Friday, 24 July 2015

Microsoft Launches New Security Product In August


Microsoft will next month launch a new security product which sophisticated attacks must stop and previously used deep packet inspection (DPI). Advanced Threat Analytics (ATA), such as the solution is called, uses a combination of behavior analysis by real-time detection.

It focuses on Active Directory-related network traffic and information from Security Information and Event Management (SIEM). On this basis, behavioral profiles of users, machines and other prepared 'resources'. The solution may then detect behavior that is different from these profiles. "After researching many incidents in my previous job, I realized that network logs are not sufficient to find sophisticated attacks," says Microsoft's Idan Plotnik.

He states that the analysis of log files is similar to finding a needle in a haystack. "Even if you find a clue, is figuring out when, how and where something happened almost impossible. With ATA Microsoft therefore taken a different path." Our secret is a combination of DPI, Active Directory information and analysis of specific events "Plotnik says.

Microsoft emphasizes that ATA is a very simple and user-friendly solution, which is used in local businesses. There are no rules, policies or agents required. There only needs to be a port configured to send a copy of all Active Directory-related traffic to the solution. Something that should be arranged within a few hours. A preview version of Microsoft Advanced Threat Analytics can be for some time to download . The full version will be published next month. Price information is not yet available.

No comments:

Post a Comment