So in this fourth blog post in my series S for Security in EMS we will og deeper in Advanced Threat Analytics included within EMS.
So what is Advanced Threat Analytics?
Well, it`s an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber attacks and insider threats.
Why is this a important toolset to have on your hybrid environment?
Well, since you have an hybrid environment you are lacking a system to detect abnormal behavour like password sharing, lateral movements and so on and Malicious attacks like Pass-the-Ticket, Pass-the-Hash and several other attack vectors.
Advanced threat analytics uses machine learning and user usage analytics discover abnorman activities and suspicious activities.
Within Advanced Threat Analytics we can also get insights on Security Issues and risk within our on-premises environment like broke trust between machines and domain controlelrs, weak protocols used by our users and systems and much more!
All these actions and insights can be viewed from the Advanced Threat Analytics Dashboard
This is just a smal insight on what ATA can do for you!
S for Security in EMS – Overview
Part 1 – S for Security in EMS – Azure AD Premium
Part 2 – S for Security in EMS – Information Protection
Part 3 – S for Security in EMS – Microsoft Intune
Part 4 – S for Security in EMS – Advanced Threat Analytics
Part 5 – S for Security in EMS – Cloud App Security