Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

This article describes the enhancements in Microsoft Advanced Threat Analytics (ATA) v1.8, and also includes Update 1 for ATA v1.8, for more information, see KB4036650.

Detection enhancements

  • Adds detection of abnormal modification of sensitive groups

  • Adds detection of suspicious authentication failures (behavioral brute force)

  • Improves remote execution detection

  • Improves unusual protocol implementation to detect WannaCry malware

  • Enhances Kerberos Golden Ticket detection


Infrastructure enhancements

  • Single sign-on

  • Better management of suspicious activity: exclusion, deletion and suppression

  • Auditing logs

  • Local collection of events while you are using lightweight gateway

  • Center performance improvements

  • Reports module

For more information, see What's new in ATA 1.8.

How to get this update

Method 1: Microsoft Update

Use Microsoft Update to automatically download and install the update.


Method 2: Microsoft Download Center

The following file is also available for download from the Microsoft Download Center:

Download Download the ATA 1.8 with Update 1 package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.


Update detail information

Prerequisites

To install this update, you should first install Microsoft Advanced Threat Analytics v1.7 with Update 2 (1.7.5757) or with Update 1 (1.7.5647) or v1.8 (1.8.6645). If you are using version 1.7.5402, you must first upgrade to 1.7.5757.

Registry information

To apply this update, you don't have to make any changes to the registry.

Restart requirement

You may have to restart the computer after you apply this update.

Update replacement information

This update doesn't replace a previously released update.
 

References

Learn about the terminology that Microsoft uses to describe software updates.

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×