Archive

Posts Tagged ‘ATA’

ATA: Recorded security eventlog events

To enhance detection capabilities, ATA needs the following Windows events: 4776, 4732, 4733, 4728, 4729, 4756, 4757

https://docs.microsoft.com/en-us/advanced-threat-analytics/configure-event-collection

For ATA versions 1.8 and higher, event collection configuration is no longer necessary for ATA Lightweight Gateways. The ATA Lightweight Gateway can now read events locally, without the need to configure event forwarding.

 

ATA Auditing (AuditPol, Advanced Audit Settings Enforcement, Lightweight Gateway Service discovery):

https://blogs.technet.microsoft.com/positivesecurity/2017/08/18/ata-auditing-auditpol-advanced-audit-settings-enforcement-lightweight-gateway-service-discovery/

Introducing Microsoft Advanced Threat Analytics v1.8!

What’s new in Windows Defender ATP Fall Creators Update

Microsoft Advanced Threat Analytics support in OMS Security

Automate Advanced Threat Analytics Lightweight Gateway deployment with Powershell

Ransomware lateral movement, and how Microsoft Advanced Threat Analytics can help (ATA)

Windows 10 and Surface stomp on security threats with new enterprise innovations

https://blogs.windows.com/business/2017/02/10/windows-10-surface-stomp-security-threats-new-enterprise-innovations/#QrwhEFB1qhrZ8798.97

  1. NSA adds Windows 10 and Surface to list for classified use
  2. Enhanced security capabilities with Surface Enterprise Management Mode
  3. Extending device management in Windows 10
  4. New enhancements to Windows Defender Advanced Threat Protection
  5. The quest for No More Passwords with Windows Hello
  6. Turbo-charging your deployments with Windows Analytics