Advanced Threat Analytics ATA Version 1.6 64-bit (Multilanguage) - Microsoft Imagine

Advanced Threat Analytics ATA Version 1.6 64-bit (Multilanguage) - Microsoft Imagine


Microsoft Corporation



Delivery Type:


Available to:

Academic Users
  • Microsoft Advanced Threat Analytics (ATA) 1.6 provides ongoing improvements to the ATA Center and Gateway components. 
    ATA 1.6 provides improvements in the following areas:
    • New Detections - Malicious DPAPI request, Malicious Replication requests, Net Session Enumeration and more.
    • Improvements to existing detections –Improved detection logic reducing false-positive and false-negative scenarios for our existing detections.
    • ATA Lightweight Gateway – Our new deployment option that enables the deployment of the ATA Gateway directly on the Domain Controller and eliminates the need for port mirroring configuration.
    • 5x less storage – Significant reduction in storage space requirements for the ATA Database, now requiring only 20% of the storage space used in previous versions.
    • Improved center performance - lighter database load and a new detection engine enables many more domain controllers to be monitored with a single ATA Center.
    • Support for IBM QRadar – ATA now supports receiving events from IBM QRadar SIEM solution, in addition to the previously supported SIEM solutions (RSA, HP Arcsight and Splunk).

Advanced Threat Analytics 1.6

Supported Operating System
  • Windows Server 2012 R2
Windows Server 2012 R2 with Advanced Threat Analytics 1.5.2946 installed 
If you do not have ATA v1.5 already installed download the evaluation version which includes update 1.6.

Loading... Loading...