cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Managed Threat Experts - Targeted Attack Notification Service

PJR_CDF
Iron Contributor

‎Nov 12 2019 04:54 AM

‎Nov 12 2019 04:54 AM

Managed Threat Experts - Targeted Attack Notification Service

Hi,

 

I am looking into Microsoft Defender ATP and have come across the Managed Threat Experts - Targeted Attack Notification Service feature and am trying to gain a fuller understanding of the feature.

 

I have reviewed numerous Microsoft documents and 3rd party websites and am a little confused and seeking clarification. Specifically on the points below:

 

1) Is there any human element to the targeted attack notification service or is the service powered purely by AI (albeit AI trained by input from real life expert threat hunters)? The marketing gives the impression there are experts from Microsoft constantly proactively reviewing your companies log information, which I am sure is not the case. 

 

2) How is the AI and protection employed by the targeted attack notification service different from that used by the other technologies in MD ATP? Specifically, why are the threats that it detects missed by the other technologies? I'm not looking to find fault, just trying to understand what gap this feature plugs?  

 

3) I have seen references to "alerts tailored to your organisation", but aren't all alerts tailored to your organisation anyway given they are all generated by information from your organisations users and machines?

 

Thanks in advance for your help.

 

Paul

Labels:
1,517 Views
1 Like
2 Replies
Reply
2 Replies
Stefan Schörling

‎Nov 12 2019 08:39 AM

‎Nov 12 2019 08:39 AM

Re: Managed Threat Experts - Targeted Attack Notification Service

Hi have you look at the sessions from Ignite last week? Will give you better insights, and yes there are Humans behind the service threat Experts. If you need a second opinion on an alerts for an example they can help out.

 

Below are a few sessions where some threat expert stuff should be in them.

https://myignite.techcommunity.microsoft.com/sessions/81298?source=sessions

 

https://myignite.techcommunity.microsoft.com/sessions/79804?source=sessions

 

https://myignite.techcommunity.microsoft.com/sessions/79718?source=sessions

 

Might not be 100% of your answers but should get you started.

1 Like
Reply
AnalystGuy

‎Nov 04 2020 07:46 AM

‎Nov 04 2020 07:46 AM

Re: Managed Threat Experts - Targeted Attack Notification Service

@PJR_CDF 

For anyone finding this thread from an Internet search - be advised that the Targeted Attack Notification Service requires a Premier Support agreement. This is not clearly stated in the documentation.

0 Likes
Reply