Download Microsoft Advanced Threat Analytics 1.6 with Update 1 (upgrade only version) from Official Microsoft Download Center

• Microsoft Advanced Threat Analytics (ATA) 1.6 provides ongoing improvements to the ATA Center and Gateway components.
  ATA 1.6 provides improvements in the following areas:
  
  • New Detections - Malicious DPAPI request, Malicious Replication requests, Net Session Enumeration and more.
  • Improvements to existing detections –Improved detection logic reducing false-positive and false-negative scenarios for our existing detections.
  • ATA Lightweight Gateway – Our new deployment option that enables the deployment of the ATA Gateway directly on the Domain Controller and eliminates the need for port mirroring configuration.
  • 5x less storage – Significant reduction in storage space requirements for the ATA Database, now requiring only 20% of the storage space used in previous versions.
  • Improved center performance - lighter database load and a new detection engine enables many more domain controllers to be monitored with a single ATA Center.
  • Support for IBM QRadar – ATA now supports receiving events from IBM QRadar SIEM solution, in addition to the previously supported SIEM solutions (RSA, HP Arcsight and Splunk).

Windows Server 2012 R2

• 
  Windows Server 2012 R2 with Advanced Threat Analytics 1.5.2946 or 1.6.4103 installed
  
  If you do not have ATA v1.5 already installed you can download the evaluation version which includes update 1.6: Advanced Threat Analytics Evaluation.