Analytics provides clear, functional, actionable information on a simple attack timeline.

Read how Advanced Threat Analytics works

Back To Top