Enable monitoring and analysis of user activities and malicious behavior within the Active Directory environment.
Advanced Threat Analytics is a solution that monitors and analyzes user activities and behavior within the system. Behavioral analysis, i.e. analysis of habits and behavior of users within the environment, is used to detect anomalies or potential attacks. It allows for faster detection of a potential attack, as well as a faster and improved reaction based on the data obtained, which can also be used for forensic analysis. It's quicker and easier to monitor the progress and scope of an attack or security incident.
Scope of Threat Protection implementation includes:
Implementation of the ATA Center
Installation of the ATA lightweight gateway agent on the client’s Domain Controller
Setting up information gathering
Trainings for personnel related to the use of ATA solutions for monitoring, user behavior anomalies detection and detection of potential security incidents - 2 hours (3-4 weeks after completion of implementation, to collect enough data about the habits of existing users)
Prerequisites:
Active Azure tenant, synchronized user identities and assigned Microsoft 365 E3 or EMS E3 licenses
Active Office 365 services
Appropriate administrative privileges on the client’s tenant
Responsible individual who will confirm the functionality of the established security services in accordance with the implementation services specification