This article describes the improvements that are included in Microsoft Advanced Threat Analytics (ATA) version 1.9.
Improvements in ATA v1.9
Adds detection of suspicious service creation on domain controllers.
Adds report of lateral movement paths.
Adds report of passwords exposed in cleartext.
Adds feature to manually tag entities as sensitive.
Improves investigation capabilities on new entity profile pages.
Improves performance in the Center and Gateways to handle more network traffic.
For more information, see What's new in ATA 1.9.
How to get this update
This update is available on Microsoft Update. For more information about how to use Microsoft Update, see How to get an update through Windows Update.
Microsoft Download Center
To get the stand-alone package for this update, go to the Microsoft Download Center website:
Download the ATA v1.9 package now.
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
To install this update, you should first install Microsoft Advanced Threat Analytics v1.8 (1.8.6645) or v1.8.1 (1.8.6765). If you use an older ATA version, you must first upgrade to 1.8.6645.
You may have to restart the computer after you apply this update.
Update replacement information
This update does not replace a previously released update.
Learn about the terminology that Microsoft uses to describe software updates.