Microsoft Advanced Threat Analytics (ATA) is a security solution that helps IT security professionals protect their organization from advanced targeted attacks and insider threats. By automatically analyzing, learning, and identifying normal and abnormal entity (user, devices, and resources) behavior, ATA helps identify known malicious attacks and techniques, security issues, and risks.
Questions tagged [microsoft-ata]
2 questions
4
votes
1 answer
VMware VDS ERSPAN decapsulation on Cisco Nexus 7k and mirrored to local port
We are setting up a mirror/span/rspan/erspan to get traffic (DC's live as VMs in ESX Cluster) to our Microsoft ATA server. The problem that we are running into is that a traditional RSPAN is not working because all unicast messages are getting…
BillMorton
- 104
- 1
- 6
3
votes
0 answers
Detect privilege escalation attacks where user gains SYSTEM account privileges - Windows
We have an audit requirement from a client to be able to monitor for "User obtained SYSTEM privileges".
We are running a Windows Server 2012/2016 environment in Azure and using Azure Log Analytics and Microsoft ATA for security…
freedo50
- 31
- 2