السلام عليكم
برنامج الحماية من الهجمات الالكترونية
هو نظام أساسي محلي يساعد على حماية شركتك من أنواع متعددة من الهجمات الإلكترونية المستهدفة المتقدمة والتهديدات الداخلية.
Microsoft Advanced Threat Analytics 1.9
328MB
*
برنامج الحماية من الهجمات الالكترونية
هو نظام أساسي محلي يساعد على حماية شركتك من أنواع متعددة من الهجمات الإلكترونية المستهدفة المتقدمة والتهديدات الداخلية.
Microsoft Advanced Threat Analytics 1.9
Advanced Threat Analytics (ATA) is an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber attacks and insider threats.
How ATA works
ATA leverages a proprietary network parsing engine to capture and parse network traffic of multiple protocols (such as Kerberos, DNS, RPC, NTLM, and others) for authentication, authorization, and information gathering. This information is collected by ATA via either:
Port mirroring from Domain Controllers and DNS servers to the ATA Gateway and/or
Deploying an ATA Lightweight Gateway (LGW) directly on Domain Controllers
ATA takes information from multiple data-sources, such as logs and events in your network, to learn the behavior of users and other entities in the organization and build a behavioral profile about them. ATA can receive events and logs from:
SIEM Integration
Windows Event Forwarding (WEF)
Directly from the Windows Event Collector (for the Lightweight Gateway)
Supported Operating System:
Windows Server 2012 R2, Windows Server 2016
Windows Server 2012 R2 or 2016 with Advanced Threat Analytics 1.8.6645 or 1.8.6765 installed
Whats New:
New Detection Suspicious service creation on domain controllers
New Reports Lateral movements paths, Passwords exposed in cleartext.
New Feature Manually tag entities as sensitives.
User Experience Improved entity profile pages with new investigation capabilities and Active Directory data.
Performance Improved performance in the Center and Gateways that allow to handle more network traffic
How ATA works
ATA leverages a proprietary network parsing engine to capture and parse network traffic of multiple protocols (such as Kerberos, DNS, RPC, NTLM, and others) for authentication, authorization, and information gathering. This information is collected by ATA via either:
Port mirroring from Domain Controllers and DNS servers to the ATA Gateway and/or
Deploying an ATA Lightweight Gateway (LGW) directly on Domain Controllers
ATA takes information from multiple data-sources, such as logs and events in your network, to learn the behavior of users and other entities in the organization and build a behavioral profile about them. ATA can receive events and logs from:
SIEM Integration
Windows Event Forwarding (WEF)
Directly from the Windows Event Collector (for the Lightweight Gateway)
Supported Operating System:
Windows Server 2012 R2, Windows Server 2016
Windows Server 2012 R2 or 2016 with Advanced Threat Analytics 1.8.6645 or 1.8.6765 installed
Whats New:
New Detection Suspicious service creation on domain controllers
New Reports Lateral movements paths, Passwords exposed in cleartext.
New Feature Manually tag entities as sensitives.
User Experience Improved entity profile pages with new investigation capabilities and Active Directory data.
Performance Improved performance in the Center and Gateways that allow to handle more network traffic
328MB
*