Microsoft Advanced Threat Analytics announcement
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
-
0 VotesWindows Delivery Optimization creating Suspicion of identity theft based on abnormal behavior alerts
Hi, We installed ATA about a month and a half ago, and we recently began to recieve numerous "Suspicion of identity theft based on abnormal behavior" alerts that show ...Unanswered | 4 Replies | 102 Views | Created by ATAuser2 - Tuesday, June 18, 2019 10:17 AM | Last reply by ATAuser2 - 7 hours 19 minutes ago
-
0 Votes
What is the Next Upcoming Version of Windows?
Do you know What is the Next Upcoming Version of Windows? If yes then please replyUnanswered | 1 Replies | 58 Views | Created by Rahul Kumar Singh 1 - Saturday, June 22, 2019 11:00 AM | Last reply by Andy Liu50 - 19 hours 21 minutes ago -
0 Votes
Domain VS Workgroup
Hello, I am in the process of trying out some tests when using ATA and had a couple of questions. I want to compare and contrast the difference between using ATA ...Answered | 18 Replies | 1857 Views | Created by helpakari - Wednesday, August 10, 2016 12:53 AM | Last reply by Rahul Kumar Singh 1 - Saturday, June 22, 2019 10:49 AM -
0 Votes
Azure AD Identity Protection
AIP risk event was generated in category "leaked credentials". Any experience on what could be the possible cause or how to find the root cause of leaked credentials to DarkWeb?Unanswered | 2 Replies | 135 Views | Created by Hrsikesa Pankaj - Friday, June 14, 2019 11:55 AM | Last reply by Hrsikesa Pankaj - Saturday, June 22, 2019 6:20 AM -
0 Votes
powershell module to query ATP enrolled machine ?
Hi all, I am having hard time locating any powershell module allowing me to query the state of the machine enrolled in ATP or security center . Can you point me to the right ... -
0 Votes
Occasionally ATA reports the IP Address of a DC, instead of the object
DC2 replication (ok) 1.2.3.4 (IP of DC1) -> DC2 (malicious). I get why ATA reacts this way, but what causes ATA to decouple the IP from ...Answered | 1 Replies | 174 Views | Created by KevinNKidder - Wednesday, June 19, 2019 1:40 PM | Last reply by Eli Ofek - Wednesday, June 19, 2019 10:01 PM -
0 Votes
User1 Queried user1 using SAMR
Dears, We are seeing a lot of activities for our users in ATA containing the below: What is the protocol SAMR and why the user is ...Unanswered | 1 Replies | 74 Views | Created by Ros_12 - Wednesday, June 19, 2019 5:30 AM | Last reply by Eli Ofek - Wednesday, June 19, 2019 12:36 PM -
0 Votes
Directory Services account failed to logon activity
Hello, we recently noticed this behavior on ATA console (ATA version 1.9.7). The pattern in the activity tab is almost always the same: 9.01 AM ...Unanswered | 2 Replies | 1312 Views | Created by ChristianPonti - Thursday, November 22, 2018 9:03 AM | Last reply by send2brian - Monday, June 17, 2019 3:56 PM -
0 Votes
Network scanning on 445 from ATA?
Hello, Our network monitoring system detected one of our ATA Domain Controller Gateways scanning non-live IPs on port 445. Process inspection shows ...Unanswered | 1 Replies | 133 Views | Created by Hot Choco - Monday, June 10, 2019 2:47 PM | Last reply by Eli Ofek - Monday, June 10, 2019 3:14 PM -
0 Votes
Domain Controller is a virtual machine hosted on VMWare
Is there an official explanation of this attached DC on VMWare warning message? The domain controller admins i am working with cannot risk installing the lightweight gateway agent ...Unanswered | 1 Replies | 131 Views | Created by Securitt - Thursday, June 6, 2019 5:40 PM | Last reply by Eli Ofek - Thursday, June 6, 2019 8:22 PM -
0 Votes
CVE-2019-0708 on Windows Embedded Compact V7.0
Hello. I would like to know if i need a security update or patch to solve CVE-2019-0708 on Windows Embedded Compact V7.0, like KB4499175 for Windows 7 ultimate SP1, or KB4500331 for ...Answered | 1 Replies | 179 Views | Created by FernandoRT - Friday, May 31, 2019 5:03 AM | Last reply by Hari VS_Kid - Friday, May 31, 2019 7:16 AM -
0 Votes
ATP: workstation has a Domain Controller IP
Hello everyone! Today I have received a High severity alert for Suspected DCSync attack. The origin of this attack was a workstation that ATP tell us that has it's right private IP ...Unanswered | 1 Replies | 211 Views | Created by Blue Trooper18 - Thursday, May 23, 2019 1:00 PM | Last reply by Andy Liu50 - Friday, May 24, 2019 5:34 AM -
0 Votes
Problem with files
Hello my friends, I have a problem with some files with extension - oorr. All files is pictures My question is how to ...Unanswered | 1 Replies | 206 Views | Created by Серафим Иванов Петров - Thursday, May 23, 2019 7:09 PM | Last reply by Andy Liu50 - Friday, May 24, 2019 5:24 AM -
0 Votes
ATA API- connecting to Automation tool
Hello, My company has recently decided to purchase a certain SOAR Tool(Orchestration and Automation Tool) and therefore I am trying to figure out if there is any way to feed the ...Unanswered | 1 Replies | 220 Views | Created by Bartolomeo193 - Thursday, May 23, 2019 10:38 AM | Last reply by Eli Ofek - Thursday, May 23, 2019 11:12 AM -
0 Votes
KB4499164,KB4499175
Hi, After installing these two patches, our server (2008 R2) is not stable. Kindly confirm if any fix. ITandIT -
0 Votes
"Non-sensitive en route users" contains sensitive users in ATA 1.9.1
On the path report of a sensitive user it should Show the Non-Sensitive en route users, but on my report it Always Show way more accounts, that are sensitive (with the green s). It also doesn't ...Unanswered | 3 Replies | 218 Views | Created by limacher58 - Monday, May 20, 2019 2:32 PM | Last reply by Tali Ash - Tuesday, May 21, 2019 10:06 AM -
0 Votes
Configuring SAM-R
I am new to Active directory and I am trying to configure SAM-R to allow the ATA service account I created to perform the SAM-R operation. I am trying to follow the configuration description on ...Unanswered | 2 Replies | 276 Views | Created by Fletchmasta - Wednesday, May 15, 2019 6:58 PM | Last reply by BW2332013 - Thursday, May 16, 2019 2:14 PM -
0 Votes
Unable to install Gateway on DCs
Hello Everyone; I receive the following error while attempting to install LW Gateway on multiple DCs! Note : It is ...Unanswered | 6 Replies | 372 Views | Created by Ahmadgeo - Tuesday, April 23, 2019 12:51 PM | Last reply by Chad.R - Thursday, May 16, 2019 6:44 AM -
0 Votes
About Virtual Smart Card Security
SmartCardK ; SRK -> UserKey) as it is commonly in keys management solutions. However, I don't understand how the authorization process works. Moreover, the article says : "The TPM key ...Unanswered | 2 Replies | 244 Views | Created by OolaHoop - Friday, May 10, 2019 1:28 PM | Last reply by OolaHoop - Thursday, May 16, 2019 6:35 AM -
0 Votes
Windows Defender Security Intelligence
I am trying to submit a file on https://www.microsoft.com/en-us/wdsi/filesubmission and getting the following error. Please help.Unanswered | 1 Replies | 215 Views | Created by 3M3M3M - Tuesday, May 14, 2019 8:47 AM | Last reply by Andy Liu50 - Wednesday, May 15, 2019 2:44 AM - Items 1 to 20 of 1094 Next ›
Microsoft Advanced Threat Analytics announcement
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
