Advanced Threat Analytics

Advanced Threat Analytics leaves Mainstream support in Jan. 2021; customers should migrate to Azure Advanced Threat Protection.

Microsoft Defender for Identity discovers malicious activity within on-premises Active Directory but offers limited coverage for user activity outside of on-premises Windows devices.

Roadmap for Advanced Threat Analytics, a Windows Server-based security application that can help to identify compromised user accounts and other breaches before serious damage occurs. ATA has been replaced by Microsoft Defender for Identity, is no longer receiving updates, and will exit Extended support in Jan. 2026.

Advanced Threat Analytics updates improve performance and allow easier setup

Advanced Threat Analytics uses machine learning to understand normal activity patterns for Windows Server Active Directory and detect anomalies

Aorato, an Israeli security firm, was acquired by Microsoft, which gains technology to help customers identify internal activity anomalies such as security breaches