• Microsoft Advanced Threat Analytics

The Problem

In today’s security landscape, organizations need to assume that they have already been breached. Attackers have become more sophisticated with their malicious activity and are now found to be hiding inside of company infrastructures for over 100 days. This gives them ample time to gain access to compromised user credentials and make lateral movements until they can get what they want. This is allowed to happen since most security systems cannot detect abnormal user behavior.

The Solution

Our objective at Synergy Advisors, is to showcase how Microsoft Advanced Threat Analytics can help prevent these scenarios. Through the power of machine learning, it can detect abnormal user behavior and provide a simple and clean way to understand what is going on in your company. It can also send out alerts and notifications to appropriate administrators to communicate if anything has been compromised.

Offering Benefits
  • Simplified, quick set-up leveraging Microsoft’s vast database of known attack methods and models
  • Machine-learning based solution recognizes abnormal user behavior to reduce false positive reporting
  • User credential monitoring and analysis to determine suspicious behavior or lateral movement
  • Consolidated reporting feed providing clear and concise critical issues for immediate remediation
  • Seamless integration with SIEM to enable alerts to appear with a link to a specific event on the Advanced Threat Analytics timeline
  • Support extends to mobile devices, since the tool works with identities to ensure that they are not being compromised
Scenarios

To be provided by Mav/Daniel

Technologies

links to additional articles, newsletters, etc.

Datasheets

links