A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Deploying Microsoft Advanced Threat Analytics in the Real World - (BSides Nashville 2018) (Hacking Illustrated Series InfoSec Tutorial Videos)

Deploying Microsoft Advanced Threat Analytics in the Real World

Russell Butturini
tcstoolhax0r

BSides Nashville 2018
http://bsidesnash.org

Microsoft Advanced Threat Analytics is a great tool you probably already own whether you know it or not, but all the talks on it have been about setting it up in a lab environment...Until now! This talk will be a totally unbiased, non-vendor speak look into experiences successfully implementing ATA in a large production environment, including what ATA is and is not, architecture, installation, tuning, and how to avoid certain "gotchas" along the way. Abstract: - Introductions/Why give a talk on ATA? -An overview of Advanced Threat Analytics (What it is, and what it is not) -ATA architecture -ATA Center overview, deployment guidelines, and security considerations -ATA Gateway architecture and deployment -Overview of ATA incidents, reports, rules, behavioral analytics, and tuning. -Advanced usage of the ATA database for threat hunting -Troubleshooting and getting help -ATA alternatives for non Microsoft shops -Time for questions/comments

Back to BSides Nashville 2018 list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast