Enterprise Mobility and Security Blog

Ransomware detection with Microsoft Advanced Threat Analytics and Cloud App Security

The rise of ransomware and its media presence in recent months has highlighted, perhaps now more than ever, the importance of robust security systems to detect and respond to devious and evolving threats. We know extortion via ransomware is an effective scare tactic – after all, victims can be of both consumer and commercial variants...

Continue reading


Automate Advanced Threat Analytics Lightweight Gateway deployment with Powershell

Guest post by Cathy Smith, Senior Consultant, Cybersecurity Group. This blog discusses an open-source project that Cathy leads that automates ATA Lightweight deployment with Powershell. We are happy to share this project and encourage the ATA ecosystem to contribute here! Advanced Threat Analytics (ATA) Version 1.6 introduced a new deployment option, the ATA Lightweight Gateway,...

Continue reading


How to simulate and detect attacks with the Advanced Threat Analytics Playbook

One of the biggest pieces of feedback the Advanced Threat Analytics (ATA) team has received is a request for a clear, easy way to simulate attacks and see how ATA detects them. So that’s exactly what we did. We’ve written a playbook that contains: A step-by-step guide to simulating different techniques used in real-world advanced attack...

Continue reading


Ransomware lateral movement, and how Microsoft Advanced Threat Analytics can help

This post is authored by Arbel Zinger, Program Manager, Advanced Threat Analytics Product Team Companies across the globe were affected by an increased amount of ransomware attacks that caused an estimated damage of $1 billion. Ransomware attacks are becoming more powerful and crafty to force victims to pay their ransoms. Ransomware is now looking for...

Continue reading

Cybersecurity attackers toolkit – what you need to know

Cyber attackers have many tools available to them to infiltrate an enterprise network, find that sensitive piece of data they’re looking for, and exfiltrate it from your enterprise. In conversations with customers, I’ve found that some are familiar with these tools; however, many aren’t, or they are not fully aware of how powerful these tools...

Continue reading


Introducing Microsoft Advanced Threat Analytics for your Datacenter

This post was authored by Michael Dubinsky, Senior Program Manager, Microsoft Advanced Threat Analytics. On today’s episode of Microsoft Mechanics we take a look at how Microsoft Advanced Threat Analytics (ATA) detects advanced attacks and insider threats in your environment. My name is Michael Dubinsky, and I lead the product team for Microsoft ATA. In...

Continue reading

Eliminating plaintext passwords with Microsoft Advanced Threat Analytics using LDAP

I may be stating the obvious, but it’s incredibly important to identify applications, servers, and sensitive accounts that should be using encryption. What we find all too frequently, however, is that passwords are being sent in plaintext in most enterprises. Here’s what you need to know about identifying these vulnerabilities and, more importantly, how to...

Continue reading

Will Advanced Threat Analytics help me with all operating systems?

A frequent question I get from customers is, will Microsoft’s Advanced Threat Analytics (ATA) help me detect suspicious activity on my network, regardless of the operating systems in my environment? “YES!” is the short answer. Any user or entity that connects to the network via Active Directory (AD), queries the DNS servers, or authenticates with AD...

Continue reading

Uncover insider threats, blind spots in your network with Advanced Threat Analytics

You’ve probably heard time and again that more than 63% of network intrusions are due to compromised user credentials. Once on the network, the adversary remains undetected for months. You’ve spent years building up your perimeter and have a comprehensive protection strategy in place. That said, attackers are still coming through and/or you are worried about...

Continue reading