Description of Microsoft Advanced Threat Analytics v1.9

Applies to: Advanced Threat Analytics 1.X

Introduction


This article describes the improvements that are included in Microsoft Advanced Threat Analytics (ATA) version 1.9.

Improvements in ATA v1.9


Detection improvements

  • Adds detection of suspicious service creation on domain controllers.

General improvements

  • Adds report of lateral movement paths.
  • Adds report of passwords exposed in cleartext.
  • Adds feature to manually tag entities as sensitive.
  • Improves investigation capabilities on new entity profile pages.

Infrastructure improvements

  • Improves performance in the Center and Gateways to handle more network traffic.

For more information, see What's new in ATA 1.9

How to get this update


Microsoft Update

This update is available on Microsoft Update. For more information about how to use Microsoft Update, see How to get an update through Windows Update.

Microsoft Download Center

To get the stand-alone package for this update, go to the Microsoft Download Center website:

 Download the ATA v1.9 package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

To install this update, you should first install Microsoft Advanced Threat Analytics v1.8 (1.8.6645) or v1.8.1 (1.8.6765). If you use an older ATA version, you must first upgrade to 1.8.6645.

Restart requirement

You may have to restart the computer after you apply this update.

Update replacement information

This update does not replace a previously released update.

References


Learn about the terminology that Microsoft uses to describe software updates.