Microsoft ATA [EOL] Overview

What is Microsoft ATA [EOL]?
Microsoft Advanced Threat Analytics (ATA) provides a simple and fast way to understand what is happening within your network by identifying suspicious user and device activity with built-in intelligence and providing clear and relevant threat information on a simple attack timeline. Microsoft ATA is an on-premises platform to help you protect your enterprise from advanced targeted attacks by automatically analyzing, learning, and identifying normal and abnormal entity (user, devices, and resources) behavior. It detects suspicious activities and malicious attacks with behavioral analytics, adapts to the changing nature of cyber-security threats, focuses on what is important with a simple attack timeline and reduces false positive fatigue.

Microsoft ATA [EOL] is also known as Microsoft Advanced Threat Analytics, MS ATA [EOL], MS ATA [EOL], MS ATA [EOL].

Buyer's Guide

Download the User Behavior Analytics - UEBA Buyer's Guide including reviews and more. Updated: April 2021

Microsoft ATA [EOL] Customers
Turkish Airlines, Seoul National University Bundang Hospital, Empa, The Alberta Teachers' Association
Microsoft ATA [EOL] Video

Pricing Advice

What users are saying about Microsoft ATA [EOL] pricing:
  • "I believe we are looking into new licenses. They may be called the E5. Honestly, I don't have it on top of my mind, but I think it's around seven to $10 a user per month."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MH
President and CEO at a tech services company with 11-50 employees
Reseller
Good integration, simple to maintain, and very stable

What is our primary use case?

The solution does all my checks and handles all my domain controllers, and DNS, and integrates with the teams well. Basically, I get to forward some of the notes that ATA generates to my team so I can see them all in a single tool.

Pros and Cons

  • "The stability of the solution is very good."
  • "There are occasions where it generates some false positives and you have to embark into figuring it out. You need to find out if it was a true alert or a false positive. It's a little bit cumbersome in that area."

What other advice do I have?

My sister company is a Microsoft solution provider. I'm unsure of version of the solution we are using. It might be the most current. What I remember is we were discussing updates recently and the ATA version we were using then was 1.9. My advice to other users is to spend a good deal of time planning. It pays off at the end. Brainstorm and come up with different scenarios. Write a plan and then write up a backup plan, so if you go into the deployment phase and you run into an issue, and you don't know how to resolve it, you have an exit plan. That way you can go back to the drawing board. I'd…
AS
Director Cyber Security at a tech services company with 5,001-10,000 employees
Real User
Easy to define rules but interface needs better granularity and only integrates well with other Microsoft solutions

What is our primary use case?

The solution is primarily used by my clients in order to combine security software.

Pros and Cons

  • "The solution works well when used with other Microsoft solutions."
  • "It would be ideal if the interface allowed for more granular configurations. For example, if I were to set a rule that is a deviation from the pre-defined rules in the Microsoft product, there's conflict."

What other advice do I have?

We're an official Microsoft partner. I'm not a user of the product myself. I'm a consultant. I don't always recommend the product. It's one of the many products we work with. Usually, there's an evaluation procedure and we make a recommendation to clients as to which solution would be best to use. If ATA makes sense for the client's project we recommend it. Most clients we recommend the solution to are already using other Microsoft products. A native solution always makes sense. I would recommend the solution, but it would depend on the company's cybersecurity design. I'd rate the solution…