Managed Threat Experts - Targeted Attack Notification Service
Hi, I am looking into Microsoft Defender ATP and have come across the Managed Threat Experts - Targeted Attack Notification Service feature and am trying to gain a fuller understanding of the feature. I have reviewed numerous Microsoft documents and 3rd party websites and am a little confused and seeking clarification. Specifically on the points below: 1) Is there any human element to the targeted attack notification service or is the service powered purely by AI (albeit AI trained by input from real life expert threat hunters)? The marketing gives the impression there are experts from Microsoft constantly proactively reviewing your companies log information, which I am sure is not the case. 2) How is the AI and protection employed by the targeted attack notification service different from that used by the other technologies in MD ATP? Specifically, why are the threats that it detects missed by the other technologies? I'm not looking to find fault, just trying to understand what gap this feature plugs? 3) I have seen references to "alerts tailored to your organisation", but aren't all alerts tailored to your organisation anyway given they are all generated by information from your organisations users and machines? Thanks in advance for your help. Paul
