Forum Discussion

Ivan54's avatar
Ivan54
Bronze Contributor
Sep 28, 2017

Is Azure ATP an update/replacement for ATA?

So, I'm having trouble understanding if Azure ATP is an Update/Addition to Microsoft ATA, or if this is a complete standalone product?
Deleted's avatar
Deleted
Oct 16, 2017

ATA is analysing trafik / logons to Domain controlers in AD
ATP is sandboxing attachements and Links in e-mails
nothing to do with each other at all.

Deleted's avatar
Deleted
Oct 16, 2017

Was just made aware that MS is using ATP for 3 different products at least

Windows Defender ATP: https://www.microsoft.com/en-us/windowsforbusiness/windows-atp

Office 365 ATP: https://technet.microsoft.com/en-us/library/exchange-online-advanced-threat-protection-service-description.aspx?f=255&MSPPError=-2147217396

Azure ATP: https://cloudblogs.microsoft.com/enterprisemobility/2017/09/27/introducing-azure-advanced-threat-protection/

 

So it looks like MS is doing whatever they can to confuse people ;)

  • Ayesha Imtiaz's avatar
    Ayesha Imtiaz
    Copper Contributor
    Mar 16, 2018

    This may clear the confusion :)

    1. Windows Defender Advanced Threat Protection: Allows IT Admins to view Advanced Persistent Malware in an Enterprise network post breach scenario (what malware is there, what it is doing/what it did and actions to take)
    2. Microsoft Advanced Threat Analytics: Allows IT Admins to monitor hackers/attackers who are inside a network (not malware), what they are doing/what they did and actions to take. Monitors PtH attacks, persistence, golden tickets etc. 
    3. Office 365 Advanced Threat Protection: Detects and dynamically blocks malware laden emails - what malware it is, what it did/what it tried to do and who received the email etc. 

    Ayesha Imtiaz

    Microsoft Technology Associate

    http://www.communicationsquare.com

     

     

    • William McAllister's avatar
      William McAllister
      Copper Contributor
      Mar 16, 2018

      Ayesha, with that said, when you purchase O365 E3 with EMS Security and Mobility, do get benefit from all three of these or are they separate licenses? 

      • Wes Miller's avatar
        Wes Miller
        Brass Contributor
        Apr 04, 2018

        All three of the technologies mentioned earlier that have ATP in the name require an E5 subscription tier of their respective service. So Office 365 E5, EMS E5 (a shift from ATA, which only required E3), and Windows E5 (Windows ATP is really the only differentiator for Windows E3 vs. E5 at this time).

  • Jasbir Gill's avatar
    Jasbir Gill
    Copper Contributor
    Nov 08, 2017

    This is exactly it. They do work together (in a loosely - partner - defined) way. I would love to see that diagram. The end to end flow of advanced persistent threats..

  • Ivan54's avatar
    Ivan54
    Bronze Contributor
    Oct 17, 2017
    I've watched the Ignite session and it looks like Azure ATP is a cloud based evolution of ATA. Some of the Azure ATP enhancements will come down to ATA in the future (e.g. no more resource hogging of the ata "lightweigth" client), but Azure ATP will be separately licensed.

Resources