Microsoft Advanced Threat Analytics for Protecting AD Now Available
Microsoft's Advanced Threat Analytics uses machine learning to help enterprises spot suspect behavior associated with leaked user credentials.
As promised, Microsoft officially released its Advanced Threat Analytics (ATA) product for Active Directory in August, Alex Simons, director of program management for the company's Identity and Security Services unit, announced in a brief Aug. 26 statement. "You can download the GA [generally availability] evaluation bits and implement ATA in your organization," wrote Simons. To help administrators incorporate the technology into their Active Directory environments, the company has created a Microsoft Security TechCenter "discussion forum where you can post your questions and feedback," he added. The company also launched a dedicated TechNet blog for the product. The software, which is deployed on-premises, is based on technology from last year's acquisition of Aorato, a provider of Active Directory (AD) security software. Microsoft Advanced Threat Analytics employs machine learning, user behavioral analytics and information on a massive stockpile of known threats to combat identity-based attacks and breaches that can put an organization's data at risk. Usernames and passwords are the currency of malicious hackers who sometimes resort to highly personalized phishing emails and sophisticated social engineering techniques to trick users into forking over their access information. ATA relies on a technology called User and Entity Behavioral Analytics (UEBA) to spot behavior that is out of the norm, alerting administrators to potential breaches and enabling them to shut down such attempts quickly and without having to pore over security logs.
Microsoft feels that ATA can help put an end to leaks caused by stolen credentials and other security mishaps that can prove costly to businesses. Compromised credentials are responsible for more than 75 percent of network intrusions, according to the software giant.