In this episode @clintwyckoff and @davekawula discuss the keynotes for the first day of #msignite 2016. There were some really cool announcements.
One of our favorite new things was the Advanced Threat Analytics.
Here is a quick note that Brad Anderson wrote up about it:
Microsoft Advanced Threat Analytics (ATA) is a simple and effective solution that helps you protect your enterprise on-prem resources from advanced targeted attacks by automatically analyzing, learning, and identifying normal vs. abnormal entity behavior from users, devices, and other resources.
ATA is the solution we acquired last year from a hot security startup.
For the IT teams working to keep up with the changing nature (and increasing volume) of cyber security attacks, ATA is an incredible tool because it helps you understand what's happening within your network.
ATA provides this inside look at the potentially harmful activity within your network by identifying suspicious user and device activity with built-in intelligence, and this intelligence filters its feedback such that you see clear, relevant attack information on a simple timeline. ATA does this by creating a graph of the relationships and interactions of users, devices and resources.
ATA also detects known malicious attacks (like Pass-the-Hash, Pass-the-Ticket, Reconnaissance, etc.) and it catches known security issues like broken trust and weak protocols.
How this helps:
The problems caused by compromised user credentials is the #1 issue we hear reported by organizations all over the world.
The reason for this problem is twofold:
- First, many end users are still getting up to speed when it comes to understanding the importance of credential security.
- Second, the existing security tools are just too cumbersome – they create way too many false positives, they take years to fine tune, and the reports they generate are nearly impossible to read and understand quickly.
Perhaps the most problematic issue of all is how traditional IT security solutions operate once a breach occurs. Getting a massive data dump when you're trying to identify and isolate the intrusion can take far too long at a time when every second can make or break your organization. It's counterproductive to have your security software hand you a haystack when you really need a needle.
Why you need this in your life:
- You can detect advanced security threats fast via behavioral analytics that leverage Machine Learning.
- Now you can adapt to the changing nature of cyber-security threats with a technology that is continuously learning.
- You can narrow down the most important factors using the simple attack timeline.
- ATA's innovative technology reduces false positive fatigue and raises red flags only when needed.
What you'll need to get started:
- To use ATA (currently in Preview) you'll need to download and install it (see below).
Get to work!