Microsoft Advanced Threat Analytics announcement
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
-
0 VotesDirect URL ot object profiles / Browse instead of search?
There is a wealth of useful information stored in each object's profile. For example, I can search for a user account and quickly see all recently accessed resources and activity. Is there ...
-
1 Votes
Getting lots of "Privilege escalation using forged authorization data" alerts
We recently updated our ATA installation to version 1.6 and we're getting a lot of "Privilege escalation using forged authorization data" alerts in the console. We can see that the ...Unanswered | 11 Replies | 1214 Views | Created by Nfields80 - Monday, May 16, 2016 2:57 PM | Last reply by gc- - Friday, June 23, 2017 4:58 PM -
0 Votes
Directory enumeration using SAMR
I need some help here on understanding this alert and to act upon. I know that this is to identify any AD enumerations from a threat actor perspective. I see lots of alerts from ...Unanswered | 2 Replies | 116 Views | Created by Ramlins - Thursday, May 25, 2017 2:54 PM | Last reply by Ramlins - Friday, June 23, 2017 2:18 PM -
0 Votes
Can we consider smbsigning to be a subset of FIPS
Hi, We are a FIPS compliant shop. We have smb signing turned on. Currently we have not enabled FIPS on the windows shares. We are having issues mounting CIFS ... -
0 Votes
Services exposing account credentials alert
I'm getting a Services exposing account credentials alert and was wondering how I could associate the account to the service? ThxAnswered | 5 Replies | 57 Views | Created by JeffRW - Tuesday, June 20, 2017 8:01 PM | Last reply by Andy Liu50 - Friday, June 23, 2017 1:35 AM -
0 Votes
Moving ATA VM to new IP
I need to move the VM ATA runs on to new IPs. However I need to make the change in the ATA Config page first or I won't be able to open it after it changes to the new addresses. I can't seem to be ...Proposed | 2 Replies | 94 Views | Created by Steven Hayes (MSFT Alumi) - Sunday, June 18, 2017 6:26 PM | Last reply by Andy Liu50 - Friday, June 23, 2017 1:30 AM -
0 Votes
Inplace upgrade of ATA servers to server 2016
I currently have two virtual 2012 R2 servers in my ATA infrastructure: one ATA gateway server and one ATA center server. I was wondering if it is possible to in place upgrade these servers to ...Proposed | 1 Replies | 28 Views | Created by candlends - Wednesday, June 21, 2017 7:06 PM | Last reply by Andy Liu50 - Thursday, June 22, 2017 9:26 AM -
0 Votes
Using own certificate
Certificates (Local Computer), then do Import, select the file, install them to the place "Automatically determined by the wizard", then after some time it says "The import ...Unanswered | 8 Replies | 91 Views | Created by R___B - Thursday, June 08, 2017 3:17 PM | Last reply by Andy Liu50 - Thursday, June 22, 2017 2:26 AM -
0 Votes
A lot of traffic without Port Mirroring
Hello ! I am deploying ATA on a big organization. I am installing ATA Center and ATA Gateway first before doing port mirroring ( yes i know i shouldn't, but i ...Unanswered | 1 Replies | 54 Views | Created by hxmjul - Monday, June 19, 2017 6:06 AM | Last reply by Andy Liu50 - Tuesday, June 20, 2017 5:27 AM -
0 Votes
4776 events from non monitored systems
I'm going to be standing up ATA for two separate forests. However my event collection and therefore forwarding of the 4776 events come from the same system. Is it a problem if I forward ...Unanswered | 3 Replies | 75 Views | Created by ScripterV - Wednesday, June 14, 2017 1:04 PM | Last reply by Andy Liu50 - Monday, June 19, 2017 8:55 AM -
0 Votes
ATA on Azure
Are there any plans to allow the ATA Center to use Azure Cosmos DB when the ATA Center is running in Azure instead of a local MongoDB? This would make sense as then the ...Unanswered | 1 Replies | 47 Views | Created by Ryan Boud - Friday, June 16, 2017 9:33 AM | Last reply by Andy Liu50 - Monday, June 19, 2017 2:08 AM -
0 Votes
DC not showing some info
I have a Lightweight Gateway installed on a virtual DC, and everything seems to work fine except when I select that DC's computer account in ATA console. Both Recently accessed resources ...Unanswered | 4 Replies | 87 Views | Created by Vlado84 - Wednesday, June 14, 2017 2:54 PM | Last reply by Vlado84 - Friday, June 16, 2017 2:40 PM -
0 Votes
Malware missed by yesterday's Windows Defender and today's MS Safety Scanner
Post title: Malware missed by yesterday's Windows Defender and today's MS Safety Scanner Support Case 1343834339 Running Win10 with latest ...Unanswered | 1 Replies | 488 Views | Created by DanSchwartz - Friday, June 17, 2016 7:05 PM | Last reply by Cyber_Defend_Team - Friday, June 16, 2017 8:14 AM -
0 Votes
Missing events in Microsoft ATA Eventlog ( for scom management pack)
Hi. We are trying to make a basic scom integration , to prevent the need to have another console open all the time , scom will run with a limited account to ...Proposed | 2 Replies | 1304 Views | Created by Flemming-Riis - Monday, October 12, 2015 8:50 AM | Last reply by Ian Smith - MCS - Thursday, June 15, 2017 2:45 PM -
0 Votes
ATA gateway failing to re-install
I am trying to re-install the gateway on a DC. the error I am getting is below, the account being used is in the ATA Admin group on the console side. Any help on what is causing this will be ...Answered | 1 Replies | 56 Views | Created by Jedi_Administrator - Wednesday, June 14, 2017 3:30 PM | Last reply by Jedi_Administrator - Wednesday, June 14, 2017 8:21 PM -
0 Votes
How to test and verify WEF configuration for the ATA Lightweight Gateway?
Hello, I followed the deployment guide to create Event Viewer Subscriptions to forward Event ID 4776 to the DC itself; since each of my DCs has the Lightweight ...Proposed | 4 Replies | 99 Views | Created by techy86_ - Wednesday, May 31, 2017 3:00 PM | Last reply by Andy Liu50 - Wednesday, June 14, 2017 9:06 AM -
0 Votes
ATA light gateway stopped
Running Server 2012 R2, trying to install the ATA Light Gateway. ALL work fine but Microsoft advanced threat analytics gateway service can't starting. I rebooted the machine and the ...Proposed | 2 Replies | 81 Views | Created by aliezzcopky - Monday, June 05, 2017 9:52 AM | Last reply by Andy Liu50 - Wednesday, June 14, 2017 9:05 AM -
0 Votes
If Center is rebuilt, do I need to reinstall all the Gateways?
At my company we create our servers through automation. I've recently installed Center and the only way to get the software for Gateway is to download it from the Center Console, as the download ...Proposed | 4 Replies | 74 Views | Created by R___B - Wednesday, June 07, 2017 7:36 AM | Last reply by Andy Liu50 - Wednesday, June 14, 2017 9:03 AM -
0 Votes
Bandwidth Requirement for ATA
Before we run the ATA sizing tool, the customer would like to understand what will be the network bandwidth requirement for a typical ATA setup with 5000 users on a remote site (which is served by 5 ...Answered | 3 Replies | 120 Views | Created by Gokulan Subramani - Monday, May 29, 2017 12:02 PM | Last reply by Andy Liu50 - Tuesday, June 13, 2017 9:29 AM -
0 Votes
Unable to install ATA Gateway - Failed to connect to the console
Hi there, I am unable to install Microsoft ATA Gateway onto a Windows Server 2012r2 core server. The machine has been setup as a domain controller. Previously the gateway was ...Answered | 7 Replies | 107 Views | Created by Mikebiacsi - Thursday, June 08, 2017 3:11 PM | Last reply by Mikebiacsi - Monday, June 12, 2017 2:17 PM - Items 1 to 20 of 650 Next ›
Microsoft Advanced Threat Analytics announcement
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
