• Filter
  • Time
  • عرض
مسح الكل
مشاركات جديدة

    السلام عليكم

    برنامج الحماية من الهجمات الالكترونية

    هو نظام أساسي محلي يساعد على حماية شركتك من أنواع متعددة من الهجمات الإلكترونية المستهدفة المتقدمة والتهديدات الداخلية.

    Microsoft Advanced Threat Analytics 1.9

    Advanced Threat Analytics (ATA) is an on-premises platform that helps protect your enterprise from multiple types of advanced targeted cyber attacks and insider threats.

    How ATA works

    ATA leverages a proprietary network parsing engine to capture and parse network traffic of multiple protocols (such as Kerberos, DNS, RPC, NTLM, and others) for authentication, authorization, and information gathering. This information is collected by ATA via either:

    Port mirroring from Domain Controllers and DNS servers to the ATA Gateway and/or

    Deploying an ATA Lightweight Gateway (LGW) directly on Domain Controllers

    ATA takes information from multiple data-sources, such as logs and events in your network, to learn the behavior of users and other entities in the organization and build a behavioral profile about them. ATA can receive events and logs from:

    SIEM Integration

    Windows Event Forwarding (WEF)

    Directly from the Windows Event Collector (for the Lightweight Gateway)

    Supported Operating System:

    Windows Server 2012 R2, Windows Server 2016

    Windows Server 2012 R2 or 2016 with Advanced Threat Analytics 1.8.6645 or 1.8.6765 installed

    Whats New:

    New Detection Suspicious service creation on domain controllers

    New Reports Lateral movements paths, Passwords exposed in cleartext.

    New Feature Manually tag entities as sensitives.

    User Experience Improved entity profile pages with new investigation capabilities and Active Directory data.

    Performance Improved performance in the Center and Gateways that allow to handle more network traffic