Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Is Azure ATP an update/replacement for ATA?

Bronze Contributor

So, I'm having trouble understanding if Azure ATP is an Update/Addition to Microsoft ATA, or if this is a complete standalone product?

9 Replies

its a cloud version of the ATA product.  so you will run ATA OR Azure ATP

ATA is analysing trafik / logons to Domain controlers in AD
ATP is sandboxing attachements and Links in e-mails
nothing to do with each other at all.

Was just made aware that MS is using ATP for 3 different products at least

Windows Defender ATP: https://www.microsoft.com/en-us/windowsforbusiness/windows-atp

Office 365 ATP: https://technet.microsoft.com/en-us/library/exchange-online-advanced-threat-protection-service-descr...

Azure ATP: https://cloudblogs.microsoft.com/enterprisemobility/2017/09/27/introducing-azure-advanced-threat-pro...

 

So it looks like MS is doing whatever they can to confuse people ;)

I've watched the Ignite session and it looks like Azure ATP is a cloud based evolution of ATA. Some of the Azure ATP enhancements will come down to ATA in the future (e.g. no more resource hogging of the ata "lightweigth" client), but Azure ATP will be separately licensed.

This is exactly it. They do work together (in a loosely - partner - defined) way. I would love to see that diagram. The end to end flow of advanced persistent threats..

This may clear the confusion :)

  1. Windows Defender Advanced Threat Protection: Allows IT Admins to view Advanced Persistent Malware in an Enterprise network post breach scenario (what malware is there, what it is doing/what it did and actions to take)
  2. Microsoft Advanced Threat Analytics: Allows IT Admins to monitor hackers/attackers who are inside a network (not malware), what they are doing/what they did and actions to take. Monitors PtH attacks, persistence, golden tickets etc. 
  3. Office 365 Advanced Threat Protection: Detects and dynamically blocks malware laden emails - what malware it is, what it did/what it tried to do and who received the email etc. 

Ayesha Imtiaz

Microsoft Technology Associate

www.communicationsquare.com

 

 

Ayesha, with that said, when you purchase O365 E3 with EMS Security and Mobility, do get benefit from all three of these or are they separate licenses? 

All three of the technologies mentioned earlier that have ATP in the name require an E5 subscription tier of their respective service. So Office 365 E5, EMS E5 (a shift from ATA, which only required E3), and Windows E5 (Windows ATP is really the only differentiator for Windows E3 vs. E5 at this time).

I had created a live demo for Azure ATP, when it was in preview mode. This may answer your questions.

You may find this video quiet intriguing.

Atul Raizada - YouTube

 
Atul Raizada - YouTube