Jan 10 2020 11:50 AM
I've read in unofficial docs/posts that there may be some integration of MDATP with AATP but I cannot find any details in the MDATP or AATP docs. If someone is to use a 3rd party EDR solution instead of MDATP, does anyone know what specific functionality(s) of AATP would be reduced or unavailable (if any)? Has anyone experienced issues with running 3rd party EDR alongside the AATP sensor?
Thanks!
Jan 12 2020 07:19 AM
SolutionYou can read about the integration in here
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/integrate-wd-atp
(It will be changed to MDATP)
Currently, Azure ATP doesn't integrate with 3rd party EDR solution
Regarding running both EDR & AATP on the same client (Domain controller for example), as long as the EDR doesn't employ a packet capturing technology that overlaps what AATP is using, theoretically there shouldn't be an issue but it's best to check first.
Jan 13 2020 09:44 AM
Appreciate the link, that's the doc I was looking for. It's apparent that there advantages to the integration but I couldn't locate a supporting doc.
Thanks!
Jan 12 2020 07:19 AM
SolutionYou can read about the integration in here
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/integrate-wd-atp
(It will be changed to MDATP)
Currently, Azure ATP doesn't integrate with 3rd party EDR solution
Regarding running both EDR & AATP on the same client (Domain controller for example), as long as the EDR doesn't employ a packet capturing technology that overlaps what AATP is using, theoretically there shouldn't be an issue but it's best to check first.