Microsoft Advanced Threat Analytics announcement
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
Found 1216 threads
-
0 Votes<computer A> was queried by one or more users from <computer B> using SAMR against <domain controller>
What does it mean (in layman's terms) when you see this message in ATA? <computer A> was queried by one or more users from <computer B> using SAMR against <domain ...Unanswered | 2 Replies | 3775 Views | Created by jrauman - Monday, June 29, 2020 9:11 PM | Last reply by jrauman - Sunday, August 30, 2020 1:19 AM
-
0 Votes
Clarification on Azure Active Directory login event from Office 365
Hi, Following is one of the audit events pertaining to 'logon successful' in Office 365 environment which is authenticated by Azure AD. Just trying to understand what does ...Unanswered | 2 Replies | 2506 Views | Created by Venki18 - Thursday, August 13, 2020 12:30 PM | Last reply by Venki18 - Tuesday, August 18, 2020 8:27 AM -
0 Votes
WEC : How to uniquely identify logs in `Forwarded Events` channel
Looking for more information or at least suggestions on alternatives to EventRecordID as an index when using the Windows Event Collector. When working with an individual server and ...Unanswered | 1 Replies | 2121 Views | Created by Riot5155 - Friday, August 14, 2020 7:20 AM | Last reply by Andy Liu50 - Monday, August 17, 2020 1:58 AM -
0 Votes
[Announcement] "MATA" Forum will be migrating to a new home on Microsoft Q&A!
This "MATA" Forum will be migrating to a new home on Microsoft Q&A! We've listened to your feedback on how we can ... -
1 Votes
Export certificate with PKI Key
Hello, I was trying to export our certificates but apparently for several of them I am limited as an export of the certificates without its key which make them ...Answered | 1 Replies | 1868 Views | Created by Felyjos - Tuesday, August 11, 2020 3:06 PM | Last reply by Andy Liu50 - Wednesday, August 12, 2020 2:11 AM -
1 Votes
I really hope you guys and girls can help.
I've recently been having trouble with my home internet, Mac addresses will randomly change, I'll get cut off from my device but internet says still on, my computer screen flashes randomly ect. So I ...Unanswered | 3 Replies | 2140 Views | Created by ash_sooconfused - Tuesday, August 4, 2020 10:01 AM | Last reply by Vaibhav_Pal - Saturday, August 8, 2020 9:15 AM -
0 Votes
Why won't ATA 1.9 Accept an AD Certificate?
Hi all, Apologies, been banging my head against the wall for this... trying to setup ATA 1.9 (update 2) in Lightweight Gateway mode. ATA Center is installed on a ...Answered | 8 Replies | 2586 Views | Created by SpookySecurity - Wednesday, August 5, 2020 5:24 PM | Last reply by SpookySecurity - Friday, August 7, 2020 9:02 PM -
0 Votes
The Microsoft Advanced Threat Analytics Gateway service terminated unexpectedly
We are getting below error on Lightweight Gateway server repeatedly. Can anyone help on this? Log Name: ...Unanswered | 3 Replies | 3665 Views | Created by Imtiyaz.Ali - Thursday, July 30, 2020 2:31 PM | Last reply by Eli Ofek - Tuesday, August 4, 2020 9:25 AM -
0 Votes
AM I ELIGIBLE FOR BUG BOUNTY PROGRAM (screen share even though restricted on teams)
HI , I am a 17 years old student , and while attending school meetings using microsoft teams , i found out a way to start sharing my screen even though i am denied to ...Unanswered | 1 Replies | 2206 Views | Created by CHARAN2308 - Friday, July 31, 2020 3:53 PM | Last reply by Andy Liu50 - Monday, August 3, 2020 1:56 AM -
0 Votes
The SSL certificate for this service cannot be trusted.
Hi All , How to fix this Vulnerability ? The following certificate was at the top of the ...Unanswered | 1 Replies | 2215 Views | Created by Nabil_Rashid - Monday, July 20, 2020 7:10 AM | Last reply by Andy Liu50 - Thursday, July 23, 2020 2:22 AM -
2 Votes
June 2020 update for ATA?
I understood MS would release a final update in June 2020 before going end-of-support in jan 2020. But, almost August and no update in sight, according ...Answered | 1 Replies | 2072 Views | Created by AndrePKI - Monday, July 20, 2020 10:19 AM | Last reply by Eli Ofek - Monday, July 20, 2020 11:15 AM -
1 Votes
Should ATA report wmic and psexec executions with access denied against a DC?
Hi, I'm new to ATA and started testing it in our domain. ATA reports DNS recon and I tried running wmic and psexec commands as decribed in the ATA playbook: wmic ...Answered | 7 Replies | 2192 Views | Created by Dr.Zoidberg - Thursday, June 25, 2020 3:56 PM | Last reply by Andy Liu50 - Friday, July 17, 2020 4:08 AM -
0 Votes
Possible to see which ATA user closed alerts and health issues
Hi, is it possible to see which ATA user closed an alert or health issues? Something like a log or history?Answered | 4 Replies | 1273 Views | Created by Dr.Zoidberg - Wednesday, July 15, 2020 9:25 AM | Last reply by Dr.Zoidberg - Thursday, July 16, 2020 8:49 AM -
0 Votes
Questions about ATA user behavior analysis time (21 days)
Hi, in this video Laura E. Hunter from Microsoft describes behavior analytics: https://youtu.be/hNZdboDvnuU?t=1251 She says that ATA will analyze the ...Answered | 6 Replies | 1820 Views | Created by Dr.Zoidberg - Friday, June 26, 2020 12:22 PM | Last reply by Dr.Zoidberg - Tuesday, July 7, 2020 3:02 PM -
0 Votes
Suspicion of identity theft based on abnormal behaviour By Users
A user has been identified as Suspicion of identity theft based on abnormal behavior The log shows that he accessed 37 resources whereas after investigations he confirmed that ...Unanswered | 1 Replies | 2009 Views | Created by TCL_TM - Monday, July 6, 2020 7:02 AM | Last reply by Eli Ofek - Monday, July 6, 2020 7:33 AM -
0 Votes
Software Scans
What is the frequency of software inventory scans for PCs? I'm in the process of remediating issues (either by upgrading software or removing it) and am trying to get a figure out what my ...Answered | 3 Replies | 1709 Views | Created by Lady_Quxiote - Wednesday, July 1, 2020 12:30 PM | Last reply by Andy Liu50 - Monday, July 6, 2020 12:53 AM -
0 Votes
20007 - SSL Version 2 and 3 Protocol Detection vulnerability issue
we have disabled SSL2 & SSL3 and TLS 1.0 also in my server but still showing 20007 - SSL Version 2 and 3 Protocol Detection vulnerability issue. can you help me anyone ...Unanswered | 2 Replies | 5147 Views | Created by mohanrajlive - Saturday, June 27, 2020 7:16 AM | Last reply by Andy Liu50 - Monday, June 29, 2020 1:27 AM -
0 Votes
Disabling SMB1 On DC's
DependOnService has rdbss WINQUIC Answers provided are coming from personal experience, and come with no warranty of success. I as everybody ...Unanswered | 1 Replies | 2451 Views | Created by Killerbe - Thursday, June 18, 2020 12:51 PM | Last reply by Andy Liu50 - Friday, June 19, 2020 7:01 AM -
0 Votes
Microsoft ATA Lightweight Gateway Stuck on Starting
Hi can someone help figure out the issue as service was stuck on starting see below logs 2020-02-05 08:29:43.5195 2840 5 Error ...Proposed | 5 Replies | 3329 Views | Created by Marius_Boro - Wednesday, February 5, 2020 10:37 PM | Last reply by Eli Ofek - Saturday, June 13, 2020 5:31 PM -
0 Votes
Reconnaissance using Directory Services queries
One afternoon around 4pm, we started getting inundated with alerts from ATA. Most of the alerts had the same domain controller name, the same user account (which is an account we have in ...Unanswered | 1 Replies | 3270 Views | Created by jrauman - Thursday, June 11, 2020 7:21 PM | Last reply by Eli Ofek - Thursday, June 11, 2020 9:10 PM - Items 1 to 20 of 1216 Next ›
Microsoft Advanced Threat Analytics announcement
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
